setup.php 31 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865
  1. <?php
  2. class DatabaseSetupException extends Exception
  3. {
  4. private $hint;
  5. public function __construct($message, $hint, $code = 0, Exception $previous = null) {
  6. $this->hint = $hint;
  7. parent::__construct($message, $code, $previous);
  8. }
  9. public function __toString() {
  10. return __CLASS__ . ": [{$this->code}]: {$this->message} ({$this->hint})\n";
  11. }
  12. public function getHint() {
  13. return $this->hint;
  14. }
  15. }
  16. class OC_Setup {
  17. public static function getTrans(){
  18. return OC_L10N::get('lib');
  19. }
  20. public static function install($options) {
  21. $l = self::getTrans();
  22. $error = array();
  23. $dbtype = $options['dbtype'];
  24. if(empty($options['adminlogin'])) {
  25. $error[] = $l->t('Set an admin username.');
  26. }
  27. if(empty($options['adminpass'])) {
  28. $error[] = $l->t('Set an admin password.');
  29. }
  30. if(empty($options['directory'])) {
  31. $options['directory'] = OC::$SERVERROOT."/data";
  32. }
  33. if($dbtype == 'mysql' or $dbtype == 'pgsql' or $dbtype == 'oci' or $dbtype == 'mssql') { //mysql and postgresql needs more config options
  34. if($dbtype == 'mysql')
  35. $dbprettyname = 'MySQL';
  36. else if($dbtype == 'pgsql')
  37. $dbprettyname = 'PostgreSQL';
  38. else if ($dbtype == 'mssql')
  39. $dbprettyname = 'MS SQL Server';
  40. else
  41. $dbprettyname = 'Oracle';
  42. if(empty($options['dbuser'])) {
  43. $error[] = $l->t("%s enter the database username.", array($dbprettyname));
  44. }
  45. if(empty($options['dbname'])) {
  46. $error[] = $l->t("%s enter the database name.", array($dbprettyname));
  47. }
  48. if(substr_count($options['dbname'], '.') >= 1) {
  49. $error[] = $l->t("%s you may not use dots in the database name", array($dbprettyname));
  50. }
  51. if($dbtype != 'oci' && empty($options['dbhost'])) {
  52. $error[] = $l->t("%s set the database host.", array($dbprettyname));
  53. }
  54. }
  55. if(count($error) == 0) { //no errors, good
  56. $username = htmlspecialchars_decode($options['adminlogin']);
  57. $password = htmlspecialchars_decode($options['adminpass']);
  58. $datadir = htmlspecialchars_decode($options['directory']);
  59. if (OC_Util::runningOnWindows()) {
  60. $datadir = rtrim(realpath($datadir), '\\');
  61. }
  62. //use sqlite3 when available, otherise sqlite2 will be used.
  63. if($dbtype=='sqlite' and class_exists('SQLite3')) {
  64. $dbtype='sqlite3';
  65. }
  66. //generate a random salt that is used to salt the local user passwords
  67. $salt = OC_Util::generate_random_bytes(30);
  68. OC_Config::setValue('passwordsalt', $salt);
  69. //write the config file
  70. OC_Config::setValue('datadirectory', $datadir);
  71. OC_Config::setValue('dbtype', $dbtype);
  72. OC_Config::setValue('version', implode('.', OC_Util::getVersion()));
  73. if($dbtype == 'mysql') {
  74. $dbuser = $options['dbuser'];
  75. $dbpass = $options['dbpass'];
  76. $dbname = $options['dbname'];
  77. $dbhost = $options['dbhost'];
  78. $dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_';
  79. OC_Config::setValue('dbname', $dbname);
  80. OC_Config::setValue('dbhost', $dbhost);
  81. OC_Config::setValue('dbtableprefix', $dbtableprefix);
  82. try {
  83. self::setupMySQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $username);
  84. } catch (DatabaseSetupException $e) {
  85. $error[] = array(
  86. 'error' => $e->getMessage(),
  87. 'hint' => $e->getHint()
  88. );
  89. return($error);
  90. } catch (Exception $e) {
  91. $error[] = array(
  92. 'error' => $e->getMessage(),
  93. 'hint' => ''
  94. );
  95. return($error);
  96. }
  97. }
  98. elseif($dbtype == 'pgsql') {
  99. $dbuser = $options['dbuser'];
  100. $dbpass = $options['dbpass'];
  101. $dbname = $options['dbname'];
  102. $dbhost = $options['dbhost'];
  103. $dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_';
  104. OC_Config::setValue('dbname', $dbname);
  105. OC_Config::setValue('dbhost', $dbhost);
  106. OC_Config::setValue('dbtableprefix', $dbtableprefix);
  107. try {
  108. self::setupPostgreSQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $username);
  109. } catch (Exception $e) {
  110. $error[] = array(
  111. 'error' => $l->t('PostgreSQL username and/or password not valid'),
  112. 'hint' => $l->t('You need to enter either an existing account or the administrator.')
  113. );
  114. return $error;
  115. }
  116. }
  117. elseif($dbtype == 'oci') {
  118. $dbuser = $options['dbuser'];
  119. $dbpass = $options['dbpass'];
  120. $dbname = $options['dbname'];
  121. $dbtablespace = $options['dbtablespace'];
  122. $dbhost = isset($options['dbhost'])?$options['dbhost']:'';
  123. $dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_';
  124. OC_Config::setValue('dbname', $dbname);
  125. OC_Config::setValue('dbtablespace', $dbtablespace);
  126. OC_Config::setValue('dbhost', $dbhost);
  127. OC_Config::setValue('dbtableprefix', $dbtableprefix);
  128. try {
  129. self::setupOCIDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $dbtablespace, $username);
  130. } catch (Exception $e) {
  131. $error[] = array(
  132. 'error' => $l->t('Oracle username and/or password not valid'),
  133. 'hint' => $l->t('You need to enter either an existing account or the administrator.')
  134. );
  135. return $error;
  136. }
  137. }
  138. elseif ($dbtype == 'mssql') {
  139. $dbuser = $options['dbuser'];
  140. $dbpass = $options['dbpass'];
  141. $dbname = $options['dbname'];
  142. $dbhost = $options['dbhost'];
  143. $dbtableprefix = isset($options['dbtableprefix']) ? $options['dbtableprefix'] : 'oc_';
  144. OC_Config::setValue('dbname', $dbname);
  145. OC_Config::setValue('dbhost', $dbhost);
  146. OC_Config::setValue('dbuser', $dbuser);
  147. OC_Config::setValue('dbpassword', $dbpass);
  148. OC_Config::setValue('dbtableprefix', $dbtableprefix);
  149. try {
  150. self::setupMSSQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix);
  151. } catch (Exception $e) {
  152. $error[] = array(
  153. 'error' => 'MS SQL username and/or password not valid',
  154. 'hint' => 'You need to enter either an existing account or the administrator.'
  155. );
  156. return $error;
  157. }
  158. }
  159. else {
  160. //delete the old sqlite database first, might cause infinte loops otherwise
  161. if(file_exists("$datadir/owncloud.db")) {
  162. unlink("$datadir/owncloud.db");
  163. }
  164. //in case of sqlite, we can always fill the database
  165. error_log("creating sqlite db");
  166. OC_DB::createDbFromStructure('db_structure.xml');
  167. }
  168. //create the user and group
  169. try {
  170. OC_User::createUser($username, $password);
  171. }
  172. catch(Exception $exception) {
  173. $error[] = 'Error while trying to create admin user: ' . $exception->getMessage();
  174. }
  175. if(count($error) == 0) {
  176. OC_Appconfig::setValue('core', 'installedat', microtime(true));
  177. OC_Appconfig::setValue('core', 'lastupdatedat', microtime(true));
  178. OC_AppConfig::setValue('core', 'remote_core.css', '/core/minimizer.php');
  179. OC_AppConfig::setValue('core', 'remote_core.js', '/core/minimizer.php');
  180. OC_Group::createGroup('admin');
  181. OC_Group::addToGroup($username, 'admin');
  182. OC_User::login($username, $password);
  183. //guess what this does
  184. OC_Installer::installShippedApps();
  185. //create htaccess files for apache hosts
  186. if (isset($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache')) {
  187. self::createHtaccess();
  188. }
  189. //and we are done
  190. OC_Config::setValue('installed', true);
  191. }
  192. }
  193. return $error;
  194. }
  195. private static function setupMySQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $username) {
  196. //check if the database user has admin right
  197. $l = self::getTrans();
  198. $connection = @mysql_connect($dbhost, $dbuser, $dbpass);
  199. if(!$connection) {
  200. throw new DatabaseSetupException($l->t('MySQL username and/or password not valid'),
  201. $l->t('You need to enter either an existing account or the administrator.'));
  202. }
  203. $oldUser=OC_Config::getValue('dbuser', false);
  204. //this should be enough to check for admin rights in mysql
  205. $query="SELECT user FROM mysql.user WHERE user='$dbuser'";
  206. if(mysql_query($query, $connection)) {
  207. //use the admin login data for the new database user
  208. //add prefix to the mysql user name to prevent collisions
  209. $dbusername=substr('oc_'.$username, 0, 16);
  210. if($dbusername!=$oldUser) {
  211. //hash the password so we don't need to store the admin config in the config file
  212. $dbpassword=OC_Util::generate_random_bytes(30);
  213. self::createDBUser($dbusername, $dbpassword, $connection);
  214. OC_Config::setValue('dbuser', $dbusername);
  215. OC_Config::setValue('dbpassword', $dbpassword);
  216. }
  217. //create the database
  218. self::createMySQLDatabase($dbname, $dbusername, $connection);
  219. }
  220. else {
  221. if($dbuser!=$oldUser) {
  222. OC_Config::setValue('dbuser', $dbuser);
  223. OC_Config::setValue('dbpassword', $dbpass);
  224. }
  225. //create the database
  226. self::createMySQLDatabase($dbname, $dbuser, $connection);
  227. }
  228. //fill the database if needed
  229. $query='select count(*) from information_schema.tables'
  230. ." where table_schema='$dbname' AND table_name = '{$dbtableprefix}users';";
  231. $result = mysql_query($query, $connection);
  232. if($result) {
  233. $row=mysql_fetch_row($result);
  234. }
  235. if(!$result or $row[0]==0) {
  236. OC_DB::createDbFromStructure('db_structure.xml');
  237. }
  238. mysql_close($connection);
  239. }
  240. private static function createMySQLDatabase($name, $user, $connection) {
  241. //we cant use OC_BD functions here because we need to connect as the administrative user.
  242. $l = self::getTrans();
  243. $query = "CREATE DATABASE IF NOT EXISTS `$name`";
  244. $result = mysql_query($query, $connection);
  245. if(!$result) {
  246. $entry = $l->t('DB Error: "%s"', array(mysql_error($connection))) . '<br />';
  247. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  248. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  249. }
  250. $query="GRANT ALL PRIVILEGES ON `$name` . * TO '$user'";
  251. //this query will fail if there aren't the right permissions, ignore the error
  252. mysql_query($query, $connection);
  253. }
  254. private static function createDBUser($name, $password, $connection) {
  255. // we need to create 2 accounts, one for global use and one for local user. if we don't specify the local one,
  256. // the anonymous user would take precedence when there is one.
  257. $l = self::getTrans();
  258. $query = "CREATE USER '$name'@'localhost' IDENTIFIED BY '$password'";
  259. $result = mysql_query($query, $connection);
  260. if (!$result) {
  261. throw new DatabaseSetupException($l->t("MySQL user '%s'@'localhost' exists already.",
  262. array($name)), $l->t("Drop this user from MySQL", array($name)));
  263. }
  264. $query = "CREATE USER '$name'@'%' IDENTIFIED BY '$password'";
  265. $result = mysql_query($query, $connection);
  266. if (!$result) {
  267. throw new DatabaseSetupException($l->t("MySQL user '%s'@'%%' already exists", array($name)),
  268. $l->t("Drop this user from MySQL."));
  269. }
  270. }
  271. private static function setupPostgreSQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $username) {
  272. $e_host = addslashes($dbhost);
  273. $e_user = addslashes($dbuser);
  274. $e_password = addslashes($dbpass);
  275. $l = self::getTrans();
  276. //check if the database user has admin rights
  277. $connection_string = "host='$e_host' dbname=postgres user='$e_user' password='$e_password'";
  278. $connection = @pg_connect($connection_string);
  279. if(!$connection) {
  280. throw new Exception($l->t('PostgreSQL username and/or password not valid'));
  281. }
  282. $e_user = pg_escape_string($dbuser);
  283. //check for roles creation rights in postgresql
  284. $query="SELECT 1 FROM pg_roles WHERE rolcreaterole=TRUE AND rolname='$e_user'";
  285. $result = pg_query($connection, $query);
  286. if($result and pg_num_rows($result) > 0) {
  287. //use the admin login data for the new database user
  288. //add prefix to the postgresql user name to prevent collisions
  289. $dbusername='oc_'.$username;
  290. //create a new password so we don't need to store the admin config in the config file
  291. $dbpassword=OC_Util::generate_random_bytes(30);
  292. self::pg_createDBUser($dbusername, $dbpassword, $connection);
  293. OC_Config::setValue('dbuser', $dbusername);
  294. OC_Config::setValue('dbpassword', $dbpassword);
  295. //create the database
  296. self::pg_createDatabase($dbname, $dbusername, $connection);
  297. }
  298. else {
  299. OC_Config::setValue('dbuser', $dbuser);
  300. OC_Config::setValue('dbpassword', $dbpass);
  301. //create the database
  302. self::pg_createDatabase($dbname, $dbuser, $connection);
  303. }
  304. // the connection to dbname=postgres is not needed anymore
  305. pg_close($connection);
  306. // connect to the ownCloud database (dbname=$dbname) and check if it needs to be filled
  307. $dbuser = OC_Config::getValue('dbuser');
  308. $dbpass = OC_Config::getValue('dbpassword');
  309. $e_host = addslashes($dbhost);
  310. $e_dbname = addslashes($dbname);
  311. $e_user = addslashes($dbuser);
  312. $e_password = addslashes($dbpass);
  313. $connection_string = "host='$e_host' dbname='$e_dbname' user='$e_user' password='$e_password'";
  314. $connection = @pg_connect($connection_string);
  315. if(!$connection) {
  316. throw new Exception($l->t('PostgreSQL username and/or password not valid'));
  317. }
  318. $query = "select count(*) FROM pg_class WHERE relname='{$dbtableprefix}users' limit 1";
  319. $result = pg_query($connection, $query);
  320. if($result) {
  321. $row = pg_fetch_row($result);
  322. }
  323. if(!$result or $row[0]==0) {
  324. OC_DB::createDbFromStructure('db_structure.xml');
  325. }
  326. }
  327. private static function pg_createDatabase($name, $user, $connection) {
  328. //we cant use OC_BD functions here because we need to connect as the administrative user.
  329. $l = self::getTrans();
  330. $e_name = pg_escape_string($name);
  331. $e_user = pg_escape_string($user);
  332. $query = "select datname from pg_database where datname = '$e_name'";
  333. $result = pg_query($connection, $query);
  334. if(!$result) {
  335. $entry = $l->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  336. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  337. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  338. }
  339. if(! pg_fetch_row($result)) {
  340. //The database does not exists... let's create it
  341. $query = "CREATE DATABASE \"$e_name\" OWNER \"$e_user\"";
  342. $result = pg_query($connection, $query);
  343. if(!$result) {
  344. $entry = $l->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  345. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  346. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  347. }
  348. else {
  349. $query = "REVOKE ALL PRIVILEGES ON DATABASE \"$e_name\" FROM PUBLIC";
  350. pg_query($connection, $query);
  351. }
  352. }
  353. }
  354. private static function pg_createDBUser($name, $password, $connection) {
  355. $l = self::getTrans();
  356. $e_name = pg_escape_string($name);
  357. $e_password = pg_escape_string($password);
  358. $query = "select * from pg_roles where rolname='$e_name';";
  359. $result = pg_query($connection, $query);
  360. if(!$result) {
  361. $entry = $l->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  362. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  363. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  364. }
  365. if(! pg_fetch_row($result)) {
  366. //user does not exists let's create it :)
  367. $query = "CREATE USER \"$e_name\" CREATEDB PASSWORD '$e_password';";
  368. $result = pg_query($connection, $query);
  369. if(!$result) {
  370. $entry = $l->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  371. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  372. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  373. }
  374. }
  375. else { // change password of the existing role
  376. $query = "ALTER ROLE \"$e_name\" WITH PASSWORD '$e_password';";
  377. $result = pg_query($connection, $query);
  378. if(!$result) {
  379. $entry = $l->t('DB Error: "%s"', array(pg_last_error($connection))) . '<br />';
  380. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  381. \OC_Log::write('setup.pg', $entry, \OC_Log::WARN);
  382. }
  383. }
  384. }
  385. private static function setupOCIDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix, $dbtablespace,
  386. $username) {
  387. $l = self::getTrans();
  388. $e_host = addslashes($dbhost);
  389. $e_dbname = addslashes($dbname);
  390. //check if the database user has admin right
  391. if ($e_host == '') {
  392. $easy_connect_string = $e_dbname; // use dbname as easy connect name
  393. } else {
  394. $easy_connect_string = '//'.$e_host.'/'.$e_dbname;
  395. }
  396. $connection = @oci_connect($dbuser, $dbpass, $easy_connect_string);
  397. if(!$connection) {
  398. $e = oci_error();
  399. throw new Exception($l->t('Oracle username and/or password not valid'));
  400. }
  401. //check for roles creation rights in oracle
  402. $query='SELECT count(*) FROM user_role_privs, role_sys_privs'
  403. ." WHERE user_role_privs.granted_role = role_sys_privs.role AND privilege = 'CREATE ROLE'";
  404. $stmt = oci_parse($connection, $query);
  405. if (!$stmt) {
  406. $entry = $l->t('DB Error: "%s"', array(oci_last_error($connection))) . '<br />';
  407. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  408. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  409. }
  410. $result = oci_execute($stmt);
  411. if($result) {
  412. $row = oci_fetch_row($stmt);
  413. }
  414. if($result and $row[0] > 0) {
  415. //use the admin login data for the new database user
  416. //add prefix to the oracle user name to prevent collisions
  417. $dbusername='oc_'.$username;
  418. //create a new password so we don't need to store the admin config in the config file
  419. $dbpassword=OC_Util::generate_random_bytes(30);
  420. //oracle passwords are treated as identifiers:
  421. // must start with aphanumeric char
  422. // needs to be shortened to 30 bytes, as the two " needed to escape the identifier count towards the identifier length.
  423. $dbpassword=substr($dbpassword, 0, 30);
  424. self::oci_createDBUser($dbusername, $dbpassword, $dbtablespace, $connection);
  425. OC_Config::setValue('dbuser', $dbusername);
  426. OC_Config::setValue('dbname', $dbusername);
  427. OC_Config::setValue('dbpassword', $dbpassword);
  428. //create the database not neccessary, oracle implies user = schema
  429. //self::oci_createDatabase($dbname, $dbusername, $connection);
  430. } else {
  431. OC_Config::setValue('dbuser', $dbuser);
  432. OC_Config::setValue('dbname', $dbname);
  433. OC_Config::setValue('dbpassword', $dbpass);
  434. //create the database not neccessary, oracle implies user = schema
  435. //self::oci_createDatabase($dbname, $dbuser, $connection);
  436. }
  437. //FIXME check tablespace exists: select * from user_tablespaces
  438. // the connection to dbname=oracle is not needed anymore
  439. oci_close($connection);
  440. // connect to the oracle database (schema=$dbuser) an check if the schema needs to be filled
  441. $dbuser = OC_Config::getValue('dbuser');
  442. //$dbname = OC_Config::getValue('dbname');
  443. $dbpass = OC_Config::getValue('dbpassword');
  444. $e_host = addslashes($dbhost);
  445. $e_dbname = addslashes($dbname);
  446. if ($e_host == '') {
  447. $easy_connect_string = $e_dbname; // use dbname as easy connect name
  448. } else {
  449. $easy_connect_string = '//'.$e_host.'/'.$e_dbname;
  450. }
  451. $connection = @oci_connect($dbuser, $dbpass, $easy_connect_string);
  452. if(!$connection) {
  453. throw new Exception($l->t('Oracle username and/or password not valid'));
  454. }
  455. $query = "SELECT count(*) FROM user_tables WHERE table_name = :un";
  456. $stmt = oci_parse($connection, $query);
  457. $un = $dbtableprefix.'users';
  458. oci_bind_by_name($stmt, ':un', $un);
  459. if (!$stmt) {
  460. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  461. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  462. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  463. }
  464. $result = oci_execute($stmt);
  465. if($result) {
  466. $row = oci_fetch_row($stmt);
  467. }
  468. if(!$result or $row[0]==0) {
  469. OC_DB::createDbFromStructure('db_structure.xml');
  470. }
  471. }
  472. /**
  473. *
  474. * @param String $name
  475. * @param String $password
  476. * @param String $tablespace
  477. * @param resource $connection
  478. */
  479. private static function oci_createDBUser($name, $password, $tablespace, $connection) {
  480. $l = self::getTrans();
  481. $query = "SELECT * FROM all_users WHERE USERNAME = :un";
  482. $stmt = oci_parse($connection, $query);
  483. if (!$stmt) {
  484. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  485. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  486. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  487. }
  488. oci_bind_by_name($stmt, ':un', $name);
  489. $result = oci_execute($stmt);
  490. if(!$result) {
  491. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  492. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  493. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  494. }
  495. if(! oci_fetch_row($stmt)) {
  496. //user does not exists let's create it :)
  497. //password must start with alphabetic character in oracle
  498. $query = 'CREATE USER '.$name.' IDENTIFIED BY "'.$password.'" DEFAULT TABLESPACE '.$tablespace; //TODO set default tablespace
  499. $stmt = oci_parse($connection, $query);
  500. if (!$stmt) {
  501. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  502. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  503. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  504. }
  505. //oci_bind_by_name($stmt, ':un', $name);
  506. $result = oci_execute($stmt);
  507. if(!$result) {
  508. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  509. $entry .= $l->t('Offending command was: "%s", name: %s, password: %s',
  510. array($query, $name, $password)) . '<br />';
  511. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  512. }
  513. } else { // change password of the existing role
  514. $query = "ALTER USER :un IDENTIFIED BY :pw";
  515. $stmt = oci_parse($connection, $query);
  516. if (!$stmt) {
  517. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  518. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  519. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  520. }
  521. oci_bind_by_name($stmt, ':un', $name);
  522. oci_bind_by_name($stmt, ':pw', $password);
  523. $result = oci_execute($stmt);
  524. if(!$result) {
  525. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  526. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  527. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  528. }
  529. }
  530. // grant necessary roles
  531. $query = 'GRANT CREATE SESSION, CREATE TABLE, CREATE SEQUENCE, CREATE TRIGGER, UNLIMITED TABLESPACE TO '.$name;
  532. $stmt = oci_parse($connection, $query);
  533. if (!$stmt) {
  534. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  535. $entry .= $l->t('Offending command was: "%s"', array($query)) . '<br />';
  536. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  537. }
  538. $result = oci_execute($stmt);
  539. if(!$result) {
  540. $entry = $l->t('DB Error: "%s"', array(oci_error($connection))) . '<br />';
  541. $entry .= $l->t('Offending command was: "%s", name: %s, password: %s',
  542. array($query, $name, $password)) . '<br />';
  543. \OC_Log::write('setup.oci', $entry, \OC_Log::WARN);
  544. }
  545. }
  546. private static function setupMSSQLDatabase($dbhost, $dbuser, $dbpass, $dbname, $dbtableprefix) {
  547. $l = self::getTrans();
  548. //check if the database user has admin right
  549. $masterConnectionInfo = array( "Database" => "master", "UID" => $dbuser, "PWD" => $dbpass);
  550. $masterConnection = @sqlsrv_connect($dbhost, $masterConnectionInfo);
  551. if(!$masterConnection) {
  552. $entry = null;
  553. if( ($errors = sqlsrv_errors() ) != null) {
  554. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  555. } else {
  556. $entry = '';
  557. }
  558. throw new Exception($l->t('MS SQL username and/or password not valid: %s', array($entry)));
  559. }
  560. OC_Config::setValue('dbuser', $dbuser);
  561. OC_Config::setValue('dbpassword', $dbpass);
  562. self::mssql_createDBLogin($dbuser, $dbpass, $masterConnection);
  563. self::mssql_createDatabase($dbname, $masterConnection);
  564. self::mssql_createDBUser($dbuser, $dbname, $masterConnection);
  565. sqlsrv_close($masterConnection);
  566. self::mssql_createDatabaseStructure($dbhost, $dbname, $dbuser, $dbpass, $dbtableprefix);
  567. }
  568. private static function mssql_createDBLogin($name, $password, $connection) {
  569. $query = "SELECT * FROM master.sys.server_principals WHERE name = '".$name."';";
  570. $result = sqlsrv_query($connection, $query);
  571. if ($result === false) {
  572. if ( ($errors = sqlsrv_errors() ) != null) {
  573. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  574. } else {
  575. $entry = '';
  576. }
  577. $entry.='Offending command was: '.$query.'<br />';
  578. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  579. } else {
  580. $row = sqlsrv_fetch_array($result);
  581. if ($row === false) {
  582. if ( ($errors = sqlsrv_errors() ) != null) {
  583. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  584. } else {
  585. $entry = '';
  586. }
  587. $entry.='Offending command was: '.$query.'<br />';
  588. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  589. } else {
  590. if ($row == null) {
  591. $query = "CREATE LOGIN [".$name."] WITH PASSWORD = '".$password."';";
  592. $result = sqlsrv_query($connection, $query);
  593. if (!$result or $result === false) {
  594. if ( ($errors = sqlsrv_errors() ) != null) {
  595. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  596. } else {
  597. $entry = '';
  598. }
  599. $entry.='Offending command was: '.$query.'<br />';
  600. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  601. }
  602. }
  603. }
  604. }
  605. }
  606. private static function mssql_createDBUser($name, $dbname, $connection) {
  607. $query = "SELECT * FROM [".$dbname."].sys.database_principals WHERE name = '".$name."';";
  608. $result = sqlsrv_query($connection, $query);
  609. if ($result === false) {
  610. if ( ($errors = sqlsrv_errors() ) != null) {
  611. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  612. } else {
  613. $entry = '';
  614. }
  615. $entry.='Offending command was: '.$query.'<br />';
  616. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  617. } else {
  618. $row = sqlsrv_fetch_array($result);
  619. if ($row === false) {
  620. if ( ($errors = sqlsrv_errors() ) != null) {
  621. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  622. } else {
  623. $entry = '';
  624. }
  625. $entry.='Offending command was: '.$query.'<br />';
  626. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  627. } else {
  628. if ($row == null) {
  629. $query = "USE [".$dbname."]; CREATE USER [".$name."] FOR LOGIN [".$name."];";
  630. $result = sqlsrv_query($connection, $query);
  631. if (!$result || $result === false) {
  632. if ( ($errors = sqlsrv_errors() ) != null) {
  633. $entry = 'DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  634. } else {
  635. $entry = '';
  636. }
  637. $entry.='Offending command was: '.$query.'<br />';
  638. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  639. }
  640. }
  641. $query = "USE [".$dbname."]; EXEC sp_addrolemember 'db_owner', '".$name."';";
  642. $result = sqlsrv_query($connection, $query);
  643. if (!$result || $result === false) {
  644. if ( ($errors = sqlsrv_errors() ) != null) {
  645. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  646. } else {
  647. $entry = '';
  648. }
  649. $entry.='Offending command was: '.$query.'<br />';
  650. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  651. }
  652. }
  653. }
  654. }
  655. private static function mssql_createDatabase($dbname, $connection) {
  656. $query = "CREATE DATABASE [".$dbname."];";
  657. $result = sqlsrv_query($connection, $query);
  658. if (!$result || $result === false) {
  659. if ( ($errors = sqlsrv_errors() ) != null) {
  660. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  661. } else {
  662. $entry = '';
  663. }
  664. $entry.='Offending command was: '.$query.'<br />';
  665. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  666. }
  667. }
  668. private static function mssql_createDatabaseStructure($dbhost, $dbname, $dbuser, $dbpass, $dbtableprefix) {
  669. $connectionInfo = array( "Database" => $dbname, "UID" => $dbuser, "PWD" => $dbpass);
  670. $connection = @sqlsrv_connect($dbhost, $connectionInfo);
  671. //fill the database if needed
  672. $query = "SELECT * FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_SCHEMA = '{$dbname}' AND TABLE_NAME = '{$dbtableprefix}users'";
  673. $result = sqlsrv_query($connection, $query);
  674. if ($result === false) {
  675. if ( ($errors = sqlsrv_errors() ) != null) {
  676. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  677. } else {
  678. $entry = '';
  679. }
  680. $entry.='Offending command was: '.$query.'<br />';
  681. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  682. } else {
  683. $row = sqlsrv_fetch_array($result);
  684. if ($row === false) {
  685. if ( ($errors = sqlsrv_errors() ) != null) {
  686. $entry='DB Error: "'.print_r(sqlsrv_errors()).'"<br />';
  687. } else {
  688. $entry = '';
  689. }
  690. $entry.='Offending command was: '.$query.'<br />';
  691. \OC_Log::write('setup.mssql', $entry, \OC_Log::WARN);
  692. } else {
  693. if ($row == null) {
  694. OC_DB::createDbFromStructure('db_structure.xml');
  695. }
  696. }
  697. }
  698. sqlsrv_close($connection);
  699. }
  700. /**
  701. * create .htaccess files for apache hosts
  702. */
  703. private static function createHtaccess() {
  704. $content = "<IfModule mod_fcgid.c>\n";
  705. $content.= "<IfModule mod_setenvif.c>\n";
  706. $content.= "<IfModule mod_headers.c>\n";
  707. $content.= "SetEnvIfNoCase ^Authorization$ \"(.+)\" XAUTHORIZATION=$1\n";
  708. $content.= "RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION\n";
  709. $content.= "</IfModule>\n";
  710. $content.= "</IfModule>\n";
  711. $content.= "</IfModule>\n";
  712. $content.= "ErrorDocument 403 ".OC::$WEBROOT."/core/templates/403.php\n";//custom 403 error page
  713. $content.= "ErrorDocument 404 ".OC::$WEBROOT."/core/templates/404.php\n";//custom 404 error page
  714. $content.= "<IfModule mod_php5.c>\n";
  715. $content.= "php_value upload_max_filesize 512M\n";//upload limit
  716. $content.= "php_value post_max_size 512M\n";
  717. $content.= "php_value memory_limit 512M\n";
  718. $content.= "<IfModule env_module>\n";
  719. $content.= " SetEnv htaccessWorking true\n";
  720. $content.= "</IfModule>\n";
  721. $content.= "</IfModule>\n";
  722. $content.= "<IfModule mod_rewrite.c>\n";
  723. $content.= "RewriteEngine on\n";
  724. $content.= "RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}]\n";
  725. $content.= "RewriteRule ^.well-known/host-meta /public.php?service=host-meta [QSA,L]\n";
  726. $content.= "RewriteRule ^.well-known/carddav /remote.php/carddav/ [R]\n";
  727. $content.= "RewriteRule ^.well-known/caldav /remote.php/caldav/ [R]\n";
  728. $content.= "RewriteRule ^apps/([^/]*)/(.*\.(css|php))$ index.php?app=$1&getfile=$2 [QSA,L]\n";
  729. $content.= "RewriteRule ^remote/(.*) remote.php [QSA,L]\n";
  730. $content.= "</IfModule>\n";
  731. $content.= "<IfModule mod_mime.c>\n";
  732. $content.= "AddType image/svg+xml svg svgz\n";
  733. $content.= "AddEncoding gzip svgz\n";
  734. $content.= "</IfModule>\n";
  735. $content.= "Options -Indexes\n";
  736. @file_put_contents(OC::$SERVERROOT.'/.htaccess', $content); //supress errors in case we don't have permissions for it
  737. self::protectDataDirectory();
  738. }
  739. public static function protectDataDirectory() {
  740. $content = "deny from all\n";
  741. $content.= "IndexIgnore *";
  742. file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data').'/.htaccess', $content);
  743. file_put_contents(OC_Config::getValue('datadirectory', OC::$SERVERROOT.'/data').'/index.html', '');
  744. }
  745. /**
  746. * @brief Post installation checks
  747. */
  748. public static function postSetupCheck($params) {
  749. // setup was successful -> webdav testing now
  750. $l = self::getTrans();
  751. if (OC_Util::isWebDAVWorking()) {
  752. header("Location: ".OC::$WEBROOT.'/');
  753. } else {
  754. $error = $l->t('Your web server is not yet properly setup to allow files synchronization because the WebDAV interface seems to be broken.');
  755. $hint = $l->t('Please double check the <a href=\'%s\'>installation guides</a>.',
  756. 'http://doc.owncloud.org/server/5.0/admin_manual/installation.html');
  757. $tmpl = new OC_Template('', 'error', 'guest');
  758. $tmpl->assign('errors', array(1 => array('error' => $error, 'hint' => $hint)));
  759. $tmpl->printPage();
  760. exit();
  761. }
  762. }
  763. }