1<?php 2 3/** 4 * webtrees: online genealogy 5 * Copyright (C) 2019 webtrees development team 6 * This program is free software: you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation, either version 3 of the License, or 9 * (at your option) any later version. 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <http://www.gnu.org/licenses/>. 16 */ 17 18declare(strict_types=1); 19 20namespace Fisharebest\Webtrees\Http\RequestHandlers; 21 22use Exception; 23use Fisharebest\Localization\Locale; 24use Fisharebest\Localization\Locale\LocaleEnUs; 25use Fisharebest\Localization\Locale\LocaleInterface; 26use Fisharebest\Webtrees\Auth; 27use Fisharebest\Webtrees\Cache; 28use Fisharebest\Webtrees\Factories\CacheFactory; 29use Fisharebest\Webtrees\Factory; 30use Fisharebest\Webtrees\Http\ViewResponseTrait; 31use Fisharebest\Webtrees\I18N; 32use Fisharebest\Webtrees\Module\ModuleLanguageInterface; 33use Fisharebest\Webtrees\Services\MigrationService; 34use Fisharebest\Webtrees\Services\ModuleService; 35use Fisharebest\Webtrees\Services\ServerCheckService; 36use Fisharebest\Webtrees\Services\UserService; 37use Fisharebest\Webtrees\Session; 38use Fisharebest\Webtrees\User; 39use Fisharebest\Webtrees\Webtrees; 40use Illuminate\Database\Capsule\Manager as DB; 41use Psr\Http\Message\ResponseInterface; 42use Psr\Http\Message\ServerRequestInterface; 43use Psr\Http\Server\RequestHandlerInterface; 44use Symfony\Component\Cache\Adapter\NullAdapter; 45use Throwable; 46 47use function app; 48use function e; 49use function file_get_contents; 50use function file_put_contents; 51use function ini_get; 52use function random_bytes; 53use function realpath; 54use function redirect; 55use function substr; 56use function touch; 57use function unlink; 58use function view; 59 60/** 61 * Controller for the installation wizard 62 */ 63class SetupWizard implements RequestHandlerInterface 64{ 65 use ViewResponseTrait; 66 67 private const DEFAULT_DBTYPE = 'mysql'; 68 private const DEFAULT_PREFIX = 'wt_'; 69 private const DEFAULT_DATA = [ 70 'baseurl' => '', 71 'lang' => '', 72 'dbtype' => self::DEFAULT_DBTYPE, 73 'dbhost' => '', 74 'dbport' => '', 75 'dbuser' => '', 76 'dbpass' => '', 77 'dbname' => '', 78 'tblpfx' => self::DEFAULT_PREFIX, 79 'wtname' => '', 80 'wtuser' => '', 81 'wtpass' => '', 82 'wtemail' => '', 83 ]; 84 85 /** @var MigrationService */ 86 private $migration_service; 87 88 /** @var ModuleService */ 89 private $module_service; 90 91 /** @var ServerCheckService */ 92 private $server_check_service; 93 94 /** @var UserService */ 95 private $user_service; 96 97 /** 98 * SetupWizard constructor. 99 * 100 * @param MigrationService $migration_service 101 * @param ModuleService $module_service 102 * @param ServerCheckService $server_check_service 103 * @param UserService $user_service 104 */ 105 public function __construct( 106 MigrationService $migration_service, 107 ModuleService $module_service, 108 ServerCheckService $server_check_service, 109 UserService $user_service 110 ) { 111 $this->user_service = $user_service; 112 $this->migration_service = $migration_service; 113 $this->module_service = $module_service; 114 $this->server_check_service = $server_check_service; 115 } 116 117 /** 118 * Installation wizard - check user input and proceed to the next step. 119 * 120 * @param ServerRequestInterface $request 121 * 122 * @return ResponseInterface 123 */ 124 public function handle(ServerRequestInterface $request): ResponseInterface 125 { 126 $this->layout = 'layouts/setup'; 127 128 // Some functions need a cache, but we don't have one yet. 129 Factory::cache(new CacheFactory()); 130 131 // We will need an IP address for the logs. 132 $ip_address = $request->getServerParams()['REMOTE_ADDR'] ?? '127.0.0.1'; 133 $request = $request->withAttribute('client-ip', $ip_address); 134 135 app()->instance(ServerRequestInterface::class, $request); 136 app()->instance('cache.array', new Cache(new NullAdapter())); 137 138 $data = $this->userData($request); 139 140 $params = (array) $request->getParsedBody(); 141 $step = (int) ($params['step'] ?? '1'); 142 143 $locales = $this->module_service 144 ->setupLanguages() 145 ->map(static function (ModuleLanguageInterface $module): LocaleInterface { 146 return $module->locale(); 147 }); 148 149 if ($data['lang'] === '') { 150 $default = new LocaleEnUs(); 151 152 $locale = Locale::httpAcceptLanguage($request->getServerParams(), $locales->all(), $default); 153 154 $data['lang'] = $locale->languageTag(); 155 } 156 157 I18N::init($data['lang'], true); 158 159 $data['cpu_limit'] = $this->maxExecutionTime(); 160 $data['locales'] = $locales->all(); 161 $data['memory_limit'] = $this->memoryLimit(); 162 163 // Only show database errors after the user has chosen a driver. 164 if ($step >= 4) { 165 $data['errors'] = $this->server_check_service->serverErrors($data['dbtype']); 166 $data['warnings'] = $this->server_check_service->serverWarnings($data['dbtype']); 167 } else { 168 $data['errors'] = $this->server_check_service->serverErrors(); 169 $data['warnings'] = $this->server_check_service->serverWarnings(); 170 } 171 172 if (!$this->checkFolderIsWritable(Webtrees::DATA_DIR)) { 173 $data['errors']->push( 174 '<code>' . e(realpath(Webtrees::DATA_DIR)) . '</code><br>' . 175 I18N::translate('Oops! webtrees was unable to create files in this folder.') . ' ' . 176 I18N::translate('This usually means that you need to change the folder permissions to 777.') 177 ); 178 } 179 180 switch ($step) { 181 default: 182 case 1: 183 return $this->step1Language($data); 184 case 2: 185 return $this->step2CheckServer($data); 186 case 3: 187 return $this->step3DatabaseType($data); 188 case 4: 189 return $this->step4DatabaseConnection($data); 190 case 5: 191 return $this->step5Administrator($data); 192 case 6: 193 return $this->step6Install($data); 194 } 195 } 196 197 /** 198 * @param ServerRequestInterface $request 199 * 200 * @return array<string,mixed> 201 */ 202 private function userData(ServerRequestInterface $request): array 203 { 204 $params = (array) $request->getParsedBody(); 205 206 $data = []; 207 208 foreach (self::DEFAULT_DATA as $key => $default) { 209 $data[$key] = $params[$key] ?? $default; 210 } 211 212 return $data; 213 } 214 215 /** 216 * The server's memory limit 217 * 218 * @return int 219 */ 220 private function maxExecutionTime(): int 221 { 222 return (int) ini_get('max_execution_time'); 223 } 224 225 /** 226 * The server's memory limit (in MB). 227 * 228 * @return int 229 */ 230 private function memoryLimit(): int 231 { 232 $memory_limit = ini_get('memory_limit'); 233 234 $number = (int) $memory_limit; 235 236 switch (substr($memory_limit, -1)) { 237 case 'g': 238 case 'G': 239 return $number * 1024; 240 case 'm': 241 case 'M': 242 return $number; 243 case 'k': 244 case 'K': 245 return (int) ($number / 1024); 246 default: 247 return (int) ($number / 1048576); 248 } 249 } 250 251 /** 252 * Check we can write to the data folder. 253 * 254 * @param string $data_dir 255 * 256 * @return bool 257 */ 258 private function checkFolderIsWritable(string $data_dir): bool 259 { 260 $text1 = random_bytes(32); 261 262 try { 263 file_put_contents($data_dir . 'test.txt', $text1); 264 $text2 = file_get_contents(Webtrees::DATA_DIR . 'test.txt'); 265 unlink(Webtrees::DATA_DIR . 'test.txt'); 266 } catch (Exception $ex) { 267 return false; 268 } 269 270 return $text1 === $text2; 271 } 272 273 /** 274 * @param array<string,mixed> $data 275 * 276 * @return ResponseInterface 277 */ 278 private function step1Language(array $data): ResponseInterface 279 { 280 return $this->viewResponse('setup/step-1-language', $data); 281 } 282 283 /** 284 * @param array<string,mixed> $data 285 * 286 * @return ResponseInterface 287 */ 288 private function step2CheckServer(array $data): ResponseInterface 289 { 290 return $this->viewResponse('setup/step-2-server-checks', $data); 291 } 292 293 /** 294 * @param array<string,mixed> $data 295 * 296 * @return ResponseInterface 297 */ 298 private function step3DatabaseType(array $data): ResponseInterface 299 { 300 if ($data['errors']->isNotEmpty()) { 301 return $this->viewResponse('setup/step-2-server-checks', $data); 302 } 303 304 return $this->viewResponse('setup/step-3-database-type', $data); 305 } 306 307 /** 308 * @param array<string,mixed> $data 309 * 310 * @return ResponseInterface 311 */ 312 private function step4DatabaseConnection(array $data): ResponseInterface 313 { 314 if ($data['errors']->isNotEmpty()) { 315 return $this->step3DatabaseType($data); 316 } 317 318 return $this->viewResponse('setup/step-4-database-' . $data['dbtype'], $data); 319 } 320 321 /** 322 * @param array<string,mixed> $data 323 * 324 * @return ResponseInterface 325 */ 326 private function step5Administrator(array $data): ResponseInterface 327 { 328 try { 329 $this->connectToDatabase($data); 330 } catch (Throwable $ex) { 331 $data['errors']->push($ex->getMessage()); 332 333 // Don't jump to step 4, as the error will make it jump to step 3. 334 return $this->viewResponse('setup/step-4-database-' . $data['dbtype'], $data); 335 } 336 337 return $this->viewResponse('setup/step-5-administrator', $data); 338 } 339 340 /** 341 * @param array<string,mixed> $data 342 * 343 * @return ResponseInterface 344 */ 345 private function step6Install(array $data): ResponseInterface 346 { 347 $error = $this->checkAdminUser($data['wtname'], $data['wtuser'], $data['wtpass'], $data['wtemail']); 348 349 if ($error !== '') { 350 $data['errors']->push($error); 351 352 return $this->step5Administrator($data); 353 } 354 355 try { 356 $this->createConfigFile($data); 357 } catch (Throwable $exception) { 358 return $this->viewResponse('setup/step-6-failed', ['exception' => $exception]); 359 } 360 361 // Done - start using webtrees! 362 return redirect($data['baseurl']); 363 } 364 365 /** 366 * @param string $wtname 367 * @param string $wtuser 368 * @param string $wtpass 369 * @param string $wtemail 370 * 371 * @return string 372 */ 373 private function checkAdminUser($wtname, $wtuser, $wtpass, $wtemail): string 374 { 375 if ($wtname === '' || $wtuser === '' || $wtpass === '' || $wtemail === '') { 376 return I18N::translate('You must enter all the administrator account fields.'); 377 } 378 379 if (mb_strlen($wtpass) < 6) { 380 return I18N::translate('The password needs to be at least six characters long.'); 381 } 382 383 return ''; 384 } 385 386 /** 387 * @param array<string,mixed> $data 388 * 389 * @return void 390 */ 391 private function createConfigFile(array $data): void 392 { 393 // Create/update the database tables. 394 $this->connectToDatabase($data); 395 $this->migration_service->updateSchema('\Fisharebest\Webtrees\Schema', 'WT_SCHEMA_VERSION', Webtrees::SCHEMA_VERSION); 396 397 // Add some default/necessary configuration data. 398 $this->migration_service->seedDatabase(); 399 400 // If we are re-installing, then this user may already exist. 401 $admin = $this->user_service->findByIdentifier($data['wtemail']); 402 if ($admin === null) { 403 $admin = $this->user_service->findByIdentifier($data['wtuser']); 404 } 405 // Create the user 406 if ($admin === null) { 407 $admin = $this->user_service->create($data['wtuser'], $data['wtname'], $data['wtemail'], $data['wtpass']); 408 $admin->setPreference(User::PREF_LANGUAGE, $data['lang']); 409 $admin->setPreference(User::PREF_IS_VISIBLE_ONLINE, '1'); 410 } else { 411 $admin->setPassword($_POST['wtpass']); 412 } 413 // Make the user an administrator 414 $admin->setPreference(User::PREF_IS_ADMINISTRATOR, '1'); 415 $admin->setPreference(User::PREF_IS_EMAIL_VERIFIED, '1'); 416 $admin->setPreference(User::PREF_IS_ACCOUNT_APPROVED, '1'); 417 418 // Write the config file. We already checked that this would work. 419 $config_ini_php = view('setup/config.ini', $data); 420 421 file_put_contents(Webtrees::CONFIG_FILE, $config_ini_php); 422 423 // Login as the new user 424 $request = app(ServerRequestInterface::class) 425 ->withAttribute('base_url', $data['baseurl']); 426 427 Session::start($request); 428 Auth::login($admin); 429 Session::put('language', $data['lang']); 430 } 431 432 /** 433 * @param array<string,mixed> $data 434 * 435 * @return void 436 */ 437 private function connectToDatabase(array $data): void 438 { 439 $capsule = new DB(); 440 441 // Try to create the database, if it does not already exist. 442 switch ($data['dbtype']) { 443 case 'sqlite': 444 $data['dbname'] = Webtrees::ROOT_DIR . 'data/' . $data['dbname'] . '.sqlite'; 445 touch($data['dbname']); 446 break; 447 448 case 'mysql': 449 $capsule->addConnection([ 450 'driver' => $data['dbtype'], 451 'host' => $data['dbhost'], 452 'port' => $data['dbport'], 453 'database' => '', 454 'username' => $data['dbuser'], 455 'password' => $data['dbpass'], 456 ], 'temp'); 457 $capsule->getConnection('temp')->statement('CREATE DATABASE IF NOT EXISTS `' . $data['dbname'] . '` COLLATE utf8_unicode_ci'); 458 break; 459 } 460 461 // Connect to the database. 462 $capsule->addConnection([ 463 'driver' => $data['dbtype'], 464 'host' => $data['dbhost'], 465 'port' => $data['dbport'], 466 'database' => $data['dbname'], 467 'username' => $data['dbuser'], 468 'password' => $data['dbpass'], 469 'prefix' => $data['tblpfx'], 470 'prefix_indexes' => true, 471 // For MySQL 472 'charset' => 'utf8', 473 'collation' => 'utf8_unicode_ci', 474 'timezone' => '+00:00', 475 'engine' => 'InnoDB', 476 'modes' => [ 477 'ANSI', 478 'STRICT_TRANS_TABLES', 479 'NO_ZERO_IN_DATE', 480 'NO_ZERO_DATE', 481 'ERROR_FOR_DIVISION_BY_ZERO', 482 ], 483 // For SQLite 484 'foreign_key_constraints' => true, 485 ]); 486 487 $capsule->setAsGlobal(); 488 } 489} 490