svalavuo
/
website


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168
							<?php
/**
 * Web Publication System Setup Script
 * This script will set up the database and create necessary configuration files
 */

// Prevent direct access if already installed
if (file_exists('../includes/config.php')) {
    die("System appears to be already installed. Please remove includes/config.php to reinstall.");
}

// Database configuration form handling
$db_host = 'localhost';
$db_name = 'webpub';
$db_user = '';
$db_pass = '';
$site_title = 'Web Publication System';
$admin_username = 'admin';
$admin_password = '';
$admin_email = '';

$errors = [];
$success = false;

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // Validate and sanitize input
    $db_host = trim($_POST['db_host'] ?? 'localhost');
    $db_name = trim($_POST['db_name'] ?? 'webpub');
    $db_user = trim($_POST['db_user'] ?? '');
    $db_pass = trim($_POST['db_pass'] ?? '');
    $site_title = trim($_POST['site_title'] ?? 'Web Publication System');
    $admin_username = trim($_POST['admin_username'] ?? 'admin');
    $admin_password = trim($_POST['admin_password'] ?? '');
    $admin_email = trim($_POST['admin_email'] ?? '');

    // Validation
    if (empty($db_user)) $errors[] = 'Database username is required';
    if (empty($admin_password)) $errors[] = 'Admin password is required';
    if (empty($admin_email)) $errors[] = 'Admin email is required';
    if (!filter_var($admin_email, FILTER_VALIDATE_EMAIL)) $errors[] = 'Invalid email format';

    if (empty($errors)) {
        try {
            // Test database connection
            $pdo = new PDO("mysql:host=$db_host", $db_user, $db_pass);
            $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

            // Create database if it doesn't exist
            $pdo->exec("CREATE DATABASE IF NOT EXISTS `$db_name` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci");
            $pdo->exec("USE `$db_name`");

            // Import SQL schema
            $sql = file_get_contents('database.sql');
            $pdo->exec($sql);

            // Update admin user with provided credentials
            $hashed_password = password_hash($admin_password, PASSWORD_DEFAULT);
            $stmt = $pdo->prepare("UPDATE users SET username = ?, password = ?, email = ? WHERE username = 'admin'");
            $stmt->execute([$admin_username, $hashed_password, $admin_email]);

            // Create configuration file
            $config_content = "<?php\n";
            $config_content .= "// Database configuration\n";
            $config_content .= "define('DB_HOST', '$db_host');\n";
            $config_content .= "define('DB_NAME', '$db_name');\n";
            $config_content .= "define('DB_USER', '$db_user');\n";
            $config_content .= "define('DB_PASS', '$db_pass');\n\n";
            $config_content .= "// Site configuration\n";
            $config_content .= "define('SITE_TITLE', '$site_title');\n";
            $config_content .= "define('SITE_URL', '" . ($_SERVER['HTTPS'] ? 'https' : 'http') . "://{$_SERVER['HTTP_HOST']}" . dirname($_SERVER['PHP_SELF']) . "/../');\n";
            $config_content .= "define('ADMIN_EMAIL', '$admin_email');\n";

            if (file_put_contents('../includes/config.php', $config_content)) {
                $success = true;
            } else {
                $errors[] = 'Failed to create configuration file. Check file permissions.';
            }

        } catch (PDOException $e) {
            $errors[] = 'Database error: ' . $e->getMessage();
        }
    }
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Web Publication System Setup</title>
    <link rel="stylesheet" href="../css/style.css">
</head>
<body>
    <div class="container">
        <h1>Web Publication System Setup</h1>
        
        <?php if ($success): ?>
            <div class="alert alert-success">
                <h3>Installation Complete!</h3>
                <p>The system has been successfully installed. You can now:</p>
                <ul>
                    <li><a href="../admin/">Access the admin panel</a></li>
                    <li><a href="../public/">View the public site</a></li>
                </ul>
                <p><strong>Important:</strong> Delete the setup directory for security.</p>
            </div>
        <?php else: ?>
            <?php if (!empty($errors)): ?>
                <div class="alert alert-error">
                    <?php foreach ($errors as $error): ?>
                        <p><?php echo htmlspecialchars($error); ?></p>
                    <?php endforeach; ?>
                </div>
            <?php endif; ?>

            <form method="post" class="setup-form">
                <h2>Database Configuration</h2>
                
                <div class="form-group">
                    <label for="db_host">Database Host:</label>
                    <input type="text" id="db_host" name="db_host" value="<?php echo htmlspecialchars($db_host); ?>" required>
                </div>

                <div class="form-group">
                    <label for="db_name">Database Name:</label>
                    <input type="text" id="db_name" name="db_name" value="<?php echo htmlspecialchars($db_name); ?>" required>
                </div>

                <div class="form-group">
                    <label for="db_user">Database Username:</label>
                    <input type="text" id="db_user" name="db_user" value="<?php echo htmlspecialchars($db_user); ?>" required>
                </div>

                <div class="form-group">
                    <label for="db_pass">Database Password:</label>
                    <input type="password" id="db_pass" name="db_pass">
                </div>

                <h2>Site Configuration</h2>

                <div class="form-group">
                    <label for="site_title">Site Title:</label>
                    <input type="text" id="site_title" name="site_title" value="<?php echo htmlspecialchars($site_title); ?>" required>
                </div>

                <h2>Administrator Account</h2>

                <div class="form-group">
                    <label for="admin_username">Admin Username:</label>
                    <input type="text" id="admin_username" name="admin_username" value="<?php echo htmlspecialchars($admin_username); ?>" required>
                </div>

                <div class="form-group">
                    <label for="admin_password">Admin Password:</label>
                    <input type="password" id="admin_password" name="admin_password" required>
                </div>

                <div class="form-group">
                    <label for="admin_email">Admin Email:</label>
                    <input type="email" id="admin_email" name="admin_email" value="<?php echo htmlspecialchars($admin_email); ?>" required>
                </div>

                <button type="submit" class="btn btn-primary">Install System</button>
            </form>
        <?php endif; ?>
    </div>
</body>
</html>