PHP Class ElggInstaller, Elgg

Controller for installing Elgg. Supports both web-based on CLI installation. This controller steps the user through the install process. The method for each step handles both the GET and POST requests. There is no XSS/CSRF protection on the POST processing since the installer is only run once by the administrator. The installation process can be resumed by hitting the first page. The installer will try to figure out where to pick up again. All the logic for the installation process is in this class, but it depends on the core libraries. To do this, we selectively load a subset of the core libraries for the first few steps and then load the entire engine once the database and site settings are configured. In addition, this controller does its own session handling until the database is setup. There is an aborted attempt in the code at creating the data directory for users as a subdirectory of Elgg's root. The idea was to protect this directory through a .htaccess file. The problem is that a malicious user can upload a .htaccess of his own that overrides the protection for his user directory. The best solution is server level configuration that turns off AllowOverride for the data directory. See ticket #3453 for discussion on this.
Exibir arquivo Open project: elgg/elgg Class Usage Examples

Protected Properties

Property Type Description
$autoLogin
$isAction
$status
$steps

Public Methods

Method Description
__construct ( ) Constructor bootstraps the Elgg engine
batchInstall ( array $params, boolean $createHtaccess = FALSE ) : void A batch install of Elgg
run ( string $step ) : void Dispatches a request to one of the step controllers
setAutoLogin ( boolean $flag ) : void Set the auto login flag

Protected Methods

Method Description
admin ( array $submissionVars ) : void Admin account controller
bootstrapConfig ( ) : void Set up configuration variables
bootstrapEngine ( ) : void Load the essential libraries of the engine
checkDatabaseSettings ( string $user, string $password, string $dbname, string $host ) : boolean Confirm the settings for the database
checkInstallCompletion ( string $step ) : void Security check to ensure the installer cannot be run after installation has finished. If this is detected, the viewer is sent to the front page.
checkPHP ( &$report ) : void Check version of PHP, extensions, and variables
checkPhpDirectives ( &$phpReport ) : void Check PHP parameters
checkPhpExtensions ( &$phpReport ) : void Check the server's PHP extensions
checkRewriteRules ( &$report ) : void Confirm that the rewrite rules are firing
checkSettingsFile ( &$report = [] ) : boolean Check that the settings file exists
complete ( ) : void Controller for last step
connectToDatabase ( ) : boolean Bootstrap database connection before entire engine is available
continueToNextStep ( string $currentStep ) : void Forwards the browser to the next step
countNumConditions ( array $report, string $condition ) : integer Count the number of failures in the requirements report
createAdminAccount ( array $submissionVars, boolean $login = FALSE ) : boolean Create a user account for the admin
createDataDirectory ( &$submissionVars, array $formVars ) : boolean Create the data directory if requested
createSettingsFile ( array $params ) : boolean Writes the settings file to the engine directory
database ( array $submissionVars ) : void Database set up controller
enablePlugins ( ) : void Enable a set of default plugins
finishBootstraping ( string $step ) : void Load remaining engine libraries and complete bootstrapping
getBaseUrl ( ) : string Get the best guess at the base URL
getNextStep ( string $currentStep ) : string Get the next step as a string
getNextStepUrl ( string $currentStep ) : string Get the URL of the next step
getPostVariables ( ) : array Return an associative array of post variables (could be selective based on expected variables)
getSteps ( ) : array Get an array of steps
installDatabase ( ) : boolean Create the database tables
isInstallDirWritable ( &$report ) : boolean Indicates whether the webserver can add settings.php on its own or not.
loadSettingsFile ( ) : void Load settings.php
makeFormSticky ( array $formVars, array $submissionVars ) : array If form is reshown, remember previously submitted variables
processRewriteTest ( ) : void Check if the request is coming from the URL rewrite test on the requirements page.
render ( string $step, array $vars = [] ) : void Renders the data passed by a controller
requirements ( array $vars ) : void Requirements controller
resumeInstall ( string $step ) : string Check if this is a case of a install being resumed and figure out where to continue from. Returns the best guess on the step.
saveSiteSettings ( array $submissionVars ) : boolean Initialize the site including site entity, plugins, and configuration
setInstallStatus ( ) : void Check the different install steps for completion
setSubtypeClasses ( ) : void Register classes for core objects
settings ( array $submissionVars ) : void Site settings controller
validateAdminVars ( array $submissionVars, array $formVars ) : boolean Validate account form variables
validateDatabaseVars ( array $submissionVars, array $formVars ) : boolean Validate the variables for the database step
validateSettingsVars ( array $submissionVars, array $formVars ) : boolean Validate the site settings form variables
welcome ( array $vars ) : void Welcome controller

Private Methods

Method Description
getSettingsPath ( ) : string Returns the path to the root settings.php file.
isHttps ( ) : boolean

Method Details

__construct() public method

Constructor bootstraps the Elgg engine
public __construct ( )

admin() protected method

Creates an admin user account
protected admin ( array $submissionVars ) : void
$submissionVars array Submitted vars
return void

batchInstall() public method

All required parameters must be passed in as an associative array. See $requiredParams for a list of them. This creates the necessary files, loads the database, configures the site settings, and creates the admin account. If it fails, an exception is thrown. It does not check any of the requirements as the multiple step web installer does. If the settings.php file exists, it will use that rather than the parameters passed to this function.
public batchInstall ( array $params, boolean $createHtaccess = FALSE ) : void
$params array Array of key value pairs
$createHtaccess boolean Should .htaccess be created
return void

bootstrapConfig() protected method

Set up configuration variables
protected bootstrapConfig ( ) : void
return void

bootstrapEngine() protected method

Load the essential libraries of the engine
protected bootstrapEngine ( ) : void
return void

checkDatabaseSettings() protected method

Confirm the settings for the database
protected checkDatabaseSettings ( string $user, string $password, string $dbname, string $host ) : boolean
$user string Username
$password string Password
$dbname string Database name
$host string Host
return boolean

checkInstallCompletion() protected method

Security check to ensure the installer cannot be run after installation has finished. If this is detected, the viewer is sent to the front page.
protected checkInstallCompletion ( string $step ) : void
$step string Installation step to check against
return void

checkPHP() protected method

Check version of PHP, extensions, and variables
protected checkPHP ( &$report ) : void
return void

checkPhpDirectives() protected method

Check PHP parameters
protected checkPhpDirectives ( &$phpReport ) : void
return void

checkPhpExtensions() protected method

Check the server's PHP extensions
protected checkPhpExtensions ( &$phpReport ) : void
return void

checkRewriteRules() protected method

Confirm that the rewrite rules are firing
protected checkRewriteRules ( &$report ) : void
return void

checkSettingsFile() protected method

Check that the settings file exists
protected checkSettingsFile ( &$report = [] ) : boolean
return boolean

complete() protected method

Controller for last step
protected complete ( ) : void
return void

connectToDatabase() protected method

Bootstrap database connection before entire engine is available
protected connectToDatabase ( ) : boolean
return boolean

continueToNextStep() protected method

Forwards the browser to the next step
protected continueToNextStep ( string $currentStep ) : void
$currentStep string Current installation step
return void

countNumConditions() protected method

Count the number of failures in the requirements report
protected countNumConditions ( array $report, string $condition ) : integer
$report array The requirements report array
$condition string 'failure' or 'warning'
return integer

createAdminAccount() protected method

Create a user account for the admin
protected createAdminAccount ( array $submissionVars, boolean $login = FALSE ) : boolean
$submissionVars array Submitted vars
$login boolean Login in the admin user?
return boolean

createDataDirectory() protected method

Create the data directory if requested
protected createDataDirectory ( &$submissionVars, array $formVars ) : boolean
$formVars array Variables in the form
return boolean

createSettingsFile() protected method

Writes the settings file to the engine directory
protected createSettingsFile ( array $params ) : boolean
$params array Array of inputted params from the user
return boolean

database() protected method

Creates the settings.php file and creates the database tables
protected database ( array $submissionVars ) : void
$submissionVars array Submitted form variables
return void

enablePlugins() protected method

Enable a set of default plugins
protected enablePlugins ( ) : void
return void

finishBootstraping() protected method

Load remaining engine libraries and complete bootstrapping
protected finishBootstraping ( string $step ) : void
$step string Which step to boot strap for. Required because boot strapping is different until the DB is populated.
return void

getBaseUrl() protected method

Get the best guess at the base URL
protected getBaseUrl ( ) : string
return string

getNextStep() protected method

Get the next step as a string
protected getNextStep ( string $currentStep ) : string
$currentStep string Current installation step
return string

getNextStepUrl() protected method

Get the URL of the next step
protected getNextStepUrl ( string $currentStep ) : string
$currentStep string Current installation step
return string

getPostVariables() protected method

Does not filter as person installing the site should not be attempting XSS attacks. If filtering is added, it should not be done for passwords.
protected getPostVariables ( ) : array
return array

getSteps() protected method

Get an array of steps
protected getSteps ( ) : array
return array

installDatabase() protected method

Create the database tables
protected installDatabase ( ) : boolean
return boolean

isInstallDirWritable() protected method

Indicates whether the webserver can add settings.php on its own or not.
protected isInstallDirWritable ( &$report ) : boolean
return boolean

loadSettingsFile() protected method

Load settings.php
protected loadSettingsFile ( ) : void
return void

makeFormSticky() protected method

If form is reshown, remember previously submitted variables
protected makeFormSticky ( array $formVars, array $submissionVars ) : array
$formVars array Vars int he form
$submissionVars array Submitted vars
return array

processRewriteTest() protected method

Check if the request is coming from the URL rewrite test on the requirements page.
protected processRewriteTest ( ) : void
return void

render() protected method

Renders the data passed by a controller
protected render ( string $step, array $vars = [] ) : void
$step string The current step
$vars array Array of vars to pass to the view
return void

requirements() protected method

Checks version of php, libraries, permissions, and rewrite rules
protected requirements ( array $vars ) : void
$vars array Vars
return void

resumeInstall() protected method

Check if this is a case of a install being resumed and figure out where to continue from. Returns the best guess on the step.
protected resumeInstall ( string $step ) : string
$step string Installation step to resume from
return string

run() public method

Dispatches a request to one of the step controllers
public run ( string $step ) : void
$step string The installation step to run
return void

saveSiteSettings() protected method

Initialize the site including site entity, plugins, and configuration
protected saveSiteSettings ( array $submissionVars ) : boolean
$submissionVars array Submitted vars
return boolean

setAutoLogin() public method

Set the auto login flag
public setAutoLogin ( boolean $flag ) : void
$flag boolean Auto login
return void

setInstallStatus() protected method

Check the different install steps for completion
protected setInstallStatus ( ) : void
return void

setSubtypeClasses() protected method

Register classes for core objects
protected setSubtypeClasses ( ) : void
return void

settings() protected method

Sets the site name, URL, data directory, etc.
protected settings ( array $submissionVars ) : void
$submissionVars array Submitted vars
return void

validateAdminVars() protected method

Validate account form variables
protected validateAdminVars ( array $submissionVars, array $formVars ) : boolean
$submissionVars array Submitted vars
$formVars array Form vars
return boolean

validateDatabaseVars() protected method

Validate the variables for the database step
protected validateDatabaseVars ( array $submissionVars, array $formVars ) : boolean
$submissionVars array Submitted vars
$formVars array Vars in the form
return boolean

validateSettingsVars() protected method

Validate the site settings form variables
protected validateSettingsVars ( array $submissionVars, array $formVars ) : boolean
$submissionVars array Submitted vars
$formVars array Vars in the form
return boolean

welcome() protected method

Welcome controller
protected welcome ( array $vars ) : void
$vars array Not used
return void

Property Details

$autoLogin protected_oe property

protected $autoLogin

$isAction protected_oe property

protected $isAction

$status protected_oe property

protected $status

$steps protected_oe property

protected $steps