Fixed problems with installer and config file (chdir and error-connecting-to-MySQL issues)
authorDan
Fri, 22 Jun 2007 10:16:14 -0400
changeset 12 c96a9b56f16c
parent 11 ccad6026a168
child 13 fdd6b9dd42c3
Fixed problems with installer and config file (chdir and error-connecting-to-MySQL issues)
includes/common.php
install.php
--- a/includes/common.php	Thu Jun 21 12:00:16 2007 -0400
+++ b/includes/common.php	Fri Jun 22 10:16:14 2007 -0400
@@ -18,7 +18,7 @@
   <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"><html><head><title>Hacking Attempt</title><meta http-equiv="Content-type" content="text/html; charset=utf-8" /></head><style type="text/css">body{background-color:#000;color:#CCC;font-family:trebuchet ms,sans-serif;font-size:9pt;}a{color:#FFF;}</style><body><p>Hacking attempt using <a href="http://www.hardened-php.net/index.76.html">PHP $GLOBALS overwrite vulnerability</a> detected, reported to admin</p><p>You're worse than this guy! Unless you are this guy...</p><p id="billp"><img alt=" " src="about:blank" id="billi" /></p><script type="text/javascript">// <![CDATA[
   window.onload=function(){counter();setInterval('counter();', 1000);};var text=false;var cnt=10;function counter(){if(!text){text=document.createElement('span');text.id='billc';text.innerHTML=cnt;text.style.fontSize='96pt';text.style.color='#FF0000';p=document.getElementById('billp');p.appendChild(text);}else{if(cnt==1){document.getElementById('billi').src='http://upload.wikimedia.org/wikipedia/commons/7/7f/Bill_Gates_2004_cr.jpg';document.getElementById('billc').innerHTML='';return;}cnt--;document.getElementById('billc').innerHTML=cnt+' ';}}
   // ]]>
-  </script><p><span style="color:black;">Powered by Enano and valid XHTML 1.1</span></p></body></html>
+  </script><p><span style="color:black;">You been f***ed by Enano | valid XHTML 1.1</span></p></body></html>
   <?php
   exit;
 }
@@ -37,7 +37,7 @@
 error_reporting(E_ALL);
 
 // Determine directory (special case for development servers)
-if ( strpos(__FILE__, '/repo/') && file_exists('.enanodev') )
+if ( strpos(__FILE__, '/repo/') && ( file_exists('.enanodev') || file_exists('../.enanodev') ) )
 {
   $filename = str_replace('/repo/', '/', __FILE__);
 }
--- a/install.php	Thu Jun 21 12:00:16 2007 -0400
+++ b/install.php	Fri Jun 22 10:16:14 2007 -0400
@@ -39,7 +39,17 @@
 global $_starttime, $this_page, $sideinfo;
 $_starttime = microtime(true);
 
-define('ENANO_ROOT', dirname(__FILE__));
+// Determine directory (special case for development servers)
+if ( strpos(__FILE__, '/repo/') && file_exists('.enanodev') )
+{
+  $filename = str_replace('/repo/', '/', __FILE__);
+}
+else
+{
+  $filename = __FILE__;
+}
+
+define('ENANO_ROOT', dirname($filename));
 
 function is_page($p) { return true; }
 require('includes/wikiformat.php');
@@ -702,6 +712,10 @@
     unset($_POST['_cont']);
     require('config.php');
     $aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
+    if ( isset($crypto_key) )
+    {
+      $cryptkey = $crypto_key;
+    }
     if(!isset($cryptkey) || ( isset($cryptkey) && strlen($cryptkey) != AES_BITS / 4) )
     {
       $cryptkey = $aes->gen_readymade_key();
@@ -980,6 +994,11 @@
       
       echo 'Decrypting administration password...';
       require('config.php');
+      if ( !isset($cryptkey) )
+      {
+        echo 'failed!<br />Cannot get the key from config.php';
+        break;
+      }
       $aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
       $key = $aes->hexToByteArray($cryptkey);
       $enc = $aes->hexToByteArray($_POST['crypt_data']);