Location: PHPKode > scripts > SSIM-lite > 41BA668E/ssim-lite/setup/setup.php
<?php
###########################################################################################
#Copyright Notice
#
# I Paul Hardwick (hide@address.com) own the copyright for this program and its contents - � 2009-2012 www.saphe.net. 
# All rights reserved.
#
# You may not, except with my express written permission, distribute or commercially exploit the content. 
# Nor may you transmit it or store it in any other website or other form of electronic retrieval system.
#
# This program is a component of the Saphe.net Simple Site Intergrity Monitor application which is
# �2011 Saphe.net and subject to the end user software license agreement (EULA.pdf) 
#included with this software.  
# 
###########################################################################################
###########################################################################################

session_start();
$tmplfile = "..".DIRECTORY_SEPARATOR."templates".DIRECTORY_SEPARATOR."frsetup.html";
$confile = "..".DIRECTORY_SEPARATOR."includes".DIRECTORY_SEPARATOR."sa_config.php";

if (!is_dir("..".DIRECTORY_SEPARATOR.'.saphetmp')) mkdir("..".DIRECTORY_SEPARATOR.'.saphetmp');

function joinPaths($s1,$s2) {
  return preg_replace('/\\'.DIRECTORY_SEPARATOR.'{2,}/', DIRECTORY_SEPARATOR, implode(DIRECTORY_SEPARATOR, array($s1,$s2)));
}

function farry($ary) {
	$out = '';
	foreach($ary as $val) {
		$out .= ($out != '') ? ', ' . $val : $val;
	}
	return $out;
}

$sa_defaults = array();

function initarray() {
	global $confile;
	global $sa_defaults;
	if(file_exists($confile)) {
		require_once $confile;
		$sa_defaults = array(
		'<<|regemail|>>' => $regemail, '<<|SELF|>>' => $_SERVER['PHP_SELF'], '<<|location|>>' => $location, 
		'<<|root|>>' => $auditroot, '<<|ignoreddirs|>>' => farry($ignoreDirs), '<<|ignoredAbsdirs|>>' => farry($ignoreAbsDirs),'<<|fcext|>>' => farry($cfileExt),
		'<<|fmext|>>' => farry($mfileExt), '<<|ignoredfiles|>>' => farry($ignoreFiles), '<<|ignoredAbsfiles|>>' => farry($ignoreAbsFiles),
		'<<|datadirectory|>>' => $datadir,
		'<<|enablemail|>>' => $doEmail ? 'checked="yes"' : '', '<<|alwayssend|>>' => $allwaysMailAudit ? 'checked="yes"' : '',
		'<<|mailto|>>' => $toAddrs, '<<|buildpass|>>' => $bpassword, '<<|auditpass|>>' => $apassword, '<<|magic|>>' => $saphemagic);
		$config = true;
	} else {
		require_once "sa_config_template.phpt";
		$sa_defaults = array('<<|regemail|>>' => $regemail,
		'<<|SELF|>>' => $_SERVER['PHP_SELF'],
		'<<|location|>>' => "My-Website-".uniqid(),
	  '<<|root|>>' => $_SERVER['DOCUMENT_ROOT'],
	  '<<|ignoreddirs|>>' => "",
	  '<<|ignoredAbsdirs|>>' => "",
	  '<<|fcext|>>' => "php, phtml, phpt, htm, html, jsp, asp, css, xml, py, ini, js, inc, sh, bsh, htaccess, pl, htc, rb, module, info, txt, pot, install, make, script, pem, test",
	  '<<|fmext|>>' => "jpg, jpeg, gif, png, exe, svg, bin, iso, pdf, flv, swf, ico, pyc, com, xap ",
	  '<<|ignoredfiles|>>' => "",
	  '<<|ignoredAbsfiles|>>' => "",
	  '<<|datadirectory|>>' => joinPaths(dirname(dirname(__FILE__)),".saphedata"),
	  '<<|enablemail|>>' => 'checked="yes"',
	  '<<|alwayssend|>>' => 'checked="yes"',
	  '<<|mailto|>>' => $toAddrs,
	  '<<|buildpass|>>' => "",
	  '<<|auditpass|>>' => "",
	  '<<|magic|>>' => "");
	}
}


function fillpage() {
	global $sa_defaults,$tmplfile;
	try {
		$pagetmpl = file_get_contents($tmplfile);
	} catch (Exception $e) { echo 'Template access problem: ', $e -> getMessage(), "\n";
	}
	foreach($sa_defaults as $key => $value)
		$pagetmpl = str_replace($key, $value, $pagetmpl);
	return $pagetmpl;
}

function proclist($in) {
	$int = explode(',', $in);
	$out = '';
	foreach($int as $val) {
		$val = trim($val);
		if($val != '')
			$out .= ($out != '') ? ", '" . $val . "'" : "'" . $val . "'";
	}
	return $out;
}
function procflist($in) {
	$int = explode(',', $in);
	$out = '';
	foreach($int as $val) {
		$val = trim($val);
		if($val != '') {
			$val = realpath(($val));
			$out .= ($out != '') ? ", '" . $val . "'" : "'" . $val . "'";
		}
	}
	return $out;
}
function checkbox($in) {
	if(array_key_exists($in, $_POST))
		return 'true';
	return 'false';
}

function maillist($in) {
	$int = explode(',', $in);
	$out = '';
	foreach($int as $val) {
		$val = trim($val);
		if($val != '')
			$out .= ($out != '') ? ', ' . $val : $val;
	}
	return $out;
}

function dopass($in) {
	global $sa_defaults;
	if(($in == $sa_defaults['<<|buildpass|>>']) || ($in == $sa_defaults['<<|auditpass|>>'])) return $in;
	$out = sha1(sha1($in) . $sa_defaults['<<|magic|>>']);
	return $out;
}

function domagic($data){
  global $sa_defaults;
  if ($sa_defaults['<<|magic|>>'] == '') $sa_defaults['<<|magic|>>'] = sha1($data.time());
  return $sa_defaults['<<|magic|>>'];
}

function sanitise($in) {
	$out = trim($in);
	return $out;
}

function processform() {
	try {
		$pagetmpl = file_get_contents('sa_config_template.phpt');
	} catch (Exception $e) { echo 'Template access problem: ', $e -> getMessage(), "\n";
	}
	#$pagetmpl = str_replace('<<|regemail|>>', sanitise($_POST['regemail']), $pagetmpl);
	#cfileExt
	$pagetmpl = str_replace("'<<|fcext|>>'", proclist($_POST['fcext']), $pagetmpl);
	#mfileExt
	$pagetmpl = str_replace("'<<|fmext|>>'", proclist($_POST['fmext']), $pagetmpl);
	#ignoreDirs
	$pagetmpl = str_replace("'<<|ignoreddirs|>>'", proclist($_POST['ignoreddirs']), $pagetmpl);
	#ignoreAbsDirs
	$pagetmpl = str_replace("'<<|ignoredAbsdirs|>>'", procflist($_POST['ignoredAbsdirs']), $pagetmpl);
	#ignoreFiles
	$pagetmpl = str_replace("'<<|ignoredfiles|>>'", proclist($_POST['ignoredfiles']), $pagetmpl);
	#ignoreAbsFiles
	$pagetmpl = str_replace("'<<|ignoredAbsfiles|>>'", procflist($_POST['ignoredAbsfiles']), $pagetmpl);
	#datadir
	$dir = sanitise($_POST['datadirectory']);
	if ($dir == '') {
		$basedir = dirname(dirname(__FILE__));
		$dir = realpath(joinPaths($basedir,'.saphedata'));
		}
	if (substr($dir,-1,1) == DIRECTORY_SEPARATOR) $dir = substr($dir,0,-1);
	$pagetmpl = str_replace('<<|datadirectory|>>', $dir , $pagetmpl);
	#doEmail
	$pagetmpl = str_replace("'<<|enablemail|>>'", checkbox('enablemail'), $pagetmpl);
	#allwaysMailAudit
	$pagetmpl = str_replace("'<<|alwayssend|>>'", checkbox('alwayssend'), $pagetmpl);
	#toAddrs
	$pagetmpl = str_replace("<<|mailto|>>", maillist($_POST['mailto']), $pagetmpl);
	#auditroot
	$dir = realpath(sanitise($_POST['root']));
	if(realpath(sanitise($_POST['root'])) == '') $dir = $_SERVER['DOCUMENT_ROOT'];
	if (substr($dir,-1,1) == DIRECTORY_SEPARATOR) $dir = substr($dir,0,-1);
	$pagetmpl = str_replace("<<|root|>>", $dir, $pagetmpl);
	#location
	$pagetmpl = str_replace('<<|location|>>', trim($_POST['location']), $pagetmpl);
	#salt
	$pagetmpl = str_replace("<<|magic|>>", domagic($pagetmpl), $pagetmpl);
	#apassword
	$pagetmpl = str_replace('<<|auditpass|>>', dopass($_POST['auditpass']), $pagetmpl);
	#bpassword
	$pagetmpl = str_replace('<<|buildpass|>>', dopass($_POST['buildpass']), $pagetmpl);
	return $pagetmpl;
}

function checkFile($file) {
	#if read/write access
	if(!is_writable(dirname($file))) die( "setup: ".dirname($file)." dir write access fail");
	if(!is_readable(dirname($file))) die( "setup: ".dirname($file)." dir read access fail");
	if(file_exists($file)) {
		if(is_writable($file) && is_readable($file)) return true;
		else die( "setup: $file exists but no rw access");
	}
	return true;
}

function redirect($rpath){
  $file = $_SERVER["SCRIPT_NAME"];
  $break = Explode(DIRECTORY_SEPARATOR, $file);
  $pfile = $break[count($break) - 1]; 
  
  $path = $_SERVER['SCRIPT_NAME'];
  $path = substr($path,0,strlen($path)-strlen($pfile));
  header("Location: $path".$rpath);
}

if( !(isset($_SESSION['vsfuid']) ) && file_exists($confile)) {
	redirect("../ssim.php?login");
	}
else	{
	initarray();
	if(array_key_exists('location', $_POST) && checkFile($confile)) {
		unset($_SESSION['vsfuid']);
		$page = processform();
		$fd = fopen($confile, "w");
		$len = fwrite($fd, $page);
		fclose($fd);
		redirect("../ssim.php?updated");
	} else {
		$webpage = fillpage();
		echo $webpage;
	}
}
Return current item: SSIM-lite