06fbd764 |
<?php
/**
* Copyright (C) 2021 Double Bastion LLC
*
* This file is part of Roundpin, which is licensed under the
* GNU Affero General Public License Version 3.0. The license terms
* are detailed in the "LICENSE.txt" file located in the root directory.
*/
define('RESTRICTED', TRUE);
include 'install-signup-check.php';
if ($installcheck == true) {
if ($_SERVER['REQUEST_SCHEME'] == 'http') { exit("Roundpin cannot be installed on domains using the HTTP protocol. It can only be installed on domains using the HTTPS protocol."); }
if(isset($_POST['createconfigbttn'])) {
if (isset($_POST['databasename']) && $_POST['databasename'] != '' && isset($_POST['databaseuser']) && $_POST['databaseuser'] != '' &&
isset($_POST['dbuserpassword']) && $_POST['dbuserpassword'] != '') {
// Create the configuration file
$dbname = $_POST['databasename'];
$dbuser = $_POST['databaseuser'];
$dbuserpswd = $_POST['dbuserpassword'];
// Generate the secret
$keypassin = substr(sha1(mt_rand()), 0, 32);
$keysaltin = openssl_random_pseudo_bytes(24);
$keyLengthin = 80;
$iterationin = 100;
$generated_keyin = openssl_pbkdf2($keypassin, $keysaltin, $keyLengthin, $iterationin, 'sha256');
$keypwd = bin2hex($generated_keyin);
$texttofill = "<?php\r\nif(!defined('ACCESSCONST')){die();}\r\n\r\n\$databasename='".$dbname."';\r\n\$username='".$dbuser."';\r\n\$password='".$dbuserpswd."';\r\n\$secret='".$keypwd."';\r\n?>";
file_put_contents("roundpin-config.php", $texttofill);
session_start();
$_SESSION['validateaccess'] = "accessallowed";
header("Location: roundpin-initializedb.php");
}
}
?>
<html>
<head>
<title>Roundpin Setup</title>
<link rel="stylesheet" href="css/setup.min.css">
<script type="text/javascript" src="js/jquery-3.3.1.min.js"></script>
<script type="text/javascript" src="js/roundpin-setup.min.js"></script>
</head>
<body>
<div id="mainarea">
<img class="logosetuppage" src="images/login-logo.svg" />
<h3 style="text-align:center;">Roundpin Setup</h3><br>
<img class="setupStage" src="images/roundpin-setup-stages-1.svg" />
<form id="roundpincredform" action="" method="POST">
<label for="databasename" class="fieldlabels">Roundpin database name:</label><br>
<input type="text" id="databasename" class="textinput" name="databasename"/><br><br>
<label for="databaseuser" class="fieldlabels">Roundpin database user:</label><br>
<input type="text" id="databaseuser" class="textinput" name="databaseuser"/><br><br>
<label for="userpassword" class="fieldlabels">Roundpin database user password:</label><br>
<input type="password" id="dbuserpassword" class="textinput" name="dbuserpassword"/><br><br>
<input type="submit" id="createconfigbttn" name="createconfigbttn" value="Next" />
</form>
</div>
</body>
</html>
<?php
}
?>
|