<?php /** * Copyright (C) 2021 Double Bastion LLC * * This file is part of Roundpin, which is licensed under the * GNU Affero General Public License Version 3.0. The license terms * are detailed in the "LICENSE.txt" file located in the root directory. */ define('RESTRICTED', TRUE); include 'install-signup-check.php'; if ($installcheck == true) { if ($_SERVER['REQUEST_SCHEME'] == 'http') { exit("Roundpin cannot be installed over HTTP. It needs a domain that uses HTTPS."); } if(isset($_POST['createconfigbttn'])) { if (isset($_POST['databasename']) && $_POST['databasename'] != '' && isset($_POST['databaseuser']) && $_POST['databaseuser'] != '' && isset($_POST['dbuserpassword']) && $_POST['dbuserpassword'] != '') { // Create the configuration file $dbname = $_POST['databasename']; $dbuser = $_POST['databaseuser']; $dbuserpswd = $_POST['dbuserpassword']; // Generate the secret $keypassin = substr(sha1(mt_rand()), 0, 32); $keysaltin = openssl_random_pseudo_bytes(24); $keyLengthin = 80; $iterationin = 100; $generated_keyin = openssl_pbkdf2($keypassin, $keysaltin, $keyLengthin, $iterationin, 'sha256'); $keypwd = bin2hex($generated_keyin); $texttofill = "<?php\r\nif(!defined('ACCESSCONST')){die();}\r\n\r\n\$databasename='".$dbname."';\r\n\$username='".$dbuser."';\r\n\$password='".$dbuserpswd."';\r\n\$secret='".$keypwd."';\r\n?>"; file_put_contents("roundpin-config.php", $texttofill); session_start(); $_SESSION['validateaccess'] = "accessallowed"; header("Location: roundpin-initializedb.php"); } } ?> <html> <head> <title>Roundpin Setup</title> <link rel="stylesheet" href="css/setup.min.css"> <script type="text/javascript" src="js/jquery-3.3.1.min.js"></script> <script type="text/javascript" src="js/roundpin-setup.min.js"></script> </head> <body> <div id="mainarea"> <img class="logosetuppage" src="images/login-logo.svg" /> <h3 style="text-align:center;">Roundpin Setup</h3><br> <img class="setupStage" src="images/roundpin-setup-stages-1.svg" /> <form id="roundpincredform" action="" method="POST"> <label for="databasename" class="fieldlabels">Roundpin database name:</label><br> <input type="text" id="databasename" class="textinput" name="databasename"/><br><br> <label for="databaseuser" class="fieldlabels">Roundpin database user:</label><br> <input type="text" id="databaseuser" class="textinput" name="databaseuser"/><br><br> <label for="userpassword" class="fieldlabels">Roundpin database user password:</label><br> <input type="password" id="dbuserpassword" class="textinput" name="dbuserpassword"/><br><br> <input type="submit" id="createconfigbttn" name="createconfigbttn" value="Next" /> </form> </div> </body> </html> <?php } ?>