index.php 19 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550
  1. <?php
  2. include 'auto.php';
  3. if(IS_SAE)
  4. header("Location: index_sae.php");
  5. if (file_exists('./install.lock')) {
  6. echo '
  7. <html>
  8. <head>
  9. <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
  10. </head>
  11. <body>
  12. 你已经安装过该系统,如果想重新安装,请先删除站点install目录下的 install.lock 文件,然后再安装。
  13. </body>
  14. </html>';
  15. exit;
  16. }
  17. @set_time_limit(1000);
  18. if (PHP_EDITION > phpversion()){
  19. header("Content-type:text/html;charset=utf-8");
  20. exit('您的php版本过低,不能安装本软件,请升级到'.PHP_EDITION.'或更高版本再安装,谢谢!');
  21. }
  22. if(phpversion() > '7.4'){
  23. header("Content-type:text/html;charset=utf-8");
  24. exit('您的php版本太高,不能安装本软件,兼容php版本7.1~7.3,谢谢!');
  25. }
  26. define("CRMEB_VERSION", '20180601');
  27. date_default_timezone_set('PRC');
  28. error_reporting(E_ALL & ~E_NOTICE);
  29. header('Content-Type: text/html; charset=UTF-8');
  30. define('SITE_DIR', _dir_path(substr(dirname(__FILE__), 0, -8)));//入口文件目录
  31. define('APP_DIR', _dir_path(substr(dirname(__FILE__), 0, -15)));//项目目录
  32. //define('SITEDIR2', substr(SITEDIR,0,-7));
  33. //echo SITEDIR;
  34. //exit;SITE_DIR
  35. //数据库
  36. $sqlFile = 'crmeb.sql';
  37. $configFile = '.env';
  38. if (!file_exists(SITE_DIR . 'install/' . $sqlFile) || !file_exists(SITE_DIR . 'install/' . $configFile)) {
  39. echo '缺少必要的安装文件!';
  40. exit;
  41. }
  42. $Title = "Kirin Base安装向导";
  43. $Powered = "Powered by CRMEB";
  44. $steps = array(
  45. '1' => '安装许可协议',
  46. '2' => '运行环境检测',
  47. '3' => '安装参数设置',
  48. '4' => '安装详细过程',
  49. '5' => '安装完成',
  50. );
  51. $step = isset($_GET['step']) ? $_GET['step'] : 1;
  52. //地址
  53. $scriptName = !empty($_SERVER["REQUEST_URI"]) ? $scriptName = $_SERVER["REQUEST_URI"] : $scriptName = $_SERVER["PHP_SELF"];
  54. $rootpath = @preg_replace("/\/(I|i)nstall\/index\.php(.*)$/", "", $scriptName);
  55. $domain = empty($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'];
  56. if ((int) $_SERVER['SERVER_PORT'] != 80) {
  57. $domain .= ":" . $_SERVER['SERVER_PORT'];
  58. }
  59. $domain = $domain . $rootpath;
  60. switch ($step) {
  61. case '1':
  62. include_once ("./templates/step1.php");
  63. exit();
  64. case '2':
  65. if (phpversion() <= PHP_EDITION) {
  66. die('本系统需要PHP版本 >= '.PHP_EDITION.'环境,当前PHP版本为:' . phpversion());
  67. }
  68. $phpv = @ phpversion();
  69. $os = PHP_OS;
  70. //$os = php_uname();
  71. $tmp = function_exists('gd_info') ? gd_info() : array();
  72. $server = $_SERVER["SERVER_SOFTWARE"];
  73. $host = (empty($_SERVER["SERVER_ADDR"]) ? $_SERVER["SERVER_HOST"] : $_SERVER["SERVER_ADDR"]);
  74. $name = $_SERVER["SERVER_NAME"];
  75. $max_execution_time = ini_get('max_execution_time');
  76. $allow_reference = (ini_get('allow_call_time_pass_reference') ? '<font color=green>[√]On</font>' : '<font color=red>[×]Off</font>');
  77. $allow_url_fopen = (ini_get('allow_url_fopen') ? '<font color=green>[√]On</font>' : '<font color=red>[×]Off</font>');
  78. $safe_mode = (ini_get('safe_mode') ? '<font color=red>[×]On</font>' : '<font color=green>[√]Off</font>');
  79. $err = 0;
  80. if (empty($tmp['GD Version'])) {
  81. $gd = '<font color=red>[×]Off</font>';
  82. $err++;
  83. } else {
  84. $gd = '<font color=green>[√]On</font> ' . $tmp['GD Version'];
  85. }
  86. if (function_exists('mysqli_connect')) {
  87. $mysql = '<span class="correct_span">&radic;</span> 已安装';
  88. } else {
  89. $mysql = '<span class="correct_span error_span">&radic;</span> 请安装mysqli扩展';
  90. $err++;
  91. }
  92. if (ini_get('file_uploads')) {
  93. $uploadSize = '<span class="correct_span">&radic;</span> ' . ini_get('upload_max_filesize');
  94. } else {
  95. $uploadSize = '<span class="correct_span error_span">&radic;</span>禁止上传';
  96. }
  97. if (function_exists('session_start')) {
  98. $session = '<span class="correct_span">&radic;</span> 支持';
  99. } else {
  100. $session = '<span class="correct_span error_span">&radic;</span> 不支持';
  101. $err++;
  102. }
  103. if(function_exists('curl_init')){
  104. $curl = '<font color=green>[√]支持</font> ';
  105. }else{
  106. $curl = '<font color=red>[×]不支持</font>';
  107. $err++;
  108. }
  109. if(function_exists('bcadd')){
  110. $bcmath = '<font color=green>[√]支持</font> ';
  111. }else{
  112. $bcmath = '<font color=red>[×]不支持</font>';
  113. $err++;
  114. }
  115. if(function_exists('openssl_encrypt')){
  116. $openssl = '<font color=green>[√]支持</font> ';
  117. }else{
  118. $openssl = '<font color=red>[×]不支持</font>';
  119. $err++;
  120. }
  121. if(function_exists('finfo_open')){
  122. $finfo_open = '<font color=green>[√]支持</font> ';
  123. }else{
  124. $finfo_open = '<font color=red>[×]不支持</font>';
  125. $err++;
  126. }
  127. $folder = array(
  128. 'public/install',
  129. 'public/uploads',
  130. 'runtime',
  131. '.env',
  132. );
  133. //必须开启函数
  134. if(function_exists('file_put_contents')){
  135. $file_put_contents = '<font color=green>[√]开启</font> ';
  136. }else{
  137. $file_put_contents = '<font color=red>[×]关闭</font>';
  138. $err++;
  139. }
  140. if(function_exists('imagettftext')){
  141. $imagettftext = '<font color=green>[√]开启</font> ';
  142. }else{
  143. $imagettftext = '<font color=red>[×]关闭</font>';
  144. $err++;
  145. }
  146. include_once ("./templates/step2.php");
  147. exit();
  148. case '3':
  149. $dbName = strtolower(trim($_POST['dbName']));
  150. $_POST['dbport'] = $_POST['dbport'] ? $_POST['dbport'] : '3306';
  151. if ($_GET['testdbpwd']) {
  152. $dbHost = $_POST['dbHost'];
  153. $conn = @mysqli_connect($dbHost, $_POST['dbUser'], $_POST['dbPwd'],NULL,$_POST['dbport']);
  154. if (mysqli_connect_errno($conn)){
  155. die(json_encode(0));
  156. } else {
  157. $result = mysqli_query($conn,"SELECT @@global.sql_mode");
  158. $result = $result->fetch_array();
  159. $version = mysqli_get_server_info($conn);
  160. if ($version >= 5.7)
  161. {
  162. if(strstr($result[0],'STRICT_TRANS_TABLES') || strstr($result[0],'STRICT_ALL_TABLES') || strstr($result[0],'TRADITIONAL') || strstr($result[0],'ANSI'))
  163. exit(json_encode(-1));
  164. }
  165. $result = mysqli_query($conn,"select count(table_name) as c from information_schema.`TABLES` where table_schema='$dbName'");
  166. $result = $result->fetch_array();
  167. if($result['c'] > 0)
  168. exit(json_encode(-2));
  169. exit(json_encode(1));
  170. }
  171. }
  172. include_once ("./templates/step3.php");
  173. exit();
  174. case '4':
  175. if (intval($_GET['install'])) {
  176. $n = intval($_GET['n']);
  177. if ($i == 999999)
  178. exit;
  179. $arr = array();
  180. $dbHost = trim($_POST['dbhost']);
  181. $_POST['dbport'] = $_POST['dbport'] ? $_POST['dbport'] : '3306';
  182. $dbName = strtolower(trim($_POST['dbname']));
  183. $dbUser = trim($_POST['dbuser']);
  184. $dbPwd = trim($_POST['dbpw']);
  185. $dbPrefix = empty($_POST['dbprefix']) ? 'eb_' : trim($_POST['dbprefix']);
  186. $username = trim($_POST['manager']);
  187. $password = trim($_POST['manager_pwd']);
  188. $email = trim($_POST['manager_email']);
  189. if (!function_exists('mysqli_connect')) {
  190. $arr['msg'] = "请安装 mysqli 扩展!";
  191. echo json_encode($arr);
  192. exit;
  193. }
  194. $conn = @mysqli_connect($dbHost, $dbUser, $dbPwd,NULL,$_POST['dbport']);
  195. if (mysqli_connect_errno($conn)){
  196. $arr['msg'] = "连接数据库失败!".mysqli_connect_error($conn);
  197. echo json_encode($arr);
  198. exit;
  199. }
  200. mysqli_set_charset($conn, "utf8"); //,character_set_client=binary,sql_mode='';
  201. $version = mysqli_get_server_info($conn);
  202. if ($version < 5.1) {
  203. $arr['msg'] = '数据库版本太低! 必须5.1以上';
  204. echo json_encode($arr);
  205. exit;
  206. }
  207. if (!mysqli_select_db($conn,$dbName)) {
  208. //创建数据时同时设置编码
  209. if (!mysqli_query($conn,"CREATE DATABASE IF NOT EXISTS `" . $dbName . "` DEFAULT CHARACTER SET utf8;")) {
  210. $arr['msg'] = '数据库 ' . $dbName . ' 不存在,也没权限创建新的数据库!';
  211. echo json_encode($arr);
  212. exit;
  213. }
  214. if ($n==-1) {
  215. $arr['n'] = 0;
  216. $arr['msg'] = "成功创建数据库:{$dbName}<br>";
  217. echo json_encode($arr);
  218. exit;
  219. }
  220. mysqli_select_db($conn , $dbName);
  221. }
  222. //读取数据文件
  223. $sqldata = file_get_contents(SITE_DIR . 'install/' . $sqlFile);
  224. $sqlFormat = sql_split($sqldata, $dbPrefix);
  225. //创建写入sql数据库文件到库中 结束
  226. /**
  227. * 执行SQL语句
  228. */
  229. $counts = count($sqlFormat);
  230. for ($i = $n; $i < $counts; $i++) {
  231. $sql = trim($sqlFormat[$i]);
  232. if (strstr($sql, 'CREATE TABLE')) {
  233. preg_match('/CREATE TABLE (IF NOT EXISTS)? `eb_([^ ]*)`/is', $sql, $matches);
  234. mysqli_query($conn,"DROP TABLE IF EXISTS `$matches[2]");
  235. $sql = str_replace('`eb_','`'.$dbPrefix,$sql);//替换表前缀
  236. $ret = mysqli_query($conn,$sql);
  237. if ($ret) {
  238. $message = '<li><span class="correct_span">&radic;</span>创建数据表['.$dbPrefix.$matches[2] . ']完成!<span style="float: right;">'.date('Y-m-d H:i:s').'</span></li> ';
  239. } else {
  240. $err = mysqli_error($conn);
  241. $message = '<li><span class="correct_span error_span">&radic;</span>创建数据表['.$dbPrefix.$matches[2] . ']失败!失败原因:'.$err.'<span style="float: right;">'.date('Y-m-d H:i:s').'</span></li>';
  242. }
  243. $i++;
  244. $arr = array('n' => $i, 'msg' => $message);
  245. echo json_encode($arr);
  246. exit;
  247. } else {
  248. if(trim($sql) == '')
  249. continue;
  250. $sql = str_replace('`eb_','`'.$dbPrefix,$sql);//替换表前缀
  251. $ret = mysqli_query($conn,$sql);
  252. $message = '';
  253. $arr = array('n' => $i, 'msg' => $message);
  254. // echo json_encode($arr); exit;
  255. }
  256. }
  257. // 清空测试数据
  258. if(!$_POST['demo'])
  259. {
  260. $result = mysqli_query($conn,"show tables");
  261. $tables=mysqli_fetch_all($result);//参数MYSQL_ASSOC、MYSQLI_NUM、MYSQLI_BOTH规定产生数组类型
  262. $bl_table = array('eb_system_admin'
  263. ,'eb_system_role'
  264. ,'eb_system_config'
  265. ,'eb_system_config_tab'
  266. ,'eb_system_menus'
  267. ,'eb_system_file'
  268. ,'eb_express'
  269. ,'eb_system_group'
  270. ,'eb_system_group_data'
  271. ,'eb_template_message'
  272. ,'eb_shipping_templates'
  273. ,"eb_shipping_templates_region"
  274. ,"eb_shipping_templates_free"
  275. ,'eb_system_city');
  276. foreach($bl_table as $k => $v)
  277. {
  278. $bl_table[$k] = str_replace('eb_',$dbPrefix,$v);
  279. }
  280. foreach($tables as $key => $val)
  281. {
  282. if(!in_array($val[0], $bl_table))
  283. {
  284. mysqli_query($conn,"truncate table ".$val[0]);
  285. }
  286. }
  287. delFile(APP_DIR.'/uploads'); // 清空测试图片
  288. }
  289. //读取配置文件,并替换真实配置数据1
  290. $strConfig = file_get_contents(SITE_DIR . 'install/' . $configFile);
  291. $strConfig = str_replace('#DB_HOST#', $dbHost, $strConfig);
  292. $strConfig = str_replace('#DB_NAME#', $dbName, $strConfig);
  293. $strConfig = str_replace('#DB_USER#', $dbUser, $strConfig);
  294. $strConfig = str_replace('#DB_PWD#', $dbPwd, $strConfig);
  295. $strConfig = str_replace('#DB_PORT#', $_POST['dbport'], $strConfig);
  296. $strConfig = str_replace('#DB_PREFIX#', $dbPrefix, $strConfig);
  297. $strConfig = str_replace('#DB_CHARSET#', 'utf8', $strConfig);
  298. // $strConfig = str_replace('#DB_DEBUG#', false, $strConfig);
  299. @chmod(APP_DIR . '/.env',0777); //数据库配置文件的地址
  300. @file_put_contents(APP_DIR . '/.env', $strConfig); //数据库配置文件的地址
  301. //读取配置文件,并替换换配置
  302. // $strConfig = file_get_contents(SITE_DIR . '/application/config.php');
  303. // $strConfig = str_replace('CRMEB_cache_prefix', $uniqid_str, $strConfig);
  304. // @chmod(SITE_DIR . '/application/config.php',0777); //配置文件的地址
  305. // @file_put_contents(SITE_DIR . '/application/config.php', $strConfig); //配置文件的地址
  306. //更新网站配置信息2
  307. //插入管理员表字段tp_admin表
  308. $time = time();
  309. $ip = get_client_ip();
  310. $ip = empty($ip) ? "0.0.0.0" : $ip;
  311. $password = md5(trim($_POST['manager_pwd']));
  312. mysqli_query($conn,"truncate table {$dbPrefix}system_admin");
  313. $addadminsql = "INSERT INTO `{$dbPrefix}system_admin` (`id`, `account`, `pwd`, `real_name`, `roles`, `last_ip`, `last_time`, `add_time`, `login_count`, `level`, `status`, `is_del`) VALUES
  314. (1, '".$username."', '".$password."', 'admin', '1', '".$ip."',$time , $time, 0, 0, 1, 0)";
  315. $res = mysqli_query($conn,$addadminsql);
  316. $res2 = true;
  317. if(isset($_SERVER['SERVER_NAME'])) {
  318. $site_url = '\'"http://' . $_SERVER['SERVER_NAME'].'"\'';
  319. $res2 = mysqli_query($conn, 'UPDATE `'.$dbPrefix.'system_config` SET `value`=' . $site_url . ' WHERE `menu_name`="site_url"');
  320. }
  321. if($res){
  322. $message = '成功添加管理员<br />成功写入配置文件<br>安装完成.';
  323. $arr = array('n' => 999999, 'msg' => $message);
  324. echo json_encode($arr);exit;
  325. }else{
  326. $message = '添加管理员失败<br />成功写入配置文件<br>安装完成.';
  327. $arr = array('n' => 999999, 'msg' => $message);
  328. echo json_encode($arr);exit;
  329. }
  330. }
  331. include_once ("./templates/step4.php");
  332. exit();
  333. case '5':
  334. $ip = get_client_ip();
  335. $host = $_SERVER['HTTP_HOST'];
  336. $curent_version = getversion();
  337. installlog();
  338. include_once ("./templates/step5.php");
  339. @touch('./install.lock');
  340. exit();
  341. }
  342. //读取版本号
  343. function getversion(){
  344. $version_arr = [];
  345. $curent_version = @file(APP_DIR .'.version');
  346. foreach ($curent_version as $val){
  347. list($k,$v)=explode('=',$val);
  348. $version_arr[$k]=$v;
  349. }
  350. return $version_arr;
  351. }
  352. //写入安装信息
  353. function installlog(){
  354. $mt_rand_str = sp_random_string(6);
  355. $str_constant = "<?php".PHP_EOL."define('INSTALL_DATE',".time().");".PHP_EOL."define('SERIALNUMBER','".$mt_rand_str."');";
  356. @file_put_contents(APP_DIR . '.constant', $str_constant);
  357. }
  358. //判断权限
  359. function testwrite($d) {
  360. if(is_file($d)){
  361. if(is_writeable($d)){
  362. return true;
  363. }
  364. return false;
  365. }else{
  366. $tfile = "_test.txt";
  367. $fp = @fopen($d . "/" . $tfile, "w");
  368. if (!$fp) {
  369. return false;
  370. }
  371. fclose($fp);
  372. $rs = @unlink($d . "/" . $tfile);
  373. if ($rs) {
  374. return true;
  375. }
  376. return false;
  377. }
  378. }
  379. function sql_split($sql, $tablepre) {
  380. if ($tablepre != "tp_")
  381. $sql = str_replace("tp_", $tablepre, $sql);
  382. $sql = preg_replace("/TYPE=(InnoDB|MyISAM|MEMORY)( DEFAULT CHARSET=[^; ]+)?/", "ENGINE=\\1 DEFAULT CHARSET=utf8", $sql);
  383. $sql = str_replace("\r", "\n", $sql);
  384. $ret = array();
  385. $num = 0;
  386. $queriesarray = explode(";\n", trim($sql));
  387. unset($sql);
  388. foreach ($queriesarray as $query) {
  389. $ret[$num] = '';
  390. $queries = explode("\n", trim($query));
  391. $queries = array_filter($queries);
  392. foreach ($queries as $query) {
  393. $str1 = substr($query, 0, 1);
  394. if ($str1 != '#' && $str1 != '-')
  395. $ret[$num] .= $query;
  396. }
  397. $num++;
  398. }
  399. return $ret;
  400. }
  401. function _dir_path($path) {
  402. $path = str_replace('\\', '/', $path);
  403. if (substr($path, -1) != '/')
  404. $path = $path . '/';
  405. return $path;
  406. }
  407. // 获取客户端IP地址
  408. function get_client_ip() {
  409. static $ip = NULL;
  410. if ($ip !== NULL)
  411. return $ip;
  412. if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
  413. $arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
  414. $pos = array_search('unknown', $arr);
  415. if (false !== $pos)
  416. unset($arr[$pos]);
  417. $ip = trim($arr[0]);
  418. }elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
  419. $ip = $_SERVER['HTTP_CLIENT_IP'];
  420. } elseif (isset($_SERVER['REMOTE_ADDR'])) {
  421. $ip = $_SERVER['REMOTE_ADDR'];
  422. }
  423. // IP地址合法验证
  424. $ip = (false !== ip2long($ip)) ? $ip : '0.0.0.0';
  425. return $ip;
  426. }
  427. function dir_create($path, $mode = 0777) {
  428. if (is_dir($path))
  429. return TRUE;
  430. $ftp_enable = 0;
  431. $path = dir_path($path);
  432. $temp = explode('/', $path);
  433. $cur_dir = '';
  434. $max = count($temp) - 1;
  435. for ($i = 0; $i < $max; $i++) {
  436. $cur_dir .= $temp[$i] . '/';
  437. if (@is_dir($cur_dir))
  438. continue;
  439. @mkdir($cur_dir, 0777, true);
  440. @chmod($cur_dir, 0777);
  441. }
  442. return is_dir($path);
  443. }
  444. function dir_path($path) {
  445. $path = str_replace('\\', '/', $path);
  446. if (substr($path, -1) != '/')
  447. $path = $path . '/';
  448. return $path;
  449. }
  450. function sp_password($pw, $pre){
  451. $decor = md5($pre);
  452. $mi = md5($pw);
  453. return substr($decor,0,12).$mi.substr($decor,-4,4);
  454. }
  455. function sp_random_string($len = 8) {
  456. $chars = array(
  457. "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k",
  458. "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v",
  459. "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G",
  460. "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R",
  461. "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2",
  462. "3", "4", "5", "6", "7", "8", "9"
  463. );
  464. $charsLen = count($chars) - 1;
  465. shuffle($chars); // 将数组打乱
  466. $output = "";
  467. for ($i = 0; $i < $len; $i++) {
  468. $output .= $chars[mt_rand(0, $charsLen)];
  469. }
  470. return $output;
  471. }
  472. // 递归删除文件夹
  473. function delFile($dir,$file_type='') {
  474. if(is_dir($dir)){
  475. $files = scandir($dir);
  476. //打开目录 //列出目录中的所有文件并去掉 . 和 ..
  477. foreach($files as $filename){
  478. if($filename!='.' && $filename!='..'){
  479. if(!is_dir($dir.'/'.$filename)){
  480. if(empty($file_type)){
  481. unlink($dir.'/'.$filename);
  482. }else{
  483. if(is_array($file_type)){
  484. //正则匹配指定文件
  485. if(preg_match($file_type[0],$filename)){
  486. unlink($dir.'/'.$filename);
  487. }
  488. }else{
  489. //指定包含某些字符串的文件
  490. if(false!=stristr($filename,$file_type)){
  491. unlink($dir.'/'.$filename);
  492. }
  493. }
  494. }
  495. }else{
  496. delFile($dir.'/'.$filename);
  497. rmdir($dir.'/'.$filename);
  498. }
  499. }
  500. }
  501. }else{
  502. if(file_exists($dir)) unlink($dir);
  503. }
  504. }
  505. ?>