index.php 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545
  1. <?php
  2. // +----------------------------------------------------------------------
  3. // | CRMEB [ CRMEB赋能开发者,助力企业发展 ]
  4. // +----------------------------------------------------------------------
  5. // | Copyright (c) 2016~2020 https://www.crmeb.com All rights reserved.
  6. // +----------------------------------------------------------------------
  7. // | Licensed CRMEB并不是自由软件,未经许可不能去掉CRMEB相关版权
  8. // +----------------------------------------------------------------------
  9. // | Author: CRMEB Team <admin@crmeb.com>
  10. // +----------------------------------------------------------------------
  11. include 'auto.php';
  12. if (IS_SAE)
  13. header("Location: index_sae.php");
  14. if (file_exists('./install.lock')) {
  15. echo '
  16. <html>
  17. <head>
  18. <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
  19. </head>
  20. <body>
  21. 你已经安装过该系统,如果想重新安装,请先删除站点install目录下的 install.lock 文件,然后再安装。
  22. </body>
  23. </html>';
  24. exit;
  25. }
  26. @set_time_limit(1000);
  27. if ('5.5.9' > phpversion()) {
  28. header("Content-type:text/html;charset=utf-8");
  29. exit('您的php版本过低,不能安装本软件,请升级到5.5.9或更高版本再安装,谢谢!');
  30. }
  31. define("CRMEB_VERSION", '20180601');
  32. date_default_timezone_set('PRC');
  33. error_reporting(E_ALL & ~E_NOTICE);
  34. header('Content-Type: text/html; charset=UTF-8');
  35. define('SITEDIR', _dir_path(substr(dirname(__FILE__), 0, -8)));//入口文件目录
  36. define('CRMEBDIR', _dir_path(substr(dirname(__FILE__), 0, -15)));//项目目录
  37. //数据库
  38. $sqlFile = 'zhishifufei.sql';
  39. $configFile = 'config.php';
  40. if (!file_exists(SITEDIR . 'install/' . $sqlFile) || !file_exists(SITEDIR . 'install/' . $configFile)) {
  41. echo '缺少必要的安装文件!';
  42. exit;
  43. }
  44. $Title = "CrmEb知识付费安装向导";
  45. $Powered = "Powered by CrmEb";
  46. $steps = array(
  47. '1' => '安装许可协议',
  48. '2' => '运行环境检测',
  49. '3' => '安装参数设置',
  50. '4' => '安装详细过程',
  51. '5' => '安装完成',
  52. );
  53. $step = isset($_GET['step']) ? $_GET['step'] : 1;
  54. //地址
  55. $scriptName = !empty($_SERVER["REQUEST_URI"]) ? $scriptName = $_SERVER["REQUEST_URI"] : $scriptName = $_SERVER["PHP_SELF"];
  56. $rootpath = @preg_replace("/\/(I|i)nstall\/index\.php(.*)$/", "", $scriptName);
  57. $domain = empty($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'];
  58. if ((int)$_SERVER['SERVER_PORT'] != 80) {
  59. $domain .= ":" . $_SERVER['SERVER_PORT'];
  60. }
  61. $domain = $domain . $rootpath;
  62. switch ($step) {
  63. case '1':
  64. include_once("./templates/step1.php");
  65. exit();
  66. case '2':
  67. if (phpversion() < 5.6) {
  68. die('本系统需要PHP5+MYSQL >=5.5.9环境,当前PHP版本为:' . phpversion());
  69. }
  70. $phpv = @ phpversion();
  71. $os = PHP_OS;
  72. //$os = php_uname();
  73. $tmp = function_exists('gd_info') ? gd_info() : array();
  74. $server = $_SERVER["SERVER_SOFTWARE"];
  75. $host = (empty($_SERVER["SERVER_ADDR"]) ? $_SERVER["SERVER_HOST"] : $_SERVER["SERVER_ADDR"]);
  76. $name = $_SERVER["SERVER_NAME"];
  77. $max_execution_time = ini_get('max_execution_time');
  78. $allow_reference = (ini_get('allow_call_time_pass_reference') ? '<font color=green>[√]On</font>' : '<font color=red>[×]Off</font>');
  79. $allow_url_fopen = (ini_get('allow_url_fopen') ? '<font color=green>[√]On</font>' : '<font color=red>[×]Off</font>');
  80. $safe_mode = (ini_get('safe_mode') ? '<font color=red>[×]On</font>' : '<font color=green>[√]Off</font>');
  81. $err = 0;
  82. if (empty($tmp['GD Version'])) {
  83. $gd = '<font color=red>[×]Off</font>';
  84. $err++;
  85. } else {
  86. $gd = '<font color=green>[√]On</font> ' . $tmp['GD Version'];
  87. }
  88. if (function_exists('mysqli_connect')) {
  89. $mysql = '<span class="correct_span">&radic;</span> 已安装';
  90. } else {
  91. $mysql = '<span class="correct_span error_span">&radic;</span> 请安装mysqli扩展';
  92. $err++;
  93. }
  94. if (extension_loaded('swoole_loader')) {
  95. $swoole = '<span class="correct_span">&radic;</span> 已安装';
  96. } else {
  97. $swoole = '<a href="http://help.crmeb.net/crmeb_zsff/1944228" target="_blank"><span class="correct_span error_span">&radic;</span> 点击查看帮助</a >';
  98. $err++;
  99. }
  100. if (ini_get('file_uploads')) {
  101. $uploadSize = '<span class="correct_span">&radic;</span> ' . ini_get('upload_max_filesize');
  102. } else {
  103. $uploadSize = '<span class="correct_span error_span">&radic;</span>禁止上传';
  104. }
  105. if (function_exists('session_start')) {
  106. $session = '<span class="correct_span">&radic;</span> 支持';
  107. } else {
  108. $session = '<span class="correct_span error_span">&radic;</span> 不支持';
  109. $err++;
  110. }
  111. if (function_exists('curl_init')) {
  112. $curl = '<font color=green>[√]支持</font> ';
  113. } else {
  114. $curl = '<font color=red>[×]不支持</font>';
  115. $err++;
  116. }
  117. if (function_exists('file_put_contents')) {
  118. $file_put_contents = '<font color=green>[√]支持</font> ';
  119. } else {
  120. $file_put_contents = '<font color=red>[×]不支持</font>';
  121. $err++;
  122. }
  123. if (function_exists('bcadd')) {
  124. $BC = '<font color=green>[√]支持</font> ';
  125. } else {
  126. $BC = '<font color=red>[×]不支持</font>';
  127. $err++;
  128. }
  129. if (function_exists('openssl_encrypt')) {
  130. $openssl = '<font color=green>[√]支持</font> ';
  131. } else {
  132. $openssl = '<font color=red>[×]不支持</font>';
  133. $err++;
  134. }
  135. $folder = array(
  136. 'public/install',
  137. 'public/uploads',
  138. 'runtime',
  139. 'runtime/cache',
  140. 'runtime/temp',
  141. 'runtime/log',
  142. 'runtime/schema',
  143. 'application/database.php',
  144. 'application/config.php',
  145. );
  146. include_once("./templates/step2.php");
  147. exit();
  148. case '3':
  149. $dbName = strtolower(trim($_POST['dbName']));
  150. $_POST['dbport'] = $_POST['dbport'] ? $_POST['dbport'] : '3306';
  151. if ($_GET['testdbpwd']) {
  152. $dbHost = $_POST['dbHost'];
  153. $conn = @mysqli_connect($dbHost, $_POST['dbUser'], $_POST['dbPwd'], NULL, $_POST['dbport']);
  154. if (mysqli_connect_errno($conn)) {
  155. die(json_encode(0));
  156. } else {
  157. $result = mysqli_query($conn, "SELECT @@global.sql_mode");
  158. $result = $result->fetch_array();
  159. $version = mysqli_get_server_info($conn);
  160. if ($version >= 5.7) {
  161. if (strstr($result[0], 'STRICT_TRANS_TABLES') || strstr($result[0], 'STRICT_ALL_TABLES') || strstr($result[0], 'TRADITIONAL') || strstr($result[0], 'ANSI'))
  162. exit(json_encode(-1));
  163. }
  164. $result = mysqli_query($conn, "select count(table_name) as c from information_schema.`TABLES` where table_schema='$dbName'");
  165. $result = $result->fetch_array();
  166. if ($result['c'] > 0)
  167. exit(json_encode(-2));
  168. exit(json_encode(1));
  169. }
  170. }
  171. include_once("./templates/step3.php");
  172. exit();
  173. case '4':
  174. if (intval($_GET['install'])) {
  175. $n = intval($_GET['n']);
  176. if ($i == 999999)
  177. exit;
  178. $arr = array();
  179. $dbHost = trim($_POST['dbhost']);
  180. $_POST['dbport'] = $_POST['dbport'] ? $_POST['dbport'] : '3306';
  181. $dbName = strtolower(trim($_POST['dbname']));
  182. $dbUser = trim($_POST['dbuser']);
  183. $dbPwd = trim($_POST['dbpw']);
  184. $dbPrefix = empty($_POST['dbprefix']) ? 'eb_' : trim($_POST['dbprefix']);
  185. $username = trim($_POST['manager']);
  186. $password = trim($_POST['manager_pwd']);
  187. $email = trim($_POST['manager_email']);
  188. if (!function_exists('mysqli_connect')) {
  189. $arr['msg'] = "请安装 mysqli 扩展!";
  190. echo json_encode($arr);
  191. exit;
  192. }
  193. $conn = @mysqli_connect($dbHost, $dbUser, $dbPwd, NULL, $_POST['dbport']);
  194. if (mysqli_connect_errno($conn)) {
  195. $arr['msg'] = "连接数据库失败!" . mysqli_connect_error($conn);
  196. echo json_encode($arr);
  197. exit;
  198. }
  199. mysqli_set_charset($conn, "utf8");
  200. $version = mysqli_get_server_info($conn);
  201. if ($version < 5.1) {
  202. $arr['msg'] = '数据库版本太低! 必须5.1以上';
  203. echo json_encode($arr);
  204. exit;
  205. }
  206. if (!mysqli_select_db($conn, $dbName)) {
  207. //创建数据时同时设置编码
  208. if (!mysqli_query($conn, "CREATE DATABASE IF NOT EXISTS `" . $dbName . "` DEFAULT CHARACTER SET utf8;")) {
  209. $arr['msg'] = '数据库 ' . $dbName . ' 不存在,也没权限创建新的数据库!';
  210. echo json_encode($arr);
  211. exit;
  212. }
  213. if ($n == -1) {
  214. $arr['n'] = 0;
  215. $arr['msg'] = "成功创建数据库:{$dbName}<br>";
  216. echo json_encode($arr);
  217. exit;
  218. }
  219. mysqli_select_db($conn, $dbName);
  220. }
  221. //读取数据文件
  222. $sqldata = file_get_contents(SITEDIR . 'install/' . $sqlFile);
  223. $sqlFormat = sql_split($sqldata, $dbPrefix);
  224. //创建写入sql数据库文件到库中 结束
  225. /**
  226. * 执行SQL语句
  227. */
  228. $counts = count($sqlFormat);
  229. for ($i = $n; $i < $counts; $i++) {
  230. $sql = trim($sqlFormat[$i]);
  231. if (strstr($sql, 'CREATE TABLE')) {
  232. preg_match('/CREATE TABLE `eb_([^ ]*)`/is', $sql, $matches);
  233. mysqli_query($conn, "DROP TABLE IF EXISTS `$matches[1]");
  234. $sql = str_replace('`eb_', '`' . $dbPrefix, $sql);//替换表前缀
  235. $ret = mysqli_query($conn, $sql);
  236. if ($ret) {
  237. $message = '<li><span class="correct_span">&radic;</span>创建数据表[' . $dbPrefix . $matches[1] . ']完成!<span style="float: right;">' . date('Y-m-d H:i:s') . '</span></li> ';
  238. } else {
  239. $message = '<li><span class="correct_span error_span">&radic;</span>创建数据表[' . $dbPrefix . $matches[1] . ']失败!<span style="float: right;">' . date('Y-m-d H:i:s') . '</span></li>';
  240. }
  241. $i++;
  242. $arr = array('n' => $i, 'msg' => $message);
  243. echo json_encode($arr);
  244. exit;
  245. } else {
  246. if (trim($sql) == '')
  247. continue;
  248. $sql = str_replace('`eb_', '`' . $dbPrefix, $sql);//替换表前缀
  249. $ret = mysqli_query($conn, $sql);
  250. $message = '';
  251. $arr = array('n' => $i, 'msg' => $message);
  252. }
  253. }
  254. // 清空测试数据
  255. if (!$_POST['demo']) {
  256. $result = mysqli_query($conn, "show tables");
  257. $tables = mysqli_fetch_all($result);//参数MYSQL_ASSOC、MYSQLI_NUM、MYSQLI_BOTH规定产生数组类型
  258. $bl_table = array('eb_system_admin'
  259. , 'eb_system_role'
  260. , 'eb_system_config'
  261. , 'eb_system_config_tab'
  262. , 'eb_system_config_content'
  263. , 'eb_system_menus'
  264. , 'eb_system_file'
  265. , 'eb_express'
  266. , 'eb_system_group'
  267. , 'eb_system_group_data'
  268. , 'eb_member_ship'
  269. , 'eb_live_gift'
  270. , 'eb_recommend'
  271. , 'eb_wechat_template'
  272. , 'eb_routine_template');
  273. foreach ($bl_table as $k => $v) {
  274. $bl_table[$k] = str_replace('eb_', $dbPrefix, $v);
  275. }
  276. foreach ($tables as $key => $val) {
  277. if (!in_array($val[0], $bl_table)) {
  278. mysqli_query($conn, "truncate table " . $val[0]);
  279. }
  280. }
  281. delFile(CRMEBDIR . '/public/uploads'); // 清空测试图片
  282. }
  283. //读取配置文件,并替换真实配置数据1
  284. $strConfig = file_get_contents(SITEDIR . 'install/' . $configFile);
  285. $strConfig = str_replace('#DB_HOST#', $dbHost, $strConfig);
  286. $strConfig = str_replace('#DB_NAME#', $dbName, $strConfig);
  287. $strConfig = str_replace('#DB_USER#', $dbUser, $strConfig);
  288. $strConfig = str_replace('#DB_PWD#', $dbPwd, $strConfig);
  289. $strConfig = str_replace('#DB_PORT#', $_POST['dbport'], $strConfig);
  290. $strConfig = str_replace('#DB_PREFIX#', $dbPrefix, $strConfig);
  291. $strConfig = str_replace('#DB_CHARSET#', 'utf8', $strConfig);
  292. @chmod(CRMEBDIR . '/application/database.php', 0777); //数据库配置文件的地址
  293. @file_put_contents(CRMEBDIR . '/application/database.php', $strConfig); //数据库配置文件的地址
  294. //更新网站配置信息2
  295. //插入管理员表字段tp_admin表
  296. $time = time();
  297. $ip = get_client_ip();
  298. $ip = empty($ip) ? "0.0.0.0" : $ip;
  299. $password = md5(trim($_POST['manager_pwd']));
  300. mysqli_query($conn, "truncate table {$dbPrefix}system_admin");
  301. $addadminsql = "INSERT INTO `{$dbPrefix}system_admin` (`id`, `account`, `pwd`, `real_name`, `roles`, `last_ip`, `last_time`, `add_time`, `login_count`, `level`, `status`, `is_del`) VALUES
  302. (1, '" . $username . "', '" . $password . "', 'admin', '1', '" . $ip . "',$time , $time, 0, 0, 1, 0)";
  303. $res = mysqli_query($conn, $addadminsql);
  304. if(isset($_SERVER['SERVER_NAME'])) {
  305. $site_url = '\'"http://' . $_SERVER['SERVER_NAME'].'"\'';
  306. $res2 = mysqli_query($conn, 'UPDATE `'.$dbPrefix.'system_config` SET `value`=' . $site_url . ' WHERE `menu_name`="site_url"');
  307. }
  308. if ($res) {
  309. $message = '成功添加管理员<br />成功写入配置文件<br>安装完成.';
  310. $arr = array('n' => 999999, 'msg' => $message);
  311. echo json_encode($arr);
  312. exit;
  313. } else {
  314. $message = '添加管理员失败<br />成功写入配置文件<br>安装完成.';
  315. $arr = array('n' => 999999, 'msg' => $message);
  316. echo json_encode($arr);
  317. exit;
  318. }
  319. }
  320. include_once("./templates/step4.php");
  321. exit();
  322. case '5':
  323. $ip = get_client_ip();
  324. $host = $_SERVER['HTTP_HOST'];
  325. $curent_version = getversion();
  326. $time = time();
  327. $mt_rand_str = $create_date . sp_random_string(6);
  328. $str_constant = "<?php" . PHP_EOL . "define('INSTALL_DATE'," . $time . ");" . PHP_EOL . "define('SERIALNUMBER','" . $mt_rand_str . "');";
  329. @file_put_contents(SITEDIR . '/application/constant.php', $str_constant);
  330. include_once("./templates/step5.php");
  331. @touch('./install.lock');
  332. exit();
  333. }
  334. //读取版本号
  335. function getversion(){
  336. $version_arr = [];
  337. $curent_version = @file(dirname(dirname(__DIR__)).'/.version');
  338. foreach ($curent_version as $val){
  339. list($k,$v)=explode('=',$val);
  340. $version_arr[$k]=$v;
  341. }
  342. return $version_arr;
  343. }
  344. function testwrite($d)
  345. {
  346. if (is_file($d)) {
  347. if (is_writeable($d)) {
  348. return true;
  349. }
  350. return false;
  351. } else {
  352. $tfile = "_test.txt";
  353. $fp = @fopen($d . "/" . $tfile, "w");
  354. if (!$fp) {
  355. return false;
  356. }
  357. fclose($fp);
  358. $rs = @unlink($d . "/" . $tfile);
  359. if ($rs) {
  360. return true;
  361. }
  362. return false;
  363. }
  364. }
  365. function sql_split($sql, $tablepre)
  366. {
  367. if ($tablepre != "tp_")
  368. $sql = str_replace("tp_", $tablepre, $sql);
  369. $sql = preg_replace("/TYPE=(InnoDB|MyISAM|MEMORY)( DEFAULT CHARSET=[^; ]+)?/", "ENGINE=\\1 DEFAULT CHARSET=utf8", $sql);
  370. $sql = str_replace("\r", "\n", $sql);
  371. $ret = array();
  372. $num = 0;
  373. $queriesarray = explode(";\n", trim($sql));
  374. unset($sql);
  375. foreach ($queriesarray as $query) {
  376. $ret[$num] = '';
  377. $queries = explode("\n", trim($query));
  378. $queries = array_filter($queries);
  379. foreach ($queries as $query) {
  380. $str1 = substr($query, 0, 1);
  381. if ($str1 != '#' && $str1 != '-')
  382. $ret[$num] .= $query;
  383. }
  384. $num++;
  385. }
  386. return $ret;
  387. }
  388. function _dir_path($path)
  389. {
  390. $path = str_replace('\\', '/', $path);
  391. if (substr($path, -1) != '/')
  392. $path = $path . '/';
  393. return $path;
  394. }
  395. // 获取客户端IP地址
  396. function get_client_ip()
  397. {
  398. static $ip = NULL;
  399. if ($ip !== NULL)
  400. return $ip;
  401. if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
  402. $arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
  403. $pos = array_search('unknown', $arr);
  404. if (false !== $pos)
  405. unset($arr[$pos]);
  406. $ip = trim($arr[0]);
  407. } elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
  408. $ip = $_SERVER['HTTP_CLIENT_IP'];
  409. } elseif (isset($_SERVER['REMOTE_ADDR'])) {
  410. $ip = $_SERVER['REMOTE_ADDR'];
  411. }
  412. // IP地址合法验证
  413. $ip = (false !== ip2long($ip)) ? $ip : '0.0.0.0';
  414. return $ip;
  415. }
  416. function dir_create($path, $mode = 0777)
  417. {
  418. if (is_dir($path))
  419. return TRUE;
  420. $ftp_enable = 0;
  421. $path = dir_path($path);
  422. $temp = explode('/', $path);
  423. $cur_dir = '';
  424. $max = count($temp) - 1;
  425. for ($i = 0; $i < $max; $i++) {
  426. $cur_dir .= $temp[$i] . '/';
  427. if (@is_dir($cur_dir))
  428. continue;
  429. @mkdir($cur_dir, 0777, true);
  430. @chmod($cur_dir, 0777);
  431. }
  432. return is_dir($path);
  433. }
  434. function dir_path($path)
  435. {
  436. $path = str_replace('\\', '/', $path);
  437. if (substr($path, -1) != '/')
  438. $path = $path . '/';
  439. return $path;
  440. }
  441. function sp_password($pw, $pre)
  442. {
  443. $decor = md5($pre);
  444. $mi = md5($pw);
  445. return substr($decor, 0, 12) . $mi . substr($decor, -4, 4);
  446. }
  447. function sp_random_string($len = 8)
  448. {
  449. $chars = array(
  450. "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k",
  451. "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v",
  452. "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G",
  453. "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R",
  454. "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2",
  455. "3", "4", "5", "6", "7", "8", "9"
  456. );
  457. $charsLen = count($chars) - 1;
  458. shuffle($chars); // 将数组打乱
  459. $output = "";
  460. for ($i = 0; $i < $len; $i++) {
  461. $output .= $chars[mt_rand(0, $charsLen)];
  462. }
  463. return $output;
  464. }
  465. // 递归删除文件夹
  466. function delFile($dir, $file_type = '')
  467. {
  468. if (is_dir($dir)) {
  469. $files = scandir($dir);
  470. //打开目录 //列出目录中的所有文件并去掉 . 和 ..
  471. foreach ($files as $filename) {
  472. if ($filename != '.' && $filename != '..') {
  473. if (!is_dir($dir . '/' . $filename)) {
  474. if (empty($file_type)) {
  475. unlink($dir . '/' . $filename);
  476. } else {
  477. if (is_array($file_type)) {
  478. //正则匹配指定文件
  479. if (preg_match($file_type[0], $filename)) {
  480. unlink($dir . '/' . $filename);
  481. }
  482. } else {
  483. //指定包含某些字符串的文件
  484. if (false != stristr($filename, $file_type)) {
  485. unlink($dir . '/' . $filename);
  486. }
  487. }
  488. }
  489. } else {
  490. delFile($dir . '/' . $filename);
  491. rmdir($dir . '/' . $filename);
  492. }
  493. }
  494. }
  495. } else {
  496. if (file_exists($dir)) unlink($dir);
  497. }
  498. }
  499. ?>