管理画面ログインのバリデーションをインストーラに合わせる

.github/workflows/main.yml

@@ -81,10 +81,20 @@ jobs:
         sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
         echo ">>> Started xvfb"
     - name: Run to Codeception
+      env:
+        DB: ${{ matrix.db }}
+        USER: ${{ matrix.dbuser }}
+        DBUSER: ${{ matrix.dbuser }}
+        DBPASS: ${{ matrix.dbpass }}
+        DBNAME: myapp_test
+        DBPORT: ${{ matrix.dbport }}
+        DBSERVER: 127.0.0.1
+        HTTP_URL: http://localhost:8085/
+        HTTPS_URL: http://localhost:8085/
       run: |
         php data/vendor/bin/codecept build
         php -S 0.0.0.0:8085 -t html/ &
-        php data/vendor/bin/codecept run --env chrome --steps
+        php data/vendor/bin/codecept run --env chrome --skip-group installer --steps
   run-on-windows:
     name: Run on Windows
     runs-on: ${{ matrix.operating-system }}
@@ -136,6 +146,107 @@ jobs:
 
     - name: Run to PHPUnit
       run: data/vendor/bin/phpunit --exclude-group classloader
+
+  install-to-linux:
+    name: Install to Linux
+    runs-on: ${{ matrix.operating-system }}
+    strategy:
+      fail-fast: false
+      matrix:
+        operating-system: [ ubuntu-18.04 ]
+        php: [ 5.4, 5.5, 5.6, 7.1, 7.2, 7.3 ]
+        db: [ mysql, pgsql ]
+        include:
+          - db: mysql
+            dbport: '3306'
+            dbuser: 'root'
+            dbpass: 'root'
+          - db: pgsql
+            dbport: '5432'
+            dbuser: 'postgres'
+            dbpass: 'password'
+    services:
+      postgres:
+        image: postgres:11
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: password
+          POSTGRES_DB: postgres
+        ports:
+          - 5432:5432
+        # needed because the postgres container does not provide a healthcheck
+        options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
+      mailcatcher:
+        image: schickling/mailcatcher
+        ports:
+          - 1080:1080
+          - 1025:1025
+    steps:
+    - name: Checkout
+      uses: actions/checkout@master
+    - name: Setup PHP
+      uses: nanasess/setup-php@master
+      with:
+        php-version: ${{ matrix.php }}
+
+    - name: Install to Composer
+      run: composer install --no-interaction -o
+
+    - name: setup-chromedriver
+      uses: nanasess/setup-chromedriver@master
+      with:
+        chromedriver-version: '77.0.3865.40'
+
+    - name: Run chromedriver
+      run: |
+        export DISPLAY=:99
+        chromedriver --url-base=/wd/hub &
+        echo ">>> Started chrome-driver"
+        sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
+        echo ">>> Started xvfb"
+    - name: CREATE mysql DATABASE
+      if: matrix.db == 'mysql'
+      env:
+        DB: ${{ matrix.db }}
+        USER: ${{ matrix.dbuser }}
+        DBUSER: ${{ matrix.dbuser }}
+        DBPASS: ${{ matrix.dbpass }}
+        DBNAME: myapp_test
+        DBPORT: ${{ matrix.dbport }}
+        DBSERVER: 127.0.0.1
+      run: mysql --user=${DBUSER} --password=${DBPASS} -h ${DBSERVER} -P ${DBPORT} -e "CREATE DATABASE ${DBNAME} DEFAULT COLLATE=utf8_general_ci;"
+
+    - name: CREATE pgsql DATABASE
+      if: matrix.db == 'pgsql'
+      env:
+        DB: ${{ matrix.db }}
+        USER: ${{ matrix.dbuser }}
+        DBUSER: ${{ matrix.dbuser }}
+        DBPASS: ${{ matrix.dbpass }}
+        DBNAME: myapp_test
+        DBPORT: ${{ matrix.dbport }}
+        DBSERVER: 127.0.0.1
+      run: |
+        sudo apt-fast install -y postgresql-client
+        export PGPASSWORD=${DBPASS}
+        psql -h ${DBSERVER} -U ${DBUSER} -p ${DBPORT} -c "CREATE DATABASE ${DBNAME};"
+
+    - name: Run to Codeception
+      env:
+        DB: ${{ matrix.db }}
+        USER: ${{ matrix.dbuser }}
+        DBUSER: ${{ matrix.dbuser }}
+        DBPASS: ${{ matrix.dbpass }}
+        DBNAME: myapp_test
+        DBPORT: ${{ matrix.dbport }}
+        DBSERVER: 127.0.0.1
+        HTTP_URL: http://localhost:8085/
+        HTTPS_URL: http://localhost:8085/
+      run: |
+        php data/vendor/bin/codecept build
+        php -S 0.0.0.0:8085 -t html/ &
+        php data/vendor/bin/codecept run --env chrome --group installer --steps acceptance InstallerCept
+
   deploy:
     name: Deploy
     runs-on: ubuntu-18.04

.travis.yml

@@ -27,7 +27,7 @@ addons:
 
 env:
     global:
-        - DBNAME=myapp_test HTTP_URL=http://localhost:8085/ HTTPS_URL=http://localhost:8085/
+        - DBNAME=myapp_test DBSERVER=127.0.0.1 HTTP_URL=http://localhost:8085/ HTTPS_URL=http://localhost:8085/
     matrix:
         - DB=mysql USER=root DBPASS=' ' DBUSER=root
         - DB=pgsql USER=postgres DBPASS=password DBUSER=postgres
@@ -93,7 +93,7 @@ script:
   - if [ ! $COVERAGE ] ; then php data/vendor/bin/phpunit -c phpunit.xml.dist --exclude-group classloader ; fi
   - if [ ! $COVERAGE ] ; then php data/vendor/bin/phpunit -c phpunit.xml.dist --group classloader ; fi
   - if [ $COVERAGE ] ; then phpdbg -qrr data/vendor/bin/phpunit -c phpunit.xml.dist --exclude-group classloader ; fi
-  - if [ ! $COVERAGE ] ; then php data/vendor/bin/codecept run --env chrome --steps ; fi
+  - if [ ! $COVERAGE ] ; then php data/vendor/bin/codecept run --env chrome --skip-group installer --steps ; fi
 
 after_script:
   - if [ $COVERAGE ] ; then php data/vendor/bin/coveralls -v ; fi

codeception.yml

@@ -15,3 +15,5 @@ modules:
             user: ''
             password: ''
             dump: ctests/_data/dump.sql
+params:
+    - env

ctests/acceptance.suite.yml

@@ -11,6 +11,7 @@ modules:
         - WebDriver
         - Asserts
         - MailCatcherGuzzle5
+        - Db
     config:
         PhpBrowser:
             url: 'http://localhost:8085/'
@@ -29,6 +30,10 @@ modules:
         MailCatcherGuzzle5:
             url: 'http://127.0.0.1'
             port: '1080'
+        Db:
+            dsn: %DB%:host=%DBSERVER%;dbname=%DBNAME%
+            user: %DBUSER%
+            password: %DBPASS%
 
 env:
     travis:

ctests/acceptance/InstallerCept.php

@@ -0,0 +1,78 @@
+<?php
+/**
+ * @group installer
+ */
+$I = new AcceptanceTester($scenario);
+$faker = Codeception\Util\Fixtures::get('faker');
+$I->wantTo('正常にインストール可能か検証する');
+// $I->amOnPage('/');
+$I->amOnPage('/install/');
+$I->seeInCurrentUrl('/install/');
+$I->see('EC-CUBEのインストールを開始します。');
+$I->click('次へ進む');
+
+$I->expect('パーミッションのチェックをします');
+$I->see('チェック結果');
+$I->see('>> ○：アクセス権限は正常です。', ['css' => 'textarea[name=disp_area]']);
+$I->click('次へ進む');
+
+$I->expect('必要なファイルのコピーをします');
+$I->see('ice130.jpg', ['css' => 'textarea[name=disp_area]']);
+$I->click('次へ進む');
+
+$I->see('ECサイトの設定');
+$I->expect('STEP1');
+$admindirectory = $faker->regexify('[A-Za-z0-9]{8,10}');
+$user = $faker->userName;
+$password = $faker->regexify('[A-Za-z]{8,10}').$faker->regexify('[0-9]{3,5}');
+$I->fillField('input[name=shop_name]', $faker->name);
+$I->fillField('input[name=admin_mail]', $faker->safeEmail);
+$I->fillField('input[name=login_id]', $user);
+$I->fillField('input[name=login_pass]', $password);
+$I->fillField('input[name=admin_dir]', $admindirectory);
+
+$I->click('>> オプション設定');
+$I->selectOption('input[name=mail_backend]', 'smtp');
+$I->fillField('input[name=smtp_host]', '127.0.0.1');
+$I->fillField('input[name=smtp_port]', '1025');
+$I->click('次へ進む');
+
+$I->expect('STEP2');
+defined('DB_TYPE') or define('DB_TYPE', getenv('DB') == 'mysql' ? 'mysqli' : getenv('DB'));
+defined('DB_USER') or define('DB_USER', getenv('DBUSER'));
+defined('DB_NAME') or define('DB_NAME', getenv('DBNAME'));
+defined('DB_PASSWORD') or define('DB_PASSWORD', getenv('DBPASS') );
+defined('DB_PORT') or define('DB_PORT', getenv('DBPORT'));
+defined('DB_SERVER') or define('DB_SERVER', getenv('DBSERVER'));
+
+$I->selectOption('select[name=db_type]', DB_TYPE);
+$I->fillField('input[name=db_server]', DB_SERVER);
+$I->fillField('input[name=db_port]', DB_PORT);
+$I->fillField('input[name=db_name]', DB_NAME);
+$I->fillField('input[name=db_user]', DB_USER);
+$I->fillField('input[name=db_password]', DB_PASSWORD);
+$I->click('次へ進む');
+
+$I->expect('STEP3');
+$I->see('データベースの初期化');
+$I->click('次へ進む');
+
+$I->see('データベースの初期化');
+$I->waitForText('○：テーブルの作成に成功しました。', 30);
+$I->waitForText('○：シーケンスの作成に成功しました。', 30);
+$I->click('次へ進む');
+
+$I->expect('STEP4');
+$I->see('サイト情報について');
+$I->click('次へ進む');
+
+$I->see('インストールが完了しました。');
+$I->seeInDatabase('dtb_member', ['login_id' => $user]);
+$I->click('管理画面へログインする');
+
+$I->seeInCurrentUrl('/'.$admindirectory);
+$I->fillField('input[name=login_id]', $user);
+$I->fillField('input[name=password]', $password);
+$I->click(['css' => '.btn-tool-format']);
+
+$I->see('ログイン : 管理者 様');

ctests/acceptance/_bootstrap.php

@@ -6,6 +6,12 @@
 $faker = Faker\Factory::create('ja_JP');
 Codeception\Util\Fixtures::add('faker', $faker);
 
+if (!file_exists(__DIR__.'/../../data/config/config.php')
+    || !defined('ECCUBE_INSTALL') || ECCUBE_INSTALL != 'ON') {
+    echo 'EC-CUBE is not yet installed.';
+    return;
+}
+
 /** @var SC_Query $objQuery */
 $objQuery = SC_Query_Ex::getSingletonInstance();
 

data/class/pages/admin/LC_Page_Admin_Index.php

@@ -70,6 +70,7 @@ public function action()
                 //ログイン処理
                 $this->lfInitParam($objFormParam);
                 $objFormParam->setParam($_POST);
+                $objFormParam->trimParam();
                 $this->arrErr = $this->lfCheckError($objFormParam);
                 if (SC_Utils_Ex::isBlank($this->arrErr)) {
                     $this->lfDoLogin($objFormParam->getValue('login_id'));
@@ -99,7 +100,7 @@ public function action()
      */
     public function lfInitParam(&$objFormParam)
     {
-        $objFormParam->addParam('ID', 'login_id', ID_MAX_LEN, '', array('EXIST_CHECK', 'ALNUM_CHECK' ,'MAX_LENGTH_CHECK'));
+        $objFormParam->addParam('ID', 'login_id', ID_MAX_LEN, '', array('EXIST_CHECK', 'GRAPH_CHECK' ,'MAX_LENGTH_CHECK'));
         $objFormParam->addParam('PASSWORD', 'password', PASSWORD_MAX_LEN, '', array('EXIST_CHECK', 'GRAPH_CHECK', 'MAX_LENGTH_CHECK'));
     }
 

html/install/index.php

@@ -32,6 +32,14 @@
 define('INSTALL_INFO_URL', 'http://www.ec-cube.net/install_info/index.php');
 define("DEFAULT_COUNTRY_ID", 392);
 
+$dir = preg_replace('|install/.*$|', '', $_SERVER['REQUEST_URI']);
+$normal_url = 'http://' . $_SERVER['HTTP_HOST'] . $dir;
+defined('HTTP_URL') or define('HTTP_URL', $normal_url);
+defined('HTTPS_URL') or define('HTTPS_URL', $normal_url);
+$url_dir = preg_replace('|^https?://[a-zA-Z0-9_:~=&\?\.\-]+|', '', $normal_url);
+defined('ROOT_URLPATH') or define('ROOT_URLPATH', $url_dir);
+defined('ADMIN_DIR') or define('ADMIN_DIR', '');
+
 require_once HTML_REALDIR . HTML2DATA_DIR . 'require_base.php';
 ob_start();
 // ▲require.php 相当
@@ -110,7 +118,7 @@
         //入力値のエラーチェック
         $objPage->arrErr = lfCheckDBError($objDBParam);
         if (count($objPage->arrErr) == 0) {
-            if ($err = renameAdminDir($objWebParam->getValue('admin_dir')) !== true) {
+            if (($err = renameAdminDir($objWebParam->getValue('admin_dir'))) !== true) {
                 $objPage->arrErr['all'] .= $err;
                 $objPage = lfDispStep2($objPage);
             } else {
@@ -625,6 +633,7 @@ function lfDispComplete($objPage)
     $objPage->tpl_sslurl = $secure_url;
     //EC-CUBEオフィシャルサイトからのお知らせURL
     $objPage->install_info_url = INSTALL_INFO_URL;
+    $objPage->admin_dir = $objWebParam->getValue('admin_dir');
     return $objPage;
 }
 
@@ -633,20 +642,6 @@ function lfInitWebParam($objWebParam)
 {
     global $objDb;
 
-    if (defined('HTTP_URL')) {
-        $normal_url = HTTP_URL;
-    } else {
-        $dir = preg_replace('|install/.*$|', '', $_SERVER['REQUEST_URI']);
-        $normal_url = 'http://' . $_SERVER['HTTP_HOST'] . $dir;
-    }
-
-    if (defined('HTTPS_URL')) {
-        $secure_url = HTTPS_URL;
-    } else {
-        $dir = preg_replace('|install/.*$|', '', $_SERVER['REQUEST_URI']);
-        $secure_url = 'http://' . $_SERVER['HTTP_HOST'] . $dir;
-    }
-
     // 店名、管理者メールアドレスを取得する。(再インストール時)
     if (defined('DEFAULT_DSN')) {
         $objQuery = new SC_Query();
@@ -706,8 +701,8 @@ function lfInitWebParam($objWebParam)
     $objWebParam->addParam('管理機能：ディレクトリ', 'admin_dir', ID_MAX_LEN, 'a', array('EXIST_CHECK', 'SPTAB_CHECK', 'ALNUM_CHECK'), $oldAdminDir);
     $objWebParam->addParam('管理機能：SSL制限', 'admin_force_ssl', 1, 'n', array('SPTAB_CHECK', 'NUM_CHECK', 'MAX_LENGTH_CHECK'), $admin_force_ssl);
     $objWebParam->addParam('管理機能：IP制限', 'admin_allow_hosts', LTEXT_LEN, 'an', array('IP_CHECK', 'MAX_LENGTH_CHECK'), $admin_allow_hosts);
-    $objWebParam->addParam('URL(通常)', 'normal_url', MTEXT_LEN, '', array('EXIST_CHECK', 'URL_CHECK', 'MAX_LENGTH_CHECK'), $normal_url);
-    $objWebParam->addParam('URL(セキュア)', 'secure_url', MTEXT_LEN, '', array('EXIST_CHECK', 'URL_CHECK', 'MAX_LENGTH_CHECK'), $secure_url);
+    $objWebParam->addParam('URL(通常)', 'normal_url', MTEXT_LEN, '', array('EXIST_CHECK', 'URL_CHECK', 'MAX_LENGTH_CHECK'), HTTP_URL);
+    $objWebParam->addParam('URL(セキュア)', 'secure_url', MTEXT_LEN, '', array('EXIST_CHECK', 'URL_CHECK', 'MAX_LENGTH_CHECK'), HTTPS_URL);
     $objWebParam->addParam('ドメイン', 'domain', MTEXT_LEN, '', array('MAX_LENGTH_CHECK'));
     $objWebParam->addParam('メーラーバックエンド', 'mail_backend', STEXT_LEN, 'a', array('MAX_LENGTH_CHECK', 'EXIST_CHECK'), $mail_backend);
     $objWebParam->addParam('SMTPホスト', 'smtp_host', STEXT_LEN, 'a', array('MAX_LENGTH_CHECK'), $smtp_host);
@@ -992,9 +987,6 @@ function lfMakeConfigFile()
     // 語尾に'/'をつける
     $secure_url = rtrim($secure_url, '/') . '/';
 
-    // ディレクトリの取得
-    $url_dir = preg_replace('|^https?://[a-zA-Z0-9_:~=&\?\.\-]+|', '', $normal_url);
-
     //管理機能SSL制限
     if ($objWebParam->getValue('admin_force_ssl') == 1 and strpos($secure_url, 'https://') !== FALSE) {
         $force_ssl = 'TRUE';
@@ -1047,7 +1039,7 @@ function lfMakeConfigFile()
                  . "define('ECCUBE_INSTALL', 'ON');\n"
                  . "define('HTTP_URL', '"              . $normal_url . "');\n"
                  . "define('HTTPS_URL', '"             . $secure_url . "');\n"
-                 . "define('ROOT_URLPATH', '"          . $url_dir . "');\n"
+                 . "define('ROOT_URLPATH', '"          . ROOT_URLPATH . "');\n"
                  . "define('DOMAIN_NAME', '"           . $objWebParam->getValue('domain') . "');\n"
                  . "define('DB_TYPE', '"               . $objDBParam->getValue('db_type') . "');\n"
                  . "define('DB_USER', '"               . $objDBParam->getValue('db_user') . "');\n"
@@ -1157,6 +1149,7 @@ function renameAdminDir($adminDir)
     }
 
     $oldAdminDir = SC_Utils_Ex::sfTrimURL(ADMIN_DIR);
+    $oldAdminDir = $oldAdminDir == '' ? 'admin' : $oldAdminDir;
     if ($adminDir === $oldAdminDir) {
         return true;
     }

html/install/templates/complete.tpl

@@ -31,15 +31,15 @@
             <h2>EC CUBE インストールが完了しました。</h2>
         </div>
         <div class="result-info02">
-            <p><a href="<!--{$tpl_sslurl}--><!--{$smarty.const.ADMIN_DIR}--><!--{$smarty.const.DIR_INDEX_PATH}-->">管理画面</a>にログインできます。<br />
+            <p><a href="<!--{$tpl_sslurl}--><!--{$admin_dir}--><!--{$smarty.const.DIR_INDEX_PATH}-->">管理画面</a>にログインできます。<br />
             先ほど登録したID、パスワードを用いてログインしてください。</p>
         </div>
     </div>
 
     <div class="btn-area-top"></div>
     <div class="btn-area">
         <ul>
-            <li><a class="btn-action" href="<!--{$tpl_sslurl}--><!--{$smarty.const.ADMIN_DIR}--><!--{$smarty.const.DIR_INDEX_PATH}-->"><span class="btn-next">管理画面へログインする</span></a></li>
+            <li><a class="btn-action" href="<!--{$tpl_sslurl}--><!--{$admin_dir}--><!--{$smarty.const.DIR_INDEX_PATH}-->"><span class="btn-next">管理画面へログインする</span></a></li>
         </ul>
     </div>
     <div class="btn-area-bottom"></div>

html/install/templates/install_frame.tpl

@@ -65,7 +65,7 @@
 <!--{if $tpl_mainpage != 'complete.tpl'}-->
 <script type="text/javascript">//<![CDATA[
 $(function(){
-    $('.btn-next').click(function(e) {
+    $('.btn-next').on('click', function(e) {
       e.preventDefault();
       $('form').submit();
       $('#loading').show();