Permalink
Browse files

Fix bug in installer check. Closes #616

* Simple redirect to the installer instead of building out the URL

* Minor fixes and validation checks in the Installer_Wizard class
  • Loading branch information...
ekala committed Jun 19, 2012
1 parent 9094296 commit d98b7fa840259ba71eb0164e2c458f039dcb6c4b
Showing with 30 additions and 27 deletions.
  1. +7 −21 index.php
  2. +23 −6 installer/wizard.php
View
@@ -115,12 +115,12 @@
is_link(KOHANA) and chdir(dirname(realpath(__FILE__)));
// Define application and system paths
-define('APPPATH', str_replace('\\', '/', realpath($kohana_application)).DIRECTORY_SEPARATOR);
-define('THEMEPATH', str_replace('\\', '/', realpath($kohana_themes)).DIRECTORY_SEPARATOR);
-define('PLUGINPATH', str_replace('\\', '/', realpath($kohana_plugins)).DIRECTORY_SEPARATOR);
-define('MODPATH', str_replace('\\', '/', realpath($kohana_modules)).DIRECTORY_SEPARATOR);
-define('SYSPATH', str_replace('\\', '/', realpath($kohana_system)).DIRECTORY_SEPARATOR);
-define('MEDIAPATH', str_replace('\\', '/', realpath($kohana_media)).DIRECTORY_SEPARATOR);
+define('APPPATH', realpath($kohana_application).DIRECTORY_SEPARATOR);
+define('THEMEPATH', realpath($kohana_themes).DIRECTORY_SEPARATOR);
+define('PLUGINPATH', realpath($kohana_plugins).DIRECTORY_SEPARATOR);
+define('MODPATH', realpath($kohana_modules).DIRECTORY_SEPARATOR);
+define('SYSPATH', realpath($kohana_system).DIRECTORY_SEPARATOR);
+define('MEDIAPATH', realpath($kohana_media).DIRECTORY_SEPARATOR);
// Clean up
unset($kohana_application, $kohana_themes, $kohana_plugins, $kohana_modules, $kohana_system, $kohana_media);
@@ -159,27 +159,13 @@
// -------------------------------------------
// This has to be done before bootstrapping the Kohana framework
//
-
// Does the installer directory exist?
if (file_exists(DOCROOT.DIRECTORY_SEPARATOR.'installer'))
{
if ( ! file_exists(APPPATH.'config'.DIRECTORY_SEPARATOR.'database.php'))
{
- // Get the server protocol
- $protocol = (isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'on')
- ? 'https'
- : 'http';
-
- // Server port
- $port = ! in_array($_SERVER['SERVER_PORT'], array("80", "443"))
- ? ':'.$_SERVER['SERVER_PORT']
- : '';
-
- // Generate the redirect URL
- $url = $protocol.'://'.$_SERVER['SERVER_NAME'].$port.'/installer';
-
// Redirect to the installer
- header(sprintf("Location: %s", $url));
+ header("Location: ./installer");
}
}
View
@@ -172,24 +172,31 @@ public static function init()
// Initialize the session
session_start();
-
+
self::$_data = & $_SESSION;
// Check if the application has already been installed
if (self::is_installed())
{
session_destroy();
+
+ session_unset();
header("Location:../");
}
-
- // Check if installation has started
- if ( ! isset(self::$_data['started']))
+
+ //
+ // TODO: Expire the session after 30 minutes
+ // and implement mechanisms to prevent attacks on sessions
+ //
+
+ // Check if installation has started or if a current stage exists
+ if ( ! isset(self::$_data['started']) OR ! isset(self::$_data['current_stage']))
{
self::$_data['started'] = TRUE;
// Get the site protocol
- $protocol = (isset($_SERVER['HTTPS']) OR $_SERVER['HTTPS'] == 'on')
+ $protocol = (isset($_SERVER['HTTPS']) OR (isset($_SERVER['HTTPS']) AND $_SERVER['HTTPS'] === 'on'))
? 'https'
: 'http';
@@ -214,6 +221,12 @@ public static function init()
// Build out the base URL
$base_url = $protocol.'://'.$_SERVER['SERVER_NAME'].$port.$site_domain;
+
+ // Add a trailing slash to the base URL
+ if (substr($base_url, -1) !== "/")
+ {
+ $base_url .= "/";
+ }
self::$_data['site_domain'] = $site_domain;
self::$_data['base_url'] = $base_url;
@@ -393,7 +406,7 @@ private static function _verify_extensions()
{
if ( ! extension_loaded($extension))
{
- $self::$_errors[] = sprintf("The <code>%</code> extension is disabled", $extension);
+ self::$_errors[] = sprintf("The <code>%</code> extension is disabled", $extension);
}
}
@@ -508,7 +521,11 @@ public static function render_install_page($page_name)
if (self::_is_last_stage())
{
+ // Destroy session data
session_destroy();
+
+ // Unset $_SESSION variable for the runtime
+ session_unset();
}
$content = ob_get_contents();

0 comments on commit d98b7fa

Please sign in to comment.