// Copyright: Matthias Steffens and the file's // original author(s). // // This code is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY. Please see the GNU General Public // License for more details. // // File: ./install.php // Repository: $HeadURL: file:///svn/p/refbase/code/branches/bleeding-edge/install.php $ // Author(s): Matthias Steffens // // Created: 07-Jan-04, 22:00 // Modified: $Date: 2015-02-16 20:53:19 +0000 (Mon, 16 Feb 2015) $ // $Author: karnesky $ // $Revision: 1405 $ // This file will install the literature database for you. Note that you must have // an existing PHP and MySQL installation. Please see the readme for further information. // CAUTION: YOU MUST REMOVE THIS SCRIPT FROM YOUR WEB DIRECTORY AFTER INSTALLATION!! // Incorporate some include files: include 'initialize/db.inc.php'; // 'db.inc.php' is included to hide username and password include 'includes/header.inc.php'; // include header include 'includes/footer.inc.php'; // include footer include 'includes/include.inc.php'; // include common functions include 'includes/install.inc.php'; // include install/update functions include 'initialize/ini.inc.php'; // include common variables // -------------------------------------------------------------------- // START A SESSION: // call the 'start_session()' function (from 'include.inc.php') which will also read out available session variables: start_session(false); // -------------------------------------------------------------------- // Initialize preferred display language: // (note that 'locales.inc.php' has to be included *after* the call to the 'start_session()' function) include 'includes/locales.inc.php'; // include the locales // -------------------------------------------------------------------- // This specifies the name of the database that handles the MySQL user access privileges. // Unless you've fiddled with it, you shouldn't change the default value ('mysql'): $adminDatabaseName = 'mysql'; // Extract any parameters passed to the script: if (isset($_POST['adminUserName'])) $adminUserName = $_POST['adminUserName']; else $adminUserName = ""; if (isset($_POST['adminPassword'])) $adminPassword = $_POST['adminPassword']; else $adminPassword = ""; if (isset($_POST['pathToMYSQL'])) $pathToMYSQL = $_POST['pathToMYSQL']; else $pathToMYSQL = ""; if (isset($_POST['databaseStructureFile'])) $databaseStructureFile = $_POST['databaseStructureFile']; else $databaseStructureFile = ""; if (isset($_POST['pathToBibutils'])) $pathToBibutils = $_POST['pathToBibutils']; else $pathToBibutils = ""; if (isset($_POST['defaultCharacterSet'])) $defaultCharacterSet = $_POST['defaultCharacterSet']; else $defaultCharacterSet = ""; // -------------------------------------------------------------------- // Check the correct parameters have been passed: if (empty($adminUserName) AND empty($adminPassword) AND empty($pathToMYSQL) AND empty($databaseStructureFile)) { // if 'install.php' was called without any valid parameters: //Display an installation form: if (isset($_SESSION['errors'])) { $errors = $_SESSION['errors']; // Note: though we clear the session variable, the current error message is still available to this script via '$errors': deleteSessionVariable("errors"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } else $errors = array(); // initialize the '$errors' variable in order to prevent 'Undefined variable...' messages if (isset($_SESSION['formVars'])) { $formVars = $_SESSION['formVars']; // Note: though we clear the session variable, the current form variables are still available to this script via '$formVars': deleteSessionVariable("formVars"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } else { // Reset the '$formVars' variable (since we're providing the default values): $formVars = array(); $pathSeparator = PATH_SEPARATOR; $pathItems = explode($pathSeparator, getenv("PATH")); // Provide default values for the form fields: $formVars["adminUserName"] = "root"; $formVars["adminPassword"] = ""; $formVars["databaseStructureFile"] = "./install.sql"; // Try to find the 'mysql' command line interpreter: $mysqlLocations = array_unique(array_merge($pathItems, array("/Program Files/MySQL/bin", "/wamp/mysql/bin", "/Program Files/xampp/mysql/bin", "/www/xampp/mysql/bin", "/xampp/mysql/bin", "/apachefriends/xampp/mysql/bin", "/usr/local/mysql/bin", "/usr/local/bin/mysql/bin", "/usr/bin/mysql/bin", "/usr/mysql/bin", "/opt/local/bin/", "/opt/local/lib/mysql4/bin/", "/opt/local/lib/mysql5/bin/"))); $mysqlNames = array("mysql", "mysql.exe"); $formVars["pathToMYSQL"] = locateFile($mysqlLocations, $mysqlNames, false); // function 'locateFile()' is defined in 'install.inc.php' // Try to find the Bibutils programs: $bibutilsLocations = array_unique(array_merge($pathItems, array("/usr/bin", "/usr/local/bin", "/opt/local/bin/", ".", "./refbase", "./bibutils"))); // We'll only check for one program to save time (and because, we currently don't allow the script to have a subset of the functionality provided by Bibutils) $bibutilsNames = array("xml2bib", "xml2bib.exe"); $formVars["pathToBibutils"] = locateFile($bibutilsLocations, $bibutilsNames, true); $formVars["defaultCharacterSet"] = "latin1"; } // If there's no stored message available: if (!isset($_SESSION['HeaderString'])) { if (empty($errors)) // provide the default message: $HeaderString = "To install the refbase package please fill out the form below and click the Install button:"; else // -> there were errors when validating the fields $HeaderString = "There were validation errors regarding the details you entered. Please check the comments above the respective fields:"; } else { $HeaderString = $_SESSION['HeaderString']; // extract 'HeaderString' session variable (only necessary if register globals is OFF!) // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString': deleteSessionVariable("HeaderString"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } // Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''): // ('' will produce the default 'Web' output style) if (isset($_REQUEST['viewType'])) $viewType = $_REQUEST['viewType']; else $viewType = ""; // For the default character set, make sure that the correct popup menu entry is selected upon reload: if ($formVars["defaultCharacterSet"] == "utf8") { $latin1CharacterSetSelected = ""; $unicodeCharacterSetSelected = " selected"; } else // $formVars["defaultCharacterSet"] is 'latin1' or '' { $latin1CharacterSetSelected = " selected"; $unicodeCharacterSetSelected = ""; } // Show the login status: showLogin(); // (function 'showLogin()' is defined in 'include.inc.php') // DISPLAY header: // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Installation", "index,follow", "Installation form for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array()); showPageHeader($HeaderString); // Start
and holding the form elements: ?> within a form field (instead of clicking the "Install" button) ?>

refbase Installation
Important note: Before executing this script, it is highly recommended to open the include file initialize/db.inc.php in a text editor and edit the values of the variables $databaseName, $username and $password to suit your setup! Then, proceed with this form:
MySQL admin user: " size="30"> Give the name of an administrative user that has full access to the MySQL admin database. Often, this is the root user.
MySQL admin password: Please type your password again:\n\t\t\t
"; else echo fieldError("adminPassword", $errors); ?> 		Please enter the password for the administrative user you've specified above.
Path to the MySQL application: " size="30"> Specify the full path to the mysql command line interpreter. The install script attempts to locate the mysql program for you. If the field is empty, please enter the full path manually.
Path to the database structure file: " size="30"> Enter the full path to the SQL dump file containing the database structure & data. Keep the default value, if you're installing refbase for the first time.
Path to the Bibutils directory [optional]: " size="30"> Bibutils provides additional import and export funtionality to refbase (e.g. support for Endnote & BibTeX). It is optional, but highly recommended. The install script attempts to locate Bibutils for you. If you can't access Bibutils from your path, please fill this value in manually (and, if you think other people might have Bibutils installed to the same path, report it to the refbase developers). The path must end with a slash!
Default character set: Specify the default character set for the MySQL database used by refbase. Note that utf8 (Unicode) requires MySQL 4.1.x or greater, otherwise latin1 (i.e., ISO-8859-1 West European) will be used by default.
  CAUTION: Note that, if there's already an existing refbase database with the name specified in $databaseName, clicking the Install button will overwrite ALL data in that database! If you'd like to install the refbase tables into another existing database, you must ensure that there are no table name conflicts (more info).
$value) $formVars[$varname] = $value; // Validate the 'adminUserName' field: if (empty($formVars["adminUserName"])) // The 'adminUserName' field cannot be a null string $errors["adminUserName"] = "This field cannot be blank:"; // Validate the 'adminPassword' field: if (empty($formVars["adminPassword"])) // The 'adminPassword' field cannot be a null string $errors["adminPassword"] = "This field cannot be blank:"; // Validate the 'pathToMYSQL' field: if (empty($formVars["pathToMYSQL"])) // The 'pathToMYSQL' field cannot be a null string $errors["pathToMYSQL"] = "This field cannot be blank:"; elseif (preg_match("/[;|]/", $formVars["pathToMYSQL"])) // For security reasons, the 'pathToMYSQL' field cannot contain the characters ';' or '|' (which would tie multiple shell commands together) $errors["pathToMYSQL"] = "Due to security reasons this field cannot contain the characters ';' or '|':"; elseif (is_dir($formVars["pathToMYSQL"])) // Check if the specified path resolves to a directory $errors["pathToMYSQL"] = "You cannot specify a directory! Please give the path to the mysql command:"; elseif (!is_readable($formVars["pathToMYSQL"])) // Check if the specified path resolves to the mysql application $errors["pathToMYSQL"] = "Your path specification is invalid (command not found):"; // Note: Currently, the checks for whether the function is executable or whether it is mysql have been commented out, // since they don't seem to work on windows! (see ) // elseif (!is_executable($formVars["pathToMYSQL"])) // // Check if the given file is executable // $errors["pathToMYSQL"] = "This file does not appear to be an executable command:"; // elseif (!preg_match("#(^|.*/)mysql$#", $formVars["pathToMYSQL"])) // // Make sure that the given file is 'mysql' // $errors["pathToMYSQL"] = "This does not appear to be the 'mysql' command line interpreter:"; // Validate the 'databaseStructureFile' field: if (empty($formVars["databaseStructureFile"])) // The 'databaseStructureFile' field cannot be a null string $errors["databaseStructureFile"] = "This field cannot be blank:"; elseif (preg_match("/[;|]/", $formVars["databaseStructureFile"])) // For security reasons, the 'databaseStructureFile' field cannot contain the characters ';' or '|' (which would tie multiple shell commands together) $errors["databaseStructureFile"] = "Due to security reasons this field cannot contain the characters ';' or '|':"; elseif (is_dir($formVars["databaseStructureFile"])) // Check if the specified path resolves to a directory $errors["databaseStructureFile"] = "You cannot specify a directory! Please give the path to the database structure file:"; elseif (!is_readable($formVars["databaseStructureFile"])) // Check if the specified path resolves to the database structure file $errors["databaseStructureFile"] = "Your path specification is invalid (file not found):"; // Validate the 'pathToBibutils' field: if (!empty($formVars["pathToBibutils"])) // we'll only validate the 'pathToBibutils' field if it isn't empty (installation of Bibutils is optional) { if (preg_match("/[;|]/", $formVars["pathToBibutils"])) // For security reasons, the 'pathToBibutils' field cannot contain the characters ';' or '|' (which would tie multiple shell commands together) $errors["pathToBibutils"] = "Due to security reasons this field cannot contain the characters ';' or '|':"; elseif (!is_readable($formVars["pathToBibutils"])) // Check if the specified path resolves to an existing directory $errors["pathToBibutils"] = "Your path specification is invalid (directory not found):"; elseif (!is_dir($formVars["pathToBibutils"])) // Check if the specified path resolves to a directory (and not a file) $errors["pathToBibutils"] = "You must specify a directory! Please give the path to the directory containing the Bibutils utilities:"; } // Validate the 'defaultCharacterSet' field: // Note: Currently we're not generating an error & rooting back to the install form, if the user did choose 'utf8' but has some MySQL version < 4.1 installed. // In this case, we'll simply ignore the setting and 'latin1' will be used by default. // -------------------------------------------------------------------- // Now the script has finished the validation, check if there were any errors: if (count($errors) > 0) { // Write back session variables: saveSessionVariable("errors", $errors); // function 'saveSessionVariable()' is defined in 'include.inc.php' saveSessionVariable("formVars", $formVars); // There are errors. Relocate back to the installation form: header("Location: install.php"); exit; // >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> !EXIT! <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< } // -------------------------------------------------------------------- // If we made it here, then the data is considered valid! // (1) Open the database connection and use the mysql database: if (!($connection = @ mysql_connect($hostName,$adminUserName,$adminPassword))) if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to connect to the host:", ""); if (!(mysql_select_db($adminDatabaseName, $connection))) if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to connect to the database:", ""); // First, check if we're a dealing with MySQL version 4.1.x or greater: // (MySQL 4.1.x is required if the refbase MySQL database/tables shall be installed using Unicode/UTF-8 as default character set) $mysqlVersion = getMySQLversion(); // function 'getMySQLversion()' is defined in 'include.inc.php' // -------------------------------------------------------------------- // Prepare the install queries and proceed with the actual installation procedure: // Build the database queries required for installation: $queryGrantStatement = "GRANT SELECT,INSERT,UPDATE,DELETE ON " . $databaseName . ".* TO " . quote_smart($username) . "@" . quote_smart($hostName) . " IDENTIFIED BY " . quote_smart($password); $queryCreateDB = "CREATE DATABASE IF NOT EXISTS " . $databaseName; // by default, 'latin1' will be used as default character set if ($mysqlVersion >= 4.1) // if MySQL 4.1.x (or greater) is installed... { $queryCreateDB = $queryCreateDB . " DEFAULT CHARACTER SET " . $defaultCharacterSet; // ...add the default character set chosen by the user if ($defaultCharacterSet == "utf8") // ...in case of UTF-8, adjust the path to the default database structure file if necessary if ($databaseStructureFile == "./install.sql") $databaseStructureFile = "./install_utf8.sql"; } if (!empty($pathToBibutils)) // we'll only update the Bibutils path if '$pathToBibutils' isn't empty (installation of Bibutils is optional) $queryUpdateDependsTable = "UPDATE " . $databaseName . "." . $tableDepends . " SET depends_path = " . quote_smart($pathToBibutils) . " WHERE depends_external = \"bibutils\""; // update the Bibutils path spec else // we set the 'depends_enabled' field in table 'depends' to 'false' to indicate that Bibutils isn't installed $queryUpdateDependsTable = "UPDATE " . $databaseName . "." . $tableDepends . " SET depends_enabled = \"false\" WHERE depends_external = \"bibutils\""; // disable Bibutils functionality // (2) Run the INSTALL queries on the mysql database through the connection: if (!($result = @ mysql_query ($queryGrantStatement, $connection))) if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to query the database:", ""); if (!($result = @ mysql_query ($queryCreateDB, $connection))) if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to query the database:", ""); // IMPORT the literature database structure from file: exec($pathToMYSQL . " -h " . $hostName . " -u " . $adminUserName . " -p" . $adminPassword . " --database=" . $databaseName . " < " . $databaseStructureFile . " 2>&1", $resultArray); // User note from regarding the use of PHP's 'exec()' command: // From 'eremy at ntb dot co dot nz' (28-Sep-2003 03:18): // If an error occurs in the code you're trying to exec(), it can be challenging to figure out what's going // wrong, since php echoes back the stdout stream rather than the stderr stream where all the useful error // reporting's done. The solution is to add the code "2>&1" to the end of your shell command, which redirects // stderr to stdout, which you can then easily print using something like print `shellcommand 2>&1`. // run the UPDATE query on the depends table of the (just imported) literature database: if (!($result = @ mysql_query ($queryUpdateDependsTable, $connection))) if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to query the database:", ""); // (5) Close the database connection: if (!(mysql_close($connection))) if (mysql_errno() != 0) // this works around a stupid(?) behaviour of the Roxen webserver that returns 'errno: 0' on success! ?:-( showErrorMsg("The following error occurred while trying to disconnect from the database:", ""); $resultLines = ""; // initialize variable // Read out the execution result array: if (!empty($resultArray)) // if there were any execution errors { reset($resultArray); // reset the internal array pointer to the first element while (list ($key, $val) = each ($resultArray)) $resultLines .= "\n" . trim($val); // append each of the array elements to a string } // -------------------------------------------------------------------- // Provide a feedback page: // If there's no stored message available: if (!isset($_SESSION['HeaderString'])) // provide one of the default messages: { if (!empty($resultArray)) // if there were any execution errors $HeaderString = "The following error occurred while trying to import the SQL data into the database:"; else // assume that the installation was successful $HeaderString = "Installation of the Web Reference Database was successful!"; } else { $HeaderString = $_SESSION['HeaderString']; // extract 'HeaderString' session variable (only necessary if register globals is OFF!) // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString': deleteSessionVariable("HeaderString"); // function 'deleteSessionVariable()' is defined in 'include.inc.php' } // Extract the view type requested by the user (either 'Mobile', 'Print', 'Web' or ''): // ('' will produce the default 'Web' output style) if (isset($_REQUEST['viewType'])) $viewType = $_REQUEST['viewType']; else $viewType = ""; // Show the login status: showLogin(); // (function 'showLogin()' is defined in 'include.inc.php') // DISPLAY header: // call the 'displayHTMLhead()' and 'showPageHeader()' functions (which are defined in 'header.inc.php'): displayHTMLhead(encodeHTML($officialDatabaseName) . " -- Installation Feedback", "index,follow", "Installation feedback for the " . encodeHTML($officialDatabaseName), "", false, "", $viewType, array()); showPageHeader($HeaderString); // Start a : ?>
inform the user about successful database installation: { ?>
Error:
  Please make sure that you've specified the correct path to the MySQL database structure file!
  Go Back

Welcome to refbase!
Important Note: The install.php script is only provided for installation purposes and is not needed anymore. Due to security considerations you should remove this script from your web directory NOW!!
Setup users: Here's how to setup the admin user account for your newly created literature database:
  • Goto
  • Login with email address = user@refbase.net & password = start
  • Click on Add User and enter the name, institutional abbreviation, email address and password of the admin user
  • Open the file ini.inc.php in a text editor and change the value of the $adminLoginEmail variable to the email address you've specified for the admin user
  • Log out, then login again using the email address and password of your newly created admin account
If you want to add additional users use the Add User link and enter the user's name, institutional abbreviation, email address and password.
Configure refbase: In order to customize your literature database, please open again ini.inc.php in a text editor. This include file contains variables that are common to all scripts and whose values can/must be adopted to your needs. Please see the comments within the file for further information.