From c8ae0f9de762ef0862ad485ce1b1790a63c0c902 Mon Sep 17 00:00:00 2001
From: seek3r <seek3r@alumni.egroupware.org>
Date: Wed, 27 Dec 2000 10:39:34 +0000
Subject: [PATCH] its broken, but Im tired, and will continue in the morning
 from work

---
 setup/createheader.php        | 20 ++++++++
 setup/inc/phpgw_setup.inc.php | 86 ++++++++++++++++++-----------------
 setup/index.php               | 13 ++++--
 3 files changed, 75 insertions(+), 44 deletions(-)

diff --git a/setup/createheader.php b/setup/createheader.php
index 2e4e4c730a..f53f869dd8 100644
--- a/setup/createheader.php
+++ b/setup/createheader.php
@@ -1,7 +1,27 @@
 <?php
+  $phpgw_info["flags"] = array("noheader" => True, "nonavbar" => True, "currentapp" => "home", "noapi" => True);
   include("./inc/functions.inc.php");
   include("../version.inc.php");
 
+  /* processing and discovery phase */
+  $phpgw_setup->check_header();
+//echo "phpgw_info[setup][stage]: ".$phpgw_info["setup"]["stage"]."<br>";
+  if ( $phpgw_info["setup"]["stage"] >= 1.4){
+    if (!$phpgw_setup->header_auth()){
+      $phpgw_setup->show_header("Please login",True);
+      $phpgw_setup->loginForm($login_msg);
+      exit;
+    }else{ /* authentication settled. Moving to the database portion. */
+      $phpgw_setup->loaddb();
+    }
+  }else{
+        $phpgw_setup->show_header("Please login",True);
+      $phpgw_setup->loginForm($login_msg);
+      exit;
+
+  }
+
+
   switch($action){
     case "download":
       header("Content-disposition: attachment; filename=\"header.inc.php\"");
diff --git a/setup/inc/phpgw_setup.inc.php b/setup/inc/phpgw_setup.inc.php
index aba2dfbc6a..ee154cb500 100644
--- a/setup/inc/phpgw_setup.inc.php
+++ b/setup/inc/phpgw_setup.inc.php
@@ -40,41 +40,43 @@
         }
         echo "</td></tr></table>";
     }
-    function loginForm($err="")
+    function loginForm($login_msg="", $header_login_msg="")
     {
      	global $phpgw_info, $phpgw_domain, $SetupDomain, $SetupPW, $PHP_SELF;
       echo "<p><body bgcolor='#ffffff'>\n";
       echo "<table border=\"0\" align=\"center\">\n";
-      echo "  <tr bgcolor=\"486591\">\n";
-      echo "    <td colspan=\"2\"><font color=\"fefefe\">&nbsp;<b>Setup/Config Admin Login</b></font></td>\n";
-      echo "  </tr>\n";
-      if ($err != "") {
-        echo "   <tr bgcolor='#e6e6e6'><td colspan='2'><font color='#ff0000'>".$err."</font></td></tr>\n";
+      if ( $phpgw_info["setup"]["stage"] >= 1.4){
+        echo "  <tr bgcolor=\"486591\">\n";
+        echo "    <td colspan=\"2\"><font color=\"fefefe\">&nbsp;<b>Setup/Config Admin Login</b></font></td>\n";
+        echo "  </tr>\n";
+        if ($err != "") {
+          echo "   <tr bgcolor='#e6e6e6'><td colspan='2'><font color='#ff0000'>".$login_msg."</font></td></tr>\n";
+        }
+        echo "  <tr bgcolor=\"e6e6e6\">\n";
+        echo "    <td><form action='".$PHP_SELF."' method='POST'>\n";
+        if (count($phpgw_domain) > 1){
+          echo "      <table><tr><td>Domain: </td><td><input type='text' name='FormDomain' value=''></td></tr>\n";
+          echo "      <tr><td>Password: </td><td><input type='password' name='FormPW' value=''></td></tr></table>\n";
+        }else{
+          reset($phpgw_domain);
+          $default_domain = each($phpgw_domain);
+          echo "      <input type='password' name='FormPW' value=''>\n";
+          echo "      <input type='hidden' name='FormDomain' value='".$default_domain[0]."'>\n";
+        }
+        echo "      <input type='submit' name='Login' value='Login'>\n";
+        echo "    </form></td>\n";
+        echo "  </tr>\n";
       }
-      echo "  <tr bgcolor=\"e6e6e6\">\n";
-      echo "    <td><form action='".$PHP_SELF."' method='POST'>\n";
-      if (count($phpgw_domain) > 1){
-        echo "      <table><tr><td>Domain: </td><td><input type='text' name='FormDomain' value=''></td></tr>\n";
-        echo "      <tr><td>Password: </td><td><input type='password' name='FormPW' value=''></td></tr></table>\n";
-      }else{
-        reset($phpgw_domain);
-        $default_domain = each($phpgw_domain);
-        echo "      <input type='password' name='FormPW' value=''>\n";
-        echo "      <input type='hidden' name='FormDomain' value='".$default_domain[0]."'>\n";
-      }
-      echo "      <input type='submit' name='Login' value='Login'>\n";
-      echo "    </form></td>\n";
-      echo "  </tr>\n";
-  
+
       echo "  <tr bgcolor=\"486591\">\n";
       echo "    <td colspan=\"2\"><font color=\"fefefe\">&nbsp;<b>Header Admin Login</b></font></td>\n";
       echo "  </tr>\n";
       if ($err != "") {
-        echo "   <tr bgcolor='#e6e6e6'><td colspan='2'><font color='#ff0000'>".$err."</font></td></tr>\n";
+        echo "   <tr bgcolor='#e6e6e6'><td colspan='2'><font color='#ff0000'>".$header_login_msg."</font></td></tr>\n";
       }
       echo "  <tr bgcolor=\"e6e6e6\">\n";
-      echo "    <td><form action='".$PHP_SELF."' method='POST'>\n";
-      echo "      <input type='password' name='HeaderPW' value=''>\n";
+      echo "    <td><form action='createheader.php' method='POST'>\n";
+      echo "      <input type='password' name='HeaderPW' value='changethis'>\n";
       echo "      <input type='submit' name='HeaderLogin' value='Login'>\n";
       echo "    </form></td>\n";
       echo "  </tr>\n";
@@ -91,11 +93,14 @@
         $phpgw_info["setup"]["header_msg"] = "Stage One";
       }else{
         include("../header.inc.php");
-        if (!isset($phpgw_domain) || $phpgw_info["server"]["versions"]["header"] != $phpgw_info["server"]["versions"]["current_header"]) {
+        if (!isset($phpgw_info["server"]["header_admin_password"])){
           $phpgw_info["setup"]["stage"] = 1.2;
+          $phpgw_info["setup"]["header_msg"] = "Stage One (No header admin password set)";
+        }elseif (!isset($phpgw_domain) || $phpgw_info["server"]["versions"]["header"] != $phpgw_info["server"]["versions"]["current_header"]) {
+          $phpgw_info["setup"]["stage"] = 1.3;
           $phpgw_info["setup"]["header_msg"] = "Stage One (Upgrade your header.inc.php)";
         }else{ /* header.inc.php part settled. Moving to authentication */
-          $phpgw_info["setup"]["stage"] = 1.3;
+          $phpgw_info["setup"]["stage"] = 1.4;
           $phpgw_info["setup"]["header_msg"] = "Stage One (Completed)";
         }
       }
@@ -114,10 +119,11 @@
   
     function config_auth()
     {
-      global $phpgw_domain, $FormLogout, $FormDomain, $FormPW, $SetupPW, $SetupDomain, $HTTP_POST_VARS, $login_msg;
+      global $phpgw_domain, $FormLogout, $FormDomain, $FormHeaderPW, $FormPW, $SetupDomain, $HTTP_POST_VARS, $login_msg;
       if (isset($FormLogout)) {
         setcookie("SetupPW");  // scrub the old one
         setcookie("SetupDomain");  // scrub the old one
+        setcookie("HeaderPW");  // scrub the old one
         $login_msg = "You have sucessfully logged out";
         return False;
       } elseif (isset($SetupPW)) {
@@ -146,29 +152,27 @@
   
     function header_auth()
     {
-      global $phpgw_domain, $FormLogout, $FormDomain, $FormPW, $SetupPW, $SetupDomain, $HTTP_POST_VARS, $login_msg;
-      if (isset($FormLogout)) {
-        setcookie("SetupPW");  // scrub the old one
-        setcookie("SetupDomain");  // scrub the old one
-        $login_msg = "You have sucessfully logged out";
+      global $phpgw_domain, $FormHeaderPW, $FormHeaderLogout,$HTTP_POST_VARS, $header_login_msg;
+      if (isset($FormHeaderLogout)) {
+        setcookie("HeaderPW");  // scrub the old one
+        $header_login_msg = "You have sucessfully logged out";
         return False;
-      } elseif (isset($SetupPW)) {
-        if ($SetupPW != $phpgw_domain[$SetupDomain]["config_passwd"]) {
+      } elseif (isset($HeaderPW)) {
+        if ($HeaderPW != $phpgw_info["server"]["header_admin_password"]) {
           setcookie("SetupPW");  // scrub the old one
           setcookie("SetupDomain");  // scrub the old one
-          $login_msg = "Invalid session cookie (cookies must be enabled)";
+          setcookie("HeaderPW");  // scrub the old one
+          $header_login_msg = "Invalid session cookie (cookies must be enabled)";
           return False;
         }else{
           return True;
         }
-      } elseif (isset($FormPW)) {
-        if ($FormPW == $phpgw_domain[$FormDomain]["config_passwd"]) {
-          setcookie("SetupPW",$FormPW);
-          setcookie("SetupDomain",$FormDomain);
-          $SetupDomain = $FormDomain;
+      } elseif (isset($FormHeaderPW)) {
+        if ($FormHeaderPW == $phpgw_info["server"]["header_admin_password"]) {
+          setcookie("HeaderPW",$HeaderPW);
           return True;
         }else{
-          $login_msg = "Invalid password";
+          $header_login_msg = "Invalid password";
           return False;
         }
       } else {
diff --git a/setup/index.php b/setup/index.php
index 840ba56188..5fcc93b71d 100644
--- a/setup/index.php
+++ b/setup/index.php
@@ -20,7 +20,8 @@
  
   /* processing and discovery phase */
   $phpgw_setup->check_header();
-  if ( $phpgw_info["setup"]["stage"] >= 1.3){
+//echo "phpgw_info[setup][stage]: ".$phpgw_info["setup"]["stage"]."<br>";
+  if ( $phpgw_info["setup"]["stage"] >= 1.4){
     if (!$phpgw_setup->config_auth()){
       $phpgw_setup->show_header("Please login",True);
       $phpgw_setup->loginForm($login_msg);
@@ -29,6 +30,12 @@
       $phpgw_setup->loaddb();
       $phpgw_setup->check_db();
     }
+  }else{
+    if (!$phpgw_setup->header_auth()){
+      $phpgw_setup->show_header("Header.inc.php needs updating",True);
+      $phpgw_setup->loginForm("", $header_login_msg);
+      exit;
+    }
   }
 
   switch($action){
@@ -87,9 +94,9 @@
   echo '  <tr><td align="left" WIDTH="20%" bgcolor="486591"><font color="fefefe">Step 1 - header.inc.php</td><td align="right" bgcolor="486591">&nbsp;</td></tr>';
   if ($phpgw_info["setup"]["stage"] == 1.1) {
     echo '<tr><td align="center"><img src="'.$phpgw_info["server"]["app_images"].'/incomplete.gif" alt="O" border="0"></td><td><form action="./createheader.php" method=post>You have not created your header.inc.php yet.<br> <input type=submit value="Create one now"></form></td></tr>';
-  }elseif ($phpgw_info["setup"]["stage"] == 1.2) {
+  }elseif ($phpgw_info["setup"]["stage"] == 1.2 || $phpgw_info["setup"]["stage"] == 1.3) {
     echo '<tr><td align="center"><img src="'.$phpgw_info["server"]["app_images"].'/incomplete.gif" alt="O" border="0"></td><td><form action="./createheader.php" method=post>Your header.inc.php is out of date. Please upgrade it.<br> <input type=submit value="Upgrade now"></form></td></tr>';
-  }elseif ($phpgw_info["setup"]["stage"] >= 1.3) {
+  }elseif ($phpgw_info["setup"]["stage"] >= 1.4) {
     echo '<tr><td align="center"><img src="'.$phpgw_info["server"]["app_images"].'/completed.gif" alt="X" border="0"></td><td><form action="./createheader.php" method=post>
     Your header.inc.php is in place and current.<br> <input type=submit value="Edit existing header.inc.php"></form></td></tr>';
   }