search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
security fix in master branch
[openemr.git] / setup.php
blob81d002065b64c9b551829365fb863674a6332db2
1 <?php
2 /**
3 * Installation script.
4 *
5 * Copyright (C) 2016 Roberto Vasquez <robertogagliotta@gmail.com>
6 *
7 * LICENSE: This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be usefull,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY OF FITNESS FOR A PARTICULAR PURPOSE, See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the CNU General Public License
16 * along with this program. If not, see <http://opensource.org/Licenses/gpl-license.php>;.
17 *
18 * @package OpenEMR
19 * @author Roberto Vasquez <robertogagliotta@gmail.com>
20 * @author Scott Wakefield <scott@npclinics.com.au>
21 * @link http://www.open-emr.org
22 *
23 **/
24
25 // Checks if the server's PHP version is compatible with OpenEMR:
26 require_once(dirname(__FILE__) . "/common/compatibility/Checker.php");
27
28 $response = OpenEMR\Checker::checkPhpVersion();
29 if ($response !== true) {
30 die($response);
31 }
32
33 $COMMAND_LINE = php_sapi_name() == 'cli';
34 require_once(dirname(__FILE__) . '/library/authentication/password_hashing.php');
35 require_once dirname(__FILE__) . '/library/classes/Installer.class.php';
36
37 //turn off PHP compatibility warnings
38 ini_set("session.bug_compat_warn", "off");
39
40 $state = isset($_POST["state"]) ? ($_POST["state"]) : '';
41
42 // Make this true for IPPF.
43 $ippf_specific = false;
44
45 // If this script was invoked with no site ID, then ask for one.
46 if (!$COMMAND_LINE && empty($_REQUEST['site'])) {
47 echo "<html>\n";
48 echo "<head>\n";
49 echo "<title>OpenEMR Setup Tool</title>\n";
50 echo "<link rel='stylesheet' href='interface/themes/style_blue.css'>\n";
51 echo "</head>\n";
52 echo "<body>\n";
53 echo "<p><b>Optional Site ID Selection</b></p>\n";
54 echo "<p>Most OpenEMR installations support only one site. If that is " .
55 "true for you then ignore the rest of this text and just click Continue.</p>\n";
56 echo "<p>Otherwise please enter a unique Site ID here.</p>\n";
57 echo "<p>A Site ID is a short identifier with no spaces or special " .
58 "characters other than periods or dashes. It is case-sensitive and we " .
59 "suggest sticking to lower case letters for ease of use.</p>\n";
60 echo "<p>If each site will have its own host/domain name, then use that " .
61 "name as the Site ID (e.g. www.example.com).</p>\n";
62 echo "<p>The site ID is used to identify which site you will log in to. " .
63 "If it is a hostname then it is taken from the hostname in the URL. " .
64 "Otherwise you must append \"?site=<i>siteid</i>\" to the URL used for " .
65 "logging in.</p>\n";
66 echo "<p>It is OK for one of the sites to have \"default\" as its ID. This " .
67 "is the ID that will be used if it cannot otherwise be determined.</p>\n";
68 echo "<form method='post'><input type='hidden' name='state' value='0'>" .
69 "Site ID: <input type='text' name='site' value='default'>&nbsp;" .
70 "<input type='submit' value='Continue'><br></form><br>\n";
71 echo "</body></html>\n";
72 exit();
73 }
74
75 // Support "?site=siteid" in the URL, otherwise assume "default".
76 $site_id = 'default';
77 if (!$COMMAND_LINE && !empty($_REQUEST['site'])) {
78 $site_id = trim($_REQUEST['site']);
79 }
80
81 // Die if site ID is empty or has invalid characters.
82 if (empty($site_id) || preg_match('/[^A-Za-z0-9\\-.]/', $site_id)) {
83 die("Site ID '".htmlspecialchars($site_id, ENT_NOQUOTES)."' contains invalid characters.");
84 }
85
86 //If having problems with file and directory permission
87 // checking, then can be manually disabled here.
88 $checkPermissions = true;
89
90 $installer = new Installer($_REQUEST);
91 global $OE_SITE_DIR; // The Installer sets this
92
93 $docsDirectory = "$OE_SITE_DIR/documents";
94 $billingDirectory = "$OE_SITE_DIR/edi";
95 $billingDirectory2 = "$OE_SITE_DIR/era";
96 $lettersDirectory = "$OE_SITE_DIR/letter_templates";
97 $gaclWritableDirectory = dirname(__FILE__)."/gacl/admin/templates_c";
98 $requiredDirectory1 = dirname(__FILE__)."/interface/main/calendar/modules/PostCalendar/pntemplates/compiled";
99 $requiredDirectory2 = dirname(__FILE__)."/interface/main/calendar/modules/PostCalendar/pntemplates/cache";
100
101 $zendModuleConfigFile = dirname(__FILE__)."/interface/modules/zend_modules/config/application.config.php";
102
103 //These are files and dir checked before install for
104 // correct permissions.
105 if (is_dir($OE_SITE_DIR)) {
106 $writableFileList = array($installer->conffile,$zendModuleConfigFile);
107 $writableDirList = array($docsDirectory, $billingDirectory, $billingDirectory2, $lettersDirectory, $gaclWritableDirectory, $requiredDirectory1, $requiredDirectory2);
108 } else {
109 $writableFileList = array();
110 $writableDirList = array($OE_SITES_BASE, $gaclWritableDirectory, $requiredDirectory1, $requiredDirectory2);
111 }
112
113 // Include the sqlconf file if it exists yet.
114 $config = 0;
115 if (file_exists($OE_SITE_DIR)) {
116 include_once($installer->conffile);
117 } else if ($state > 3) {
118 // State 3 should have created the site directory if it is missing.
119 die("Internal error, site directory is missing.");
120 }
121
122 ?>
123 <HTML>
124 <HEAD>
125 <TITLE>OpenEMR Setup Tool</TITLE>
126 <LINK REL=STYLESHEET HREF="interface/themes/style_sky_blue.css">
127 <link rel="shortcut icon" href="public/images/favicon.ico" />
128
129 <style>
130 .noclone { }
131 table.phpset { border-collapse:collapse; }
132 table.phpset td, table.phpset th { font-size:9pt; border:1px solid gray; padding:2px; }
133 </style>
134
135 <script type="text/javascript" src="public/assets/jquery-min-1-2-2/index.js"></script>
136
137 <script language="javascript">
138 // onclick handler for "clone database" checkbox
139 function cloneClicked() {
140 var cb = document.forms[0].clone_database;
141 $('.noclone').css('display', cb.checked ? 'none' : 'block');
142 }
143 </script>
144
145 </HEAD>
146 <BODY>
147
148 <span class="title">OpenEMR Setup</span>
149 <br><br>
150 <span class="text">
151 <?php
152 if (strtolower(ini_get('register_globals')) != 'off' && (bool) ini_get('register_globals')) {
153 echo "It appears that you have register_globals enabled in your php.ini\n" .
154 "configuration file. This causes unacceptable security risks. You must\n" .
155 "turn it off before continuing with installation.\n";
156 exit(1);
157 }
158
159 if (!extension_loaded("xml")) {
160 echo "Error: PHP XML extension missing. To continue, install PHP XML extension, then restart web server.";
161 exit(1);
162 }
163
164 if (!(extension_loaded("mysql") || extension_loaded("mysqlnd") || extension_loaded("mysqli"))) {
165 echo "Error: PHP MySQL extension missing. To continue, install and enable MySQL extension, then restart web server.";
166 exit(1);
167 }
168
169 if (!(extension_loaded("mbstring") )) {
170 echo "Error: PHP mb_string extension missing. To continue, install and enable mb_string extension, then restart web server.";
171 exit(1);
172 }
173 ?>
174
175 <?php
176 if ($state == 7) {
177 ?>
178
179 <p>Congratulations! OpenEMR is now installed.</p>
180
181 <ul>
182 <li>Access controls (php-GACL) are installed for fine-grained security, and can be administered in
183 OpenEMR's admin->acl menu.</li>
184 <li>Reviewing <?php echo $OE_SITE_DIR; ?>/config.php is a good idea. This file
185 contains some settings that you may want to change.</li>
186 <li>There's much information and many extra tools bundled within the OpenEMR installation directory.
187 Please refer to openemr/Documentation. Many forms and other useful scripts can be found at openemr/contrib.</li>
188 <li>To ensure a consistent look and feel throughout the application,
189 <a href='http://www.mozilla.org/products/firefox/'>Firefox</a> and <a href="https://www.google.com/chrome/browser/desktop/index.html">Chrome</a> are recommended. The OpenEMR development team exclusively tests with modern versions of these browsers.</li>
190 <li>The OpenEMR project home page, documentation, and forums can be found at <a href = "http://www.open-emr.org" target="_blank">http://www.open-emr.org</a></li>
191 <li>We pursue grants to help fund the future development of OpenEMR. To apply for these grants, we need to estimate how many times this program is installed and how many practices are evaluating or using this software. It would be awesome if you would email us at <a href="mailto:president@oemr.org">president@oemr.org</a> if you have installed this software. The more details about your plans with this software, the better, but even just sending us an email stating you just installed it is very helpful.</li>
192 </ul>
193 <p>
194 We recommend you print these instructions for future reference.
195 </p>
196 <?php if (empty($installer->clone_database)) {
197 echo "<p><b>The initial OpenEMR user is '".$installer->iuser."' and the password is '".$installer->iuserpass."'</b></p>";
198 echo "<p>If you edited the PHP or Apache configuration files during this installation process, then we recommend you restart your Apache server before following below OpenEMR link.</p>";
199 } ?>
200 <p>
201 <a href='./?site=<?php echo $site_id; ?>'>Click here to start using OpenEMR. </a>
202 </p>
203
204 <?php
205 exit();
206 }
207 ?>
208
209 <?php
210
211 $inst = isset($_POST["inst"]) ? ($_POST["inst"]) : '';
212
213
214 if (($config == 1) && ($state < 4)) {
215 echo "OpenEMR has already been installed. If you wish to force re-installation, then edit $installer->conffile (change the 'config' variable to 0), and re-run this script.<br>\n";
216 } else {
217 switch ($state) {
218 case 1:
219 echo "<b>Step $state</b><br><br>\n";
220 echo "Now I need to know whether you want me to create the database on my own or if you have already created the database for me to use. For me to create the database, you will need to supply the MySQL root password.\n
221 <span class='title'> <br />NOTE: clicking on \"Continue\" may delete or cause damage to data on your system. Before you continue please backup your data.</span>
222 <br><br>\n
223 <FORM METHOD='POST'>\n
224 <INPUT TYPE='HIDDEN' NAME='state' VALUE='2'>\n
225 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
226 <LABEL FOR='inst1'><INPUT TYPE='RADIO' ID='inst1' NAME='inst' VALUE='1' checked>Have setup create the database</label><br>\n
227 <LABEL FOR='inst2'><INPUT TYPE='RADIO' ID='inst2' NAME='inst' VALUE='2'>I have already created the database</label><br>\n
228 <br>\n
229 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
230 break;
231
232 case 2:
233 echo "<b>Step $state</b><br><br>\n";
234 echo "Now you need to supply the MySQL server information and path information. Detailed instructions on each item can be found in the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.
235 <br><br>\n
236 <FORM METHOD='POST'>
237 <INPUT TYPE='HIDDEN' NAME='state' VALUE='3'>
238 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
239 <INPUT TYPE='HIDDEN' NAME='inst' VALUE='$inst'>
240 <TABLE>\n
241 <TR VALIGN='TOP'><TD COLSPAN=2><font color='red'>MYSQL SERVER:</font></TD></TR>
242 <TR VALIGN='TOP'><TD><span class='text'>Server Host: </span></TD><TD><INPUT TYPE='TEXT' VALUE='localhost' NAME='server' SIZE='30'></TD><TD><span class='text'>(If you run MySQL and Apache/PHP on the same computer, then leave this as 'localhost'. If they are on separate computers, then enter the IP address of the computer running MySQL.)</span><br></TD></TR>
243 <TR VALIGN='TOP'><TD><span class='text'>Server Port: </span></TD><TD><INPUT TYPE='TEXT' VALUE='3306' NAME='port' SIZE='30'></TD><TD><span class='text'>(This is the MySQL port. The default port for MySQL is 3306.)</span><br></TD></TR>
244 <TR VALIGN='TOP'><TD><span class='text'>Database Name: </span></TD><TD><INPUT TYPE='TEXT' VALUE='openemr' NAME='dbname' SIZE='30'></TD><TD><span class='text'>(This is the name of the OpenEMR database in MySQL - 'openemr' is the recommended)</span><br></TD></TR>
245 <TR VALIGN='TOP'><TD><span class='text'>Login Name: </span></TD><TD><INPUT TYPE='TEXT' VALUE='openemr' NAME='login' SIZE='30'></TD><TD><span class='text'>(This is the name of the OpenEMR login name in MySQL - 'openemr' is the recommended)</span><br></TD></TR>
246 <TR VALIGN='TOP'><TD><span class='text'>Password: </span></TD><TD><INPUT TYPE='PASSWORD' VALUE='' NAME='pass' SIZE='30'></TD><TD><span class='text'>(This is the Login Password for when PHP accesses MySQL - it should be at least 8 characters long and composed of both numbers and letters)</span><br></TD></TR>\n";
247 if ($inst != 2) {
248 echo "<TR VALIGN='TOP'><TD><span class='text'>Name for Root Account: </span></TD><TD><INPUT TYPE='TEXT' VALUE='root' NAME='root' SIZE='30'></TD><TD><span class='text'>(This is name for MySQL root account. For localhost, it is usually ok to leave it 'root'.)</span><br></TD></TR>
249 <TR VALIGN='TOP'><TD><span class='text'>Root Pass: </span></TD><TD><INPUT TYPE='PASSWORD' VALUE='' NAME='rootpass' SIZE='30'></TD><TD><span class='text'>(This is your MySQL root password. For localhost, it is usually ok to leave it blank.)</span><br></TD></TR>\n";
250 echo "<TR VALIGN='TOP'><TD><span class='text'>User Hostname: </span></TD><TD><INPUT TYPE='TEXT' VALUE='localhost' NAME='loginhost' SIZE='30'></TD><TD><span class='text'>(If you run Apache/PHP and MySQL on the same computer, then leave this as 'localhost'. If they are on separate computers, then enter the IP address of the computer running Apache/PHP.)</span><br></TD></TR>";
251 echo "<TR VALIGN='TOP'><TD><span class='text'>UTF-8 Collation: </span></TD><TD colspan='2'>" .
252 "<select name='collate'>" .
253 "<option value='utf8_bin' >Bin</option>" .
254 "<option value='utf8_czech_ci' >Czech</option>" .
255 "<option value='utf8_danish_ci' >Danish</option>" .
256 "<option value='utf8_esperanto_ci' >Esperanto</option>" .
257 "<option value='utf8_estonian_ci' >Estonian</option>" .
258 "<option value='utf8_general_ci' selected>General</option>" .
259 "<option value='utf8_hungarian_ci' >Hungarian</option>" .
260 "<option value='utf8_icelandic_ci' >Icelandic</option>" .
261 "<option value='utf8_latvian_ci' >Latvian</option>" .
262 "<option value='utf8_lithuanian_ci'>Lithuanian</option>" .
263 "<option value='utf8_persian_ci' >Persian</option>" .
264 "<option value='utf8_polish_ci' >Polish</option>" .
265 "<option value='utf8_roman_ci' >Roman</option>" .
266 "<option value='utf8_romanian_ci' >Romanian</option>" .
267 "<option value='utf8_slovak_ci' >Slovak</option>" .
268 "<option value='utf8_slovenian_ci' >Slovenian</option>" .
269 "<option value='utf8_spanish2_ci' >Spanish2 (Traditional)</option>" .
270 "<option value='utf8_spanish_ci' >Spanish (Modern)</option>" .
271 "<option value='utf8_swedish_ci' >Swedish</option>" .
272 "<option value='utf8_turkish_ci' >Turkish</option>" .
273 "<option value='utf8_unicode_ci' >Unicode (German, French, Russian, Armenian, Greek)</option>" .
274 "<option value='' >None (Do not force UTF-8)</option>" .
275 "</select>" .
276 "</TD></TR><TR VALIGN='TOP'><TD>&nbsp;</TD><TD colspan='2'><span class='text'>(This is the collation setting for mysql. Leave as 'General' if you are not sure. If the language you are planning to use in OpenEMR is in the menu, then you can select it. Otherwise, just select 'General'.)</span><br></TD></TR>";
277 }
278
279 echo "<TR VALIGN='TOP'><TD>&nbsp;</TD></TR>";
280
281 // Include a "source" site ID drop-list and a checkbox to indicate
282 // if cloning its database. When checked, do not display initial user
283 // and group stuff below.
284 $dh = opendir($OE_SITES_BASE);
285 if (!$dh) {
286 die("Cannot read directory '$OE_SITES_BASE'.");
287 }
288
289 $siteslist = array();
290 while (false !== ($sfname = readdir($dh))) {
291 if (substr($sfname, 0, 1) == '.') {
292 continue;
293 }
294
295 if ($sfname == 'CVS') {
296 continue;
297 }
298
299 if ($sfname == $site_id) {
300 continue;
301 }
302
303 $sitedir = "$OE_SITES_BASE/$sfname";
304 if (!is_dir($sitedir)) {
305 continue;
306 }
307
308 if (!is_file("$sitedir/sqlconf.php")) {
309 continue;
310 }
311
312 $siteslist[$sfname] = $sfname;
313 }
314
315 closedir($dh);
316 // If this is not the first site...
317 if (!empty($siteslist)) {
318 ksort($siteslist);
319 echo "<tr valign='top'>\n";
320 echo " <td class='text'>Source Site: </td>\n";
321 echo " <td class='text'><select name='source_site_id'>";
322 foreach ($siteslist as $sfname) {
323 echo "<option value='$sfname'";
324 if ($sfname == 'default') {
325 echo " selected";
326 }
327
328 echo ">$sfname</option>";
329 }
330
331 echo "</select></td>\n";
332 echo " <td class='text'>(The site directory that will be a model for the new site.)</td>\n";
333 echo "</tr>\n";
334 echo "<tr valign='top'>\n";
335 echo " <td class='text'>Clone Source Database: </td>\n";
336 echo " <td class='text'><input type='checkbox' name='clone_database' onclick='cloneClicked()' /></td>\n";
337 echo " <td class='text'>(Clone the source site's database instead of creating a fresh one.)</td>\n";
338 echo "</tr>\n";
339 }
340
341 echo "<TR VALIGN='TOP' class='noclone'><TD COLSPAN=2><font color='red'>OPENEMR USER:</font></TD></TR>";
342 echo "<TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iuser' VALUE='admin'></TD><TD><span class='text'>(This is the login name of user that will be created for you. Limit this to one word.)</span></TD></TR>
343 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User Password:</span></TD><TD><INPUT SIZE='30' TYPE='PASSWORD' NAME='iuserpass' VALUE=''></TD><TD><span class='text'>(This is the password for the initial user account above.)</span></TD></TR>
344 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User's First Name:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iufname' VALUE='Administrator'></TD><TD><span class='text'>(This is the First name of the 'initial user'.)</span></TD></TR>
345 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User's Last Name:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iuname' VALUE='Administrator'></TD><TD><span class='text'>(This is the Last name of the 'initial user'.)</span></TD></TR>
346 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial Group:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='igroup' VALUE='Default'></TD><TD><span class='text'>(This is the group that will be created for your users. This should be the name of your practice.)</span></TD></TR>
347 ";
348 echo "<TR VALIGN='TOP'><TD>&nbsp;</TD></TR>";
349
350 echo "</TABLE>
351 <br>
352 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>";
353 break;
354
355 case 3:
356 // Form Validation
357 // (applicable if not cloning from another database)
358
359 $pass_step2_validation = true;
360 $error_step2_message = "ERROR at ";
361
362 if (! $installer->char_is_valid($_REQUEST['server'])) {
363 $pass_step2_validation = false;
364 $error_step2_message .= "Database Server Host, ";
365 }
366
367 if (! $installer->char_is_valid($_REQUEST['port'])) {
368 $pass_step2_validation = false;
369 $error_step2_message .= "Database Server Port, ";
370 }
371
372 if (! $installer->char_is_valid($_REQUEST['dbname'])) {
373 $pass_step2_validation = false;
374 $error_step2_message .= "Database Name, ";
375 }
376
377 if (! $installer->char_is_valid($_REQUEST['login'])) {
378 $pass_step2_validation = false;
379 $error_step2_message .= "Database Login Name, ";
380 }
381
382 if (! $installer->char_is_valid($_REQUEST['pass'])) {
383 $pass_step2_validation = false;
384 $error_step2_message .= "Database Login Password, ";
385 }
386
387 if (!$pass_step2_validation) {
388 die($error_step2_message);
389 }
390
391
392 if (empty($installer->clone_database)) {
393 if (! $installer->login_is_valid()) {
394 echo "ERROR. Please pick a proper 'Login Name'.<br>\n";
395 echo "Click Back in browser to re-enter.<br>\n";
396 break;
397 }
398
399 if (! $installer->iuser_is_valid()) {
400 echo "ERROR. The 'Initial User' field can only contain one word and no spaces.<br>\n";
401 echo "Click Back in browser to re-enter.<br>\n";
402 break;
403 }
404
405 if (! $installer->user_password_is_valid()) {
406 echo "ERROR. Please pick a proper 'Initial User Password'.<br>\n";
407 echo "Click Back in browser to re-enter.<br>\n";
408 break;
409 }
410 }
411
412 if (! $installer->password_is_valid()) {
413 echo "ERROR. Please pick a proper 'Password'.<br>\n";
414 echo "Click Back in browser to re-enter.<br>\n";
415 break;
416 }
417
418 echo "<b>Step $state</b><br><br>\n";
419 echo "Configuring OpenEMR...<br><br>\n";
420
421 // Skip below if database shell has already been created.
422 if ($inst != 2) {
423 echo "Connecting to MySQL Server...\n";
424 flush();
425 if (! $installer->root_database_connection()) {
426 echo "ERROR. Check your login credentials.\n";
427 echo $installer->error_message;
428 break;
429 } else {
430 echo "OK.<br>\n";
431 flush();
432 }
433 }
434
435 // Only pertinent if cloning another installation database
436 if (! empty($installer->clone_database)) {
437 echo "Dumping source database...";
438 flush();
439 if (! $installer->create_dumpfiles()) {
440 echo $installer->error_message;
441 break;
442 } else {
443 echo " OK.<br>\n";
444 flush();
445 }
446 }
447
448 // Only pertinent if mirroring another installation directory
449 if (! empty($installer->source_site_id)) {
450 echo "Creating site directory...";
451 if (! $installer->create_site_directory()) {
452 echo $installer->error_message;
453 break;
454 } else {
455 echo "OK.<BR>";
456 flush();
457 }
458 }
459
460 // Skip below if database shell has already been created.
461 if ($inst != 2) {
462 echo "Creating database...\n";
463 flush();
464 if (! $installer->create_database()) {
465 echo "ERROR. Check your login credentials.\n";
466 echo $installer->error_message;
467 break;
468 } else {
469 echo "OK.<br>\n";
470 flush();
471 }
472
473 echo "Creating user with permissions for database...\n";
474 flush();
475 if (! $installer->grant_privileges()) {
476 echo "ERROR when granting privileges to the specified user.\n";
477 echo $installer->error_message;
478 break;
479 } else {
480 echo "OK.<br>\n";
481 flush();
482 }
483
484 echo "Reconnecting as new user...\n";
485 flush();
486 $installer->disconnect();
487 } else {
488 echo "Connecting to MySQL Server...\n";
489 }
490
491 if (! $installer->user_database_connection()) {
492 echo "ERROR. Check your login credentials.\n";
493 echo $installer->error_message;
494 break;
495 } else {
496 echo "OK.<br>\n";
497 flush();
498 }
499
500 // Load the database files
501 $dump_results = $installer->load_dumpfiles();
502 if (! $dump_results) {
503 echo $installer->error_message;
504 break;
505 } else {
506 echo $dump_results;
507 flush();
508 }
509
510 echo "Writing SQL configuration...\n";
511 flush();
512 if (! $installer->write_configuration_file()) {
513 echo $installer->error_message;
514 break;
515 } else {
516 echo "OK.<br>\n";
517 flush();
518 }
519
520 // Only pertinent if not cloning another installation database
521 if (empty($installer->clone_database)) {
522 echo "Setting version indicators...\n";
523 flush();
524 if (! $installer->add_version_info()) {
525 echo "ERROR.\n";
526 echo $installer->error_message;
527 ;
528 break;
529 } else {
530 echo "OK<br>\n";
531 flush();
532 }
533
534 echo "Writing global configuration defaults...\n";
535 flush();
536 if (! $installer->insert_globals()) {
537 echo "ERROR.\n";
538 echo $installer->error_message;
539 ;
540 break;
541 } else {
542 echo "OK<br>\n";
543 flush();
544 }
545
546 echo "Adding Initial User...\n";
547 flush();
548 if (! $installer->add_initial_user()) {
549 echo $installer->error_message;
550 break;
551 }
552
553 echo "OK<br>\n";
554 flush();
555 }
556
557 if (! empty($installer->clone_database)) {
558 // Database was cloned, skip ACL setup.
559 echo "Click 'continue' for further instructions.";
560 $next_state = 7;
561 } else {
562 echo "\n<br>Next step will install and configure access controls (php-GACL).<br>\n";
563 $next_state = 4;
564 }
565
566 echo "
567 <FORM METHOD='POST'>\n
568 <INPUT TYPE='HIDDEN' NAME='state' VALUE='$next_state'>
569 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
570 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>
571 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>
572 <INPUT TYPE='HIDDEN' NAME='iuname' VALUE='$installer->iuname'>
573 <INPUT TYPE='HIDDEN' NAME='iufname' VALUE='$installer->iufname'>
574 <INPUT TYPE='HIDDEN' NAME='clone_database' VALUE='$installer->clone_database'>
575 <br>\n
576 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
577
578 break;
579 case 4:
580 echo "<b>Step $state</b><br><br>\n";
581 echo "Installing and Configuring Access Controls (php-GACL)...<br><br>";
582
583 if (! $installer->install_gacl()) {
584 echo $installer->error_message;
585 break;
586 } else {
587 // display the status information for gacl setup
588 echo $installer->debug_message;
589 }
590
591 echo "Gave the '$installer->iuser' user (password is '$installer->iuserpass') administrator access.<br><br>";
592
593 echo "Done installing and configuring access controls (php-GACL).<br>";
594 echo "Next step will configure PHP.";
595
596 echo "<br><FORM METHOD='POST'>\n
597 <INPUT TYPE='HIDDEN' NAME='state' VALUE='5'>\n
598 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
599 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
600 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
601 <br>\n
602 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
603
604 break;
605
606 case 5:
607 echo "<b>Step $state</b><br><br>\n";
608 echo "Configuration of PHP...<br><br>\n";
609 echo "We recommend making the following changes to your PHP installation, which can normally be done by editing the php.ini configuration file:\n";
610 echo "<ul>";
611 $gotFileFlag = 0;
612 if (version_compare(PHP_VERSION, '5.2.4', '>=')) {
613 $phpINIfile = php_ini_loaded_file();
614 if ($phpINIfile) {
615 echo "<li><font color='green'>Your php.ini file can be found at ".$phpINIfile."</font></li>\n";
616 $gotFileFlag = 1;
617 }
618 }
619
620 echo "<li>","To ensure proper functioning of OpenEMR you must make sure that PHP settings include:";
621 echo "<table class='phpset'><tr><th>Setting</th><th>Required value</th><th>Current value</th></tr>";
622 echo "<tr><td>short_open_tag </td><td>Off</td><td>", ini_get('short_open_tag')?'On':'Off', "</td></tr>\n";
623 echo "<tr><td>display_errors </td><td>Off</td><td>", ini_get('display_errors')?'On':'Off', "</td></tr>\n";
624 echo "<tr><td>register_globals </td><td>Off</td><td>", ini_get('register_globals')?'On':'Off', "</td></tr>\n";
625 echo "<tr><td>max_input_vars </td><td>at least 3000</td><td>", ini_get('max_input_vars'), "</td></tr>\n";
626 echo "<tr><td>max_execution_time </td><td>at least 60</td><td>", ini_get('max_execution_time'), "</td></tr>\n";
627 echo "<tr><td>max_input_time </td><td>at least 90</td><td>", ini_get('max_input_time'), "</td></tr>\n";
628 echo "<tr><td>post_max_size </td><td>at least 30M</td><td>", ini_get('post_max_size'), "</td></tr>\n";
629 echo "<tr><td>memory_limit </td><td>at least 128M</td><td>", ini_get('memory_limit'), "</td></tr>\n";
630 echo "</table>";
631 echo "</li>";
632
633 echo "<li>In order to take full advantage of the patient documents capability you must make sure that settings in php.ini file include \"file_uploads = On\", that \"upload_max_filesize\" is appropriate for your use and that \"upload_tmp_dir\" is set to a correct value that will work on your system.</li>\n";
634 if (!$gotFileFlag) {
635 echo "<li>If you are having difficulty finding your php.ini file, then refer to the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual for suggestions.</li>\n";
636 }
637
638 echo "</ul>";
639
640 echo "<br>We recommend you print these instructions for future reference.<br><br>";
641 echo "Next step will configure Apache web server.";
642
643 echo "<br><FORM METHOD='POST'>\n
644 <INPUT TYPE='HIDDEN' NAME='state' VALUE='6'>\n
645 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
646 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
647 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
648 <br>\n
649 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
650
651 break;
652
653 case 6:
654 echo "<b>Step $state</b><br><br>\n";
655 echo "Configuration of Apache web server...<br><br>\n";
656 echo "The \"".preg_replace("/${site_id}/", "*", realpath($docsDirectory))."\", \"".preg_replace("/${site_id}/", "*", realpath($billingDirectory))."\" and \"".preg_replace("/${site_id}/", "*", realpath($billingDirectory2))."\" directories contain patient information, and
657 it is important to secure these directories. Additionally, some settings are required for the Zend Framework to work in OpenEMR. This can be done by pasting the below to end of your apache configuration file:<br>
658 &nbsp;&nbsp;&lt;Directory \"".realpath(dirname(__FILE__))."\"&gt;<br>
659 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AllowOverride FileInfo<br>
660 &nbsp;&nbsp;&lt;/Directory&gt;<br>
661 &nbsp;&nbsp;&lt;Directory \"".realpath(dirname(__FILE__))."/sites\"&gt;<br>
662 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AllowOverride None<br>
663 &nbsp;&nbsp;&lt;/Directory&gt;<br>
664 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/", "*", realpath($docsDirectory))."\"&gt;<br>
665 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
666 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
667 &nbsp;&nbsp;&lt;/Directory&gt;<br>
668 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/", "*", realpath($billingDirectory))."\"&gt;<br>
669 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
670 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
671 &nbsp;&nbsp;&lt;/Directory&gt;<br>
672 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/", "*", realpath($billingDirectory2))."\"&gt;<br>
673 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
674 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
675 &nbsp;&nbsp;&lt;/Directory&gt;<br><br>";
676
677 echo "If you are having difficulty finding your apache configuration file, then refer to the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual for suggestions.<br><br>\n";
678 echo "<br>We recommend you print these instructions for future reference.<br><br>";
679 echo "Click 'continue' for further instructions.";
680
681 echo "<br><FORM METHOD='POST'>\n
682 <INPUT TYPE='HIDDEN' NAME='state' VALUE='7'>\n
683 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
684 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
685 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
686 <br>\n
687 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
688
689 break;
690
691 case 0:
692 default:
693 echo "<p>Welcome to OpenEMR. This utility will step you through the installation and configuration of OpenEMR for your practice.</p>\n";
694 echo "<ul><li>Before proceeding, be sure that you have a properly installed and configured MySQL server available, and a PHP configured webserver.</li>\n";
695
696 echo "<li>Detailed installation instructions can be found in the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.</li>\n";
697
698 echo "<li>If you are upgrading from a previous version, do NOT use this script. Please read the 'Upgrading' section found in the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.</li></ul>";
699
700 if ($checkPermissions) {
701 echo "<p>We will now ensure correct file and directory permissions before starting installation:</p>\n";
702 echo "<FONT COLOR='green'>Ensuring following files are world-writable...</FONT><br>\n";
703 $errorWritable = 0;
704 foreach ($writableFileList as $tempFile) {
705 if (is_writable($tempFile)) {
706 echo "'".realpath($tempFile)."' file is <FONT COLOR='green'><b>ready</b></FONT>.<br>\n";
707 } else {
708 echo "<p><FONT COLOR='red'>UNABLE</FONT> to open file '".realpath($tempFile)."' for writing.<br>\n";
709 echo "(configure file permissions; see below for further instructions)</p>\n";
710 $errorWritable = 1;
711 }
712 }
713
714 if ($errorWritable) {
715 echo "<p><FONT COLOR='red'>You can't proceed until all above files are ready (world-writable).</FONT><br>\n";
716 echo "In linux, recommend changing file permissions with the 'chmod 666 filename' command.<br>\n";
717 echo "Fix above file permissions and then click the 'Check Again' button to re-check files.<br>\n";
718 echo "<FORM METHOD='POST'><INPUT TYPE='SUBMIT' VALUE='Check Again'></p>" .
719 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'></FORM><br>\n";
720 break;
721 }
722
723 echo "<br><FONT COLOR='green'>Ensuring following directories have proper permissions...</FONT><br>\n";
724 $errorWritable = 0;
725 foreach ($writableDirList as $tempDir) {
726 if (is_writable($tempDir)) {
727 echo "'".realpath($tempDir)."' directory is <FONT COLOR='green'><b>ready</b></FONT>.<br>\n";
728 } else {
729 echo "<p><FONT COLOR='red'>UNABLE</FONT> to open directory '".realpath($tempDir)."' for writing by web server.<br>\n";
730 echo "(configure directory permissions; see below for further instructions)</p>\n";
731 $errorWritable = 1;
732 }
733 }
734
735 if ($errorWritable) {
736 echo "<p><FONT COLOR='red'>You can't proceed until all directories are ready.</FONT><br>\n";
737 echo "In linux, recommend changing owners of these directories to the web server. For example, in many linux OS's the web server user is 'apache', 'nobody', or 'www-data'. So if 'apache' were the web server user name, could use the command 'chown -R apache:apache directory_name' command.<br>\n";
738 echo "Fix above directory permissions and then click the 'Check Again' button to re-check directories.<br>\n";
739 echo "<FORM METHOD='POST'><INPUT TYPE='SUBMIT' VALUE='Check Again'></p>" .
740 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'></FORM><br>\n";
741 break;
742 }
743
744 echo "<br>All required files and directories have been verified. Click to continue installation.<br>\n";
745 } else {
746 echo "<br>Click to continue installation.<br>\n";
747 }
748
749 echo "<FORM METHOD='POST'><INPUT TYPE='HIDDEN' NAME='state' VALUE='1'>" .
750 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>" .
751 "<INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>";
752 }
753 }
754 ?>
755
756 </span>
757
758 </BODY>
759 </HTML>
Mirror of official OpenEMR Sourceforge repository