search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
security stuff
[openemr.git] / setup.php
blob0ef3d03a99e52a5668a9089a84492baf5a38c123
1 <?php
2 /**
3 * Installation script.
4 *
5 * Copyright (C) 2016 Roberto Vasquez <robertogagliotta@gmail.com>
6 *
7 * LICENSE: This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be usefull,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY OF FITNESS FOR A PARTICULAR PURPOSE, See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the CNU General Public License
16 * along with this program. If not, see <http://opensource.org/Licenses/gpl-license.php>;.
17 *
18 * @package OpenEMR
19 * @author Roberto Vasquez <robertogagliotta@gmail.com>
20 * @author Scott Wakefield <scott@npclinics.com.au>
21 * @link http://www.open-emr.org
22 *
23 **/
24
25 // Warning. If you set $allow_cloning_setup to true, this is a potential security vulnerability.
26 // Recommend setting it back to false (or removing this setup.php script entirely) after you
27 // are done with the cloning setup procedure.
28 $allow_cloning_setup = false;
29 if (!$allow_cloning_setup && !empty($_REQUEST['clone_database'])) {
30 die("To turn on support for cloning setup, need to edit this script and change \$allow_cloning_setup to true. After you are done setting up the cloning, ensure you change \$allow_cloning_setup back to false or remove this script altogether");
31 }
32
33 // Checks if the server's PHP version is compatible with OpenEMR:
34 require_once(dirname(__FILE__) . "/common/compatibility/Checker.php");
35
36 use OpenEMR\Common\Checker;
37
38 $response = Checker::checkPhpVersion();
39 if ($response !== true) {
40 die($response);
41 }
42
43 $COMMAND_LINE = php_sapi_name() == 'cli';
44 require_once(dirname(__FILE__) . '/library/authentication/password_hashing.php');
45 require_once dirname(__FILE__) . '/library/classes/Installer.class.php';
46
47 //turn off PHP compatibility warnings
48 ini_set("session.bug_compat_warn", "off");
49
50 $state = isset($_POST["state"]) ? ($_POST["state"]) : '';
51
52 // Make this true for IPPF.
53 $ippf_specific = false;
54
55 // If this script was invoked with no site ID, then ask for one.
56 if (!$COMMAND_LINE && empty($_REQUEST['site'])) {
57 echo "<html>\n";
58 echo "<head>\n";
59 echo "<title>OpenEMR Setup Tool</title>\n";
60 echo "<link rel='stylesheet' href='interface/themes/style_blue.css'>\n";
61 echo "</head>\n";
62 echo "<body>\n";
63 echo "<p><b>Optional Site ID Selection</b></p>\n";
64 echo "<p>Most OpenEMR installations support only one site. If that is " .
65 "true for you then ignore the rest of this text and just click Continue.</p>\n";
66 echo "<p>Otherwise please enter a unique Site ID here.</p>\n";
67 echo "<p>A Site ID is a short identifier with no spaces or special " .
68 "characters other than periods or dashes. It is case-sensitive and we " .
69 "suggest sticking to lower case letters for ease of use.</p>\n";
70 echo "<p>If each site will have its own host/domain name, then use that " .
71 "name as the Site ID (e.g. www.example.com).</p>\n";
72 echo "<p>The site ID is used to identify which site you will log in to. " .
73 "If it is a hostname then it is taken from the hostname in the URL. " .
74 "Otherwise you must append \"?site=<i>siteid</i>\" to the URL used for " .
75 "logging in.</p>\n";
76 echo "<p>It is OK for one of the sites to have \"default\" as its ID. This " .
77 "is the ID that will be used if it cannot otherwise be determined.</p>\n";
78 echo "<form method='post'><input type='hidden' name='state' value='0'>" .
79 "Site ID: <input type='text' name='site' value='default'>&nbsp;" .
80 "<input type='submit' value='Continue'><br></form><br>\n";
81 echo "</body></html>\n";
82 exit();
83 }
84
85 // Support "?site=siteid" in the URL, otherwise assume "default".
86 $site_id = 'default';
87 if (!$COMMAND_LINE && !empty($_REQUEST['site'])) {
88 $site_id = trim($_REQUEST['site']);
89 }
90
91 // Die if site ID is empty or has invalid characters.
92 if (empty($site_id) || preg_match('/[^A-Za-z0-9\\-.]/', $site_id)) {
93 die("Site ID '".htmlspecialchars($site_id, ENT_NOQUOTES)."' contains invalid characters.");
94 }
95
96 //If having problems with file and directory permission
97 // checking, then can be manually disabled here.
98 $checkPermissions = true;
99
100 $installer = new Installer($_REQUEST);
101 global $OE_SITE_DIR; // The Installer sets this
102
103 $docsDirectory = "$OE_SITE_DIR/documents";
104 $billingDirectory = "$OE_SITE_DIR/edi";
105 $billingDirectory2 = "$OE_SITE_DIR/era";
106 $lettersDirectory = "$OE_SITE_DIR/letter_templates";
107 $gaclWritableDirectory = dirname(__FILE__)."/gacl/admin/templates_c";
108 $requiredDirectory1 = dirname(__FILE__)."/interface/main/calendar/modules/PostCalendar/pntemplates/compiled";
109 $requiredDirectory2 = dirname(__FILE__)."/interface/main/calendar/modules/PostCalendar/pntemplates/cache";
110
111 $zendModuleConfigFile = dirname(__FILE__)."/interface/modules/zend_modules/config/application.config.php";
112
113 //These are files and dir checked before install for
114 // correct permissions.
115 if (is_dir($OE_SITE_DIR)) {
116 $writableFileList = array($installer->conffile,$zendModuleConfigFile);
117 $writableDirList = array($docsDirectory, $billingDirectory, $billingDirectory2, $lettersDirectory, $gaclWritableDirectory, $requiredDirectory1, $requiredDirectory2);
118 } else {
119 $writableFileList = array();
120 $writableDirList = array($OE_SITES_BASE, $gaclWritableDirectory, $requiredDirectory1, $requiredDirectory2);
121 }
122
123 // Include the sqlconf file if it exists yet.
124 $config = 0;
125 if (file_exists($OE_SITE_DIR)) {
126 include_once($installer->conffile);
127 } else if ($state > 3) {
128 // State 3 should have created the site directory if it is missing.
129 die("Internal error, site directory is missing.");
130 }
131
132 ?>
133 <HTML>
134 <HEAD>
135 <TITLE>OpenEMR Setup Tool</TITLE>
136 <LINK REL=STYLESHEET HREF="interface/themes/style_blue.css">
137 <link rel="shortcut icon" href="public/images/favicon.ico" />
138
139 <style>
140 .noclone { }
141 table.phpset { border-collapse:collapse; }
142 table.phpset td, table.phpset th { font-size:9pt; border:1px solid gray; padding:2px; }
143 </style>
144
145 <script type="text/javascript" src="public/assets/jquery-min-1-2-2/index.js"></script>
146
147 <script language="javascript">
148 // onclick handler for "clone database" checkbox
149 function cloneClicked() {
150 var cb = document.forms[0].clone_database;
151 $('.noclone').css('display', cb.checked ? 'none' : 'block');
152 }
153 </script>
154
155 </HEAD>
156 <BODY>
157
158 <span class="title">OpenEMR Setup</span>
159 <br><br>
160 <span class="text">
161 <?php
162 if (strtolower(ini_get('register_globals')) != 'off' && (bool) ini_get('register_globals')) {
163 echo "It appears that you have register_globals enabled in your php.ini\n" .
164 "configuration file. This causes unacceptable security risks. You must\n" .
165 "turn it off before continuing with installation.\n";
166 exit(1);
167 }
168
169 if (!extension_loaded("xml")) {
170 echo "Error: PHP XML extension missing. To continue, install PHP XML extension, then restart web server.";
171 exit(1);
172 }
173
174 if (!(extension_loaded("mysql") || extension_loaded("mysqlnd") || extension_loaded("mysqli"))) {
175 echo "Error: PHP MySQL extension missing. To continue, install and enable MySQL extension, then restart web server.";
176 exit(1);
177 }
178
179 if (!(extension_loaded("mbstring") )) {
180 echo "Error: PHP mb_string extension missing. To continue, install and enable mb_string extension, then restart web server.";
181 exit(1);
182 }
183 ?>
184
185 <?php
186 if ($state == 7) {
187 ?>
188
189 <p>Congratulations! OpenEMR is now installed.</p>
190
191 <ul>
192 <li>Access controls (php-GACL) are installed for fine-grained security, and can be administered in
193 OpenEMR's admin->acl menu.</li>
194 <li>Reviewing <?php echo $OE_SITE_DIR; ?>/config.php is a good idea. This file
195 contains some settings that you may want to change.</li>
196 <li>There's much information and many extra tools bundled within the OpenEMR installation directory.
197 Please refer to openemr/Documentation. Many forms and other useful scripts can be found at openemr/contrib.</li>
198 <li>To ensure a consistent look and feel throughout the application,
199 <a href='http://www.mozilla.org/products/firefox/'>Firefox</a> and <a href="https://www.google.com/chrome/browser/desktop/index.html">Chrome</a> are recommended. The OpenEMR development team exclusively tests with modern versions of these browsers.</li>
200 <li>The OpenEMR project home page, documentation, and forums can be found at <a href = "http://www.open-emr.org" target="_blank">http://www.open-emr.org</a></li>
201 <li>We pursue grants to help fund the future development of OpenEMR. To apply for these grants, we need to estimate how many times this program is installed and how many practices are evaluating or using this software. It would be awesome if you would email us at <a href="mailto:president@oemr.org">president@oemr.org</a> if you have installed this software. The more details about your plans with this software, the better, but even just sending us an email stating you just installed it is very helpful.</li>
202 </ul>
203 <p>
204 We recommend you print these instructions for future reference.
205 </p>
206 <?php if (empty($installer->clone_database)) {
207 echo "<p><b>The initial OpenEMR user is '".$installer->iuser."' and the password is '".$installer->iuserpass."'</b></p>";
208 echo "<p>If you edited the PHP or Apache configuration files during this installation process, then we recommend you restart your Apache server before following below OpenEMR link.</p>";
209 } ?>
210 <p>
211 <a href='./?site=<?php echo $site_id; ?>'>Click here to start using OpenEMR. </a>
212 </p>
213
214 <?php
215 exit();
216 }
217 ?>
218
219 <?php
220
221 $inst = isset($_POST["inst"]) ? ($_POST["inst"]) : '';
222
223
224 if (($config == 1) && ($state < 4)) {
225 echo "OpenEMR has already been installed. If you wish to force re-installation, then edit $installer->conffile (change the 'config' variable to 0), and re-run this script.<br>\n";
226 } else {
227 switch ($state) {
228 case 1:
229 echo "<b>Step $state</b><br><br>\n";
230 echo "Now I need to know whether you want me to create the database on my own or if you have already created the database for me to use. For me to create the database, you will need to supply the MySQL root password.\n
231 <span class='title'> <br />NOTE: clicking on \"Continue\" may delete or cause damage to data on your system. Before you continue please backup your data.</span>
232 <br><br>\n
233 <FORM METHOD='POST'>\n
234 <INPUT TYPE='HIDDEN' NAME='state' VALUE='2'>\n
235 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
236 <LABEL FOR='inst1'><INPUT TYPE='RADIO' ID='inst1' NAME='inst' VALUE='1' checked>Have setup create the database</label><br>\n
237 <LABEL FOR='inst2'><INPUT TYPE='RADIO' ID='inst2' NAME='inst' VALUE='2'>I have already created the database</label><br>\n
238 <br>\n
239 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
240 break;
241
242 case 2:
243 echo "<b>Step $state</b><br><br>\n";
244 echo "Now you need to supply the MySQL server information and path information. Detailed instructions on each item can be found in the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.
245 <br><br>\n
246 <FORM METHOD='POST'>
247 <INPUT TYPE='HIDDEN' NAME='state' VALUE='3'>
248 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
249 <INPUT TYPE='HIDDEN' NAME='inst' VALUE='$inst'>
250 <TABLE>\n
251 <TR VALIGN='TOP'><TD COLSPAN=2><font color='red'>MYSQL SERVER:</font></TD></TR>
252 <TR VALIGN='TOP'><TD><span class='text'>Server Host: </span></TD><TD><INPUT TYPE='TEXT' VALUE='localhost' NAME='server' SIZE='30'></TD><TD><span class='text'>(If you run MySQL and Apache/PHP on the same computer, then leave this as 'localhost'. If they are on separate computers, then enter the IP address of the computer running MySQL.)</span><br></TD></TR>
253 <TR VALIGN='TOP'><TD><span class='text'>Server Port: </span></TD><TD><INPUT TYPE='TEXT' VALUE='3306' NAME='port' SIZE='30'></TD><TD><span class='text'>(This is the MySQL port. The default port for MySQL is 3306.)</span><br></TD></TR>
254 <TR VALIGN='TOP'><TD><span class='text'>Database Name: </span></TD><TD><INPUT TYPE='TEXT' VALUE='openemr' NAME='dbname' SIZE='30'></TD><TD><span class='text'>(This is the name of the OpenEMR database in MySQL - 'openemr' is the recommended)</span><br></TD></TR>
255 <TR VALIGN='TOP'><TD><span class='text'>Login Name: </span></TD><TD><INPUT TYPE='TEXT' VALUE='openemr' NAME='login' SIZE='30'></TD><TD><span class='text'>(This is the name of the OpenEMR login name in MySQL - 'openemr' is the recommended)</span><br></TD></TR>
256 <TR VALIGN='TOP'><TD><span class='text'>Password: </span></TD><TD><INPUT TYPE='PASSWORD' VALUE='' NAME='pass' SIZE='30'></TD><TD><span class='text'>(This is the Login Password for when PHP accesses MySQL - it should be at least 8 characters long and composed of both numbers and letters)</span><br></TD></TR>\n";
257 if ($inst != 2) {
258 echo "<TR VALIGN='TOP'><TD><span class='text'>Name for Root Account: </span></TD><TD><INPUT TYPE='TEXT' VALUE='root' NAME='root' SIZE='30'></TD><TD><span class='text'>(This is name for MySQL root account. For localhost, it is usually ok to leave it 'root'.)</span><br></TD></TR>
259 <TR VALIGN='TOP'><TD><span class='text'>Root Pass: </span></TD><TD><INPUT TYPE='PASSWORD' VALUE='' NAME='rootpass' SIZE='30'></TD><TD><span class='text'>(This is your MySQL root password. For localhost, it is usually ok to leave it blank.)</span><br></TD></TR>\n";
260 echo "<TR VALIGN='TOP'><TD><span class='text'>User Hostname: </span></TD><TD><INPUT TYPE='TEXT' VALUE='localhost' NAME='loginhost' SIZE='30'></TD><TD><span class='text'>(If you run Apache/PHP and MySQL on the same computer, then leave this as 'localhost'. If they are on separate computers, then enter the IP address of the computer running Apache/PHP.)</span><br></TD></TR>";
261 echo "<TR VALIGN='TOP'><TD><span class='text'>UTF-8 Collation: </span></TD><TD colspan='2'>" .
262 "<select name='collate'>" .
263 "<option value='utf8_bin' >Bin</option>" .
264 "<option value='utf8_czech_ci' >Czech</option>" .
265 "<option value='utf8_danish_ci' >Danish</option>" .
266 "<option value='utf8_esperanto_ci' >Esperanto</option>" .
267 "<option value='utf8_estonian_ci' >Estonian</option>" .
268 "<option value='utf8_general_ci' selected>General</option>" .
269 "<option value='utf8_hungarian_ci' >Hungarian</option>" .
270 "<option value='utf8_icelandic_ci' >Icelandic</option>" .
271 "<option value='utf8_latvian_ci' >Latvian</option>" .
272 "<option value='utf8_lithuanian_ci'>Lithuanian</option>" .
273 "<option value='utf8_persian_ci' >Persian</option>" .
274 "<option value='utf8_polish_ci' >Polish</option>" .
275 "<option value='utf8_roman_ci' >Roman</option>" .
276 "<option value='utf8_romanian_ci' >Romanian</option>" .
277 "<option value='utf8_slovak_ci' >Slovak</option>" .
278 "<option value='utf8_slovenian_ci' >Slovenian</option>" .
279 "<option value='utf8_spanish2_ci' >Spanish2 (Traditional)</option>" .
280 "<option value='utf8_spanish_ci' >Spanish (Modern)</option>" .
281 "<option value='utf8_swedish_ci' >Swedish</option>" .
282 "<option value='utf8_turkish_ci' >Turkish</option>" .
283 "<option value='utf8_unicode_ci' >Unicode (German, French, Russian, Armenian, Greek)</option>" .
284 "<option value='' >None (Do not force UTF-8)</option>" .
285 "</select>" .
286 "</TD></TR><TR VALIGN='TOP'><TD>&nbsp;</TD><TD colspan='2'><span class='text'>(This is the collation setting for mysql. Leave as 'General' if you are not sure. If the language you are planning to use in OpenEMR is in the menu, then you can select it. Otherwise, just select 'General'.)</span><br></TD></TR>";
287 }
288
289 echo "<TR VALIGN='TOP'><TD>&nbsp;</TD></TR>";
290
291 // Include a "source" site ID drop-list and a checkbox to indicate
292 // if cloning its database. When checked, do not display initial user
293 // and group stuff below.
294 $dh = opendir($OE_SITES_BASE);
295 if (!$dh) {
296 die("Cannot read directory '$OE_SITES_BASE'.");
297 }
298
299 $siteslist = array();
300 while (false !== ($sfname = readdir($dh))) {
301 if (substr($sfname, 0, 1) == '.') {
302 continue;
303 }
304
305 if ($sfname == 'CVS') {
306 continue;
307 }
308
309 if ($sfname == $site_id) {
310 continue;
311 }
312
313 $sitedir = "$OE_SITES_BASE/$sfname";
314 if (!is_dir($sitedir)) {
315 continue;
316 }
317
318 if (!is_file("$sitedir/sqlconf.php")) {
319 continue;
320 }
321
322 $siteslist[$sfname] = $sfname;
323 }
324
325 closedir($dh);
326 // If this is not the first site...
327 if (!empty($siteslist)) {
328 ksort($siteslist);
329 echo "<tr valign='top'>\n";
330 echo " <td class='text'>Source Site: </td>\n";
331 echo " <td class='text'><select name='source_site_id'>";
332 foreach ($siteslist as $sfname) {
333 echo "<option value='$sfname'";
334 if ($sfname == 'default') {
335 echo " selected";
336 }
337
338 echo ">$sfname</option>";
339 }
340
341 echo "</select></td>\n";
342 echo " <td class='text'>(The site directory that will be a model for the new site.)</td>\n";
343 echo "</tr>\n";
344 echo "<tr valign='top'>\n";
345 echo " <td class='text'>Clone Source Database: </td>\n";
346 echo " <td class='text'><input type='checkbox' name='clone_database' onclick='cloneClicked()' /></td>\n";
347 echo " <td class='text'>(Clone the source site's database instead of creating a fresh one.)</td>\n";
348 echo "</tr>\n";
349 }
350
351 echo "<TR VALIGN='TOP' class='noclone'><TD COLSPAN=2><font color='red'>OPENEMR USER:</font></TD></TR>";
352 echo "<TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iuser' VALUE='admin'></TD><TD><span class='text'>(This is the login name of user that will be created for you. Limit this to one word.)</span></TD></TR>
353 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User Password:</span></TD><TD><INPUT SIZE='30' TYPE='PASSWORD' NAME='iuserpass' VALUE=''></TD><TD><span class='text'>(This is the password for the initial user account above.)</span></TD></TR>
354 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User's First Name:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iufname' VALUE='Administrator'></TD><TD><span class='text'>(This is the First name of the 'initial user'.)</span></TD></TR>
355 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User's Last Name:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iuname' VALUE='Administrator'></TD><TD><span class='text'>(This is the Last name of the 'initial user'.)</span></TD></TR>
356 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial Group:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='igroup' VALUE='Default'></TD><TD><span class='text'>(This is the group that will be created for your users. This should be the name of your practice.)</span></TD></TR>
357 ";
358 echo "<TR VALIGN='TOP'><TD>&nbsp;</TD></TR>";
359
360 echo "</TABLE>
361 <br>
362 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>";
363 break;
364
365 case 3:
366 // Form Validation
367 // (applicable if not cloning from another database)
368
369 $pass_step2_validation = true;
370 $error_step2_message = "ERROR at ";
371
372 if (! $installer->char_is_valid($_REQUEST['server'])) {
373 $pass_step2_validation = false;
374 $error_step2_message .= "Database Server Host, ";
375 }
376
377 if (! $installer->char_is_valid($_REQUEST['port'])) {
378 $pass_step2_validation = false;
379 $error_step2_message .= "Database Server Port, ";
380 }
381
382 if (! $installer->char_is_valid($_REQUEST['dbname'])) {
383 $pass_step2_validation = false;
384 $error_step2_message .= "Database Name, ";
385 }
386
387 if (! $installer->char_is_valid($_REQUEST['login'])) {
388 $pass_step2_validation = false;
389 $error_step2_message .= "Database Login Name, ";
390 }
391
392 if (! $installer->char_is_valid($_REQUEST['pass'])) {
393 $pass_step2_validation = false;
394 $error_step2_message .= "Database Login Password, ";
395 }
396
397 if (!$pass_step2_validation) {
398 die($error_step2_message);
399 }
400
401
402 if (empty($installer->clone_database)) {
403 if (! $installer->login_is_valid()) {
404 echo "ERROR. Please pick a proper 'Login Name'.<br>\n";
405 echo "Click Back in browser to re-enter.<br>\n";
406 break;
407 }
408
409 if (! $installer->iuser_is_valid()) {
410 echo "ERROR. The 'Initial User' field can only contain one word and no spaces.<br>\n";
411 echo "Click Back in browser to re-enter.<br>\n";
412 break;
413 }
414
415 if (! $installer->user_password_is_valid()) {
416 echo "ERROR. Please pick a proper 'Initial User Password'.<br>\n";
417 echo "Click Back in browser to re-enter.<br>\n";
418 break;
419 }
420 }
421
422 if (! $installer->password_is_valid()) {
423 echo "ERROR. Please pick a proper 'Password'.<br>\n";
424 echo "Click Back in browser to re-enter.<br>\n";
425 break;
426 }
427
428 echo "<b>Step $state</b><br><br>\n";
429 echo "Configuring OpenEMR...<br><br>\n";
430
431 // Skip below if database shell has already been created.
432 if ($inst != 2) {
433 echo "Connecting to MySQL Server...\n";
434 flush();
435 if (! $installer->root_database_connection()) {
436 echo "ERROR. Check your login credentials.\n";
437 echo $installer->error_message;
438 break;
439 } else {
440 echo "OK.<br>\n";
441 flush();
442 }
443 }
444
445 // Only pertinent if cloning another installation database
446 if ($allow_cloning_setup && !empty($installer->clone_database)) {
447 echo "Dumping source database...";
448 flush();
449 if (! $installer->create_dumpfiles()) {
450 echo $installer->error_message;
451 break;
452 } else {
453 echo " OK.<br>\n";
454 flush();
455 }
456 }
457
458 // Only pertinent if mirroring another installation directory
459 if (! empty($installer->source_site_id)) {
460 echo "Creating site directory...";
461 if (! $installer->create_site_directory()) {
462 echo $installer->error_message;
463 break;
464 } else {
465 echo "OK.<BR>";
466 flush();
467 }
468 }
469
470 // Skip below if database shell has already been created.
471 if ($inst != 2) {
472 echo "Creating database...\n";
473 flush();
474 if (! $installer->create_database()) {
475 echo "ERROR. Check your login credentials.\n";
476 echo $installer->error_message;
477 break;
478 } else {
479 echo "OK.<br>\n";
480 flush();
481 }
482
483 echo "Creating user with permissions for database...\n";
484 flush();
485 if (! $installer->grant_privileges()) {
486 echo "ERROR when granting privileges to the specified user.\n";
487 echo $installer->error_message;
488 break;
489 } else {
490 echo "OK.<br>\n";
491 flush();
492 }
493
494 echo "Reconnecting as new user...\n";
495 flush();
496 $installer->disconnect();
497 } else {
498 echo "Connecting to MySQL Server...\n";
499 }
500
501 if (! $installer->user_database_connection()) {
502 echo "ERROR. Check your login credentials.\n";
503 echo $installer->error_message;
504 break;
505 } else {
506 echo "OK.<br>\n";
507 flush();
508 }
509
510 // Load the database files
511 $dump_results = $installer->load_dumpfiles();
512 if (! $dump_results) {
513 echo $installer->error_message;
514 break;
515 } else {
516 echo $dump_results;
517 flush();
518 }
519
520 echo "Writing SQL configuration...\n";
521 flush();
522 if (! $installer->write_configuration_file()) {
523 echo $installer->error_message;
524 break;
525 } else {
526 echo "OK.<br>\n";
527 flush();
528 }
529
530 // Only pertinent if not cloning another installation database
531 if (empty($installer->clone_database)) {
532 echo "Setting version indicators...\n";
533 flush();
534 if (! $installer->add_version_info()) {
535 echo "ERROR.\n";
536 echo $installer->error_message;
537 ;
538 break;
539 } else {
540 echo "OK<br>\n";
541 flush();
542 }
543
544 echo "Writing global configuration defaults...\n";
545 flush();
546 if (! $installer->insert_globals()) {
547 echo "ERROR.\n";
548 echo $installer->error_message;
549 ;
550 break;
551 } else {
552 echo "OK<br>\n";
553 flush();
554 }
555
556 echo "Adding Initial User...\n";
557 flush();
558 if (! $installer->add_initial_user()) {
559 echo $installer->error_message;
560 break;
561 }
562
563 echo "OK<br>\n";
564 flush();
565 }
566
567 if ($allow_cloning_setup && !empty($installer->clone_database)) {
568 // Database was cloned, skip ACL setup.
569 echo "Click 'continue' for further instructions.";
570 $next_state = 7;
571 } else {
572 echo "\n<br>Next step will install and configure access controls (php-GACL).<br>\n";
573 $next_state = 4;
574 }
575
576 echo "
577 <FORM METHOD='POST'>\n
578 <INPUT TYPE='HIDDEN' NAME='state' VALUE='$next_state'>
579 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
580 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>
581 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>
582 <INPUT TYPE='HIDDEN' NAME='iuname' VALUE='$installer->iuname'>
583 <INPUT TYPE='HIDDEN' NAME='iufname' VALUE='$installer->iufname'>";
584 if ($allow_cloning_setup) {
585 echo "<INPUT TYPE='HIDDEN' NAME='clone_database' VALUE='$installer->clone_database'>";
586 }
587 echo "
588 <br>\n
589 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
590
591 break;
592 case 4:
593 echo "<b>Step $state</b><br><br>\n";
594 echo "Installing and Configuring Access Controls (php-GACL)...<br><br>";
595
596 if (! $installer->install_gacl()) {
597 echo $installer->error_message;
598 break;
599 } else {
600 // display the status information for gacl setup
601 echo $installer->debug_message;
602 }
603
604 echo "Gave the '$installer->iuser' user (password is '$installer->iuserpass') administrator access.<br><br>";
605
606 echo "Done installing and configuring access controls (php-GACL).<br>";
607 echo "Next step will configure PHP.";
608
609 echo "<br><FORM METHOD='POST'>\n
610 <INPUT TYPE='HIDDEN' NAME='state' VALUE='5'>\n
611 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
612 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
613 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
614 <br>\n
615 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
616
617 break;
618
619 case 5:
620 echo "<b>Step $state</b><br><br>\n";
621 echo "Configuration of PHP...<br><br>\n";
622 echo "We recommend making the following changes to your PHP installation, which can normally be done by editing the php.ini configuration file:\n";
623 echo "<ul>";
624 $gotFileFlag = 0;
625 if (version_compare(PHP_VERSION, '5.2.4', '>=')) {
626 $phpINIfile = php_ini_loaded_file();
627 if ($phpINIfile) {
628 echo "<li><font color='green'>Your php.ini file can be found at ".$phpINIfile."</font></li>\n";
629 $gotFileFlag = 1;
630 }
631 }
632
633 echo "<li>","To ensure proper functioning of OpenEMR you must make sure that PHP settings include:";
634 echo "<table class='phpset'><tr><th>Setting</th><th>Required value</th><th>Current value</th></tr>";
635 echo "<tr><td>short_open_tag </td><td>Off</td><td>", ini_get('short_open_tag')?'On':'Off', "</td></tr>\n";
636 echo "<tr><td>display_errors </td><td>Off</td><td>", ini_get('display_errors')?'On':'Off', "</td></tr>\n";
637 echo "<tr><td>register_globals </td><td>Off</td><td>", ini_get('register_globals')?'On':'Off', "</td></tr>\n";
638 echo "<tr><td>max_input_vars </td><td>at least 3000</td><td>", ini_get('max_input_vars'), "</td></tr>\n";
639 echo "<tr><td>max_execution_time </td><td>at least 60</td><td>", ini_get('max_execution_time'), "</td></tr>\n";
640 echo "<tr><td>max_input_time </td><td>at least 90</td><td>", ini_get('max_input_time'), "</td></tr>\n";
641 echo "<tr><td>post_max_size </td><td>at least 30M</td><td>", ini_get('post_max_size'), "</td></tr>\n";
642 echo "<tr><td>memory_limit </td><td>at least 128M</td><td>", ini_get('memory_limit'), "</td></tr>\n";
643 echo "</table>";
644 echo "</li>";
645
646 echo "<li>In order to take full advantage of the patient documents capability you must make sure that settings in php.ini file include \"file_uploads = On\", that \"upload_max_filesize\" is appropriate for your use and that \"upload_tmp_dir\" is set to a correct value that will work on your system.</li>\n";
647 if (!$gotFileFlag) {
648 echo "<li>If you are having difficulty finding your php.ini file, then refer to the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual for suggestions.</li>\n";
649 }
650
651 echo "</ul>";
652
653 echo "<br>We recommend you print these instructions for future reference.<br><br>";
654 echo "Next step will configure Apache web server.";
655
656 echo "<br><FORM METHOD='POST'>\n
657 <INPUT TYPE='HIDDEN' NAME='state' VALUE='6'>\n
658 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
659 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
660 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
661 <br>\n
662 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
663
664 break;
665
666 case 6:
667 echo "<b>Step $state</b><br><br>\n";
668 echo "Configuration of Apache web server...<br><br>\n";
669 echo "The \"".preg_replace("/${site_id}/", "*", realpath($docsDirectory))."\", \"".preg_replace("/${site_id}/", "*", realpath($billingDirectory))."\" and \"".preg_replace("/${site_id}/", "*", realpath($billingDirectory2))."\" directories contain patient information, and
670 it is important to secure these directories. Additionally, some settings are required for the Zend Framework to work in OpenEMR. This can be done by pasting the below to end of your apache configuration file:<br>
671 &nbsp;&nbsp;&lt;Directory \"".realpath(dirname(__FILE__))."\"&gt;<br>
672 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AllowOverride FileInfo<br>
673 &nbsp;&nbsp;&lt;/Directory&gt;<br>
674 &nbsp;&nbsp;&lt;Directory \"".realpath(dirname(__FILE__))."/sites\"&gt;<br>
675 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AllowOverride None<br>
676 &nbsp;&nbsp;&lt;/Directory&gt;<br>
677 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/", "*", realpath($docsDirectory))."\"&gt;<br>
678 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
679 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
680 &nbsp;&nbsp;&lt;/Directory&gt;<br>
681 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/", "*", realpath($billingDirectory))."\"&gt;<br>
682 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
683 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
684 &nbsp;&nbsp;&lt;/Directory&gt;<br>
685 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/", "*", realpath($billingDirectory2))."\"&gt;<br>
686 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
687 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
688 &nbsp;&nbsp;&lt;/Directory&gt;<br><br>";
689
690 echo "If you are having difficulty finding your apache configuration file, then refer to the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual for suggestions.<br><br>\n";
691 echo "<br>We recommend you print these instructions for future reference.<br><br>";
692 echo "Click 'continue' for further instructions.";
693
694 echo "<br><FORM METHOD='POST'>\n
695 <INPUT TYPE='HIDDEN' NAME='state' VALUE='7'>\n
696 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
697 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
698 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
699 <br>\n
700 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
701
702 break;
703
704 case 0:
705 default:
706 echo "<p>Welcome to OpenEMR. This utility will step you through the installation and configuration of OpenEMR for your practice.</p>\n";
707 echo "<ul><li>Before proceeding, be sure that you have a properly installed and configured MySQL server available, and a PHP configured webserver.</li>\n";
708
709 echo "<li>Detailed installation instructions can be found in the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.</li>\n";
710
711 echo "<li>If you are upgrading from a previous version, do NOT use this script. Please read the 'Upgrading' section found in the <a href='Documentation/INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.</li></ul>";
712
713 if ($checkPermissions) {
714 echo "<p>We will now ensure correct file and directory permissions before starting installation:</p>\n";
715 echo "<FONT COLOR='green'>Ensuring following files are world-writable...</FONT><br>\n";
716 $errorWritable = 0;
717 foreach ($writableFileList as $tempFile) {
718 if (is_writable($tempFile)) {
719 echo "'".realpath($tempFile)."' file is <FONT COLOR='green'><b>ready</b></FONT>.<br>\n";
720 } else {
721 echo "<p><FONT COLOR='red'>UNABLE</FONT> to open file '".realpath($tempFile)."' for writing.<br>\n";
722 echo "(configure file permissions; see below for further instructions)</p>\n";
723 $errorWritable = 1;
724 }
725 }
726
727 if ($errorWritable) {
728 echo "<p><FONT COLOR='red'>You can't proceed until all above files are ready (world-writable).</FONT><br>\n";
729 echo "In linux, recommend changing file permissions with the 'chmod 666 filename' command.<br>\n";
730 echo "Fix above file permissions and then click the 'Check Again' button to re-check files.<br>\n";
731 echo "<FORM METHOD='POST'><INPUT TYPE='SUBMIT' VALUE='Check Again'></p>" .
732 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'></FORM><br>\n";
733 break;
734 }
735
736 echo "<br><FONT COLOR='green'>Ensuring following directories have proper permissions...</FONT><br>\n";
737 $errorWritable = 0;
738 foreach ($writableDirList as $tempDir) {
739 if (is_writable($tempDir)) {
740 echo "'".realpath($tempDir)."' directory is <FONT COLOR='green'><b>ready</b></FONT>.<br>\n";
741 } else {
742 echo "<p><FONT COLOR='red'>UNABLE</FONT> to open directory '".realpath($tempDir)."' for writing by web server.<br>\n";
743 echo "(configure directory permissions; see below for further instructions)</p>\n";
744 $errorWritable = 1;
745 }
746 }
747
748 if ($errorWritable) {
749 echo "<p><FONT COLOR='red'>You can't proceed until all directories are ready.</FONT><br>\n";
750 echo "In linux, recommend changing owners of these directories to the web server. For example, in many linux OS's the web server user is 'apache', 'nobody', or 'www-data'. So if 'apache' were the web server user name, could use the command 'chown -R apache:apache directory_name' command.<br>\n";
751 echo "Fix above directory permissions and then click the 'Check Again' button to re-check directories.<br>\n";
752 echo "<FORM METHOD='POST'><INPUT TYPE='SUBMIT' VALUE='Check Again'></p>" .
753 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'></FORM><br>\n";
754 break;
755 }
756
757 echo "<br>All required files and directories have been verified. Click to continue installation.<br>\n";
758 } else {
759 echo "<br>Click to continue installation.<br>\n";
760 }
761
762 echo "<FORM METHOD='POST'><INPUT TYPE='HIDDEN' NAME='state' VALUE='1'>" .
763 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>" .
764 "<INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>";
765 }
766 }
767 ?>
768
769 </span>
770
771 </BODY>
772 </HTML>
Mirror of official OpenEMR Sourceforge repository