Security fixes 23
[openemr.git] / setup.php
blob265b5d04a260c82d7ce110575e37280c05bfe973
1 <?php
2 // This program is free software; you can redistribute it and/or
3 // modify it under the terms of the GNU General Public License
4 // as published by the Free Software Foundation; either version 2
5 // of the License, or (at your option) any later version.
7 $COMMAND_LINE = php_sapi_name() == 'cli';
8 require_once (dirname(__FILE__) . '/library/authentication/password_hashing.php');
9 require_once dirname(__FILE__) . '/library/classes/Installer.class.php';
11 //turn off PHP compatibility warnings
12 ini_set("session.bug_compat_warn","off");
14 $state = $_POST["state"];
16 // Make this true for IPPF.
17 $ippf_specific = false;
19 // If this script was invoked with no site ID, then ask for one.
20 if (!$COMMAND_LINE && empty($_REQUEST['site'])) {
21 echo "<html>\n";
22 echo "<head>\n";
23 echo "<title>OpenEMR Setup Tool</title>\n";
24 echo "<link rel='stylesheet' href='interface/themes/style_blue.css'>\n";
25 echo "</head>\n";
26 echo "<body>\n";
27 echo "<p><b>Optional Site ID Selection</b></p>\n";
28 echo "<p>Most OpenEMR installations support only one site. If that is " .
29 "true for you then ignore the rest of this text and just click Continue.</p>\n";
30 echo "<p>Otherwise please enter a unique Site ID here.</p>\n";
31 echo "<p>A Site ID is a short identifier with no spaces or special " .
32 "characters other than periods or dashes. It is case-sensitive and we " .
33 "suggest sticking to lower case letters for ease of use.</p>\n";
34 echo "<p>If each site will have its own host/domain name, then use that " .
35 "name as the Site ID (e.g. www.example.com).</p>\n";
36 echo "<p>The site ID is used to identify which site you will log in to. " .
37 "If it is a hostname then it is taken from the hostname in the URL. " .
38 "Otherwise you must append \"?site=<i>siteid</i>\" to the URL used for " .
39 "logging in.</p>\n";
40 echo "<p>It is OK for one of the sites to have \"default\" as its ID. This " .
41 "is the ID that will be used if it cannot otherwise be determined.</p>\n";
42 echo "<form method='post'><input type='hidden' name='state' value='0'>" .
43 "Site ID: <input type='text' name='site' value='default'>&nbsp;" .
44 "<input type='submit' value='Continue'><br></form><br>\n";
45 echo "</body></html>\n";
46 exit();
49 // Support "?site=siteid" in the URL, otherwise assume "default".
50 $site_id = 'default';
51 if (!$COMMAND_LINE && !empty($_REQUEST['site'])) {
52 $site_id = trim($_REQUEST['site']);
55 // Die if site ID is empty or has invalid characters.
56 if (empty($site_id) || preg_match('/[^A-Za-z0-9\\-.]/', $site_id))
57 die("Site ID '".htmlspecialchars($site_id,ENT_NOQUOTES)."' contains invalid characters.");
59 //If having problems with file and directory permission
60 // checking, then can be manually disabled here.
61 $checkPermissions = True;
63 $installer = new Installer( $_REQUEST );
64 global $OE_SITE_DIR; // The Installer sets this
66 $docsDirectory = "$OE_SITE_DIR/documents";
67 $billingDirectory = "$OE_SITE_DIR/edi";
68 $billingDirectory2 = "$OE_SITE_DIR/era";
70 $billingLogDirectory = dirname(__FILE__)."/library/freeb";
71 $lettersDirectory = "$OE_SITE_DIR/letter_templates";
72 $gaclWritableDirectory = dirname(__FILE__)."/gacl/admin/templates_c";
73 $requiredDirectory1 = dirname(__FILE__)."/interface/main/calendar/modules/PostCalendar/pntemplates/compiled";
74 $requiredDirectory2 = dirname(__FILE__)."/interface/main/calendar/modules/PostCalendar/pntemplates/cache";
76 $zendModuleConfigFile = dirname(__FILE__)."/interface/modules/zend_modules/config/application.config.php";
78 //These are files and dir checked before install for
79 // correct permissions.
80 if (is_dir($OE_SITE_DIR)) {
81 $writableFileList = array($installer->conffile,$zendModuleConfigFile);
82 $writableDirList = array($docsDirectory, $billingDirectory, $billingDirectory2, $lettersDirectory, $gaclWritableDirectory, $requiredDirectory1, $requiredDirectory2);
84 else {
85 $writableFileList = array();
86 $writableDirList = array($OE_SITES_BASE, $gaclWritableDirectory, $requiredDirectory1, $requiredDirectory2);
89 // Include the sqlconf file if it exists yet.
90 $config = 0;
91 if (file_exists($OE_SITE_DIR)) {
92 include_once($installer->conffile);
94 else if ($state > 3) {
95 // State 3 should have created the site directory if it is missing.
96 die("Internal error, site directory is missing.");
100 <HTML>
101 <HEAD>
102 <TITLE>OpenEMR Setup Tool</TITLE>
103 <LINK REL=STYLESHEET HREF="interface/themes/style_sky_blue.css">
105 <style>
106 .noclone { }
107 </style>
109 <script type="text/javascript" src="library/js/jquery.js"></script>
111 <script language="javascript">
112 // onclick handler for "clone database" checkbox
113 function cloneClicked() {
114 var cb = document.forms[0].clone_database;
115 $('.noclone').css('display', cb.checked ? 'none' : 'block');
117 </script>
119 </HEAD>
120 <BODY>
122 <span class="title">OpenEMR Setup</span>
123 <br><br>
124 <span class="text">
126 <?php
127 if (strtolower(ini_get('register_globals')) != 'off' && (bool) ini_get('register_globals')) {
128 echo "It appears that you have register_globals enabled in your php.ini\n" .
129 "configuration file. This causes unacceptable security risks. You must\n" .
130 "turn it off before continuing with installation.\n";
131 exit();
135 <?php
136 if ($state == 7) {
139 <p>Congratulations! OpenEMR is now installed.</p>
141 <ul>
142 <li>Access controls (php-GACL) are installed for fine-grained security, and can be administered in
143 OpenEMR's admin->acl menu.</li>
144 <li>Reviewing <?php echo $OE_SITE_DIR; ?>/config.php is a good idea. This file
145 contains some settings that you may want to change.</li>
146 <li>There's much information and many extra tools bundled within the OpenEMR installation directory.
147 Please refer to openemr/Documentation. Many forms and other useful scripts can be found at openemr/contrib.</li>
148 <li>To ensure a consistent look and feel through out the application using
149 <a href='http://www.mozilla.org/products/firefox/'>Firefox</a> is recommended.</li>
150 <li>The OpenEMR project home page, documentation, and forums can be found at <a href = "http://www.open-emr.org" target="_blank">http://www.open-emr.org</a></li>
151 <li>We pursue grants to help fund the future development of OpenEMR. To apply for these grants, we need to estimate how many times this program is installed and how many practices are evaluating or using this software. It would be awesome if you would email us at <a href="mailto:president@oemr.org">president@oemr.org</a> if you have installed this software. The more details about your plans with this software, the better, but even just sending us an email stating you just installed it is very helpful.</li>
152 </ul>
154 We recommend you print these instructions for future reference.
155 </p>
156 <?php if (empty($installer->clone_database)) {
157 echo "<p><b>The initial OpenEMR user is '".$installer->iuser."' and the password is '".$installer->iuserpass."'</b></p>";
158 echo "<p>If you edited the PHP or Apache configuration files during this installation process, then we recommend you restart your Apache server before following below OpenEMR link.</p>";
159 } ?>
161 <a href='./?site=<?php echo $site_id; ?>'>Click here to start using OpenEMR. </a>
162 </p>
164 <?php
165 exit();
169 <?php
171 $inst = $_POST["inst"];
173 if (($config == 1) && ($state < 4)) {
174 echo "OpenEMR has already been installed. If you wish to force re-installation, then edit $installer->conffile (change the 'config' variable to 0), and re-run this script.<br>\n";
176 else {
177 switch ($state) {
179 case 1:
180 echo "<b>Step $state</b><br><br>\n";
181 echo "Now I need to know whether you want me to create the database on my own or if you have already created the database for me to use. For me to create the database, you will need to supply the MySQL root password.\n
182 <span class='title'> <br />NOTE: clicking on \"Continue\" may delete or cause damage to data on your system. Before you continue please backup your data.</span>
183 <br><br>\n
184 <FORM METHOD='POST'>\n
185 <INPUT TYPE='HIDDEN' NAME='state' VALUE='2'>\n
186 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
187 <LABEL FOR='inst1'><INPUT TYPE='RADIO' ID='inst1' NAME='inst' VALUE='1' checked>Have setup create the database</label><br>\n
188 <LABEL FOR='inst2'><INPUT TYPE='RADIO' ID='inst2' NAME='inst' VALUE='2'>I have already created the database</label><br>\n
189 <br>\n
190 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
191 break;
193 case 2:
194 echo "<b>Step $state</b><br><br>\n";
195 echo "Now you need to supply the MySQL server information and path information. Detailed instructions on each item can be found in the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.
196 <br><br>\n
197 <FORM METHOD='POST'>
198 <INPUT TYPE='HIDDEN' NAME='state' VALUE='3'>
199 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
200 <INPUT TYPE='HIDDEN' NAME='inst' VALUE='$inst'>
201 <TABLE>\n
202 <TR VALIGN='TOP'><TD COLSPAN=2><font color='red'>MYSQL SERVER:</font></TD></TR>
203 <TR VALIGN='TOP'><TD><span class='text'>Server Host: </span></TD><TD><INPUT TYPE='TEXT' VALUE='localhost' NAME='server' SIZE='30'></TD><TD><span class='text'>(If you run MySQL and Apache/PHP on the same computer, then leave this as 'localhost'. If they are on separate computers, then enter the IP address of the computer running MySQL.)</span><br></TD></TR>
204 <TR VALIGN='TOP'><TD><span class='text'>Server Port: </span></TD><TD><INPUT TYPE='TEXT' VALUE='3306' NAME='port' SIZE='30'></TD><TD><span class='text'>(This is the MySQL port. The default port for MySQL is 3306.)</span><br></TD></TR>
205 <TR VALIGN='TOP'><TD><span class='text'>Database Name: </span></TD><TD><INPUT TYPE='TEXT' VALUE='openemr' NAME='dbname' SIZE='30'></TD><TD><span class='text'>(This is the name of the OpenEMR database in MySQL - 'openemr' is the recommended)</span><br></TD></TR>
206 <TR VALIGN='TOP'><TD><span class='text'>Login Name: </span></TD><TD><INPUT TYPE='TEXT' VALUE='openemr' NAME='login' SIZE='30'></TD><TD><span class='text'>(This is the name of the OpenEMR login name in MySQL - 'openemr' is the recommended)</span><br></TD></TR>
207 <TR VALIGN='TOP'><TD><span class='text'>Password: </span></TD><TD><INPUT TYPE='PASSWORD' VALUE='' NAME='pass' SIZE='30'></TD><TD><span class='text'>(This is the Login Password for when PHP accesses MySQL - it should be at least 8 characters long and composed of both numbers and letters)</span><br></TD></TR>\n";
208 if ($inst != 2) {
209 echo "<TR VALIGN='TOP'><TD><span class='text'>Name for Root Account: </span></TD><TD><INPUT TYPE='TEXT' VALUE='root' NAME='root' SIZE='30'></TD><TD><span class='text'>(This is name for MySQL root account. For localhost, it is usually ok to leave it 'root'.)</span><br></TD></TR>
210 <TR VALIGN='TOP'><TD><span class='text'>Root Pass: </span></TD><TD><INPUT TYPE='PASSWORD' VALUE='' NAME='rootpass' SIZE='30'></TD><TD><span class='text'>(This is your MySQL root password. For localhost, it is usually ok to leave it blank.)</span><br></TD></TR>\n";
211 echo "<TR VALIGN='TOP'><TD><span class='text'>User Hostname: </span></TD><TD><INPUT TYPE='TEXT' VALUE='localhost' NAME='loginhost' SIZE='30'></TD><TD><span class='text'>(If you run Apache/PHP and MySQL on the same computer, then leave this as 'localhost'. If they are on separate computers, then enter the IP address of the computer running Apache/PHP.)</span><br></TD></TR>";
212 echo "<TR VALIGN='TOP'><TD><span class='text'>UTF-8 Collation: </span></TD><TD colspan='2'>" .
213 "<select name='collate'>" .
214 "<option value='utf8_bin' >Bin</option>" .
215 "<option value='utf8_czech_ci' >Czech</option>" .
216 "<option value='utf8_danish_ci' >Danish</option>" .
217 "<option value='utf8_esperanto_ci' >Esperanto</option>" .
218 "<option value='utf8_estonian_ci' >Estonian</option>" .
219 "<option value='utf8_general_ci' selected>General</option>" .
220 "<option value='utf8_hungarian_ci' >Hungarian</option>" .
221 "<option value='utf8_icelandic_ci' >Icelandic</option>" .
222 "<option value='utf8_latvian_ci' >Latvian</option>" .
223 "<option value='utf8_lithuanian_ci'>Lithuanian</option>" .
224 "<option value='utf8_persian_ci' >Persian</option>" .
225 "<option value='utf8_polish_ci' >Polish</option>" .
226 "<option value='utf8_roman_ci' >Roman</option>" .
227 "<option value='utf8_romanian_ci' >Romanian</option>" .
228 "<option value='utf8_slovak_ci' >Slovak</option>" .
229 "<option value='utf8_slovenian_ci' >Slovenian</option>" .
230 "<option value='utf8_spanish2_ci' >Spanish2 (Traditional)</option>" .
231 "<option value='utf8_spanish_ci' >Spanish (Modern)</option>" .
232 "<option value='utf8_swedish_ci' >Swedish</option>" .
233 "<option value='utf8_turkish_ci' >Turkish</option>" .
234 "<option value='utf8_unicode_ci' >Unicode (German, French, Russian, Armenian, Greek)</option>" .
235 "<option value='' >None (Do not force UTF-8)</option>" .
236 "</select>" .
237 "</TD></TR><TR VALIGN='TOP'><TD>&nbsp;</TD><TD colspan='2'><span class='text'>(This is the collation setting for mysql. Leave as 'General' if you are not sure. If the language you are planning to use in OpenEMR is in the menu, then you can select it. Otherwise, just select 'General'.)</span><br></TD></TR>";
239 echo "<TR VALIGN='TOP'><TD>&nbsp;</TD></TR>";
241 // Include a "source" site ID drop-list and a checkbox to indicate
242 // if cloning its database. When checked, do not display initial user
243 // and group stuff below.
244 $dh = opendir($OE_SITES_BASE);
245 if (!$dh) die("Cannot read directory '$OE_SITES_BASE'.");
246 $siteslist = array();
247 while (false !== ($sfname = readdir($dh))) {
248 if (substr($sfname, 0, 1) == '.') continue;
249 if ($sfname == 'CVS' ) continue;
250 if ($sfname == $site_id ) continue;
251 $sitedir = "$OE_SITES_BASE/$sfname";
252 if (!is_dir($sitedir) ) continue;
253 if (!is_file("$sitedir/sqlconf.php")) continue;
254 $siteslist[$sfname] = $sfname;
256 closedir($dh);
257 // If this is not the first site...
258 if (!empty($siteslist)) {
259 ksort($siteslist);
260 echo "<tr valign='top'>\n";
261 echo " <td class='text'>Source Site: </td>\n";
262 echo " <td class='text'><select name='source_site_id'>";
263 foreach ($siteslist as $sfname) {
264 echo "<option value='$sfname'";
265 if ($sfname == 'default') echo " selected";
266 echo ">$sfname</option>";
268 echo "</select></td>\n";
269 echo " <td class='text'>(The site directory that will be a model for the new site.)</td>\n";
270 echo "</tr>\n";
271 echo "<tr valign='top'>\n";
272 echo " <td class='text'>Clone Source Database: </td>\n";
273 echo " <td class='text'><input type='checkbox' name='clone_database' onclick='cloneClicked()' /></td>\n";
274 echo " <td class='text'>(Clone the source site's database instead of creating a fresh one.)</td>\n";
275 echo "</tr>\n";
278 echo "<TR VALIGN='TOP' class='noclone'><TD COLSPAN=2><font color='red'>OPENEMR USER:</font></TD></TR>";
279 echo "<TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iuser' VALUE='admin'></TD><TD><span class='text'>(This is the login name of user that will be created for you. Limit this to one word.)</span></TD></TR>
280 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User Password:</span></TD><TD><INPUT SIZE='30' TYPE='PASSWORD' NAME='iuserpass' VALUE=''></TD><TD><span class='text'>(This is the password for the initial user account above.)</span></TD></TR>
281 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User's First Name:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iufname' VALUE='Administrator'></TD><TD><span class='text'>(This is the First name of the 'initial user'.)</span></TD></TR>
282 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial User's Last Name:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iuname' VALUE='Administrator'></TD><TD><span class='text'>(This is the Last name of the 'initial user'.)</span></TD></TR>
283 <TR VALIGN='TOP' class='noclone'><TD><span class='text'>Initial Group:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='igroup' VALUE='Default'></TD><TD><span class='text'>(This is the group that will be created for your users. This should be the name of your practice.)</span></TD></TR>
285 echo "<TR VALIGN='TOP'><TD>&nbsp;</TD></TR>";
287 echo "</TABLE>
288 <br>
289 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>";
290 break;
292 case 3:
294 // Form Validation
295 // (applicable if not cloning from another database)
296 if (empty($installer->clone_database)) {
297 if ( ! $installer->login_is_valid() ) {
298 echo "ERROR. Please pick a proper 'Login Name'.<br>\n";
299 echo "Click Back in browser to re-enter.<br>\n";
300 break;
302 if ( ! $installer->iuser_is_valid() ) {
303 echo "ERROR. The 'Initial User' field can only contain one word and no spaces.<br>\n";
304 echo "Click Back in browser to re-enter.<br>\n";
305 break;
307 if ( ! $installer->user_password_is_valid() ) {
308 echo "ERROR. Please pick a proper 'Initial User Password'.<br>\n";
309 echo "Click Back in browser to re-enter.<br>\n";
310 break;
313 if ( ! $installer->password_is_valid() ) {
314 echo "ERROR. Please pick a proper 'Password'.<br>\n";
315 echo "Click Back in browser to re-enter.<br>\n";
316 break;
319 echo "<b>Step $state</b><br><br>\n";
320 echo "Configuring OpenEMR...<br><br>\n";
322 // Skip below if database shell has already been created.
323 if ($inst != 2) {
325 echo "Connecting to MySQL Server...\n";
326 flush();
327 if ( ! $installer->root_database_connection() ) {
328 echo "ERROR. Check your login credentials.\n";
329 echo $installer->error_message;
330 break;
332 else {
333 echo "OK.<br>\n";
334 flush();
338 // Only pertinent if cloning another installation database
339 if ( ! empty($installer->clone_database)) {
341 echo "Dumping source database...";
342 flush();
343 if ( ! $installer->create_dumpfiles() ) {
344 echo $installer->error_message;
345 break;
347 else {
348 echo " OK.<br>\n";
349 flush();
353 // Only pertinent if mirroring another installation directory
354 if ( ! empty($installer->source_site_id)) {
356 echo "Creating site directory...";
357 if ( ! $installer->create_site_directory() ) {
358 echo $installer->error_message;
359 break;
361 else {
362 echo "OK.<BR>";
363 flush();
367 // Skip below if database shell has already been created.
368 if ($inst != 2) {
369 echo "Creating database...\n";
370 flush();
371 if ( ! $installer->create_database() ) {
372 echo "ERROR. Check your login credentials.\n";
373 echo $installer->error_message;
374 break;
375 } else {
376 echo "OK.<br>\n";
377 flush();
380 echo "Creating user with permissions for database...\n";
381 flush();
382 if ( ! $installer->grant_privileges() ) {
383 echo "ERROR when granting privileges to the specified user.\n";
384 echo $installer->error_message;
385 break;
386 } else {
387 echo "OK.<br>\n";
388 flush();
391 echo "Reconnecting as new user...\n";
392 flush();
393 $installer->disconnect();
394 } else {
396 echo "Connecting to MySQL Server...\n";
398 if ( ! $installer->user_database_connection() ) {
399 echo "ERROR. Check your login credentials.\n";
400 echo $installer->error_message;
401 break;
403 else {
404 echo "OK.<br>\n";
405 flush();
408 // Load the database files
409 $dump_results = $installer->load_dumpfiles();
410 if ( ! $dump_results ) {
411 echo $installer->error_message;
412 break;
413 } else {
414 echo $dump_results;
415 flush();
418 echo "Writing SQL configuration...\n";
419 flush();
420 if ( ! $installer->write_configuration_file() ) {
421 echo $installer->error_message;
422 break;
424 else {
425 echo "OK.<br>\n";
426 flush();
429 // Only pertinent if not cloning another installation database
430 if (empty($installer->clone_database)) {
432 echo "Setting version indicators...\n";
433 flush();
434 if ( ! $installer->add_version_info() ) {
435 echo "ERROR.\n";
436 echo $installer->error_message;;
437 break;
439 else {
440 echo "OK<br>\n";
441 flush();
444 echo "Writing global configuration defaults...\n";
445 flush();
446 if ( ! $installer->insert_globals() ) {
447 echo "ERROR.\n";
448 echo $installer->error_message;;
449 break;
451 else {
452 echo "OK<br>\n";
453 flush();
456 echo "Adding Initial User...\n";
457 flush();
458 if ( ! $installer->add_initial_user() ) {
459 echo $installer->error_message;
460 break;
462 echo "OK<br>\n";
463 flush();
466 if ( ! empty($installer->clone_database) ) {
467 // Database was cloned, skip ACL setup.
468 echo "Click 'continue' for further instructions.";
469 $next_state = 7;
471 else {
472 echo "\n<br>Next step will install and configure access controls (php-GACL).<br>\n";
473 $next_state = 4;
476 echo "
477 <FORM METHOD='POST'>\n
478 <INPUT TYPE='HIDDEN' NAME='state' VALUE='$next_state'>
479 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
480 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>
481 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>
482 <INPUT TYPE='HIDDEN' NAME='iuname' VALUE='$installer->iuname'>
483 <INPUT TYPE='HIDDEN' NAME='iufname' VALUE='$installer->iufname'>
484 <INPUT TYPE='HIDDEN' NAME='clone_database' VALUE='$installer->clone_database'>
485 <br>\n
486 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
488 break;
489 case 4:
490 echo "<b>Step $state</b><br><br>\n";
491 echo "Installing and Configuring Access Controls (php-GACL)...<br><br>";
493 if ( ! $installer->install_gacl() ) {
494 echo $installer->error_message;
495 break;
497 else {
498 // display the status information for gacl setup
499 echo $installer->debug_message;
502 echo "Gave the '$installer->iuser' user (password is '$installer->iuserpass') administrator access.<br><br>";
504 echo "Done installing and configuring access controls (php-GACL).<br>";
505 echo "Next step will configure PHP.";
507 echo "<br><FORM METHOD='POST'>\n
508 <INPUT TYPE='HIDDEN' NAME='state' VALUE='5'>\n
509 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
510 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
511 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
512 <br>\n
513 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
515 break;
517 case 5:
518 echo "<b>Step $state</b><br><br>\n";
519 echo "Configuration of PHP...<br><br>\n";
520 echo "We recommend making the following changes to your PHP installation, which can normally be done by editing the php.ini configuration file:\n";
521 echo "<ul>";
522 $gotFileFlag = 0;
523 if (version_compare(PHP_VERSION, '5.2.4', '>=')) {
524 $phpINIfile = php_ini_loaded_file();
525 if ($phpINIfile) {
526 echo "<li><font color='green'>Your php.ini file can be found at ".$phpINIfile."</font></li>\n";
527 $gotFileFlag = 1;
530 echo "<li>To ensure proper functioning of OpenEMR you must make sure that settings in php.ini file include \"short_open_tag = On\", \"display_errors = Off\", \"register_globals = Off\", \"max_execution_time\" set to at least 60, \"max_input_time\" set to at least 90, \"post_max_size\" set to at least 30M, and \"memory_limit\" set to at least \"128M\".</li>\n";
531 echo "<li>In order to take full advantage of the patient documents capability you must make sure that settings in php.ini file include \"file_uploads = On\", that \"upload_max_filesize\" is appropriate for your use and that \"upload_tmp_dir\" is set to a correct value that will work on your system.</li>\n";
532 if (!$gotFileFlag) {
533 echo "<li>If you are having difficulty finding your php.ini file, then refer to the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual for suggestions.</li>\n";
535 echo "</ul>";
537 echo "<br>We recommend you print these instructions for future reference.<br><br>";
538 echo "Next step will configure Apache web server.";
540 echo "<br><FORM METHOD='POST'>\n
541 <INPUT TYPE='HIDDEN' NAME='state' VALUE='6'>\n
542 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
543 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
544 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
545 <br>\n
546 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
548 break;
550 case 6:
551 echo "<b>Step $state</b><br><br>\n";
552 echo "Configuration of Apache web server...<br><br>\n";
553 echo "The \"".preg_replace("/${site_id}/","*",realpath($docsDirectory))."\", \"".preg_replace("/${site_id}/","*",realpath($billingDirectory))."\" and \"".preg_replace("/${site_id}/","*",realpath($billingDirectory2))."\" directories contain patient information, and
554 it is important to secure these directories. Additionally, some settings are required for the Zend Framework to work in OpenEMR. This can be done by pasting the below to end of your apache configuration file:<br>
555 &nbsp;&nbsp;&lt;Directory \"".realpath(dirname(__FILE__))."\"&gt;<br>
556 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AllowOverride FileInfo<br>
557 &nbsp;&nbsp;&lt;/Directory&gt;<br>
558 &nbsp;&nbsp;&lt;Directory \"".realpath(dirname(__FILE__))."/sites\"&gt;<br>
559 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AllowOverride None<br>
560 &nbsp;&nbsp;&lt;/Directory&gt;<br>
561 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/","*",realpath($docsDirectory))."\"&gt;<br>
562 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
563 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
564 &nbsp;&nbsp;&lt;/Directory&gt;<br>
565 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/","*",realpath($billingDirectory))."\"&gt;<br>
566 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
567 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
568 &nbsp;&nbsp;&lt;/Directory&gt;<br>
569 &nbsp;&nbsp;&lt;Directory \"".preg_replace("/${site_id}/","*",realpath($billingDirectory2))."\"&gt;<br>
570 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
571 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
572 &nbsp;&nbsp;&lt;/Directory&gt;<br><br>";
574 echo "If you are having difficulty finding your apache configuration file, then refer to the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual for suggestions.<br><br>\n";
575 echo "<br>We recommend you print these instructions for future reference.<br><br>";
576 echo "Click 'continue' for further instructions.";
578 echo "<br><FORM METHOD='POST'>\n
579 <INPUT TYPE='HIDDEN' NAME='state' VALUE='7'>\n
580 <INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>\n
581 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$installer->iuser'>\n
582 <INPUT TYPE='HIDDEN' NAME='iuserpass' VALUE='$installer->iuserpass'>\n
583 <br>\n
584 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
586 break;
588 case 0:
589 default:
590 echo "<p>Welcome to OpenEMR. This utility will step you through the installation and configuration of OpenEMR for your practice.</p>\n";
591 echo "<ul><li>Before proceeding, be sure that you have a properly installed and configured MySQL server available, and a PHP configured webserver.</li>\n";
593 echo "<li>Detailed installation instructions can be found in the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.</li>\n";
595 Echo "<li>If you are upgrading from a previous version, do NOT use this script. Please read the 'Upgrading' section found in the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.</li></ul>";
597 if ($checkPermissions) {
598 echo "<p>We will now ensure correct file and directory permissions before starting installation:</p>\n";
599 echo "<FONT COLOR='green'>Ensuring following files are world-writable...</FONT><br>\n";
600 $errorWritable = 0;
601 foreach ($writableFileList as $tempFile) {
602 if (is_writable($tempFile)) {
603 echo "'".realpath($tempFile)."' file is <FONT COLOR='green'><b>ready</b></FONT>.<br>\n";
605 else {
606 echo "<p><FONT COLOR='red'>UNABLE</FONT> to open file '".realpath($tempFile)."' for writing.<br>\n";
607 echo "(configure file permissions; see below for further instructions)</p>\n";
608 $errorWritable = 1;
611 if ($errorWritable) {
612 echo "<p><FONT COLOR='red'>You can't proceed until all above files are ready (world-writable).</FONT><br>\n";
613 echo "In linux, recommend changing file permissions with the 'chmod 666 filename' command.<br>\n";
614 echo "Fix above file permissions and then click the 'Check Again' button to re-check files.<br>\n";
615 echo "<FORM METHOD='POST'><INPUT TYPE='SUBMIT' VALUE='Check Again'></p>" .
616 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'></FORM><br>\n";
617 break;
620 echo "<br><FONT COLOR='green'>Ensuring following directories have proper permissions...</FONT><br>\n";
621 $errorWritable = 0;
622 foreach ($writableDirList as $tempDir) {
623 if (is_writable($tempDir)) {
624 echo "'".realpath($tempDir)."' directory is <FONT COLOR='green'><b>ready</b></FONT>.<br>\n";
626 else {
627 echo "<p><FONT COLOR='red'>UNABLE</FONT> to open directory '".realpath($tempDir)."' for writing by web server.<br>\n";
628 echo "(configure directory permissions; see below for further instructions)</p>\n";
629 $errorWritable = 1;
632 if ($errorWritable) {
633 echo "<p><FONT COLOR='red'>You can't proceed until all directories are ready.</FONT><br>\n";
634 echo "In linux, recommend changing owners of these directories to the web server. For example, in many linux OS's the web server user is 'apache', 'nobody', or 'www-data'. So if 'apache' were the web server user name, could use the command 'chown -R apache:apache directory_name' command.<br>\n";
635 echo "Fix above directory permissions and then click the 'Check Again' button to re-check directories.<br>\n";
636 echo "<FORM METHOD='POST'><INPUT TYPE='SUBMIT' VALUE='Check Again'></p>" .
637 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'></FORM><br>\n";
638 break;
641 echo "<br>All required files and directories have been verified. Click to continue installation.<br>\n";
643 else {
644 echo "<br>Click to continue installation.<br>\n";
647 echo "<FORM METHOD='POST'><INPUT TYPE='HIDDEN' NAME='state' VALUE='1'>" .
648 "<INPUT TYPE='HIDDEN' NAME='site' VALUE='$site_id'>" .
649 "<INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>";
655 </span>
657 </BODY>
658 </HTML>