Moved picture display code below security check (thanks cfapress).
[openemr.git] / setup.php
blob433eed1f59cf9cab01ad3363f829593bad6f2554
1 <?php
2 //required for normal operation because of recent changes in PHP:
3 extract($_GET);
4 extract($_POST);
5 //turn off PHP compatibility warnings
6 ini_set("session.bug_compat_warn","off");
8 $url = "";
9 $upgrade = 0;
10 $state = $_POST["state"];
12 //If having problems with file and directory permission
13 // checking, then can be manually disabled here.
14 $checkPermissions = "TRUE";
16 //Below section is only for variables that require a path.
17 // The $manualPath variable can be edited by 3rd party
18 // installation scripts to manually set path. (this will
19 // allow straightforward use of this script by 3rd party
20 // installers)
21 $manualPath = "";
22 $dumpfile = $manualPath."sql/database.sql";
23 $icd9 = $manualPath."sql/icd9.sql";
24 $conffile = $manualPath."library/sqlconf.php";
25 $conffile2 = $manualPath."interface/globals.php";
26 $gaclConfigFile1 = $manualPath."gacl/gacl.ini.php";
27 $gaclConfigFile2 = $manualPath."gacl/gacl.class.php";
28 $docsDirectory = $manualPath."documents";
29 $billingDirectory = $manualPath."edi";
30 $billingDirectory2 = $manualPath."era";
31 $billingLogDirectory = $manualPath."library/freeb";
32 $lettersDirectory = $manualPath."custom/letter_templates";
33 $gaclWritableDirectory = $manualPath."gacl/admin/templates_c";
34 $requiredDirectory1 = $manualPath."interface/main/calendar/modules/PostCalendar/pntemplates/compiled";
35 $requiredDirectory2 = $manualPath."interface/main/calendar/modules/PostCalendar/pntemplates/cache";
36 $gaclSetupScript1 = $manualPath."gacl/setup.php";
37 $gaclSetupScript2 = $manualPath."acl_setup.php";
39 //These are files and dir checked before install for
40 // correct permissions.
41 $writableFileList = array($conffile, $conffile2, $gaclConfigFile1, $gaclConfigFile2);
42 $writableDirList = array($docsDirectory, $billingDirectory, $billingDirectory2, $billingLogDirectory, $lettersDirectory, $gaclWritableDirectory, $requiredDirectory1, $requiredDirectory2);
45 include_once($conffile);
47 <HTML>
48 <HEAD>
49 <TITLE>OpenEMR Setup Tool</TITLE>
50 <LINK REL=STYLESHEET HREF="interface/themes/style_blue.css">
51 </HEAD>
52 <BODY>
54 <span class="title">OpenEMR Setup</span>
55 <br><br>
56 <span class="text">
58 <?php
59 if (strtolower(ini_get('register_globals')) != 'off' && (bool) ini_get('register_globals')) {
60 echo "It appears that you have register_globals enabled in your php.ini\n" .
61 "configuration file. This causes unacceptable security risks. You must\n" .
62 "turn it off before continuing with installation.\n";
63 exit();
65 ?>
67 <?php
68 if ($state == 7) {
71 <p>Congratulations! OpenEMR is now installed.</p>
73 <ul>
74 <li>If applicable, please restore secure permissions on the four configuration files: /openemr/interface/globals.php,
75 /openemr/library/sqlconf.php, /openemr/gacl/gacl.ini.php, and /openemr/gacl/gacl.class.php files.
76 In linux, recommend changing file permissions with the 'chmod 644 filename' command.</li>
77 <li>Access controls (php-GACL) are installed for fine-grained security, and can be administered in
78 OpenEMR's admin->acl menu.</li>
79 <li>Reading openemr/includes/config.php and openemr/interface/globals.php is a good idea. These files
80 contain many options to choose from including themes.</li>
81 <li>There's much information and many extra tools bundled within the OpenEMR installation directory.
82 Please refer to openemr/Documentation. Many forms and other useful scripts can be found at openemr/contrib.</li>
83 <li>To ensure a consistent look and feel through out the application using
84 <a href='http://www.mozilla.org/products/firefox/'>Firefox</a> is recommended.</li>
85 <li>The OpenEMR project home page and wiki can be found at <a href = "http://www.oemr.org" target="_blank">http://www.oemr.org</a></li>
86 <li>The OpenEMR forums can be found at <a href = "http://sourceforge.net/projects/openemr" target="_blank">http://sourceforge.net/projects/openemr</a></li>
87 <li>We pursue grants to help fund the future development of OpenEMR. To apply for these grants, we need to estimate how many times this program is installed and how many practices are evaluating or using this software. It would be awesome if you would email us at <a href="mailto:drbowen@charter.net">drbowen@charter.net</a> if you have installed this software. The more details about your plans with this software, the better, but even just sending us an email stating you just installed it is very helpful.</li>
88 </ul>
89 <p>
90 We recommend you print these instructions for future reference.
91 </p>
92 <p>
93 <b>The initial OpenEMR user is "<?php echo $iuser; ?>" and the password is "pass".</b>
94 You should change this password!
95 </p>
96 <p>
97 <a href='./'>Click here to start using OpenEMR. </a>
98 </p>
101 exit();
105 <?php
107 $server = $_POST["server"];
108 $port = $_POST["port"];
109 $dbname = $_POST["dbname"];
110 $root = $_POST["root"];
111 $login = $_POST["login"];
112 $pass = $_POST["pass"];
113 $loginhost = $_POST["loginhost"];
114 $rootpass = $_POST["rootpass"];
115 $iuser = $_POST["iuser"];
116 $iuname = $_POST["iuname"];
117 $igroup = $_POST["igroup"];
118 $openemrBasePath = $_POST["openemrBasePath"];
119 $openemrWebPath = $_POST["openemrWebPath"];
120 //END POST VARIABLES
123 if (($config == 1) && ($state < 4)) {
124 echo "OpenEMR has already been installed. If you wish to force re-installation, then edit $conffile(change the 'config' variable to 0), and re-run this script.<br>\n";
126 else {
127 switch ($state) {
129 case 1:
130 echo "<b>Step $state</b><br><br>\n";
131 echo "Now I need to know whether you want me to create the database on my own or if you have already created the database for me to use. For me to create the database, you will need to supply the MySQL root password.\n
132 <span class='title'> <br />NOTE: clicking on \"Continue\" may delete or cause damage to data on your system. Before you continue please backup your data.</span>
133 <br><br>\n
134 <FORM METHOD='POST'>\n
135 <INPUT TYPE='HIDDEN' NAME='state' VALUE='2'>\n
136 <INPUT TYPE='RADIO' NAME='inst' VALUE='1' checked>Have setup create the database<br>\n
137 <INPUT TYPE='RADIO' NAME='inst' VALUE='2'>I have already created the database<br>\n
138 <br>\n
139 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
140 break;
142 case 2:
143 echo "<b>Step $state</b><br><br>\n";
144 echo "Now you need to supply the MySQL server information and path information. Detailed instructions on each item can be found in the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.
145 <br><br>\n
146 <FORM METHOD='POST'>
147 <INPUT TYPE='HIDDEN' NAME='state' VALUE='3'>
148 <INPUT TYPE='HIDDEN' NAME='inst' VALUE='$inst'>
149 <TABLE>\n
150 <TR VALIGN='TOP'><TD COLSPAN=2><font color='red'>MYSQL SERVER:</font></TD></TR>
151 <TR VALIGN='TOP'><TD><span class='text'>Server Host: </span></TD><TD><INPUT TYPE='TEXT' VALUE='localhost' NAME='server' SIZE='30'></TD><TD><span class='text'>(If you run MySQL and Apache/PHP on the same computer, then leave this as 'localhost'. If they are on separate computers, then enter the IP address of the computer running MySQL.)</span><br></TD></TR>
152 <TR VALIGN='TOP'><TD><span class='text'>Server Port: </span></TD><TD><INPUT TYPE='TEXT' VALUE='3306' NAME='port' SIZE='30'></TD><TD><span class='text'>(This is the MySQL port. The default port for MySQL is 3306.)</span><br></TD></TR>
153 <TR VALIGN='TOP'><TD><span class='text'>Database Name: </span></TD><TD><INPUT TYPE='TEXT' VALUE='openemr' NAME='dbname' SIZE='30'></TD><TD><span class='text'>(This is the name of the OpenEMR database in MySQL - 'openemr' is the recommended)</span><br></TD></TR>
154 <TR VALIGN='TOP'><TD><span class='text'>Login Name: </span></TD><TD><INPUT TYPE='TEXT' VALUE='openemr' NAME='login' SIZE='30'></TD><TD><span class='text'>(This is the name of the OpenEMR login name in MySQL - 'openemr' is the recommended)</span><br></TD></TR>
155 <TR VALIGN='TOP'><TD><span class='text'>Password: </span></TD><TD><INPUT TYPE='PASSWORD' VALUE='' NAME='pass' SIZE='30'></TD><TD><span class='text'>(This is the Login Password for when PHP accesses MySQL - it should be at least 8 characters long and composed of both numbers and letters)</span><br></TD></TR>\n";
156 if ($inst != 2) {
157 echo "<TR VALIGN='TOP'><TD><span class='text'>Name for Root Account: </span></TD><TD><INPUT TYPE='TEXT' VALUE='root' NAME='root' SIZE='30'></TD><TD><span class='text'>(This is name for MySQL root account. For localhost, it is usually ok to leave it 'root'.)</span><br></TD></TR>
158 <TR VALIGN='TOP'><TD><span class='text'>Root Pass: </span></TD><TD><INPUT TYPE='PASSWORD' VALUE='' NAME='rootpass' SIZE='30'></TD><TD><span class='text'>(This is your MySQL root password. For localhost, it is usually ok to leave it blank.)</span><br></TD></TR>\n";
159 echo "<TR VALIGN='TOP'><TD><span class='text'>User Hostname: </span></TD><TD><INPUT TYPE='TEXT' VALUE='localhost' NAME='loginhost' SIZE='30'></TD><TD><span class='text'>(If you run Apache/PHP and MySQL on the same computer, then leave this as 'localhost'. If they are on separate computers, then enter the IP address of the computer running Apache/PHP.)</span><br></TD></TR>";
161 echo "<TR VALIGN='TOP'><TD>&nbsp;</TD></TR>";
162 echo "<TR VALIGN='TOP'><TD COLSPAN=2><font color='red'>OPENEMR USER:</font></TD></TR>";
163 echo "<TR VALIGN='TOP'><TD><span class='text'>Initial User:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iuser' VALUE='admin'></TD><TD><span class='text'>(This is the login name of user that will be created for you. Limit this to one word.)</span></TD></TR>
164 <TR VALIGN='TOP'><TD><span class='text'>Initial User's Name:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='iuname' VALUE='Administrator'></TD><TD><span class='text'>(This is the real name of the 'initial user'.)</span></TD></TR>
165 <TR VALIGN='TOP'><TD><span class='text'>Initial Group:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='igroup' VALUE='Default'></TD><TD><span class='text'>(This is the group that will be created for your users. This should be the name of your practice.)</span></TD></TR>
167 echo "<TR VALIGN='TOP'><TD>&nbsp;</TD></TR>";
168 echo "<TR VALIGN='TOP'><TD COLSPAN=2><font color='red'>OPENEMR PATHS:</font></TD></TR>";
169 echo "<TR VALIGN='TOP'><TD COLSPAN=3></TD></TR>
170 <TR VALIGN='TOP'><TD><span class='text'>Absolute Path:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='openemrBasePath' VALUE='".realpath('./')."'></TD><TD><span class='text'>(This is the full absolute directory path to openemr. The value here is automatically created, and should not need to be modified. Do not worry about direction of slashes; they will be automatically corrected.)</span></TD></TR>
171 <TR VALIGN='TOP'><TD><span class='text'>Relative HTML Path:</span></TD><TD><INPUT SIZE='30' TYPE='TEXT' NAME='openemrWebPath' VALUE='/openemr'></TD><TD><span class='text'>(Set this to the relative html path, ie. what you would type into the web browser after the server address to get to OpenEMR. For example, if you type 'http://127.0.0.1/clinic/openemr/ to load OpenEMR, set this to '/clinic/openemr' without the trailing slash. Do not worry about direction of slashes; they will be automatically corrected.)</span></TD></TR>
173 echo "</TABLE>
174 <br>
175 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>";
177 break;
180 case 3:
182 if ($login == "" || !isset($login)) {
183 echo "ERROR. Please pick a proper 'Login Name'.<br>\n";
184 echo "Click Back in browser to re-enter.<br>\n";
185 break;
187 if (strpos($iuser, " ")) {
188 echo "ERROR. The 'Initial User' field can only contain one word and no spaces.<br>\n";
189 echo "Click Back in browser to re-enter.<br>\n";
190 break;
192 if ($pass == "" || !isset($pass)) {
193 echo "ERROR. Please pick a proper 'Password'.<br>\n";
194 echo "Click Back in browser to re-enter.<br>\n";
195 break;
198 echo "<b>Step $state</b><br><br>\n";
199 echo "Configuring OpenEMR...<br><br>\n";
202 if ($inst != 2) {
203 echo "Connecting to MySQL Server...\n";
204 flush();
205 if ($server == "localhost")
206 $dbh = mysql_connect("$server","$root","$rootpass");
207 else
208 $dbh = mysql_connect("$server:$port","$root","$rootpass");
209 if ($dbh == FALSE) {
210 echo "ERROR. Check your login credentials.\n";
211 echo "<p>".mysql_error()." (#".mysql_errno().")\n";
212 break;
214 else
215 echo "OK.<br>\n";
216 echo "Creating database...\n";
217 flush();
218 if (mysql_query("create database $dbname",$dbh) == FALSE) {
219 echo "ERROR. Check your login credentials.\n";
220 echo "<p>".mysql_error()." (#".mysql_errno().")\n";
221 break;
223 else
224 echo "OK.<br>\n";
225 echo "Creating user with permissions for database...\n";
226 flush();
227 if (mysql_query("GRANT ALL PRIVILEGES ON $dbname.* TO '$login'@'$loginhost' IDENTIFIED BY '$pass'",$dbh) == FALSE) {
228 echo "ERROR when granting privileges to the specified user.\n";
229 echo "<p>".mysql_error()." (#".mysql_errno().")\n";
230 echo "ERROR.\n";
231 break;
233 else
234 echo "OK.<br>\n";
235 echo "Reconnecting as new user...\n";
236 mysql_close($dbh);
238 else
239 echo "Connecting to MySQL Server...\n";
241 if ($server == "localhost")
242 $dbh = mysql_connect("$server","$login","$pass");
243 else
244 $dbh = mysql_connect("$server:$port","$login","$pass");
246 if ($dbh == FALSE) {
247 echo "ERROR. Check your login credentials.\n";
248 echo "<p>".mysql_error()." (#".mysql_errno().")\n";
249 break;
251 else
252 echo "OK.<br>\n";
253 echo "Opening database...";
254 flush();
255 if (mysql_select_db("$dbname",$dbh) == FALSE) {
256 echo "ERROR. Check your login credentials.\n";
257 echo "<p>".mysql_error()." (#".mysql_errno().")\n";
258 break;
260 else
261 echo "OK.<br>\n";
262 flush();
263 if ($upgrade != 1) {
264 echo "Creating initial tables...\n";
265 mysql_query("USE $dbname",$dbh);
266 flush();
267 $fd = fopen($dumpfile, 'r');
268 if ($fd == FALSE) {
269 echo "ERROR. Could not open dumpfile '$dumpfile'.\n";
270 flush();
271 break;
273 $query = "";
274 $line = "";
275 while (!feof ($fd)){
276 $line = fgets($fd,1024);
277 $line = rtrim($line);
278 if (substr($line,0,2) == "--") // Kill comments
279 continue;
280 if (substr($line,0,1) == "#") // Kill comments
281 continue;
282 if ($line == "")
283 continue;
284 $query = $query.$line; // Check for full query
285 $chr = substr($query,strlen($query)-1,1);
286 if ($chr == ";") { // valid query, execute
287 $query = rtrim($query,";");
288 mysql_query("$query",$dbh);
289 $query = "";
292 echo "OK<br>\n";
293 fclose($fd);
294 flush();
295 echo "Adding Initial User...\n";
296 flush();
297 //echo "INSERT INTO groups VALUES (1,'$igroup','$iuser')<br>\n";
298 if (mysql_query("INSERT INTO groups (id, name, user) VALUES (1,'$igroup','$iuser')") == FALSE) {
299 echo "ERROR. Could not run queries.\n";
300 echo "<p>".mysql_error()." (#".mysql_errno().")\n";
301 flush();
302 break;
304 if (mysql_query("INSERT INTO users (id, username, password, authorized, lname,fname) VALUES (1,'$iuser','1a1dc91c907325c69271ddf0c944bc72',1,'$iuname','')") == FALSE) {
305 echo "ERROR. Could not run queries.\n";
306 echo "<p>".mysql_error()." (#".mysql_errno().")\n";
307 flush();
308 break;
310 echo "OK<br>\n";
311 flush();
312 /* echo "Inserting ICD-9-CM Codes into Database...\n";
313 flush();
314 $fd = fopen($icd9, 'r');
315 if ($fd == FALSE) {
316 echo "ERROR. Could not open dumpfile.\n";
317 echo "<p>".mysql_error()." (#".mysql_errno().")\n";
318 flush();
319 break;
321 $query = "";
322 $line = "";
323 while (!feof ($fd)){
324 $line = fgets($fd,1024);
325 $line = rtrim($line);
326 if (substr($line,0,2) == "--") // Kill comments
327 continue;
328 if (substr($line,0,1) == "#") // Kill comments
329 continue;
330 if ($line == "")
331 continue;
332 $query = $query.$line; // Check for full query
333 $chr = substr($query,strlen($query)-1,1);
334 if ($chr == ";") { // valid query, execute
335 $query = rtrim($query,";");
336 mysql_query("$query",$dbh);
337 $query = "";
340 echo "OK\n";
341 fclose($fd);*/
342 flush();
345 echo "<br>Writing SQL Configuration...<br>";
346 @touch($conffile); // php bug
347 $fd = @fopen($conffile, 'w');
348 $string = "<?
349 // OpenEMR
350 // MySQL Config
351 // Referenced from sql.inc
355 $it_died = 0; //fmg: variable keeps running track of any errors
357 fwrite($fd,$string) or $it_died++;
358 fwrite($fd,"\$host\t= '$server';\n") or $it_died++;
359 fwrite($fd,"\$port\t= '$port';\n") or $it_died++;
360 fwrite($fd,"\$login\t= '$login';\n") or $it_died++;
361 fwrite($fd,"\$pass\t= '$pass';\n") or $it_died++;
362 fwrite($fd,"\$dbase\t= '$dbname';\n") or $it_died++;
365 $string = '
367 $sqlconf = array();
368 $sqlconf["host"]= $host;
369 $sqlconf["port"] = $port;
370 $sqlconf["login"] = $login;
371 $sqlconf["pass"] = $pass;
372 $sqlconf["dbase"] = $dbase;
373 //////////////////////////
374 //////////////////////////
375 //////////////////////////
376 //////DO NOT TOUCH THIS///
377 $config = 1; /////////////
378 //////////////////////////
379 //////////////////////////
380 //////////////////////////
383 ?><? // done just for coloring
385 fwrite($fd,$string) or $it_died++;
387 //it's rather irresponsible to not report errors when writing this file.
388 if ($it_died != 0) {
389 echo "ERROR. Couldn't write $it_died lines to config file '$conffile'.\n";
390 flush();
391 break;
393 fclose($fd);
395 echo "Successfully wrote SQL configuration.<BR><br>";
397 echo "Writing OpenEMR webserver paths to config file...<br>";
398 //edit interface/globals.php
399 //first, ensure slashes are in correct direction (windows specific fix)
400 $openemrBasePath = str_replace('\\\\', '/', $openemrBasePath);
401 $openemrBasePath = str_replace('\\', '/', $openemrBasePath);
402 $openemrWebPath = str_replace('\\\\', '/', $openemrWebPath);
403 $openemrWebPath = str_replace('\\', '/', $openemrWebPath);
404 //second, edit file
405 $data = file($conffile2) or die("Could not read ".$conffile2." file.");
406 $finalData = "";
407 $isCount = 0;
408 foreach ($data as $line) {
409 $isHit = 0;
410 if ((strpos($line,"\$webserver_root = \"")) === false) {
412 else {
413 $isHit = 1;
414 $isCount += 1;
415 $finalData .= "\$webserver_root = \"$openemrBasePath\";\n";
417 if ((strpos($line,"\$web_root = \"")) === false) {
419 else {
420 $isHit = 1;
421 $isCount += 1;
422 $finalData .= "\$web_root = \"$openemrWebPath\";\n";
424 if (!$isHit) {
425 $finalData .= $line;
428 $fd = @fopen($conffile2, 'w') or die("Could not open ".$conffile2." file.");
429 fwrite($fd, $finalData);
430 fclose($fd);
431 if ($isCount == 2) {
432 echo "Successfully wrote OpenEMR webserver paths to config file<br><br>";
434 else {
435 echo "<FONT COLOR='red'>ERROR</FONT> writing openemr webserver root paths to config file ($conffile2). ($isCount)<br><br>\n";
438 echo "\n<br>Next step will install and configure access controls (php-GACL).<br>\n";
440 echo "
441 <FORM METHOD='POST'>\n
442 <INPUT TYPE='HIDDEN' NAME='state' VALUE='4'>
443 <INPUT TYPE='HIDDEN' NAME='server' VALUE='$server'>
444 <INPUT TYPE='HIDDEN' NAME='dbname' VALUE='$dbname'>
445 <INPUT TYPE='HIDDEN' NAME='port' VALUE='$port'>
446 <INPUT TYPE='HIDDEN' NAME='login' VALUE='$login'>
447 <INPUT TYPE='HIDDEN' NAME='pass' VALUE='$pass'>
448 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$iuser'>
449 <INPUT TYPE='HIDDEN' NAME='iuname' VALUE='$iuname'>
450 <br>\n
451 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
454 break;
456 case 4:
457 echo "<b>Step $state</b><br><br>\n";
458 echo "Installing and Configuring Access Controls (php-GACL)...<br><br>";
460 //first, edit two gacl config files
461 echo "Writing php-GACL configuration settings to config files...<br>";
462 // edit gacl.ini.php
463 $data = file($gaclConfigFile1) or die("Could not read ".$gaclConfigFile1." file.");
464 $finalData = "";
465 foreach ($data as $line) {
466 $isHit = 0;
467 if ((strpos($line,"db_host")) === false) {
469 else {
470 $isHit = 1;
471 if ($server == "localhost") {
472 $finalData .= "db_host = \"${server}\"\n";
474 else {
475 $finalData .= "db_host = \"${server}:${port}\"\n";
478 if ((strpos($line,"db_user")) === false) {
480 else {
481 $isHit = 1;
482 $finalData .= "db_user = \"${login}\"\n";
484 if ((strpos($line,"db_password")) === false) {
486 else {
487 $isHit = 1;
488 $finalData .= "db_password = \"${pass}\"\n";
490 if ((strpos($line,"db_name")) === false) {
492 else {
493 $isHit = 1;
494 $finalData .= "db_name = \"${dbname}\"\n";
496 if (!$isHit) {
497 $finalData .= $line;
500 $fd = @fopen($gaclConfigFile1, 'w') or die("Could not open ".$gaclConfigFile1." file.");
501 fwrite($fd, $finalData);
502 fclose($fd);
504 // edit gacl.class.php
505 $data = file($gaclConfigFile2) or die("Could not read ".$gaclConfigFile2." file.");
506 $finalData = "";
507 foreach ($data as $line) {
508 $isHit = 0;
509 if ((strpos($line,"var \$_db_host = ")) === false) {
511 else {
512 $isHit = 1;
513 if ($server == "localhost") {
514 $finalData .= "var \$_db_host = '$server';\n";
516 else {
517 $finalData .= "var \$_db_host = '$server:$port';\n";
520 if ((strpos($line,"var \$_db_user = ")) === false) {
522 else {
523 $isHit = 1;
524 $finalData .= "var \$_db_user = '$login';\n";
526 if ((strpos($line,"var \$_db_password = ")) === false) {
528 else {
529 $isHit = 1;
530 $finalData .= "var \$_db_password = '$pass';\n";
532 if ((strpos($line,"var \$_db_name = ")) === false) {
534 else {
535 $isHit = 1;
536 $finalData .= "var \$_db_name = '$dbname';\n";
538 if (!$isHit) {
539 $finalData .= $line;
542 $fd = @fopen($gaclConfigFile2, 'w') or die("Could not open ".$gaclConfigFile2." file.");
543 fwrite($fd, $finalData);
544 fclose($fd);
545 echo "Finished writing php-GACL configuration settings to config files.<br><br>";
547 //second, run gacl config scripts
548 require $gaclSetupScript1;
549 require $gaclSetupScript2;
550 echo "<br>";
552 //third, give the administrator user admin priviledges
553 $groupArray = array("Administrators");
554 set_user_aro($groupArray,$iuser,$iuname,"","");
555 echo "Gave the '$iuser' user (password is 'pass') administrator access.<br><br>";
557 echo "Done installing and configuring access controls (php-GACL).<br>";
558 echo "Next step will configure PHP.";
560 echo "<br><FORM METHOD='POST'>\n
561 <INPUT TYPE='HIDDEN' NAME='state' VALUE='5'>\n
562 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$iuser'>\n
563 <br>\n
564 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
566 break;
568 case 5:
569 echo "<b>Step $state</b><br><br>\n";
570 echo "Configuration of PHP...<br><br>\n";
571 echo "We recommend making the following changes to your PHP installation, which can normally be done by editing the php.ini configuration file:\n";
572 echo "<ul>";
573 $gotFileFlag = 0;
574 if (version_compare(PHP_VERSION, '5.2.4', '>=')) {
575 $phpINIfile = php_ini_loaded_file();
576 if ($phpINIfile) {
577 echo "<li><font color='green'>Your php.ini file can be found at ".$phpINIfile."</font></li>\n";
578 $gotFileFlag = 1;
581 echo "<li>To ensure proper functioning of OpenEMR you must make sure that settings in php.ini file include \"display_errors = Off\", \"register_globals = Off\", \"magic_quotes_gpc = Off\", \"max_execution_time\" set to at least 60, \"max_input_time\" set to at least 90, and \"memory_limit\" set to at least \"128M\".</li>\n";
582 echo "<li>In order to take full advantage of the patient documents capability you must make sure that settings in php.ini file include \"file_uploads = On\", that \"upload_max_filesize\" is appropriate for your use and that \"upload_tmp_dir\" is set to a correct value that will work on your system.</li>\n";
583 if (!$gotFileFlag) {
584 echo "<li>If you are having difficulty finding your php.ini file, then refer to the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual for suggestions.</li>\n";
586 echo "</ul>";
588 echo "<br>We recommend you print these instructions for future reference.<br><br>";
589 echo "Next step will configure Apache web server.";
591 echo "<br><FORM METHOD='POST'>\n
592 <INPUT TYPE='HIDDEN' NAME='state' VALUE='6'>\n
593 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$iuser'>\n
594 <br>\n
595 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
597 break;
599 case 6:
600 echo "<b>Step $state</b><br><br>\n";
601 echo "Configuration of Apache web server...<br><br>\n";
602 echo "The \"".realpath($docsDirectory)."\", \"".realpath($billingDirectory)."\" and \"".realpath($billingDirectory2)."\" directories contain patient information, and
603 it is important to secure these directories. This can be done by placing pertinent .htaccess
604 files in these directories or by pasting the below to end of your apache configuration file:<br>
605 &nbsp;&nbsp;&lt;Directory ".realpath($docsDirectory)."&gt;<br>
606 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
607 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
608 &nbsp;&nbsp;&lt;/Directory&gt;<br>
609 &nbsp;&nbsp;&lt;Directory ".realpath($billingDirectory)."&gt;<br>
610 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
611 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
612 &nbsp;&nbsp;&lt;/Directory&gt;<br>
613 &nbsp;&nbsp;&lt;Directory ".realpath($billingDirectory2)."&gt;<br>
614 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;order deny,allow<br>
615 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Deny from all<br>
616 &nbsp;&nbsp;&lt;/Directory&gt;<br><br>";
618 echo "If you are having difficulty finding your apache configuration file, then refer to the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual for suggestions.<br><br>\n";
619 echo "<br>We recommend you print these instructions for future reference.<br><br>";
620 echo "Click 'continue' for further instructions.";
622 echo "<br><FORM METHOD='POST'>\n
623 <INPUT TYPE='HIDDEN' NAME='state' VALUE='7'>\n
624 <INPUT TYPE='HIDDEN' NAME='iuser' VALUE='$iuser'>\n
625 <br>\n
626 <INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>\n";
628 break;
630 case 0:
631 default:
632 echo "<p>Welcome to OpenEMR. This utility will step you through the installation and configuration of OpenEMR for your practice.</p>\n";
633 echo "<ul><li>Before proceeding, be sure that you have a properly installed and configured MySQL server available, and a PHP configured webserver.</li>\n";
635 echo "<li>Detailed installation instructions can be found in the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.</li>\n";
637 Echo "<li>If you are upgrading from a previous version, do NOT use this script. Please read the 'Upgrading' section found in the <a href='INSTALL' target='_blank'><span STYLE='text-decoration: underline;'>'INSTALL'</span></a> manual file.</li></ul>";
639 if ($checkPermissions == "TRUE") {
640 echo "<p>We will now ensure correct file and directory permissions before starting installation:</p>\n";
641 echo "<FONT COLOR='green'>Ensuring following files are world-writable...</FONT><br>\n";
642 $errorWritable = 0;
643 foreach ($writableFileList as $tempFile) {
644 if (is_writable($tempFile)) {
645 echo "'".realpath($tempFile)."' file is <FONT COLOR='green'><b>ready</b></FONT>.<br>\n";
647 else {
648 echo "<p><FONT COLOR='red'>UNABLE</FONT> to open file '".realpath($tempFile)."' for writing.<br>\n";
649 echo "(configure file permissions; see below for further instructions)</p>\n";
650 $errorWritable = 1;
653 if ($errorWritable) {
654 echo "<p><FONT COLOR='red'>You can't proceed until all above files are ready (world-writable).</FONT><br>\n";
655 echo "In linux, recommend changing file permissions with the 'chmod 666 filename' command.<br>\n";
656 echo "Fix above file permissions and then click the 'Check Again' button to re-check files.<br>\n";
657 echo "<FORM METHOD='POST'><INPUT TYPE='SUBMIT' VALUE='Check Again'></p></FORM><br>\n";
658 break;
661 echo "<br><FONT COLOR='green'>Ensuring following directories have proper permissions...</FONT><br>\n";
662 $errorWritable = 0;
663 foreach ($writableDirList as $tempDir) {
664 if (is_writable($tempDir)) {
665 echo "'".realpath($tempDir)."' directory is <FONT COLOR='green'><b>ready</b></FONT>.<br>\n";
667 else {
668 echo "<p><FONT COLOR='red'>UNABLE</FONT> to open directory '".realpath($tempDir)."' for writing by web server.<br>\n";
669 echo "(configure directory permissions; see below for further instructions)</p>\n";
670 $errorWritable = 1;
673 if ($errorWritable) {
674 echo "<p><FONT COLOR='red'>You can't proceed until all directories are ready.</FONT><br>\n";
675 echo "In linux, recommend changing owners of these directories to the web server. For example, in many linux OS's the web server user is 'apache', 'nobody', or 'www-data'. So if 'apache' were the web server user name, could use the command 'chown -R apache:apache directory_name' command.<br>\n";
676 echo "Fix above directory permissions and then click the 'Check Again' button to re-check directories.<br>\n";
677 echo "<FORM METHOD='POST'><INPUT TYPE='SUBMIT' VALUE='Check Again'></p></FORM><br>\n";
678 break;
681 echo "<br>All required files and directories have been verified. Click to continue installation.<br>\n";
683 else {
684 echo "<br>Click to continue installation.<br>\n";
687 echo "<FORM METHOD='POST'><INPUT TYPE='HIDDEN' NAME='state' VALUE='1'><INPUT TYPE='SUBMIT' VALUE='Continue'><br></FORM><br>";
694 </span>
696 </BODY>
697 </HTML>