7 * To make this script a bit more simpler to figure out, here is a listing of the "state"(s)
8 * which are basically the steps that this installation script goes through.
10 * empty or 0 - Ensures required file and directory permission are correctly set prior to starting installation.
11 * 1 - Step 1: Select database setup (ie. create the database or use a database already initialized)
12 * 2 - Step 2: Enter in database and openemr user information
13 * 3 - Step 3: Create database
14 * 4 - Step 4: Instructions on configuring PHP
15 * 5 - Step 5: Instructions on configuring Apache
16 * 6 - Step 6: Select a theme
17 * 7 - Final step: Several miscellaneous instruction, login credentials, and link to OpenEMR
20 * @link https://www.open-emr.org
21 * @author Roberto Vasquez <robertogagliotta@gmail.com>
22 * @author Scott Wakefield <scott@npclinics.com.au>
23 * @author Ranganath Pathak <pathak@scrs1.org>
24 * @author Brady Miller <brady.g.miller@gmail.com>
25 * @copyright Copyright (c) 2016 Roberto Vasquez <robertogagliotta@gmail.com>
26 * @copyright Copyright (c) 2016 Scott Wakefield <scott@npclinics.com.au>
27 * @copyright Copyright (c) 2019 Ranganath Pathak <pathak@scrs1.org>
28 * @copyright Copyright (c) 2019-2021 Brady Miller <brady.g.miller@gmail.com>
29 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
32 // Checks if the server's PHP version is compatible with OpenEMR:
33 require_once(dirname(__FILE__
) . "/src/Common/Compatibility/Checker.php");
34 $response = OpenEMR\Common\Compatibility\Checker
::checkPhpVersion();
35 if ($response !== true) {
36 die(htmlspecialchars($response));
39 // Set the maximum excution time and time limit to unlimited.
40 ini_set('max_execution_time', 0);
41 ini_set('display_errors', 0);
44 // Warning. If you set $allow_multisite_setup to true, this is a potential security vulnerability.
45 // Recommend setting it back to false (or removing this setup.php script entirely) after you
46 // are done with the multisite procedure.
47 $allow_multisite_setup = false;
49 // Warning. If you set $allow_cloning_setup to true, this is a potential security vulnerability.
50 // Recommend setting it back to false (or removing this setup.php script entirely) after you
51 // are done with the cloning setup procedure.
52 $allow_cloning_setup = false;
53 if (!$allow_cloning_setup && !empty($_REQUEST['clone_database'])) {
54 require_once(dirname(__FILE__
) . "/src/Common/Session/SessionUtil.php");
55 OpenEMR\Common\Session\SessionUtil
::setupScriptSessionStart();
56 OpenEMR\Common\Session\SessionUtil
::setupScriptSessionCookieDestroy();
57 die("To turn on support for cloning setup, need to edit this script and change \$allow_cloning_setup to true. After you are done setting up the cloning, ensure you change \$allow_cloning_setup back to false or remove this script altogether");
60 function recursive_writable_directory_test($dir)
62 // first, collect the directory and subdirectories
63 $ri = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir));
65 foreach ($ri as $file) {
67 if (!preg_match("/\.\.$/", $file->getPathname())) {
68 $dirName = realpath($file->getPathname());
69 if (!in_array($dirName, $dirNames)) {
70 $dirNames[] = $dirName;
76 // second, flag the directories that are not writable
77 $resultsNegative = array();
78 foreach ($dirNames as $value) {
79 if (!is_writable($value)) {
80 $resultsNegative[] = $value;
84 // third, send the output and return if didn't pass the test
85 if (!empty($resultsNegative)) {
89 foreach ($resultsNegative as $failedDir) {
90 if (basename($failedDir) == basename($dir)) {
91 // need to reorder output so the main directory is at the top of the list
92 $mainDirTest = "<span class='text-danger'>UNABLE</span> to open directory '" . text(realpath($failedDir)) . "' for writing by web server.<br />\r\n";
94 $outputs[] = "<span class='text-danger'>UNABLE</span> to open subdirectory '" . text(realpath($failedDir)) . "' for writing by web server.<br />\r\n";
98 // need to reorder output so the main directory is at the top of the list
99 array_unshift($outputs, $mainDirTest);
101 foreach ($outputs as $output) {
104 echo "(configure directory permissions; see below for further instructions)</p>\r\n";
107 echo "<code class='ml-5'>" . text(realpath($dir)) . "</code> directory and its subdirectories are <span class='text-success font-weight-bold'>ready</span>.<br /><br />\r\n";
112 // Include standard libraries/classes
113 require_once dirname(__FILE__
) . "/vendor/autoload.php";
115 use OpenEMR\Common\Csrf\CsrfUtils
;
116 use OpenEMR\Common\Session\SessionUtil
;
117 use OpenEMR\Common\Utils\RandomGenUtils
;
119 $state = isset($_POST["state"]) ?
($_POST["state"]) : '';
120 $installer = new Installer($_REQUEST);
121 // Make this true for IPPF.
122 $ippf_specific = false;
124 $error_page_end = <<<EPE
127 </div><!--end of container div-->
132 // If this script was invoked with no site ID, then ask for one. (only if allow multisite is on, otherwise will assume default site)
133 if (empty($_REQUEST['site']) && $allow_multisite_setup && empty($state)) {
138 <title>OpenEMR Setup Tool</title>
139 <link rel="stylesheet" href="public/assets/bootstrap/dist/css/bootstrap.min.css">
140 <script src="public/assets/jquery/dist/jquery.min.js"></script>
141 <script src="public/assets/bootstrap/dist/js/bootstrap.bundle.min.js"></script>
142 <link rel="stylesheet" href="public/assets/@fortawesome/fontawesome-free/css/all.min.css">
143 <link rel="shortcut icon" href="public/images/favicon.ico" />
151 <nav class="navbar navbar-expand navbar-light bg-light">
152 <div class="container">
153 <a class="navbar-brand" href="#">OpenEMR Setup</a>
154 <div class="collapse navbar-collapse justify-content-end">
155 <ul class="navbar-nav">
156 <li class="nav-item active">
157 <a class="nav-link" href="#" data-target="#myModal" data-toggle="modal" href="#" id="help-href" name="help-href" title="Click to view Help">Help</span></a>
164 <div class='container mt-3'>
167 <h3 class="mb-3 border-bottom">Optional Site ID Selection</h3>
168 <div class="jumbotron p-5">
170 Most OpenEMR installations support only one site. If that is
171 true for you then ignore the rest of this text and just click Continue.
173 <p class='p-2 bg-warning'>
174 If you are using the multisite setup module for the first time please read the
175 'Multi Site Installation' section of the help file before proceeding.
178 Otherwise please enter a unique Site ID here.
181 A Site ID is a short identifier with no spaces or special
182 characters other than periods or dashes. It is case-sensitive and we
183 suggest sticking to lower case letters for ease of use.
186 If each site will have its own host/domain name, then use that
187 name as the Site ID (e.g. www.example.com).
190 The site ID is used to identify which site you will log in to.
191 If it is a hostname then it is taken from the hostname in the URL.
192 Otherwise you must append "?site=<i>siteid</i>" to the URL used for
196 It is OK for one of the sites to have "default" as its ID. This
197 is the ID that will be used if it cannot otherwise be determined.
201 <input type='hidden' name='state' value='0' />
202 <div class="form-row">
203 <div class="col-auto">
207 <input type='text' class='form-control' name='site' value='default'>
209 <div class="col-12 mt-3">
210 <button type='submit' class='btn btn-primary' value='Continue'><i class="fas fa-chevron-right"></i> Continue</button>
217 </div><!--end of container div-->
219 echo $site_id . "\r\n";
220 $installer->setupHelpModal();
221 echo "</body>" . "\r\n";
222 echo "</html>" . "\r\n";
227 // Support "?site=siteid" in the URL, otherwise assume "default".
228 $site_id = 'default';
229 if (!empty($_REQUEST['site'])) {
230 $site_id = trim($_REQUEST['site']);
233 // Die if site ID is empty or has invalid characters.
234 if (empty($site_id) ||
preg_match('/[^A-Za-z0-9\\-.]/', $site_id)) {
235 SessionUtil
::setupScriptSessionStart();
236 SessionUtil
::setupScriptSessionCookieDestroy();
237 die("Site ID '" . text($site_id) . "' contains invalid characters.");
240 // If multisite is turned off, then only allow default for site.
241 if (!$allow_multisite_setup && $site_id != 'default') {
242 SessionUtil
::setupScriptSessionStart();
243 SessionUtil
::setupScriptSessionCookieDestroy();
244 die("To turn on support for multisite setup, need to edit this script and change \$allow_multisite_setup to true. After you are done setting up the cloning, ensure you change \$allow_multisite_setup back to false or remove this script altogether");
247 // Disable file and directory permissions check by setting to false
248 $checkPermissions = true;
250 global $OE_SITE_DIR; // The Installer sets this
252 $docsDirectory = "$OE_SITE_DIR/documents";
254 //These are files and dir checked before install for
255 // correct permissions.
256 if (is_dir($OE_SITE_DIR)) {
257 $writableFileList = array($installer->conffile
);
258 $writableDirList = array($docsDirectory);
260 $writableFileList = array();
261 $writableDirList = array($OE_SITES_BASE);
264 // Include the sqlconf file if it exists yet.
266 if (file_exists($installer->conffile
)) {
267 require_once($installer->conffile
);
268 } elseif ($state > 3) {
269 // State 3 should have created the site directory if it is missing.
270 SessionUtil
::setupScriptSessionStart();
271 SessionUtil
::setupScriptSessionCookieDestroy();
272 die("Internal error, site directory is missing.");
276 // This will effectively only allow entry into the setup.php script at the first step and will bar entry to the
277 // script if openemr has already been installed.
278 // 2 mechanisms are also in place to ensure go through script in chronological order
279 // - a session variable tracks the next state expected and kills script is not correct
280 // - only the next state csrf is handed out in the form
282 // ensure not already installed
283 if (!empty($config)) {
284 SessionUtil
::setupScriptSessionStart();
285 SessionUtil
::setupScriptSessionCookieDestroy();
286 error_log("OpenEMR has already been installed. If you wish to force re-installation, then edit " . errorLogEscape($installer->conffile
) . " (change the 'config' variable to 0), and re-run the setup.php script.");
287 die("OpenEMR has already been installed. If you wish to force re-installation, see log for details.<br />\n");
289 // set up new blank session and csrf mechanism
290 SessionUtil
::setupScriptSessionStart();
291 session_regenerate_id(true);
293 CsrfUtils
::setupCsrfKey();
295 // start up session and check csrf
296 SessionUtil
::setupScriptSessionStart();
297 $state = (int)$state;
299 if (($state > 0) && ($state < 8)) {
300 $verifyCsrf = CsrfUtils
::verifyCsrfToken($_POST["csrf_token_form"], "state" . $state);
302 SessionUtil
::setupScriptSessionCookieDestroy();
303 die("Not authorized (invalid state)");
306 SessionUtil
::setupScriptSessionCookieDestroy();
307 die("Not authorized (invalid csrf)");
310 // ensure correct state is going (ie. do not allow users to muck around with this)
311 if ($_SESSION['bootstrapStateInSetup'] != $state) {
312 SessionUtil
::setupScriptSessionCookieDestroy();
313 die("Not authorized (incorrect state)");
316 // ensure that users are not mucking with database settings
319 ($sqlconf["host"] != $installer->server
) ||
320 ($sqlconf["port"] != $installer->port
) ||
321 ($sqlconf["dbase"] != $installer->dbname
) ||
322 ($sqlconf["login"] != $installer->login
) ||
323 ($sqlconf["pass"] != $installer->pass
)
325 SessionUtil
::setupScriptSessionCookieDestroy();
326 die("Not authorized (database)");
330 // state 7 is last state so might as well kill the session now to ensure no funny business
332 SessionUtil
::setupScriptSessionCookieDestroy();
339 <title
>OpenEMR Setup Tool
</title
>
340 <!--<link rel
=stylesheet href
="interface/themes/style_blue.css">-->
341 <link rel
="stylesheet" href
="public/assets/bootstrap/dist/css/bootstrap.min.css">
342 <script src
="public/assets/jquery/dist/jquery.min.js"></script
>
343 <script src
="public/assets/bootstrap/dist/js/bootstrap.bundle.min.js"></script
>
344 <link rel
="stylesheet" href
="public/assets/@fortawesome/fontawesome-free/css/all.min.css">
345 <link rel
="shortcut icon" href
="public/images/favicon.ico" />
350 border
-collapse
:collapse
;
352 table
.phpset td
, table
.phpset th
{
354 border
:1px solid gray
;
357 .table
.no
-border tr td
, .table
.no
-border tr th
{
369 font
-family
:sans
-serif
;
377 .label
-div
:hover
> a
{
378 display
:inline
-block
;
383 margin
: 10px
15px
0px
15px
;
385 div
[id$
="_info"] > a
{
389 display
: inline
-block
;
392 .checkboxgroup label
{
405 font
-size
: 70%
!important
;
408 background
-color
: #f5f5f5;
417 fieldset
> [class*="col-"] {
419 text
-align
:left
!Important
;
424 // onclick handler for "clone database" checkbox
425 function cloneClicked() {
426 var cb
= document
.forms
[0].clone_database
;
427 $
('.noclone').css('display', cb
.checked ?
'none' : 'block');
433 <nav
class="navbar navbar-expand navbar-light bg-light">
434 <div
class="container">
435 <a
class="navbar-brand" href
="#">OpenEMR Setup
</a
>
436 <div
class="collapse navbar-collapse justify-content-end">
437 <ul
class="navbar-nav">
438 <li
class="nav-item active">
439 <a
class="nav-link" href
="#" data
-target
="#myModal" data
-toggle
="modal" href
="#" id
="help-href" name
="help-href" title
="Click to view Help">Help
</span
></a
>
445 <div
class='mt-3 container'>
449 $error = "<span class='text-danger font-weight-bold'>ERROR</span>";
450 $caution = "<span class='text-danger font-weight-bold'>CAUTION</span>";
451 $ok = "<span class='text-success font-weight-bold'>OK</span>";
452 $note = "<span class='text-primary font-weight-bold'>NOTE</span>";
454 if (strtolower(ini_get('register_globals')) != 'off' && (bool) ini_get('register_globals')) {
455 echo "$caution: It appears that you have register_globals enabled in your php.ini\n" .
456 "configuration file. This causes unacceptable security risks. You must\n" .
457 "turn it off before continuing with installation.\n";
461 if (!extension_loaded("xml")) {
462 echo "$error: PHP XML extension missing. To continue, install PHP XML extension, then restart web server.";
466 if (!(extension_loaded("mysql") ||
extension_loaded("mysqlnd") ||
extension_loaded("mysqli"))) {
467 echo "$error: PHP MySQL extension missing. To continue, install and enable MySQL extension, then restart web server.";
471 if (!(extension_loaded("mbstring") )) {
472 echo "$error: PHP mb_string extension missing. To continue, install and enable mb_string extension, then restart web server.";
476 if (!(extension_loaded("openssl") )) {
477 echo "$error: PHP openssl extension missing. To continue, install PHP openssl extension, then restart web server.";
485 <h3
class="mb-3 border-bottom">Final step
- Success
</h3
>
486 <div
class="jumbotron p-5">
487 <p
>Congratulations
! OpenEMR is now installed
.</p
>
489 <li
>Access
controls (php
-GACL
) are installed
for fine
-grained security
, and can be administered in
490 OpenEMR
's admin->acl menu.</li>
491 <li>Reviewing <code> <?php echo text($OE_SITE_DIR); ?>/config.php </code> is a good idea. This file
492 contains some settings that you may want to change.</li>
493 <li>There's much information
and many extra tools bundled within the OpenEMR installation directory
.
494 Please refer to openemr
/Documentation
. Many forms
and other useful scripts can be found at openemr
/contrib
.</li
>
495 <li
>To ensure a consistent look
and feel throughout the application
,
496 <a href
='http://www.mozilla.org/products/firefox/'>Firefox
</a
> and <a href
="https://www.google.com/chrome/browser/desktop/index.html">Chrome
</a
> are recommended
. The OpenEMR development team exclusively tests with modern versions of these browsers
.</li
>
497 <li
>The OpenEMR project home page
, documentation
, and forums can be found at
<a href
= "https://www.open-emr.org" rel
='noopener' target
="_blank">https
://www.open-emr.org</a></li>
498 <li
>We pursue grants to help fund the future development of OpenEMR
. To apply
for these grants
, we need to estimate how many times this program is installed
and how many practices are evaluating
or using this software
. It would be awesome
if you would email us at
<a href
="mailto:hello@open-emr.org">hello@open
-emr
.org
</a
> if you have installed this software
. The more details about your plans with this software
, the better
, but even just sending us an email stating you just installed it is very helpful
.</li
>
500 <p
>We recommend you
print these instructions
for future reference
.</p
>
502 echo "<p> The selected theme is :</p>";
503 $installer->displayNewThemeDiv();
504 if (empty($installer->clone_database
)) {
505 echo "<p><b>The initial OpenEMR user is <span class='text-primary'>'" . text($installer->iuser
) . "'</span> and the password is <span class='text-primary'>'" . text($installer->iuserpass
) . "'</span></b></p>";
507 echo "<p>The initial OpenEMR user name and password is the same as that of source site <b>'" . text($installer->source_site_id
) . "'</span></b></p>";
509 echo "<p>If you edited the PHP or Apache configuration files during this installation process, then we recommend you restart your Apache server before following below OpenEMR link.</p>";
510 echo "<p>In Linux use the following command:</p>";
511 echo "<p><code>sudo apachectl -k restart</code></p>";
514 <p
>Click to start using OpenEMR
.</p
>
517 <a href
='./?site=<?php echo attr_url($site_id); ?>' class='btn btn-primary'>
518 <i
class="fas fa-chevron-right"></i
> Start
525 $installer->setCurrentTheme();
530 </div><!--end of container div-->
532 echo $end_div . "\r\n";
533 $installer->setupHelpModal();
534 echo "</body>" . "\r\n";
535 echo "</html>" . "\r\n";
543 $inst = isset($_POST["inst"]) ?
($_POST["inst"]) : '';
547 $_SESSION['bootstrapStateInSetup'] = 2;
548 $state_esc = text($state);
549 $site_id_esc = attr($site_id);
550 $csrf_id_esc = attr(CsrfUtils
::collectCsrfToken('state2'));
552 <h3 class="mb-3 border-bottom">Step $state_esc - Select Database Setup</h3>
553 <div class="jumbotron p-5">
554 <p>Now I need to know whether you want me to create the database on my own or if you have already created the database for me to use. For me to create the database, you will need to supply the MySQL root password.</p>
556 <p class='p-1 bg-warning'>$caution: clicking on <span class="font-weight-bold">Proceed to Step 2</span> may delete or cause damage to existing data on your system. Before you continue <span class="font-weight-bold">please backup your data</span>.</p>
559 <input name='state' type='hidden' value='2' />
560 <input name='site' type='hidden' value='$site_id_esc' />
561 <input name='csrf_token_form' type='hidden' value='$csrf_id_esc' />
562 <div class="form-check">
563 <input checked class='form-check-input' id='inst1' name='inst' type='radio' value='1' />
564 <label class="form-check-label" for="inst1">
565 Have setup create the database
569 <div class="form-check">
570 <input id='inst2' class='form-check-input' name='inst' type='radio' value='2' />
571 <label class="form-check-label" for="inst2">
572 I have already created the database
575 <div class="form-group">
576 <div class="col mt-3">
577 <button type='submit' class='btn btn-primary' value='Continue'>
578 <i class="fas fa-chevron-right"></i> Proceed to Step 2
586 echo $step1 . "\r\n";
590 $_SESSION['bootstrapStateInSetup'] = 3;
591 $state_esc = text($state);
592 $site_id_esc = attr($site_id);
593 $inst_esc = attr($inst);
594 $csrf_id_esc = attr(CsrfUtils::collectCsrfToken('state3'));
595 $step2top = <<<STP2TOP
596 <h3 class="mb-3 border-bottom">Step $state_esc - Database and OpenEMR Initial User Setup Details</h3>
597 <div class="jumbotron p-5">
598 <p>Now you need to supply the MySQL server information and path information. Detailed instructions on each item can be found in the
599 <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u>
602 <form method='post' id='myform'>
603 <input name='state' type='hidden' value='3' />
604 <input name='site' type='hidden' value='$site_id_esc' />
605 <input name='inst' type='hidden' value='$inst_esc' />
606 <input name='csrf_token_form' type='hidden' value='$csrf_id_esc' />
608 echo $step2top . "\r\n";
611 $step2tabletop1 = <<<STP2TBLTOP1
613 <legend name="form_legend" id="form_legend" class='oe-setup-legend'>MySQL Server Details<i id="enter-details-tooltip" class="fa fa-info-circle oe-text-black oe-superscript enter-details-tooltip" aria-hidden="true"></i></legend>
614 <div class="ml-2 row">
615 <div class="col-sm-4">
616 <div class="clearfix form-group">
617 <div class="label-div">
618 <label class="font-weight-bold" for="server">Server Host:</label>
619 <a href="#server_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
622 <input name='server' id='server' type='text' class='form-control' value='localhost' />
625 <div id="server_info" class="collapse">
626 <a href="#server_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
627 <p>If you run MySQL and Apache/PHP on the same computer, then leave this as 'localhost'.</p>
628 <p>If they are on separate computers, then enter the IP address of the computer running MySQL.</p>
631 <div class="col-sm-4">
632 <div class="clearfix form-group">
633 <div class="label-div">
634 <label class="font-weight-bold" for="port">Server Port:</label>
635 <a href="#port_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
638 <input name='port' id='port' type='text' class='form-control' value='3306' />
641 <div id="port_info" class="collapse">
642 <a href="#port_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
643 <p>This is the MySQL port.</p>
644 <p>The default port for MySQL is 3306.</p>
647 <div class="col-sm-4">
648 <div class="clearfix form-group">
649 <div class="label-div">
650 <label class="font-weight-bold" for="dbname">Database Name:</label> <a href="#dbname_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
653 <input name='dbname' id='dbname' type='text' class='form-control' value='openemr' />
656 <div id="dbname_info" class="collapse">
657 <a href="#dbname_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
658 <p>This will be the name of the OpenEMR database in MySQL.</p>
659 <p>'openemr' is the recommended name.</p>
660 <p>This database will contain patient data as well as data pertaining to the OpenEMR installation.</p>
664 <div class="ml-2 row">
665 <div class="col-sm-4">
666 <div class="clearfix form-group">
667 <div class="label-div">
668 <label class="font-weight-bold" for="login">Login Name:</label> <a href="#login_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
671 <input name='login' ID='login' type='text' class='form-control' value='openemr' />
674 <div id="login_info" class="collapse">
675 <a href="#login_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
676 <p>This is the name that OpenEMR will use to login to the MySQL database.</p>
677 <p>'openemr' is the recommended name.</p>
680 <div class="col-sm-4">
681 <div class="clearfix form-group">
682 <div class="label-div">
683 <label class="font-weight-bold" for="pass">Password:</label>
684 <a href="#pass_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
687 <input name='pass' id='pass' class='form-control' type='password' value='' required />
690 <div id="pass_info" class="collapse">
691 <a href="#pass_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
692 <p>This is the Login Password that OpenEMR will use to accesses the MySQL database.</p>
693 <p>It should be at least 12 characters long and composed of both numbers and letters.</p>
694 <p>It cannot contain any of these characters: \ ; ( ) < > / ' "</p>
698 echo $step2tabletop1 . "\r\n";
700 $step2tabletop2 = <<<STP2TBLTOP2
701 <div class="col-sm-4">
702 <div class="clearfix form-group">
703 <div class="label-div">
704 <label class="font-weight-bold" for="root">Name for Root Account:</label>
705 <a href="#root_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
708 <input name='root' id='root' type='text' class='form-control' value='root' />
711 <div id="root_info" class="collapse">
712 <a href="#root_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
713 <p>This is name for the MySQL root account.</p>
714 <p>For localhost, it is usually ok to leave it as 'root'.</p>
718 <div class="ml-2 row">
719 <div class="col-sm-4">
720 <div class="clearfix form-group">
721 <div class="label-div">
722 <label class="font-weight-bold" for="rootpass">Root Password:</label>
723 <a href="#rootpass_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
726 <input name='rootpass' id='rootpass' type='password' class='form-control' value='' />
729 <div id="rootpass_info" class="collapse">
730 <a href="#rootpass_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
731 <p>This is your MySQL server root password.</p>
734 <div class="col-sm-4">
735 <div class="clearfix form-group">
736 <div class="label-div">
737 <label class="font-weight-bold" for="loginhost">User Hostname:</label>
738 <a href="#loginhost_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
741 <input name='loginhost' id='loginhost' type='text' class='form-control' value='localhost' />
744 <div id="loginhost_info" class="collapse">
745 <a href="#loginhost_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
746 <p>If you run Apache/PHP and MySQL on the same computer, then leave this as 'localhost'.</p>
747 <p>If they are on separate computers, then enter the IP address of the computer running Apache/PHP.</p>
750 <div class="col-sm-4">
751 <div class="clearfix form-group">
752 <div class="label-div">
753 <label class="font-weight-bold" for="collate">UTF-8 Collation:</label> <a href="#collate_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
756 <select name='collate' id=='collate' class='form-control'>
757 <option selected value='utf8mb4_general_ci'>
758 General (Recommended)
760 <option value='utf8mb4_unicode_ci'>
763 <option value='utf8mb4_roman_ci'>
766 <option value='utf8mb4_croatian_ci'>
769 <option value='utf8mb4_czech_ci'>
772 <option value='utf8mb4_danish_ci'>
775 <option value='utf8mb4_esperanto_ci'>
778 <option value='utf8mb4_estonian_ci'>
781 <option value='utf8mb4_german2_ci'>
784 <option value='utf8mb4_hungarian_ci'>
787 <option value='utf8mb4_icelandic_ci'>
790 <option value='utf8mb4_latvian_ci'>
793 <option value='utf8mb4_lithuanian_ci'>
796 <option value='utf8mb4_persian_ci'>
799 <option value='utf8mb4_polish_ci'>
802 <option value='utf8mb4_romanian_ci'>
805 <option value='utf8mb4_sinhala_ci'>
808 <option value='utf8mb4_slovak_ci'>
811 <option value='utf8mb4_slovenian_ci'>
814 <option value='utf8mb4_spanish_ci'>
817 <option value='utf8mb4_spanish2_ci'>
818 Spanish (Traditional)
820 <option value='utf8mb4_swedish_ci'>
823 <option value='utf8mb4_turkish_ci'>
826 <option value='utf8mb4_vietnamese_ci'>
832 <div id="collate_info" class="collapse">
833 <a href="#collate_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
834 <p>This is the collation setting for MySQL.</p>
835 <p>Collation refers to a set of rules that determine how data is sorted and compared in a database.</p>
836 <p>Leave as 'General' if you are not sure.</p>
837 <p>If the language you are planning to use in OpenEMR is in the menu, then you can select it.</p>
838 <p>Otherwise, just select 'General'.</p>
843 echo $step2tabletop2 . "\r\n";
845 // Include a "source" site ID drop-list and a checkbox to indicate
846 // if cloning its database. When checked, do not display initial user
847 // and group stuff below.
848 $dh = opendir($OE_SITES_BASE);
850 die("Cannot read directory '" . text($OE_SITES_BASE) . "'.");
853 $siteslist = array();
854 while (false !== ($sfname = readdir($dh))) {
855 if (substr($sfname, 0, 1) == '.') {
859 if ($sfname == 'CVS') {
863 if ($sfname == $site_id) {
867 $sitedir = "$OE_SITES_BASE/$sfname";
868 if (!is_dir($sitedir)) {
872 if (!is_file("$sitedir/sqlconf.php")) {
876 $siteslist[$sfname] = $sfname;
880 // If this is not the first site...
881 if (!empty($siteslist)) {
883 $source_site_top = <<<SOURCESITETOP
884 <div class="ml-2 row">
885 <div class="col-sm-4">
886 <div class="clearfix form-group">
887 <div class="label-div">
888 <label class="font-weight-bold" for="source_site_id">Source Site:</label>
889 <a href="#source_site_id_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
892 <select name='source_site_id'id='source_site_id' class='form-control'>
894 echo $source_site_top . "\r\n";
895 foreach ($siteslist as $sfname) {
896 echo "<option value='" . attr($sfname) . "'";
897 if ($sfname == 'default') {
901 echo ">" . text($sfname) . "</option>";
903 $source_site_bot = <<<SOURCESITEBOT
908 <div id="source_site_id_info" class="collapse">
909 <a href="#source_site_id_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
910 <p>The site directory that will be a model for the new site.</p>
913 <div class="col-sm-4">
914 <div class="clearfix form-group">
915 <div class="label-div">
916 <label class="font-weight-bold" for="clone_database">Clone Source Database:</label>
917 <a href="#clone_database_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
920 <input type='checkbox' name='clone_database' id='clone_database' onclick='cloneClicked()' />
923 <div id="clone_database_info" class="collapse">
924 <a href="#clone_database_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
925 <p>Clone the source site's database instead of creating a fresh one.</p>
930 echo $source_site_bot . "\r\n";
933 $randomusernamepre = RandomGenUtils::produceRandomString(3, "ABCDEFGHIJKLMNOPQRSTUVWXYZ");
934 $randomusernamepost = RandomGenUtils::produceRandomString(2, "0123456789");
935 $randomusername = $randomusernamepre . "-admin-" . $randomusernamepost;
937 // App Based TOTP secret
938 // Shared key (per rfc6238 and rfc4226) should be 20 bytes (160 bits) and encoded in base32, which should
939 // be 32 characters in base32
940 // Would be nice to use the OpenEMR\Common\Utils\RandomGenUtils\produceRandomBytes() function and then encode to base32,
941 // but does not appear to be a standard way to encode binary to base32 in php.
942 $randomsecret = RandomGenUtils::produceRandomString(32, "234567ABCDEFGHIJKLMNOPQRSTUVWXYZ");
943 if (empty($randomsecret) || empty($randomusernamepre) || empty($randomusernamepost)) {
944 error_log('OpenEMR Error : Random String error - exiting');
947 $disableCheckbox = "";
948 if (empty($randomsecret)) {
950 $disableCheckbox = "disabled";
953 $randomsecret_esc = attr($randomsecret);
954 $randomusername_esc = attr($randomusername);
955 $step2tablebot = <<<STP2TBLBOT
958 <fieldset class='noclone'>
959 <legend name="form_legend" id="form_legend" class='oe-setup-legend'>OpenEMR Initial User Details<i id="enter-details-tooltip" class="fa fa-info-circle oe-text-black oe-superscript enter-details-tooltip" aria-hidden="true"></i></legend>
960 <div class="ml-2 row">
961 <div class="col-sm-4">
962 <div class="clearfix form-group">
963 <div class="label-div">
964 <label class="font-weight-bold" for="iuser">Initial User Login Name:</label> <a href="#iuser_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
967 <input name='iuser' id='iuser' type='text' class='form-control' value='$randomusername_esc' minlength='12' />
970 <div id="iuser_info" class="collapse">
971 <a href="#iuser_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
972 <p>This is the login name of the first user that will be created for you.</p>
973 <p>Limit this to one word with at least 12 characters and composed of both numbers and letters.</p>
976 <div class="col-sm-4">
977 <div class="clearfix form-group">
978 <div class="label-div">
979 <label class="font-weight-bold" for="iuserpass">Initial User Password:</label>
980 <a href="#iuserpass_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
983 <input name='iuserpass' id='iuserpass' type='password' class='form-control' value='' minlength='12' />
986 <div id="iuserpass_info" class="collapse">
987 <a href="#iuserpass_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
988 <p>This is the password for the initial user.
991 <div class="col-sm-4">
992 <div class="clearfix form-group">
993 <div class="label-div">
994 <label class="font-weight-bold" for="iufname">Initial User's First Name:</label>
995 <a href="#iufname_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
998 <input name='iufname' id='iufname 'type='text' class='form-control' value='Administrator' />
1001 <div id="iufname_info" class="collapse">
1002 <a href="#iufname_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
1003 <p>This is the First name of the 'initial user'.</p>
1007 <div class="ml-2 row">
1008 <div class="col-sm-4">
1009 <div class="clearfix form-group">
1010 <div class="label-div">
1011 <label class="font-weight-bold" for="iuname">Initial User's Last Name:</label>
1012 <a href="#iuname_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
1015 <input name='iuname' id='iuname' type='text' class='form-control' value='Administrator' />
1018 <div id="iuname_info" class="collapse">
1019 <a href="#iuname_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
1020 <p>This is the Last name of the 'initial user'.</p>
1023 <div class="col-sm-4">
1024 <div class="clearfix form-group">
1025 <div class="label-div">
1026 <label class="font-weight-bold" for="igroup">Initial Group:</label>
1027 <a href="#igroup_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
1030 <input name='igroup' id='igroup' class='form-control' type='text' value='Default' />
1033 <div id="igroup_info" class="collapse">
1034 <a href="#igroup_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
1035 <p>This is the group that will be created for your users.</p>
1036 <p>This should be the name of your practice.</p>
1042 <fieldset class='noclone py-2 bg-warning'>
1043 <legend name="form_legend" id="form_legend" class='oe-setup-legend text-danger'>Enable 2 Factor Authentication for Initial User (more secure - optional) <i id="2fa-section" class="fa fa-info-circle oe-text-black oe-superscript 2fa-section-tooltip" aria-hidden="true"></i></legend>
1044 <div class="ml-2 row">
1045 <div class="col-sm-3">
1046 <div class="clearfix form-group">
1047 <div class="label-div">
1048 <label class="font-weight-bold" for="i2fa">Configure 2FA:</label>
1049 <a href="#i2fa_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
1052 <input name='i2faenable' id='i2faenable' type='checkbox' $disableCheckbox/> Enable 2FA
1053 <input type='hidden' name='i2fasecret' id='i2fasecret' value='$randomsecret_esc' />
1056 <div id="i2fa_info" class="collapse">
1057 <a href="#i2fa_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
1058 <p>If selected will allow TOTP 2 factor authentication for the initial user.</p>
1059 <p>Click on the help file for more information.</p>
1062 <div class="col-sm-5">
1063 <div class="clearfix form-group">
1064 <p class="text-danger font-weight-bold">IMPORTANT IF ENABLED</p>
1065 <p>If enabled, you must have an authenticator app on your phone ready to scan the QR code displayed next.</p>
1068 <div class="col-sm-4">
1069 <div class="clearfix form-group">
1070 <p>Example authenticator apps include:</p>
1073 (<a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8" target="_blank">iOS</a>, <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en">Android</a>)</li>
1075 (<a href="https://itunes.apple.com/us/app/authy/id494168017?mt=8">iOS</a>, <a href="https://play.google.com/store/apps/details?id=com.authy.authy&hl=en">Android</a>)</li>
1081 <p class='mt-4 mark'>Click the <b>Create DB and User</b> button below to create the database and first user <a href='#create_db_button' title='Click me'><i class="fa fa-arrow-circle-down" aria-hidden="true"></i></a>. $note: This process will take a few minutes.</p>
1082 <p class='p-1 bg-success text-white oe-spinner' style='visibility:hidden;'>Upon successful completion will automatically take you to the next step.<i class='fa fa-spinner fa-pulse fa-fw'></i></p>
1083 <div class="form-row">
1084 <div class="col-12">
1085 <button type='submit' id='create_db_button' value='Continue' class='wait btn btn-primary'>
1086 <i class="fas fa-chevron-right"></i> Create DB and User
1093 echo $step2tablebot . "\r\n";
1098 // (applicable if not cloning from another database)
1100 $pass_step2_validation = true;
1101 $error_step2_message = "";
1103 if (! $installer->char_is_valid($_REQUEST['server'])) {
1104 $pass_step2_validation = false;
1105 $error_step2_message .= "$error - A database server host is required <br />\n";
1108 if (! $installer->char_is_valid($_REQUEST['port'])) {
1109 $pass_step2_validation = false;
1110 $error_step2_message .= "$error - A database server port value is required <br />\n";
1113 if (! $installer->databaseNameIsValid($_REQUEST['dbname'])) {
1114 $pass_step2_validation = false;
1115 $error_step2_message .= "$error - A database name is required <br />\n";
1118 if (! $installer->collateNameIsValid($_REQUEST['collate'])) {
1119 $pass_step2_validation = false;
1120 $error_step2_message .= "$error - A collation name is required <br />\n";
1123 if (! $installer->char_is_valid($_REQUEST['login'])) {
1124 $pass_step2_validation = false;
1125 $error_step2_message .= "$error - A database login name is required <br />\n";
1128 if (! $installer->char_is_valid($_REQUEST['pass'])) {
1129 $pass_step2_validation = false;
1130 $error_step2_message .= "$error - A database login password is required <br />\n";
1133 if (empty($installer->clone_database)) {
1134 if (! $installer->login_is_valid()) {
1135 $pass_step2_validation = false;
1136 $error_step2_message .= "$error - Please pick a proper 'Login Name'.<br />\n";
1139 if (! $installer->iuser_is_valid()) {
1140 $pass_step2_validation = false;
1141 $error_step2_message .= "$error - The 'Initial User' field can only contain one word and no spaces.<br />\n";
1144 if (! $installer->user_password_is_valid()) {
1145 $pass_step2_validation = false;
1146 $error_step2_message .= "$error - Please pick a proper 'Initial User Password'.<br />\n";
1150 if (! $installer->password_is_valid()) {
1151 $pass_step2_validation = false;
1152 $error_step2_message .= "$error - Please pick a proper 'Password'.<br />\n";
1155 if (! $installer->iuname_is_valid()) {
1156 $pass_step2_validation = false;
1157 $error_step2_message .= "$error - Please pick a proper 'Initial User Last Name'.<br />\n";
1160 if (!$pass_step2_validation) {
1161 $_SESSION['bootstrapStateInSetup'] = 2;
1162 echo $error_step2_message . '<br />';
1164 <form method='post' id='validate-error'>
1165 <input name='state' type='hidden' value='2' />
1166 <input name='site' type='hidden' value='" . attr($site_id) . "' />
1167 <input name='inst' type='hidden' value='" . attr($inst) . "' />
1168 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state2')) . "' />
1169 <button type='submit' class='btn btn-primary'><i class='fas fa-chevron-left'></i> " . text("Back") . "</button>
1174 echo "<h3 class='mb-3 border-bottom'>Step " . text($state) . " - Creating Database and First User</h3>";
1175 echo "<div class='jumbotron p-5'>";
1177 // Skip below if database shell has already been created.
1179 echo "Connecting to MySQL Server...\n";
1181 if (! $installer->root_database_connection()) {
1182 $_SESSION['bootstrapStateInSetup'] = 2;
1183 echo "$error. Check your login credentials.\n";
1184 echo text($installer->error_message);
1185 echo "<br /><br />";
1187 <form method='post' id='validate-error'>
1188 <input name='state' type='hidden' value='2' />
1189 <input name='site' type='hidden' value='" . attr($site_id) . "' />
1190 <input name='inst' type='hidden' value='" . attr($inst) . "' />
1191 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state2')) . "' />
1192 <button type='submit' class='btn btn-primary'><i class='fas fa-chevron-left'></i> " . text("Back") . "</button>
1196 echo "$ok.<br />\n";
1201 // Only pertinent if cloning another installation database
1202 if ($allow_cloning_setup && !empty($installer->clone_database)) {
1203 echo "Dumping source database...";
1205 if (! $installer->create_dumpfiles()) {
1206 echo text($installer->error_message);
1209 echo "$ok.<br />\n";
1214 // Only pertinent if mirroring another installation directory
1215 if (! empty($installer->source_site_id)) {
1216 echo "Creating site directory...";
1217 if (! $installer->create_site_directory()) {
1218 echo text($installer->error_message);
1226 // Skip below if database shell has already been created.
1228 echo "Creating database...\n";
1230 if (! $installer->create_database()) {
1231 echo "$error. Check your login credentials.\n";
1232 echo text($installer->error_message);
1235 echo "$ok.<br />\n";
1239 echo "Creating user with permissions for database...\n";
1241 $user_mysql_error = true;
1242 if (! $installer->create_database_user()) {
1243 echo "$error when creating specified user.\n";
1244 echo text($installer->error_message);
1247 $user_mysql_error = false;
1249 if (! $installer->grant_privileges()) {
1250 echo "$error when granting privileges to the specified user.\n";
1251 echo text($installer->error_message);
1254 $user_mysql_error = false;
1256 if (!$user_mysql_error) {
1257 echo "$ok.<br />\n";
1261 echo "Reconnecting as new user...\n";
1263 $installer->disconnect();
1265 echo "Connecting to MySQL Server...\n";
1268 if (! $installer->user_database_connection()) {
1269 echo "$error. Check your login credentials.\n";
1270 echo text($installer->error_message);
1271 echo "<br />You will need to remove the database, correct the problem, and then restart the setup.php script.<br /><br />";
1274 echo "$ok.<br />\n";
1278 // Load the database files
1279 $dump_results = $installer->load_dumpfiles();
1280 if (! $dump_results) {
1282 echo text($installer->error_message);
1289 echo "Writing SQL configuration...\n";
1291 if (! $installer->write_configuration_file()) {
1293 echo text($installer->error_message);
1296 echo "$ok.<br />\n";
1300 // Only pertinent if not cloning another installation database
1301 if (empty($installer->clone_database)) {
1302 echo "Setting version indicators...\n";
1304 if (! $installer->add_version_info()) {
1306 echo text($installer->error_message);
1314 echo "Writing global configuration defaults...\n";
1316 if (! $installer->insert_globals()) {
1318 echo text($installer->error_message);
1326 echo "Setting up Access Controls...\n";
1327 require("$OE_SITE_DIR/sqlconf.php");
1328 if (! $installer->install_gacl()) {
1330 echo text($installer->error_message);
1338 echo "Adding Initial User...\n";
1340 if (! $installer->add_initial_user()) {
1342 echo text($installer->error_message);
1348 echo "Adding Additional Users...\n";
1350 if (! $installer->install_additional_users()) {
1352 echo text($installer->error_message);
1358 echo "Configuring Care Coordination Module...\n";
1360 if (! $installer->on_care_coordination()) {
1362 echo text($installer->error_message);
1369 // If user has selected to set MFA App Based 2FA, display QR code to scan
1370 $qr = $installer->get_initial_user_2fa_qr();
1371 $qr_esc = attr($qr);
1373 $qrDisplay = <<<TOTP
1378 <strong class='text-danger'>IMPORTANT!!</strong>
1379 <p><strong>You must scan the following QR code with your preferred authenticator app.</strong></p>
1380 <img src='$qr_esc' width="150" />
1385 Example authenticator apps include:
1388 (<a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8">iOS</a>, <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en">Android</a>)</li>
1390 (<a href="https://itunes.apple.com/us/app/authy/id494168017?mt=8">iOS</a>, <a href="https://play.google.com/store/apps/details?id=com.authy.authy&hl=en">Android</a>)</li>
1399 if ($allow_cloning_setup && !empty($installer->clone_database)) {
1400 // Database was cloned, skip ACL setup.
1401 $btn_text = 'Proceed to Select a Theme';
1403 echo "<p>The database was cloned, access control list exists therefore skipping ACL setup</p>";
1404 echo "<p class='p-1 bg-warning'>Click <b>" . text($btn_text) . "</b> for further instructions.</p>";
1407 $btn_text = 'Proceed to Step 4';
1409 echo "<p><b>Granted user <span class='text-primary'>" . text($installer->iuser) . "</span> administrator access control (password is <span class='text-primary'>" . text($installer->iuserpass) . "</span>).</b></p>";
1410 echo "<p>The next step will configure php.</p>";
1411 echo "<p class='mark'>Click <strong>" . text($btn_text) . "</strong> to continue.</p>";
1415 $_SESSION['bootstrapStateInSetup'] = $next_state;
1416 echo "<form method='post'>
1417 <input name='state' type='hidden' value='" . attr($next_state) . "' />
1418 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state' . $next_state)) . "' />
1419 <input name='site' type='hidden' value='" . attr($site_id) . "' />
1420 <input name='iuser' type='hidden' value='" . attr($installer->iuser) . "' />
1421 <input name='iuserpass' type='hidden' value='" . attr($installer->iuserpass) . "' />
1422 <input name='iuname' type='hidden' value='" . attr($installer->iuname) . "' />
1423 <input name='iufname' type='hidden' value='" . attr($installer->iufname) . "' />
1424 <input name='login' type='hidden' value='" . attr($installer->login) . "' />
1425 <input name='pass' type='hidden' value='" . attr($installer->pass) . "' />
1426 <input name='server' type='hidden' value='" . attr($installer->server) . "' />
1427 <input name='port' type='hidden' value='" . attr($installer->port) . "' />
1428 <input name='loginhost' type='hidden' value='" . attr($installer->loginhost) . "' />
1429 <input name='dbname' type='hidden' value='" . attr($installer->dbname) . "' />\r\n";
1431 if ($allow_cloning_setup) {
1432 echo "<input type='hidden' name='clone_database' value='" . attr($installer->clone_database) . "' />";
1433 echo "<input name='source_site_id' type='hidden' value='" . attr($installer->source_site_id) . "' />";
1435 $btn_text_esc = text($btn_text);
1436 $form_bottom = <<<FRMBOT
1437 <div class="form-row">
1438 <div class="col-12">
1439 <button type='submit' id='step-4-btn' class="btn btn-primary" value='Continue'>
1440 <i class="fas fa-chevron-right"></i> $btn_text_esc
1447 echo $form_bottom . "\r\n";
1451 $_SESSION['bootstrapStateInSetup'] = 5;
1452 $state_esc = text($state);
1453 $step4_top = <<<STP4TOP
1454 <h3 class="mb-3 border-bottom">Step $state_esc - Configure PHP</h3>
1455 <div class="jumbotron p-5">
1456 <p>Configuration of PHP...</p>
1457 <p>We recommend making the following changes to your PHP installation, which can normally be done by editing the php.ini configuration file:</p>
1460 echo $step4_top . "\r\n";
1463 $phpINIfile = php_ini_loaded_file();
1465 echo "<li><span class='text-success'>Your php.ini file can be found at " . text($phpINIfile) . "</span></li>\n";
1469 $short_tag = ini_get('short_open_tag') ? 'On' : 'Off';
1470 $short_tag_style = (strcmp($short_tag, 'Off') === 0) ? '' : 'text-danger';
1471 $display_errors = ini_get('display_errors') ? 'On' : 'Off';
1472 $display_errors_style = (strcmp($display_errors, "Off") === 0) ? '' : 'text-danger';
1473 $register_globals = ini_get('register_globals') ? 'On' : 'Off';
1474 $register_globals_style = (strcmp($register_globals, 'Off') === 0) ? '' : 'text-danger';
1475 $max_input_vars = ini_get('max_input_vars');
1476 $max_input_vars_style = $max_input_vars < 3000 ? 'text-danger' : '';
1477 $max_execution_time = (int)ini_get('max_execution_time');
1478 $max_execution_time_style = $max_execution_time >= 60 || $max_execution_time === 0 ? '' : 'text-danger';
1479 $max_input_time = ini_get('max_input_time');
1480 $max_input_time_style = (strcmp($max_input_time, '-1') === 0) ? '' : 'text-danger';
1481 $post_max_size = ini_get('post_max_size');
1482 $post_max_size_style = $post_max_size < 30 ? 'text-danger' : '';
1483 $memory_limit = ini_get('memory_limit');
1484 $memory_limit_style = $memory_limit < 256 ? 'text-danger' : '';
1485 $mysqli_allow_local_infile = ini_get('mysqli.allow_local_infile') ? 'On' : 'Off';
1486 $mysqli_allow_local_infile_style = (strcmp($mysqli_allow_local_infile, 'On') === 0) ? '' : 'text-danger';
1488 echo "<li>To ensure proper functioning of OpenEMR you must make sure that PHP settings include:
1489 <table class='phpset'>
1492 <th>Required value</th>
1493 <th>Current value</th>
1496 <td>short_open_tag</td>
1498 <td class='" . attr($short_tag_style) . "'>" . text($short_tag) . "</td>
1501 <td>display_errors</td>
1503 <td class='" . attr($display_errors_style) . "'>" . text($display_errors) . "</td>
1506 <td>register_globals</td>
1508 <td class='" . attr($register_globals_style) . "'>" . text($register_globals) . "</td>
1511 <td>max_input_vars</td>
1512 <td>at least 3000</td>
1513 <td class='" . attr($max_input_vars_style) . "'>" . text($max_input_vars) . "</td>
1516 <td>max_execution_time</td>
1517 <td>at least 60</td>
1518 <td class='" . attr($max_execution_time_style) . "'>" . text($max_execution_time) . "</td>
1521 <td>max_input_time</td>
1523 <td class='" . attr($max_input_time_style) . "'>" . text($max_input_time) . "</td>
1526 <td>post_max_size</td>
1527 <td>at least 30M</td>
1528 <td class='" . attr($post_max_size_style) . "'>" . text($post_max_size) . "</td>
1531 <td>memory_limit</td>
1532 <td>at least 256M</td>
1533 <td class='" . attr($memory_limit_style) . "'>" . text($memory_limit) . "</td>
1536 <td>mysqli.allow_local_infile</td>
1538 <td class='" . attr($mysqli_allow_local_infile_style) . "'>" . text($mysqli_allow_local_infile) . "</td>
1542 <li>In order to take full advantage of the patient documents capability you must make sure that settings in php.ini file include \"file_uploads = On\", that \"upload_max_filesize\" is appropriate for your use and that \"upload_tmp_dir\" is set to a correct value that will work on your system.
1545 if (!$gotFileFlag) {
1546 echo "<li>If you are having difficulty finding your php.ini file, then refer to the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual for suggestions.</li>\n";
1549 $btn_text = 'Proceed to Step 5';
1552 <p>We recommend you print these instructions for future reference.</p>
1553 <p>The next step will configure the Apache web server.</p>
1554 <p class='mark'>Click <strong>" . text($btn_text) . "</strong> to continue.</p>
1556 <form method='post'>
1557 <input type='hidden' name='state' value='5' />
1558 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state5')) . "' />
1559 <input type='hidden' name='site' value='" . attr($site_id) . "' />
1560 <input type='hidden' name='iuser' value='" . attr($installer->iuser) . "' />
1561 <input type='hidden' name='iuserpass' value='" . attr($installer->iuserpass) . "' />
1562 <input name='login' type='hidden' value='" . attr($installer->login) . "' />
1563 <input name='pass' type='hidden' value='" . attr($installer->pass) . "' />
1564 <input name='server' type='hidden' value='" . attr($installer->server) . "' />
1565 <input name='port' type='hidden' value='" . attr($installer->port) . "' />
1566 <input name='loginhost' type='hidden' value='" . attr($installer->loginhost) . "' />
1567 <input name='dbname' type='hidden' value='" . attr($installer->dbname) . "' />
1568 <div class='form-row'>
1569 <div class='col-12'>
1570 <button type='submit' class='btn btn-primary' value='Continue'>
1571 <i class='fas fa-chevron-right'></i> " . text($btn_text) . "
1580 $_SESSION['bootstrapStateInSetup'] = 6;
1581 echo "<h3 class='mb-3 border-bottom'>Step " . text($state) . " - Configure Apache Web Server</h3>";
1582 echo "<div class='jumbotron p-5'>";
1583 echo "<p>Configuration of Apache web server...</p><br />\n";
1584 echo "The <code>\"" . text(preg_replace("/${site_id}/", "*", realpath($docsDirectory))) . "\"</code> directory contain patient information, and
1585 it is important to secure these directories. Additionally, some settings are required for the Zend Framework to work in OpenEMR. This can be done by pasting the below to end of your apache configuration file:<br /><br />
1586 <code><Directory \"" . text(realpath(dirname(__FILE__))) . "\"><br />
1587 AllowOverride FileInfo<br />
1588 Require all granted<br />
1589 <code></Directory></code><br />
1590 <Directory \"" . text(realpath(dirname(__FILE__))) . "/sites\"><br />
1591 AllowOverride None<br />
1592 </Directory></code><br />
1593 <code><Directory \"" . text(preg_replace("/${site_id}/", "*", realpath($docsDirectory))) . "\"><br />
1594 Require all denied<br />
1595 </Directory></code><br /><br />";
1597 $btn_text = 'Proceed to Select a Theme';
1598 echo "<p>If you are having difficulty finding your apache configuration file, then refer to the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual for suggestions.</p>
1599 <p>We recommend you print these instructions for future reference.</p>
1600 <p class='mark'>Click <strong>'" . text($btn_text) . "'</strong> to select a theme.</p>
1602 <form method='post'>
1603 <input type='hidden' name='state' value='6' />
1604 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state6')) . "' />
1605 <input type='hidden' name='site' value='" . attr($site_id) . "' />
1606 <input type='hidden' name='iuser' value='" . attr($installer->iuser) . "' />
1607 <input type='hidden' name='iuserpass' value='" . attr($installer->iuserpass) . "' />
1608 <input name='login' type='hidden' value='" . attr($installer->login) . "' />
1609 <input name='pass' type='hidden' value='" . attr($installer->pass) . "' />
1610 <input name='server' type='hidden' value='" . attr($installer->server) . "' />
1611 <input name='port' type='hidden' value='" . attr($installer->port) . "' />
1612 <input name='loginhost' type='hidden' value='" . attr($installer->loginhost) . "' />
1613 <input name='dbname' type='hidden' value='" . attr($installer->dbname) . "' />
1614 <div class='form-row'>
1615 <div class='col-12'>
1616 <button type='submit' class='btn btn-primary' value='Continue'>
1617 <i class='fas fa-chevron-right'></i> " . text($btn_text) . "
1626 $_SESSION['bootstrapStateInSetup'] = 7;
1627 echo "<h3 class='mb-3 border-bottom'>Step " . text($state) . " - Select a Theme</h3>";
1628 echo "<div class='jumbotron p-5'>";
1629 echo "<p>Select a theme for OpenEMR...</p>\n";
1630 $btn_text = "Proceed to Final Step";
1631 $installer->displaySelectedThemeDiv();
1632 echo "<div class='row'>
1633 <div class='col-12'>
1634 <form method='post'>
1635 <input type='hidden' name='state' value='7' />
1636 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state7')) . "' />
1637 <input type='hidden' name='site' value='" . attr($site_id) . "' />
1638 <input type='hidden' name='iuser' value='" . attr($installer->iuser) . "' />
1639 <input type='hidden' name='iuserpass' value='" . attr($installer->iuserpass) . "' />
1640 <input name='login' type='hidden' value='" . attr($installer->login) . "' />
1641 <input name='pass' type='hidden' value='" . attr($installer->pass) . "' />
1642 <input name='server' type='hidden' value='" . attr($installer->server) . "' />
1643 <input name='port' type='hidden' value='" . attr($installer->port) . "' />
1644 <input name='loginhost' type='hidden' value='" . attr($installer->loginhost) . "' />
1645 <input name='dbname' type='hidden' value='" . attr($installer->dbname) . "' />
1646 <input type='hidden' name='new_theme' id = 'new_theme' value='" . attr($installer->getCurrentTheme()) . "' />
1647 <input name='clone_database' type='hidden' value='" . attr($installer->clone_database) . "' />
1648 <input name='source_site_id' type='hidden' value='" . attr($installer->source_site_id) . "' />
1649 <h4>Select One:</h4>
1650 <div class='checkbox'>
1651 <label><input type='checkbox' class='check' value='show_theme' />Show More Themes</label>
1653 <div class='checkbox'>
1654 <label><input type='checkbox' class='check' value='keep_current' />Keep Current</label>
1656 <div class='hide_button' style='display:none;'>
1657 <button type='submit' class='btn btn-primary' value='Continue' id='continue'>
1658 <i class='fas fa-chevron-right'></i> " . text($btn_text) . "
1664 echo '<div class="row hideaway" style="display:none;">' . "\r\n";
1665 echo '<div class="col-12">' . "\r\n";
1666 echo ' <h4>Select New Theme: <h5>(scroll down to view all)</h5></h4>' . "\r\n";
1667 echo ' <br />' . "\r\n";
1668 $installer->displayThemesDivs();
1675 <h3 class="mb-3 border-bottom">Pre Install - Checking File and Directory Permissions</h3>
1676 <div class="jumbotron p-5">
1678 Welcome to OpenEMR. This utility will step you through the installation and configuration of OpenEMR for your practice.
1682 Before proceeding, be sure that you have a properly installed and configured MySQL server available, and a PHP configured webserver.
1685 <span class="text-highlight">Detailed installation instructions can be found in the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual file.</span>
1688 If you are upgrading from a previous version, <strong>DO NOT</strong> use this script. Please read the <strong>'Upgrading'</strong> section found in the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual file.
1693 if ($checkPermissions) {
1694 echo "<p>We will now ensure correct file and directory permissions before starting installation:</p>\n";
1695 echo "<p class='text-success m-0'>Ensuring following file is world-writable...</p>\n";
1697 foreach ($writableFileList as $tempFile) {
1698 if (is_writable($tempFile)) {
1699 echo "<code class='ml-5'>" . text(realpath($tempFile)) . "</code> file is <span class='text-success font-weight-bold'>ready</span><br /><br />\n";
1701 echo "<p><span class='text-danger'>UNABLE</span> to open file '" . text(realpath($tempFile)) . "' for writing.<br />\n";
1702 echo "(configure file permissions; see below for further instructions)</p>\n";
1707 if ($errorWritable) {
1708 $site_id_esc = attr($site_id);
1709 $check_file = <<<CHKFILE
1710 <p class="text-danger">You can't proceed until all above files are ready (world-writable).</p>
1711 <p>In linux, recommend changing file permissions with the <strong>'chmod 666 filename'</strong> command.</p>
1712 <p class='p-1 bg-danger text-white'>Fix above file permissions and then click the <strong>'Check Again'</strong> button to re-check files.</p>
1714 <form method='post'>
1715 <input type='hidden' name='site' value='$site_id_esc' />
1716 <button type='submit' class='btn btn-primary' value='check again'>Check Again</button>
1719 echo $check_file . "\r\n";
1724 foreach ($writableDirList as $tempDir) {
1725 echo "<p class='text-success m-0'>Ensuring the <code>" . text(realpath($tempDir)) . "</code> directory and its subdirectories have proper permissions...</p>\n";
1726 $errorWritable = recursive_writable_directory_test($tempDir);
1729 if ($errorWritable) {
1730 $site_id_esc = attr($site_id);
1731 $check_directory = <<<CHKDIR
1732 <p class="text-danger">You can't proceed until all directories and subdirectories are ready.</p>
1733 <p>In linux, recommend changing owners of these directories to the web server. For example, in many linux OS's the web server user is 'apache', 'nobody', or 'www-data'. So if 'apache' were the web server user name, could use the command <strong>'chown -R apache:apache directory_name'</strong> command.</p>
1734 <p class='p-1 bg-warning'>Fix above directory permissions and then click the <strong>'Check Again'</strong> button to re-check directories.</p>
1736 <form method='post'>
1737 <input type='hidden' name='site' value='$site_id_esc' />
1738 <button type='submit' value='check again'><b>Check Again</b></button>
1741 echo $check_directory . "\r\n";
1746 $_SESSION['bootstrapStateInSetup'] = 1;
1747 $site_id_esc = attr($site_id);
1748 $csrf_id_esc = attr(CsrfUtils::collectCsrfToken('state1'));
1750 <p>All required files and directories have been verified.</p>
1751 <p class='mark'>Click <span class="font-weight-bold">Proceed to Step 1</span> to continue with a new installation.</p>
1752 <p class='p-1 bg-warning'>$caution: If you are upgrading from a previous version, <strong>DO NOT</strong> use this script. Please read the <strong>'Upgrading'</strong> section found in the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual file.</p>
1754 <form method='post'>
1755 <input name='state' type='hidden' value='1' />
1756 <input name='site' type='hidden' value='$site_id_esc' />
1757 <input name='csrf_token_form' type='hidden' value='$csrf_id_esc' />
1758 <div class="form-group">
1760 <button type='submit' class='btn btn-primary' value='Continue'>
1761 <i class="fas fa-chevron-right"></i> Proceed to Step 1
1767 echo $form . "\r\n";
1769 $_SESSION['bootstrapStateInSetup'] = 1;
1770 $site_id_esc = attr($site_id);
1771 $csrf_id_esc = attr(CsrfUtils::collectCsrfToken('state1'));
1774 <p class='p-1 bg-warning'>$caution: Permisssions checking has been disabled. All required files and directories have NOT been verified, please manually verify sites/$site_id_esc .</p>
1775 <p class='mark'>Click <b>Proceed to Step 1</b> to continue with a new installation.</p>
1776 <p class='p-1 bg-warning'>$caution: If you are upgrading from a previous version, <strong>DO NOT</strong> use this script. Please read the <strong>'Upgrading'</strong> section found in the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><span style='text-decoration: underline;'>'INSTALL'</span></a> manual file.</p>
1778 <form method='post'>
1779 <input name='state' type='hidden' value='1'>
1780 <input name='site' type='hidden' value='$site_id_esc'>
1781 <input name='csrf_token_form' type='hidden' value='$csrf_id_esc' />
1782 <button type='submit' value='Continue'><b>Proceed to Step 1</b></button>
1785 echo $form . "\r\n"; }
1796 </div><!--end of container div -->
1797 <?php $installer->setupHelpModal();?>
1801 $('.icon-tooltip').prop( "title", "Click to see more information").tooltip({
1807 $('.enter-details-tooltip').prop( "title", "Additional help to fill out this form is available by hovering over labels of each box and clicking on the dark blue help ? icon that is revealed. On mobile devices tap once on the label to reveal the help icon and tap on the icon to show the help section").tooltip();
1808 $('.2fa-section-tooltip').prop( "title", "Two factor authentication prevents unauthorized access to openEMR thus improves security. It is optional. More information is available in the help file under Step 2 Database and OpenEMR Initial User Setup Details.").tooltip();
1815 $("input[type='radio']").click(function() {
1816 var radioValue = $("input[name='stylesheet']:checked").val();
1817 var imgPath = "public/images/stylesheets/";
1818 var currStyle = $("#current_theme_title").text();
1819 var currStyleTitle = currStyle;
1820 currStyle = currStyle.replace(/\b\w/g, l => l.toLowerCase());
1821 currStyle = currStyle.split(" ");
1822 currStyle = currStyle.join("_");
1823 currStyle = "style_" + currStyle + ".png";
1825 var currThemeText = radioValue.split("_");
1826 currThemeText = currThemeText.join(" ");
1827 currThemeText = currThemeText.replace(/\b\w/g, l => l.toUpperCase());
1828 var styleSelected = confirm("You have selected style - " + currThemeText + "\n" + "Click OK to apply selection");
1829 if (styleSelected) {
1830 $("#current_theme").attr("src", imgPath + "style_" + radioValue + ".png");
1831 $("#current_theme_title").text(currThemeText);
1832 $("#new_theme").val("style_" + radioValue + ".css");
1834 $("#current_theme").attr("src", imgPath + currStyle);
1835 $("#current_theme_title").text(currStyleTitle);
1836 $(this).prop("checked", false);
1840 $('.check').click(function() {
1841 $('.check').not(this).prop('checked', false);
1842 if($('.check:checked').val() == 'show_theme'){
1843 $(".hideaway").show();
1844 } else if($('.check:checked').val() == 'keep_current'){
1845 $(".hideaway").hide();
1848 if($('.check').filter(':checked').length > 0) {
1849 $(".hide_button").show();
1851 $(".hide_button").hide();
1852 $(".hideaway").hide();
1855 $('.wait').removeClass('button-wait');
1857 $( "#create_db_button" ).hover(
1859 if (($('#iuserpass' ).val().length > 11 && $('#iuser' ).val().length > 11 ) || ($('#clone_database').prop('checked'))){
1861 $("button").click(function(){
1862 $(".oe-spinner").css("visibility", "visible");
1865 $('.wait').click(function(){
1866 $('.wait').addClass('button-wait');
1872 $("#step-4-btn").click(function(){
1873 $(".oe-spinner").css("visibility", "visible");
1874 $(this).addClass('button-wait');