search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Phq9form final version (#5810)
[openemr.git] / setup.php
blob141be33bddce2f5f9e468aa12c77a2a57930c3cf
1 <?php
2
3 /**
4 *
5 * Installation script.
6 *
7 * To make this script a bit more simpler to figure out, here is a listing of the "state"(s)
8 * which are basically the steps that this installation script goes through.
9 * state:
10 * empty or 0 - Ensures required file and directory permission are correctly set prior to starting installation.
11 * 1 - Step 1: Select database setup (ie. create the database or use a database already initialized)
12 * 2 - Step 2: Enter in database and openemr user information
13 * 3 - Step 3: Create database
14 * 4 - Step 4: Instructions on configuring PHP
15 * 5 - Step 5: Instructions on configuring Apache
16 * 6 - Step 6: Select a theme
17 * 7 - Final step: Several miscellaneous instruction, login credentials, and link to OpenEMR
18 *
19 * @package OpenEMR
20 * @link https://www.open-emr.org
21 * @author Roberto Vasquez <robertogagliotta@gmail.com>
22 * @author Scott Wakefield <scott@npclinics.com.au>
23 * @author Ranganath Pathak <pathak@scrs1.org>
24 * @author Brady Miller <brady.g.miller@gmail.com>
25 * @copyright Copyright (c) 2016 Roberto Vasquez <robertogagliotta@gmail.com>
26 * @copyright Copyright (c) 2016 Scott Wakefield <scott@npclinics.com.au>
27 * @copyright Copyright (c) 2019 Ranganath Pathak <pathak@scrs1.org>
28 * @copyright Copyright (c) 2019-2021 Brady Miller <brady.g.miller@gmail.com>
29 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
30 */
31
32 // Checks if the server's PHP version is compatible with OpenEMR:
33 require_once(dirname(__FILE__) . "/src/Common/Compatibility/Checker.php");
34 $response = OpenEMR\Common\Compatibility\Checker::checkPhpVersion();
35 if ($response !== true) {
36 die(htmlspecialchars($response));
37 }
38
39 // Set the maximum excution time and time limit to unlimited.
40 ini_set('max_execution_time', 0);
41 ini_set('display_errors', 0);
42 set_time_limit(0);
43
44 // Warning. If you set $allow_multisite_setup to true, this is a potential security vulnerability.
45 // Recommend setting it back to false (or removing this setup.php script entirely) after you
46 // are done with the multisite procedure.
47 $allow_multisite_setup = false;
48
49 // Warning. If you set $allow_cloning_setup to true, this is a potential security vulnerability.
50 // Recommend setting it back to false (or removing this setup.php script entirely) after you
51 // are done with the cloning setup procedure.
52 $allow_cloning_setup = false;
53 if (!$allow_cloning_setup && !empty($_REQUEST['clone_database'])) {
54 require_once(dirname(__FILE__) . "/src/Common/Session/SessionUtil.php");
55 OpenEMR\Common\Session\SessionUtil::setupScriptSessionStart();
56 OpenEMR\Common\Session\SessionUtil::setupScriptSessionCookieDestroy();
57 die("To turn on support for cloning setup, need to edit this script and change \$allow_cloning_setup to true. After you are done setting up the cloning, ensure you change \$allow_cloning_setup back to false or remove this script altogether");
58 }
59
60 function recursive_writable_directory_test($dir)
61 {
62 // first, collect the directory and subdirectories
63 $ri = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir));
64 $dirNames = array();
65 foreach ($ri as $file) {
66 if ($file->isDir()) {
67 if (!preg_match("/\.\.$/", $file->getPathname())) {
68 $dirName = realpath($file->getPathname());
69 if (!in_array($dirName, $dirNames)) {
70 $dirNames[] = $dirName;
71 }
72 }
73 }
74 }
75
76 // second, flag the directories that are not writable
77 $resultsNegative = array();
78 foreach ($dirNames as $value) {
79 if (!is_writable($value)) {
80 $resultsNegative[] = $value;
81 }
82 }
83
84 // third, send the output and return if didn't pass the test
85 if (!empty($resultsNegative)) {
86 echo "<p>";
87 $mainDirTest = "";
88 $outputs = array();
89 foreach ($resultsNegative as $failedDir) {
90 if (basename($failedDir) == basename($dir)) {
91 // need to reorder output so the main directory is at the top of the list
92 $mainDirTest = "<span class='text-danger'>UNABLE</span> to open directory '" . text(realpath($failedDir)) . "' for writing by web server.<br />\r\n";
93 } else {
94 $outputs[] = "<span class='text-danger'>UNABLE</span> to open subdirectory '" . text(realpath($failedDir)) . "' for writing by web server.<br />\r\n";
95 }
96 }
97 if ($mainDirTest) {
98 // need to reorder output so the main directory is at the top of the list
99 array_unshift($outputs, $mainDirTest);
100 }
101 foreach ($outputs as $output) {
102 echo $output;
103 }
104 echo "(configure directory permissions; see below for further instructions)</p>\r\n";
105 return 1;
106 } else {
107 echo "<code class='ml-5'>" . text(realpath($dir)) . "</code> directory and its subdirectories are <span class='text-success font-weight-bold'>ready</span>.<br /><br />\r\n";
108 return 0;
109 }
110 }
111
112 // Include standard libraries/classes
113 require_once dirname(__FILE__) . "/vendor/autoload.php";
114
115 use OpenEMR\Common\Csrf\CsrfUtils;
116 use OpenEMR\Common\Session\SessionUtil;
117 use OpenEMR\Common\Utils\RandomGenUtils;
118
119 $state = isset($_POST["state"]) ? ($_POST["state"]) : '';
120 $installer = new Installer($_REQUEST);
121 // Make this true for IPPF.
122 $ippf_specific = false;
123
124 $error_page_end = <<<EPE
125 </div>
126 </div>
127 </div><!--end of container div-->
128 </body>
129 </html>
130 EPE;
131
132 // If this script was invoked with no site ID, then ask for one. (only if allow multisite is on, otherwise will assume default site)
133 if (empty($_REQUEST['site']) && $allow_multisite_setup && empty($state)) {
134 $site_id = <<<SITEID
135 <!DOCTYPE html>
136 <html>
137 <head>
138 <title>OpenEMR Setup Tool</title>
139 <link rel="stylesheet" href="public/assets/bootstrap/dist/css/bootstrap.min.css">
140 <script src="public/assets/jquery/dist/jquery.min.js"></script>
141 <script src="public/assets/bootstrap/dist/js/bootstrap.bundle.min.js"></script>
142 <link rel="stylesheet" href="public/assets/@fortawesome/fontawesome-free/css/all.min.css">
143 <link rel="shortcut icon" href="public/images/favicon.ico" />
144 <style>
145 .oe-pull-away {
146 float:right;
147 }
148 </style>
149 </head>
150 <body>
151 <nav class="navbar navbar-expand navbar-light bg-light">
152 <div class="container">
153 <a class="navbar-brand" href="#">OpenEMR Setup</a>
154 <div class="collapse navbar-collapse justify-content-end">
155 <ul class="navbar-nav">
156 <li class="nav-item active">
157 <a class="nav-link" href="#" data-target="#myModal" data-toggle="modal" href="#" id="help-href" name="help-href" title="Click to view Help">Help</span></a>
158 </li>
159 </ul>
160 </div>
161 </div>
162 </nav>
163
164 <div class='container mt-3'>
165 <div class="row">
166 <div class="col-12">
167 <h3 class="mb-3 border-bottom">Optional Site ID Selection</h3>
168 <div class="jumbotron p-5">
169 <p>
170 Most OpenEMR installations support only one site. If that is
171 true for you then ignore the rest of this text and just click Continue.
172 </p>
173 <p class='p-2 bg-warning'>
174 If you are using the multisite setup module for the first time please read the
175 'Multi Site Installation' section of the help file before proceeding.
176 </p>
177 <p>
178 Otherwise please enter a unique Site ID here.
179 </p>
180 <p>
181 A Site ID is a short identifier with no spaces or special
182 characters other than periods or dashes. It is case-sensitive and we
183 suggest sticking to lower case letters for ease of use.
184 </p>
185 <p>
186 If each site will have its own host/domain name, then use that
187 name as the Site ID (e.g. www.example.com).
188 </p>
189 <p>
190 The site ID is used to identify which site you will log in to.
191 If it is a hostname then it is taken from the hostname in the URL.
192 Otherwise you must append "?site=<i>siteid</i>" to the URL used for
193 logging in.
194 </p>
195 <p>
196 It is OK for one of the sites to have "default" as its ID. This
197 is the ID that will be used if it cannot otherwise be determined.
198 </p>
199 <br />
200 <form method='post'>
201 <input type='hidden' name='state' value='0' />
202 <div class="form-row">
203 <div class="col-auto">
204 Site ID:
205 </div>
206 <div class="col">
207 <input type='text' class='form-control' name='site' value='default'>
208 </div>
209 <div class="col-12 mt-3">
210 <button type='submit' class='btn btn-primary' value='Continue'><i class="fas fa-chevron-right"></i> Continue</button>
211 </div>
212 </div>
213 </form>
214 </div>
215 </div>
216 </div>
217 </div><!--end of container div-->
218 SITEID;
219 echo $site_id . "\r\n";
220 $installer->setupHelpModal();
221 echo "</body>" . "\r\n";
222 echo "</html>" . "\r\n";
223
224 exit();
225 }
226
227 // Support "?site=siteid" in the URL, otherwise assume "default".
228 $site_id = 'default';
229 if (!empty($_REQUEST['site'])) {
230 $site_id = trim($_REQUEST['site']);
231 }
232
233 // Die if site ID is empty or has invalid characters.
234 if (empty($site_id) || preg_match('/[^A-Za-z0-9\\-.]/', $site_id)) {
235 SessionUtil::setupScriptSessionStart();
236 SessionUtil::setupScriptSessionCookieDestroy();
237 die("Site ID '" . text($site_id) . "' contains invalid characters.");
238 }
239
240 // If multisite is turned off, then only allow default for site.
241 if (!$allow_multisite_setup && $site_id != 'default') {
242 SessionUtil::setupScriptSessionStart();
243 SessionUtil::setupScriptSessionCookieDestroy();
244 die("To turn on support for multisite setup, need to edit this script and change \$allow_multisite_setup to true. After you are done setting up the cloning, ensure you change \$allow_multisite_setup back to false or remove this script altogether");
245 }
246
247 // Disable file and directory permissions check by setting to false
248 $checkPermissions = true;
249
250 global $OE_SITE_DIR; // The Installer sets this
251
252 $docsDirectory = "$OE_SITE_DIR/documents";
253
254 //These are files and dir checked before install for
255 // correct permissions.
256 if (is_dir($OE_SITE_DIR)) {
257 $writableFileList = array($installer->conffile);
258 $writableDirList = array($docsDirectory);
259 } else {
260 $writableFileList = array();
261 $writableDirList = array($OE_SITES_BASE);
262 }
263
264 // Include the sqlconf file if it exists yet.
265 $config = 0;
266 if (file_exists($installer->conffile)) {
267 require_once($installer->conffile);
268 } elseif ($state > 3) {
269 // State 3 should have created the site directory if it is missing.
270 SessionUtil::setupScriptSessionStart();
271 SessionUtil::setupScriptSessionCookieDestroy();
272 die("Internal error, site directory is missing.");
273 }
274
275
276 // This will effectively only allow entry into the setup.php script at the first step and will bar entry to the
277 // script if openemr has already been installed.
278 // 2 mechanisms are also in place to ensure go through script in chronological order
279 // - a session variable tracks the next state expected and kills script is not correct
280 // - only the next state csrf is handed out in the form
281 if (empty($state)) {
282 // ensure not already installed
283 if (!empty($config)) {
284 SessionUtil::setupScriptSessionStart();
285 SessionUtil::setupScriptSessionCookieDestroy();
286 error_log("OpenEMR has already been installed. If you wish to force re-installation, then edit " . errorLogEscape($installer->conffile) . " (change the 'config' variable to 0), and re-run the setup.php script.");
287 die("OpenEMR has already been installed. If you wish to force re-installation, see log for details.<br />\n");
288 }
289 // set up new blank session and csrf mechanism
290 SessionUtil::setupScriptSessionStart();
291 session_regenerate_id(true);
292 $_SESSION = [];
293 CsrfUtils::setupCsrfKey();
294 } else {
295 // start up session and check csrf
296 SessionUtil::setupScriptSessionStart();
297 $state = (int)$state;
298 $verifyCsrf = false;
299 if (($state > 0) && ($state < 8)) {
300 $verifyCsrf = CsrfUtils::verifyCsrfToken($_POST["csrf_token_form"], "state" . $state);
301 } else {
302 SessionUtil::setupScriptSessionCookieDestroy();
303 die("Not authorized (invalid state)");
304 }
305 if (!$verifyCsrf) {
306 SessionUtil::setupScriptSessionCookieDestroy();
307 die("Not authorized (invalid csrf)");
308 }
309
310 // ensure correct state is going (ie. do not allow users to muck around with this)
311 if ($_SESSION['bootstrapStateInSetup'] != $state) {
312 SessionUtil::setupScriptSessionCookieDestroy();
313 die("Not authorized (incorrect state)");
314 }
315
316 // ensure that users are not mucking with database settings
317 if ($state > 3) {
318 if (
319 ($sqlconf["host"] != $installer->server) ||
320 ($sqlconf["port"] != $installer->port) ||
321 ($sqlconf["dbase"] != $installer->dbname) ||
322 ($sqlconf["login"] != $installer->login) ||
323 ($sqlconf["pass"] != $installer->pass)
324 ) {
325 SessionUtil::setupScriptSessionCookieDestroy();
326 die("Not authorized (database)");
327 }
328 }
329
330 // state 7 is last state so might as well kill the session now to ensure no funny business
331 if ($state == 7) {
332 SessionUtil::setupScriptSessionCookieDestroy();
333 }
334 }
335
336 ?>
337 <html>
338 <head>
339 <title>OpenEMR Setup Tool</title>
340 <!--<link rel=stylesheet href="interface/themes/style_blue.css">-->
341 <link rel="stylesheet" href="public/assets/bootstrap/dist/css/bootstrap.min.css">
342 <script src="public/assets/jquery/dist/jquery.min.js"></script>
343 <script src="public/assets/bootstrap/dist/js/bootstrap.bundle.min.js"></script>
344 <link rel="stylesheet" href="public/assets/@fortawesome/fontawesome-free/css/all.min.css">
345 <link rel="shortcut icon" href="public/images/favicon.ico" />
346
347 <style>
348 .noclone { }
349 table.phpset {
350 border-collapse:collapse;
351 }
352 table.phpset td, table.phpset th {
353 font-size:9pt;
354 border:1px solid gray;
355 padding:2px;
356 }
357 .table.no-border tr td, .table.no-border tr th {
358 border-width: 0;
359 }
360 td {
361 font-size:10pt;
362 }
363 .inputtext {
364 padding-left:2px;
365 padding-right:2px;
366 }
367
368 .button {
369 font-family:sans-serif;
370 font-size:9pt;
371 font-weight:bold;
372 }
373
374 .label-div > a {
375 display:none;
376 }
377 .label-div:hover > a {
378 display:inline-block;
379 }
380 div[id$="_info"] {
381 background: #F7FAB3;
382 padding: 20px;
383 margin: 10px 15px 0px 15px;
384 }
385 div[id$="_info"] > a {
386 margin-left:10px;
387 }
388 .checkboxgroup {
389 display: inline-block;
390 text-align: center;
391 }
392 .checkboxgroup label {
393 display: block;
394 }
395 .oe-pull-away{
396 float:right;
397 }
398 .oe-help-x {
399 color: grey;
400 padding: 0 5px;
401 }
402 .oe-superscript {
403 position: relative;
404 top: -.5em;
405 font-size: 70%!important;
406 }
407 .oe-setup-legend{
408 background-color: #f5f5f5;
409 padding:0 10px;
410 }
411 .button-wait {
412 color: grey;
413 cursor: not-allowed;
414 opacity: 0.6;
415 }
416 @media only screen {
417 fieldset > [class*="col-"] {
418 width: 100%;
419 text-align:left!Important;
420 }
421 }
422 </style>
423 <script>
424 // onclick handler for "clone database" checkbox
425 function cloneClicked() {
426 var cb = document.forms[0].clone_database;
427 $('.noclone').css('display', cb.checked ? 'none' : 'block');
428 }
429 </script>
430
431 </head>
432 <body>
433 <nav class="navbar navbar-expand navbar-light bg-light">
434 <div class="container">
435 <a class="navbar-brand" href="#">OpenEMR Setup</a>
436 <div class="collapse navbar-collapse justify-content-end">
437 <ul class="navbar-nav">
438 <li class="nav-item active">
439 <a class="nav-link" href="#" data-target="#myModal" data-toggle="modal" href="#" id="help-href" name="help-href" title="Click to view Help">Help</span></a>
440 </li>
441 </ul>
442 </div>
443 </div>
444 </nav>
445 <div class='mt-3 container'>
446 <div class="row">
447 <div class="col-12">
448 <?php
449 $error = "<span class='text-danger font-weight-bold'>ERROR</span>";
450 $caution = "<span class='text-danger font-weight-bold'>CAUTION</span>";
451 $ok = "<span class='text-success font-weight-bold'>OK</span>";
452 $note = "<span class='text-primary font-weight-bold'>NOTE</span>";
453
454 if (strtolower(ini_get('register_globals')) != 'off' && (bool) ini_get('register_globals')) {
455 echo "$caution: It appears that you have register_globals enabled in your php.ini\n" .
456 "configuration file. This causes unacceptable security risks. You must\n" .
457 "turn it off before continuing with installation.\n";
458 exit(1);
459 }
460
461 if (!extension_loaded("xml")) {
462 echo "$error: PHP XML extension missing. To continue, install PHP XML extension, then restart web server.";
463 exit(1);
464 }
465
466 if (!(extension_loaded("mysql") || extension_loaded("mysqlnd") || extension_loaded("mysqli"))) {
467 echo "$error: PHP MySQL extension missing. To continue, install and enable MySQL extension, then restart web server.";
468 exit(1);
469 }
470
471 if (!(extension_loaded("mbstring") )) {
472 echo "$error: PHP mb_string extension missing. To continue, install and enable mb_string extension, then restart web server.";
473 exit(1);
474 }
475
476 if (!(extension_loaded("openssl") )) {
477 echo "$error: PHP openssl extension missing. To continue, install PHP openssl extension, then restart web server.";
478 exit(1);
479 }
480 ?>
481
482 <?php
483 if ($state == 7) {
484 ?>
485 <h3 class="mb-3 border-bottom">Final step - Success</h3>
486 <div class="jumbotron p-5">
487 <p>Congratulations! OpenEMR is now installed.</p>
488 <ul>
489 <li>Access controls (php-GACL) are installed for fine-grained security, and can be administered in
490 OpenEMR's admin->acl menu.</li>
491 <li>Reviewing <code> <?php echo text($OE_SITE_DIR); ?>/config.php </code> is a good idea. This file
492 contains some settings that you may want to change.</li>
493 <li>There's much information and many extra tools bundled within the OpenEMR installation directory.
494 Please refer to openemr/Documentation. Many forms and other useful scripts can be found at openemr/contrib.</li>
495 <li>To ensure a consistent look and feel throughout the application,
496 <a href='http://www.mozilla.org/products/firefox/'>Firefox</a> and <a href="https://www.google.com/chrome/browser/desktop/index.html">Chrome</a> are recommended. The OpenEMR development team exclusively tests with modern versions of these browsers.</li>
497 <li>The OpenEMR project home page, documentation, and forums can be found at <a href = "https://www.open-emr.org" rel='noopener' target="_blank">https://www.open-emr.org</a></li>
498 <li>We pursue grants to help fund the future development of OpenEMR. To apply for these grants, we need to estimate how many times this program is installed and how many practices are evaluating or using this software. It would be awesome if you would email us at <a href="mailto:hello@open-emr.org">hello@open-emr.org</a> if you have installed this software. The more details about your plans with this software, the better, but even just sending us an email stating you just installed it is very helpful.</li>
499 </ul>
500 <p>We recommend you print these instructions for future reference.</p>
501 <?php
502 echo "<p> The selected theme is :</p>";
503 $installer->displayNewThemeDiv();
504 if (empty($installer->clone_database)) {
505 echo "<p><b>The initial OpenEMR user is <span class='text-primary'>'" . text($installer->iuser) . "'</span> and the password is <span class='text-primary'>'" . text($installer->iuserpass) . "'</span></b></p>";
506 } else {
507 echo "<p>The initial OpenEMR user name and password is the same as that of source site <b>'" . text($installer->source_site_id) . "'</span></b></p>";
508 }
509 echo "<p>If you edited the PHP or Apache configuration files during this installation process, then we recommend you restart your Apache server before following below OpenEMR link.</p>";
510 echo "<p>In Linux use the following command:</p>";
511 echo "<p><code>sudo apachectl -k restart</code></p>";
512
513 ?>
514 <p>Click to start using OpenEMR.</p>
515 <div class="row">
516 <div class="col-12">
517 <a href='./?site=<?php echo attr_url($site_id); ?>' class='btn btn-primary'>
518 <i class="fas fa-chevron-right"></i> Start
519 </a>
520 </div>
521 </div>
522
523 </div>
524 <?php
525 $installer->setCurrentTheme();
526
527 $end_div = <<<ENDDIV
528 </div>
529 </div>
530 </div><!--end of container div-->
531 ENDDIV;
532 echo $end_div . "\r\n";
533 $installer->setupHelpModal();
534 echo "</body>" . "\r\n";
535 echo "</html>" . "\r\n";
536
537 exit();
538 }
539 ?>
540
541 <?php
542
543 $inst = isset($_POST["inst"]) ? ($_POST["inst"]) : '';
544
545 switch ($state) {
546 case 1:
547 $_SESSION['bootstrapStateInSetup'] = 2;
548 $state_esc = text($state);
549 $site_id_esc = attr($site_id);
550 $csrf_id_esc = attr(CsrfUtils::collectCsrfToken('state2'));
551 $step1 = <<<STP1
552 <h3 class="mb-3 border-bottom">Step $state_esc - Select Database Setup</h3>
553 <div class="jumbotron p-5">
554 <p>Now I need to know whether you want me to create the database on my own or if you have already created the database for me to use. For me to create the database, you will need to supply the MySQL root password.</p>
555 <br />
556 <p class='p-1 bg-warning'>$caution: clicking on <span class="font-weight-bold">Proceed to Step 2</span> may delete or cause damage to existing data on your system. Before you continue <span class="font-weight-bold">please backup your data</span>.</p>
557 <br />
558 <form method='post'>
559 <input name='state' type='hidden' value='2' />
560 <input name='site' type='hidden' value='$site_id_esc' />
561 <input name='csrf_token_form' type='hidden' value='$csrf_id_esc' />
562 <div class="form-check">
563 <input checked class='form-check-input' id='inst1' name='inst' type='radio' value='1' />
564 <label class="form-check-label" for="inst1">
565 Have setup create the database
566 </label>
567 </div>
568 <br />
569 <div class="form-check">
570 <input id='inst2' class='form-check-input' name='inst' type='radio' value='2' />
571 <label class="form-check-label" for="inst2">
572 I have already created the database
573 </label>
574 </div>
575 <div class="form-group">
576 <div class="col mt-3">
577 <button type='submit' class='btn btn-primary' value='Continue'>
578 <i class="fas fa-chevron-right"></i> Proceed to Step 2
579 </button>
580 </div>
581 </div>
582 </form>
583 <br />
584 </div>
585 STP1;
586 echo $step1 . "\r\n";
587 break;
588
589 case 2:
590 $_SESSION['bootstrapStateInSetup'] = 3;
591 $state_esc = text($state);
592 $site_id_esc = attr($site_id);
593 $inst_esc = attr($inst);
594 $csrf_id_esc = attr(CsrfUtils::collectCsrfToken('state3'));
595 $step2top = <<<STP2TOP
596 <h3 class="mb-3 border-bottom">Step $state_esc - Database and OpenEMR Initial User Setup Details</h3>
597 <div class="jumbotron p-5">
598 <p>Now you need to supply the MySQL server information and path information. Detailed instructions on each item can be found in the
599 <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u>
600 </a> manual file.
601 </p>
602 <form method='post' id='myform'>
603 <input name='state' type='hidden' value='3' />
604 <input name='site' type='hidden' value='$site_id_esc' />
605 <input name='inst' type='hidden' value='$inst_esc' />
606 <input name='csrf_token_form' type='hidden' value='$csrf_id_esc' />
607 STP2TOP;
608 echo $step2top . "\r\n";
609
610
611 $step2tabletop1 = <<<STP2TBLTOP1
612 <fieldset>
613 <legend name="form_legend" id="form_legend" class='oe-setup-legend'>MySQL Server Details<i id="enter-details-tooltip" class="fa fa-info-circle oe-text-black oe-superscript enter-details-tooltip" aria-hidden="true"></i></legend>
614 <div class="ml-2 row">
615 <div class="col-sm-4">
616 <div class="clearfix form-group">
617 <div class="label-div">
618 <label class="font-weight-bold" for="server">Server Host:</label>
619 <a href="#server_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
620 </div>
621 <div>
622 <input name='server' id='server' type='text' class='form-control' value='localhost' />
623 </div>
624 </div>
625 <div id="server_info" class="collapse">
626 <a href="#server_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
627 <p>If you run MySQL and Apache/PHP on the same computer, then leave this as 'localhost'.</p>
628 <p>If they are on separate computers, then enter the IP address of the computer running MySQL.</p>
629 </div>
630 </div>
631 <div class="col-sm-4">
632 <div class="clearfix form-group">
633 <div class="label-div">
634 <label class="font-weight-bold" for="port">Server Port:</label>
635 <a href="#port_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
636 </div>
637 <div>
638 <input name='port' id='port' type='text' class='form-control' value='3306' />
639 </div>
640 </div>
641 <div id="port_info" class="collapse">
642 <a href="#port_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
643 <p>This is the MySQL port.</p>
644 <p>The default port for MySQL is 3306.</p>
645 </div>
646 </div>
647 <div class="col-sm-4">
648 <div class="clearfix form-group">
649 <div class="label-div">
650 <label class="font-weight-bold" for="dbname">Database Name:</label> <a href="#dbname_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
651 </div>
652 <div>
653 <input name='dbname' id='dbname' type='text' class='form-control' value='openemr' />
654 </div>
655 </div>
656 <div id="dbname_info" class="collapse">
657 <a href="#dbname_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
658 <p>This will be the name of the OpenEMR database in MySQL.</p>
659 <p>'openemr' is the recommended name.</p>
660 <p>This database will contain patient data as well as data pertaining to the OpenEMR installation.</p>
661 </div>
662 </div>
663 </div>
664 <div class="ml-2 row">
665 <div class="col-sm-4">
666 <div class="clearfix form-group">
667 <div class="label-div">
668 <label class="font-weight-bold" for="login">Login Name:</label> <a href="#login_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
669 </div>
670 <div>
671 <input name='login' ID='login' type='text' class='form-control' value='openemr' />
672 </div>
673 </div>
674 <div id="login_info" class="collapse">
675 <a href="#login_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
676 <p>This is the name that OpenEMR will use to login to the MySQL database.</p>
677 <p>'openemr' is the recommended name.</p>
678 </div>
679 </div>
680 <div class="col-sm-4">
681 <div class="clearfix form-group">
682 <div class="label-div">
683 <label class="font-weight-bold" for="pass">Password:</label>
684 <a href="#pass_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
685 </div>
686 <div>
687 <input name='pass' id='pass' class='form-control' type='password' value='' required />
688 </div>
689 </div>
690 <div id="pass_info" class="collapse">
691 <a href="#pass_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
692 <p>This is the Login Password that OpenEMR will use to accesses the MySQL database.</p>
693 <p>It should be at least 12 characters long and composed of both numbers and letters.</p>
694 <p>It cannot contain any of these characters: \ ; ( ) < > / ' "</p>
695 </div>
696 </div>
697 STP2TBLTOP1;
698 echo $step2tabletop1 . "\r\n";
699 if ($inst != 2) {
700 $step2tabletop2 = <<<STP2TBLTOP2
701 <div class="col-sm-4">
702 <div class="clearfix form-group">
703 <div class="label-div">
704 <label class="font-weight-bold" for="root">Name for Root Account:</label>
705 <a href="#root_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
706 </div>
707 <div>
708 <input name='root' id='root' type='text' class='form-control' value='root' />
709 </div>
710 </div>
711 <div id="root_info" class="collapse">
712 <a href="#root_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
713 <p>This is name for the MySQL root account.</p>
714 <p>For localhost, it is usually ok to leave it as 'root'.</p>
715 </div>
716 </div>
717 </div>
718 <div class="ml-2 row">
719 <div class="col-sm-4">
720 <div class="clearfix form-group">
721 <div class="label-div">
722 <label class="font-weight-bold" for="rootpass">Root Password:</label>
723 <a href="#rootpass_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
724 </div>
725 <div>
726 <input name='rootpass' id='rootpass' type='password' class='form-control' value='' />
727 </div>
728 </div>
729 <div id="rootpass_info" class="collapse">
730 <a href="#rootpass_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
731 <p>This is your MySQL server root password.</p>
732 </div>
733 </div>
734 <div class="col-sm-4">
735 <div class="clearfix form-group">
736 <div class="label-div">
737 <label class="font-weight-bold" for="loginhost">User Hostname:</label>
738 <a href="#loginhost_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
739 </div>
740 <div>
741 <input name='loginhost' id='loginhost' type='text' class='form-control' value='localhost' />
742 </div>
743 </div>
744 <div id="loginhost_info" class="collapse">
745 <a href="#loginhost_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
746 <p>If you run Apache/PHP and MySQL on the same computer, then leave this as 'localhost'.</p>
747 <p>If they are on separate computers, then enter the IP address of the computer running Apache/PHP.</p>
748 </div>
749 </div>
750 <div class="col-sm-4">
751 <div class="clearfix form-group">
752 <div class="label-div">
753 <label class="font-weight-bold" for="collate">UTF-8 Collation:</label> <a href="#collate_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
754 </div>
755 <div>
756 <select name='collate' id=='collate' class='form-control'>
757 <option selected value='utf8mb4_general_ci'>
758 General (Recommended)
759 </option>
760 <option value='utf8mb4_unicode_ci'>
761 Unicode
762 </option>
763 <option value='utf8mb4_roman_ci'>
764 Classical Latin
765 </option>
766 <option value='utf8mb4_croatian_ci'>
767 Croatian
768 </option>
769 <option value='utf8mb4_czech_ci'>
770 Czech
771 </option>
772 <option value='utf8mb4_danish_ci'>
773 Danish
774 </option>
775 <option value='utf8mb4_esperanto_ci'>
776 Esperanto
777 </option>
778 <option value='utf8mb4_estonian_ci'>
779 Estonian
780 </option>
781 <option value='utf8mb4_german2_ci'>
782 German
783 </option>
784 <option value='utf8mb4_hungarian_ci'>
785 Hungarian
786 </option>
787 <option value='utf8mb4_icelandic_ci'>
788 Icelandic
789 </option>
790 <option value='utf8mb4_latvian_ci'>
791 Latvian
792 </option>
793 <option value='utf8mb4_lithuanian_ci'>
794 Lithuanian
795 </option>
796 <option value='utf8mb4_persian_ci'>
797 Persian
798 </option>
799 <option value='utf8mb4_polish_ci'>
800 Polish
801 </option>
802 <option value='utf8mb4_romanian_ci'>
803 Romanian
804 </option>
805 <option value='utf8mb4_sinhala_ci'>
806 Sinhala
807 </option>
808 <option value='utf8mb4_slovak_ci'>
809 Slovak
810 </option>
811 <option value='utf8mb4_slovenian_ci'>
812 Slovenian
813 </option>
814 <option value='utf8mb4_spanish_ci'>
815 Spanish (Modern)
816 </option>
817 <option value='utf8mb4_spanish2_ci'>
818 Spanish (Traditional)
819 </option>
820 <option value='utf8mb4_swedish_ci'>
821 Swedish
822 </option>
823 <option value='utf8mb4_turkish_ci'>
824 Turkish
825 </option>
826 <option value='utf8mb4_vietnamese_ci'>
827 Vietnamese
828 </option>
829 </select>
830 </div>
831 </div>
832 <div id="collate_info" class="collapse">
833 <a href="#collate_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
834 <p>This is the collation setting for MySQL.</p>
835 <p>Collation refers to a set of rules that determine how data is sorted and compared in a database.</p>
836 <p>Leave as 'General' if you are not sure.</p>
837 <p>If the language you are planning to use in OpenEMR is in the menu, then you can select it.</p>
838 <p>Otherwise, just select 'General'.</p>
839 </div>
840 </div>
841 </div>
842 STP2TBLTOP2;
843 echo $step2tabletop2 . "\r\n";
844 }
845 // Include a "source" site ID drop-list and a checkbox to indicate
846 // if cloning its database. When checked, do not display initial user
847 // and group stuff below.
848 $dh = opendir($OE_SITES_BASE);
849 if (!$dh) {
850 die("Cannot read directory '" . text($OE_SITES_BASE) . "'.");
851 }
852
853 $siteslist = array();
854 while (false !== ($sfname = readdir($dh))) {
855 if (substr($sfname, 0, 1) == '.') {
856 continue;
857 }
858
859 if ($sfname == 'CVS') {
860 continue;
861 }
862
863 if ($sfname == $site_id) {
864 continue;
865 }
866
867 $sitedir = "$OE_SITES_BASE/$sfname";
868 if (!is_dir($sitedir)) {
869 continue;
870 }
871
872 if (!is_file("$sitedir/sqlconf.php")) {
873 continue;
874 }
875
876 $siteslist[$sfname] = $sfname;
877 }
878
879 closedir($dh);
880 // If this is not the first site...
881 if (!empty($siteslist)) {
882 ksort($siteslist);
883 $source_site_top = <<<SOURCESITETOP
884 <div class="ml-2 row">
885 <div class="col-sm-4">
886 <div class="clearfix form-group">
887 <div class="label-div">
888 <label class="font-weight-bold" for="source_site_id">Source Site:</label>
889 <a href="#source_site_id_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
890 </div>
891 <div>
892 <select name='source_site_id'id='source_site_id' class='form-control'>
893 SOURCESITETOP;
894 echo $source_site_top . "\r\n";
895 foreach ($siteslist as $sfname) {
896 echo "<option value='" . attr($sfname) . "'";
897 if ($sfname == 'default') {
898 echo " selected";
899 }
900
901 echo ">" . text($sfname) . "</option>";
902 }
903 $source_site_bot = <<<SOURCESITEBOT
904 </select>
905
906 </div>
907 </div>
908 <div id="source_site_id_info" class="collapse">
909 <a href="#source_site_id_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
910 <p>The site directory that will be a model for the new site.</p>
911 </div>
912 </div>
913 <div class="col-sm-4">
914 <div class="clearfix form-group">
915 <div class="label-div">
916 <label class="font-weight-bold" for="clone_database">Clone Source Database:</label>
917 <a href="#clone_database_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
918 </div>
919 <div>
920 <input type='checkbox' name='clone_database' id='clone_database' onclick='cloneClicked()' />
921 </div>
922 </div>
923 <div id="clone_database_info" class="collapse">
924 <a href="#clone_database_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
925 <p>Clone the source site's database instead of creating a fresh one.</p>
926 </div>
927 </div>
928 </div>
929 SOURCESITEBOT;
930 echo $source_site_bot . "\r\n";
931 }
932
933 $randomusernamepre = RandomGenUtils::produceRandomString(3, "ABCDEFGHIJKLMNOPQRSTUVWXYZ");
934 $randomusernamepost = RandomGenUtils::produceRandomString(2, "0123456789");
935 $randomusername = $randomusernamepre . "-admin-" . $randomusernamepost;
936
937 // App Based TOTP secret
938 // Shared key (per rfc6238 and rfc4226) should be 20 bytes (160 bits) and encoded in base32, which should
939 // be 32 characters in base32
940 // Would be nice to use the OpenEMR\Common\Utils\RandomGenUtils\produceRandomBytes() function and then encode to base32,
941 // but does not appear to be a standard way to encode binary to base32 in php.
942 $randomsecret = RandomGenUtils::produceRandomString(32, "234567ABCDEFGHIJKLMNOPQRSTUVWXYZ");
943 if (empty($randomsecret) || empty($randomusernamepre) || empty($randomusernamepost)) {
944 error_log('OpenEMR Error : Random String error - exiting');
945 die();
946 }
947 $disableCheckbox = "";
948 if (empty($randomsecret)) {
949 $randomsecret = "";
950 $disableCheckbox = "disabled";
951 }
952
953 $randomsecret_esc = attr($randomsecret);
954 $randomusername_esc = attr($randomusername);
955 $step2tablebot = <<<STP2TBLBOT
956 </fieldset>
957 <br />
958 <fieldset class='noclone'>
959 <legend name="form_legend" id="form_legend" class='oe-setup-legend'>OpenEMR Initial User Details<i id="enter-details-tooltip" class="fa fa-info-circle oe-text-black oe-superscript enter-details-tooltip" aria-hidden="true"></i></legend>
960 <div class="ml-2 row">
961 <div class="col-sm-4">
962 <div class="clearfix form-group">
963 <div class="label-div">
964 <label class="font-weight-bold" for="iuser">Initial User Login Name:</label> <a href="#iuser_info" class="info-anchor icon-tooltip" data-toggle="collapse" ><i class="fa fa-question-circle" aria-hidden="true"></i></a>
965 </div>
966 <div>
967 <input name='iuser' id='iuser' type='text' class='form-control' value='$randomusername_esc' minlength='12' />
968 </div>
969 </div>
970 <div id="iuser_info" class="collapse">
971 <a href="#iuser_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
972 <p>This is the login name of the first user that will be created for you.</p>
973 <p>Limit this to one word with at least 12 characters and composed of both numbers and letters.</p>
974 </div>
975 </div>
976 <div class="col-sm-4">
977 <div class="clearfix form-group">
978 <div class="label-div">
979 <label class="font-weight-bold" for="iuserpass">Initial User Password:</label>
980 <a href="#iuserpass_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
981 </div>
982 <div>
983 <input name='iuserpass' id='iuserpass' type='password' class='form-control' value='' minlength='12' />
984 </div>
985 </div>
986 <div id="iuserpass_info" class="collapse">
987 <a href="#iuserpass_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
988 <p>This is the password for the initial user.
989 </div>
990 </div>
991 <div class="col-sm-4">
992 <div class="clearfix form-group">
993 <div class="label-div">
994 <label class="font-weight-bold" for="iufname">Initial User's First Name:</label>
995 <a href="#iufname_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
996 </div>
997 <div>
998 <input name='iufname' id='iufname 'type='text' class='form-control' value='Administrator' />
999 </div>
1000 </div>
1001 <div id="iufname_info" class="collapse">
1002 <a href="#iufname_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
1003 <p>This is the First name of the 'initial user'.</p>
1004 </div>
1005 </div>
1006 </div>
1007 <div class="ml-2 row">
1008 <div class="col-sm-4">
1009 <div class="clearfix form-group">
1010 <div class="label-div">
1011 <label class="font-weight-bold" for="iuname">Initial User's Last Name:</label>
1012 <a href="#iuname_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
1013 </div>
1014 <div>
1015 <input name='iuname' id='iuname' type='text' class='form-control' value='Administrator' />
1016 </div>
1017 </div>
1018 <div id="iuname_info" class="collapse">
1019 <a href="#iuname_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
1020 <p>This is the Last name of the 'initial user'.</p>
1021 </div>
1022 </div>
1023 <div class="col-sm-4">
1024 <div class="clearfix form-group">
1025 <div class="label-div">
1026 <label class="font-weight-bold" for="igroup">Initial Group:</label>
1027 <a href="#igroup_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
1028 </div>
1029 <div>
1030 <input name='igroup' id='igroup' class='form-control' type='text' value='Default' />
1031 </div>
1032 </div>
1033 <div id="igroup_info" class="collapse">
1034 <a href="#igroup_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
1035 <p>This is the group that will be created for your users.</p>
1036 <p>This should be the name of your practice.</p>
1037 </div>
1038 </div>
1039 </div>
1040 </fieldset>
1041 <br />
1042 <fieldset class='noclone py-2 bg-warning'>
1043 <legend name="form_legend" id="form_legend" class='oe-setup-legend text-danger'>Enable 2 Factor Authentication for Initial User (more secure - optional) <i id="2fa-section" class="fa fa-info-circle oe-text-black oe-superscript 2fa-section-tooltip" aria-hidden="true"></i></legend>
1044 <div class="ml-2 row">
1045 <div class="col-sm-3">
1046 <div class="clearfix form-group">
1047 <div class="label-div">
1048 <label class="font-weight-bold" for="i2fa">Configure 2FA:</label>
1049 <a href="#i2fa_info" class="info-anchor icon-tooltip" data-toggle="collapse"><i class="fa fa-question-circle" aria-hidden="true"></i></a>
1050 </div>
1051 <div>
1052 <input name='i2faenable' id='i2faenable' type='checkbox' $disableCheckbox/> Enable 2FA
1053 <input type='hidden' name='i2fasecret' id='i2fasecret' value='$randomsecret_esc' />
1054 </div>
1055 </div>
1056 <div id="i2fa_info" class="collapse">
1057 <a href="#i2fa_info" data-toggle="collapse" class="oe-pull-away"><i class="fa fa-times oe-help-x" aria-hidden="true"></i></a>
1058 <p>If selected will allow TOTP 2 factor authentication for the initial user.</p>
1059 <p>Click on the help file for more information.</p>
1060 </div>
1061 </div>
1062 <div class="col-sm-5">
1063 <div class="clearfix form-group">
1064 <p class="text-danger font-weight-bold">IMPORTANT IF ENABLED</p>
1065 <p>If enabled, you must have an authenticator app on your phone ready to scan the QR code displayed next.</p>
1066 </div>
1067 </div>
1068 <div class="col-sm-4">
1069 <div class="clearfix form-group">
1070 <p>Example authenticator apps include:</p>
1071 <ul>
1072 <li>Google Auth
1073 (<a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8" target="_blank">iOS</a>, <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&amp;hl=en">Android</a>)</li>
1074 <li>Authy
1075 (<a href="https://itunes.apple.com/us/app/authy/id494168017?mt=8">iOS</a>, <a href="https://play.google.com/store/apps/details?id=com.authy.authy&amp;hl=en">Android</a>)</li>
1076 </ul>
1077 </div>
1078 </div>
1079 </div>
1080 </fieldset>
1081 <p class='mt-4 mark'>Click the <b>Create DB and User</b> button below to create the database and first user <a href='#create_db_button' title='Click me'><i class="fa fa-arrow-circle-down" aria-hidden="true"></i></a>. $note: This process will take a few minutes.</p>
1082 <p class='p-1 bg-success text-white oe-spinner' style='visibility:hidden;'>Upon successful completion will automatically take you to the next step.<i class='fa fa-spinner fa-pulse fa-fw'></i></p>
1083 <div class="form-row">
1084 <div class="col-12">
1085 <button type='submit' id='create_db_button' value='Continue' class='wait btn btn-primary'>
1086 <i class="fas fa-chevron-right"></i> Create DB and User
1087 </button>
1088 </div>
1089 </div>
1090 </form>
1091 </div>
1092 STP2TBLBOT;
1093 echo $step2tablebot . "\r\n";
1094 break;
1095
1096 case 3:
1097 // Form Validation
1098 // (applicable if not cloning from another database)
1099
1100 $pass_step2_validation = true;
1101 $error_step2_message = "";
1102
1103 if (! $installer->char_is_valid($_REQUEST['server'])) {
1104 $pass_step2_validation = false;
1105 $error_step2_message .= "$error - A database server host is required <br />\n";
1106 }
1107
1108 if (! $installer->char_is_valid($_REQUEST['port'])) {
1109 $pass_step2_validation = false;
1110 $error_step2_message .= "$error - A database server port value is required <br />\n";
1111 }
1112
1113 if (! $installer->databaseNameIsValid($_REQUEST['dbname'])) {
1114 $pass_step2_validation = false;
1115 $error_step2_message .= "$error - A database name is required <br />\n";
1116 }
1117
1118 if (! $installer->collateNameIsValid($_REQUEST['collate'])) {
1119 $pass_step2_validation = false;
1120 $error_step2_message .= "$error - A collation name is required <br />\n";
1121 }
1122
1123 if (! $installer->char_is_valid($_REQUEST['login'])) {
1124 $pass_step2_validation = false;
1125 $error_step2_message .= "$error - A database login name is required <br />\n";
1126 }
1127
1128 if (! $installer->char_is_valid($_REQUEST['pass'])) {
1129 $pass_step2_validation = false;
1130 $error_step2_message .= "$error - A database login password is required <br />\n";
1131 }
1132
1133 if (empty($installer->clone_database)) {
1134 if (! $installer->login_is_valid()) {
1135 $pass_step2_validation = false;
1136 $error_step2_message .= "$error - Please pick a proper 'Login Name'.<br />\n";
1137 }
1138
1139 if (! $installer->iuser_is_valid()) {
1140 $pass_step2_validation = false;
1141 $error_step2_message .= "$error - The 'Initial User' field can only contain one word and no spaces.<br />\n";
1142 }
1143
1144 if (! $installer->user_password_is_valid()) {
1145 $pass_step2_validation = false;
1146 $error_step2_message .= "$error - Please pick a proper 'Initial User Password'.<br />\n";
1147 }
1148 }
1149
1150 if (! $installer->password_is_valid()) {
1151 $pass_step2_validation = false;
1152 $error_step2_message .= "$error - Please pick a proper 'Password'.<br />\n";
1153 }
1154
1155 if (! $installer->iuname_is_valid()) {
1156 $pass_step2_validation = false;
1157 $error_step2_message .= "$error - Please pick a proper 'Initial User Last Name'.<br />\n";
1158 }
1159
1160 if (!$pass_step2_validation) {
1161 $_SESSION['bootstrapStateInSetup'] = 2;
1162 echo $error_step2_message . '<br />';
1163 echo "
1164 <form method='post' id='validate-error'>
1165 <input name='state' type='hidden' value='2' />
1166 <input name='site' type='hidden' value='" . attr($site_id) . "' />
1167 <input name='inst' type='hidden' value='" . attr($inst) . "' />
1168 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state2')) . "' />
1169 <button type='submit' class='btn btn-primary'><i class='fas fa-chevron-left'></i> " . text("Back") . "</button>
1170 </form>";
1171 break;
1172 }
1173
1174 echo "<h3 class='mb-3 border-bottom'>Step " . text($state) . " - Creating Database and First User</h3>";
1175 echo "<div class='jumbotron p-5'>";
1176
1177 // Skip below if database shell has already been created.
1178 if ($inst != 2) {
1179 echo "Connecting to MySQL Server...\n";
1180 flush();
1181 if (! $installer->root_database_connection()) {
1182 $_SESSION['bootstrapStateInSetup'] = 2;
1183 echo "$error. Check your login credentials.\n";
1184 echo text($installer->error_message);
1185 echo "<br /><br />";
1186 echo "
1187 <form method='post' id='validate-error'>
1188 <input name='state' type='hidden' value='2' />
1189 <input name='site' type='hidden' value='" . attr($site_id) . "' />
1190 <input name='inst' type='hidden' value='" . attr($inst) . "' />
1191 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state2')) . "' />
1192 <button type='submit' class='btn btn-primary'><i class='fas fa-chevron-left'></i> " . text("Back") . "</button>
1193 </form>";
1194 break;
1195 } else {
1196 echo "$ok.<br />\n";
1197 flush();
1198 }
1199 }
1200
1201 // Only pertinent if cloning another installation database
1202 if ($allow_cloning_setup && !empty($installer->clone_database)) {
1203 echo "Dumping source database...";
1204 flush();
1205 if (! $installer->create_dumpfiles()) {
1206 echo text($installer->error_message);
1207 break;
1208 } else {
1209 echo "$ok.<br />\n";
1210 flush();
1211 }
1212 }
1213
1214 // Only pertinent if mirroring another installation directory
1215 if (! empty($installer->source_site_id)) {
1216 echo "Creating site directory...";
1217 if (! $installer->create_site_directory()) {
1218 echo text($installer->error_message);
1219 break;
1220 } else {
1221 echo "$ok.<br />";
1222 flush();
1223 }
1224 }
1225
1226 // Skip below if database shell has already been created.
1227 if ($inst != 2) {
1228 echo "Creating database...\n";
1229 flush();
1230 if (! $installer->create_database()) {
1231 echo "$error. Check your login credentials.\n";
1232 echo text($installer->error_message);
1233 break;
1234 } else {
1235 echo "$ok.<br />\n";
1236 flush();
1237 }
1238
1239 echo "Creating user with permissions for database...\n";
1240 flush();
1241 $user_mysql_error = true;
1242 if (! $installer->create_database_user()) {
1243 echo "$error when creating specified user.\n";
1244 echo text($installer->error_message);
1245 break;
1246 } else {
1247 $user_mysql_error = false;
1248 }
1249 if (! $installer->grant_privileges()) {
1250 echo "$error when granting privileges to the specified user.\n";
1251 echo text($installer->error_message);
1252 break;
1253 } else {
1254 $user_mysql_error = false;
1255 }
1256 if (!$user_mysql_error) {
1257 echo "$ok.<br />\n";
1258 flush();
1259 }
1260
1261 echo "Reconnecting as new user...\n";
1262 flush();
1263 $installer->disconnect();
1264 } else {
1265 echo "Connecting to MySQL Server...\n";
1266 }
1267
1268 if (! $installer->user_database_connection()) {
1269 echo "$error. Check your login credentials.\n";
1270 echo text($installer->error_message);
1271 echo "<br />You will need to remove the database, correct the problem, and then restart the setup.php script.<br /><br />";
1272 break;
1273 } else {
1274 echo "$ok.<br />\n";
1275 flush();
1276 }
1277
1278 // Load the database files
1279 $dump_results = $installer->load_dumpfiles();
1280 if (! $dump_results) {
1281 echo "$error.\n";
1282 echo text($installer->error_message);
1283 break;
1284 } else {
1285 echo $dump_results;
1286 flush();
1287 }
1288
1289 echo "Writing SQL configuration...\n";
1290 flush();
1291 if (! $installer->write_configuration_file()) {
1292 echo "$error.\n";
1293 echo text($installer->error_message);
1294 break;
1295 } else {
1296 echo "$ok.<br />\n";
1297 flush();
1298 }
1299
1300 // Only pertinent if not cloning another installation database
1301 if (empty($installer->clone_database)) {
1302 echo "Setting version indicators...\n";
1303 flush();
1304 if (! $installer->add_version_info()) {
1305 echo "$error.\n";
1306 echo text($installer->error_message);
1307 ;
1308 break;
1309 } else {
1310 echo "$ok<br />\n";
1311 flush();
1312 }
1313
1314 echo "Writing global configuration defaults...\n";
1315 flush();
1316 if (! $installer->insert_globals()) {
1317 echo "$error.\n";
1318 echo text($installer->error_message);
1319 ;
1320 break;
1321 } else {
1322 echo "$ok<br />\n";
1323 flush();
1324 }
1325
1326 echo "Setting up Access Controls...\n";
1327 require("$OE_SITE_DIR/sqlconf.php");
1328 if (! $installer->install_gacl()) {
1329 echo "$error -.\n";
1330 echo text($installer->error_message);
1331 break;
1332 } else {
1333 echo "$ok<br />\n";
1334 flush();
1335 }
1336
1337
1338 echo "Adding Initial User...\n";
1339 flush();
1340 if (! $installer->add_initial_user()) {
1341 echo "$error.\n";
1342 echo text($installer->error_message);
1343 break;
1344 }
1345 echo "$ok<br />\n";
1346 flush();
1347
1348 echo "Adding Additional Users...\n";
1349 flush();
1350 if (! $installer->install_additional_users()) {
1351 echo "$error.\n";
1352 echo text($installer->error_message);
1353 break;
1354 }
1355 echo "$ok<br />\n";
1356 flush();
1357
1358 echo "Configuring Care Coordination Module...\n";
1359 flush();
1360 if (! $installer->on_care_coordination()) {
1361 echo "$error.\n";
1362 echo text($installer->error_message);
1363 break;
1364 }
1365 echo "$ok<br />\n";
1366 flush();
1367 }
1368
1369 // If user has selected to set MFA App Based 2FA, display QR code to scan
1370 $qr = $installer->get_initial_user_2fa_qr();
1371 $qr_esc = attr($qr);
1372 if ($qr) {
1373 $qrDisplay = <<<TOTP
1374 <br />
1375 <table>
1376 <tr>
1377 <td>
1378 <strong class='text-danger'>IMPORTANT!!</strong>
1379 <p><strong>You must scan the following QR code with your preferred authenticator app.</strong></p>
1380 <img src='$qr_esc' width="150" />
1381 </td>
1382 </tr>
1383 <tr>
1384 <td>
1385 Example authenticator apps include:
1386 <ul>
1387 <li>Google Auth
1388 (<a href="https://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8">iOS</a>, <a href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en">Android</a>)</li>
1389 <li>Authy
1390 (<a href="https://itunes.apple.com/us/app/authy/id494168017?mt=8">iOS</a>, <a href="https://play.google.com/store/apps/details?id=com.authy.authy&hl=en">Android</a>)</li>
1391 </ul>
1392 </td>
1393 </tr>
1394 </table>
1395 TOTP;
1396 echo $qrDisplay;
1397 }
1398
1399 if ($allow_cloning_setup && !empty($installer->clone_database)) {
1400 // Database was cloned, skip ACL setup.
1401 $btn_text = 'Proceed to Select a Theme';
1402 echo "<br />";
1403 echo "<p>The database was cloned, access control list exists therefore skipping ACL setup</p>";
1404 echo "<p class='p-1 bg-warning'>Click <b>" . text($btn_text) . "</b> for further instructions.</p>";
1405 $next_state = 7;
1406 } else {
1407 $btn_text = 'Proceed to Step 4';
1408 echo "<br />";
1409 echo "<p><b>Granted user <span class='text-primary'>" . text($installer->iuser) . "</span> administrator access control (password is <span class='text-primary'>" . text($installer->iuserpass) . "</span>).</b></p>";
1410 echo "<p>The next step will configure php.</p>";
1411 echo "<p class='mark'>Click <strong>" . text($btn_text) . "</strong> to continue.</p>";
1412 $next_state = 4;
1413 }
1414
1415 $_SESSION['bootstrapStateInSetup'] = $next_state;
1416 echo "<form method='post'>
1417 <input name='state' type='hidden' value='" . attr($next_state) . "' />
1418 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state' . $next_state)) . "' />
1419 <input name='site' type='hidden' value='" . attr($site_id) . "' />
1420 <input name='iuser' type='hidden' value='" . attr($installer->iuser) . "' />
1421 <input name='iuserpass' type='hidden' value='" . attr($installer->iuserpass) . "' />
1422 <input name='iuname' type='hidden' value='" . attr($installer->iuname) . "' />
1423 <input name='iufname' type='hidden' value='" . attr($installer->iufname) . "' />
1424 <input name='login' type='hidden' value='" . attr($installer->login) . "' />
1425 <input name='pass' type='hidden' value='" . attr($installer->pass) . "' />
1426 <input name='server' type='hidden' value='" . attr($installer->server) . "' />
1427 <input name='port' type='hidden' value='" . attr($installer->port) . "' />
1428 <input name='loginhost' type='hidden' value='" . attr($installer->loginhost) . "' />
1429 <input name='dbname' type='hidden' value='" . attr($installer->dbname) . "' />\r\n";
1430
1431 if ($allow_cloning_setup) {
1432 echo "<input type='hidden' name='clone_database' value='" . attr($installer->clone_database) . "' />";
1433 echo "<input name='source_site_id' type='hidden' value='" . attr($installer->source_site_id) . "' />";
1434 }
1435 $btn_text_esc = text($btn_text);
1436 $form_bottom = <<<FRMBOT
1437 <div class="form-row">
1438 <div class="col-12">
1439 <button type='submit' id='step-4-btn' class="btn btn-primary" value='Continue'>
1440 <i class="fas fa-chevron-right"></i> $btn_text_esc
1441 </button>
1442 </div>
1443 </div>
1444 </form>
1445 </div>
1446 FRMBOT;
1447 echo $form_bottom . "\r\n";
1448 break;
1449
1450 case 4:
1451 $_SESSION['bootstrapStateInSetup'] = 5;
1452 $state_esc = text($state);
1453 $step4_top = <<<STP4TOP
1454 <h3 class="mb-3 border-bottom">Step $state_esc - Configure PHP</h3>
1455 <div class="jumbotron p-5">
1456 <p>Configuration of PHP...</p>
1457 <p>We recommend making the following changes to your PHP installation, which can normally be done by editing the php.ini configuration file:</p>
1458 <ul>
1459 STP4TOP;
1460 echo $step4_top . "\r\n";
1461
1462 $gotFileFlag = 0;
1463 $phpINIfile = php_ini_loaded_file();
1464 if ($phpINIfile) {
1465 echo "<li><span class='text-success'>Your php.ini file can be found at " . text($phpINIfile) . "</span></li>\n";
1466 $gotFileFlag = 1;
1467 }
1468
1469 $short_tag = ini_get('short_open_tag') ? 'On' : 'Off';
1470 $short_tag_style = (strcmp($short_tag, 'Off') === 0) ? '' : 'text-danger';
1471 $display_errors = ini_get('display_errors') ? 'On' : 'Off';
1472 $display_errors_style = (strcmp($display_errors, "Off") === 0) ? '' : 'text-danger';
1473 $register_globals = ini_get('register_globals') ? 'On' : 'Off';
1474 $register_globals_style = (strcmp($register_globals, 'Off') === 0) ? '' : 'text-danger';
1475 $max_input_vars = ini_get('max_input_vars');
1476 $max_input_vars_style = $max_input_vars < 3000 ? 'text-danger' : '';
1477 $max_execution_time = (int)ini_get('max_execution_time');
1478 $max_execution_time_style = $max_execution_time >= 60 || $max_execution_time === 0 ? '' : 'text-danger';
1479 $max_input_time = ini_get('max_input_time');
1480 $max_input_time_style = (strcmp($max_input_time, '-1') === 0) ? '' : 'text-danger';
1481 $post_max_size = ini_get('post_max_size');
1482 $post_max_size_style = $post_max_size < 30 ? 'text-danger' : '';
1483 $memory_limit = ini_get('memory_limit');
1484 $memory_limit_style = $memory_limit < 256 ? 'text-danger' : '';
1485 $mysqli_allow_local_infile = ini_get('mysqli.allow_local_infile') ? 'On' : 'Off';
1486 $mysqli_allow_local_infile_style = (strcmp($mysqli_allow_local_infile, 'On') === 0) ? '' : 'text-danger';
1487
1488 echo "<li>To ensure proper functioning of OpenEMR you must make sure that PHP settings include:
1489 <table class='phpset'>
1490 <tr>
1491 <th>Setting</th>
1492 <th>Required value</th>
1493 <th>Current value</th>
1494 </tr>
1495 <tr>
1496 <td>short_open_tag</td>
1497 <td>Off</td>
1498 <td class='" . attr($short_tag_style) . "'>" . text($short_tag) . "</td>
1499 </tr>
1500 <tr>
1501 <td>display_errors</td>
1502 <td>Off</td>
1503 <td class='" . attr($display_errors_style) . "'>" . text($display_errors) . "</td>
1504 </tr>
1505 <tr>
1506 <td>register_globals</td>
1507 <td>Off</td>
1508 <td class='" . attr($register_globals_style) . "'>" . text($register_globals) . "</td>
1509 </tr>
1510 <tr>
1511 <td>max_input_vars</td>
1512 <td>at least 3000</td>
1513 <td class='" . attr($max_input_vars_style) . "'>" . text($max_input_vars) . "</td>
1514 </tr>
1515 <tr>
1516 <td>max_execution_time</td>
1517 <td>at least 60</td>
1518 <td class='" . attr($max_execution_time_style) . "'>" . text($max_execution_time) . "</td>
1519 </tr>
1520 <tr>
1521 <td>max_input_time</td>
1522 <td>-1</td>
1523 <td class='" . attr($max_input_time_style) . "'>" . text($max_input_time) . "</td>
1524 </tr>
1525 <tr>
1526 <td>post_max_size</td>
1527 <td>at least 30M</td>
1528 <td class='" . attr($post_max_size_style) . "'>" . text($post_max_size) . "</td>
1529 </tr>
1530 <tr>
1531 <td>memory_limit</td>
1532 <td>at least 256M</td>
1533 <td class='" . attr($memory_limit_style) . "'>" . text($memory_limit) . "</td>
1534 </tr>
1535 <tr>
1536 <td>mysqli.allow_local_infile</td>
1537 <td>On</td>
1538 <td class='" . attr($mysqli_allow_local_infile_style) . "'>" . text($mysqli_allow_local_infile) . "</td>
1539 </tr>
1540 </table>
1541 </li>
1542 <li>In order to take full advantage of the patient documents capability you must make sure that settings in php.ini file include \"file_uploads = On\", that \"upload_max_filesize\" is appropriate for your use and that \"upload_tmp_dir\" is set to a correct value that will work on your system.
1543 </li>\r\n";
1544
1545 if (!$gotFileFlag) {
1546 echo "<li>If you are having difficulty finding your php.ini file, then refer to the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual for suggestions.</li>\n";
1547 }
1548
1549 $btn_text = 'Proceed to Step 5';
1550 echo "</ul>
1551
1552 <p>We recommend you print these instructions for future reference.</p>
1553 <p>The next step will configure the Apache web server.</p>
1554 <p class='mark'>Click <strong>" . text($btn_text) . "</strong> to continue.</p>
1555 <br />
1556 <form method='post'>
1557 <input type='hidden' name='state' value='5' />
1558 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state5')) . "' />
1559 <input type='hidden' name='site' value='" . attr($site_id) . "' />
1560 <input type='hidden' name='iuser' value='" . attr($installer->iuser) . "' />
1561 <input type='hidden' name='iuserpass' value='" . attr($installer->iuserpass) . "' />
1562 <input name='login' type='hidden' value='" . attr($installer->login) . "' />
1563 <input name='pass' type='hidden' value='" . attr($installer->pass) . "' />
1564 <input name='server' type='hidden' value='" . attr($installer->server) . "' />
1565 <input name='port' type='hidden' value='" . attr($installer->port) . "' />
1566 <input name='loginhost' type='hidden' value='" . attr($installer->loginhost) . "' />
1567 <input name='dbname' type='hidden' value='" . attr($installer->dbname) . "' />
1568 <div class='form-row'>
1569 <div class='col-12'>
1570 <button type='submit' class='btn btn-primary' value='Continue'>
1571 <i class='fas fa-chevron-right'></i> " . text($btn_text) . "
1572 </button>
1573 </div>
1574 </div>
1575 </form>
1576 </div>\r\n";
1577 break;
1578
1579 case 5:
1580 $_SESSION['bootstrapStateInSetup'] = 6;
1581 echo "<h3 class='mb-3 border-bottom'>Step " . text($state) . " - Configure Apache Web Server</h3>";
1582 echo "<div class='jumbotron p-5'>";
1583 echo "<p>Configuration of Apache web server...</p><br />\n";
1584 echo "The <code>\"" . text(preg_replace("/${site_id}/", "*", realpath($docsDirectory))) . "\"</code> directory contain patient information, and
1585 it is important to secure these directories. Additionally, some settings are required for the Zend Framework to work in OpenEMR. This can be done by pasting the below to end of your apache configuration file:<br /><br />
1586 &nbsp;&nbsp;<code>&lt;Directory \"" . text(realpath(dirname(__FILE__))) . "\"&gt;<br />
1587 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AllowOverride FileInfo<br />
1588 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Require all granted<br />
1589 &nbsp;&nbsp;<code>&lt;/Directory&gt;</code><br />
1590 &nbsp;&nbsp;&lt;Directory \"" . text(realpath(dirname(__FILE__))) . "/sites\"&gt;<br />
1591 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AllowOverride None<br />
1592 &nbsp;&nbsp;&lt;/Directory&gt;</code><br />
1593 &nbsp;&nbsp;<code>&lt;Directory \"" . text(preg_replace("/${site_id}/", "*", realpath($docsDirectory))) . "\"&gt;<br />
1594 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Require all denied<br />
1595 &nbsp;&nbsp;&lt;/Directory&gt;</code><br /><br />";
1596
1597 $btn_text = 'Proceed to Select a Theme';
1598 echo "<p>If you are having difficulty finding your apache configuration file, then refer to the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual for suggestions.</p>
1599 <p>We recommend you print these instructions for future reference.</p>
1600 <p class='mark'>Click <strong>'" . text($btn_text) . "'</strong> to select a theme.</p>
1601 <br />
1602 <form method='post'>
1603 <input type='hidden' name='state' value='6' />
1604 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state6')) . "' />
1605 <input type='hidden' name='site' value='" . attr($site_id) . "' />
1606 <input type='hidden' name='iuser' value='" . attr($installer->iuser) . "' />
1607 <input type='hidden' name='iuserpass' value='" . attr($installer->iuserpass) . "' />
1608 <input name='login' type='hidden' value='" . attr($installer->login) . "' />
1609 <input name='pass' type='hidden' value='" . attr($installer->pass) . "' />
1610 <input name='server' type='hidden' value='" . attr($installer->server) . "' />
1611 <input name='port' type='hidden' value='" . attr($installer->port) . "' />
1612 <input name='loginhost' type='hidden' value='" . attr($installer->loginhost) . "' />
1613 <input name='dbname' type='hidden' value='" . attr($installer->dbname) . "' />
1614 <div class='form-row'>
1615 <div class='col-12'>
1616 <button type='submit' class='btn btn-primary' value='Continue'>
1617 <i class='fas fa-chevron-right'></i> " . text($btn_text) . "
1618 </button>
1619 </div>
1620 </div>
1621 </form>
1622 <div>\r\n";
1623 break;
1624
1625 case 6:
1626 $_SESSION['bootstrapStateInSetup'] = 7;
1627 echo "<h3 class='mb-3 border-bottom'>Step " . text($state) . " - Select a Theme</h3>";
1628 echo "<div class='jumbotron p-5'>";
1629 echo "<p>Select a theme for OpenEMR...</p>\n";
1630 $btn_text = "Proceed to Final Step";
1631 $installer->displaySelectedThemeDiv();
1632 echo "<div class='row'>
1633 <div class='col-12'>
1634 <form method='post'>
1635 <input type='hidden' name='state' value='7' />
1636 <input name='csrf_token_form' type='hidden' value='" . attr(CsrfUtils::collectCsrfToken('state7')) . "' />
1637 <input type='hidden' name='site' value='" . attr($site_id) . "' />
1638 <input type='hidden' name='iuser' value='" . attr($installer->iuser) . "' />
1639 <input type='hidden' name='iuserpass' value='" . attr($installer->iuserpass) . "' />
1640 <input name='login' type='hidden' value='" . attr($installer->login) . "' />
1641 <input name='pass' type='hidden' value='" . attr($installer->pass) . "' />
1642 <input name='server' type='hidden' value='" . attr($installer->server) . "' />
1643 <input name='port' type='hidden' value='" . attr($installer->port) . "' />
1644 <input name='loginhost' type='hidden' value='" . attr($installer->loginhost) . "' />
1645 <input name='dbname' type='hidden' value='" . attr($installer->dbname) . "' />
1646 <input type='hidden' name='new_theme' id = 'new_theme' value='" . attr($installer->getCurrentTheme()) . "' />
1647 <input name='clone_database' type='hidden' value='" . attr($installer->clone_database) . "' />
1648 <input name='source_site_id' type='hidden' value='" . attr($installer->source_site_id) . "' />
1649 <h4>Select One:</h4>
1650 <div class='checkbox'>
1651 <label><input type='checkbox' class='check' value='show_theme' />Show More Themes</label>
1652 </div>
1653 <div class='checkbox'>
1654 <label><input type='checkbox' class='check' value='keep_current' />Keep Current</label>
1655 </div>
1656 <div class='hide_button' style='display:none;'>
1657 <button type='submit' class='btn btn-primary' value='Continue' id='continue'>
1658 <i class='fas fa-chevron-right'></i> " . text($btn_text) . "
1659 </button>
1660 </div>
1661 </form>
1662 </div>
1663 </div>\r\n";
1664 echo '<div class="row hideaway" style="display:none;">' . "\r\n";
1665 echo '<div class="col-12">' . "\r\n";
1666 echo ' <h4>Select New Theme: <h5>(scroll down to view all)</h5></h4>' . "\r\n";
1667 echo ' <br />' . "\r\n";
1668 $installer->displayThemesDivs();
1669 echo "</div>";
1670 break;
1671
1672 case 0:
1673 default:
1674 $top = <<<TOP
1675 <h3 class="mb-3 border-bottom">Pre Install - Checking File and Directory Permissions</h3>
1676 <div class="jumbotron p-5">
1677 <p>
1678 Welcome to OpenEMR. This utility will step you through the installation and configuration of OpenEMR for your practice.
1679 </p>
1680 <ul>
1681 <li>
1682 Before proceeding, be sure that you have a properly installed and configured MySQL server available, and a PHP configured webserver.
1683 </li>
1684 <li>
1685 <span class="text-highlight">Detailed installation instructions can be found in the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual file.</span>
1686 </li>
1687 <li>
1688 If you are upgrading from a previous version, <strong>DO NOT</strong> use this script. Please read the <strong>'Upgrading'</strong> section found in the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual file.
1689 </li>
1690 </ul>
1691 TOP;
1692 echo $top;
1693 if ($checkPermissions) {
1694 echo "<p>We will now ensure correct file and directory permissions before starting installation:</p>\n";
1695 echo "<p class='text-success m-0'>Ensuring following file is world-writable...</p>\n";
1696 $errorWritable = 0;
1697 foreach ($writableFileList as $tempFile) {
1698 if (is_writable($tempFile)) {
1699 echo "<code class='ml-5'>" . text(realpath($tempFile)) . "</code> file is <span class='text-success font-weight-bold'>ready</span><br /><br />\n";
1700 } else {
1701 echo "<p><span class='text-danger'>UNABLE</span> to open file '" . text(realpath($tempFile)) . "' for writing.<br />\n";
1702 echo "(configure file permissions; see below for further instructions)</p>\n";
1703 $errorWritable = 1;
1704 }
1705 }
1706
1707 if ($errorWritable) {
1708 $site_id_esc = attr($site_id);
1709 $check_file = <<<CHKFILE
1710 <p class="text-danger">You can't proceed until all above files are ready (world-writable).</p>
1711 <p>In linux, recommend changing file permissions with the <strong>'chmod 666 filename'</strong> command.</p>
1712 <p class='p-1 bg-danger text-white'>Fix above file permissions and then click the <strong>'Check Again'</strong> button to re-check files.</p>
1713 <br />
1714 <form method='post'>
1715 <input type='hidden' name='site' value='$site_id_esc' />
1716 <button type='submit' class='btn btn-primary' value='check again'>Check Again</button>
1717 </form>
1718 CHKFILE;
1719 echo $check_file . "\r\n";
1720 break;
1721 }
1722
1723 $errorWritable = 0;
1724 foreach ($writableDirList as $tempDir) {
1725 echo "<p class='text-success m-0'>Ensuring the <code>" . text(realpath($tempDir)) . "</code> directory and its subdirectories have proper permissions...</p>\n";
1726 $errorWritable = recursive_writable_directory_test($tempDir);
1727 }
1728
1729 if ($errorWritable) {
1730 $site_id_esc = attr($site_id);
1731 $check_directory = <<<CHKDIR
1732 <p class="text-danger">You can't proceed until all directories and subdirectories are ready.</p>
1733 <p>In linux, recommend changing owners of these directories to the web server. For example, in many linux OS's the web server user is 'apache', 'nobody', or 'www-data'. So if 'apache' were the web server user name, could use the command <strong>'chown -R apache:apache directory_name'</strong> command.</p>
1734 <p class='p-1 bg-warning'>Fix above directory permissions and then click the <strong>'Check Again'</strong> button to re-check directories.</p>
1735 <br />
1736 <form method='post'>
1737 <input type='hidden' name='site' value='$site_id_esc' />
1738 <button type='submit' value='check again'><b>Check Again</b></button>
1739 </form>
1740 CHKDIR;
1741 echo $check_directory . "\r\n";
1742 break;
1743 }
1744
1745 //RP_CHECK_LOGIC
1746 $_SESSION['bootstrapStateInSetup'] = 1;
1747 $site_id_esc = attr($site_id);
1748 $csrf_id_esc = attr(CsrfUtils::collectCsrfToken('state1'));
1749 $form = <<<FRM
1750 <p>All required files and directories have been verified.</p>
1751 <p class='mark'>Click <span class="font-weight-bold">Proceed to Step 1</span> to continue with a new installation.</p>
1752 <p class='p-1 bg-warning'>$caution: If you are upgrading from a previous version, <strong>DO NOT</strong> use this script. Please read the <strong>'Upgrading'</strong> section found in the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><u>'INSTALL'</u></a> manual file.</p>
1753 <br />
1754 <form method='post'>
1755 <input name='state' type='hidden' value='1' />
1756 <input name='site' type='hidden' value='$site_id_esc' />
1757 <input name='csrf_token_form' type='hidden' value='$csrf_id_esc' />
1758 <div class="form-group">
1759 <div class="col">
1760 <button type='submit' class='btn btn-primary' value='Continue'>
1761 <i class="fas fa-chevron-right"></i> Proceed to Step 1
1762 </button>
1763 </div>
1764 </div>
1765 </form>
1766 FRM;
1767 echo $form . "\r\n";
1768 } else {
1769 $_SESSION['bootstrapStateInSetup'] = 1;
1770 $site_id_esc = attr($site_id);
1771 $csrf_id_esc = attr(CsrfUtils::collectCsrfToken('state1'));
1772 $form = <<<FRM
1773 <br />
1774 <p class='p-1 bg-warning'>$caution: Permisssions checking has been disabled. All required files and directories have NOT been verified, please manually verify sites/$site_id_esc .</p>
1775 <p class='mark'>Click <b>Proceed to Step 1</b> to continue with a new installation.</p>
1776 <p class='p-1 bg-warning'>$caution: If you are upgrading from a previous version, <strong>DO NOT</strong> use this script. Please read the <strong>'Upgrading'</strong> section found in the <a href='Documentation/INSTALL' rel='noopener' target='_blank'><span style='text-decoration: underline;'>'INSTALL'</span></a> manual file.</p>
1777 <br />
1778 <form method='post'>
1779 <input name='state' type='hidden' value='1'>
1780 <input name='site' type='hidden' value='$site_id_esc'>
1781 <input name='csrf_token_form' type='hidden' value='$csrf_id_esc' />
1782 <button type='submit' value='Continue'><b>Proceed to Step 1</b></button>
1783 </form>
1784 FRM;
1785 echo $form . "\r\n"; }
1786 }
1787 $bot = <<<BOT
1788 </div>
1789 </div>
1790 </div>
1791 BOT;
1792 echo $bot . "\r\n";
1793 ?>
1794
1795
1796 </div><!--end of container div -->
1797 <?php $installer->setupHelpModal();?>
1798 <script>
1799 //jquery-ui tooltip
1800 $(function () {
1801 $('.icon-tooltip').prop( "title", "Click to see more information").tooltip({
1802 show: {
1803 delay: 700,
1804 duration: 0
1805 }
1806 });
1807 $('.enter-details-tooltip').prop( "title", "Additional help to fill out this form is available by hovering over labels of each box and clicking on the dark blue help ? icon that is revealed. On mobile devices tap once on the label to reveal the help icon and tap on the icon to show the help section").tooltip();
1808 $('.2fa-section-tooltip').prop( "title", "Two factor authentication prevents unauthorized access to openEMR thus improves security. It is optional. More information is available in the help file under Step 2 Database and OpenEMR Initial User Setup Details.").tooltip();
1809
1810
1811 });
1812 </script>
1813 <script>
1814 $(function () {
1815 $("input[type='radio']").click(function() {
1816 var radioValue = $("input[name='stylesheet']:checked").val();
1817 var imgPath = "public/images/stylesheets/";
1818 var currStyle = $("#current_theme_title").text();
1819 var currStyleTitle = currStyle;
1820 currStyle = currStyle.replace(/\b\w/g, l => l.toLowerCase());
1821 currStyle = currStyle.split(" ");
1822 currStyle = currStyle.join("_");
1823 currStyle = "style_" + currStyle + ".png";
1824 if (radioValue) {
1825 var currThemeText = radioValue.split("_");
1826 currThemeText = currThemeText.join(" ");
1827 currThemeText = currThemeText.replace(/\b\w/g, l => l.toUpperCase());
1828 var styleSelected = confirm("You have selected style - " + currThemeText + "\n" + "Click OK to apply selection");
1829 if (styleSelected) {
1830 $("#current_theme").attr("src", imgPath + "style_" + radioValue + ".png");
1831 $("#current_theme_title").text(currThemeText);
1832 $("#new_theme").val("style_" + radioValue + ".css");
1833 } else {
1834 $("#current_theme").attr("src", imgPath + currStyle);
1835 $("#current_theme_title").text(currStyleTitle);
1836 $(this).prop("checked", false);
1837 }
1838 }
1839 });
1840 $('.check').click(function() {
1841 $('.check').not(this).prop('checked', false);
1842 if($('.check:checked').val() == 'show_theme'){
1843 $(".hideaway").show();
1844 } else if($('.check:checked').val() == 'keep_current'){
1845 $(".hideaway").hide();
1846 }
1847
1848 if($('.check').filter(':checked').length > 0) {
1849 $(".hide_button").show();
1850 } else {
1851 $(".hide_button").hide();
1852 $(".hideaway").hide();
1853 }
1854 });
1855 $('.wait').removeClass('button-wait');
1856
1857 $( "#create_db_button" ).hover(
1858 function() {
1859 if (($('#iuserpass' ).val().length > 11 && $('#iuser' ).val().length > 11 ) || ($('#clone_database').prop('checked'))){
1860
1861 $("button").click(function(){
1862 $(".oe-spinner").css("visibility", "visible");
1863 });
1864
1865 $('.wait').click(function(){
1866 $('.wait').addClass('button-wait');
1867 });
1868 }
1869 }
1870 );
1871
1872 $("#step-4-btn").click(function(){
1873 $(".oe-spinner").css("visibility", "visible");
1874 $(this).addClass('button-wait');
1875 });
1876 });
1877 </script>
1878 </body>
1879 </html>
Mirror of official OpenEMR Sourceforge repository