* Repaired installation script.

classes/install.class.php

@@ -1,13 +1,13 @@
 <?php
-if(!defined('entry') || !entry) die('Not a valid page'); 
-require('classes/mysql_connection.class.php');
+if(!defined('entry') || !entry) die('Not a valid page');
+require(Absolute_Path.'/classes/mysql_connection.class.php');
 
 class Install {
 	var $data = null;
 	var $errors = null;
 	var $showForm;
 	var $errors_d = array();
-	
+
 	function Install(){
 		$this->errors_d[1]="The login field cannot be empty";
 		$this->errors_d[2]="The password field cannot be empty";
@@ -20,41 +20,39 @@ class Install {
 		$this->errors_d[9]="Password does not match the confirm password";
 		$this->errors_d[10]="The login field cannot be empty";
 	}
-	
+
     function run() {
-    	
+
     	if (empty($this->data)) false;
-    	
-    	if (!$this->create_config()) return false;
-    	
+
     	$this->create_db();
-    	
+
     	if (!$this->install_db()) return false;
-		
+
 		return true;
     }
-    
+
     function create_db(){
-		
+
 	    $link =  mysql_connect($this->data['db_host'], $this->data['db_login'], $this->data['db_password']);
 		if (!$link) {
 		    die('Could not connect: ' . mysql_error());
 		}
-		
+
 		$sql = 'CREATE DATABASE ' . $this->data['db_name'];
 		if (!mysql_query($sql, $link)) {
 			$link = mysql_close($link);
 			return false;
-		} 
-		
-		return true;    	
+		}
+
+		return true;
     }
-    
+
 	function install_db(){
 		require('config.php');
-		$db = new Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);	
+		$db = new Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);
 		$sqlStr = array();
-		
+
 		$sqlStr[] = "CREATE TABLE `".Table_prefix."data` (
 			  `id_post` int(11) NOT NULL auto_increment,
 			  `title` text NULL,
@@ -86,16 +84,16 @@ class Install {
 			  `url_installation` varchar(250) NOT NULL,
 			  PRIMARY KEY  (`title`)
 			) ENGINE = MYISAM ;";
-			
 
-		
+
+
 		$sqlStr[] = "CREATE TABLE `".Table_prefix."options` (
 		  `name` varchar(100) NOT NULL,
 		  `val` varchar(255) NOT NULL,
 		  PRIMARY KEY  (`name`)
 		) ENGINE = MYISAM ;";
 
-		
+
 		$sqlStr[] = "CREATE TABLE `".Table_prefix."comments` (
 		  `id_comment` int(11) NOT NULL auto_increment,
 		  `id_post` int(11) NOT NULL,
@@ -108,7 +106,7 @@ class Install {
 		  `spam` tinyint(4) NOT NULL,
 		  PRIMARY KEY  (`id_comment`)
 		) ENGINE = MYISAM ;";
-		
+
 		$sqlStr[] = "CREATE TABLE `".Table_prefix."feeds` (
 			`id_feed` int(11) NOT NULL auto_increment,
 			`url` varchar(255) NOT NULL,
@@ -122,13 +120,13 @@ class Install {
 			PRIMARY KEY  (`id_feed`)
 			) ENGINE=MyISAM ;";
 
-					
-		$sqlStr[] = "INSERT INTO `".Table_prefix."config` VALUES (". $this->data['posts_limit'] .", '".$this->data['title']."', '".$this->data['description']."', '".$this->data['lang']."', '".$this->data['template']."', '".$this->data['url_installation']."');";		
+
+		$sqlStr[] = "INSERT INTO `".Table_prefix."config` VALUES (". $this->data['posts_limit'] .", '".$this->data['title']."', '".$this->data['description']."', '".$this->data['lang']."', '".$this->data['template']."', '".$this->data['url_installation']."');";
 		$sqlStr[] = "INSERT INTO `".Table_prefix."users` VALUES ('', '', '".$this->data['login']."', '".md5($this->data['password'])."', '".$this->data['email']."', '".$this->data['website']."', '".$this->data['about']."');";
 		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('url_friendly', '0');";
-		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('rich_text', '0');";		
+		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('rich_text', '0');";
 		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('allow_comments', '0');";
-		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('offset_city', '".$this->data['offset_city']."');";		
+		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('offset_city', '".$this->data['offset_city']."');";
 		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('offset_time', '".$this->data['offset_time']."');";
 		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('shorten_links', '0');";
 		$sqlStr[] = "INSERT INTO `".Table_prefix."options` VALUES ('rss_import_frec', '5 minutes');";
@@ -141,7 +139,7 @@ class Install {
 
 		return true;
 	}
-	
+
 	function inerrors($n) {
 		if ( strpos($this->errors,$n)===false) {
 			return false;
@@ -149,7 +147,7 @@ class Install {
 			return true;
 		}
 	}
-	
+
 	function mostrarerror($n) {
 		if ($this->inerrors($n)) {
 			return '<span class="error">'.$this->errors_d[$n].'</span>';
@@ -157,12 +155,12 @@ class Install {
 			return "";
 		}
 	}
-	
+
 	function is_gelato_installed(){
-		if(file_exists('config.php')) {
-			@include("config.php");
-			if (!$this->check_for_config()){ 
-				return false; 
+		if(file_exists(Absolute_Path.'config.php')) {
+			@include(Absolute_Path."config.php");
+			if (!$this->check_for_config()){
+				return false;
 			} else {
 				if (!$this->is_db_installed()){
 					return false;
@@ -173,18 +171,18 @@ class Install {
 			return false;
 		}
 	}
-	
+
 	function is_db_installed(){
-			$db = new Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);	
+			$db = new Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);
 				$sqlStr = "SELECT * FROM `".Table_prefix."config`";
 				if($db->ejecutarConsulta($sqlStr)) {
 					return ($db->contarRegistros() > 0);
 			}else{
 			return false;
 			}
-	
+
 	}
-	
+
 	function check_for_config(){
 		if(!defined('DB_Server')) return false;
 		if(!defined('DB_name')) return false;
@@ -192,57 +190,24 @@ class Install {
 		if(!defined('DB_Password')) return false;
 		return true;
 	}
-	
-	function create_config(){
-		$config = fopen("config.php", 'w+');
-		$contents = '<?php
-if(!defined(\'entry\') || !entry) die(\'Not a valid page\'); 
-/* ===========================
-
-  gelato CMS - A PHP based tumblelog CMS
-  development version
-  http://www.gelatocms.com/
-
-  gelato CMS is a free software licensed under the GPL 2.0
-  Copyright (C) 2007 by Pedro Santana <pecesama at gmail dot com>
-
-  =========================== */
-
-define(\'DB_Server\', \''. $this->data['db_host'] . '\');
-define(\'DB_name\', \''. $this->data['db_name'] . '\');
-define(\'DB_User\', \''. $this->data['db_login'] . '\');
-define(\'DB_Password\', \''. $this->data['db_password'] . '\'); 
-define(\'Table_prefix\', \'gel_\');
-define(\'Absolute_Path\', dirname(__FILE__).DIRECTORY_SEPARATOR);
-
-?>';
-
-	    if (fwrite($config, $contents) === FALSE) {
-	        $this->errors = "Could not write config file to directory";
-	        return false;
-	    } 
-	    fclose($config);
-	    return true;		
-	}
-	
+
 	function check_form(){
 
 		$action="";
-		
+
 		if (isset($this->data['action'])){
 			$action=$this->data['action'];
 		}
-		
+
 		if (!$this->is_gelato_installed()){
-			
+
 		$this->showForm = true;
-			
-		
+
 			if ($action=="config") {
-				
+
 				$sep_err="";
 				$this->errors = false;
-				
+
 				if (!$this->data['login']) {
 					$this->errors =$this->errors.$sep_err."1";
 					$sep_err="|";
@@ -274,31 +239,31 @@ define(\'Absolute_Path\', dirname(__FILE__).DIRECTORY_SEPARATOR);
 				if ($this->data['password']!=$_POST['password2']) {
 					$this->errors=$this->errors.$sep_err."3";
 					$sep_err="|";
-				}				
+				}
 				if ( $_POST['db_password']!=$_POST['db_password2']) {
 					$this->errors=$this->errors.$sep_err."9";
 					$sep_err="|";
-				}				
-				
+				}
+
 				$off_r= split("," , $this->data['time_offsets']);
 				$this->data['offset_time'] = $off_r[0];
 				$this->data['offset_city'] = $off_r[1];
 				unset($this->data['time_offsets']);
-				
+
 				if (!$this->errors) {
-							
+
 					if ($this->run($this->data)) {
 						$this->showForm=false;
 					} else {
 						$this->errors=$this->errors.$sep_err."6";
 						$sep_err="|";
 						$this->showForm=true;
-					}		
+					}
 				} else {
 					$this->showForm=true;
 				}
 			}
-		}	
-	}	
+		}
+	}
 }
 ?>

classes/mysql_connection.class.php

@@ -15,26 +15,26 @@
 // constantes
 define('MYSQL_TYPES_NUMERIC', 'int real ');
 define('MYSQL_TYPES_DATE', 'datetime timestamp year date time ');
-define('MYSQL_TYPES_STRING', 'string blob '); 
+define('MYSQL_TYPES_STRING', 'string blob ');
 
 class Conexion_Mysql {
 
-	var $mbase_datos;	
-	var $mservidor;	
-	var $musuario;	
-	var $mclave; 
-	var $mid_conexion = 0; 	// Identificador de conexión	
+	var $mbase_datos;
+	var $mservidor;
+	var $musuario;
+	var $mclave;
+	var $mid_conexion = 0; 	// Identificador de conexi�n
 	var $mid_consulta = 0; 	// Identificador de consulta
-	var $merror_numero = 0;		// Número de error			
-	var $merror = "";		// Descripción del error.
-	
-	/** Al crear una instancia de clase, se ejecutará esta función */	
-	function Conexion_Mysql($bd="", $host="localhost", $user="", $pass="") {	
-		$this->mbase_datos = $bd;	
-		$this->mservidor = $host;	
-		$this->musuario = $user;	
+	var $merror_numero = 0;		// N�mero de error
+	var $merror = "";		// Descripci�n del error.
+
+	/** Al crear una instancia de clase, se ejecutara esta funcion */
+	function Conexion_Mysql($bd="", $host="localhost", $user="", $pass="") {
+		$this->mbase_datos = $bd;
+		$this->mservidor = $host;
+		$this->musuario = $user;
 		$this->mclave = $pass;
-		
+
 		if (!$this->conectar()) {
 			$mensaje = "
 				<h3 class=\"important\">Error establishing a database connection</h3>
@@ -44,42 +44,42 @@ class Conexion_Mysql {
 					<li>Are you sure that you have typed the correct hostname?</li>
 					<li>Are you sure that the database server is running?</li>
 				</ul>";
-			die($mensaje);			
+			die($mensaje);
 		}
 	}
-	
-	/** Conectar a la base de datos */	
-	function conectar() {		
-		// Conectamos al servidor		
-		$this->mid_conexion = @mysql_connect($this->mservidor, $this->musuario, $this->mclave);		
-		if (!$this->mid_conexion) {		
-			$this->merror = "No se logró realizar la conexión.";		
+
+	/** Conectar a la base de datos */
+	function conectar() {
+		// Conectamos al servidor
+		$this->mid_conexion = @mysql_connect($this->mservidor, $this->musuario, $this->mclave);
+		if (!$this->mid_conexion) {
+			$this->merror = "No se logr� realizar la conexi�n.";
 			return false;
-		}	 
-		//seleccionamos la base de datos		
-		if (!@mysql_select_db($this->mbase_datos, $this->mid_conexion)) {		
-			$this->merror = "No se puede abrir la base ".$this->mbase_datos ;		
-			return false;		
-		}	 
-		return $this->mid_conexion;	// Si todo salio bien regresa el id de la conexión
-	}	
-	
-	/** Para ejecutar consultas en la conexión abierta */	
+		}
+		//seleccionamos la base de datos
+		if (!@mysql_select_db($this->mbase_datos, $this->mid_conexion)) {
+			$this->merror = "No se puede abrir la base ".$this->mbase_datos ;
+			return false;
+		}
+		return $this->mid_conexion;	// Si todo salio bien regresa el id de la conexi�n
+	}
+
+	/** Para ejecutar consultas en la conexi�n abierta */
 	function ejecutarConsulta($msql = "") {
-		if ($msql == "") {	
-			$this->merror = "No introdujo la sentencia SQL";	
-			return false;	
-		}		
-		//ejecutamos la consulta		
-		$this->mid_consulta = mysql_query($msql, $this->mid_conexion);		
-		if (!$this->mid_consulta) {		
-			$this->merror_numero = mysql_errno();		
+		if ($msql == "") {
+			$this->merror = "No introdujo la sentencia SQL";
+			return false;
+		}
+		//ejecutamos la consulta
+		$this->mid_consulta = mysql_query($msql, $this->mid_conexion);
+		if (!$this->mid_consulta) {
+			$this->merror_numero = mysql_errno();
 			$this->merror = mysql_error()." error";
-			return false;		
-		}				
-		return $this->mid_consulta; // Si todo salio bien regresa el id de la consulta	
-	}	
-	
+			return false;
+		}
+		return $this->mid_consulta; // Si todo salio bien regresa el id de la consulta
+	}
+
 	/**
 	 * Inserta un registro en la DB por cada llave->valor en un arreglo.
 	 * No se debe usar sentencias SQL con esta funcion.
@@ -90,26 +90,26 @@ class Conexion_Mysql {
 	 * @return string El ID del insert, verdadero si la tabla no tiene un campo auto_increment o false si ocurre un error.
 	 */
 	function insertarDeFormulario($tabla, $datos) {
-	  	  
+
 	  if (empty($datos)) {
 		 $this->merror = "Debes de pasar un arreglo como parametro.";
 		 return false;
 	  }
-	  
+
 	  $cols = '(';
 	  $sqlValues = '(';
-	  
+
 	  foreach ($datos as $llave=>$valor) {
-		  
-		 $cols .= "$llave,"; 
-		 
+
+		 $cols .= "$llave,";
+
 		 $tipo_col = $this->obtenerTipoCampo($tabla, $llave);  // obtiene el tipo de campo
 		 if (!$tipo_col) return false;  // error!
-		 
+
 		 // determina si se necesita poner comillas al valor.
 		 if (is_null($valor)) {
-			$sqlValues .= "NULL,";   
-		 } 
+			$sqlValues .= "NULL,";
+		 }
 		 elseif (substr_count(MYSQL_TYPES_NUMERIC, "$tipo_col ")) {
 			$sqlValues .= "$valor,";
 		 }
@@ -119,17 +119,17 @@ class Conexion_Mysql {
 		 }
 		 elseif (substr_count(MYSQL_TYPES_STRING, "$tipo_col ")) {
 			$valor = $this->sql_escape($valor);
-			$sqlValues .= "'$valor',";  
+			$sqlValues .= "'$valor',";
 		 }
 	  }
 	  $cols = rtrim($cols, ',').')';
-	  $sqlValues = rtrim($sqlValues, ',').')';     
-	  
-	  // inserta los valores en la DB	  
+	  $sqlValues = rtrim($sqlValues, ',').')';
+
+	  // inserta los valores en la DB
 	  $sql = "INSERT INTO $tabla $cols VALUES $sqlValues";
-	  return $this->ejecutarConsulta($sql);	  
+	  return $this->ejecutarConsulta($sql);
 	}
-	
+
 	/**
 	 * Modifica un registro en la DB por cada llave->valor en un arreglo.
 	 * No se debe usar sentencias SQL con esta funcion.
@@ -143,7 +143,7 @@ class Conexion_Mysql {
 	 * 		Falso si ocurrio algun error.
 	 */
 	function modificarDeFormulario($tabla, $datos, $condicion="") {
-      
+
 		if (empty($datos)) {
 			$this->merror = "Debes de pasar un arreglo como parametro.";
 			return false;
@@ -152,14 +152,14 @@ class Conexion_Mysql {
 		$sql = "UPDATE $tabla SET";
 		foreach ($datos as $llave=>$valor) {
 			$sql .= " $llave=";
-			
+
 			$tipo_col = $this->obtenerTipoCampo($tabla, $llave);  // obtiene el tipo de campo
 			if (!$tipo_col) return false;  // error!
-			
+
 			// determina si se necesita poner comillas al valor.
 			if (is_null($valor)) {
-			$sql .= "NULL,";   
-			} 
+			$sql .= "NULL,";
+			}
 			elseif (substr_count(MYSQL_TYPES_NUMERIC, "$tipo_col ")) {
 			$sql .= "$valor,";
 			}
@@ -169,25 +169,25 @@ class Conexion_Mysql {
 			}
 			elseif (substr_count(MYSQL_TYPES_STRING, "$tipo_col ")) {
 			$valor = $this->sql_escape($valor);
-			$sql .= "'$valor',";  
-			}	
+			$sql .= "'$valor',";
+			}
 		}
 		$sql = rtrim($sql, ','); // elimina la ultima coma
 		if (!empty($condicion)) $sql .= " WHERE $condicion";
-		
+
 		// modifica los valores
 		return $this->ejecutarConsulta($sql);
 	}
-	
+
 	/**
-	 * Obtiene la informacion sobre un campo usando la funcion mysql_fetch_field.	 
+	 * Obtiene la informacion sobre un campo usando la funcion mysql_fetch_field.
 	 *
 	 * @param mixed $tabla El nombre de la tabla en la BD.
 	 * @param string $campo El campo del que se desea la informacion.
 	 * @return array Un arreglo con la informacion del campo o false si hay algun error.
 	 */
 	function obtenerTipoCampo($tabla, $campo) {
-	
+
 	  $r = mysql_query("SELECT $campo FROM $tabla");
 	  if (!$r) {
 		 $this->merror = mysql_error();
@@ -200,9 +200,9 @@ class Conexion_Mysql {
 		 return false;
 	  }
 	  mysql_free_result($r);
-	  return $ret;	  
+	  return $ret;
 	}
-   
+
 	/**
 	 * Convierte una fecha en formato para DB.
 	 *
@@ -214,7 +214,7 @@ class Conexion_Mysql {
 			if(eregi("^([0-9]+)$",$valor)){
 				$valor = date("Y-m-d H:i:s",$valor);
 			}else{
-				// Estariá en el formato strtotime()
+				// Estari� en el formato strtotime()
 				$valor = date("Y-m-d H:i:s",strtotime($valor));
 			}
 		}
@@ -222,56 +222,56 @@ class Conexion_Mysql {
 	/*  if (gettype($valor) == 'string') $valor = strtotime($valor);
 	  return date('Y-m-d H:i:s', $valor);
 	*/
-	}	
+	}
 
 	/**
 	 * Obtiene el registro obtenido de una consulta.
 	 */
-	function obtenerRegistro() {				
-		return mysql_fetch_assoc($this->mid_consulta);	  	
-	}	
-	
+	function obtenerRegistro() {
+		return mysql_fetch_assoc($this->mid_consulta);
+	}
+
 	/**
-	 * Devuelve el número de campos de una consulta.
+	 * Devuelve el n�mero de campos de una consulta.
 	 */
-	function contarCampos() {	
-		return mysql_num_fields($this->mid_consulta);	
-	}	
-	
+	function contarCampos() {
+		return mysql_num_fields($this->mid_consulta);
+	}
+
 	/**
-	 * Devuelve el número de registros de una consulta.
+	 * Devuelve el n�mero de registros de una consulta.
 	 */
-	function contarRegistros() {	
-		return @mysql_num_rows($this->mid_consulta);	
-	}	
-	
+	function contarRegistros() {
+		return @mysql_num_rows($this->mid_consulta);
+	}
+
 	/**
 	 * Devuelve el nombre de un campo de una consulta.
 	 */
-	function obtenerNombreCampo($numero_campo) {	
-		return mysql_field_name($this->mid_consulta, $numero_campo);	
-	}	
-	
+	function obtenerNombreCampo($numero_campo) {
+		return mysql_field_name($this->mid_consulta, $numero_campo);
+	}
+
 	/**
 	 * Muestra los datos de una consulta (para debug).
 	 */
 	function verConsulta() {
-		echo "<table border=1>\n";	 	
-		// mostramos los nombres de los campos		
-		for ($i = 0; $i < $this->contarCampos(); $i++) {		
-			echo "<td><b>".$this->obtenerNombreCampo($i)."</b></td>\n";		
-		}		
-		echo "</tr>\n";		
+		echo "<table border=1>\n";
+		// mostramos los nombres de los campos
+		for ($i = 0; $i < $this->contarCampos(); $i++) {
+			echo "<td><b>".$this->obtenerNombreCampo($i)."</b></td>\n";
+		}
+		echo "</tr>\n";
 		// mostrarmos los registros
-		while ($row = mysql_fetch_row($this->mid_consulta)) {		
-			echo "<tr> \n";		
-			for ($i = 0; $i < $this->contarCampos(); $i++) {		
-				echo "<td>".$row[$i]."</td>\n";		
-			}		
-			echo "</tr>\n";		
-		}	
+		while ($row = mysql_fetch_row($this->mid_consulta)) {
+			echo "<tr> \n";
+			for ($i = 0; $i < $this->contarCampos(); $i++) {
+				echo "<td>".$row[$i]."</td>\n";
+			}
+			echo "</tr>\n";
+		}
 	}
-	
+
 	/**
 	 * Cierra la conexion a la BD.
 	 */
@@ -289,6 +289,6 @@ class Conexion_Mysql {
 	          $value = addslashes($value);
 	    }
 	    return $value;
-	}	
+	}
 } //fin de la Clase conexion_mysql
 ?>

classes/user.class.php

@@ -1,5 +1,5 @@
 <?php
-if(!defined('entry') || !entry) die('Not a valid page'); 
+if(!defined('entry') || !entry) die('Not a valid page');
 /* ===========================
 
   gelato CMS - A PHP based tumblelog CMS
@@ -20,7 +20,6 @@ class user extends Conexion_Mysql {
 	var $cookieTime;
 	var $persist = false;
 
-
 	function user() {
 		parent::Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);
 		$this->cookie_life = 60*24*3600;
@@ -29,19 +28,19 @@ class user extends Conexion_Mysql {
 	}
 
 	function isAdmin() {
-		
+
 		if ((!empty($_SESSION["user_id"]) && !empty($_SESSION["user_login"]))  && (isset($_SESSION['authenticated'])  && $_SESSION['authenticated']==true)) {
 			return true;
 		}
-		
+
 		if(isset($_COOKIE["PHPSESSID"]) && $_COOKIE["PHPSESSID"]!="") {
 			if ((!empty($_SESSION["user_id"]) && !empty($_SESSION["user_login"]))  && (isset($_SESSION['authenticated'])  && $_SESSION['authenticated']==true)) {
 				return true;
-			} 
+			}
 		}
-		
+
 		return false;
-		
+
 	}
 
 	function validateUser($username="", $password="") {
@@ -55,7 +54,7 @@ class user extends Conexion_Mysql {
 				if (isset($_POST["save_pass"])) {
 					$this->persist = true;
 					setcookie("PHPSESSID",session_id(),$this->cookieTime+$this->cookie_life);
-				} 
+				}
 				return true;
 			} else {
 				return false;
@@ -65,9 +64,9 @@ class user extends Conexion_Mysql {
 		}
 	}
 
-	function closeSession() {	
+	function closeSession() {
 		if (!$this->persist) session_destroy();
-		return true;	
+		return true;
 	}
 
 	function userExist($user="") {
@@ -79,7 +78,7 @@ class user extends Conexion_Mysql {
 			}
 		}
 	}
-	
+
 	function isAuthenticated(){
 		return $this->isAdmin();
 	}
@@ -133,7 +132,7 @@ class user extends Conexion_Mysql {
 				return false;
 			}
 		}
-	}	
+	}
 
 	function confirmationEmail($email="", $user="", $password="") {
 		$msg =  "<font face=verdana><em><font size=2>Account information on <strong>gelato CMS</strong></font></em><br/><br/>";

config-sample.php

@@ -1,5 +1,5 @@
 <?php
-if(!defined('entry') || !entry) die('Not a valid page'); 
+if(!defined('entry') || !entry) die('Not a valid page');
 /* ===========================
 
   gelato CMS - A PHP based tumblelog CMS
@@ -14,8 +14,7 @@ if(!defined('entry') || !entry) die('Not a valid page');
 define('DB_Server', '[server]');
 define('DB_name', '[database]');
 define('DB_User', '[userdb]');
-define('DB_Password', '[dbpass]'); 
+define('DB_Password', '[dbpass]');
 define('Table_prefix', 'gel_');
-define('Absolute_Path', dirname(__FILE__).DIRECTORY_SEPARATOR);
 
 ?>

entry.php

@@ -20,26 +20,35 @@
  * admin/admin.php
  * admin/comments.php
  * admin/user.php
- * admin/feeds.php 
+ * admin/feeds.php
  * classes/imgsize.php
  */
 
- 
 // PHP settings specific to Gelato
 ini_set('pcre.backtrack_limit', '10000');
+// Globals to be used throughout the application
+define('Absolute_Path', dirname(__FILE__).DIRECTORY_SEPARATOR);
+$installed = true;
+$configFile = Absolute_Path.'config.php';
 
-// Globals to be used throughout the application        
-$configFile = dirname(__FILE__).DIRECTORY_SEPARATOR."config.php";
-
-if (!file_exists($configFile)) {
-	header("Location: install.php");  
-} else {
-        require(dirname(__FILE__).DIRECTORY_SEPARATOR."config.php");
-}       
+if(strpos($_SERVER['REQUEST_URI'],'/admin'))$dir = "../"; else $dir = "";
+if (!file_exists($configFile) and basename($_SERVER['PHP_SELF'])!='install.php'){
+	header("Location: {$dir}install.php");exit;
+}else{
+	include(Absolute_Path.'classes/install.class.php');
+	$install = new Install();
+	if(!$install->is_gelato_installed()){
+		if(basename($_SERVER['PHP_SELF'])!='install.php'){
+				header("Location: {$dir}install.php");exit;
+			}
+		$installed = false;
+	}
+}
 
+require($configFile);
 require_once("classes/configuration.class.php");
 require_once("classes/textile.class.php");
-require_once("classes/gelato.class.php");    
+require_once("classes/gelato.class.php");
 require_once("classes/templates.class.php");
 require_once("classes/pagination.class.php");
 require_once("classes/user.class.php");
@@ -50,17 +59,17 @@ require_once(Absolute_Path.'classes'.DIRECTORY_SEPARATOR.'streams.class.php');
 require_once(Absolute_Path.'classes'.DIRECTORY_SEPARATOR.'gettext.class.php');
 require_once(Absolute_Path.'classes'.DIRECTORY_SEPARATOR.'lang.functions.php');
 
-// Globals to be used throughout the application
-$user = new user();
-$tumble = new gelato();
-$conf = new configuration();
-$db = new Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);
-
-
-session_start();
+if($installed){
+	// Globals to be used throughout the application
+	$user = new user();
+	$tumble = new gelato();
+	$conf = new configuration();
+	$db = new Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);
 
-$feeds = new feeds();
-$feeds->updateFeeds();
-unset($feeds);
+	session_start();
 
+	$feeds = new feeds();
+	$feeds->updateFeeds();
+	unset($feeds);
+}
 ?>

install.php

@@ -1,5 +1,5 @@
 <?php
-if(!defined('entry'))define('entry', true);
+if(!defined('entry') || !entry) define('entry',true);
 /* ===========================
 
   gelato CMS - A PHP based tumblelog CMS
@@ -11,47 +11,52 @@ if(!defined('entry'))define('entry', true);
 
   =========================== */
 
-require('entry.php');
-global $user, $conf, $tumble;
+// Received a valid request, better start setting globals we'll need throughout the app in entry.php
+require_once('entry.php');
 
-include('classes/install.class.php'); 
-$install = new Install(); 
+$configFile = Absolute_Path."config.php";
+if(file_exists($configFile)){
+	require($configFile);
+}else{
+	exit("You need to rename config-sample.php to config.php and fill out the required details.");
+}
 
+global $user, $conf, $tumble;
+$install = new Install();
 $install->data = $_POST;
 $install->check_form();
-
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
 	<meta name="generator" content="gelato cms <?php echo version();?>" />
-	<title>gelato :: installation</title>	
+	<title>gelato :: installation</title>
 	<link rel="shortcut icon" href="images/favicon.ico" />
-	<style type="text/css" media="screen">	
-		@import "admin/css/style.css";		
-	</style>		
+	<style type="text/css" media="screen">
+		@import "admin/css/style.css";
+	</style>
 </head>
 <body>
 <div id="cont">
 	<div id="head">
 		<h1><a href="index.php" title="gelato :: home">gelato cms</a></h1>
 	</div>
-	
+
 	<div id="main">
-	
+
 <?php
 
 	if ($install->showForm) {
 ?>
-	
+
 	<div class="box">
 		<ul class="menu manage">
 		<h3>gelato :: installation</h3>
 
 		<li class="selected"><a>Install</a></li>
 		</ul>
-	
+
 		<div class="tabla">
 			<form action="install.php" method="post" id="config_form" autocomplete="off" class="newpost">
 				<fieldset class="install">
@@ -62,11 +67,11 @@ $install->check_form();
 						<li><label for="password">Password:</label>
 							<input type="password" name="db_password" id="db_password" value="" class="txt"/></li>
 						<li><label for="password2">Re-type password:</label>
-							<input type="password" name="db_password2" id="db_password2" value="" class="txt"/><?php echo $install->mostrarerror("9")?></li>						
+							<input type="password" name="db_password2" id="db_password2" value="" class="txt"/><?php echo $install->mostrarerror("9")?></li>
 						<li><label for="email">Database Host:</label>
-							<input type="text" name="db_host" id="db_host" value="<?php echo (!empty($install->data['db_host']))?  $install->data['db_host'] : 'localhost'?>" class="txt"/><?php echo $install->mostrarerror("7")?></li>	
+							<input type="text" name="db_host" id="db_host" value="<?php echo (!empty($install->data['db_host']))?  $install->data['db_host'] : 'localhost'?>" class="txt"/><?php echo $install->mostrarerror("7")?></li>
 						<li><label for="email">Database Name:</label>
-							<input type="text" name="db_name" id="db_name" value="<?php echo (!empty($install->data['db_name']))?  $install->data['db_name'] : 'gelatocms'?>" class="txt"/><?php echo $install->mostrarerror("8")?></li>											
+							<input type="text" name="db_name" id="db_name" value="<?php echo (!empty($install->data['db_name']))?  $install->data['db_name'] : 'gelatocms'?>" class="txt"/><?php echo $install->mostrarerror("8")?></li>
 					</ul>
 				</fieldset><br  />
 				<fieldset class="install">
@@ -77,14 +82,14 @@ $install->check_form();
 						<li><label for="password">Password:</label>
 							<input type="password" name="password" id="password" value="" class="txt"/><?php echo $install->mostrarerror("2")?></li>
 						<li><label for="password2">Re-type password:</label>
-							<input type="password" name="password2" id="password2" value="" class="txt"/><?php echo $install->mostrarerror("3")?></li>						
+							<input type="password" name="password2" id="password2" value="" class="txt"/><?php echo $install->mostrarerror("3")?></li>
 						<li><label for="email">E-mail:</label>
-							<input type="text" name="email" id="email" value="<?php echo $install->data['email']?>" class="txt"/><?php echo $install->mostrarerror("4")?></li>						
+							<input type="text" name="email" id="email" value="<?php echo $install->data['email']?>" class="txt"/><?php echo $install->mostrarerror("4")?></li>
 					</ul>
 				</fieldset><br  />
 				<fieldset class="install">
 					<legend class="install">Tumblelog configuration</legend>
-					<ul>							
+					<ul>
 						<li><label for="title">Title:</label>
 							<input type="text" name="title" id="title" value="<?php echo $install->data['title']?>" class="txt"/></li>
 						<li><label for="description">Description:</label>
@@ -102,9 +107,9 @@ $install->check_form();
 							<select id="template" name="template">
 <?php
 							$themes = getThemes();
-							foreach ($themes as $theme) {									
+							foreach ($themes as $theme) {
 								echo "<option value=\"".$theme."\" selected=\"true\">".$theme."</option>\n";
-								
+
 							}
 ?>							</select>
 						<li>
@@ -175,17 +180,17 @@ $install->check_form();
 						</li>
 					</ul>
 				</fieldset>
-				<p>	
+				<p>
 					<input type="hidden" name="website" id="website" value="" />
 					<input type="hidden" name="about" id="about" value="" />
 					<input type="hidden" name="action" id="action" value="config" />
 					<input type="submit" name="btnsubmit" id="btnsubmit" value="<< Install >>" class="submit"/>
 				</p>
-			</form>		
+			</form>
 		</div>
 		<div class="footer-box">&nbsp;</div>
 	</div>
-	
+
 <?php
 	} else {
 		echo "<p><em>Finished!</em></p>";
@@ -197,7 +202,7 @@ $install->check_form();
 	<div id="foot">
 		<a href="http://www.gelatocms.com/" title="gelato CMS">gelato CMS</a> :: PHP/MySQL Tumblelog Content Management System.
 	</div>
-	
+
 </div>
 </body>
 </html>