Revision de la seguidad para ejecutar el instalar luego de que se instalo el gelato.

admin/css/style.css

 form.newpost select{ position:absolute; right:10px; top:1px;}
 html > body form.newpost select{min-width:100px;}
 
-legend.install{font: normal 16.5px/17px georgia, "times new roman", serif; border: 0; margin-top: 0px; padding-top:0; margin-bottom: 0; padding-bottom: 0; color: #c60; margin-bottom: 10px;}
+legend.install{font: normal 16.5px/17px georgia, "times new roman", serif; border: 1px solid #ddd; margin-top: 0px; padding:5px; margin-bottom: 0; color: #c60; margin-bottom: 5px; background-color:#fff;}
+fieldset.install{border:1px solid #dfdfdf; padding:10px;}
+fieldset.install input.txt{width:468px;}
 
 .tabla{  margin:15px 15px; }
 .entry{ background-color:#efefef; border:1px solid #ccc; margin:20px 15px;}

classes/install.class.php

 		$this->errors_d[6]="Error establishing a database connection";
 		$this->errors_d[7]="Please add a hostname for the database server";
 		$this->errors_d[8]="Please name the database";
+		$this->errors_d[9]="Password does not match the confirm password";
+		$this->errors_d[10]="The login field cannot be empty";
 	}
 	
     function run() {
 	}
 	
 	function is_gelato_installed(){
-		if (!$this->check_for_config()){ 
-			return false; 
-		} else {
-			if (!$this->is_db_installed()){
-				return false;
+		if(file_exists('config.php')) {
+			@include("config.php");
+			if (!$this->check_for_config()){ 
+				return false; 
+			} else {
+				if (!$this->is_db_installed()){
+					return false;
+				}
 			}
-			
+			return true;
+		}else{
+			return false;
 		}
-		
-		return true;
 	}
 	
 	function is_db_installed(){
-			global $db;	
-			if (function_exists($db->ejecutarConsulta)){
+			$db = new Conexion_Mysql(DB_name, DB_Server, DB_User, DB_Password);	
 				$sqlStr = "SELECT * FROM `".Table_prefix."config`";
 				if($db->ejecutarConsulta($sqlStr)) {
 					return ($db->contarRegistros() > 0);
-				}
-			} else {
-				false;
+			}else{
+			return false;
 			}
 	
 	}
 	
 	function check_for_config(){
-		if(!file_exists('config.php')) return false;
 		if(!defined('DB_Server')) return false;
 		if(!defined('DB_name')) return false;
 		if(!defined('DB_User')) return false;
 		if(!defined('DB_Password')) return false;
-		
 		return true;
 	}
 	
 				$sep_err="";
 				$this->errors = false;
 				
-				if (!$this->data['login'] || !$this->data['db_login']) {
+				if (!$this->data['login']) {
 					$this->errors =$this->errors.$sep_err."1";
 					$sep_err="|";
 				}
-				if (!$this->data['password'] ||  !$this->data['db_password']) {
+				if (!$this->data['db_login']) {
+					$this->errors =$this->errors.$sep_err."10";
+					$sep_err="|";
+				}
+				if (!$this->data['password']) {
 					$this->errors=$this->errors.$sep_err."2";
 					$sep_err="|";
 				}
 					$this->errors=$this->errors.$sep_err."8";
 					$sep_err="|";
 				}
-				if ($this->data['password']!=$_POST['password2'] ||  $_POST['db_password']!=$_POST['db_password2'] ) {
+				if ($this->data['password']!=$_POST['password2']) {
 					$this->errors=$this->errors.$sep_err."3";
 					$sep_err="|";
-				}
+				}				
+				if ( $_POST['db_password']!=$_POST['db_password2']) {
+					$this->errors=$this->errors.$sep_err."9";
+					$sep_err="|";
+				}				
+				
 				$off_r= split("," , $this->data['time_offsets']);
 				$this->data['offset_time'] = $off_r[0];
 				$this->data['offset_city'] = $off_r[1];

install.php

 	
 		<div class="tabla">
 			<form action="install.php" method="post" id="config_form" autocomplete="off" class="newpost">
-				<fieldset>
+				<fieldset class="install">
 					<legend class="install">Database Settings</legend>
 					<ul>
 						<li><label for="login">User:</label>
-							<input type="text" name="db_login" id="db_login" value="" class="txt"/><?php echo $install->mostrarerror("1")?></li>
+							<input type="text" name="db_login" id="db_login" value="<?php echo $install->data['db_login']?>" class="txt"/><?php echo $install->mostrarerror("10")?></li>
 						<li><label for="password">Password:</label>
-							<input type="password" name="db_password" id="db_password" value="" class="txt"/><?php echo $install->mostrarerror("2")?></li>
+							<input type="password" name="db_password" id="db_password" value="" class="txt"/></li>
 						<li><label for="password2">Re-type password:</label>
-							<input type="password" name="db_password2" id="db_password2" value="" class="txt"/><?php echo $install->mostrarerror("3")?></li>						
+							<input type="password" name="db_password2" id="db_password2" value="" class="txt"/><?php echo $install->mostrarerror("9")?></li>						
 						<li><label for="email">Database Host:</label>
-							<input type="text" name="db_host" id="db_host" value="localhost" class="txt"/><?php echo $install->mostrarerror("7")?></li>	
+							<input type="text" name="db_host" id="db_host" value="<?php echo (!empty($install->data['db_host']))?  $install->data['db_host'] : 'localhost'?>" class="txt"/><?php echo $install->mostrarerror("7")?></li>	
 						<li><label for="email">Database Name:</label>
-							<input type="text" name="db_name" id="db_name" value="gelatocms" class="txt"/><?php echo $install->mostrarerror("8")?></li>											
+							<input type="text" name="db_name" id="db_name" value="<?php echo (!empty($install->data['db_name']))?  $install->data['db_name'] : 'gelatocms'?>" class="txt"/><?php echo $install->mostrarerror("8")?></li>											
 					</ul>
 				</fieldset><br  />
-				<fieldset>
+				<fieldset class="install">
 					<legend class="install">Admin user</legend>
 					<ul>
 						<li><label for="login">User:</label>
-							<input type="text" name="login" id="login" value="" class="txt"/><?php echo $install->mostrarerror("1")?></li>
+							<input type="text" name="login" id="login" value="<?php echo $install->data['login']?>" class="txt"/><?php echo $install->mostrarerror("1")?></li>
 						<li><label for="password">Password:</label>
 							<input type="password" name="password" id="password" value="" class="txt"/><?php echo $install->mostrarerror("2")?></li>
 						<li><label for="password2">Re-type password:</label>
 							<input type="password" name="password2" id="password2" value="" class="txt"/><?php echo $install->mostrarerror("3")?></li>						
 						<li><label for="email">E-mail:</label>
-							<input type="text" name="email" id="email" value="" class="txt"/><?php echo $install->mostrarerror("4")?></li>						
+							<input type="text" name="email" id="email" value="<?php echo $install->data['email']?>" class="txt"/><?php echo $install->mostrarerror("4")?></li>						
 					</ul>
 				</fieldset><br  />
-				<fieldset>
+				<fieldset class="install">
 					<legend class="install">Tumblelog configuration</legend>
 					<ul>							
 						<li><label for="title">Title:</label>
-							<input type="text" name="title" id="title" value="" class="txt"/></li>
+							<input type="text" name="title" id="title" value="<?php echo $install->data['title']?>" class="txt"/></li>
 						<li><label for="description">Description:</label>
-							<input type="text" name="description" id="description" value="" class="txt"/></li>
+							<input type="text" name="description" id="description" value="<?php echo $install->data['description']?>" class="txt"/></li>
 						<li><label for="url_installation">Installation URL</label>
 							<input type="text" name="url_installation" id="url_installation" value="<?php if(isset($_SERVER['SCRIPT_URI']))echo substr($_SERVER["SCRIPT_URI"], '0', '-12'); ?>" class="txt"/><?php echo $install->mostrarerror("5")?></li>
 						<li><label for="posts_limit">Post limit:</label>
 								<option value="9.50,Australia/Adelaide">(GMT +9:30) Adelaide</option>
 								<option value="9.50Australia/Darwin">(GMT +9:30) Darwin</option>
 								<option value="10,Australia/Brisbane">(GMT +10:00) Brisbane, Guam, Port Moresby</option>
-								<option value="10,Australia/Canberra">(GMT +10:00) Canberra, Hobart, Melbourne, Sydney, Vladivostok</option>
+								<option value="10,Australia/Canberra">(GMT +10:00) Canberra, Hobart, Melbourne, Sydney</option>
 								<option value="11,Asia/Magadan">(GMT +11:00) Magadan, Soloman Is., New Caledonia</option>
 								<option value="12,Pacific/Auckland">(GMT +12:00) Auckland, Wellington</option>
 								<option value="12,Pacific/Fiji">(GMT +12:00) Fiji, Kamchatka, Marshall Is.</option>