| Index: trunk/phase3/includes/installer/WebInstaller.php |
| — | — | @@ -1007,20 +1007,6 @@ |
| 1008 | 1008 | } |
| 1009 | 1009 | } |
| 1010 | 1010 | |
| 1011 | | - // PHP_SELF isn't available sometimes, such as when PHP is CGI but |
| 1012 | | - // cgi.fix_pathinfo is disabled. In that case, fall back to SCRIPT_NAME |
| 1013 | | - // to get the path to the current script... hopefully it's reliable. SIGH |
| 1014 | | - $path = false; |
| 1015 | | - if ( !empty( $_SERVER['PHP_SELF'] ) ) { |
| 1016 | | - $path = $_SERVER['PHP_SELF']; |
| 1017 | | - } elseif ( !empty( $_SERVER['SCRIPT_NAME'] ) ) { |
| 1018 | | - $path = $_SERVER['SCRIPT_NAME']; |
| 1019 | | - } |
| 1020 | | - if ($path !== false) { |
| 1021 | | - $uri = preg_replace( '{^(.*)/(mw-)?config.*$}', '$1', $path ); |
| 1022 | | - $this->setVar( 'wgScriptPath', $uri ); |
| 1023 | | - } |
| 1024 | | - |
| 1025 | 1011 | return $newValues; |
| 1026 | 1012 | } |
| 1027 | 1013 | |
| — | — | @@ -1067,4 +1053,27 @@ |
| 1068 | 1054 | $img . ' ' . wfMsgHtml( 'config-download-localsettings' ) ); |
| 1069 | 1055 | return Html::rawElement( 'div', array( 'class' => 'config-download-link' ), $anchor ); |
| 1070 | 1056 | } |
| | 1057 | + |
| | 1058 | + public function envCheckPath( ) { |
| | 1059 | + // PHP_SELF isn't available sometimes, such as when PHP is CGI but |
| | 1060 | + // cgi.fix_pathinfo is disabled. In that case, fall back to SCRIPT_NAME |
| | 1061 | + // to get the path to the current script... hopefully it's reliable. SIGH |
| | 1062 | + $path = false; |
| | 1063 | + if ( !empty( $_SERVER['PHP_SELF'] ) ) { |
| | 1064 | + $path = $_SERVER['PHP_SELF']; |
| | 1065 | + } elseif ( !empty( $_SERVER['SCRIPT_NAME'] ) ) { |
| | 1066 | + $path = $_SERVER['SCRIPT_NAME']; |
| | 1067 | + } |
| | 1068 | + if ($path !== false) { |
| | 1069 | + $uri = preg_replace( '{^(.*)/(mw-)?config.*$}', '$1', $path ); |
| | 1070 | + $this->setVar( 'wgScriptPath', $uri ); |
| | 1071 | + } else { |
| | 1072 | + $this->showError( 'config-no-uri' ); |
| | 1073 | + return false; |
| | 1074 | + } |
| | 1075 | + |
| | 1076 | + |
| | 1077 | + return parent::envCheckPath(); |
| | 1078 | + } |
| | 1079 | + |
| 1071 | 1080 | } |
| Index: trunk/phase3/includes/installer/Installer.php |
| — | — | @@ -859,10 +859,6 @@ |
| 860 | 860 | $IP = dirname( dirname( dirname( __FILE__ ) ) ); |
| 861 | 861 | $this->setVar( 'IP', $IP ); |
| 862 | 862 | |
| 863 | | - if( !$this->getVar( 'wgScriptPath' ) ) { |
| 864 | | - $this->showError( 'config-no-uri' ); |
| 865 | | - return false; |
| 866 | | - } |
| 867 | 863 | $this->showMessage( 'config-using-uri', $this->getVar( 'wgServer' ), $this->getVar( 'wgScriptPath' ) ); |
| 868 | 864 | return true; |
| 869 | 865 | } |
| Index: trunk/phase3/includes/installer/Installer.i18n.php |
| — | — | @@ -147,10 +147,13 @@ |
| 148 | 148 | Image thumbnailing will be disabled.', |
| 149 | 149 | 'config-no-uri' => "'''Error:''' Could not determine the current URI. |
| 150 | 150 | Installation aborted.", |
| | 151 | + 'config-no-cli-uri' => "'''Warning''': No --scriptpath specified, using default: <code>$1</code>.", |
| 151 | 152 | 'config-using-server' => 'Using server name "<nowiki>$1</nowiki>".', |
| 152 | 153 | 'config-using-uri' => 'Using server URL "<nowiki>$1$2</nowiki>".', |
| 153 | 154 | 'config-uploads-not-safe' => "'''Warning:''' Your default directory for uploads <code>$1</code> is vulnerable to arbitrary scripts execution. |
| 154 | 155 | Although MediaWiki checks all uploaded files for security threats, it is highly recommended to [http://www.mediawiki.org/wiki/Manual:Security#Upload_security close this security vulnerability] before enabling uploads.", |
| | 156 | + 'config-no-cli-uploads-check' => "'''Warning:''' Your default directory for uploads (<code>$1</code>) is not checked for vulnerability |
| | 157 | +to arbitrary script execution during the CLI install.", |
| 155 | 158 | 'config-brokenlibxml' => 'Your system has a combination of PHP and libxml2 versions which is buggy and can cause hidden data corruption in MediaWiki and other web applications. |
| 156 | 159 | Upgrade to PHP 5.2.9 or later and libxml2 2.7.3 or later ([http://bugs.php.net/bug.php?id=45996 bug filed with PHP]). |
| 157 | 160 | Installation aborted.', |
| Index: trunk/phase3/includes/installer/CliInstaller.php |
| — | — | @@ -13,6 +13,7 @@ |
| 14 | 14 | * @since 1.17 |
| 15 | 15 | */ |
| 16 | 16 | class CliInstaller extends Installer { |
| | 17 | + private $specifiedScriptPath = false; |
| 17 | 18 | |
| 18 | 19 | private $optionMap = array( |
| 19 | 20 | 'dbtype' => 'wgDBtype', |
| — | — | @@ -45,6 +46,10 @@ |
| 46 | 47 | |
| 47 | 48 | parent::__construct(); |
| 48 | 49 | |
| | 50 | + if ( isset( $option['scriptpath'] ) ) { |
| | 51 | + $this->specifiedScriptPath = true; |
| | 52 | + } |
| | 53 | + |
| 49 | 54 | foreach ( $this->optionMap as $opt => $global ) { |
| 50 | 55 | if ( isset( $option[$opt] ) ) { |
| 51 | 56 | $GLOBALS[$global] = $option[$opt]; |
| — | — | @@ -170,4 +175,16 @@ |
| 171 | 176 | exit; |
| 172 | 177 | } |
| 173 | 178 | } |
| | 179 | + |
| | 180 | + public function envCheckPath( ) { |
| | 181 | + if ( !$this->specifiedScriptPath ) { |
| | 182 | + $this->showMessage( 'config-no-cli-uri', $this->getVar("wgScriptPath") ); |
| | 183 | + } |
| | 184 | + return parent::envCheckPath(); |
| | 185 | + } |
| | 186 | + |
| | 187 | + public function dirIsExecutable( $dir, $url ) { |
| | 188 | + $this->showMessage( 'config-no-cli-uploads-check', $dir ); |
| | 189 | + return false; |
| | 190 | + } |
| 174 | 191 | } |