<?php

/*
 * Bludit
 * http://www.bludit.com
 * Author Diego Najar
 * Bludit is opensource software licensed under the MIT license.
*/

// Security constant
define('BLUDIT', true);

// Directory separator
define('DS', DIRECTORY_SEPARATOR);

// PATHs
define('PATH_ROOT',		__DIR__.DS);
define('PATH_CONTENT',		PATH_ROOT.'content'.DS);
define('PATH_POSTS',		PATH_CONTENT.'posts'.DS);
define('PATH_UPLOADS',		PATH_CONTENT.'uploads'.DS);
define('PATH_PAGES',		PATH_CONTENT.'pages'.DS);
define('PATH_DATABASES',	PATH_CONTENT.'databases'.DS);
define('PATH_PLUGINS_DATABASES',PATH_CONTENT.'databases'.DS.'plugins'.DS);
define('PATH_KERNEL',		PATH_ROOT.'kernel'.DS);
define('PATH_HELPERS',		PATH_KERNEL.'helpers'.DS);
define('PATH_LANGUAGES',	PATH_ROOT.'languages'.DS);
define('PATH_ABSTRACT',		PATH_KERNEL.'abstract'.DS);
define('DOMAIN',		getenv('HTTP_HOST'));

// HTML PATHs
$base = (dirname(getenv('SCRIPT_NAME'))==DS)?'/':dirname(getenv('SCRIPT_NAME')).'/';
define('HTML_PATH_ROOT', $base);

// JSON
if(!defined('JSON_PRETTY_PRINT')) {
	define('JSON_PRETTY_PRINT', 128);
}

// Check if JSON encode and decode are enabled.
define('JSON', function_exists('json_encode'));

// Multibyte string / UTF-8
define('MB_STRING', extension_loaded('mbstring'));

define('CHARSET', 'UTF-8');

if(MB_STRING)
{
	// Tell PHP that we're using UTF-8 strings until the end of the script.
	mb_internal_encoding(CHARSET);

	// Tell PHP that we'll be outputting UTF-8 to the browser.
	mb_http_output(CHARSET);
}

// PHP Classes
include(PATH_HELPERS.'sanitize.class.php');
include(PATH_HELPERS.'valid.class.php');
include(PATH_HELPERS.'text.class.php');
include(PATH_ABSTRACT.'dbjson.class.php');
include(PATH_KERNEL.'dblanguage.class.php');

// ============================================================================
// FUNCTIONS
// ============================================================================

function getLanguageList()
{
	$files = glob(PATH_LANGUAGES.'*.json');

	$tmp = array();

	foreach($files as $file)
	{
		$t = new dbJSON($file, false);
		$native = $t->db['language-data']['native'];
		$locale = basename($file, '.json');
		$tmp[$locale] = $native;
	}

	return $tmp;
}

// Generate a random string.
// Thanks, http://stackoverflow.com/questions/4356289/php-random-string-generator
function getRandomString($length = 10) {
    return substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
}

// Check if Bludit is installed.
function alreadyInstalled() {
    return file_exists(PATH_DATABASES.'site.php');
}

// Check the system, permissions, php version, modules, etc.
// Returns an array with the problems otherwise empty array.
function checkSystem()
{
	$stdOut = array();
	$dirpermissions = 0755;
	$phpModules = array();

	if(function_exists('get_loaded_extensions')) {
		$phpModules = get_loaded_extensions();
	}

	if(!version_compare(phpversion(), '5.3', '>='))
	{
		$errorText = 'Current PHP version '.phpversion().', you need > 5.3. (ERR_202)';
		error_log($errorText, 0);
		array_push($stdOut, $errorText);

		return $stdOut;
	}

	if(!file_exists(PATH_ROOT.'.htaccess'))
	{
		$errorText = 'Missing file, upload the file .htaccess (ERR_201)';
		error_log($errorText, 0);
		array_push($stdOut, $errorText);
	}

	if(!in_array('dom', $phpModules))
	{
		$errorText = 'PHP module DOM is not installed. (ERR_203)';
		error_log($errorText, 0);
		array_push($stdOut, $errorText);
	}

	if(!in_array('json', $phpModules))
	{
		$errorText = 'PHP module JSON is not installed. (ERR_204)';
		error_log($errorText, 0);
		array_push($stdOut, $errorText);
	}

	if(!is_writable(PATH_CONTENT))
	{
		$errorText = 'Writing test failure, check directory content permissions. (ERR_205)';
		error_log($errorText, 0);
		array_push($stdOut, $errorText);
	}

	return $stdOut;
}

function install($adminPassword, $email, $locale)
{
	$Language = new dbLanguage($locale);

	$stdOut = array();

	// ============================================================================
	// Create directories
	// ============================================================================

	// 7=read,write,execute | 5=read,execute
	$dirpermissions = 0755;
	$firstPostSlug = 'first-post';

	if(!mkdir(PATH_POSTS.$firstPostSlug, $dirpermissions, true))
	{
		$errorText = 'Error when trying to created the directory=>'.PATH_POSTS.$firstPostSlug;
		error_log($errorText, 0);
	}

	if(!mkdir(PATH_PAGES.'error', $dirpermissions, true))
	{
		$errorText = 'Error when trying to created the directory=>'.PATH_PAGES.'error';
		error_log($errorText, 0);
	}

	if(!mkdir(PATH_PLUGINS_DATABASES.'pages', $dirpermissions, true))
	{
		$errorText = 'Error when trying to created the directory=>'.PATH_PLUGINS_DATABASES;
		error_log($errorText, 0);
	}

	if(!mkdir(PATH_UPLOADS, $dirpermissions, true))
	{
		$errorText = 'Error when trying to created the directory=>'.PATH_UPLOADS;
		error_log($errorText, 0);
	}

	// ============================================================================
	// Create files
	// ============================================================================

	$dataHead = "<?php defined('BLUDIT') or die('Bludit CMS.'); ?>".PHP_EOL;

	// File pages.php
	$data = array(
		'error'=>array(
		'description'=>'Error page',
		'username'=>'admin',
		'tags'=>'',
		'status'=>'published',
		'unixTimeCreated'=>1430686755,
		'unixTimeModified'=>0,
		'position'=>0
	    	)
	);

	file_put_contents(PATH_DATABASES.'pages.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);

	// File posts.php
	$data = array(
	$firstPostSlug=>array(
		'description'=>'Welcome to Bludit',
		'username'=>'admin',
		'status'=>'published',
		'tags'=>'welcome, bludit, cms',
		'allowComments'=>false,
		'unixTimeCreated'=>1430875199,
		'unixTimeModified'=>0
		)
	);
	file_put_contents(PATH_DATABASES.'posts.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);

	// File site.php
	$data = array(
		'title'=>'Bludit',
		'slogan'=>'cms',
		'description'=>'',
		'footer'=>'©2015',
		'language'=>$locale,
		'locale'=>$locale,
		'timezone'=>'UTC',
		'theme'=>'pure',
		'adminTheme'=>'default',
		'homepage'=>'',
		'postsperpage'=>'6',
		'uriPost'=>'/post/',
		'uriPage'=>'/',
		'uriTag'=>'/tag/',
		'advancedOptions'=>'false',
		'url'=>'http://'.DOMAIN.HTML_PATH_ROOT
	);

	file_put_contents(PATH_DATABASES.'site.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);

	$salt = getRandomString();
	$passwordHash = sha1($adminPassword.$salt);
	$registered = time();

	// File users.php
	$data = array(
		'admin'=>array(
		'firstName'=>'',
		'lastName'=>'',
		'twitter'=>'',
		'role'=>'admin',
		'password'=>$passwordHash,
		'salt'=>$salt,
		'email'=>$email,
		'registered'=>$registered
		)
	);

	file_put_contents(PATH_DATABASES.'users.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);

	// File plugins/pages/db.php
	$data = array(
		'homeLink'=>true,
		'label'=>$Language->get('Pages')
	);

	file_put_contents(PATH_PLUGINS_DATABASES.'pages'.DS.'db.php', $dataHead.json_encode($data, JSON_PRETTY_PRINT), LOCK_EX);

	// File index.txt for error page
	$data = 'Title: '.$Language->get('Error').'
	Content: '.$Language->get('The page has not been found');

	file_put_contents(PATH_PAGES.'error'.DS.'index.txt', $data, LOCK_EX);

	// File index.txt for welcome post
	$data = 'Title: '.$Language->get('First post').'
Content:

'.$Language->get('Congratulations you have successfully installed your Bludit').'
---

'.$Language->get('Whats next').'
---
- '.$Language->get('Manage your Bludit from the admin panel').'
- '.$Language->get('Follow Bludit on').' [Twitter](https://twitter.com/bludit) / [Facebook](https://www.facebook.com/pages/Bludit/239255789455913) / [Google+](https://plus.google.com/+Bluditcms)
- '.$Language->get('Visit the support forum').'
- '.$Language->get('Read the documentation for more information').'
- '.$Language->get('Share with your friends and enjoy');

	file_put_contents(PATH_POSTS.$firstPostSlug.DS.'index.txt', $data, LOCK_EX);

	return true;
}

function checkPOST($args)
{
	// Check empty password
	if(empty($args['password']))
	{
		return '<div>The password field is empty</div>';
	}

	// Check invalid email
	if( !Valid::email($args['email']) && ($args['noCheckEmail']=='0') )
	{
		return '<div>Your email address is invalid.</div><div id="jscompleteEmail">Proceed anyway!</div>';
	}

	// Sanitize email
	$email = sanitize::email($args['email']);

	// Install Bludit
	install($args['password'], $email, $args['language']);

	return true;
}

// ============================================================================
// MAIN
// ============================================================================

$error = '';

if( alreadyInstalled() ) {
	exit('Bludit already installed');
}

if( $_SERVER['REQUEST_METHOD'] == 'POST' )
{
	$error = checkPOST($_POST);

	if($error===true)
	{
		if(!headers_sent())
		{
			header("Location:".HTML_PATH_ROOT, TRUE, 302);
			exit;
		}

		exit('<meta http-equiv="refresh" content="0; url="'.HTML_PATH_ROOT.'">');
	}
}

?>

<!doctype html>
<html lang="en">
<head>
	<base href="admin/themes/default/">
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1.0">

	<title>Bludit Installer</title>

	<link rel="stylesheet" href="./css/kube.min.css">
	<link rel="stylesheet" href="./css/installer.css">

	<script src="./js/jquery.min.js"></script>
	<script src="./js/kube.min.js"></script>
</head>
<body>
<div class="units-row">
	<div class="unit-centered unit-60">
	<div class="main">
		<h1 class="title">Bludit Installer</h1>
		<p>Welcome to the Bludit installer</p>

		<?php
		$system = checkSystem();

		if(empty($system))
		{
		?>

		<p>Complete the form, choose a password for the username <strong>admin</strong></p>

		<div class="unit-centered unit-40">

		<?php
			if(!empty($error)) {
				echo '<div class="tools-message tools-message-red">'.$error.'</div>';
			}
		?>

		<form id="jsformInstaller" method="post" action="" class="forms" autocomplete="off">

		<input type="hidden" name="noCheckEmail" id="jsnoCheckEmail" value="0">

		<label>
		<input type="text" value="admin" disabled="disabled" class="width-100">
		</label>

		<label>
		<input type="text" name="password" id="jspassword" placeholder="Password, visible field!" class="width-100" autocomplete="off" maxlength="100" value="<?php echo isset($_POST['password'])?$_POST['password']:'' ?>">
		</label>

		<label>
		<input type="text" name="email" id="jsemail" placeholder="Email" class="width-100" autocomplete="off" maxlength="100">
		</label>

		<label for="jslanguage">
		<select id="jslanguage" name="language" class="width-100">
		<?php
			$htmlOptions = getLanguageList();
			foreach($htmlOptions as $locale=>$nativeName) {
			echo '<option value="'.$locale.'">'.$nativeName.'</option>';
			}
		?>
		</select>
		</label>

		<p>
		<button class="btn btn-blue width-100">Install</button>
		</p>
		</form>
		</div>

		<?php
		}
		else
		{
		echo '<div class="unit-centered unit-50">';
		echo '<table class="table-stripped">';

		foreach ($system as $value)
		{
		echo '<tr><td>'.$value.'</td></tr>';
		}

		echo '</table>';
		echo '</div';
		}
		?>
	</div>
	</div>

	<script>
	$(document).ready(function()
	{
	    $("#jscompleteEmail").on("click", function() {
	    	$("#jsnoCheckEmail").val("1");
	    	if(!$("jspassword").val()) {
	    		$("#jsformInstaller").submit();
	    	}
	    });
	});
	</script>

</div>
</body>
</html>