Pushed to v3

1 files changed, 75 insertions, 13 deletions

diff --git a/www/setup.php b/www/setup.php
index 2465822..3e8ca76 100644..100755
--- a/www/setup.php
+++ b/www/setup.php
@@ -1,14 +1,76 @@
-<?
-
-$db = new SQLite3("../database/database.sqlite");
-
-if($db-exec("
-	BEGIN TRANSACTION;
-	CREATE TABLE log (id INTEGER PRIMARY KEY, user INTEGER, login TEXT, FOREIGN KEY(user) REFERENCES user(id));
-	CREATE TABLE user (id INTEGER PRIMARY KEY, name TEXT, adresse TEXT, telefonnummer TEXT, handynummer TEXT, email TEXT, geburtstag TEXT, salt TEXT, password TEXT);
-	COMMIT;
-	")){
-		echo "Success!";
-else{
-	echo "Failure. :(";
+<?php
+
+/*
+	Sets up the database with the necessary tables. Add ?drop to drop _everything_!
+	Don't forget to create a individual pepper in ../database/pepper.txt first!
+*/
+
+$db = new SQLite3("../database/sqlite.db");
+session_start();
+
+$bool = false;
+
+if (version_compare(phpversion(), '5.5', '<')) {
+	echo "You need at least PHP version 5.5 or higher";
+	exit;
+}
+
+foreach ($_GET as $name => $value) {
+	if(preg_match("/drop(ped)?/i",$name)){
+		$bool=true;
+	}
 }
+
+if($bool){
+	if(isset($_SESSION["login"])){
+		session_destroy();
+	}
+	if($db->exec("
+		BEGIN TRANSACTION;
+		DROP TRIGGER delete_files;
+		PRAGMA writable_schema = 1;
+		DELETE FROM sqlite_master WHERE type = 'table';
+		PRAGMA writable_schema = 0;
+		COMMIT;
+		VACUUM;")
+	){
+		echo "dropped everything";
+	} else {
+		echo "error with database";
+	}
+} else {
+	$cleartext_password="password";
+	$email="admin@iamfabulous.de";
+	$pepper = file_get_contents("../database/pepper.txt");
+	if(!$pepper){
+		echo "There is no pepper in '../database/pepper.txt'! <br> Please generate one manually and run this script again.";
+		exit;
+	}
+	$password = $cleartext_password . $pepper;
+	
+	$hash_password = password_hash($password, PASSWORD_DEFAULT);
+
+	if($db->exec("
+		BEGIN TRANSACTION;
+		CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, name TEXT UNIQUE, password TEXT, email TEXT UNIQUE, status INTEGER, register INTEGER);
+		INSERT INTO user (id, name, status, password, email, register) VALUES (NULL, 'admin', 0, '" . $hash_password . "', '" . $email . "', (SELECT strftime('%s', 'now')));
+		CREATE TABLE IF NOT EXISTS log (id INTEGER PRIMARY KEY, user INTEGER, login INTEGER, FOREIGN KEY(user) REFERENCES user(id));
+		CREATE TABLE IF NOT EXISTS banned_user (id INTEGER PRIMARY KEY, ip TEXT, session_id TEXT, time INTEGER);
+		CREATE TABLE IF NOT EXISTS jg(id INTEGER PRIMARY KEY, name TEXT, adresse TEXT, telefonnummer INTEGER, handynummer INTEGER, email TEXT, geburtstag TEXT);
+		CREATE TRIGGER IF NOT EXISTS delete_files AFTER DELETE ON user FOR EACH ROW BEGIN DELETE FROM files WHERE owner=OLD.id; END;
+		COMMIT;")
+	) {
+		$_SESSION["login"] = true;
+		$_SESSION["username"] = "admin";
+		$_SESSION["userid"] = 1;
+
+		include("include.php");
+		header("Refresh: 2; ".$scheme.$_SERVER["HTTP_HOST"]."/");
+		echo "Success! You will redirected any moment.";
+	} else {
+		echo "Failure! :( <br>";
+		echo "Your password: ".$hash_password;
+	}
+}
+//	INSERT INT0 user (id, name, salt, password, status, invites, email, senpai, key) VALUES (NULL, 'admin', '$salt', '$hash_password', 1, 5, 'admin@iamfabulous.de', 0, '11111');
+