Fixed installer

api/load_site_pages.php

@@ -85,7 +85,7 @@
 	} else {
 	  $allPages[$name]['status'] = 'U';
 	}
-	$pagePermissions = fetchPagePermissions($id);
+	$pagePermissions = fetchPageGroups($id);
 	if ($pagePermissions)
 	  $allPages[$name]['permissions'] = $pagePermissions;
 	else

api/update_page_permission.php

@@ -71,7 +71,7 @@
 	updatePrivate($pageId, $checked);
 } else {
 	// Get the current page permissions
-	$pagePermissions = fetchPagePermissions($pageId);
+	$pagePermissions = fetchPageGroups($pageId);
 
 	// Add the page permission if checked=1 and the page doesn't already have that permission
 	if ($checked == "1") {

api/user_create_user.php

@@ -45,7 +45,7 @@
   exit();
 }
 
-if (!fetchUserAuthById('1')){
+if (!userIdExists('1')){
 	addAlert("danger", lang("MASTER_ACCOUNT_NOT_EXISTS"));
 	header("Location: install/register_root.php");
 	exit();

forgot_password.php

@@ -30,12 +30,6 @@
 */
 
 require_once("models/config.php");
-if (!securePage($_SERVER['PHP_SELF'])){
-  // Forward to 404 page
-  addAlert("danger", "Whoops, looks like you don't have permission to view that page.");
-  header("Location: 404.php");
-  exit();
-}
 
 setReferralPage($_SERVER['PHP_SELF']);
 

header-loggedout.php

@@ -34,13 +34,6 @@
 include('models/db-settings.php');
 include('models/config.php');
 
-if (!securePage($_SERVER['PHP_SELF'])){
-    // Generate AJAX error
-    addAlert("danger", "Whoops, looks like you don't have permission to access this component.");
-    echo json_encode(array("errors" => 1, "successes" => 0));
-    exit();
-}
-
 if ($can_register){
 	echo "
 		<li class='navitem-home'><a href='index.php'>Home</a></li>

install/complete.php

@@ -1,7 +1,7 @@
 <?php
 /*
 
-UserFrosting Version: 0.1
+UserFrosting Version: 0.2
 By Alex Weissman
 Copyright (c) 2014
 
@@ -29,8 +29,8 @@
 
 */
 
-require_once("../models/db-settings.php");
-session_start();
+// This is the config file in the install directory.
+require_once('config.php');
 
 ?>
 

install/config.php

@@ -0,0 +1,60 @@
+<?php
+/*
+
+UserFrosting Version: 0.2
+By Alex Weissman
+Copyright (c) 2014
+
+Based on the UserCake user management system, v2.0.2.
+Copyright (c) 2009-2012
+
+UserFrosting, like UserCake, is 100% free and open-source.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the 'Software'), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+
+*/
+
+// Used to force backend scripts to log errors rather than print them as output
+function logAllErrors($errno, $errstr, $errfile, $errline, array $errcontext) {
+	ini_set("log_errors", 1);
+	ini_set("display_errors", 0);
+
+    error_log("Error ($errno): $errstr in $errfile on line $errline");
+	throw new ErrorException($errstr, 0, $errno, $errfile, $errline);
+}
+
+require_once("../models/db-settings.php");
+require_once("../models/db_functions.php");
+require_once("../models/funcs.php");
+require_once("../models/languages/en.php");
+require_once("../models/class.mail.php");
+require_once("../models/class.user.php");
+require_once("../models/class.newuser.php");
+
+
+defined("MENU_TEMPLATES")
+    or define("MENU_TEMPLATES", dirname(__FILE__) . "/menu-templates/");
+
+// This is the user id of the master (root) account.
+// The root user cannot be deleted, and automatically has permissions to everything regardless of group membership.
+$master_account = 1;
+
+session_start();
+
+?>
+

install/create_root_user.php

@@ -1,7 +1,7 @@
 <?php
 /*
 
-UserFrosting Version: 0.1
+UserFrosting Version: 0.2
 By Alex Weissman
 Copyright (c) 2014
 
@@ -29,24 +29,16 @@
 
 */
 
-// Request method: POST
-
-require_once("../models/db-settings.php");
-require_once("../models/funcs.php");
-require_once("../models/languages/en.php");
-require_once("../models/class.mail.php");
-require_once("../models/class.user.php");
-require_once("../models/class.newuser.php");
-
-session_start();
+// This is the config file in the install directory.
+require_once('config.php');
 
 if (!($root_account_config_token = fetchConfigParameter('root_account_config_token'))){
 	addAlert("danger", lang("INSTALLER_INCOMPLETE"));
 	header('Location: index.php');
 	exit();
 }
 
-if (fetchUserAuthById('1')){
+if (userIdExists('1')){
 	addAlert("danger", lang("MASTER_ACCOUNT_EXISTS"));
 	header('Location: index.php');
 	exit();
@@ -64,7 +56,7 @@
 	$confirm_pass = trim($_POST["passwordc"]);
 	$token = trim($_POST["token"]);
 
-	if ($token != $root_account_config_token['value'])
+	if ($token != $root_account_config_token)
 	{
 		$errors[] = lang("CONFIG_TOKEN_MISMATCH");
 	}

install/index.php

@@ -1,7 +1,7 @@
 <?php
 /*
 
-UserFrosting Version: 0.1
+UserFrosting Version: 0.2
 By Alex Weissman
 Copyright (c) 2014
 
@@ -29,15 +29,10 @@
 
 */
 
-require_once("../models/db-settings.php");
-require_once("../models/funcs.php");
-require_once("../models/languages/en.php");
-require_once("../models/class.mail.php");
-require_once("../models/class.user.php");
-require_once("../models/class.newuser.php");
-session_start();
+// This is the config file in the install directory.
+require_once('config.php');
 
-if (fetchUserAuthById('1')){
+if (userIdExists('1')){
 	addAlert("danger", lang("MASTER_ACCOUNT_EXISTS"));
 	header('Location: complete.php');
 	exit();