define('CIVICRM_WINDOWS', 0);
}
-// set installation type - drupal
-if (!session_id()) {
- if (defined('PANTHEON_ENVIRONMENT')) {
- ini_set('session.save_handler', 'files');
- }
- session_start();
-}
-
-// unset civicrm session if any
-if (array_key_exists('CiviCRM', $_SESSION)) {
- unset($_SESSION['CiviCRM']);
-}
-
-if (isset($_GET['civicrm_install_type'])) {
- $_SESSION['civicrm_install_type'] = $_GET['civicrm_install_type'];
-}
-else {
- if (!isset($_SESSION['civicrm_install_type'])) {
- $_SESSION['civicrm_install_type'] = "drupal";
- }
-}
-
global $installType;
global $crmPath;
global $pkgPath;
global $installDirPath;
global $installURLPath;
-$installType = strtolower($_SESSION['civicrm_install_type']);
+// Set the install type
+// this is sent as a query string when the page is first loaded
+// and subsequently posted to the page as a hidden field
+if (isset($_POST['civicrm_install_type'])) {
+ $installType = $_POST['civicrm_install_type'];
+}
+elseif (isset($_GET['civicrm_install_type'])) {
+ $installType = strtolower($_GET['civicrm_install_type']);
+}
+else {
+ // default value if not set
+ $installType = "drupal";
+}
if ($installType == 'drupal' || $installType == 'backdrop') {
$crmPath = dirname(dirname($_SERVER['SCRIPT_FILENAME']));
}
}
- // Bootstrap Drupal to get settings
- drupal_bootstrap(DRUPAL_BOOTSTRAP_CONFIGURATION);
+ // Bootstrap Drupal to get settings and user
+ $base_root = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
+ $base_root .= '://' . $_SERVER['HTTP_HOST'];
+ $base_url = $base_root;
+ drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
+
+ // Check that user is logged in and has administrative permissions
+ // This is necessary because the script exposes the database settings in the form and these could be viewed by unauthorised users
+ if ((!function_exists('user_access')) || (!user_access('administer site configuration'))) {
+ $errorTitle = ts("You don't have permission to access this page");
+ $errorMsg = ts("The installer can only be run by a user with the permission to administer site configuration.");
+ errorDisplayPage($errorTitle, $errorMsg);
+ exit();
+ }
if (!defined('VERSION') or version_compare(VERSION, '6.0') < 0) {
$errorTitle = ts("Oops! Incorrect Drupal version");
$output .= "<li>" . ts("Use the <a %1>Configuration Checklist</a> to review and configure settings for your new site", array(1 => "target='_blank' href='$cmsURL'")) . "</li>";
$output .= $commonOutputMessage;
- echo '</ul>';
- echo '</div>';
+ $output .= '</ul>';
+ $output .= '</div>';
+ echo $output;
$c = CRM_Core_Config::singleton(FALSE);
$c->free();
- $wpInstallRedirect = admin_url("?page=CiviCRM&q=civicrm&reset=1");
+ $wpInstallRedirect = admin_url('admin.php?page=CiviCRM&q=civicrm&reset=1');
echo "<script>
window.location = '$wpInstallRedirect';
</script>";