creating a install.php feature.

[Pezmc]

I have made a hit counter script but I would like a client to be able to download it upload it and run install.php. They then fill in a form with mysql address password etc, and a config.php file is created with all this information for the script to use, the script then creates tables in the database and then self combusts (deletes its self) how can I go about doing this?

[Hypnos]

[code]
<?php
$conn = mysql_connect($host,$user,$password);
if (!$conn) die ("Could not connect to $host with user $user. Maybe your password is wrong?");
mysql_select_db($database,$conn) or die ("Could not open database. Are you sure you typed the name correctly?");

$querycheck = "SELECT * FROM counts";
$resultscheck = mysql_query($querycheck);
if (!$resultscheck) {
$query="CREATE TABLE...";
mysql_query($query);

}
else echo "The table is already there. Want to clear it or use it?";
...
[/code]

By all means, do NOT copy and paste this code. I'm just trying to give you an idea of how you can accoplish this.

Of course you have to define the vars with a read of your config file, and you probably don't want to use a query/method like that to check if the table is already there.

As far as deleteing the file, I would go the PHPbb way. Have your counter detect if the files are there. If they are, then don't run the main script, and just die with a "Please delete X.php and Y.php for security reasons".

[mattd8752]

Depending on the depth.  If you want to copy file from your server to start (they download install.php, the rest is made by this script).  You would ask for their FTP address & their username and password.

For example, I use this on my site:[code]include "archive.php";
$username = "YOUR FTP THAT ANYONE CAN ACCESS";
$password = "PASS FOR THAT FTP";
$directory = "THE FTP FOLDER TO LOAD (ex: ftp.yourdomain.com/www/installerfile)"
$file = "ftp://".$username.":".$password."@". $directory;
$newfile = 'drag.js';
if(!copy($file, $newfile)){
echo "failed to copy $file...\n";
}else{
echo $file . " coppied successfully.<br>";
}[/code]

Given that method you would also be able to set their FTP address if you didn't want to make them CHMOD to 777 (more secure).  They will have to CHMOD if you don't ask for their FTP address and details.  I recommend you setup your custom FTP account just for this script, give it limited access, and see if it still needs the folder names to view those files.

Next you would run SQL queries and create the config.php file.  You can take out whatever fields you don't want.  Notice how I used single quotes.  Anyway, Please give me credit if you use this:[code]
function install($dbuser, $dbpass, $dbname, $sitename){
$fp = fopen('../config.php','w');
$content = '<?php
$dbuser = "'.$dbuser.'";
$dbpass = "'.$dbpass.'";
$dbname = "'.$dbname.'";
$dbhost = "localhost";
$sitename = "'.$sitename.'";
?>';
if(fwrite($fp, $content . "")){
echo "Part 1 Success";
}else{
echo "Part 1 Failed";
}
fclose($fp);
//sql
// connect to the mysql database server.
mysql_connect ($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname) or die('Part 2 Failed');
$query = 'CREATE TABLE users(
id INT NOT NULL AUTO_INCREMENT,
PRIMARY KEY(id),
username VARCHAR(10) NOT NULL,
password VARCHAR(8) NOT NULL,
email VARCHAR(40) NOT NULL,
money INT(10) NOT NULL,
food INT(10) NOT NULL,
wood INT(10) NOT NULL,
metal INT(10) NOT NULL,
gold INT(10) NOT NULL)';
$result = mysql_query($query);
echo "Part 2 Success";
}
if(isset($_POST['dbuser']) && isset($_POST['dbpass']) && isset($_POST['dbname']) && isset($_POST['sitename'])){
install($_POST['dbuser'], $_POST['dbpass'], $_POST['dbname'], $_POST['sitename']);
}else{
echo'<form method="POST" action="index.php">
  <p><b>General Settings:</b><br />Site Name:<input type="text" name="sitename" size="20"></p>
  <p>&nbsp;</p>
  <p><b>Database Settings:</b><br />Username:<input type="text" name="dbuser" size="20"><br />Password:<input type="text" name="dbpass" size="20"><br />Database Name:<input type="text" name="dbname" size="20"></p>
  <p><input type="submit" value="Submit" name="B1"></p>
</form>';
}
?>[/code]

I wrote it myself for an old RPG game I made.  Anyway, if you do use it, please add a little note that the installer was created by mattdsworld.theicy.net (or just tell them mattd8752 from the phpfreaks community).  Anyway, if you don't understand any of this code please message me.  It should all work in php 4.  Your definately going to want to edit the SQL query.  But that is quite easy, just get your new SQL from phpMyAdmin.

As for deleting files, not completly necessary.  The best method is to lock off the code.  To lock it off you would:
1) check if config.php exists
2) put the whole script in an IF statement and make it only run if config.php exists
3) OPTIONAL fwrite() the file to be blank, or even record their IP address if they are attempting to load the page.

I recommend using FTP access to write the data so that 777 CHMODDING is not required.  You could also reverse this process.  You could make the copying happen on your server (so you never have to give out an FTP account), and then make it forward to the second page on their server to setup the database.  I would only reccomend using the install script on their server if you can make the FTP access account READ ONLY.  Only a few servers allow you to create this type of account.

[Pezmc]

but how do i: make php chmod a folder, create a file and put stuff in the file?

[mattd8752]

for chmod: when your at a ftp:// address use chmod(), look it up at php.net.

The fopen half of my second script will write that data in the following variable to their config.php.  If it is running from ftp to get full permission it will create config.php.