added basic install script and readme

README.md

@@ -0,0 +1,6 @@
+# 3words
+
+## Installation
+
+Edit `config.php` to your needs.  Afterwards, run `install.php`.  Make sure to
+delete this file after installation.

config.php

@@ -0,0 +1,51 @@
+<?php
+/*
+ * 3words configuration file
+ */
+
+$MYSQL_SERVER   = "localhost";
+$MYSQL_DATABASE = "";
+$MYSQL_USERNAME = "";
+$MYSQL_PASSWORD = "";
+
+// Please comment or delete the next line.
+die('Please edit config.php!');
+
+// Don't touch anything below here.
+
+$sql = new mysqli($MYSQL_SERVER,
+                  $MYSQL_USERNAME,
+                  $MYSQL_PASSWORD,
+                  $MYSQL_DATABASE);
+
+if ($sql->connect_errno) {
+  echo '<!-- Failed to connect to MySQL server: ' . $sql->connect_error . ' ('
+        . $sql->connect_errno . ') --><style>*{background:red !important;}'
+        . '</style>';
+}
+
+// some useful functions
+function gen_salt($length, $charset='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789') {
+  $str = '';
+  $count = strlen($charset);
+  while ($length--) {
+    $str .= $charset[mt_rand(0, $count-1)];
+  }
+  return $str;
+}
+
+function crypt_password ($pass, $salt) {
+  return crypt($pass, "$2y$08$" . $salt);
+}
+
+// the
+session_start();
+
+if (!isset($notemplate)) {
+  require_once 'ext/rain.tpl.class.php';
+  
+  raintpl::configure("path_replace", false);
+  raintpl::configure("tpl_dir", "views/");
+  
+  $tpl = new RainTPL;
+}

install.php

@@ -0,0 +1,106 @@
+<?php
+/* This file is part of 3words
+ * 
+ * (c) 2014 Leafcat Coding -- http://leafc.at
+ * 
+ * License: AGPLv3, see LICENSE for full license text
+ *
+ * This file was touched by:
+ *  - nilsding  <nilsding@nilsding.org>
+ *
+ * Oh, and before I forget...
+ *     ________  __________ __    ____  __  ______ 
+ *    / ____/ / / / ____/ //_/   / __ \/ / / / __ \
+ *   / /_  / / / / /   / ,<     / /_/ / /_/ / /_/ / with
+ *  / __/ / /_/ / /___/ /| |   / ____/ __  / ____/   a
+ * /_/    \____/\____/_/ |_|  /_/   /_/ /_/_/     cactus!
+ *
+ * Thanks for listening.
+ */
+
+$notemplate = true;
+
+include_once 'config.php';
+?>
+<!DOCTYPE html>
+<html>
+<head>
+  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+  <title>Installation</title>
+</head>
+<body>
+
+  <h1>Installation</h1>
+
+<?php if (isset($_POST['step1'])) { // step 1: create tables
+  $sql_str = <<<SQL
+CREATE TABLE IF NOT EXISTS `words` (
+  `id` INT NOT NULL AUTO_INCREMENT,
+  `word1` VARCHAR(45) NULL,
+  `word2` VARCHAR(45) NULL,
+  `word3` VARCHAR(45) NULL,
+  `author` VARCHAR(45) NULL,
+  `created_at` TIMESTAMP NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
+
+CREATE TABLE IF NOT EXISTS `config` (
+  `key` VARCHAR(25) NOT NULL,
+  `value` TEXT NULL,
+  PRIMARY KEY (`key`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
+SQL
+;
+
+  if (!$sql->multi_query($sql_str)) { ?>
+<h2>An error occurred</h2>
+<pre><?php echo $sql->error; ?></pre>
+<form method="POST">
+  <input type="hidden" name="step1" value="1">
+  <button type="submit">Retry</button>
+</form>
+  <?php } else {
+fuckyourself: ?>
+
+<h2>Step 1: Login details</h2>
+<form method="POST">
+  <label>Site name: <input type="text" name="sitename" value="3words"></label><br />
+  <label>User name: <input type="text" name="username"></label><br />
+  <label>Password: <input type="password" id="p1" name="password"></label><br />
+  <label>Password (again): <input type="password" id="p2" name="passwordconfirm"></label><br />
+  <input type="hidden" name="step2" value="2">
+  <button type="submit">Submit</button>
+</form>
+
+<?php }} else if (isset($_POST['step2'])) { // step2: create user
+  if ($_POST['password'] !== $_POST['passwordconfirm']) {
+    echo "<p>The passwords did not match</p>";
+    goto fuckyourself; // the goto keyword was introduced in PHP 5.3... so why don't use it?
+  }
+  $sql_str = "INSERT INTO `config` (`key`, `value`) VALUES ('sitename', '" . $sql->real_escape_string($_POST['sitename']) . "'); " .
+             "INSERT INTO `config` (`key`, `value`) VALUES ('username', '" . $sql->real_escape_string($_POST['username']) . "'); " .
+             "INSERT INTO `config` (`key`, `value`) VALUES ('password', '" . $sql->real_escape_string(crypt_password($_POST['password'], gen_salt(22))) . "');";
+  if (!$sql->multi_query($sql_str)) { ?>
+<h2>An error occurred</h2>
+<pre><?php echo $sql->error; ?></pre>
+<form method="POST">
+  <label>Site name: <input type="text" name="sitename" value="<?php echo htmlspecialchars($_POST['sitename']); ?>"></label><br />
+  <label>User name: <input type="text" name="username" value="<?php echo htmlspecialchars($_POST['username']); ?>"></label><br />
+  <label>Password: <input type="password" id="p1" name="password"></label><br />
+  <label>Password (again): <input type="password" id="p2" name="passwordconfirm"></label><br />
+  <input type="hidden" name="step2" value="2">
+  <button type="submit">Retry</button>
+</form>
+  <?php } else { ?>
+<h2>Step 3: Enjoy!</h2>
+You now should delete this file.  Have fun.
+<?php }} else { // step 0: click next to continue ?>
+  <h2>Step 0: Click the damn button to start</h2>
+  <form method="POST">
+    <input type="hidden" name="step1" value="1">
+    <button type="submit">Click me hard!</button>
+  </form>
+<?php } ?>
+
+</body>
+</html>