From 9e20b7ddecc31ea9556b6ef9cca081f9262cfc70 Mon Sep 17 00:00:00 2001
From: Mehmet Durgel <md@legrud.net>
Date: Mon, 2 Oct 2017 16:00:25 +0300
Subject: [PATCH] Admin user's username made selectable from installer.

Signed-off-by: Mehmet Durgel <md@legrud.net>
---
 bl-kernel/admin/controllers/edit-user.php |  5 +++--
 bl-kernel/dbpages.class.php               |  4 +++-
 bl-kernel/dbusers.class.php               | 12 ++++++++++++
 install.php                               | 21 +++++++++++++--------
 4 files changed, 31 insertions(+), 11 deletions(-)

diff --git a/bl-kernel/admin/controllers/edit-user.php b/bl-kernel/admin/controllers/edit-user.php
index 9e884692..9e2f0d7e 100644
--- a/bl-kernel/admin/controllers/edit-user.php
+++ b/bl-kernel/admin/controllers/edit-user.php
@@ -43,8 +43,9 @@ function deleteUser($args, $deleteContent=false)
 	global $Language;
 	global $Login;
 
+	$AdminUsername = $dbUsers->getAdminUser()['username'];
 	// The user admin cannot be deleted.
-	if($args['username']=='admin') {
+	if($args['username']==$AdminUsername) {
 		return false;
 	}
 
@@ -57,7 +58,7 @@ function deleteUser($args, $deleteContent=false)
 		$dbPosts->deletePostsByUser($args['username']);
 	}
 	else {
-		$dbPosts->linkPostsToUser($args['username'], 'admin');
+		$dbPosts->linkPostsToUser($args['username'], $AdminUsername);
 	}
 
 	if( $dbUsers->delete($args['username']) ) {
diff --git a/bl-kernel/dbpages.class.php b/bl-kernel/dbpages.class.php
index 74736edd..6b37801b 100644
--- a/bl-kernel/dbpages.class.php
+++ b/bl-kernel/dbpages.class.php
@@ -521,6 +521,8 @@ class dbPages extends dbJSON
 
 	public function regenerateCli()
 	{
+		global $dbUsers;
+		$AdminUsername = $dbUsers->getAdminUser()['username'];
 		$db = $this->db;
 		$newPaths = array();
 		$fields = array();
@@ -564,7 +566,7 @@ class dbPages extends dbJSON
 				// Default values for the new pages.
 				$fields['status'] = CLI_STATUS;
 				$fields['date'] = Date::current(DB_DATE_FORMAT);
-				$fields['username'] = 'admin';
+				$fields['username'] = $AdminUsername;
 
 				// Create the entry for the new page.
 				$this->db[$key] = $fields;
diff --git a/bl-kernel/dbusers.class.php b/bl-kernel/dbusers.class.php
index d40498cd..1c6fc858 100644
--- a/bl-kernel/dbusers.class.php
+++ b/bl-kernel/dbusers.class.php
@@ -72,6 +72,18 @@ class dbUsers extends dbJSON
 		return false;
 	}
 
+	// Return first the username associated with the role 'admin', if a user with 'admin' role not found return FALSE.
+	public function getAdminUser()
+	{
+		foreach($this->db as $username=>$values) {
+			if($values['role']=='admin') {
+				return $username;
+			}
+		}
+
+		return false;
+	}
+
 	// Return TRUE if the user exists, FALSE otherwise.
 	public function userExists($username)
 	{
diff --git a/install.php b/install.php
index ba5453cc..d51267c3 100644
--- a/install.php
+++ b/install.php
@@ -237,7 +237,7 @@ function checkSystem()
 }
 
 // Finish with the installation.
-function install($adminPassword, $email, $timezone)
+function install($adminUsername, $adminPassword, $email, $timezone)
 {
 	global $Language;
 
@@ -327,7 +327,7 @@ function install($adminPassword, $email, $timezone)
 	$data = array(
 		'error'=>array(
 		'description'=>'Error page',
-		'username'=>'admin',
+		'username'=>$adminUsername,
 		'tags'=>array(),
 		'status'=>'published',
 		'date'=>$currentDate,
@@ -339,7 +339,7 @@ function install($adminPassword, $email, $timezone)
 	    	),
 		'about'=>array(
 		'description'=>$Language->get('About your site or yourself'),
-		'username'=>'admin',
+		'username'=>$adminUsername,
 		'tags'=>array(),
 		'status'=>'published',
 		'date'=>$currentDate,
@@ -357,7 +357,7 @@ function install($adminPassword, $email, $timezone)
 	$data = array(
 	$firstPostSlug=>array(
 		'description'=>$Language->get('Welcome to Bludit'),
-		'username'=>'admin',
+		'username'=>$adminUsername,
 		'status'=>'published',
 		'tags'=>array('bludit'=>'Bludit','cms'=>'CMS','flat-files'=>'Flat files'),
 		'allowComments'=>'false',
@@ -399,7 +399,7 @@ function install($adminPassword, $email, $timezone)
 	$passwordHash = sha1($adminPassword.$salt);
 
 	$data = array(
-		'admin'=>array(
+		$adminUsername=>array(
 		'firstName'=>$Language->get('Administrator'),
 		'lastName'=>'',
 		'role'=>'admin',
@@ -551,6 +551,11 @@ function checkPOST($args)
 {
 	global $Language;
 
+	// Check empty username
+	if( strlen($args['username']) < 6 )
+	{
+		return '<div>'.$Language->g('Username must be at least 6 characters long').'</div>';
+	}
 	// Check empty password
 	if( strlen($args['password']) < 6 )
 	{
@@ -567,7 +572,7 @@ function checkPOST($args)
 	$email = sanitize::email($args['email']);
 
 	// Install Bludit
-	install($args['password'], $email, $args['timezone']);
+	install($args['username'], $args['password'], $email, $args['timezone']);
 
 	return true;
 }
@@ -665,7 +670,7 @@ if( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
 		<input type="hidden" name="timezone" id="jstimezone" value="0">
 
 		<div class="uk-form-row">
-		<input type="text" value="admin" class="uk-width-1-1 uk-form-large" disabled>
+		<input name="username" id="jsusername" type="text" class="uk-width-1-1 uk-form-large" value="<?php echo isset($_POST['username'])?$_POST['username']:'' ?>" placeholder="<?php echo $Language->get('Username') ?>">
 		</div>
 
 		<div class="uk-form-row">
@@ -747,4 +752,4 @@ $(document).ready(function()
 </script>
 
 </body>
-</html>
\ No newline at end of file
+</html>