How To Install Oscailt

Before starting an installation, there are two important documents to read.

1. First, make sure that you have read and understood the Requirements Document
2. Second, Unzip the oscailt download file. Read any release notes contained in the INSTALL or README file included in the oscailt directory of the downloaded package.

Database Installation

Before you install Oscailt, you need to configure a MySQL database for oscailt to store its data in. You need to know the following information:

• The Database Name and the server name on which it is hosted.
• A User Name and password for your database account. Your Database user must have permission to create tables in the database in order for the install process to work.

Most commercial ISPs offer MySQL accounts to users and will supply you with the username and password and tell you how to create a database. Otherwise, you can download and install MySQL yourself and follow the supplied documentation.

Once you have a username and password for the database, you can either create a new database for oscailt's tables (recommended) or use an existing one.

The rest of the database installation is handled automatically by Oscailt's install script.

Simple PHP/HTML Installation

1 Copy Files into Position

First copy the contents of the oscailt/html/ directory from the download package into the directory on your web-server where you want to install oscailt.

2 Edit Oscailt Configuration

Next edit the file config/dbconfig.php and change the values of the database settings to the ones that you have set up for oscailt to use. The $prefix setting allows you to specify a prefix that oscailt will apply to the names of all tables. This allows you to use a single database for multiple oscailt installations (you just change the prefix for each oscailt installation).

$dbhost = "database_host";
$dbuname = "your_username";
$dbpass = "your_password";
$dbname = "database_name";
$prefix = "table_prefix";

3 Check Directory Permissions

You need to ensure that your /attachments directory and your /imagecache directory are both visible and writable by your webserver.

The following commands will work (but see security section below).

chmod 0777 attachments chmod 0777 imagecache

You also need to ensure that /cache directory is also writable by your webserver (but see security section below).

4 Load Install Script

Open your web browser and type in the address of the installation directory followed by install.php

eg. if you installed oscailt to http://www.mysite.com/oscailt/
the installation script will be at: =http://www.mysite.com/oscailt/install.php=

The install script will guide you through the rest of the process.

Securing an Oscailt Installation

There are a number of ways in which you can make your oscailt installation more secure.

Using .htaccess

Oscailt is distributed with a .htaccess file. This file is an appache access control file. In order for it to work properly, you will need to have AllowOverride All set for the oscailt installation directory in your apache configuration file.

It is a good idea to move these settings from the .htaccess file to a virtual host section of your apache configuration, so that you can set AllowOverride None for the installation directory and add an extra layer of security.

.htaccess does three basic things for Oscailt:

1. Sets PHP Directives

Oscailt sets the following 3 PHP values in .htaccess.

php_flag magic_quotes_gpc off
php_value session.use_trans_sid 0
php_flag register_globals off  

The first one is required by oscailt, or else you will wind up with lots of /'s in your database. The following two are not required, but are important security measures, especially the former.

2. Provides Basic Security

Oscailt's .htaccess provides basic security for your installation by using mod_rewrite to redirect all requests to non-valid locations to a default page. If you do not have mod_rewrite available, you will need to use alternative means to secure your private files (see following section).

3. Pass Information to the search engine friendly URL rewriter

Search Engine Friendly URLs are dependant on mod_rewrite. You will still be able to use oscailt without them, but the URL's won't be as nice.

Securing Files

In order to gain extra security, the following is the optimal configuration for oscailt.

• The /xmldata directory should not be under your web-directory. However, the /xmldata/templates/ and the /xmldata/exports/ directories and their contents should be writable by the web-server user.
• The /attachments/ directory must be both writable by the web-server and visible to the web-server (ie under its document root).
• The /graphics/ directory should be visible, but not writable.
• The /cache/ directory should be writable, but not visible. (note it is particularly important to prevent direct access to the .inc files in the /cache/objectcache/ directory as they contain encoded protected data.
• The /imagecache/ directory should be visible, but not writable.
• The /logs/ directory should be writable, but not visible.

The only files which should be visible from the web should be those listed in .htaccess

-- VinnieC - 08 Aug 2005 -- ChekovFeeney - 12 Nov 2005