Allow user through if in installer, the installer itself will handle

this. Set wwwroot in the database if possible, so that cron can access it.

htdocs/init.php

@@ -51,26 +51,6 @@ if (!is_readable($CFG->docroot . 'config.php')) {
 require('config.php');
 $CFG = (object)array_merge((array)$cfg, (array)$CFG);
 
-// Fix up paths in $CFG
-foreach (array('docroot', 'dataroot') as $path) {
-    $CFG->{$path} = realpath((substr($CFG->{$path}, -1) != DIRECTORY_SEPARATOR) ? $CFG->{$path} . DIRECTORY_SEPARATOR : $CFG->{$path}) . "/";
-}
-if (!isset($CFG->wwwroot) && isset($_SERVER['HTTP_HOST'])) {
-    $proto = (isset($_SERVER['HTTPS'])) ? 'https://' : 'http://';
-    $host  =  (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'];
-    $path  = substr(dirname(__FILE__), strlen($_SERVER['DOCUMENT_ROOT']));
-    if ($path) {
-        $path .= '/';
-    }
-    $CFG->wwwroot = $proto . $host . '/' . $path;
-}
-if (!isset($CFG->noreplyaddress) && isset($_SERVER['HTTP_HOST'])) {
-    $CFG->noreplyaddress = 'noreply@' .
-        ((isset($_SERVER['HTTP_X_FORWARDED_HOST'])) 
-         ? $_SERVER['HTTP_X_FORWARDED_HOST'] 
-         : $_SERVER['HTTP_HOST']);
-}
-
 // xmldb stuff
 $CFG->xmldbdisablenextprevchecking = true;
 $CFG->xmldbdisablecommentchecking = true;
@@ -129,6 +109,43 @@ catch (SQLException $e) {
     }
 }
 
+// Fix up paths in $CFG
+foreach (array('docroot', 'dataroot') as $path) {
+    $CFG->{$path} = realpath((substr($CFG->{$path}, -1) != DIRECTORY_SEPARATOR) ? $CFG->{$path} . DIRECTORY_SEPARATOR : $CFG->{$path}) . "/";
+}
+if (!isset($CFG->wwwroot) && isset($_SERVER['HTTP_HOST'])) {
+    $proto = (isset($_SERVER['HTTPS'])) ? 'https://' : 'http://';
+    $host  =  (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'];
+    $path  = substr(dirname(__FILE__), strlen($_SERVER['DOCUMENT_ROOT']));
+    if ($path) {
+        $path .= '/';
+    }
+    $wwwroot = $proto . $host . '/' . $path;
+    try {
+        set_config('wwwroot', $wwwroot);
+    }
+    catch (Exception $e) {
+        $CFG->wwwroot = $wwwroot;
+        // Do nothing. The system will most likely not be installed, so we don't care
+        //if (!defined('INSTALLER')) {
+        //    throw $e;
+        //}
+    }
+}
+if (!isset($CFG->noreplyaddress) && isset($_SERVER['HTTP_HOST'])) {
+    $noreplyaddress = 'noreply@' .
+        ((isset($_SERVER['HTTP_X_FORWARDED_HOST'])) 
+         ? $_SERVER['HTTP_X_FORWARDED_HOST'] 
+         : $_SERVER['HTTP_HOST']);
+    try {
+        set_config('noreplyaddress', $noreplyaddress);
+    }
+    catch (Exception $e) {
+        // Do nothing again, same reason as above
+        $CFG->noreplyaddress = $noreplyaddress;
+    }
+}
+
 if (!get_config('theme')) { 
     // if it's not set, we're probably not installed, 
     // so set it in $CFG directly rather than the db which doesn't yet exist
@@ -144,8 +161,11 @@ header('Content-type: text/html; charset=UTF-8');
 require('auth/lib.php');
 $SESSION = new Session;
 $USER    = new User($SESSION);
-// perhaps later, do this as part of creating a user
-auth_setup();
+// The installer does its own auth_setup checking, because some upgrades may
+// break logging in and so need to allow no logins.
+if (!defined('INSTALLER')) {
+    auth_setup();
+}
 
 // check to see if we're installed...
 if (!get_config('installed')