admin/create_coy.php

   1 <?php
   2
   3 $page_security = 15;
   4 $path_to_root="..";
   5 include_once($path_to_root . "/includes/session.inc");
   6
   7 include_once($path_to_root . "/includes/date_functions.inc");
   8 include_once($path_to_root . "/admin/db/company_db.inc");
   9 include_once($path_to_root . "/admin/db/maintenance_db.inc");
  10 include_once($path_to_root . "/includes/ui.inc");
  11
  12 page(_("Create/Update Company"));
  13
  14 $comp_subdirs = array('images', 'pdf_files', 'backup','js_cache');
  15
  16 //---------------------------------------------------------------------------------------------
  17
  18 if (isset($_GET['selected_id']))
  19 {
  20         $selected_id = $_GET['selected_id'];
  21 }
  22 elseif (isset($_POST['selected_id']))
  23 {
  24         $selected_id = $_POST['selected_id'];
  25 }
  26 else
  27         $selected_id = -1;
  28
  29 //---------------------------------------------------------------------------------------------
  30
  31 function check_data()
  32 {
  33         return true;
  34 }
  35
  36 //---------------------------------------------------------------------------------------------
  37
  38 function remove_connection($id) {
  39         global $db_connections;
  40
  41         $dbase = $db_connections[$id]['dbname'];
  42         $err = db_drop_db($db_connections[$id]);
  43
  44         unset($db_connections[$id]);
  45         $conn = array_values($db_connections);
  46         $db_connections = $conn;
  47         //$$db_connections = array_values($db_connections);
  48     return $err;
  49 }
  50 //---------------------------------------------------------------------------------------------
  51
  52 function handle_submit()
  53 {
  54         global $db_connections, $def_coy, $tb_pref_counter, $db,
  55             $comp_path, $comp_subdirs;
  56
  57         $new = false;
  58
  59         if (!check_data())
  60                 return false;
  61
  62         $id = $_GET['id'];
  63
  64         $db_connections[$id]['name'] = $_POST['name'];
  65         $db_connections[$id]['host'] = $_POST['host'];
  66         $db_connections[$id]['dbuser'] = $_POST['dbuser'];
  67         $db_connections[$id]['dbpassword'] = $_POST['dbpassword'];
  68         $db_connections[$id]['dbname'] = $_POST['dbname'];
  69         if (isset($_GET['ul']) && $_GET['ul'] == 1)
  70         {
  71                 if (is_numeric($_POST['tbpref']) && $_POST['tbpref'] == 1)
  72                 {
  73                         $db_connections[$id]['tbpref'] = $tb_pref_counter."_";
  74                         $new = true;
  75                 }
  76                 else if ($_POST['tbpref'] != "")
  77                         $db_connections[$id]['tbpref'] = $_POST['tbpref'];
  78                 else
  79                         $db_connections[$id]['tbpref'] = "";
  80         }
  81         if ((bool)$_POST['def'] == true)
  82                 $def_coy = $id;
  83         if (isset($_GET['ul']) && $_GET['ul'] == 1)
  84         {
  85                 $conn = $db_connections[$id];
  86                 if (($db = db_create_db($conn)) == 0)
  87                 {
  88                         display_error(_("Error creating Database: ") . $conn['dbname'] . _(", Please create it manually"));
  89                         remove_connection($id);
  90                         set_global_connection();
  91                         return false;
  92                 }
  93
  94                 $filename = $_FILES['uploadfile']['tmp_name'];
  95                 if (is_uploaded_file ($filename))
  96                 {
  97                         db_import($filename, $conn, $id);
  98                         if (isset($_POST['admpassword']) && $_POST['admpassword'] != "")
  99                                 db_query("UPDATE ".$conn['tbpref']."users set password = '".md5($_POST['admpassword']). "' WHERE user_id = 'admin'");
 100                 }
 101                 else
 102                 {
 103                         display_error(_("Error uploading Database Script, please upload it manually"));
 104                         set_global_connection();
 105                         return false;
 106                 }
 107                 set_global_connection();
 108         }
 109         $error = write_config_db($new);
 110         if ($error == -1)
 111                 display_error(_("Cannot open the configuration file - ") . $path_to_root . "/config_db.php");
 112         else if ($error == -2)
 113                 display_error(_("Cannot write to the configuration file - ") . $path_to_root . "/config_db.php");
 114         else if ($error == -3)
 115                 display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
 116         if ($error != 0) {
 117                 return false;
 118         }
 119         $index = "<?php\nheader(\"Location: ../../index.php\");\n?>";
 120
 121         if ($new) {
 122             $cdir = $comp_path.'/'.($tb_pref_counter-1);
 123             @mkdir($cdir);
 124             save_to_file($cdir.'/'.'index.php', 0, $index);
 125
 126             foreach($comp_subdirs as $dir) {
 127                 @mkdir($cdir.'/'.$dir);
 128                 save_to_file($cdir.'/'.$dir.'/'.'index.php', 0, $index);
 129             }
 130         }
 131         return true;
 132 }
 133
 134 //---------------------------------------------------------------------------------------------
 135
 136 function handle_delete()
 137 {
 138         global $comp_path, $def_coy, $db_connections, $comp_subdirs;
 139
 140         $id = $_GET['id'];
 141
 142         $pref = $db_connections[$id]['tbpref'];
 143         if($pref!='')
 144             $pref = substr($pref, 0, strlen($pref)-1);
 145
 146         $err = remove_connection($id);
 147         if ($err == 0)
 148                 display_error(_("Error removing Database: ") . $dbase . _(", please remove it manuallly"));
 149
 150         if ($def_coy == $id)
 151                 $def_coy = 0;
 152         $error = write_config_db();
 153         if ($error == -1)
 154                 display_error(_("Cannot open the configuration file - ") . $path_to_root . "/config_db.php");
 155         else if ($error == -2)
 156                 display_error(_("Cannot write to the configuration file - ") . $path_to_root . "/config_db.php");
 157         else if ($error == -3)
 158                 display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
 159         if ($error != 0)
 160                 return;
 161
 162         $cdir = $comp_path.'/'.$pref;
 163         flush_dir($cdir);
 164         if (!rmdir($cdir)) {
 165                 display_error(_("Cannot remove company data directory ") . $cdir);
 166                 return;
 167         }
 168
 169         meta_forward($_SERVER['PHP_SELF']);
 170 }
 171
 172 //---------------------------------------------------------------------------------------------
 173
 174 function display_companies()
 175 {
 176         global $table_style, $def_coy, $db_connections;
 177
 178         $coyno = $_SESSION["wa_current_user"]->company;
 179
 180         echo "
 181                 <script language='javascript'>
 182                 function deleteCompany(id) {
 183                         if (!confirm('" . _("Are you sure you want to delete company no. ") . "'+id))
 184                                 return
 185                         document.location.replace('create_coy.php?c=df&id='+id)
 186                 }
 187                 </script>";
 188         start_table($table_style);
 189
 190         $th = array(_("Company"), _("Database Host"), _("Database User"),
 191                 _("Database Name"), _("Table Pref"), _("Default"), "", "");
 192         table_header($th);
 193
 194         $k=0;
 195         $conn = $db_connections;
 196         $n = count($conn);
 197         for ($i = 0; $i < $n; $i++)
 198         {
 199                 if ($i == $def_coy)
 200                         $what = _("Yes");
 201                 else
 202                         $what = _("No");
 203                 if ($i == $coyno)
 204                 start_row("class='stockmankobg'");
 205         else
 206                 alt_table_row_color($k);
 207
 208                 label_cell($conn[$i]['name']);
 209                 label_cell($conn[$i]['host']);
 210                 label_cell($conn[$i]['dbuser']);
 211                 label_cell($conn[$i]['dbname']);
 212                 label_cell($conn[$i]['tbpref']);
 213                 label_cell($what);
 214                 label_cell("<a href=" . $_SERVER['PHP_SELF']. "?selected_id=" . $i . ">" . _("Edit") . "</a>");
 215                 if ($i != $coyno)
 216                         label_cell("<a href='javascript:deleteCompany(" . $i . ")'>" . _("Delete") . "</a>");
 217                 end_row();
 218         }
 219
 220         end_table();
 221     display_note(_("The marked company is the current company which cannot be deleted."), 0, 0, "class='currentfg'");
 222 }
 223
 224 //---------------------------------------------------------------------------------------------
 225
 226 function display_company_edit($selected_id)
 227 {
 228         global $def_coy, $db_connections, $tb_pref_counter, $table_style2;
 229
 230         if ($selected_id != -1)
 231                 $n = $selected_id;
 232         else
 233                 $n = count($db_connections);
 234
 235         start_form(true, true);
 236
 237         echo "
 238                 <script language='javascript'>
 239                 function updateCompany() {
 240                         if (document.forms[0].uploadfile.value!='' && document.forms[0].dbname.value!='') {
 241                                 document.forms[0].action='create_coy.php?c=u&ul=1&id=" . $n . "&fn=' + document.forms[0].uploadfile.value
 242                         }
 243                         else {
 244                                 document.forms[0].action='create_coy.php?c=u&id=" . $n . "&fn=' + document.forms[0].uploadfile.value
 245                         }
 246                         document.forms[0].submit()
 247                 }
 248                 </script>";
 249
 250         start_table($table_style2);
 251
 252         if ($selected_id != -1)
 253         {
 254                 $conn = $db_connections[$selected_id];
 255                 $_POST['name'] = $conn['name'];
 256                 $_POST['host']  = $conn['host'];
 257                 $_POST['dbuser']  = $conn['dbuser'];
 258                 $_POST['dbpassword']  = $conn['dbpassword'];
 259                 $_POST['dbname']  = $conn['dbname'];
 260                 $_POST['tbpref']  = $conn['tbpref'];
 261                 if ($selected_id == $def_coy)
 262                         $_POST['def'] = true;
 263                 else
 264                         $_POST['def'] = false;
 265                 $_POST['dbcreate']  = false;
 266                 hidden('selected_id', $selected_id);
 267                 hidden('tbpref', $_POST['tbpref']);
 268                 hidden('dbpassword', $_POST['dbpassword']);
 269         }
 270         else
 271                 $_POST['tbpref'] = $tb_pref_counter."_";
 272         text_row_ex(_("Company"), 'name', 30);
 273         text_row_ex(_("Host"), 'host', 30);
 274         text_row_ex(_("Database User"), 'dbuser', 30);
 275         if ($selected_id == -1)
 276                 text_row_ex(_("Database Password"), 'dbpassword', 30);
 277         text_row_ex(_("Database Name"), 'dbname', 30);
 278         if ($selected_id == -1)
 279                 yesno_list_row(_("Table Pref"), 'tbpref', 1, $_POST['tbpref'], _("None"), false);
 280         else
 281                 label_row(_("Table Pref"), $_POST['tbpref']);
 282         yesno_list_row(_("Default"), 'def', null, "", "", false);
 283
 284         start_row();
 285         label_cell(_("Database Script"));
 286         label_cell("<input name='uploadfile' type='file'>");
 287         end_row();
 288
 289         text_row_ex(_("New script Admin Password"), 'admpassword', 20);
 290
 291         end_table();
 292         display_note(_("Choose from Database scripts in SQL folder. No Datase is created without a script."), 0, 1);
 293         echo "<center><input onclick='javascript:updateCompany()' type='button' style='width:150' value='". _("Save"). "'>";
 294
 295
 296         end_form();
 297 }
 298
 299
 300 //---------------------------------------------------------------------------------------------
 301
 302 if (isset($_GET['c']) && $_GET['c'] == 'df')
 303 {
 304
 305         handle_delete();
 306 }
 307
 308 if (isset($_GET['c']) && $_GET['c'] == 'u')
 309 {
 310         if (handle_submit())
 311         {
 312                 meta_forward($_SERVER['PHP_SELF']);
 313         }
 314 }
 315
 316
 317 //---------------------------------------------------------------------------------------------
 318
 319 display_companies();
 320
 321 hyperlink_no_params($_SERVER['PHP_SELF'], _("Create a new company"));
 322
 323 display_company_edit($selected_id);
 324
 325 //---------------------------------------------------------------------------------------------
 326
 327 end_page();
 328
 329 ?>