2 /**********************************************************************
3 Copyright (C) FrontAccounting, LLC.
4 Released under the terms of the GNU General Public License,
5 GPL, as published by the Free Software Foundation, either version
6 3 of the License, or (at your option) any later version.
7 This program is distributed in the hope that it will be useful,
8 but WITHOUT ANY WARRANTY; without even the implied warranty of
9 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
10 See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
11 ***********************************************************************/
14 * @return Returns the array sorted as required
15 * @param $aryData Array containing data to sort
16 * @param $strIndex name of column to use as an index
17 * @param $strSortBy Column to sort the array by
18 * @param $strSortType String containing either asc or desc [default to asc]
19 * @desc Naturally sorts an array using by the column $strSortBy
21 define('EXPORT_MAX_INSERT', 50000);
23 function array_natsort($aryData, $strIndex, $strSortBy, $strSortType=false)
25 // if the parameters are invalid
26 if (!is_array($aryData) || !$strSortBy)
30 // create our temporary arrays
31 $arySort = $aryResult = array();
33 // loop through the array
34 foreach ($aryData as $key => $aryRow)
35 // set up the value in the array
36 $arySort[$strIndex ? $aryRow[$strIndex] : $key] = $aryRow[$strSortBy];
38 // apply the natural sort
41 // if the sort type is descending
42 if ($strSortType=="desc")
46 // loop through the sorted and original data
47 foreach ($arySort as $arySortKey => $arySorted)
50 foreach ($aryData as $aryOriginal)
52 if ($aryOriginal[$strIndex]==$arySortKey)
53 // add it to the output array
54 array_push($aryResult, $aryOriginal);
56 $aryResult[$arySortKey] = $aryData[$arySortKey];
61 function update_admin_password($conn, $password)
63 $sql = "UPDATE ".$conn['tbpref']."users SET password=".db_escape($password) . "
64 WHERE user_id='admin'";
65 db_query($sql, "could not update user password for 'admin'");
68 function write_config_db($new = false)
70 global $path_to_root, $def_coy, $db_connections, $tb_pref_counter;
74 $n = count($db_connections);
76 $msg .= "/*Connection Information for the database\n";
77 $msg .= "\$def_coy - the default company that is pre-selected on login\n\n";
78 $msg .= "'host' - the computer ip address or name where the database is. The default is 'localhost' assuming that the web server is also the sql server.\n\n";
79 $msg .= "'dbuser' - the user name under which the company database should be accessed.\n";
80 $msg .= " NB it is not secure to use root as the dbuser with no password - a user with appropriate privileges must be set up.\n\n";
81 $msg .= "'dbpassword' - the password required for the dbuser to authorise the above database user.\n\n";
82 $msg .= "'dbname' - the name of the database as defined in the RDMS being used. Typically RDMS allow many databases to be maintained under the same server.\n";
83 $msg .= "'tbpref' - prefix on table names, or '' if not used. Always use non-empty prefixes if multiply company use the same database.\n";
86 $msg .= "\$def_coy = " . $def_coy . ";\n\n";
87 $msg .= "\$tb_pref_counter = " . $tb_pref_counter . ";\n\n";
88 $msg .= "\$db_connections = " .var_export($db_connections, true);
91 $filename = $path_to_root . "/config_db.php";
92 // Check if the file exists and is writable first.
93 if ((!file_exists($filename) && is_writable($path_to_root)) || is_writable($filename))
95 if (!$zp = fopen($filename, 'w'))
101 if (!fwrite($zp, $msg))
117 function write_extensions($extensions=null, $company = -1)
119 global $path_to_root, $installed_extensions, $next_extension_id;
121 if (!isset($extensions)) {
122 $extensions = $installed_extensions;
124 if (!isset($next_extension_id)) {
125 $next_extension_id = 1;
131 "/* List of installed additional extensions. If extensions are added to the list manually
132 make sure they have unique and so far never used extension_ids as a keys,
133 and \$next_extension_id is also updated. More about format of this file yo will find in
134 FA extension system documentation.
136 \n\$next_extension_id = $next_extension_id; // unique id for next installed extension\n\n";
140 Do not edit this file manually. This copy of global file is overwritten
141 by extensions editor.
144 $msg .= "\$installed_extensions = ". var_export($extensions, true);
146 $filename = $path_to_root . ($company==-1 ? '' : '/company/'.$company)
147 .'/installed_extensions.php';
149 // Check if the file is writable first.
150 if (!$zp = @fopen($filename, 'w'))
152 display_error(sprintf(_("Cannot open the extension setup file '%s' for writing."),
158 if (!fwrite($zp, $msg))
160 display_error(sprintf(_("Cannot write to the extensions setup file '%s'."),
170 //---------------------------------------------------------------------------------------------
172 // Update per-company list of installed extensions
174 function update_extensions($extensions) {
175 global $db_connections;
177 if (!write_extensions($extensions)) {
178 display_notification(_("Cannot update system extensions list."));
182 // update per company files
183 $cnt = max(1, count($db_connections));
184 for($i = 0; $i < $cnt; $i++)
186 $newexts = $extensions;
187 // update 'active' status
188 $exts = get_company_extensions($i);
189 foreach ($exts as $key => $ext)
191 if (isset($newexts[$key]))
192 $newexts[$key]['active'] = $exts[$key]['active'];
194 if(!write_extensions($newexts, $i))
196 display_notification(sprintf(_("Cannot update extensions list for company '%s'."),
197 $db_connections[$i]['name']));
205 function write_lang()
207 global $path_to_root, $installed_languages, $dflt_lang;
209 $installed_languages = array_natsort($installed_languages, 'code', 'code');
210 $n = count($installed_languages);
213 $msg .= "/* How to make new entries here for non-packaged languages:\n\n";
214 $msg .= "-- 'code' should match the name of the directory for the language under \\lang\n.";
215 $msg .= "-- 'name' is the name that will be displayed in the language selection list (in Users and Display Setup)\n";
216 $msg .= "-- 'rtl' only needs to be set for right-to-left languages like Arabic and Hebrew\n";
217 $msg .= "-- 'encoding' used in translation file\n";
218 $msg .= "-- 'version' always set to '' for manually installed languages.\n";
219 $msg .= "-- 'path' installation path related to FA root (e.g. 'lang/en_US').\n";
222 $msg .= "\$installed_languages = " . var_export($installed_languages, true);
224 $msg .= "\n\$dflt_lang = '$dflt_lang';\n?>\n";
226 $path = $path_to_root . "/lang";
227 $filename = $path.'/installed_languages.inc';
228 // Check if directory exists and is writable first.
229 if (file_exists($path) && is_writable($path))
231 if (!$zp = fopen($filename, 'w'))
233 display_error(_("Cannot open the languages file - ") . $filename);
238 if (!fwrite($zp, $msg))
240 display_error(_("Cannot write to the language file - ") . $filename);
250 display_error(_("The language files folder ") . $path . _(" is not writable. Change its permissions so it is, then re-run the operation."));
256 function db_import($filename, $connection, $force=true)
258 global $db, $go_debug, $sql_trail;
262 $allowed_commands = array(
263 "create" => 'table_queries',
264 "delimiter" => 'table_queries',
265 "alter table" => 'table_queries',
266 "insert" => 'data_queries',
267 "update" => 'data_queries',
268 "drop table if exists" => 'drop_queries',
269 "drop function if exists" => 'drop_queries',
270 "drop trigger if exists" => 'drop_queries',
272 $ignored_mysql_errors = array( //errors ignored in normal (non forced) mode
273 '1022', // duplicate key
274 '1050', // Table %s already exists
275 '1060', // duplicate column name
276 '1061', // duplicate key name
277 '1062', // duplicate key entry
278 '1091' // can't drop key/column check if exists
280 $data_queries = array();
281 $drop_queries = array();
282 $table_queries = array();
283 $sql_errors = array();
285 ini_set("max_execution_time", "180");
286 db_query("SET foreign_key_checks=0");
287 // uncrompress gziped backup files
288 if (strpos($filename, ".gz") || strpos($filename, ".GZ"))
289 $lines = db_ungzip("lines", $filename);
290 elseif (strpos($filename, ".zip") || strpos($filename, ".ZIP"))
291 $lines = db_unzip("lines", $filename);
293 $lines = file("". $filename);
298 foreach($lines as $line_no => $line)
302 $line = str_replace("0_", $connection["tbpref"], $line);
304 if ($query_table == '')
305 { // check if line begins with one of allowed queries
306 foreach($allowed_commands as $cmd => $table)
308 if (strtolower(substr($line, 0, strlen($cmd))) == $cmd)
310 if ($cmd == 'delimiter') {
311 $delimiter = trim(substr($line, 10));
314 $query_table = $table;
315 ${$query_table}[] = array('', $line_no+1);
320 if($query_table != '') // inside allowed query
322 $table = $query_table;
324 if (substr($line, -strlen($delimiter)) == $delimiter) // end of query found
326 $line = substr($line, 0, strlen($line) - strlen($delimiter)); // strip delimiter
329 ${$table}[count(${$table}) - 1][0] .= $line . "\n";
334 { // for debugging purposes
335 global $path_to_root;
336 $f = fopen($path_to_root.'/tmp/dbimport.txt', 'w+');
337 fwrite($f, print_r($drop_queries,true) ."\n");
338 fwrite($f, print_r($table_queries,true) ."\n");
339 fwrite($f, print_r($data_queries,true));
343 // execute drop tables if exists queries
344 if (is_array($drop_queries))
346 foreach($drop_queries as $drop_query)
348 if (!db_query($drop_query[0]))
350 if (!in_array(db_error_no(), $ignored_mysql_errors) || !$force)
351 $sql_errors[] = array(db_error_msg($db), $drop_query[1]);
356 // execute create tables queries
357 if (is_array($table_queries))
359 foreach($table_queries as $table_query)
361 if (!db_query($table_query[0]))
363 if (!in_array(db_error_no(), $ignored_mysql_errors) || !$force) {
364 $sql_errors[] = array(db_error_msg($db), $table_query[1]);
370 // execute insert data queries
371 if (is_array($data_queries))
373 foreach($data_queries as $data_query)
375 if (!db_query($data_query[0]))
377 if (!in_array(db_error_no(),$ignored_mysql_errors) || !$force)
378 $sql_errors[] = array(db_error_msg($db), $data_query[1]);
383 db_query("SET foreign_key_checks=1");
384 if ($delimiter != ';') db_query("delimiter ;"); // just for any case
386 if (count($sql_errors)) {
387 // display first failure message; the rest are probably derivative
388 $err = $sql_errors[0];
389 display_error(sprintf(_("SQL script execution failed in line %d: %s"),
396 // returns the content of the gziped $path backup file. use of $mode see below
397 function db_ungzip($mode, $path)
399 $file_data = gzfile($path);
400 // returns one string or an array of lines
401 if ($mode != "lines")
402 return implode("",$file_data);
407 // returns the content of the ziped $path backup file. use of $mode see below
408 function db_unzip($mode, $path)
411 $all = implode("", file($path));
413 // convert path to name of ziped file
414 $filename = preg_replace("/.*\//", "", $path);
415 $filename = substr($filename, 0, strlen($filename) - 4);
417 // compare filname in zip and filename from $_GET
418 if (substr($all, 30, strlen($filename)-4) . substr($all, 30+strlen($filename)+9, 4)
420 return ''; // exit if names differ
424 // get the suffix of the filename in hex
425 $crc_bugfix = substr($all, 30, strlen($filename)+13);
426 $crc_bugfix = substr(substr($crc_bugfix, 0, strlen($crc_bugfix) - 4),
427 strlen($crc_bugfix) - 12 - 4);
429 // convert hex to ascii
430 for ($i=0; $i < 12; )
431 $suffix .= chr($crc_bugfix[$i++] . $crc_bugfix[$i++] . $crc_bugfix[$i++]);
433 // remove central directory information (we have always just one ziped file)
434 $comp = substr($all, -(strlen($all) - 30 - strlen($filename)-13));
435 $comp = substr($comp, 0, (strlen($comp) - 80 - strlen($filename)-13));
437 // fix the crc bugfix (see function save_to_file)
438 $comp = "x
\9c" . $comp . $suffix;
439 $file_data = gzuncompress($comp);
442 // returns one string or an array of lines
443 if ($mode != "lines")
446 return explode("\n", $file_data);
449 function db_backup($conn, $ext='no', $comm='', $tbpref = TB_PREF)
451 if ($conn['tbpref'] != "")
452 $filename = $conn['dbname'] . "_" . $conn['tbpref'] . date("Ymd_Hi") . ".sql";
454 $filename = $conn['dbname'] . "_" . date("Ymd_Hi") . ".sql";
456 return db_export($conn, clean_file_name($filename), $ext, $comm, $tbpref);
459 // generates a dump of $db database
460 // $drop and $zip tell if to include the drop table statement or dry to pack
461 function db_export($conn, $filename, $zip='no', $comment='', $tbpref = TB_PREF, $no_default=false)
464 global $app_title, $version, $power_url, $path_to_root;
467 // set max string size before writing to file
468 $max_size = 1048576 * 2; // 2 MB
469 // changes max size if value can be retrieved
470 if (ini_get("memory_limit"))
471 $max_size = 900000 * ini_get("memory_limit");
473 // set backupfile name
475 $backupfile = $filename . ".gz";
476 elseif ($zip == "zip")
477 $backupfile = $filename . ".zip";
479 $backupfile = $filename;
480 $company = get_company_pref('coy_name', $tbpref);
483 $out="# MySQL dump of database '".$conn["dbname"]."' on host '".$conn["host"]."'\n";
484 $out.="# Backup Date and Time: ".date("Y-m-d H:i")."\n";
485 $out.="# Built by " . $app_title . " " . $version ."\n";
486 $out.="# ".$power_url."\n";
487 $out.="# Company: ". @html_entity_decode($company, ENT_QUOTES, $_SESSION['language']->encoding)."\n";
488 $out.="# User: ".$_SESSION["wa_current_user"]->name."\n\n";
490 // write users comment
493 $out .= "# Comment:\n";
494 $comment=preg_replace("'\n'","\n# ","# ".$comment);
495 //$comment=str_replace("\n", "\n# ", $comment);
496 foreach(explode("\n",$comment) as $line)
501 //$out.="use ".$db.";\n"; we don't use this option.
503 // get auto_increment values and names of all tables
504 $res = db_query("show table status");
505 $all_tables = array();
506 while($row = db_fetch($res))
508 if (($conn["tbpref"] == "" && !preg_match('/[0-9]+_/', $row['Name'])) ||
509 ($conn["tbpref"] != "" && strpos($row['Name'], $conn["tbpref"]) === 0))
510 $all_tables[] = $row;
512 // get table structures
513 foreach ($all_tables as $table)
515 $res1 = db_query("SHOW CREATE TABLE `" . $table['Name'] . "`");
516 $tmp = db_fetch($res1);
517 $table_sql[$table['Name']] = $tmp["Create Table"];
522 if (isset($table_sql))
524 foreach($table_sql as $tablenme=>$table)
527 // save all tables, needed for creating this table in $fks
528 while (($ref_pos = strpos($tmp_table, " REFERENCES ")) > 0)
530 $tmp_table = substr($tmp_table, $ref_pos + 12);
531 $ref_pos = strpos($tmp_table, "(");
532 $fks[$tablenme][] = substr($tmp_table, 0, $ref_pos);
537 $all_tables = order_sql_tables($all_tables, $fks);
539 // as long as no error occurred
542 foreach ($all_tables as $row)
544 $tablename = $row['Name'];
545 $auto_incr[$tablename] = $row['Auto_increment'];
549 $out.="### Structure of table `".$tablename."` ###\n\n";
551 $out.="DROP TABLE IF EXISTS `".$tablename."`;\n\n";
552 if ($no_default && ($def_pos = strpos($table_sql[$tablename], "DEFAULT CHARSET")) > 0)
553 $table_sql[$tablename] = substr($table_sql[$tablename], 0, $def_pos);
554 $out.=$table_sql[$tablename];
556 // add auto_increment value
557 // if ($auto_incr[$tablename])
558 // $out.=" AUTO_INCREMENT=".$auto_incr[$tablename];
565 $out.="### Data of table `".$tablename."` ###\n";
567 // check if field types are NULL or NOT NULL
568 $res3 = db_query("SHOW COLUMNS FROM `" . $tablename . "`");
570 $field_null = array();
571 for ($j = 0; $j < db_num_rows($res3); $j++)
573 $row3 = db_fetch($res3);
574 $field_null[] = $row3[2]=='YES' && $row3[4]===null;
577 $res2 = db_query("SELECT * FROM `" . $tablename . "`");
580 for ($j = 0; $j < db_num_rows($res2); $j++)
582 $row2 = db_fetch_row($res2);
584 for ($k = 0; $k < $nf = db_num_fields($res2); $k++)
586 $values .= db_escape($row2[$k], $field_null[$k]);
591 $len = strlen($values);
592 if ($maxinsert < $len+1)
594 $maxinsert = EXPORT_MAX_INSERT;
597 $out .= $insert .';'; // flush insert query
604 $insert = "\nINSERT INTO `" . $tablename . "` VALUES\n";
605 $maxinsert -= strlen($insert);
613 // if saving is successful, then empty $out, else set error flag
614 if (strlen($out) > $max_size && $zip != "zip")
616 if (save_to_file($backupfile, $zip, $out))
623 $out .= $insert. ';';
624 // an error occurred! Try to delete file and return error status
628 @unlink(BACKUP_PATH . $backupfile);
632 // if saving is successful, then empty $out, else set error flag
633 if (strlen($out) > $max_size && $zip != "zip")
635 if (save_to_file($backupfile, $zip, $out))
642 // an error occurred! Try to delete file and return error status
646 @unlink(BACKUP_PATH . $backupfile);
652 if (save_to_file($backupfile, $zip, $out))
658 @unlink(BACKUP_PATH . $backupfile);
664 // orders the tables in $tables according to the constraints in $fks
665 // $fks musst be filled like this: $fks[tablename][0]=needed_table1; $fks[tablename][1]=needed_table2; ...
666 function order_sql_tables($tables, $fks)
668 // do not order if no contraints exist
673 $new_tables = array();
676 while (count($tables) && $modified == true)
679 foreach ($tables as $key=>$row)
681 // delete from $tables and add to $new_tables
682 if (isset($fks[$row['Name']]))
684 foreach($fks[$row['Name']] as $needed)
686 // go to next table if not all needed tables exist in $existing
687 if (!in_array($needed,$existing))
691 // delete from $tables and add to $new_tables
692 $existing[] = $row['Name'];
693 $new_tables[] = $row;
695 unset($tables[$key]);
703 // probably there are 'circles' in the constraints, bacause of that no proper backups can be created yet
704 // TODO: this will be fixed sometime later through using 'alter table' commands to add the constraints after generating the tables
705 // until now, just add the lasting tables to $new_tables, return them and print a warning
706 foreach($tables as $row)
707 $new_tables[] = $row;
708 echo "<div class=\"red_left\">THIS DATABASE SEEMS TO CONTAIN 'RING CONSTRAINTS'. WA DOES NOT SUPPORT THEM. PROBABLY THE FOLOWING BACKUP IS DEFECT!</div>";
713 // saves the string in $fileData to the file $backupfile as gz file or not ($zip)
714 // returns backup file name if name has changed (zip), else TRUE. If saving failed, return value is FALSE
715 function save_to_file($backupfile, $zip, $fileData)
717 global $path_to_root;
721 if ($zp = @gzopen(BACKUP_PATH . $backupfile, "a9"))
723 @gzwrite($zp, $fileData);
732 // $zip contains the timestamp
734 elseif ($zip == "zip")
736 // based on zip.lib.php 2.2 from phpMyBackupAdmin
737 // offical zip format: http://www.pkware.com/appnote.txt
739 // End of central directory record
740 $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
742 // "local file header" segment
743 $unc_len = strlen($fileData);
744 $crc = crc32($fileData);
745 $zdata = gzcompress($fileData);
747 // extend stored file name with suffix
748 // needed for decoding (because of crc bug)
749 $name_suffix = substr($zdata, -4, 4);
751 for ($i = 0; $i < 4; $i++)
752 $name_suffix2 .= sprintf("%03d", ord($name_suffix[$i]));
754 $name = substr($backupfile, 0, strlen($backupfile) - 8) . $name_suffix2 . ".sql";
757 $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
758 $c_len = strlen($zdata);
761 $timearray = getdate();
762 $dostime = (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
763 ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
764 $dtime = dechex($dostime);
765 $hexdtime = "\x" . $dtime[6] . $dtime[7] . "\x" . $dtime[4].$dtime[5] . "\x" . $dtime[2] . $dtime[3] . "\x" . $dtime[0] . $dtime[1];
766 eval('$hexdtime="' . $hexdtime . '";');
768 // ver needed to extract, gen purpose bit flag, compression method, last mod time and date
769 $sub1 = "\x14\x00" . "\x00\x00" . "\x08\x00" . $hexdtime;
771 // crc32, compressed filesize, uncompressed filesize
772 $sub2 = pack('V', $crc) . pack('V', $c_len) . pack('V', $unc_len);
774 $fr = "\x50\x4b\x03\x04" . $sub1. $sub2;
776 // length of filename, extra field length
777 $fr .= pack('v', strlen($name)) . pack('v', 0);
780 // "file data" segment and "data descriptor" segment (optional but necessary if archive is not served as file)
781 $fr .= $zdata . $sub2;
783 // now add to central directory record
784 $cdrec = "\x50\x4b\x01\x02";
785 $cdrec .= "\x00\x00"; // version made by
786 $cdrec .= $sub1 . $sub2;
788 // length of filename, extra field length, file comment length, disk number start, internal file attributes, external file attributes - 'archive' bit set, offset
789 $cdrec .= pack('v', strlen($name)) . pack('v', 0) . pack('v', 0) . pack('v', 0) . pack('v', 0) . pack('V', 32) . pack('V',0);
793 $fileData = $fr . $cdrec . $eof_ctrl_dir;
795 // total # of entries "on this disk", total # of entries overall, size of central dir, offset to start of central dir, .zip file comment length
796 $fileData .= pack('v', 1) . pack('v', 1) . pack('V', strlen($cdrec)) . pack('V', strlen($fr)) . "\x00\x00";
798 if ($zp = @fopen(BACKUP_PATH . $backupfile, "a"))
800 @fwrite($zp, $fileData);
813 if ($zp = @fopen(BACKUP_PATH . $backupfile, "a"))
815 @fwrite($zp, $fileData);
826 function create_comp_dirs($comp_path, $comp_subdirs)
828 $index = "<?php\nheader(\"Location: ../index.php\");\n?>";
831 $f = @fopen("$cdir/index.php", "wb");
835 foreach($comp_subdirs as $dir)
837 @mkdir($cdir.'/'.$dir);
838 $f = @fopen("$cdir/$dir/index.php", "wb");
845 // Checks $field existence in $table with given field $properties
846 // $table - table name without prefix
847 // $field - optional field name
848 // $properties - optional properties of field defined by MySQL:
849 // 'Type', 'Null', 'Key', 'Default', 'Extra'
851 function check_table($pref, $table, $field=null, $properties=null)
853 $tables = @db_query("SHOW TABLES LIKE '".$pref.$table."'");
854 if (!db_num_rows($tables))
855 return 1; // no such table or error
857 $fields = @db_query("SHOW COLUMNS FROM ".$pref.$table);
859 return 0; // table exists
861 while( $row = db_fetch_assoc($fields))
863 if ($row['Field'] == $field)
865 if (!isset($properties))
867 foreach($properties as $property => $value)
869 if ($row[$property] != $value)
870 return 3; // failed type/length check
872 return 0; // property check ok.
875 return 2; // field not found