<?php
-
-$page_security = 15;
+/**********************************************************************
+ Copyright (C) FrontAccounting, LLC.
+ Released under the terms of the GNU General Public License, GPL,
+ as published by the Free Software Foundation, either version 3
+ of the License, or (at your option) any later version.
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+$page_security = 'SA_CREATECOMPANY';
$path_to_root="..";
include_once($path_to_root . "/includes/session.inc");
include_once($path_to_root . "/admin/db/maintenance_db.inc");
include_once($path_to_root . "/includes/ui.inc");
-page(_("Create/Update Company"));
+page(_($help_context = "Create/Update Company"));
-$comp_subdirs = array('images', 'pdf_files', 'backup','js_cache');
+$comp_subdirs = array('images', 'pdf_files', 'backup','js_cache', 'reporting', 'attachments');
//---------------------------------------------------------------------------------------------
-
if (isset($_GET['selected_id']))
{
$selected_id = $_GET['selected_id'];
function check_data()
{
- global $db_connections, $tb_pref_counter;
+ global $db_connections, $tb_pref_counter, $selected_id;
- foreach($db_connections as $id=>$con) {
- if ($_POST['host'] == $con['host'] && $_POST['dbname'] == $con['dbname']) {
- if ($_POST['tbpref'] == $con['tbpref']) {
- display_error(_("This database settings are already used by another company."));
- return false;
- }
- if ($_POST['tbpref'] == 0 || $con['tbpref'] == '') {
- display_error(_("You cannot have table set without prefix together with prefixed sets in the same database."));
- return false;
- }
- }
+ if ($_POST['name'] == "" || $_POST['host'] == "" || $_POST['dbuser'] == "" || $_POST['dbname'] == "")
+ return false;
+ foreach($db_connections as $id=>$con)
+ {
+ if($id != $selected_id && $_POST['host'] == $con['host']
+ && $_POST['dbname'] == $con['dbname'])
+ {
+ if ($_POST['tbpref'] == $con['tbpref'])
+ {
+ display_error(_("This database settings are already used by another company."));
+ return false;
+ }
+ if (($_POST['tbpref'] == 0) ^ ($con['tbpref'] == ''))
+ {
+ display_error(_("You cannot have table set without prefix together with prefixed sets in the same database."));
+ return false;
+ }
+ }
}
- return true;
+ return true;
}
//---------------------------------------------------------------------------------------------
function remove_connection($id) {
global $db_connections;
- $dbase = $db_connections[$id]['dbname'];
$err = db_drop_db($db_connections[$id]);
unset($db_connections[$id]);
function handle_submit()
{
global $db_connections, $def_coy, $tb_pref_counter, $db,
- $comp_path, $comp_subdirs;
+ $comp_subdirs, $path_to_root;
$new = false;
-
+ $error = false;
if (!check_data())
return false;
if (($db = db_create_db($conn)) == 0)
{
display_error(_("Error creating Database: ") . $conn['dbname'] . _(", Please create it manually"));
+ $error = true;
+ } else {
+
+ $filename = $_FILES['uploadfile']['tmp_name'];
+ if (is_uploaded_file ($filename))
+ {
+ if (!db_import($filename, $conn, $id)) {
+ display_error(_('Cannot create new company due to bugs in sql file.'));
+ $error = true;
+ } else
+ if (isset($_POST['admpassword']) && $_POST['admpassword'] != "")
+ update_admin_password($conn, md5($_POST['admpassword']));
+ }
+ else
+ {
+ display_error(_("Error uploading Database Script, please upload it manually"));
+ $error = true;
+ }
+ }
+ set_global_connection();
+ if ($error) {
remove_connection($id);
- set_global_connection();
return false;
}
-
- $filename = $_FILES['uploadfile']['tmp_name'];
- if (is_uploaded_file ($filename))
- {
- db_import($filename, $conn, $id);
- if (isset($_POST['admpassword']) && $_POST['admpassword'] != "")
+ } else {
+ if ($_GET['c'] = 'u') {
+ $conn = $db_connections[$id];
+ if (($db = db_create_db($conn)) == 0)
+ {
+ display_error(_("Error connecting to Database: ") . $conn['dbname'] . _(", Please correct it"));
+ $error = true;
+ } else {
db_query("UPDATE ".$conn['tbpref']."users set password = '".md5($_POST['admpassword']). "' WHERE user_id = 'admin'");
+ }
}
- else
- {
- display_error(_("Error uploading Database Script, please upload it manually"));
- set_global_connection();
- return false;
- }
- set_global_connection();
}
$error = write_config_db($new);
if ($error == -1)
{
return false;
}
- $index = "<?php\nheader(\"Location: ../../index.php\");\n?>";
if ($new)
{
- $cdir = $comp_path.'/'.$id;
- @mkdir($cdir);
- save_to_file($cdir.'/'.'index.php', 0, $index);
-
- foreach($comp_subdirs as $dir)
- {
- @mkdir($cdir.'/'.$dir);
- save_to_file($cdir.'/'.$dir.'/'.'index.php', 0, $index);
- }
+ create_comp_dirs(company_path($id), $comp_subdirs);
}
+ $exts = get_company_extensions();
+ write_extensions($exts, $id);
+ display_notification($new ? _('New company has been created.') : _('Company has been updated.'));
return true;
}
function handle_delete()
{
- global $comp_path, $def_coy, $db_connections, $comp_subdirs;
+ global $def_coy, $db_connections, $comp_subdirs, $path_to_root;
$id = $_GET['id'];
+ // First make sure all company directories from the one under removal are writable.
+ // Without this after operation we end up with changed per-company owners!
+ for($i = $id; $i < count($db_connections); $i++) {
+ $comp_path = company_path($i);
+ if (!is_dir($comp_path.'/'.$i) || !is_writable($comp_path.'/'.$i)) {
+ display_error(_('Broken company subdirectories system. You have to remove this company manually.'));
+ return;
+ }
+ }
+ // make sure config file is writable
+ if (!is_writeable($path_to_root . "/config_db.php"))
+ {
+ display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
+ return;
+ }
+ // rename directory to temporary name to ensure all
+ // other subdirectories will have right owners even after
+ // unsuccessfull removal.
+ $cdir = company_path($id);
+ $tmpname = company_path('/old_'.$id);
+ if (!@rename($cdir, $tmpname)) {
+ display_error(_('Cannot rename subdirectory to temporary name.'));
+ return;
+ }
+ // 'shift' company directories names
+ for ($i = $id+1; $i < count($db_connections); $i++) {
+ if (!rename(company_path($i), company_path($i-1))) {
+ display_error(_("Cannot rename company subdirectory"));
+ return;
+ }
+ }
$err = remove_connection($id);
if ($err == 0)
- display_error(_("Error removing Database: ") . $dbase . _(", please remove it manuallly"));
+ display_error(_("Error removing Database: ") . $dbase . _(", please remove it manually"));
if ($def_coy == $id)
$def_coy = 0;
display_error(_("Cannot write to the configuration file - ") . $path_to_root . "/config_db.php");
else if ($error == -3)
display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
- if ($error != 0)
+ if ($error != 0) {
+ @rename($tmpname, $cdir);
return;
-
- $cdir = $comp_path.'/'.$id;
- flush_dir($cdir);
- if (!rmdir($cdir))
+ }
+ // finally remove renamed company directory
+ @flush_dir($tmpname, true);
+ if (!@rmdir($tmpname))
{
- display_error(_("Cannot remove company data directory ") . $cdir);
+ display_error(_("Cannot remove temporary renamed company data directory ") . $tmpname);
return;
}
-
- meta_forward($_SERVER['PHP_SELF']);
+ display_notification(_("Selected company as been deleted"));
}
//---------------------------------------------------------------------------------------------
function display_companies()
{
- global $table_style, $def_coy, $db_connections;
+ global $def_coy, $db_connections;
$coyno = $_SESSION["wa_current_user"]->company;
document.location.replace('create_coy.php?c=df&id='+id)
}
</script>";
- start_table($table_style);
+ start_table(TABLESTYLE);
$th = array(_("Company"), _("Database Host"), _("Database User"),
_("Database Name"), _("Table Pref"), _("Default"), "", "");
label_cell($conn[$i]['dbname']);
label_cell($conn[$i]['tbpref']);
label_cell($what);
- label_cell("<a href=" . $_SERVER['PHP_SELF']. "?selected_id=" . $i . ">" . _("Edit") . "</a>");
- if ($i != $coyno)
- label_cell("<a href='javascript:deleteCompany(" . $i . ")'>" . _("Delete") . "</a>");
+ $edit = _("Edit");
+ $delete = _("Delete");
+ if (user_graphic_links())
+ {
+ $edit = set_icon(ICON_EDIT, $edit);
+ $delete = set_icon(ICON_DELETE, $delete);
+ }
+ label_cell("<a href='" . $_SERVER['PHP_SELF']. "?selected_id=$i'>$edit</a>");
+ label_cell( $i == $coyno ? '' :
+ "<a href='javascript:deleteCompany(" . $i . ")'>$delete</a>");
end_row();
}
function display_company_edit($selected_id)
{
- global $def_coy, $db_connections, $tb_pref_counter, $table_style2;
+ global $def_coy, $db_connections, $tb_pref_counter;
if ($selected_id != -1)
$n = $selected_id;
else
$n = count($db_connections);
- start_form(true, true);
+ start_form(true);
echo "
<script language='javascript'>
document.forms[0].action='create_coy.php?c=u&ul=1&id=" . $n . "&fn=' + document.forms[0].uploadfile.value
}
else {
- document.forms[0].action='create_coy.php?c=u&id=" . $n . "&fn=' + document.forms[0].uploadfile.value
+ document.forms[0].action='create_coy.php?c=u&id=" . $n . "'
}
document.forms[0].submit()
}
</script>";
- start_table($table_style2);
+ start_table(TABLESTYLE2);
if ($selected_id != -1)
{
label_row(_("Table Pref"), $_POST['tbpref']);
yesno_list_row(_("Default"), 'def', null, "", "", false);
- start_row();
- label_cell(_("Database Script"));
- label_cell("<input name='uploadfile' type='file'>");
- end_row();
+ file_row(_("Database Script"), "uploadfile");
text_row_ex(_("New script Admin Password"), 'admpassword', 20);
end_table();
- display_note(_("Choose from Database scripts in SQL folder. No Datase is created without a script."), 0, 1);
- echo "<center><input onclick='javascript:updateCompany()' type='button' style='width:150' value='". _("Save"). "'>";
+ display_note(_("Choose from Database scripts in SQL folder. No Database is created without a script."), 0, 1);
+ echo "<center><input onclick='javascript:updateCompany()' type='button' style='width:150px' value='". _("Save"). "'></center>";
end_form();
//---------------------------------------------------------------------------------------------
-if (isset($_GET['c']) && $_GET['c'] == 'df')
-{
-
+if (isset($_GET['c']) && $_GET['c'] == 'df') {
handle_delete();
+ $selected_id = -1;
}
if (isset($_GET['c']) && $_GET['c'] == 'u')
-{
if (handle_submit())
- {
- meta_forward($_SERVER['PHP_SELF']);
- }
-}
+ $selected_id = -1;
//---------------------------------------------------------------------------------------------
display_company_edit($selected_id);
//---------------------------------------------------------------------------------------------
-
end_page();
?>
\ No newline at end of file