X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fbackups.php;h=01ef0732acc41e8be64c2903e651c0a87a4eeec9;hb=40e5dda3847073d8f86c558eafbbc5372133bedd;hp=5eee6256557e4bce6fe14898662553c365836c12;hpb=53d942f2a0d20cce5e9c409c6485867ce0869e4d;p=fa-stable.git

diff --git a/admin/backups.php b/admin/backups.php
index 5eee6256..01ef0732 100644
--- a/admin/backups.php
+++ b/admin/backups.php
@@ -20,21 +20,28 @@ if (get_post('view')) {
 	if (!get_post('backups')) {
 		display_error(_('Select backup file first.'));
 	} else {
-		$filename = BACKUP_PATH . clean_file_name(get_post('backups'));
+		$filename = $SysPrefs->backup_dir() . clean_file_name(get_post('backups'));
 		if (in_ajax()) 
 			$Ajax->popup( $filename );
 		else {
-		    header('Content-type: text/plain');
-    		header('Content-Length: '.filesize($filename));
-			header("Content-Disposition: inline");
-    		readfile($filename);
+			header('Content-type: text/plain');
+			header('Content-Length: '.filesize($filename));
+			header("Content-Disposition: inline; filename=".basename($filename));
+			if (substr($filename, -3, 3) == '.gz')
+				header("Content-Encoding: gzip");
+
+			if (substr($filename, -4, 4) == '.zip')
+				echo db_unzip('', $filename);
+			else
+				readfile($filename);
 			exit();
 		}
 	}
 };
+
 if (get_post('download')) {
 	if (get_post('backups')) {
-		download_file(BACKUP_PATH . clean_file_name(get_post('backups')));
+		download_file($SysPrefs->backup_dir().clean_file_name(get_post('backups')));
 		exit;
 	} else
 		display_error(_("Select backup file first."));
@@ -46,10 +53,12 @@ check_paths();
 
 function check_paths()
 {
-	if (!file_exists(BACKUP_PATH)) {
+  global $SysPrefs;
+
+	if (!file_exists($SysPrefs->backup_dir())) {
 		display_error (_("Backup paths have not been set correctly.") 
 			._("Please contact System Administrator.")."<br>" 
-			. _("cannot find backup directory") . " - " . BACKUP_PATH . "<br>");
+			. _("cannot find backup directory") . " - " . $SysPrefs->backup_dir() . "<br>");
 		end_page();
 		exit;
 	}
@@ -57,24 +66,26 @@ function check_paths()
 
 function generate_backup($conn, $ext='no', $comm='')
 {
-	$filename = db_backup($conn, $ext, $comm);
+	global $SysPrefs;
+
+	$filename = db_backup($conn, $ext, $comm, $SysPrefs->backup_dir());
 	if ($filename)
 		display_notification(_("Backup successfully generated."). ' '
 			. _("Filename") . ": " . $filename);
 	else
 		display_error(_("Database backup failed."));
-	
+
 	return $filename;
 }
 
 
 function get_backup_file_combo()
 {
-	global $path_to_root, $Ajax;
+	global $path_to_root, $Ajax, $SysPrefs;
 	
 	$ar_files = array();
     default_focus('backups');
-    $dh = opendir(BACKUP_PATH);
+    $dh = opendir($SysPrefs->backup_dir());
 	while (($file = readdir($dh)) !== false)
 		$ar_files[] = $file;
 	closedir($dh);
@@ -123,21 +134,21 @@ function download_file($filename)
     return true;
 }
 
-$db_name = $_SESSION["wa_current_user"]->company;
-$conn = $db_connections[$db_name];
+$conn = $db_connections[user_company()];
 $backup_name = clean_file_name(get_post('backups'));
-$backup_path = BACKUP_PATH . $backup_name;
+$backup_path = $SysPrefs->backup_dir() . $backup_name;
 
 if (get_post('creat')) {
 	generate_backup($conn, get_post('comp'), get_post('comments'));
 	$Ajax->activate('backups');
+	$SysPrefs->refresh(); // re-read system setup
 };
 
 if (get_post('restore')) {
 	if ($backup_name) {
-		if (db_import($backup_path, $conn))
+		if (db_import($backup_path, $conn, true, false, check_value('protect')))
 			display_notification(_("Restore backup completed."));
-		refresh_sys_prefs(); // re-read system setup
+		$SysPrefs->refresh(); // re-read system setup
 	} else
 		display_error(_("Select backup file first."));
 }
@@ -163,8 +174,10 @@ if (get_post('upload'))
 	if ($fname) {
 		if (!preg_match("/\.sql(\.zip|\.gz)?$/", $fname))
 			display_error(_("You can only upload *.sql backup files"));
+		elseif ($fname != clean_file_name($fname))
+			display_error(_("Filename contains forbidden chars. Please rename file and try again."));
 		elseif (is_uploaded_file($tmpname)) {
-			rename($tmpname, BACKUP_PATH . $fname);
+			rename($tmpname, $SysPrefs->backup_dir() . $fname);
 			display_notification(_("File uploaded to backup directory"));
 			$Ajax->activate('backups');
 		} else
@@ -190,7 +203,7 @@ table_section_title(_("Backup scripts maintenance"));
 	echo "<td style='padding-left:20px' valign='top'>";
 	start_table();
 	submit_row('view',_("View Backup"), false, '', '', false);
-	submit_row('download',_("Download Backup"), false, '', '', false);
+	submit_row('download',_("Download Backup"), false, '', '', 'download');
 	submit_row('restore',_("Restore Backup"), false, '','', 'process');
 	submit_js_confirm('restore',_("You are about to restore database from backup file.\nDo you want to continue?"));
 
@@ -201,7 +214,12 @@ table_section_title(_("Backup scripts maintenance"));
 	echo "</td>";
 	end_row();
 start_row();
-echo "<td style='padding-left:20px' align='left'><input name='uploadfile' type='file'></td>";
+	echo "<td style='padding-left:20px'  cspan=2>"
+	. radio(_('Update security settings'), 'protect', 0) . '<br>'
+	. radio(_('Protect security settings'), 'protect', 1, true) . "</td>";
+end_row();
+start_row();
+	echo "<td style='padding-left:20px' align='left'><input name='uploadfile' type='file'></td>";
 	submit_cells('upload',_("Upload file"),"style='padding-left:20px'", '', true);
 end_row();
 end_outer_table();
@@ -209,4 +227,3 @@ end_outer_table();
 end_form();
 
 end_page();
-?>