X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fbackups.php;h=01ef0732acc41e8be64c2903e651c0a87a4eeec9;hb=40e5dda3847073d8f86c558eafbbc5372133bedd;hp=d3eb88af2151418c2f02c6b51623ed6202e92b7f;hpb=848bd4c5691898516e8088d247422e2d6a9fe2a8;p=fa-stable.git

diff --git a/admin/backups.php b/admin/backups.php
index d3eb88af..01ef0732 100644
--- a/admin/backups.php
+++ b/admin/backups.php
@@ -20,21 +20,31 @@ if (get_post('view')) {
 	if (!get_post('backups')) {
 		display_error(_('Select backup file first.'));
 	} else {
-		$filename = BACKUP_PATH . clean_file_name(get_post('backups'));
+		$filename = $SysPrefs->backup_dir() . clean_file_name(get_post('backups'));
 		if (in_ajax()) 
 			$Ajax->popup( $filename );
 		else {
-		    header('Content-type: text/plain');
-    		header('Content-Length: '.filesize($filename));
-			header("Content-Disposition: inline");
-    		readfile($filename);
+			header('Content-type: text/plain');
+			header('Content-Length: '.filesize($filename));
+			header("Content-Disposition: inline; filename=".basename($filename));
+			if (substr($filename, -3, 3) == '.gz')
+				header("Content-Encoding: gzip");
+
+			if (substr($filename, -4, 4) == '.zip')
+				echo db_unzip('', $filename);
+			else
+				readfile($filename);
 			exit();
 		}
 	}
 };
+
 if (get_post('download')) {
-	download_file(BACKUP_PATH . clean_file_name(get_post('backups')));
-	exit;
+	if (get_post('backups')) {
+		download_file($SysPrefs->backup_dir().clean_file_name(get_post('backups')));
+		exit;
+	} else
+		display_error(_("Select backup file first."));
 }
 
 page(_($help_context = "Backup and Restore Database"), false, false, '', '');
@@ -43,10 +53,12 @@ check_paths();
 
 function check_paths()
 {
-	if (!file_exists(BACKUP_PATH)) {
+  global $SysPrefs;
+
+	if (!file_exists($SysPrefs->backup_dir())) {
 		display_error (_("Backup paths have not been set correctly.") 
 			._("Please contact System Administrator.")."<br>" 
-			. _("cannot find backup directory") . " - " . BACKUP_PATH . "<br>");
+			. _("cannot find backup directory") . " - " . $SysPrefs->backup_dir() . "<br>");
 		end_page();
 		exit;
 	}
@@ -54,24 +66,26 @@ function check_paths()
 
 function generate_backup($conn, $ext='no', $comm='')
 {
-	$filename = db_backup($conn, $ext, $comm);
+	global $SysPrefs;
+
+	$filename = db_backup($conn, $ext, $comm, $SysPrefs->backup_dir());
 	if ($filename)
 		display_notification(_("Backup successfully generated."). ' '
 			. _("Filename") . ": " . $filename);
 	else
 		display_error(_("Database backup failed."));
-	
+
 	return $filename;
 }
 
 
 function get_backup_file_combo()
 {
-	global $path_to_root, $Ajax;
+	global $path_to_root, $Ajax, $SysPrefs;
 	
 	$ar_files = array();
     default_focus('backups');
-    $dh = opendir(BACKUP_PATH);
+    $dh = opendir($SysPrefs->backup_dir());
 	while (($file = readdir($dh)) !== false)
 		$ar_files[] = $file;
 	closedir($dh);
@@ -120,30 +134,36 @@ function download_file($filename)
     return true;
 }
 
-$db_name = $_SESSION["wa_current_user"]->company;
-$conn = $db_connections[$db_name];
+$conn = $db_connections[user_company()];
 $backup_name = clean_file_name(get_post('backups'));
-$backup_path = BACKUP_PATH . $backup_name;
+$backup_path = $SysPrefs->backup_dir() . $backup_name;
 
 if (get_post('creat')) {
 	generate_backup($conn, get_post('comp'), get_post('comments'));
 	$Ajax->activate('backups');
+	$SysPrefs->refresh(); // re-read system setup
 };
 
 if (get_post('restore')) {
-	if (db_import($backup_path, $conn))
-		display_notification(_("Restore backup completed."));
-	refresh_sys_prefs(); // re-read system setup
+	if ($backup_name) {
+		if (db_import($backup_path, $conn, true, false, check_value('protect')))
+			display_notification(_("Restore backup completed."));
+		$SysPrefs->refresh(); // re-read system setup
+	} else
+		display_error(_("Select backup file first."));
 }
 
 if (get_post('deldump')) {
-	if (unlink($backup_path)) {
-		display_notification(_("File successfully deleted.")." "
-				. _("Filename") . ": " . $backup_name);
-		$Ajax->activate('backups');
-	}
-	else
-		display_error(_("Can't delete backup file."));
+	if ($backup_name) {
+		if (unlink($backup_path)) {
+			display_notification(_("File successfully deleted.")." "
+					. _("Filename") . ": " . $backup_name);
+			$Ajax->activate('backups');
+		}
+		else
+			display_error(_("Can't delete backup file."));
+	} else
+		display_error(_("Select backup file first."));
 }
 
 if (get_post('upload'))
@@ -151,14 +171,20 @@ if (get_post('upload'))
 	$tmpname = $_FILES['uploadfile']['tmp_name'];
 	$fname = trim(basename($_FILES['uploadfile']['name']));
 
-	if (!preg_match("/\.sql(\.zip|\.gz)?$/", $fname))
-		display_error(_("You can only upload *.sql backup files"));
-	elseif (is_uploaded_file($tmpname)) {
-		rename($tmpname, BACKUP_PATH . $fname);
-		display_notification( "File uploaded to backup directory");
-		$Ajax->activate('backups');
+	if ($fname) {
+		if (!preg_match("/\.sql(\.zip|\.gz)?$/", $fname))
+			display_error(_("You can only upload *.sql backup files"));
+		elseif ($fname != clean_file_name($fname))
+			display_error(_("Filename contains forbidden chars. Please rename file and try again."));
+		elseif (is_uploaded_file($tmpname)) {
+			rename($tmpname, $SysPrefs->backup_dir() . $fname);
+			display_notification(_("File uploaded to backup directory"));
+			$Ajax->activate('backups');
+		} else
+			display_error(_("File was not uploaded into the system."));
 	} else
-		display_error(_("File was not uploaded into the system."));
+		display_error(_("Select backup file first."));
+
 }
 //-------------------------------------------------------------------------------
 start_form(true, true);
@@ -177,7 +203,7 @@ table_section_title(_("Backup scripts maintenance"));
 	echo "<td style='padding-left:20px' valign='top'>";
 	start_table();
 	submit_row('view',_("View Backup"), false, '', '', false);
-	submit_row('download',_("Download Backup"), false, '', '', false);
+	submit_row('download',_("Download Backup"), false, '', '', 'download');
 	submit_row('restore',_("Restore Backup"), false, '','', 'process');
 	submit_js_confirm('restore',_("You are about to restore database from backup file.\nDo you want to continue?"));
 
@@ -188,7 +214,12 @@ table_section_title(_("Backup scripts maintenance"));
 	echo "</td>";
 	end_row();
 start_row();
-echo "<td style='padding-left:20px' align='left'><input name='uploadfile' type='file'></td>";
+	echo "<td style='padding-left:20px'  cspan=2>"
+	. radio(_('Update security settings'), 'protect', 0) . '<br>'
+	. radio(_('Protect security settings'), 'protect', 1, true) . "</td>";
+end_row();
+start_row();
+	echo "<td style='padding-left:20px' align='left'><input name='uploadfile' type='file'></td>";
 	submit_cells('upload',_("Upload file"),"style='padding-left:20px'", '', true);
 end_row();
 end_outer_table();
@@ -196,4 +227,3 @@ end_outer_table();
 end_form();
 
 end_page();
-?>