X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fcreate_coy.php;h=999f376c8fb93e80d5c6e77629ed2a59d36abda0;hb=085bf05f7c33a3e20a418f2b04e6426c2096cb2c;hp=e1b2882fb762ea95dd8111dec6bcae76d7f282e2;hpb=ebc600101ceab69c06eac4b1bd4d1782af45de05;p=fa-stable.git
diff --git a/admin/create_coy.php b/admin/create_coy.php
index e1b2882f..999f376c 100644
--- a/admin/create_coy.php
+++ b/admin/create_coy.php
@@ -25,11 +25,11 @@ $comp_subdirs = array('images', 'pdf_files', 'backup','js_cache', 'reporting', '
//---------------------------------------------------------------------------------------------
if (isset($_GET['selected_id']))
{
- $selected_id = $_GET['selected_id'];
+ $selected_id = (int)$_GET['selected_id'];
}
elseif (isset($_POST['selected_id']))
{
- $selected_id = $_POST['selected_id'];
+ $selected_id = (int)$_POST['selected_id'];
}
else
$selected_id = -1;
@@ -40,24 +40,35 @@ function check_data()
{
global $db_connections, $tb_pref_counter, $selected_id;
- if ($_POST['name'] == "" || $_POST['host'] == "" || $_POST['dbuser'] == "" || $_POST['dbname'] == "")
- return false;
- foreach($db_connections as $id=>$con)
- {
- if($id != $selected_id && $_POST['host'] == $con['host']
- && $_POST['dbname'] == $con['dbname'])
- {
- if ($_POST['tbpref'] == $con['tbpref'])
- {
- display_error(_("This database settings are already used by another company."));
- return false;
- }
- if ($_POST['tbpref'] == 0 || $con['tbpref'] == '')
- {
- display_error(_("You cannot have table set without prefix together with prefixed sets in the same database."));
- return false;
- }
- }
+ if($selected_id != -1) {
+ if ($_POST['name'] == "")
+ {
+ display_error(_("Database settings are not specified."));
+ return false;
+ }
+ } else {
+ if ($_POST['name'] == "" || $_POST['host'] == "" || $_POST['dbuser'] == "" || $_POST['dbname'] == "")
+ {
+ display_error(_("Database settings are not specified."));
+ return false;
+ }
+ foreach($db_connections as $id=>$con)
+ {
+ if($id != $selected_id && $_POST['host'] == $con['host']
+ && $_POST['dbname'] == $con['dbname'])
+ {
+ if ($_POST['tbpref'] == $con['tbpref'])
+ {
+ display_error(_("This database settings are already used by another company."));
+ return false;
+ }
+ if (($_POST['tbpref'] == 0) ^ ($con['tbpref'] == ''))
+ {
+ display_error(_("You cannot have table set without prefix together with prefixed sets in the same database."));
+ return false;
+ }
+ }
+ }
}
return true;
}
@@ -80,60 +91,58 @@ function remove_connection($id) {
function handle_submit()
{
global $db_connections, $def_coy, $tb_pref_counter, $db,
- $comp_path, $comp_subdirs;
-
- $new = false;
+ $comp_subdirs, $path_to_root, $selected_id;
+ $error = false;
if (!check_data())
return false;
- $id = $_GET['id'];
+ if ($selected_id==-1)
+ $selected_id = count($db_connections);
- $db_connections[$id]['name'] = $_POST['name'];
- $db_connections[$id]['host'] = $_POST['host'];
- $db_connections[$id]['dbuser'] = $_POST['dbuser'];
- $db_connections[$id]['dbpassword'] = $_POST['dbpassword'];
- $db_connections[$id]['dbname'] = $_POST['dbname'];
- if (isset($_GET['ul']) && $_GET['ul'] == 1)
- {
+ $new = !isset($db_connections[$selected_id]);
+
+ if ((bool)$_POST['def'] == true)
+ $def_coy = $selected_id;
+
+ $db_connections[$selected_id]['name'] = $_POST['name'];
+ if($new) {
+ $db_connections[$selected_id]['host'] = $_POST['host'];
+ $db_connections[$selected_id]['dbuser'] = $_POST['dbuser'];
+ $db_connections[$selected_id]['dbpassword'] = $_POST['dbpassword'];
+ $db_connections[$selected_id]['dbname'] = $_POST['dbname'];
if (is_numeric($_POST['tbpref']))
{
- $db_connections[$id]['tbpref'] = $_POST['tbpref'] == 1 ?
+ $db_connections[$selected_id]['tbpref'] = $_POST['tbpref'] == 1 ?
$tb_pref_counter."_" : '';
- $new = true;
}
else if ($_POST['tbpref'] != "")
- $db_connections[$id]['tbpref'] = $_POST['tbpref'];
+ $db_connections[$selected_id]['tbpref'] = $_POST['tbpref'];
else
- $db_connections[$id]['tbpref'] = "";
- }
- if ((bool)$_POST['def'] == true)
- $def_coy = $id;
- if (isset($_GET['ul']) && $_GET['ul'] == 1)
- {
- $conn = $db_connections[$id];
+ $db_connections[$selected_id]['tbpref'] = "";
+
+ $conn = $db_connections[$selected_id];
if (($db = db_create_db($conn)) == 0)
{
display_error(_("Error creating Database: ") . $conn['dbname'] . _(", Please create it manually"));
- remove_connection($id);
- set_global_connection();
- return false;
- }
-
- $filename = $_FILES['uploadfile']['tmp_name'];
- if (is_uploaded_file ($filename))
- {
- db_import($filename, $conn, $id);
- if (isset($_POST['admpassword']) && $_POST['admpassword'] != "")
- db_query("UPDATE ".$conn['tbpref']."users set password = '".md5($_POST['admpassword']). "' WHERE user_id = 'admin'");
+ $error = true;
+ } else {
+ if (!db_import($path_to_root.'/sql/'.get_post('coa'), $conn, $selected_id)) {
+ display_error(_('Cannot create new company due to bugs in sql file.'));
+ $error = true;
+ }
+ else
+ {
+ if (!isset($_POST['admpassword']) || $_POST['admpassword'] == "")
+ $_POST['admpassword'] = "password";
+ update_admin_password($conn, md5($_POST['admpassword']));
+ }
}
- else
- {
- display_error(_("Error uploading Database Script, please upload it manually"));
- set_global_connection();
+ set_global_connection();
+ if ($error) {
+ remove_connection($selected_id);
return false;
}
- set_global_connection();
}
$error = write_config_db($new);
if ($error == -1)
@@ -149,10 +158,11 @@ function handle_submit()
if ($new)
{
- create_comp_dirs("$comp_path/$id", $comp_subdirs);
+ create_comp_dirs(company_path($selected_id), $comp_subdirs);
}
$exts = get_company_extensions();
- write_extensions($exts, $id);
+ write_extensions($exts, $selected_id);
+ display_notification($new ? _('New company has been created.') : _('Company has been updated.'));
return true;
}
@@ -160,22 +170,40 @@ function handle_submit()
function handle_delete()
{
- global $comp_path, $def_coy, $db_connections, $comp_subdirs;
+ global $def_coy, $db_connections, $comp_subdirs, $path_to_root;
- $id = $_GET['id'];
+ $id = (int)$_GET['id'];
- $cdir = $comp_path.'/'.$id;
- @flush_dir($cdir, true);
- if (!rmdir($cdir))
+ // First make sure all company directories from the one under removal are writable.
+ // Without this after operation we end up with changed per-company owners!
+ for($i = $id; $i < count($db_connections); $i++) {
+ $comp_path = company_path($i);
+ if (!is_dir($comp_path) || !is_writable($comp_path)) {
+ display_error(_('Broken company subdirectories system. You have to remove this company manually.'));
+ return;
+ }
+ }
+ // make sure config file is writable
+ if (!is_writeable($path_to_root . "/config_db.php"))
{
- display_error(_("Cannot remove company data directory ") . $cdir);
+ display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
return;
}
- for($i = $id+1; $i < count($db_connections); $i++) {
- if (!rename($comp_path.'/'.$i, $comp_path.'/'.($i-1))) {
+ // rename directory to temporary name to ensure all
+ // other subdirectories will have right owners even after
+ // unsuccessfull removal.
+ $cdir = company_path($id);
+ $tmpname = company_path('/old_'.$id);
+ if (!@rename($cdir, $tmpname)) {
+ display_error(_('Cannot rename subdirectory to temporary name.'));
+ return;
+ }
+ // 'shift' company directories names
+ for ($i = $id+1; $i < count($db_connections); $i++) {
+ if (!rename(company_path($i), company_path($i-1))) {
display_error(_("Cannot rename company subdirectory"));
return;
- }
+ }
}
$err = remove_connection($id);
if ($err == 0)
@@ -190,29 +218,37 @@ function handle_delete()
display_error(_("Cannot write to the configuration file - ") . $path_to_root . "/config_db.php");
else if ($error == -3)
display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
- if ($error != 0)
+ if ($error != 0) {
+ @rename($tmpname, $cdir);
return;
-
- meta_forward($_SERVER['PHP_SELF']);
+ }
+ // finally remove renamed company directory
+ @flush_dir($tmpname, true);
+ if (!@rmdir($tmpname))
+ {
+ display_error(_("Cannot remove temporary renamed company data directory ") . $tmpname);
+ return;
+ }
+ display_notification(_("Selected company has been deleted"));
}
//---------------------------------------------------------------------------------------------
function display_companies()
{
- global $table_style, $def_coy, $db_connections;
+ global $def_coy, $db_connections;
$coyno = $_SESSION["wa_current_user"]->company;
echo "
- ";
- start_table($table_style);
+ start_table(TABLESTYLE);
$th = array(_("Company"), _("Database Host"), _("Database User"),
_("Database Name"), _("Table Pref"), _("Default"), "", "");
@@ -246,42 +282,26 @@ function display_companies()
$delete = set_icon(ICON_DELETE, $delete);
}
label_cell("$edit");
+ $name = "\"".$conn[$i]['name']."\"";
label_cell( $i == $coyno ? '' :
- "$delete");
+ "$delete");
end_row();
}
end_table();
display_note(_("The marked company is the current company which cannot be deleted."), 0, 0, "class='currentfg'");
+ display_note(_("If no Admin Password is entered, the new Admin Password will be 'password' by default "), 1, 0, "class='currentfg'");
}
//---------------------------------------------------------------------------------------------
function display_company_edit($selected_id)
{
- global $def_coy, $db_connections, $tb_pref_counter, $table_style2;
+ global $def_coy, $db_connections, $tb_pref_counter;
- if ($selected_id != -1)
- $n = $selected_id;
- else
- $n = count($db_connections);
-
- start_form(true);
-
- echo "
- ";
+ start_form();
- start_table($table_style2);
+ start_table(TABLESTYLE2);
if ($selected_id != -1)
{
@@ -302,30 +322,42 @@ function display_company_edit($selected_id)
hidden('dbpassword', $_POST['dbpassword']);
}
else
+ {
$_POST['tbpref'] = $tb_pref_counter."_";
- text_row_ex(_("Company"), 'name', 30);
- text_row_ex(_("Host"), 'host', 30);
- text_row_ex(_("Database User"), 'dbuser', 30);
+ // Insert the current settings as default
+ $conn = $db_connections[user_company()];
+ $_POST['name'] = '';
+ $_POST['host'] = $conn['host'];
+ $_POST['dbuser'] = $conn['dbuser'];
+ $_POST['dbpassword'] = $conn['dbpassword'];
+ $_POST['dbname'] = $conn['dbname'];
+ }
+
+ text_row_ex(_("Company"), 'name', 50);
+
if ($selected_id == -1)
+ {
+ text_row_ex(_("Host"), 'host', 30, 60);
+ text_row_ex(_("Database User"), 'dbuser', 30);
text_row_ex(_("Database Password"), 'dbpassword', 30);
- text_row_ex(_("Database Name"), 'dbname', 30);
- if ($selected_id == -1)
+ text_row_ex(_("Database Name"), 'dbname', 30);
yesno_list_row(_("Table Pref"), 'tbpref', 1, $_POST['tbpref'], _("None"), false);
- else
+ } else {
+ label_row(_("Host"), $_POST['host']);
+ label_row(_("Database User"), $_POST['dbuser']);
+ label_row(_("Database Name"), $_POST['dbname']);
label_row(_("Table Pref"), $_POST['tbpref']);
+ }
yesno_list_row(_("Default"), 'def', null, "", "", false);
- start_row();
- label_cell(_("Database Script"));
- label_cell("");
- end_row();
-
- text_row_ex(_("New script Admin Password"), 'admpassword', 20);
-
- end_table();
- display_note(_("Choose from Database scripts in SQL folder. No Database is created without a script."), 0, 1);
- echo "";
+ if ($selected_id == -1)
+ {
+ coa_list_row(_("Database Script"), 'coa');
+ text_row_ex(_("New script Admin Password"), 'admpassword', 20);
+ }
+ end_table(1);
+ submit_center('save', _("Save"));
end_form();
}
@@ -333,21 +365,16 @@ function display_company_edit($selected_id)
//---------------------------------------------------------------------------------------------
-if (isset($_GET['c']) && $_GET['c'] == 'df')
-{
-
+if (isset($_GET['c']) && $_GET['c'] == 'df') {
handle_delete();
+ $selected_id = -1;
}
-if (isset($_GET['c']) && $_GET['c'] == 'u')
-{
+if (get_post('save')) {
if (handle_submit())
- {
- meta_forward($_SERVER['PHP_SELF']);
- }
+ $selected_id = -1;
}
-
//---------------------------------------------------------------------------------------------
display_companies();