X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=admin%2Fdb%2Fmaintenance_db.inc;h=ba4d089225e79ccdd2ae1ad6204c5f8ff89eed0d;hb=c34e563fae8003a637a485b4eaf634678b90c60f;hp=444ac100d2f3cc72b0f32f2827dab98578e9742f;hpb=c09be0dad6b05131e240349a375af7a4b7bf3444;p=fa-stable.git

diff --git a/admin/db/maintenance_db.inc b/admin/db/maintenance_db.inc
index 444ac100..ba4d0892 100644
--- a/admin/db/maintenance_db.inc
+++ b/admin/db/maintenance_db.inc
@@ -1,48 +1,97 @@
 <?php
+/**********************************************************************
+    Copyright (C) FrontAccounting, LLC.
+	Released under the terms of the GNU General Public License,
+	GPL, as published by the Free Software Foundation, either version 
+	3 of the License, or (at your option) any later version.
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
+    See the License here <http://www.gnu.org/licenses/gpl-3.0.html>.
+***********************************************************************/
+
+/**
+ * @return Returns the array sorted as required
+ * @param $aryData Array containing data to sort
+ * @param $strIndex name of column to use as an index
+ * @param $strSortBy Column to sort the array by
+ * @param $strSortType String containing either asc or desc [default to asc]
+ * @desc Naturally sorts an array using by the column $strSortBy
+ */
+define('EXPORT_MAX_INSERT', 50000);
+
+function array_natsort($aryData, $strIndex, $strSortBy, $strSortType=false)
+{
+   //    if the parameters are invalid
+   if (!is_array($aryData) || !$strSortBy)
+       //    return the array
+       return $aryData;
+
+   //    create our temporary arrays
+   $arySort = $aryResult = array();
+
+   //    loop through the array
+   foreach ($aryData as $key => $aryRow)
+       //    set up the value in the array
+       $arySort[$strIndex ? $aryRow[$strIndex] : $key] = $aryRow[$strSortBy];
+
+   //    apply the natural sort
+   natsort($arySort);
+
+   //    if the sort type is descending
+   if ($strSortType=="desc")
+       //    reverse the array
+       arsort($arySort);
+
+   //    loop through the sorted and original data
+		foreach ($arySort as $arySortKey => $arySorted)
+			if($strIndex) 
+			{
+				foreach ($aryData as $aryOriginal)
+				// if the key matches
+					if ($aryOriginal[$strIndex]==$arySortKey)
+						// add it to the output array
+						array_push($aryResult, $aryOriginal);
+			} else
+				$aryResult[$arySortKey] = $aryData[$arySortKey];
+   //    return the return
+   return $aryResult;
+}
+
+function update_admin_password($conn, $password)
+{
+	$sql = "UPDATE ".$conn['tbpref']."users SET password=".db_escape($password) . "
+		WHERE user_id='admin'";
+	db_query($sql, "could not update user password for 'admin'");
+}
 
 function write_config_db($new = false)
 {
 	global $path_to_root, $def_coy, $db_connections, $tb_pref_counter;
-	include_once($path_to_root . "/config_db.php");
 
 	if ($new)
 		$tb_pref_counter++;
-	$n = count($db_connections);
 	$msg = "<?php\n\n";
 	$msg .= "/*Connection Information for the database\n";
-	$msg .= "- \$def_coy is the default company that is pre-selected on login\n\n";
-	$msg .= "- host is the computer ip address or name where the database is the default is localhost assuming that the web server is also the sql server\n\n";
-	$msg .= "- user is the user name under which the database should be accessed - need to change to the mysql (or other DB) user set up for purpose\n";
-	$msg .= "  NB it is not secure to use root as the user with no password - a user with appropriate privileges must be set up\n\n";
-	$msg .= "- password is the password the user of the database requires to be sent to authorise the above database user\n\n";
-	$msg .= "- DatabaseName is the name of the database as defined in the RDMS being used. Typically RDMS allow many databases to be maintained under the same server.\n";
-	$msg .= "  The scripts for MySQL provided use the name logicworks */\n\n\n";
+	$msg .= "\$def_coy - the default company that is pre-selected on login\n\n";
+	$msg .= "'host' - the computer ip address or name where the database is. The default is 'localhost' assuming that the web server is also the sql server.\n\n";
+	$msg .= "'port' - the computer port where the database is. The default is '3306'. Set empty for default.\n\n";
+	$msg .= "'dbuser' - the user name under which the company database should be accessed.\n";
+	$msg .= "  NB it is not secure to use root as the dbuser with no password - a user with appropriate privileges must be set up.\n\n";
+	$msg .= "'dbpassword' - the password required for the dbuser to authorise the above database user.\n\n";
+	$msg .= "'dbname' - the name of the database as defined in the RDMS being used. Typically RDMS allow many databases to be maintained under the same server.\n";
+	$msg .= "'collation' - the character set used for the database.\n";
+	$msg .= "'tbpref' - prefix on table names, or '' if not used. Always use non-empty prefixes if multiply company use the same database.\n";
+	$msg .= "*/\n\n\n";
 
 	$msg .= "\$def_coy = " . $def_coy . ";\n\n";
 	$msg .= "\$tb_pref_counter = " . $tb_pref_counter . ";\n\n";
-	$msg .= "\$db_connections = array (\n";
-	$msg .= "\t0 => ";
-	for ($i = 0; $i < $n; $i++)
-	{
-		if ($i > 0)
-			$msg .= "\tarray ";
-		else
-			$msg .= "array ";
-		$msg .= "('name' => '" . $db_connections[$i]['name'] . "',\n";
-		$msg .= "\t\t'host' => '" . $db_connections[$i]['host'] . "',\n";
-		$msg .= "\t\t'dbuser' => '" . $db_connections[$i]['dbuser'] . "',\n";
-		$msg .= "\t\t'dbpassword' => '" . $db_connections[$i]['dbpassword'] . "',\n";
-		$msg .= "\t\t'dbname' => '" . $db_connections[$i]['dbname'] . "',\n";
-		$msg .= "\t\t'tbpref' => '" . $db_connections[$i]['tbpref'] . "')";
-		if ($i != $n - 1)
-			$msg .= ",";
-		$msg .= "\n\n";
-	}
-	$msg .= "\t);\n?>";
+	$msg .= "\$db_connections = " .var_export($db_connections, true);
+	$msg .= ";\n";
 
 	$filename = $path_to_root . "/config_db.php";
 	// Check if the file exists and is writable first.
-	if (file_exists($filename) && is_writable($filename))
+	if ((!file_exists($filename) && is_writable($path_to_root)) || is_writable($filename))
 	{
 		if (!$zp = fopen($filename, 'w'))
 		{
@@ -57,6 +106,7 @@ function write_config_db($new = false)
 			}
 			// Close file
 			fclose($zp);
+			cache_invalidate($filename);
 		}
 	}
 	else
@@ -66,126 +116,329 @@ function write_config_db($new = false)
 	return 0;
 }
 
-function db_create_db($connection)
+function write_extensions($extensions=null, $company = -1)
 {
-	$db = mysql_connect($connection["host"] ,
-		$connection["dbuser"], $connection["dbpassword"]);
-	if (!mysql_select_db($connection["dbname"], $db))
-	{
-		$sql = "CREATE DATABASE " . $connection["dbname"] . "";
-		if (!mysql_query($sql))
-			return 0;
-		mysql_select_db($connection["dbname"], $db);
+	global $path_to_root, $installed_extensions, $next_extension_id;
+
+	if (!isset($extensions)) {
+		$extensions = $installed_extensions;
+	}
+	if (!isset($next_extension_id)) {
+		$next_extension_id = 1;
 	}
-	return $db;
-}
 
-function db_drop_db($connection)
-{
-	if ($connection["tbpref"] == "")
+	$msg = "<?php\n\n";
+	if ($company == -1)
+		$msg .=
+"/* List of installed additional extensions. If extensions are added to the list manually
+	make sure they have unique and so far never used extension_ids as a keys,
+	and \$next_extension_id is also updated. More about format of this file yo will find in 
+	FA extension system documentation.
+*/
+\n\$next_extension_id = $next_extension_id; // unique id for next installed extension\n\n";
+	else 
+		$msg .=
+"/*
+	Do not edit this file manually. This copy of global file is overwritten
+	by extensions editor.
+*/\n\n";
+
+	$msg .= "\$installed_extensions = ". var_export($extensions, true);
+	$msg .= ";\n";
+	$filename = $path_to_root . ($company==-1 ? '' : '/company/'.$company)
+		.'/installed_extensions.php';
+
+	// Check if the file is writable first.
+	if (!$zp = @fopen($filename, 'w'))
 	{
-		$sql = "DROP DATABASE " . $connection["dbname"] . "";
-		return mysql_query($sql);
+		display_error(sprintf(_("Cannot open the extension setup file '%s' for writing."),
+			 $filename));
+		return false;
 	}
 	else
 	{
-    	$res = db_query("show table status");
-    	$all_tables = array();
-    	while($row = db_fetch($res))
-    		$all_tables[] = $row;
-        // get table structures
-		foreach ($all_tables as $table)
+		if (!fwrite($zp, $msg))
 		{
-			if (strpos($table['Name'], $connection["tbpref"]) === 0)
-				db_query("DROP TABLE `".$table['Name'] . "`");
+			display_error(sprintf(_("Cannot write to the extensions setup file '%s'."),
+				$filename));
+			fclose($zp);
+			return false;
 		}
-		//deleting the tables, how??
-		return true;
+		// Close file
+		fclose($zp);
+		cache_invalidate($filename);
+	}
+	return true;
+}
+//---------------------------------------------------------------------------------------------
+//
+// Update per-company list of installed extensions
+//
+function update_extensions($extensions) {
+	global $db_connections;
+	
+	if (!write_extensions($extensions)) {
+		display_notification(_("Cannot update system extensions list."));
+		return false;
 	}
+
+	// update per company files
+ 	$cnt = max(1, count_array($db_connections));
+	for($i = 0; $i < $cnt; $i++) 
+	{
+		$newexts = $extensions;
+		// update 'active' status 
+		$exts = get_company_extensions($i);
+		foreach ($exts as $key => $ext) 
+		{
+			if (isset($newexts[$key]))
+				$newexts[$key]['active'] = $exts[$key]['active'];
+		}
+		if(!write_extensions($newexts, $i)) 
+		{
+			display_notification(sprintf(_("Cannot update extensions list for company '%s'."),
+				$db_connections[$i]['name']));
+		 return false;
+		}
+	}
+	return true;
 }
 
-function db_import($filename, $connection)
+
+function write_lang()
 {
+	global $path_to_root, $installed_languages, $dflt_lang;
+
+	$installed_languages = array_natsort($installed_languages, 'code', 'code');
+	$msg = "<?php\n\n";
+
+	$msg .= "/* How to make new entries here for non-packaged languages:\n\n";
+	$msg .= "-- 'code' should match the name of the directory for the language under \\lang\n.";
+	$msg .= "-- 'name' is the name that will be displayed in the language selection list (in Users and Display Setup)\n";
+	$msg .= "-- 'rtl' only needs to be set for right-to-left languages like Arabic and Hebrew\n";
+	$msg .= "-- 'encoding' used in translation file\n";
+	$msg .= "-- 'version' always set to '' for manually installed languages.\n";
+	$msg .= "-- 'path' installation path related to FA root (e.g. 'lang/en_US').\n";
+	$msg .= "*/\n\n\n";
+
+	$msg .= "\$installed_languages = " . var_export($installed_languages, true);
+	$msg .= ";\n";
+	$msg .= "\n\$dflt_lang = '$dflt_lang';\n";
+
+	$path = $path_to_root . "/lang";
+	$filename = $path.'/installed_languages.inc';
+	// Check if directory exists and is writable first.
+	if (file_exists($path) && is_writable($path))
+	{
+		if (!$zp = fopen($filename, 'w'))
+		{
+			display_error(_("Cannot open the languages file - ") . $filename);
+			return false;
+		}
+		else
+		{
+			if (!fwrite($zp, $msg))
+			{
+				display_error(_("Cannot write to the language file - ") . $filename);
+				fclose($zp);
+				return false;
+			}
+			// Close file
+			fclose($zp);
+			cache_invalidate($filename);
+		}
+	}
+	else
+	{
+		display_error(_("The language files folder ") . $path . _(" is not writable. Change its permissions so it is, then re-run the operation."));
+		return false;
+	}
+	return true;
+}
+/*
+	Database import:
+		$filename - sql file name
+		$connection - database connection
+		$force - ignore duplicate errors
+		$init - presume $filename is initialization file with '0_' prefix
+		$protect - protect users/roles 
+		$return_errors - return errors instead of display them
+*/
+function db_import($filename, $connection, $force=true, $init=true, $protect=false, $return_errors=false)
+{
+	global $db, $SysPrefs;
+
+	$trail = $SysPrefs->sql_trail;
+	$SysPrefs->sql_trail = false;
+
+	$allowed_commands = array(
+		"create"  => 'table_queries', 
+		"delimiter" => 'table_queries',
+		"alter table" => 'table_queries', 
+		"insert" => 'data_queries', 
+		"update" => 'data_queries', 
+		"set names" => 'set_names',
+		"drop table if exists" => 'drop_queries',
+		"drop function if exists" => 'drop_queries',
+		"drop trigger if exists" => 'drop_queries',
+		"select" => 'data_queries', 
+		"delete" => 'data_queries',
+		"drop view if exists" => 'drop_queries',
+		"create view as" => 'data_queries'		//we should be able to create views after all tables have been created 
+		);
+
+	$protected = array(
+		'security_roles',
+		'users'
+	);
+
+	$ignored_mysql_errors = array( //errors ignored in normal (non forced) mode
+		'1022',	// duplicate key
+		'1050', // Table %s already exists
+		'1060', // duplicate column name
+		'1061', // duplicate key name
+		'1062', // duplicate key entry
+		'1091'  // can't drop key/column check if exists
+	);
+
+	$set_names = array();
 	$data_queries = array();
 	$drop_queries = array();
 	$table_queries = array();
+	$sql_errors = array();
+
+	$old_encoding = db_get_charset($db);
+
+	ini_set("max_execution_time", max("180", ini_get("max_execution_time")));
+	db_query("SET foreign_key_checks=0");
+	db_query("SET sql_mode=''");
+
+	if (isset($connection['collation']))
+		db_set_collation($db, $connection['collation']);
 
-	// uncrompress gziped backup files
-	if (strpos($filename, ".gzip") || strpos($filename, ".GZIP"))
-		$lines = db_ungzip("lines", $filename);
-	elseif (strpos($filename, ".zip") || strpos($filename, ".ZIP"))
+	$check_line_len = false;
+
+	// uncompress gziped backup files
+	if (strpos($filename, ".gz") || strpos($filename, ".GZ"))
+	{	$lines = db_ungzip("lines", $filename);
+		$check_line_len = true;
+	} elseif (strpos($filename, ".zip") || strpos($filename, ".ZIP"))
 		$lines = db_unzip("lines", $filename);
 	else
 		$lines = file("". $filename);
 
-	// divide insert and create sql queries
-	// $table is set to TRUE if the next line belongs to a create sql query
-	$table = false;
-	foreach($lines as $line)
+	// parse input file
+	$query_table = '';
+	$delimiter = ';';
+
+	foreach($lines as $line_no => $line)
 	{
-		$line = trim($line);
+		$gzfile_bug = $check_line_len && (strlen($line) == 8190); // there is a bug in php (at least 4.1.1-5.5.9) gzfile which limits line length to 8190 bytes!
 
-		$line = str_replace("0_", $connection["tbpref"], $line);
-		// $line = str_replace("Y_", "0_", $line);
-		// the last line did not belong to a 'create' sql query
-		if (!$table)
-		{
+		$line = trim($line);
+		if ($init)
+			$line = str_replace("0_", $connection["tbpref"], $line);
 
-			// this line does not, too
-			if (strtolower(substr($line,0,6)) == "insert")
+		if ($query_table == '') 
+		{	// check if line begins with one of allowed queries
+		 	foreach($allowed_commands as $cmd => $table) 
 			{
-				$data_queries[] = substr($line, 0, strlen($line) - 1);
-
-			// this line does not, too
-			}
-			elseif (strtolower(substr($line,0,6)) == "update")
+				if (strtolower(substr($line, 0, strlen($cmd))) == $cmd) 
+				{
+					if ($cmd == 'delimiter') {
+						$delimiter = trim(substr($line, 10));
+						continue 2;
+					}
+					$query_table = $table;
+					$skip = false;
+					if ($protect)
+					{
+						foreach($protected as $protbl)
+							if (strpos($line, $connection["tbpref"].$protbl) !== false)
+							{
+								$skip = true; break;
+							}
+					}
+					if (!$skip)
+						${$query_table}[] = array('', $line_no+1);
+					break;
+				}
+		 	}
+		 }
+		 if($query_table != '')  // inside allowed query
+		 {
+		 	$table = $query_table;
+			if (!$gzfile_bug && substr($line, -strlen($delimiter)) == $delimiter) // end of query found 
 			{
-				$data_queries[] = substr($line, 0, strlen($line) - 1);
-
-			// this line does not, too
+				$line = substr($line, 0, strlen($line) - strlen($delimiter)); // strip delimiter
+				$query_table = '';
 			}
-			elseif (strtolower(substr($line, 0, 20)) == "drop table if exists")
-			{
-				$drop_queries[] = substr($line, 0, strlen($line) - 1);
+			if (!$skip)
+				${$table}[count(${$table}) - 1][0] .= $line . "\n";
+		}
 
-			// this line does!
-			}
-			elseif (strtolower(substr($line, 0, 6)) == "create")
-			{
-				$table = true;
-				$table_queries[] = $line . "\n";
-			}
-			elseif (strtolower(substr($line, 0, 11)) == "alter table")
+	}
+
+	//
+	// 'set names' or equivalents should be used only on post 2.3 FA versions
+	// otherwise text encoding can be broken during import
+	//
+	$encoding = null; // UI encoding for default site language is the default
+	$new_db = $init || db_fixed();
+	$new_file = count($set_names);
+	if ($new_db)
+	{
+		if ($new_file)
+		{
+			if (count($set_names)) // standard db restore
 			{
-				$data_queries[] = substr($line, 0, strlen($line) - 1);
+				if (preg_match('/set\s*names\s*[\']?(\w*)[\']?/i', $set_names[0][0], $match))
+					$encoding = $match[1];
 			}
-
-		// the current line belongs to a create sql query
+			// otherwise use default site ui encoding
 		}
-		else
+	}
+	else
+	{
+		if ($new_file) // import on old db is forbidden: this would destroy db content unless latin1 was used before in UI
 		{
-
-			// create sql query ending in this line
-			if (strtolower(substr($line, 0, 1)) == ")") {
-				$table = false;
-				$line = substr($line,0,strlen($line)-1);
-		  }
-			$table_queries[count($table_queries) - 1] .= $line . "\n";
+			$msg = _("This is new format backup file which cannot be restored on database not migrated to utf8.");
+			if ($return_errors)
+				return $msg;
+			else
+				display_error($msg);
+			return false;
 		}
+		 else	// backup restore during upgrade failure
+			$encoding = 'latin1'; // standard encoding on mysql client
 	}
 
-	$sql_error = false;
+	db_set_charset($db, $encoding);
 
+/*/	{ 	// for debugging purposes
+	global $path_to_root;
+	$f = fopen($path_to_root.'/tmp/dbimport.txt', 'w+');
+	fwrite($f, print_r($set_names,true) ."\n");
+	fwrite($f, print_r($drop_queries,true) ."\n");
+	fwrite($f, print_r($table_queries,true) ."\n");
+	fwrite($f, print_r($data_queries,true));
+	fclose($f);
+	}
+/*/
+	if ($return_errors)
+	{	// prevent errors display
+		$save_debug = $SysPrefs->go_debug;
+		$SysPrefs->go_debug = 0;
+	}
 	// execute drop tables if exists queries
 	if (is_array($drop_queries))
 	{
 		foreach($drop_queries as $drop_query)
 		{
-			$sql_error = false;
-			if (!db_query($drop_query))
+			if (!db_query($drop_query[0]))
 			{
-				$sql_error = true;
-				//if ($CONF['import_error']) echo nl2br($drop_query)."\n<div class=\"bold_left\">".mysql_error()."</div><br>\n";
+				if (!in_array(db_error_no(), $ignored_mysql_errors) || !$force)
+					$sql_errors[] = array(db_error_msg($db), $drop_query[1]);
 			}
 		}
 	}
@@ -195,11 +448,11 @@ function db_import($filename, $connection)
 	{
 		foreach($table_queries as $table_query)
 		{
-			$sql_error = false;
-			if (!db_query($table_query))
-			{
-				$sql_error = true;
-				//if ($CONF['import_error']) echo nl2br($table_query)."\n<div class=\"bold_left\">".mysql_error()."</div><br>\n";
+			if (!db_query($table_query[0]))
+			{	
+				if (!in_array(db_error_no(), $ignored_mysql_errors) || !$force) {
+					$sql_errors[] = array(db_error_msg($db), $table_query[1]);
+				}
 			}
 		}
 	}
@@ -209,25 +462,35 @@ function db_import($filename, $connection)
 	{
 		foreach($data_queries as $data_query)
 		{
-			$sql_error = false;
-			if (!db_query($data_query))
+			if (!db_query($data_query[0]))
 			{
-				//if ($CONF['import_error']) echo $data_query."\n<div class=\"bold_left\">".mysql_error()."</div><br>\n";
-				$sql_error = true;
-				return false;
+				if (!in_array(db_error_no(),$ignored_mysql_errors) || !$force)
+					$sql_errors[] = array(db_error_msg($db), $data_query[1]);
 			}
 		}
 	}
 
-	// show number successful executed querys or if an error did occur
-	if ($sql_error == 1)
+	if ($return_errors)
+		$SysPrefs->go_debug = $save_debug;
+
+	$SysPrefs->sql_trail = $trail;
+
+	db_query("SET foreign_key_checks=1");
+	if ($delimiter != ';') db_query("delimiter ;"); // just for any case
+
+	db_set_charset($db, $old_encoding); // restore connection encoding
+
+	if (count($sql_errors)) {
+		if ($return_errors)
+			return $sql_errors;
+
+		// display first failure message; the rest are probably derivative 
+		$err = $sql_errors[0];
+		display_error(sprintf(_("SQL script execution failed in line %d: %s"),
+			$err[1], $err[0]));
 		return false;
-		//echo "<div class=\"red\">".IM_ERROR.".</div>\n";
-	else
+	} else
 		return true;
-		//echo "<div class=\"green\">".IM_SUCCESS." ".count($table_queries)." ".IM_TABLES." ".count($data_queries)." ".IM_ROWS." (".$import_file.")</div>\n";
-	//$shell_command = C_MYSQL_PATH . " -h $host -u $user -p{$password} $dbname < $filename";
-	//shell_exec($shell_command);
 }
 
 // returns the content of the gziped $path backup file. use of $mode see below
@@ -248,30 +511,28 @@ function db_unzip($mode, $path)
     $all = implode("", file($path));
 
     // convert path to name of ziped file
-    $filename = ereg_replace(".*/", "", $path);
+    $filename = preg_replace("/.*\//", "", $path);
     $filename = substr($filename, 0, strlen($filename) - 4);
 
     // compare filname in zip and filename from $_GET
-    if (substr($all, 30, strlen($filename)) != $filename)
-    {
-		return '';
-        // exit if names differ
-        //echo F_WRONG_FILE.".";
-        //exit;
+    if (substr($all, 30, strlen($filename)-4) . substr($all, 30+strlen($filename)+9, 4)
+	  != $filename) {
+		return '';     // exit if names differ
     }
     else
     {
     	// get the suffix of the filename in hex
-        $crc_bugfix = substr(substr($filename, 0, strlen($filename) - 4), strlen($filename) - 12 - 4);
+		$crc_bugfix = substr($all, 30, strlen($filename)+13);
+        $crc_bugfix = substr(substr($crc_bugfix, 0, strlen($crc_bugfix) - 4), 
+				strlen($crc_bugfix) - 12 - 4);
         $suffix = false;
-
         // convert hex to ascii
         for ($i=0; $i < 12; )
         	$suffix .= chr($crc_bugfix[$i++] . $crc_bugfix[$i++] . $crc_bugfix[$i++]);
 
         // remove central directory information (we have always just one ziped file)
-        $comp = substr($all, -(strlen($all) - 30 - strlen($filename)));
-        $comp = substr($comp, 0, (strlen($comp) - 80 - strlen($filename)));
+        $comp = substr($all, -(strlen($all) - 30 - strlen($filename)-13));
+        $comp = substr($comp, 0, (strlen($comp) - 80 - strlen($filename)-13));
 
         // fix the crc bugfix (see function save_to_file)
         $comp = "xœ" . $comp . $suffix;
@@ -285,21 +546,28 @@ function db_unzip($mode, $path)
     	return explode("\n", $file_data);
 }
 
-// generates a dump of $db database
-// $drop and $zip tell if to include the drop table statement or dry to pack
+function db_backup($conn, $ext='no', $comm='', $path='')
+{
+	if ($conn['tbpref'] != "")
+		$filename = $conn['dbname'] . "_" . $conn['tbpref'] . date("Ymd_Hi") . ".sql";
+	else
+		$filename = $conn['dbname'] . "_" . date("Ymd_Hi") . ".sql";
+
+	return db_export($conn, $path . clean_file_name($filename), $ext, $comm);
+}
+// Generates a dump of $db database
+//
 function db_export($conn, $filename, $zip='no', $comment='')
 {
 
-	global $app_title, $version, $power_url, $path_to_root;
+	global $SysPrefs, $version;
 
     $error = false;
-
     // set max string size before writing to file
     $max_size = 1048576 * 2; // 2 MB
     // changes max size if value can be retrieved
     if (ini_get("memory_limit"))
-    	$max_size = 900000 * ini_get("memory_limit");
-
+    	$max_size = 1048576 * (int)ini_get("memory_limit");
     // set backupfile name
     if ($zip == "gzip")
     	$backupfile = $filename . ".gz";
@@ -307,14 +575,19 @@ function db_export($conn, $filename, $zip='no', $comment='')
     	$backupfile = $filename . ".zip";
     else
     	$backupfile = $filename;
-    $company = get_company_pref('coy_name');
+    $company = $conn['name']; // get_company_pref('coy_name');
+
+	if (file_exists($backupfile))	// prevent appends
+		unlink($backupfile);
+
     //create comment
     $out="# MySQL dump of database '".$conn["dbname"]."' on host '".$conn["host"]."'\n";
     $out.="# Backup Date and Time: ".date("Y-m-d H:i")."\n";
-    $out.="# Built by " . $app_title . " " . $version ."\n";
-    $out.="# ".$power_url."\n";
-    $out.="# Company: ".$company."\n";
+    $out.="# Built by " . $SysPrefs->app_title . " " . $version ."\n";
+    $out.="# ".$SysPrefs->power_url."\n";
+    $out.="# Company: ". @html_entity_decode($company, ENT_QUOTES, $_SESSION['language']->encoding)."\n";
     $out.="# User: ".$_SESSION["wa_current_user"]->name."\n\n";
+    $out.="# Compatibility: ".get_company_pref('version_id')."\n\n";
 
 	// write users comment
 	if ($comment)
@@ -327,16 +600,19 @@ function db_export($conn, $filename, $zip='no', $comment='')
 		$out.="\n";
 	}
 
-    //$out.="use ".$db.";\n"; we don't use this option.
-
+	if (db_fixed())
+	{
+		db_set_encoding();
+		if ($mysql_enc = get_mysql_encoding_name($_SESSION['language']->encoding))
+			$out .= "\nSET NAMES $mysql_enc;\n";
+	}
     // get auto_increment values and names of all tables
     $res = db_query("show table status");
     $all_tables = array();
     while($row = db_fetch($res))
     {
-		//if ($conn["tbpref"] == "" || strpos($row['Name'], $conn["tbpref"]) !== false) replaced
 		if (($conn["tbpref"] == "" && !preg_match('/[0-9]+_/', $row['Name'])) ||
-			($conn["tbpref"] != "" && strpos($row['Name'], $conn["tbpref"]) !== false))
+			($conn["tbpref"] != "" && strpos($row['Name'], $conn["tbpref"]) === 0))
     		$all_tables[] = $row;
     }
         // get table structures
@@ -369,79 +645,121 @@ function db_export($conn, $filename, $zip='no', $comment='')
 	// as long as no error occurred
 	if (!$error)
 	{
-		//while($row=@mysql_fetch_array($res))
 		foreach ($all_tables as $row)
 		{
-			$tablename = $row['Name'];
-			$auto_incr[$tablename] = $row['Auto_increment'];
-
-			$out.="\n\n";
-			// export tables
-			$out.="### Structure of table `".$tablename."` ###\n\n";
-
-			$out.="DROP TABLE IF EXISTS `".$tablename."`;\n\n";
-			$out.=$table_sql[$tablename];
-
-			// add auto_increment value
-			if ($auto_incr[$tablename])
-				$out.=" AUTO_INCREMENT=".$auto_incr[$tablename];
-			$out.=" ;";
-			$out.="\n\n\n";
-
-			// export data
-			if (!$error)
-			{
-				$out.="### Data of table `".$tablename."` ###\n\n";
-
-				// check if field types are NULL or NOT NULL
-				$res3 = db_query("SHOW COLUMNS FROM `" . $tablename . "`");
-
-				$field_type = array();
-				for ($j = 0; $j < db_num_rows($res3); $j++)
-				{
-					$row3 = db_fetch($res3);
-					$field_type[] = $row3[2];
-				}
-
-				$res2 = db_query("SELECT * FROM `" . $tablename . "`");
-				for ($j = 0; $j < db_num_rows($res2); $j++)
+			if (!empty($row['Engine'])) {	//don't export views like tables
+				$tablename = $row['Name'];
+				$auto_incr[$tablename] = $row['Auto_increment'];
+	
+				$out.="\n\n";
+				// export tables
+				$out.="### Structure of table `".$tablename."` ###\n\n";
+	
+				$out.="DROP TABLE IF EXISTS `".$tablename."`;\n\n";
+				$out.=$table_sql[$tablename];
+	
+				$out.=" ;";
+				$out.="\n\n";
+	
+				// export data
+				if (!$error)
 				{
-					$out .= "INSERT INTO `" . $tablename . "` VALUES (";
-					$row2 = db_fetch_row($res2);
-					// run through each field
-					for ($k = 0; $k < $nf = db_num_fields($res2); $k++)
+					$out.="### Data of table `".$tablename."` ###\n";
+	
+					// check if field types are NULL or NOT NULL
+					$res3 = db_query("SHOW COLUMNS FROM `" . $tablename . "`");
+	
+					$field_null = array();
+					for ($j = 0; $j < db_num_rows($res3); $j++)
 					{
-						$out .= db_escape($row2[$k]);
-						if ($k < ($nf - 1))
-							$out .= ", ";
+						$row3 = db_fetch($res3);
+						$field_null[] = $row3[2]=='YES' && $row3[4]===null;
 					}
-					$out .= ");\n";
-
-					// if saving is successful, then empty $out, else set error flag
-					if (strlen($out) > $max_size && $zip != "zip")
+	
+					$res2 = db_query("SELECT * FROM `" . $tablename . "`");
+					$maxinsert = 0;
+					$insert = '';
+					for ($j = 0; $j < db_num_rows($res2); $j++)
 					{
-						if (save_to_file($backupfile, $zip, $out))
-							$out = "";
-						else
-							$error = true;
+						$row2 = db_fetch_row($res2);
+						$values = '(';
+						for ($k = 0; $k < $nf = db_num_fields($res2); $k++)
+						{
+							$values .= db_escape($row2[$k], $field_null[$k]);
+							if ($k < ($nf - 1))
+								$values .= ', ';
+						}
+						$values .= ')';
+						$len = strlen($values);
+						if ($maxinsert < $len+1)
+						{
+							$maxinsert = EXPORT_MAX_INSERT;
+							if ($insert)
+							{
+								$out .= $insert .';'; // flush insert query
+								$insert = '';
+							}
+						}
+	
+						if ($insert == '')
+						{
+							$insert = "\nINSERT INTO `" . $tablename . "` VALUES\n";
+							$maxinsert -= strlen($insert);
+						} else {
+							$insert .= ",\n";
+						}
+	
+						$maxinsert -= $len;
+						$insert .= $values;
+	
+						// if saving is successful, then empty $out, else set error flag
+						if (strlen($out) > $max_size && $zip != "zip")
+						{
+							if (save_to_file($backupfile, $zip, $out))
+								$out = "";
+							else
+								$error = true;
+						}
 					}
+					if ($insert)
+						$out .= $insert. ';';
+				// an error occurred! Try to delete file and return error status
+				}
+				elseif ($error)
+				{
+					@unlink($backupfile);
+					return false;
+				}
+	
+				// if saving is successful, then empty $out, else set error flag
+				if (strlen($out) > $max_size && $zip != "zip")
+				{
+					if (save_to_file($backupfile, $zip, $out))
+						$out= "";
+					else
+						$error = true;
+				}
+			}	//end if Engine set (not a view)
+		}
+		//process views last so all tables have been created before views are created
+		foreach ($all_tables as $row)
+		{
+			if (empty($row['Engine'])) {
+				$viewname = $row['Name'];
+				$out .= "\n\nDROP VIEW IF EXISTS `".$viewname."`;\n";
+				//db_get_view_schema() is in /includes/db/connect_db_mysqli.inc because it is mysql specific
+				if (NULL !== ($schema = db_get_view_schema($viewname)))
+				{
+					$out .= "CREATE VIEW `".$viewname."` AS ".$schema.";\n\n";
+					if (!save_to_file($backupfile, $zip, $out)) $error = true;
+					else $out = "";
+				}
+				else $error = true;
+				
+				if ($error) {
+					@unlink($backupfile);
+					return false;
 				}
-
-			// an error occurred! Try to delete file and return error status
-			}
-			elseif ($error)
-			{
-				@unlink(BACKUP_PATH . $backupfile);
-				return false;
-			}
-
-			// if saving is successful, then empty $out, else set error flag
-			if (strlen($out) > $max_size && $zip != "zip")
-			{
-				if (save_to_file($backupfile, $zip, $out))
-					$out= "";
-				else
-					$error = true;
 			}
 		}
 
@@ -449,22 +767,17 @@ function db_export($conn, $filename, $zip='no', $comment='')
 	}
 	else
 	{
-		@unlink(BACKUP_PATH . $backupfile);
+		@unlink($backupfile);
 		return false;
 	}
 
-	// if (mysql_error()) return "DB_ERROR";
-	//@mysql_close($con);
-
-	//if ($zip == "zip")
-	//	$zip = $time;
 	if (save_to_file($backupfile, $zip, $out))
 	{
 		$out = "";
 	}
 	else
 	{
-		@unlink(BACKUP_PATH . $backupfile);
+		@unlink($backupfile);
 		return false;
 	}
     return $backupfile;
@@ -521,13 +834,14 @@ function order_sql_tables($tables, $fks)
 
 // saves the string in $fileData to the file $backupfile as gz file or not ($zip)
 // returns backup file name if name has changed (zip), else TRUE. If saving failed, return value is FALSE
-function save_to_file($backupfile, $zip, $fileData)
+function save_to_file($path, $zip, $fileData)
 {
-	global $path_to_root;
+
+	$backupfile = basename($path);
 
     if ($zip == "gzip")
     {
-        if ($zp = @gzopen(BACKUP_PATH . $backupfile, "a9"))
+        if ($zp = @gzopen($path, "a9"))
         {
 			@gzwrite($zp, $fileData);
 			@gzclose($zp);
@@ -553,20 +867,21 @@ function save_to_file($backupfile, $zip, $fileData)
         $crc = crc32($fileData);
         $zdata = gzcompress($fileData);
 
-        // string needed for decoding (because of crc bug)
-        //$name_suffix = substr($zdata, -4, 4);
-        //$name_suffix2 = "_";
-        //for ($i = 0; $i < 4; $i++)
-        //	$name_suffix2 .= sprintf("%03d", ord($name_suffix[$i]));
-        //$backupfile = substr($backupfile, 0, strlen($backupfile) - 8) . $name_suffix2 . ".sql.zip";
-        $name = substr($backupfile, 0, strlen($backupfile) -4);
+		// extend stored file name with suffix
+        // needed for decoding (because of crc bug)
+        $name_suffix = substr($zdata, -4, 4);
+        $name_suffix2 = "_";
+        for ($i = 0; $i < 4; $i++)
+        	$name_suffix2 .= sprintf("%03d", ord($name_suffix[$i]));
+
+      	$name = substr($backupfile, 0, strlen($backupfile) - 8) . $name_suffix2 . ".sql";
 
         // fix crc bug
         $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
         $c_len = strlen($zdata);
 
         // dos time
-        $timearray = getdate($zip);
+        $timearray = getdate();
         $dostime = (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
             ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
         $dtime = dechex($dostime);
@@ -603,7 +918,7 @@ function save_to_file($backupfile, $zip, $fileData)
         // total # of entries "on this disk", total # of entries overall, size of central dir, offset to start of central dir, .zip file comment length
         $fileData .= pack('v', 1) . pack('v', 1) . pack('V', strlen($cdrec)) . pack('V', strlen($fr)) . "\x00\x00";
 
-        if ($zp = @fopen(BACKUP_PATH . $backupfile, "a"))
+        if ($zp = @fopen($path, "w"))
         {
 			@fwrite($zp, $fileData);
 			@fclose($zp);
@@ -618,7 +933,7 @@ function save_to_file($backupfile, $zip, $fileData)
     }
     else
     {
-        if ($zp = @fopen(BACKUP_PATH . $backupfile, "a"))
+        if ($zp = @fopen($path, "a"))
         {
 			@fwrite($zp, $fileData);
 			@fclose($zp);
@@ -631,5 +946,78 @@ function save_to_file($backupfile, $zip, $fileData)
     }
 }
 
+function create_comp_dirs($comp_path, $comp_subdirs)
+{
+		$index = "<?php\nheader(\"Location: ../index.php\");\n";
+	    $cdir = $comp_path;
+	    @mkdir($cdir);
+		$f = @fopen("$cdir/index.php", "wb");
+		@fwrite($f, $index);
+		@fclose($f);
+
+	    foreach($comp_subdirs as $dir)
+	    {
+			@mkdir($cdir.'/'.$dir);
+			$f = @fopen("$cdir/$dir/index.php", "wb");
+			@fwrite($f, $index);
+			@fclose($f);
+	    }
+}
+
+//
+//	Checks $field existence in $table with given field $properties
+//	$table - table name without prefix
+//  $field -  optional field name
+//  $properties - optional properties of field defined by MySQL:
+//		'Type', 'Null', 'Key', 'Default', 'Extra'
+//
+function check_table($pref, $table, $field=null, $properties=null)
+{
+	$tables = @db_query("SHOW TABLES LIKE '".$pref.$table."'");
+	if (!db_num_rows($tables))
+		return 1;		// no such table or error
+
+	$fields = @db_query("SHOW COLUMNS FROM ".$pref.$table);
+	if (!isset($field)) 
+		return 0;		// table exists
+
+	while( $row = db_fetch_assoc($fields)) 
+	{
+		if ($row['Field'] == $field) 
+		{
+			if (!isset($properties)) 
+				return 0;
+			foreach($properties as $property => $value) 
+			{
+				if ($row[$property] != $value) 
+					return 3;	// failed type/length check
+			}
+			return 0; // property check ok.
+		}
+	}
+	return 2; // field not found
+}
+
+/*
+	Update or create setting in simple php config file.
+*/
+function update_config_var($file, $variable, $value, $comment='')
+{
+	if (!is_file($file) || !is_writeable($file))
+		return false;
+	$content = file_get_contents($file);
+	$strvalue = '$'."$variable = ".var_export($value, true).';';
+	$pattern = '/'.preg_quote('$'.$variable).'\s*=\s*[^;]*;/m';
+	$content = preg_replace($pattern, $strvalue, $content, -1, $result);
+	if (!$result)
+	{
+		$strvalue = ($comment ? "// $comment" : '') ."\n$strvalue\n";
+		$content = preg_replace('/\?>\s*/m', $strvalue, $content, -1, $result);
+		if (!$result)
+			$content .= $strvalue;
+	}
+
+	return file_put_contents($file, $content)!=false;
+}
+
 
-?>
\ No newline at end of file