admin/create_coy.php

   1 <?php
   2
   3 $page_security = 15;
   4 $path_to_root="..";
   5 include_once($path_to_root . "/includes/session.inc");
   6
   7 include_once($path_to_root . "/includes/date_functions.inc");
   8 include_once($path_to_root . "/admin/db/company_db.inc");
   9 include_once($path_to_root . "/admin/db/maintenance_db.inc");
  10 include_once($path_to_root . "/includes/ui.inc");
  11
  12 page(_("Create/Update Company"));
  13
  14 $comp_subdirs = array('images', 'pdf_files', 'backup','js_cache', 'reporting');
  15
  16 //---------------------------------------------------------------------------------------------
  17
  18 if (isset($_GET['selected_id']))
  19 {
  20         $selected_id = $_GET['selected_id'];
  21 }
  22 elseif (isset($_POST['selected_id']))
  23 {
  24         $selected_id = $_POST['selected_id'];
  25 }
  26 else
  27         $selected_id = -1;
  28
  29 //---------------------------------------------------------------------------------------------
  30
  31 function check_data()
  32 {
  33         global $db_connections, $tb_pref_counter;
  34
  35         foreach($db_connections as $id=>$con) {
  36           if ($_POST['host'] == $con['host'] && $_POST['dbname'] == $con['dbname']) {
  37                 if ($_POST['tbpref'] == $con['tbpref']) {
  38                         display_error(_("This database settings are already used by another company."));
  39                         return false;
  40                 }
  41                 if ($_POST['tbpref'] == 0 || $con['tbpref'] == '') {
  42                         display_error(_("You cannot have table set without prefix together with prefixed sets in the same database."));
  43                         return false;
  44                 }
  45           }
  46         }
  47           return true;
  48 }
  49
  50 //---------------------------------------------------------------------------------------------
  51
  52 function remove_connection($id) {
  53         global $db_connections;
  54
  55         $dbase = $db_connections[$id]['dbname'];
  56         $err = db_drop_db($db_connections[$id]);
  57
  58         unset($db_connections[$id]);
  59         $conn = array_values($db_connections);
  60         $db_connections = $conn;
  61         //$$db_connections = array_values($db_connections);
  62     return $err;
  63 }
  64 //---------------------------------------------------------------------------------------------
  65
  66 function handle_submit()
  67 {
  68         global $db_connections, $def_coy, $tb_pref_counter, $db,
  69             $comp_path, $comp_subdirs;
  70
  71         $new = false;
  72
  73         if (!check_data())
  74                 return false;
  75
  76         $id = $_GET['id'];
  77
  78         $db_connections[$id]['name'] = $_POST['name'];
  79         $db_connections[$id]['host'] = $_POST['host'];
  80         $db_connections[$id]['dbuser'] = $_POST['dbuser'];
  81         $db_connections[$id]['dbpassword'] = $_POST['dbpassword'];
  82         $db_connections[$id]['dbname'] = $_POST['dbname'];
  83         if (isset($_GET['ul']) && $_GET['ul'] == 1)
  84         {
  85                 if (is_numeric($_POST['tbpref']))
  86                 {
  87                         $db_connections[$id]['tbpref'] = $_POST['tbpref'] == 1 ?
  88                           $tb_pref_counter."_" : '';
  89                         $new = true;
  90                 }
  91                 else if ($_POST['tbpref'] != "")
  92                         $db_connections[$id]['tbpref'] = $_POST['tbpref'];
  93                 else
  94                         $db_connections[$id]['tbpref'] = "";
  95         }
  96         if ((bool)$_POST['def'] == true)
  97                 $def_coy = $id;
  98         if (isset($_GET['ul']) && $_GET['ul'] == 1)
  99         {
 100                 $conn = $db_connections[$id];
 101                 if (($db = db_create_db($conn)) == 0)
 102                 {
 103                         display_error(_("Error creating Database: ") . $conn['dbname'] . _(", Please create it manually"));
 104                         remove_connection($id);
 105                         set_global_connection();
 106                         return false;
 107                 }
 108
 109                 $filename = $_FILES['uploadfile']['tmp_name'];
 110                 if (is_uploaded_file ($filename))
 111                 {
 112                         db_import($filename, $conn, $id);
 113                         if (isset($_POST['admpassword']) && $_POST['admpassword'] != "")
 114                                 db_query("UPDATE ".$conn['tbpref']."users set password = '".md5($_POST['admpassword']). "' WHERE user_id = 'admin'");
 115                 }
 116                 else
 117                 {
 118                         display_error(_("Error uploading Database Script, please upload it manually"));
 119                         set_global_connection();
 120                         return false;
 121                 }
 122                 set_global_connection();
 123         }
 124         $error = write_config_db($new);
 125         if ($error == -1)
 126                 display_error(_("Cannot open the configuration file - ") . $path_to_root . "/config_db.php");
 127         else if ($error == -2)
 128                 display_error(_("Cannot write to the configuration file - ") . $path_to_root . "/config_db.php");
 129         else if ($error == -3)
 130                 display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
 131         if ($error != 0)
 132         {
 133                 return false;
 134         }
 135         $index = "<?php\nheader(\"Location: ../../index.php\");\n?>";
 136
 137         if ($new)
 138         {
 139             $cdir = $comp_path.'/'.$id;
 140             @mkdir($cdir);
 141             save_to_file($cdir.'/'.'index.php', 0, $index);
 142
 143             foreach($comp_subdirs as $dir)
 144             {
 145                         @mkdir($cdir.'/'.$dir);
 146                         save_to_file($cdir.'/'.$dir.'/'.'index.php', 0, $index);
 147             }
 148         }
 149         return true;
 150 }
 151
 152 //---------------------------------------------------------------------------------------------
 153
 154 function handle_delete()
 155 {
 156         global $comp_path, $def_coy, $db_connections, $comp_subdirs;
 157
 158         $id = $_GET['id'];
 159
 160         $err = remove_connection($id);
 161         if ($err == 0)
 162                 display_error(_("Error removing Database: ") . $dbase . _(", please remove it manuallly"));
 163
 164         if ($def_coy == $id)
 165                 $def_coy = 0;
 166         $error = write_config_db();
 167         if ($error == -1)
 168                 display_error(_("Cannot open the configuration file - ") . $path_to_root . "/config_db.php");
 169         else if ($error == -2)
 170                 display_error(_("Cannot write to the configuration file - ") . $path_to_root . "/config_db.php");
 171         else if ($error == -3)
 172                 display_error(_("The configuration file ") . $path_to_root . "/config_db.php" . _(" is not writable. Change its permissions so it is, then re-run the operation."));
 173         if ($error != 0)
 174                 return;
 175
 176         $cdir = $comp_path.'/'.$id;
 177         flush_dir($cdir);
 178         if (!rmdir($cdir))
 179         {
 180                 display_error(_("Cannot remove company data directory ") . $cdir);
 181                 return;
 182         }
 183
 184         meta_forward($_SERVER['PHP_SELF']);
 185 }
 186
 187 //---------------------------------------------------------------------------------------------
 188
 189 function display_companies()
 190 {
 191         global $table_style, $def_coy, $db_connections;
 192
 193         $coyno = $_SESSION["wa_current_user"]->company;
 194
 195         echo "
 196                 <script language='javascript'>
 197                 function deleteCompany(id) {
 198                         if (!confirm('" . _("Are you sure you want to delete company no. ") . "'+id))
 199                                 return
 200                         document.location.replace('create_coy.php?c=df&id='+id)
 201                 }
 202                 </script>";
 203         start_table($table_style);
 204
 205         $th = array(_("Company"), _("Database Host"), _("Database User"),
 206                 _("Database Name"), _("Table Pref"), _("Default"), "", "");
 207         table_header($th);
 208
 209         $k=0;
 210         $conn = $db_connections;
 211         $n = count($conn);
 212         for ($i = 0; $i < $n; $i++)
 213         {
 214                 if ($i == $def_coy)
 215                         $what = _("Yes");
 216                 else
 217                         $what = _("No");
 218                 if ($i == $coyno)
 219                 start_row("class='stockmankobg'");
 220         else
 221                 alt_table_row_color($k);
 222
 223                 label_cell($conn[$i]['name']);
 224                 label_cell($conn[$i]['host']);
 225                 label_cell($conn[$i]['dbuser']);
 226                 label_cell($conn[$i]['dbname']);
 227                 label_cell($conn[$i]['tbpref']);
 228                 label_cell($what);
 229                 label_cell("<a href=" . $_SERVER['PHP_SELF']. "?selected_id=" . $i . ">" . _("Edit") . "</a>");
 230                 if ($i != $coyno)
 231                         label_cell("<a href='javascript:deleteCompany(" . $i . ")'>" . _("Delete") . "</a>");
 232                 end_row();
 233         }
 234
 235         end_table();
 236     display_note(_("The marked company is the current company which cannot be deleted."), 0, 0, "class='currentfg'");
 237 }
 238
 239 //---------------------------------------------------------------------------------------------
 240
 241 function display_company_edit($selected_id)
 242 {
 243         global $def_coy, $db_connections, $tb_pref_counter, $table_style2;
 244
 245         if ($selected_id != -1)
 246                 $n = $selected_id;
 247         else
 248                 $n = count($db_connections);
 249
 250         start_form(true, true);
 251
 252         echo "
 253                 <script language='javascript'>
 254                 function updateCompany() {
 255                         if (document.forms[0].uploadfile.value!='' && document.forms[0].dbname.value!='') {
 256                                 document.forms[0].action='create_coy.php?c=u&ul=1&id=" . $n . "&fn=' + document.forms[0].uploadfile.value
 257                         }
 258                         else {
 259                                 document.forms[0].action='create_coy.php?c=u&id=" . $n . "&fn=' + document.forms[0].uploadfile.value
 260                         }
 261                         document.forms[0].submit()
 262                 }
 263                 </script>";
 264
 265         start_table($table_style2);
 266
 267         if ($selected_id != -1)
 268         {
 269                 $conn = $db_connections[$selected_id];
 270                 $_POST['name'] = $conn['name'];
 271                 $_POST['host']  = $conn['host'];
 272                 $_POST['dbuser']  = $conn['dbuser'];
 273                 $_POST['dbpassword']  = $conn['dbpassword'];
 274                 $_POST['dbname']  = $conn['dbname'];
 275                 $_POST['tbpref']  = $conn['tbpref'];
 276                 if ($selected_id == $def_coy)
 277                         $_POST['def'] = true;
 278                 else
 279                         $_POST['def'] = false;
 280                 $_POST['dbcreate']  = false;
 281                 hidden('selected_id', $selected_id);
 282                 hidden('tbpref', $_POST['tbpref']);
 283                 hidden('dbpassword', $_POST['dbpassword']);
 284         }
 285         else
 286                 $_POST['tbpref'] = $tb_pref_counter."_";
 287         text_row_ex(_("Company"), 'name', 30);
 288         text_row_ex(_("Host"), 'host', 30);
 289         text_row_ex(_("Database User"), 'dbuser', 30);
 290         if ($selected_id == -1)
 291                 text_row_ex(_("Database Password"), 'dbpassword', 30);
 292         text_row_ex(_("Database Name"), 'dbname', 30);
 293         if ($selected_id == -1)
 294                 yesno_list_row(_("Table Pref"), 'tbpref', 1, $_POST['tbpref'], _("None"), false);
 295         else
 296                 label_row(_("Table Pref"), $_POST['tbpref']);
 297         yesno_list_row(_("Default"), 'def', null, "", "", false);
 298
 299         start_row();
 300         label_cell(_("Database Script"));
 301         label_cell("<input name='uploadfile' type='file'>");
 302         end_row();
 303
 304         text_row_ex(_("New script Admin Password"), 'admpassword', 20);
 305
 306         end_table();
 307         display_note(_("Choose from Database scripts in SQL folder. No Datase is created without a script."), 0, 1);
 308         echo "<center><input onclick='javascript:updateCompany()' type='button' style='width:150' value='". _("Save"). "'>";
 309
 310
 311         end_form();
 312 }
 313
 314
 315 //---------------------------------------------------------------------------------------------
 316
 317 if (isset($_GET['c']) && $_GET['c'] == 'df')
 318 {
 319
 320         handle_delete();
 321 }
 322
 323 if (isset($_GET['c']) && $_GET['c'] == 'u')
 324 {
 325         if (handle_submit())
 326         {
 327                 meta_forward($_SERVER['PHP_SELF']);
 328         }
 329 }
 330
 331
 332 //---------------------------------------------------------------------------------------------
 333
 334 display_companies();
 335
 336 hyperlink_no_params($_SERVER['PHP_SELF'], _("Create a new company"));
 337
 338 display_company_edit($selected_id);
 339
 340 //---------------------------------------------------------------------------------------------
 341
 342 end_page();
 343
 344 ?>