summaryrefslogtreecommitdiff
path: root/bin/mozilla/admin.pl
blob: 4e80bf202c68bb323fe975ad855f7e942fbce92d (plain)
  1. #=====================================================================
  2. # LedgerSMB
  3. # Small Medium Business Accounting software
  4. # http://sourceforge.net/projects/ledger-smb/
  5. #
  6. #
  7. # Copyright (C) 2006
  8. # This work contains copyrighted information from a number of sources all used
  9. # with permission.
  10. #
  11. # This file contains source code included with or based on SQL-Ledger which
  12. # is Copyright Dieter Simader and DWS Systems Inc. 2000-2005 and licensed
  13. # under the GNU General Public License version 2 or, at your option, any later
  14. # version. For a full list including contact information of contributors,
  15. # maintainers, and copyright holders, see the CONTRIBUTORS file.
  16. #
  17. # Original Copyright Notice from SQL-Ledger 2.6.17 (before the fork):
  18. # Copyright (c) 2000
  19. #
  20. # Author: DWS Systems Inc.
  21. # Web: http://www.sql-ledger.org
  22. #
  23. # Contributors:
  24. #
  25. #
  26. #======================================================================
  27. #
  28. # This file has undergone whitespace cleanup.
  29. #
  30. #======================================================================
  31. #
  32. # setup module
  33. # add/edit/delete users
  34. #
  35. #======================================================================
  36. $menufile = "menu.ini";
  37. use LedgerSMB::Form;
  38. use LedgerSMB::User;
  39. $form = new Form;
  40. $locale = new Locale $language, "admin";
  41. $form->{charset} = $locale->{charset};
  42. eval { require DBI; };
  43. $form->error($locale->text('DBI not installed!')) if ($@);
  44. $form->{stylesheet} = "ledger-smb.css";
  45. $form->{favicon} = "favicon.ico";
  46. $form->{timeout} = 600;
  47. require "$form->{path}/pw.pl";
  48. # customization
  49. if (-f "$form->{path}/custom_$form->{script}") {
  50. eval { require "$form->{path}/custom_$form->{script}"; };
  51. $form->error($@) if ($@);
  52. }
  53. if ($form->{action}) {
  54. &check_password unless $form->{action} eq 'logout';
  55. &{ $locale->findsub($form->{action}) };
  56. } else {
  57. # if there are no drivers bail out
  58. $form->error($locale->text('No Database Drivers available!')) unless (User->dbdrivers);
  59. # create memberfile
  60. if (! -f $memberfile) {
  61. open(FH, ">$memberfile") or $form->error("$memberfile : $!");
  62. print FH qq|# LedgerSMB Accounting members
  63. [root login]
  64. password=
  65. |;
  66. close FH;
  67. }
  68. &adminlogin;
  69. }
  70. 1;
  71. # end
  72. sub adminlogin {
  73. $form->{title} = qq|LedgerSMB $form->{version} |.$locale->text('Administration');
  74. $myheaderadd = qq|
  75. <script language="JavaScript" type="text/javascript">
  76. <!--
  77. function sf(){
  78. document.admin.password.focus();
  79. }
  80. // End -->
  81. </script>
  82. |;
  83. $form->header(undef, $myheaderadd);
  84. print qq|
  85. <body class="admin" onload="sf()">
  86. <div align="center">
  87. <a href="http://sourceforge.net/projects/ledger-smb/"><img src="ledger-smb.png" width="200" height="100" border="0" alt="LedgerSMB Logo" /></a>
  88. <h1 class="login">|.$locale->text('Version').qq| $form->{version} <br />|.$locale->text('Administration').qq|</h1>
  89. <form method="post" action="$form->{script}" name="admin">
  90. <table>
  91. <tr>
  92. <th>|.$locale->text('Password').qq|</th>
  93. <td><input type="password" name="password" /></td>
  94. <td><input type="submit" class="submit" name="action" value="|.$locale->text('Login').qq|" /></td>
  95. </tr>
  96. </table>
  97. <input type="hidden" name="action" value="login" />
  98. <input type="hidden" name="path" value="$form->{path}" />
  99. </form>
  100. <a href="http://sourceforge.net/projects/ledger-smb/">LedgerSMB |.$locale->text('website').qq|</a>
  101. </div>
  102. </body>
  103. </html>
  104. |;
  105. }
  106. sub login {
  107. &list_users;
  108. }
  109. sub logout {
  110. $form->{callback} = "$form->{script}?path=$form->{path}&amp;endsession=1";
  111. unlink "$userspath/adminhash";
  112. print qq|Set-Cookie: LedgerSMB=; path=/;\n|;
  113. $form->redirect($locale->text('You are logged out'));
  114. }
  115. sub add_user {
  116. $form->{title} = "LedgerSMB ".$locale->text('Accounting')." ".$locale->text('Administration')." / ".$locale->text('Add User');
  117. if (-f "css/ledger-smb.css") {
  118. $myconfig->{stylesheet} = "ledger-smb.css";
  119. }
  120. $myconfig->{vclimit} = 1000;
  121. $myconfig->{menuwidth} = 155;
  122. $myconfig->{timeout} = 3600;
  123. &form_header;
  124. &form_footer;
  125. }
  126. sub edit {
  127. $form->{title} = "LedgerSMB ".$locale->text('Accounting')." ".$locale->text('Administration')." / ".$locale->text('Edit User');
  128. $form->{edit} = 1;
  129. &form_header;
  130. &form_footer;
  131. }
  132. sub form_footer {
  133. if ($form->{edit}) {
  134. $delete = qq|<input type="submit" class="submit" name="action" value="|.$locale->text('Delete').qq|" />
  135. <input type="hidden" name="edit" value="1" />|;
  136. }
  137. print qq|
  138. <input name="callback" type="hidden" value="$form->{script}?action=list_users&amp;path=$form->{path}&amp;sessionid=$form->{sessionid}" />
  139. <input type="hidden" name="path" value="$form->{path}" />
  140. <input type="hidden" name="sessionid" value="$form->{sessionid}" />
  141. <input type="submit" class="submit" name="action" value="|.$locale->text('Save').qq|" />
  142. $delete
  143. </form>
  144. </body>
  145. </html>
  146. |;
  147. }
  148. sub list_users {
  149. open(FH, "$memberfile") or $form->error("$memberfile : $!");
  150. $nologin = qq|<input type="submit" class="submit" name="action" value="|.$locale->text('Lock System').qq|" />|;
  151. if (-e "$userspath/nologin") {
  152. $nologin = qq|<input type="submit" class="submit" name="action" value="|.$locale->text('Unlock System').qq|" />|;
  153. }
  154. while (<FH>) {
  155. chop;
  156. if (/^\[.*\]/) {
  157. $login = $_;
  158. $login =~ s/(\[|\])//g;
  159. }
  160. if (/^(name=|company=|templates=|dbuser=|dbdriver=|dbname=|dbhost=)/) {
  161. chop ($var = $&);
  162. ($null, $member{$login}{$var}) = split /=/, $_, 2;
  163. }
  164. }
  165. close(FH);
  166. # type=submit $locale->text('Pg Database Administration')
  167. # type=submit $locale->text('PgPP Database Administration')
  168. foreach $item (User->dbdrivers) {
  169. $dbdrivers .= qq|<input name="action" type="submit" class="submit" value="|.$locale->text("$item Database Administration").qq|" />|;
  170. }
  171. $column_header{login} = qq|<th>|.$locale->text('Login').qq|</th>|;
  172. $column_header{name} = qq|<th>|.$locale->text('Name').qq|</th>|;
  173. $column_header{company} = qq|<th>|.$locale->text('Company').qq|</th>|;
  174. $column_header{dbdriver} = qq|<th>|.$locale->text('Driver').qq|</th>|;
  175. $column_header{dbhost} = qq|<th>|.$locale->text('Host').qq|</th>|;
  176. $column_header{dataset} = qq|<th>|.$locale->text('Dataset').qq|</th>|;
  177. $column_header{templates} = qq|<th>|.$locale->text('Templates').qq|</th>|;
  178. @column_index = qw(login name company dbdriver dbhost dataset templates);
  179. $form->{title} = "LedgerSMB ".$locale->text('Accounting')." ".$locale->text('Administration');
  180. $form->{login} = "root login";
  181. $form->header;
  182. print qq|
  183. <body class="admin">
  184. <form method="post" action="$form->{script}">
  185. <table width="100%">
  186. <tr class="listheading">
  187. <th>$form->{title}</th>
  188. </tr>
  189. <tr size="5"></tr>
  190. <tr>
  191. <td>
  192. <table width="100%">
  193. <tr class="listheading">|;
  194. for (@column_index) { print "$column_header{$_}\n" }
  195. print qq| </tr>|;
  196. foreach $key (sort keys %member) {
  197. $href = "$script?action=edit&amp;login=$key&amp;path=$form->{path}&amp;sessionid=$form->{sessionid}";
  198. $href =~ s/ /%20/g;
  199. $member{$key}{templates} =~ s/^$templates\///;
  200. $member{$key}{dbhost} = $locale->text('localhost') unless $member{$key}{dbhost};
  201. $column_data{login} = qq|<td><a href="$href">$key</a></td>|;
  202. $column_data{name} = qq|<td>$member{$key}{name}</td>|;
  203. $column_data{company} = qq|<td>$member{$key}{company}</td>|;
  204. $column_data{dbdriver} = qq|<td>$member{$key}{dbdriver}</td>|;
  205. $column_data{dbhost} = qq|<td>$member{$key}{dbhost}</td>|;
  206. $column_data{dataset} = qq|<td>$member{$key}{dbname}</td>|;
  207. $column_data{templates} = qq|<td>$member{$key}{templates}</td>|;
  208. $i++; $i %= 2;
  209. print qq| <tr class="listrow$i">|;
  210. for (@column_index) { print "$column_data{$_}\n"; }
  211. print qq| </tr>|;
  212. }
  213. print qq| </table>
  214. </td>
  215. </tr>
  216. <tr>
  217. <td><hr size="3" noshade /></td>
  218. </tr>
  219. </table>
  220. <input type="hidden" name="path" value="$form->{path}" />
  221. <input type="hidden" name="sessionid" value="$form->{sessionid}" />
  222. <br />
  223. <input type="submit" class="submit" name="action" value="|.$locale->text('Add User').qq|" />
  224. <input type="submit" class="submit" name="action" value="|.$locale->text('Change Admin Password').qq|" />
  225. $dbdrivers
  226. $nologin
  227. <input type="submit" class="submit" name="action" value="|.$locale->text('Logout').qq|" />
  228. </form>
  229. |.$locale->text('Click on login name to edit!').qq|
  230. <br />
  231. |.$locale->text('To add a user to a group edit a name, change the login name and save. A new user with the same variables will then be saved under the new login name.').qq|
  232. </body>
  233. </html>|;
  234. }
  235. sub form_header {
  236. # if there is a login, get user
  237. if ($form->{login}) {
  238. # get user
  239. $myconfig = new User "$memberfile", "$form->{login}";
  240. for (qw(company address signature)) { $myconfig->{$_} = $form->quote($myconfig->{$_}) }
  241. for (qw(address signature)) { $myconfig->{$_} =~ s/\\n/\n/g }
  242. # strip basedir from templates directory
  243. $myconfig->{templates} =~ s/^$templates\///;
  244. $myconfig->{dbpasswd} = unpack 'u', $myconfig->{dbpasswd};
  245. }
  246. foreach $item (qw(mm-dd-yy mm/dd/yy dd-mm-yy dd/mm/yy dd.mm.yy yyyy-mm-dd)) {
  247. $dateformat .= ($item eq $myconfig->{dateformat}) ? "<option selected>$item</option>\n" : "<option>$item</option>\n";
  248. }
  249. foreach $item (qw(1,000.00 1000.00 1.000,00 1000,00 1'000.00)) {
  250. $numberformat .= ($item eq $myconfig->{numberformat}) ? "<option selected>$item</option>\n" : "<option>$item</option>\n";
  251. }
  252. %countrycodes = User->country_codes;
  253. $countrycodes = "";
  254. foreach $key (sort { $countrycodes{$a} cmp $countrycodes{$b} } keys %countrycodes) {
  255. $countrycodes .= ($myconfig->{countrycode} eq $key) ? qq|<option selected value="$key">$countrycodes{$key}</option>|
  256. : qq|<option value="$key">$countrycodes{$key}</option>|;
  257. }
  258. $countrycodes = qq|<option value="">English</option>\n$countrycodes|;
  259. # is there a templates basedir
  260. if (! -d "$templates") {
  261. $form->error($locale->text('Directory').": $templates ".$locale->text('does not exist'));
  262. }
  263. opendir TEMPLATEDIR, "$templates/." or $form->error("$templates : $!");
  264. @all = grep !/^\.\.?$/, readdir TEMPLATEDIR;
  265. closedir TEMPLATEDIR;
  266. @allhtml = sort grep /\.html/, @all;
  267. @alldir = ();
  268. for (@all) {
  269. if (-d "$templates/$_") {
  270. push @alldir, $_;
  271. }
  272. }
  273. @allhtml = reverse grep !/Default/, @allhtml;
  274. push @allhtml, 'Default';
  275. @allhtml = reverse @allhtml;
  276. foreach $item (sort @alldir) {
  277. if ($item eq $myconfig->{templates}) {
  278. $usetemplates .= qq|<option selected value="$item">$item</option>\n|;
  279. } else {
  280. $usetemplates .= qq|<option value="$item">$item</option>\n|;
  281. }
  282. }
  283. $lastitem = $allhtml[0];
  284. $lastitem =~ s/-.*//g;
  285. $mastertemplates = qq|<option value="$lastitem">$lastitem</option>\n|;
  286. foreach $item (@allhtml) {
  287. $item =~ s/-.*//g;
  288. if ($item ne $lastitem) {
  289. $mastertemplates .= qq|<option value="$item">$item</option>\n|;
  290. $lastitem = $item;
  291. }
  292. }
  293. opendir CSS, "css/.";
  294. @all = grep /.*\.css$/, readdir CSS;
  295. closedir CSS;
  296. foreach $item (@all) {
  297. if ($item eq $myconfig->{stylesheet}) {
  298. $selectstylesheet .= qq|<option selected value="$item">$item</option>\n|;
  299. } else {
  300. $selectstylesheet .= qq|<option value="$item">$item</option>\n|;
  301. }
  302. }
  303. $selectstylesheet .= "<option></option>\n";
  304. if (%printer && $latex) {
  305. $selectprinter = "<option></option>\n";
  306. foreach $item (sort keys %printer) {
  307. if ($myconfig->{printer} eq $item) {
  308. $selectprinter .= qq|<option value="$item" selected>$item</option>\n|;
  309. } else {
  310. $selectprinter .= qq|<option value="$item">$item</option>\n|;
  311. }
  312. }
  313. $printer = qq|
  314. <tr>
  315. <th align="right">|.$locale->text('Printer').qq|</th>
  316. <td><select name="printer">$selectprinter</select></td>
  317. </tr>
  318. |;
  319. }
  320. $user = $form->{login};
  321. $form->{login} = "root login";
  322. $form->header;
  323. $form->{login} = $user;
  324. print qq|
  325. <body class="admin">
  326. <form method="post" action="$form->{script}">
  327. <table width="100%">
  328. <tr class="listheading"><th colspan="2">$form->{title}</th></tr>
  329. <tr size="5"></tr>
  330. <tr valign="top">
  331. <td>
  332. <table>
  333. <tr>
  334. <th align="right">|.$locale->text('Login').qq|</th>
  335. <td><input name="login" value="$myconfig->{login}" /></td>
  336. </tr>
  337. <tr>
  338. <th align="right">|.$locale->text('Password').qq|</th>
  339. <td><input type="password" name="new_password" size="8" value="$myconfig->{password}" /></td>
  340. <input type="hidden" name="old_password" value="$myconfig->{password}" />
  341. </tr>
  342. <tr>
  343. <th align="right">|.$locale->text('Name').qq|</th>
  344. <td><input name="name" size="15" value="$myconfig->{name}" /></td>
  345. </tr>
  346. <tr>
  347. <th align="right">|.$locale->text('E-mail').qq|</th>
  348. <td><input name="email" size="30" value="$myconfig->{email}" /></td>
  349. </tr>
  350. <tr valign="top">
  351. <th align="right">|.$locale->text('Signature').qq|</th>
  352. <td><textarea name="signature" rows="3" cols="35">$myconfig->{signature}</textarea></td>
  353. </tr>
  354. <tr>
  355. <th align="right">|.$locale->text('Phone').qq|</th>
  356. <td><input name="tel" size="14" value="$myconfig->{tel}" /></td>
  357. </tr>
  358. <tr>
  359. <th align="right">|.$locale->text('Fax').qq|</th>
  360. <td><input name="fax" size="14" value="$myconfig->{fax}" /></td>
  361. </tr>
  362. <tr>
  363. <th align="right">|.$locale->text('Company').qq|</th>
  364. <td><input name="company" size="35" value="$myconfig->{company}" /></td>
  365. </tr>
  366. <tr valign="top">
  367. <th align="right">|.$locale->text('Address').qq|</th>
  368. <td><textarea name="address" rows="4" cols="35">$myconfig->{address}</textarea></td>
  369. </tr>
  370. </table>
  371. </td>
  372. <td>
  373. <table>
  374. <tr>
  375. <th align="right">|.$locale->text('Date Format').qq|</th>
  376. <td><select name="dateformat">$dateformat</select></td>
  377. </tr>
  378. <tr>
  379. <th align="right">|.$locale->text('Number Format').qq|</th>
  380. <td><select name="numberformat">$numberformat</select></td>
  381. </tr>
  382. <tr>
  383. <th align="right">|.$locale->text('Dropdown Limit').qq|</th>
  384. <td><input name="vclimit" value="$myconfig->{vclimit}" /></td>
  385. </tr>
  386. <tr>
  387. <th align="right">|.$locale->text('Menu Width').qq|</th>
  388. <td><input name="menuwidth" value="$myconfig->{menuwidth}" /></td>
  389. </tr>
  390. <tr>
  391. <th align="right">|.$locale->text('Language').qq|</th>
  392. <td><select name="countrycode">$countrycodes</select></td>
  393. </tr>
  394. <tr>
  395. <th align="right">|.$locale->text('Session Timeout').qq|</th>
  396. <td><input name="newtimeout" value="$myconfig->{timeout}" /></td>
  397. </tr>
  398. <tr>
  399. <th align="right">|.$locale->text('Stylesheet').qq|</th>
  400. <td><select name="userstylesheet">$selectstylesheet</select></td>
  401. </tr>
  402. $printer
  403. <tr>
  404. <th align="right">|.$locale->text('Use Templates').qq|</th>
  405. <td><select name="usetemplates">$usetemplates</select></td>
  406. </tr>
  407. <tr>
  408. <th align="right">|.$locale->text('New Templates').qq|</th>
  409. <td><input name="newtemplates" /></td>
  410. </tr>
  411. <tr>
  412. <th align="right">|.$locale->text('Setup Templates').qq|</th>
  413. <td><select name="mastertemplates">$mastertemplates</select></td>
  414. </tr>
  415. </table>
  416. <input type="hidden" name="templates" value="$myconfig->{templates}" />
  417. </td>
  418. </tr>
  419. <tr class="listheading">
  420. <th colspan="2">|.$locale->text('Database').qq|</th>
  421. </tr>|;
  422. # list section for database drivers
  423. foreach $item (User->dbdrivers) {
  424. print qq|
  425. <tr>
  426. <td colspan="2">
  427. <table>
  428. <tr>|;
  429. $checked = "";
  430. if ($myconfig->{dbdriver} eq $item) {
  431. for (qw(dbhost dbport dbuser dbpasswd dbname sid)) { $form->{"${item}_$_"} = $myconfig->{$_} }
  432. $checked = "checked";
  433. }
  434. print qq|
  435. <th align="right">|.$locale->text('Driver').qq|</th>
  436. <td><input name="dbdriver" type="radio" class="radio" value="$item" $checked />&nbsp;$item</td>
  437. <th align="right">|.$locale->text('Host').qq|</th>
  438. <td><input name="${item}_dbhost" size="30" value="$form->{"${item}_dbhost"}" /></td>
  439. </tr>
  440. <tr>|;
  441. print qq|
  442. <th align="right">|.$locale->text('Dataset').qq|</th>
  443. <td><input name="${item}_dbname" size="15" value="$form->{"${item}_dbname"}" /></td>
  444. <th align="right">|.$locale->text('Port').qq|</th>
  445. <td><input name="${item}_dbport" size="4" value="$form->{"${item}_dbport"}" /></td>
  446. </tr>
  447. <tr>
  448. <th align="right">|.$locale->text('User').qq|</th>
  449. <td><input name="${item}_dbuser" size="15" value="$form->{"${item}_dbuser"}" /></td>
  450. <th align="right">|.$locale->text('Password').qq|</th>
  451. <td><input name="${item}_dbpasswd" type="password" size="10" value="$form->{"${item}_dbpasswd"}" /></td>
  452. </tr>|;
  453. print qq|
  454. </table>
  455. <input type="hidden" name="old_dbpasswd" value="$myconfig->{dbpasswd}" />
  456. </td>
  457. </tr>
  458. <tr>
  459. <td colspan="2"><hr size="2" noshade /></td>
  460. </tr>
  461. |;
  462. }
  463. # access control
  464. open(FH, $menufile) or $form->error("$menufile : $!");
  465. # scan for first menu level
  466. @a = <FH>;
  467. close(FH);
  468. if (open(FH, "custom_$menufile")) {
  469. push @a, <FH>;
  470. }
  471. close(FH);
  472. foreach $item (@a) {
  473. next unless $item =~ /\[\w+/;
  474. next if $item =~ /\#/;
  475. $item =~ s/(\[|\])//g;
  476. chop $item;
  477. if ($item =~ /--/) {
  478. ($level, $menuitem) = split /--/, $item, 2;
  479. } else {
  480. $level = $item;
  481. $menuitem = $item;
  482. push @acsorder, $item;
  483. }
  484. push @{ $acs{$level} }, $menuitem;
  485. }
  486. %role = ( 'admin' => $locale->text('Administrator'),
  487. 'user' => $locale->text('User'),
  488. 'supervisor' => $locale->text('Supervisor'),
  489. 'manager' => $locale->text('Manager'));
  490. $selectrole = "";
  491. foreach $item (qw(user admin supervisor manager)) {
  492. $selectrole .= ($myconfig->{role} eq $item) ? "<option selected value=\"$item\">$role{$item}</option>\n"
  493. : "<option value=\"$item\">$role{$item}</option>\n";
  494. }
  495. print qq|
  496. <tr class="listheading">
  497. <th colspan="2">|.$locale->text('Access Control').qq|</th>
  498. </tr>
  499. <tr>
  500. <td><select name="role">$selectrole</select></td>
  501. </tr>
  502. |;
  503. foreach $item (split /;/, $myconfig->{acs}) {
  504. ($key, $value) = split /--/, $item, 2;
  505. $excl{$key}{$value} = 1;
  506. }
  507. foreach $key (@acsorder) {
  508. $checked = "checked";
  509. if ($form->{login}) {
  510. $checked = ($excl{$key}{$key}) ? "" : "checked";
  511. }
  512. # can't have variable names with & and spaces
  513. $item = $form->escape("${key}--$key",1);
  514. $acsheading = $key;
  515. $acsheading =~ s/ /&nbsp;/g;
  516. $acsheading = qq|
  517. <td align="left" nowrap="nowrap" style="background-color: #C7E9F7" colspan="2">
  518. <input name="$item" class="checkbox" type="checkbox" value="1" $checked />&nbsp;$acsheading</td><tr><td>\n|;
  519. $menuitems .= "$item;";
  520. $acsdata = "<td style=\"background-color: #F0F0F0\">";
  521. foreach $item (@{ $acs{$key} }) {
  522. next if ($key eq $item);
  523. $checked = "checked";
  524. if ($form->{login}) {
  525. $checked = ($excl{$key}{$item}) ? "" : "checked";
  526. }
  527. $acsitem = $form->escape("${key}--$item",1);
  528. $acsdata .= qq|<br /><input name="$acsitem" class="checkbox" type="checkbox" value="1" $checked />&nbsp;$item|;
  529. $menuitems .= "$acsitem;";
  530. }
  531. $acsdata .= "
  532. </td>";
  533. print qq|
  534. <tr valign="top">$acsheading $acsdata
  535. </tr>
  536. |;
  537. }
  538. print qq|<input type="hidden" name="acs" value="$menuitems" />
  539. <tr>
  540. <td colspan="2"><hr size="3" noshade /></td>
  541. </tr>
  542. </table>
  543. </div>
  544. |;
  545. }
  546. sub save {
  547. # no driver checked
  548. $form->error($locale->text('Database Driver not checked!')) unless $form->{dbdriver};
  549. # no spaces allowed in login name
  550. $form->{login} =~ s/ //g;
  551. $form->isblank("login", $locale->text('Login name missing!'));
  552. # check for duplicates
  553. if (!$form->{edit}) {
  554. $temp = new User "$memberfile", "$form->{login}";
  555. if ($temp->{login}) {
  556. $form->error("$form->{login} ".$locale->text('is already a member!'));
  557. }
  558. }
  559. # no spaces allowed in directories
  560. $form->{newtemplates} =~ s/( |\.\.|\*)//g;
  561. if ($form->{newtemplates} ne "") {
  562. $form->{templates} = $form->{newtemplates};
  563. } else {
  564. $form->{templates} = ($form->{usetemplates}) ? $form->{usetemplates} : $form->{login};
  565. }
  566. # is there a basedir
  567. if (! -d "$templates") {
  568. $form->error($locale->text('Directory').": $templates ".$locale->text('does not exist'));
  569. }
  570. # add base directory to $form->{templates}
  571. $form->{templates} = "$templates/$form->{templates}";
  572. $myconfig = new User "$memberfile", "$form->{login}";
  573. # redo acs variable and delete all the acs codes
  574. @acs = split /;/, $form->{acs};
  575. $form->{acs} = "";
  576. foreach $item (@acs) {
  577. $item = $form->escape($item,1);
  578. if (!$form->{$item}) {
  579. $form->{acs} .= $form->unescape($form->unescape("$item")).";";
  580. }
  581. delete $form->{$item};
  582. }
  583. # check which database was filled in
  584. $form->{dbhost} = $form->{"$form->{dbdriver}_dbhost"};
  585. $form->{dbport} = $form->{"$form->{dbdriver}_dbport"};
  586. $form->{dbpasswd} = $form->{"$form->{dbdriver}_dbpasswd"};
  587. $form->{dbuser} = $form->{"$form->{dbdriver}_dbuser"};
  588. $form->{dbname} = $form->{"$form->{dbdriver}_dbname"};
  589. $form->isblank("dbname", $locale->text('Dataset missing!'));
  590. $form->isblank("dbuser", $locale->text('Database User missing!'));
  591. foreach $item (keys %{$form}) {
  592. $myconfig->{$item} = $form->{$item};
  593. }
  594. $myconfig->{password} = $form->{old_password};
  595. $myconfig->{password} = $form->{new_password} if $form->{new_password} ne $form->{old_password};
  596. $myconfig->{timeout} = $form->{newtimeout};
  597. delete $myconfig->{stylesheet};
  598. if ($form->{userstylesheet}) {
  599. $myconfig->{stylesheet} = $form->{userstylesheet};
  600. }
  601. $myconfig->{packpw} = 1;
  602. $myconfig->save_member($memberfile, $userspath);
  603. # create user template directory and copy master files
  604. if (! -d "$form->{templates}") {
  605. umask(002);
  606. if (mkdir "$form->{templates}", oct("771")) {
  607. umask(007);
  608. # copy templates to the directory
  609. opendir TEMPLATEDIR, "$templates/." or $form->error("$templates : $!");
  610. @templates = grep /$form->{mastertemplates}-/, readdir TEMPLATEDIR;
  611. closedir TEMPLATEDIR;
  612. foreach $file (@templates) {
  613. open(TEMP, "$templates/$file") or $form->error("$templates/$file : $!");
  614. $file =~ s/$form->{mastertemplates}-//;
  615. open(NEW, ">$form->{templates}/$file") or $form->error("$form->{templates}/$file : $!");
  616. while ($line = <TEMP>) {
  617. print NEW $line;
  618. }
  619. close(TEMP);
  620. close(NEW);
  621. }
  622. } else {
  623. $form->error("$form->{templates} : $!");
  624. }
  625. }
  626. $form->redirect($locale->text('User saved!'));
  627. }
  628. sub delete {
  629. $form->{templates} = ($form->{templates}) ? "$templates/$form->{templates}" : "$templates/$form->{login}";
  630. $form->error("$memberfile ".$locale->text('locked!')) if (-f ${memberfile}.LCK);
  631. open(FH, ">${memberfile}.LCK") or $form->error("${memberfile}.LCK : $!");
  632. close(FH);
  633. if (! open(CONF, "+<$memberfile")) {
  634. unlink "${memberfile}.LCK";
  635. $form->error("$memberfile : $!");
  636. }
  637. @config = <CONF>;
  638. seek(CONF, 0, 0);
  639. truncate(CONF, 0);
  640. while ($line = shift @config) {
  641. chop $line;
  642. if ($line =~ /^\[/) {
  643. last if ($line eq "[$form->{login}]");
  644. $login = &login_name($line);
  645. }
  646. if ($line =~ /^templates=/) {
  647. ($null, $user{$login}) = split /=/, $line, 2;
  648. }
  649. print CONF "$line\n";
  650. }
  651. # remove everything up to next login or EOF
  652. # and save template variable
  653. while ($line = shift @config) {
  654. chop $line;
  655. ($key, $value) = split /=/, $line, 2;
  656. $myconfig{$key} = $value;
  657. last if ($line =~ /^\[/);
  658. }
  659. # this one is either the next login or EOF
  660. print CONF "$line\n";
  661. $login = &login_name($line);
  662. while ($line = shift @config) {
  663. chop $line;
  664. if ($line =~ /^\[/) {
  665. $login = &login_name($line);
  666. }
  667. if ($line =~ /^templates=/) {
  668. ($null, $user{$login}) = split /=/, $line, 2;
  669. }
  670. print CONF "$line\n";
  671. }
  672. close(CONF);
  673. unlink "${memberfile}.LCK";
  674. # scan %user for $templatedir
  675. foreach $login (keys %user) {
  676. last if ($found = ($form->{templates} eq $user{$login}));
  677. }
  678. # if found keep directory otherwise delete
  679. if (!$found) {
  680. # delete it if there is a template directory
  681. $dir = "$form->{templates}";
  682. if (-d "$dir") {
  683. unlink <$dir/*>;
  684. rmdir "$dir";
  685. }
  686. }
  687. if ($myconfig{dbconnect}) {
  688. $myconfig{dbpasswd} = unpack 'u', $myconfig{dbpasswd};
  689. for (keys %myconfig) { $form->{$_} = $myconfig{$_} }
  690. User->delete_login(\%$form);
  691. # delete config file for user
  692. unlink "$userspath/$form->{login}.conf";
  693. }
  694. $form->redirect($locale->text('User deleted!'));
  695. }
  696. sub login_name {
  697. my $login = shift;
  698. $login =~ s/\[\]//g;
  699. return ($login) ? $login : undef;
  700. }
  701. sub change_admin_password {
  702. $form->{title} = qq|LedgerSMB |.$locale->text('Accounting')." ".$locale->text('Administration')." / ".$locale->text('Change Admin Password');
  703. $form->{login} = "root login";
  704. $form->header;
  705. print qq|
  706. <body class="admin">
  707. <form method="post" action="$form->{script}">
  708. <table>
  709. <tr class="listheading">
  710. <th>|.$locale->text('Change Password').qq|</th>
  711. </tr>
  712. <tr size="5"></tr>
  713. <tr>
  714. <td>
  715. <table width="100%">
  716. <tr>
  717. <th align="right">|.$locale->text('Password').qq|</th>
  718. <td><input type="password" name="new_password" /></td>
  719. </tr>
  720. <tr>
  721. <th align="right">|.$locale->text('Confirm').qq|</th>
  722. <td><input type="password" name="confirm_password" /></td>
  723. </tr>
  724. </table>
  725. </td>
  726. </tr>
  727. </table>
  728. <br />
  729. <hr size="3" noshade />
  730. <input type="hidden" name="path" value="$form->{path}" />
  731. <input type="hidden" name="sessionid" value="$form->{sessionid}" />
  732. <p><input type="submit" class="submit" name="action" value="|.$locale->text('Change Password').qq|" /></p>
  733. </form>
  734. </body>
  735. </html>
  736. |;
  737. }
  738. sub change_password {
  739. $form->error($locale->text('Passwords do not match!')) if $form->{new_password} ne $form->{confirm_password};
  740. $root->{password} = $form->{new_password};
  741. $root->{'root login'} = 1;
  742. $root->save_member($memberfile);
  743. $form->{callback} = "$form->{script}?action=list_users&amp;path=$form->{path}&amp;sessionid=$form->{sessionid}";
  744. $form->redirect($locale->text('Password changed!'));
  745. }
  746. sub get_hash {
  747. use Digest::MD5;
  748. $form->{hash} = Digest::MD5::md5_hex rand();
  749. }
  750. sub check_password {
  751. $root = new User "$memberfile", "root login";
  752. if ($root->{password}) {
  753. if ($form->{password}) {
  754. $form->{callback} .= "&amp;password=$form->{password}" if $form->{callback};
  755. $form->{sessionid} = time;
  756. if ($root->{password} ne crypt $form->{password}, 'ro') {
  757. &getpassword;
  758. exit;
  759. }
  760. &get_hash;
  761. open(HASHFILE, "> $userspath/adminhash") || $form->error("Can't Open Hashfile: $!");
  762. print HASHFILE $form->{hash};
  763. print qq|Set-Cookie: LedgerSMB=$form->{hash}; path=/;\n|;
  764. } else {
  765. if ($ENV{HTTP_USER_AGENT}) {
  766. $ENV{HTTP_COOKIE} =~ s/;\s*/;/g;
  767. %cookie = split /[=;]/, $ENV{HTTP_COOKIE}; # Changeme to %cookies
  768. $cookie = ($form->{path} eq 'bin/lynx') ? $cookie{login} : $cookie{"LedgerSMB-root login"};
  769. #fixes problem with first login and such
  770. if (!(-f "$userspath/adminhash")) {
  771. &get_hash;
  772. open(HASHFILE, "> $userspath/adminhash") || $form->error("Can't Open Hashfile: $!");
  773. print HASHFILE $form->{hash};
  774. close(HASHFILE);
  775. }
  776. open (HASHFILE, "< $userspath/adminhash") || $form->error("Can't Open Hashfile: $!");
  777. chomp($form->{hash} = <HASHFILE>);
  778. %cookies = split /[=;]/, $ENV{HTTP_COOKIE};
  779. if (! $cookie || $cookie ne $form->{sessionid} || $form->{hash} ne $cookies{LedgerSMB}) {
  780. &getpassword;
  781. exit;
  782. }
  783. }
  784. }
  785. }
  786. }
  787. sub pg_database_administration {
  788. $form->{dbdriver} = 'Pg';
  789. &dbselect_source;
  790. }
  791. sub pgpp_database_administration {
  792. $form->{dbdriver} = 'PgPP';
  793. &dbselect_source;
  794. }
  795. sub dbdriver_defaults {
  796. # load some defaults for the selected driver
  797. %driverdefaults = ( 'Pg' => { dbport => '',
  798. dbuser => 'ledger-smb',
  799. dbdefault => 'template1',
  800. dbhost => '',
  801. connectstring => $locale->text('Connect to')
  802. } );
  803. $driverdefaults{PgPP} = $driverdefaults{Pg};
  804. for (keys %{ $driverdefaults{Pg} }) { $form->{$_} = $driverdefaults{$form->{dbdriver}}{$_} }
  805. }
  806. sub dbselect_source {
  807. &dbdriver_defaults;
  808. $form->{title} = "LedgerSMB ".$locale->text('Accounting')." / ".$locale->text('Database Administration');
  809. $form->{login} = "root login";
  810. $form->header;
  811. #an insane amount of table nesting here, this should be cleaned up.
  812. print qq|
  813. <body class="admin">
  814. <center>
  815. <h2>$form->{title}</h2>
  816. <form method="post" action="$form->{script}" />
  817. <table>
  818. <tr>
  819. <td>
  820. <table>
  821. <tr class="listheading">
  822. <th colspan="4">|.$locale->text('Database').qq|</th>
  823. </tr>
  824. <tr>
  825. <td>
  826. <table>
  827. <tr>
  828. <th align="right">|.$locale->text('Host').qq|</th>
  829. <td><input name="dbhost" size="25" value="$form->{dbhost}" /></td>
  830. <th align="right">|.$locale->text('Port').qq|</th>
  831. <td><input name="dbport" size="5" value="$form->{dbport}" /></td>
  832. </tr>
  833. <tr>
  834. <th align="right">|.$locale->text('User').qq|</th>
  835. <td><input name="dbuser" size="10" value="$form->{dbuser}" /></td>
  836. <th align="right">|.$locale->text('Password').qq|</th>
  837. <td><input type="password" name="dbpasswd" size="10" /></td>
  838. </tr>
  839. <tr>
  840. <th align="right">$form->{connectstring}</th>
  841. <td colspan="3"><input name="dbdefault" size="10" value="$form->{dbdefault}" /></td>
  842. </tr>
  843. </table>
  844. </td>
  845. </tr>
  846. </table>
  847. </td>
  848. </tr>
  849. </table>
  850. <input type="hidden" name="dbdriver" value="$form->{dbdriver}" />
  851. <input name="callback" type="hidden" value="$form->{script}?action=list_users&amp;path=$form->{path}&amp;sessionid=$form->{sessionid}" />
  852. <input type="hidden" name="path" value="$form->{path}" />
  853. <input type="hidden" name="sessionid" value="$form->{sessionid}" />
  854. <br />
  855. <input type="submit" class="submit" name="action" value="|.$locale->text('Create Dataset').qq|" />
  856. <input type="submit" class="submit" name="action" value="|.$locale->text('Delete Dataset').qq|" />
  857. </form>
  858. <p>|.$locale->text('This is a preliminary check for existing sources. Nothing will be created or deleted at this stage!')
  859. .qq|</p>
  860. </center>
  861. </body>
  862. </html>
  863. |;
  864. }
  865. sub continue {
  866. &{ $form->{nextsub} };
  867. }
  868. sub dbupdate {
  869. User->dbupdate(\%$form);
  870. $form->redirect($locale->text('Dataset updated!'));
  871. }
  872. sub create_dataset {
  873. @dbsources = sort User->dbsources(\%$form);
  874. opendir SQLDIR, "sql/." or $form->error($!);
  875. foreach $item (sort grep /-chart\.sql/, readdir SQLDIR) {
  876. next if ($item eq 'Default-chart.sql');
  877. $item =~ s/-chart\.sql//;
  878. push @charts, qq|<input name="chart" class="radio" type="radio" value="$item" />$item|;
  879. }
  880. closedir SQLDIR;
  881. # add Default at beginning
  882. unshift @charts, qq|<input name="chart" class="radio" type="radio" value="Default" checked />Default|;
  883. $selectencoding = qq|<option></option>
  884. <option value="SQL_ASCII">ASCII</option>
  885. <option value="EUC_JP">Japanese EUC</option>
  886. <option value="EUC_CN">Chinese EUC</option>
  887. <option value="EUC_KR">Korean EUC</option>
  888. <option value="JOHAB">Korean EUC (Hangle base)</option>
  889. <option value="EUC_TW">Taiwan EUC</option>
  890. <option value="UNICODE">Unicode (UTF-8)</option>
  891. <option value="MULE_INTERNAL">Mule internal type</option>
  892. <option value="LATIN1">ISO 8859-1/ECMA 94 (Latin alphabet no. 1)</option>
  893. <option value="LATIN2">ISO 8859-2/ECMA 94 (Latin alphabet no. 2)</option>
  894. <option value="LATIN3">ISO 8859-3/ECMA 94 (Latin alphabet no. 3)</option>
  895. <option value="LATIN4">ISO 8859-4/ECMA 94 (Latin alphabet no. 4)</option>
  896. <option value="LATIN5">ISO 8859-9/ECMA 128 (Latin alphabet no. 5)</option>
  897. <option value="LATIN6">ISO 8859-10/ECMA 144 (Latin alphabet no. 6)</option>
  898. <option value="LATIN7">ISO 8859-13 (Latin alphabet no. 7)</option>
  899. <option value="LATIN8">ISO 8859-14 (Latin alphabet no. 8)</option>
  900. <option value="LATIN9">ISO 8859-15 (Latin alphabet no. 9)</option>
  901. <option value="LATIN10">ISO 8859-16/ASRO SR 14111 (Latin alphabet no. 10)</option>
  902. <option value="ISO_8859_5">ISO 8859-5/ECMA 113 (Latin/Cyrillic)</option>
  903. <option value="ISO_8859_6">ISO 8859-6/ECMA 114 (Latin/Arabic)</option>
  904. <option value="ISO_8859_7">ISO 8859-7/ECMA 118 (Latin/Greek)</option>
  905. <option value="ISO_8859_8">ISO 8859-8/ECMA 121 (Latin/Hebrew)</option>
  906. <option value="KOI8">KOI8-R(U)</option>
  907. <option value="WIN">Windows CP1251</option>
  908. <option value="ALT">Windows CP866</option>
  909. <option value="WIN1256">Windows CP1256 (Arabic)</option>
  910. <option value="TCVN">Windows CP1258 (Vietnamese)</option>
  911. <option value="WIN874">Windows CP874 (Thai)</option>
  912. |;
  913. $form->{title} = "LedgerSMB ".$locale->text('Accounting')
  914. ." ".$locale->text('Database Administration')
  915. ." / ".$locale->text('Create Dataset');
  916. $form->{login} = "root login";
  917. $form->header;
  918. print qq|
  919. <body class="admin">
  920. <center>
  921. <h2>$form->{title}</h2>
  922. <form method="post" action="$form->{script}" />
  923. <table width="100%">
  924. <tr class="listheading">
  925. <th colspan="2">&nbsp;</th>
  926. </tr>
  927. <tr>
  928. <th align="right" nowrap="nowrap">|.$locale->text('Existing Datasets').qq|</th>
  929. <td>
  930. |;
  931. for (@dbsources) { print "[&nbsp;$_&nbsp;] " }
  932. print qq|
  933. </td>
  934. </tr>
  935. <tr>
  936. <th align="right" nowrap="nowrap">|.$locale->text('Create Dataset').qq|</th>
  937. <td><input name="db" /></td>
  938. </tr>
  939. <tr>
  940. <th align="right" nowrap="nowrap">|.$locale->text('Multibyte Encoding').qq|</th>
  941. <td><select name="encoding">$selectencoding</select></td>
  942. </tr>
  943. <tr>
  944. <th align="right" nowrap="nowrap">|.$locale->text('Create Chart of Accounts').qq|</th>
  945. <td>
  946. <table>
  947. |;
  948. while (@charts) {
  949. print qq| <tr>|;
  950. for (0 .. 2) { print "<td>$charts[$_]</td>\n" }
  951. print qq| </tr>|;
  952. splice @charts, 0, 3;
  953. }
  954. print qq| </table>
  955. </td>
  956. </tr>
  957. <tr>
  958. <td colspan="2">
  959. <hr size="3" noshade />
  960. </td>
  961. </tr>
  962. </table>
  963. |;
  964. $form->hide_form(qw(dbdriver dbuser dbhost dbport dbpasswd dbdefault path sessionid));
  965. print qq|
  966. <input name="callback" type="hidden" value="$form->{script}?action=list_users&amp;path=$form->{path}&amp;sessionid=$form->{sessionid}" />
  967. <input type="hidden" name="nextsub" value="dbcreate" />
  968. <br />
  969. <input type="submit" class="submit" name="action" value="|.$locale->text('Continue').qq|" />
  970. </form>
  971. </body>
  972. </html>
  973. |;
  974. }
  975. sub dbcreate {
  976. $form->isblank("db", $locale->text('Dataset missing!'));
  977. User->dbcreate(\%$form);
  978. $form->{title} = "LedgerSMB ".$locale->text('Accounting')
  979. ." ".$locale->text('Database Administration')
  980. ." / ".$locale->text('Create Dataset');
  981. $form->{login} = "root login";
  982. $form->header;
  983. print qq|
  984. <body class="admin">
  985. <center>
  986. <h2>$form->{title}</h2>
  987. <form method="post" action="$form->{script}">|
  988. .$locale->text('Dataset')." $form->{db} ".$locale->text('successfully created!')
  989. .qq|
  990. <input type="hidden" name="path" value="$form->{path}" />
  991. <input type="hidden" name="sessionid" value="$form->{sessionid}" />
  992. <input type="hidden" name="nextsub" value="list_users" />
  993. <p><input type="submit" class="submit" name="action" value="|.$locale->text('Continue').qq|" /></p>
  994. </form>
  995. </center>
  996. </body>
  997. </html>
  998. |;
  999. }
  1000. sub delete_dataset {
  1001. if (@dbsources = User->dbsources_unused(\%$form, $memberfile)) {
  1002. foreach $item (sort @dbsources) {
  1003. $dbsources .= qq|<input name="db" class="radio" type="radio" value="$item" />&nbsp;$item |;
  1004. }
  1005. } else {
  1006. $form->error($locale->text('Nothing to delete!'));
  1007. }
  1008. $form->{title} = "LedgerSMB ".$locale->text('Accounting')
  1009. ." ".$locale->text('Database Administration')
  1010. ." / ".$locale->text('Delete Dataset');
  1011. $form->{login} = "root login";
  1012. $form->header;
  1013. print qq|
  1014. <body class="admin">
  1015. <h2>$form->{title}</h2>
  1016. <form method="post" action="$form->{script}" />
  1017. <input type="hidden" name="dbdriver" value="$form->{dbdriver}" />
  1018. <input type="hidden" name="dbuser" value="$form->{dbuser}" />
  1019. <input type="hidden" name="dbhost" value="$form->{dbhost}" />
  1020. <input type="hidden" name="dbport" value="$form->{dbport}" />
  1021. <input type="hidden" name="dbpasswd" value="$form->{dbpasswd}" />
  1022. <input type="hidden" name="dbdefault" value="$form->{dbdefault}" />
  1023. <input name=callback type="hidden" value="$form->{script}?action=list_users&amp;path=$form->{path}&amp;sessionid=$form->{sessionid}">
  1024. <input type="hidden" name="path" value="$form->{path}" />
  1025. <input type="hidden" name="sessionid" value="$form->{sessionid}" />
  1026. <input type="hidden" name="nextsub" value="dbdelete" />
  1027. <table width="100%">
  1028. <tr class="listheading">
  1029. <th>|.$locale->text('The following Datasets are not in use and can be deleted').qq|</th>
  1030. </tr>
  1031. <tr>
  1032. <td>
  1033. $dbsources
  1034. </td>
  1035. </tr>
  1036. <tr>
  1037. <td>
  1038. <hr size="3" noshade />
  1039. <br />
  1040. <input type="submit" class="submit" name="action" value="|.$locale->text('Continue').qq|" />
  1041. </td>
  1042. </tr>
  1043. </table>
  1044. </form>
  1045. </body>
  1046. </html>
  1047. |;
  1048. }
  1049. sub dbdelete {
  1050. if (!$form->{db}) {
  1051. $form->error($locale->text('No Dataset selected!'));
  1052. }
  1053. User->dbdelete(\%$form);
  1054. $form->{title} = "LedgerSMB ".$locale->text('Accounting')
  1055. ." ".$locale->text('Database Administration')
  1056. ." / ".$locale->text('Delete Dataset');
  1057. $form->{login} = "root login";
  1058. $form->header;
  1059. print qq|
  1060. <body class="admin">
  1061. <center>
  1062. <h2>$form->{title}</h2>
  1063. $form->{db} |.$locale->text('successfully deleted!')
  1064. .qq|
  1065. <form method="post" action="$form->{script}" />
  1066. <input type="hidden" name="path" value="$form->{path}" />
  1067. <input type="hidden" name="sessionid" value="$form->{sessionid}" />
  1068. <input type="hidden" name="nextsub" value="list_users" />
  1069. <p><input type="submit" class="submit" name="action" value="|.$locale->text('Continue').qq|" /></p>
  1070. </form>
  1071. </body>
  1072. </html>
  1073. |;
  1074. }
  1075. sub unlock_system {
  1076. unlink "$userspath/nologin";
  1077. $form->{callback} = "$form->{script}?action=list_users&amp;path=$form->{path}&amp;sessionid=$form->{sessionid}";
  1078. $form->redirect($locale->text('Lockfile removed!'));
  1079. }
  1080. sub lock_system {
  1081. open(FH, ">$userspath/nologin") or $form->error($locale->text('Cannot create Lock!'));
  1082. close(FH);
  1083. $form->{callback} = "$form->{script}?action=list_users&amp;path=$form->{path}&amp;sessionid=$form->{sessionid}";
  1084. $form->redirect($locale->text('Lockfile created!'));
  1085. }