function DoTests(&$steps)
{
$this->error = '';
// If they manually forced a rollback to an earlier step,
// we will catch it below
$rb = gp('stepreset', '-1');
// look for flags that indicate manual approval of steps
if (gp('pgconfig') == 1) {
sessionSet('pgconfig', true);
}
if (gp('pgsuper') == 1) {
sessionSet('pgsuper', true);
}
// If they provided credentials, try to post them
if (gpExists('loginUID')) {
if (substr(strtolower(gp('loginUID')), 0, 5) == 'andro') {
ErrorAdd("Superuser account may not begin with 'andro'");
} else {
SessionSet('xUID', gp('loginUID'));
SessionSet('xPWD', gp('loginPWD'));
}
}
$finished = false;
foreach ($steps as $current_step => $step) {
switch ($current_step) {
case 0:
if (!function_exists('pg_connect')) {
$finished = true;
}
break;
case 1:
// If forcing rollback to here, clear user credentials
if ($rb == 1) {
SessionUnset('xUID');
SessionUnSet('xPWD');
}
// Test if they gave us uid/pwd and if it works
if (SessionGet('xUID') == '') {
$finished = true;
} else {
$cs = SQL_ConnString(SessionGet('xUID'), SessionGet('xPWD'), 'postgres');
$this->dbx = @pg_connect($cs);
if (!$this->dbx) {
$this->error = "Could Not Connect with that Username/Password";
$finished = true;
}
}
break;
case 2:
// Since we got a connection, try to get versions
$res = SQL2("Select version()", $this->dbx);
$row = SQL_Fetch_Array($res);
$x = explode(' ', $row['version']);
$this->pgversion = $x[0] . ' ' . $x[1];
$vers = explode('.', $x[1]);
$vers = $vers[0] . '.' . $vers[1];
if ($vers < 8.1) {
$finished = true;
}
break;
case 3:
if ($rb == 3) {
$this->andro = 1;
$finished = true;
break;
}
$cs = SQL_ConnString(SessionGet('xUID'), SessionGet('xPWD'), 'andro');
$this->dba = @pg_connect($cs);
if (!$this->dba) {
$finished = true;
$this->andro = 0;
} else {
pg_close($this->dba);
$file = $GLOBALS['AG']['dirs']['generated'] . 'ddmodules.php';
if (!file_exists($file)) {
$finished = true;
$this->andro = 1;
}
}
break;
case 4:
// Initialize the node manager
SessionSet('UID', SessionGet('xUID'));
SessionSet('PWD', SessionGet('xPWD'));
scDBConn_Push();
$dir_pub = realpath(dirname(__FILE__) . '/../..');
if (strpos(ArraySafe($_ENV, 'OS', ''), 'indows') !== false) {
$dir_pub = str_replace("\\", "\\\\", $dir_pub);
}
$row = array('webpath' => 'DEFAULT', 'dir_pub' => $dir_pub, 'description' => 'Default Web Path');
$table_dd = dd_TableRef('webpaths');
SQLX_UpdateorInsert($table_dd, $row);
/*
$table_dd=dd_TableRef('nodes');
$row=array(
'node'=>'DHOST2'
,'description'=>"Andromeda Master Node"
,'node_url'=>'dhost2.secdat.com'
);
SQLX_UpdateorInsert($table_dd,$row);
$row=array(
'node'=>'LOCAL'
,'description'=>"Local Node"
,'node_url'=>'localhost'
);
SQLX_UpdateorInsert($table_dd,$row);
*/
$table_dd = dd_TableRef('applications');
$row = array('application' => 'andro', 'description' => "Andromeda Node Manager", 'appspec' => 'andro.dd.yaml', 'node' => 'LOCAL', 'webpath' => 'DEFAULT');
SQLX_UpdateorInsert($table_dd, $row);
scDBConn_Pop();
SessionSet('UID', 'andro');
SessionSet('PWD', 'andro');
break;
case 5:
break;
default:
$finished = true;
}
// if we are clear, stop now
if ($finished) {
break;
}
}
for ($x = 0; $x < $current_step; $x++) {
$steps[$x][0] = true;
}
return $current_step;
}
function main()
{
$this->PageSubtitle = "Imports";
// Process uploaded files if there are any
if (!gpExists('gp_xajax')) {
foreach ($_FILES as $onefile) {
if (!$onefile['error']) {
// Generate a previously unused name, give up after 20 tries
$dir = $GLOBALS['AG']['dirs']['root'] . 'tmp/';
$count = 0;
while (true) {
$fn = $onefile['name'] . '.' . rand(1000, 9999);
$fs = $dir . $fn;
if (!file_exists($fs)) {
break;
}
$count++;
if ($count > 20) {
$fn = '';
break;
}
}
if ($fn == '') {
continue;
}
// skip this file, we couldn't name it
// If we got to here, then we have a good name to use, lets copy
// the file over.
move_uploaded_file($onefile['tmp_name'], $fs);
$newfile = array('name' => $onefile['name'], 'uname' => $fs, 'type' => $onefile['type'], 'error' => $onefile['error'], 'size' => $onefile['size']);
vgfSet('files', array($newfile));
break;
// only do one file!
}
}
}
// Routing
if (gp('gp_fbproc') == '1') {
return $this->fbProc();
}
if (gpExists('gp_xajax')) {
return $this->xAjax();
}
// Obtain the basic parameters we need on this page, and then assign
// them to hidden variables so that FORM POSTs will return here.
$tid = gp('gp_table_id');
$t = DD_TableRef(gp('gp_table_id'));
hidden('gp_page', 'x_import');
hidden('gp_nofile', '');
hidden('gp_table_id', gp('gp_table_id'));
// Process requests. If they uploaded a file, save the
// info to the session. If they requested file destroy,
// throw it away.
$files = vgfGet('files', array());
$fi = null;
if (isset($files[0])) {
$fi = $files[0];
SessionSet('importfile', $fi);
}
if (gp('gp_nofile') == 1) {
SessionUnSet('importfile');
$fi = null;
}
// If a file is uploaded we just output the div and then call
// back for the content
// On this branch we
// - - - - - - - - - - - - - - - - - - - - - - - - - - - -
// BEGIN HTML
// - - - - - - - - - - - - - - - - - - - - - - - - - - - -
?>
<h1>Table Import</h1>
<p><b>Destination Table:</b><?php
echo hLinkPage('', $tid);
?>
</p>
<p><b>Table Name in Database:</b> <?php
echo $tid;
?>
.
</p>
<p>This is standardized import program that can accept file
uploads in the popular "CSV" format. The first row is expected
to name columns, and all subsequent rows are expected to
contain comma-separated values.
</p>
<p>This routine will match known column names and display the
columns that will be imported.
</p>
<hr />
<?php
if ($fi) {
?>
<div id="xajax"></div>
<div id="xajaxm"></div>
<script type="text/javascript">
</script>
<?php
elementAdd('scriptend', "andrax('?gp_page=x_import&gp_table_id=" . gp("gp_table_id") . "&gp_xajax=1');");
return;
} else {
?>
<h2>File Upload</h2>
<p>Please upload a file to process.
<p><?php
echo hFileUpload();
?>
<?php
}
}
if (LoggedIn()) {
// A direct login restores the "clean" array as it was
if ($directlogin) {
unset($directclean['gp_uid']);
unset($directclean['gp_pwd']);
unset($directclean['loginUID']);
unset($directclean['loginPWD']);
$AG['clean'] = $directclean;
} elseif (count(SessionGet('clean', array())) != 0) {
// These were a page attempt made w/o being logged in,
// which is now being ok'd since the user is logged in.
$GLOBALS['AG']['clean'] = SessionGet('clean');
if (isset($GLOBALS['AG']['clean']['ajxBUFFER'])) {
unset($GLOBALS['AG']['clean']['ajxBUFFER']);
}
SessionUnSet('clean');
// In pos systems, save the page they are authenticated for
if (vgaGET('POS_SECURITY', false) == true) {
SessionSet('POS_PAGE', gp('gp_page'), 'FW');
}
}
}
}
// This is an after-the-fact check. The login is never supposed
// to allow logins to "postgres" or any user whose name begins
// with the application code. If the login system let something
// get by, then we trap it here. We also set the user to anonymous
//
// Note however that an EXACT match of user_id to application code
// is ok, that is the so-called "anonymous" account.
//
