<?php
exit;
}
// ---- PROCESS THE COPY FUNCTION (second pass) --------------------------------------------------------------------
function isInValid($str)
{
return preg_match('[\\W]', $str);
}
function arraytolower($item)
{
return strtolower($item);
}
if (array_key_exists('mode', $_REQUEST) && $_REQUEST['mode'] == '2') {
$targetdbname = $_REQUEST['targetdbname'];
// Avoid illegal chars in db name
$hasInvalid = isInValid($targetdbname);
if ($hasInvalid) {
echo "<p><hr><p> <p>Requested database copy name: <b>{$targetdbname}</b>" . "<p>Sorry, only letters, numbers and underscores (_) are allowed in the database name";
return false;
}
// rejecting illegal characters in db name
$list = mysql__getdatabases();
$list = array_map("arraytolower", $list);
if (in_array(strtolower($targetdbname), $list)) {
echo "<p class='error'>Warning: database '" . $targetdbname . "' already exists. Please choose a different name<br/></p>";
return false;
}
$res = cloneDatabase($targetdbname);
if (!$res) {
echo_flush('<p style="padding-left:20px;"><h2 style="color:red">WARNING: Your database has not been cloned.</h2>' . 'Please contact your system administrator or the Heurist developers (support at HeuristNetwork dot org) for assistance with cloning of your database.');
}
function makeDatabase() { // Creates a new database and populates it with triggers, constraints and core definitions
global $newDBName, $isNewDB, $done, $isCreateNew, $isExtended,$errorCreatingTables;
$error = false;
$warning=false;
if (isset($_POST['dbname'])) {
// Check that there is a current administrative user who can be made the owner of the new database
if(ADMIN_DBUSERNAME == "") {
if(ADMIN_DBUSERPSWD == "") {
echo "DB Admin username and password have not been set in config.ini. Please do so before trying to create a new database.<br>";
return;
}
echo "DB Admin username has not been set in config.ini. Please do so before trying to create a new database.<br>";
return;
}
if(ADMIN_DBUSERPSWD == "") {
echo "DB Admin password has not been set in config.ini. Please do so before trying to create a new database.<br>";
return;
} // checking for current administrative user
// Create a new blank database
$newDBName = trim($_POST['uname']).'_';
if ($newDBName == '_') {$newDBName='';}; // don't double up underscore if no user prefix
$newDBName = $newDBName . trim($_POST['dbname']);
$newname = HEURIST_DB_PREFIX . $newDBName; // all databases have common prefix then user prefix
// Avoid illegal chars in db name
$hasInvalid = isInValid($newname);
if ($hasInvalid) {
echo ("Only letters, numbers and underscores (_) are allowed in the database name");
return false;
} // rejecting illegal characters in db name
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
$cmdline = "mysql -u".ADMIN_DBUSERNAME." -p".ADMIN_DBUSERPSWD." -e\"create database `$newname`\"";
} else {
$cmdline = "mysql -u".ADMIN_DBUSERNAME." -p".ADMIN_DBUSERPSWD." -e'create database `$newname`'";
}
$output1 = exec($cmdline . ' 2>&1', $output, $res1);
if ($res1 != 0 ) {
echo ("<p class='error'>Error code $res1 on MySQL exec: Unable to create database $newname<br> <br>");
echo("\n\n");
if(is_array($output)){
$isExists = (strpos($output[0],"1007")>0);
}else{
$sqlErrorCode = split(" ", $output);
$isExists = (count($sqlErrorCode) > 1 && $sqlErrorCode[1] == "1007");
}
if($isExists){
echo "<strong>A database with that name already exists.</strong>";
}
echo "</p>";
$isCreateNew = true;
return false;
}
// At this point a database exists, so need cleanup if anythign goes wrong later
// Create the Heurist structure for the newly created database, using the template SQL file
// This file sets up teh table definitions and inserts a few critical values
// it does not set referential integrity constraints or triggers
$cmdline="mysql -u".ADMIN_DBUSERNAME." -p".ADMIN_DBUSERPSWD." -D$newname < blankDBStructure.sql";
$output2 = exec($cmdline . ' 2>&1', $output, $res2);
if ($res2 != 0 ) {
echo ("<p class='error'>Error $res2 on MySQL exec: Unable to load blankDBStructure.sql into database $newname<br>");
echo ("Please check whether this file is valid; consult Heurist helpdesk if needed<br> <br></p>");
echo($output2);
cleanupNewDB($newname);
return false;
}
// Add referential constraints
$cmdline="mysql -u".ADMIN_DBUSERNAME." -p".ADMIN_DBUSERPSWD." -D$newname < addReferentialConstraints.sql";
$output2 = exec($cmdline . ' 2>&1', $output, $res2);
if ($res2 != 0 ) {
echo ("<p class='error'>Error $res2 on MySQL exec: Unable to load addReferentialConstraints.sql into database $newname<br>");
echo ("Please check whether this file is valid; consult Heurist helpdesk if needed<br> <br></p>");
echo($output2);
cleanupNewDB($newname);
return false;
}
// Add procedures and triggers
$cmdline = "mysql -u".ADMIN_DBUSERNAME." -p".ADMIN_DBUSERPSWD." -D$newname < addProceduresTriggers.sql";
$output2 = exec($cmdline . ' 2>&1', $output, $res2);
if ($res2 != 0 ) {
echo ("<p class='error'>Error $res2 on MySQL exec: Unable to load addProceduresTriggers.sql for database $newname<br>");
echo ("Please check whether this file is valid; consult Heurist helpdesk if needed<br> <br></p>");
echo($output2);
cleanupNewDB($newname);
return false;
}
// Run buildCrosswalks to import minimal definitions from coreDefinitions.txt into the new DB
// yes, this is badly structured, but it works - if it ain't broke ...
$isNewDB = true; // flag of context for buildCrosswalks, tells it to use coreDefinitions.txt
require_once('../structure/buildCrosswalks.php');
// errorCreatingTables is set to true by buildCrosswalks if an error occurred
if($errorCreatingTables) {
echo ("<p class='error'>Error importing core definitions from ".($isExtended?"coreDefinitionsExtended.txt":"coreDefinitions.txt")." for database $newname<br>");
echo ("Please check whether this file is valid; consult Heurist helpdesk if needed</p>");
cleanupNewDB($newname);
return false;
}
// Get and clean information for the user creating the database
if(!is_logged_in()) {
$longName = "";
$firstName = $_REQUEST['ugr_FirstName'];
$lastName = $_REQUEST['ugr_LastName'];
$eMail = $_REQUEST['ugr_eMail'];
$name = $_REQUEST['ugr_Name'];
$password = $_REQUEST['ugr_Password'];
$department = '';
$organisation = '';
$city = '';
$state = '';
$postcode = '';
$interests = '';
$s = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./';
$salt = $s[rand(0, strlen($s)-1)] . $s[rand(0, strlen($s)-1)];
$password = crypt($password, $salt);
}else{
mysql_connection_insert(DATABASE);
$query = mysql_query("SELECT ugr_LongName, ugr_FirstName, ugr_LastName, ugr_eMail, ugr_Name, ugr_Password, ugr_Department, ugr_Organisation, ugr_City, ugr_State, ugr_Postcode, ugr_Interests FROM sysUGrps WHERE ugr_ID=".get_user_id());
$details = mysql_fetch_row($query);
$longName = mysql_escape_string($details[0]);
$firstName = mysql_escape_string($details[1]);
$lastName = mysql_escape_string($details[2]);
$eMail = mysql_escape_string($details[3]);
$name = mysql_escape_string($details[4]);
$password = mysql_escape_string($details[5]);
$department = mysql_escape_string($details[6]);
$organisation = mysql_escape_string($details[7]);
$city = mysql_escape_string($details[8]);
$state = mysql_escape_string($details[9]);
$postcode = mysql_escape_string($details[10]);
$interests = mysql_escape_string($details[11]);
}
// todo: code location of upload directory into sysIdentification, remove from edit form (should not be changed)
// todo: might wish to control ownership rather than leaving it to the O/S, although this works well at present
$warnings = 0;
// Create a default upload directory for uploaded files eg multimedia, images etc.
$uploadPath = HEURIST_UPLOAD_ROOT.$newDBName;//TODO: This locks us into upload path. This is teh place for DB override.
$cmdline = "mkdir -p -m a=rwx ".$uploadPath;
$output2 = exec($cmdline . ' 2>&1', $output, $res2);
if ($res2 != 0 ) { // TODO: need to properly trap the error and distiguish different versions.
// Old uplaod directories hanging around could cause problems if upload file IDs are duplicated,
// so should probably NOT allow their re-use
echo ("<h3>Warning:</h3> Unable to create $uploadPath directory for database $newDBName<br> <br>");
echo ("This may be because the directory already exists or the parent folder is not writable<br>");
echo ("Please check/create directory by hand. Consult Heurist helpdesk if needed<br>");
echo($output2);
$warnings = 1;
}
// copy icon and thumbnail directories from default set in the program code (sync. with H3CoreDefinitions)
$cmdline = "cp -R rectype-icons $uploadPath"; // creates directories and copies icons and thumbnails
$output2 = exec($cmdline . ' 2>&1', $output, $res2);
if ($res2 != 0 ) {
echo ("<h3>Warning:</h3> Unable to create/copy record type icons folder rectype-icons to $uploadPath<br>");
echo ("If upload directory was created OK, this is probably due to incorrect file permissions on new folders<br>");
echo($output2);
$warnings = 1;
}
// copy smarty template directory from default set in the program code
$cmdline = "cp -R smarty-templates $uploadPath";
$output2 = exec($cmdline . ' 2>&1', $output, $res2);
if ($res2 != 0 ) {
echo ("<h3>Warning:</h3> Unable to create/copy smarty-templates folder to $uploadPath<br>");
echo($output2);
$warnings = 1;
}
if($isExtended){
// copy xsl template directories from default set in the program code
$cmdline = "cp -R xsl-templates $uploadPath";
$output2 = exec($cmdline . ' 2>&1', $output, $res2);
if ($res2 != 0 ) {
echo ("<h3>Warning:</h3> Unable to create/copy xsl-templates folder to $uploadPath<br>");
echo($output2);
$warnings = 1;
}
}
$warnings =+ createFolder("settings","used to store import mappings and the like");
$warnings =+ createFolder("scratch","used to store temporary files");
$warnings =+ createFolder("hml-output","used to write published records as hml files");
$warnings =+ createFolder("html-output","used to write published records as generic html files");
$warnings =+ createFolder("generated-reports","used to write generated reports");
if ($warnings > 0) {
echo "<h2>Please take note of warnings above</h2>";
echo "You must create the folders indicated or uploads, icons and templates will not work<br>";
echo "If upload folder is created but icons and template forlders are not, look at file permissions on new folder creation";
}
// Prepare to write to the newly created database
mysql_connection_insert($newname);
// Update file locations
$query='update sysIdentification
set sys_hmlOutputDirectory = "'.$uploadPath.'/hml-output",
sys_htmlOutputDirectory = "'.$uploadPath.'/html-output"';
mysql_query($query);
if (mysql_error()) {
echo "<h3>Warning: </h3> Unable to update sysIdentification table - please go to DBAdmin > Databases > Properties &".
" Advanced Properties, and check the path to the upload, hml and html directories. (".mysql_error().")";
}
// Make the current user the owner and admin of the new database
mysql_query('UPDATE sysUGrps SET ugr_LongName="'.$longName.'", ugr_FirstName="'.$firstName.'",
ugr_LastName="'.$lastName.'", ugr_eMail="'.$eMail.'", ugr_Name="'.$name.'",
ugr_Password="******", ugr_Department="'.$department.'", ugr_Organisation="'.$organisation.'",
ugr_City="'.$city.'", ugr_State="'.$state.'", ugr_Postcode="'.$postcode.'",
ugr_interests="'.$interests.'" WHERE ugr_ID=2');
// TODO: error check, although this is unlikely to fail
echo "<h2>New database '$newDBName' created successfully</h2>";
echo "<p><strong>Admin username:</strong> ".$name."<br />";
echo "<strong>Admin password:</strong> <<i>same as account currently logged in to</i>></p>";
echo "<p>You may wish to bookmark the database home page (search page): <a href=\"".HEURIST_BASE_URL."?db=".$newDBName."\" title=\"\" target=\"_new\">".HEURIST_BASE_URL."?db=".$newDBName."</a>.</p>";
echo "<p><a href='".HEURIST_BASE_URL."admin/adminMenu.php?db=".$newDBName."' title='' target=\"_new\" style='font-size:1.2em;font-weight:bold'>Go to Administration page</a>, to configure your new database</p>";
// TODO: automatically redirect to the new database, maybe, in a new window
return false;
} // isset
} //makedatabase
