search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fully responsive globals.php with vertical menu (#2460)
[openemr.git] / interface / main / backup.php
blob20755814a8e8aa14bfddc3d4a8510125c84c27f6
1 <?php
2 /**
3 * This script creates a backup tarball and sends it to the users's
4 * browser for download. The tarball includes:
5 *
6 * an OpenEMR database dump (gzipped)
7 * the OpenEMR web directory (.tar.gz)
8 *
9 * The OpenEMR web directory is important because it includes config-
10 * uration files, patient documents, and possible customizations, and
11 * also because the database structure is dependent on the installed
12 * OpenEMR version.
13 *
14 * This script depends on execution of some external programs:
15 * mysqldump & pg_dump. It has been tested with Debian and Ubuntu
16 * Linux and with Windows XP.
17 * Do not assume that it works for you until you have successfully
18 * tested a restore!
19 *
20 * @package OpenEMR
21 * @link http://www.open-emr.org
22 * @author Rod Roark <rod@sunsetsystems.com>
23 * @author Bill Cernansky (www.mi-squared.com)
24 * @author Brady Miller <brady.g.miller@gmail.com>
25 * @copyright Copyright (c) 2008-2014, 2016 Rod Roark <rod@sunsetsystems.com>
26 * @copyright Copyright (c) 2018 Brady Miller <brady.g.miller@gmail.com>
27 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
28 */
29
30
31 set_time_limit(0);
32 require_once("../globals.php");
33 require_once("$srcdir/acl.inc");
34
35 use OpenEMR\Common\Logging\EventAuditLogger;
36
37 if (!empty($_POST)) {
38 if (!verifyCsrfToken($_POST["csrf_token_form"])) {
39 csrfNotVerified();
40 }
41 }
42
43 // Prevent scripts calling Globals from being blocked.
44 //
45 session_write_close();
46
47 if (!extension_loaded('zlib')) {
48 die('Abort '.basename(__FILE__).' : Missing zlib extensions');
49 }
50
51 if (!function_exists('gzopen') && function_exists('gzopen64')) {
52 function gzopen($filename, $mode, $use_include_path = 0)
53 {
54 return gzopen64($filename, $mode, $use_include_path);
55 }
56 }
57
58 if (!acl_check('admin', 'super')) {
59 die(xlt('Not authorized'));
60 }
61
62 include_once("Archive/Tar.php");
63
64 // Set up method, which will depend on OS and if pear tar.php is installed
65 if (class_exists('Archive_Tar')) {
66 # pear tar.php is installed so can use os independent method
67 $newBackupMethod = true;
68 } elseif (IS_WINDOWS) {
69 # without the tar.php module, can't run backup in windows
70 die(xlt("Error. You need to install the Archive/Tar.php php module."));
71 } else {
72 # without the tar.php module, can run via system commands in non-windows
73 $newBackupMethod = false;
74 }
75
76 $BTN_TEXT_CREATE = xl('Create Backup');
77 $BTN_TEXT_EXPORT = xl('Export Configuration');
78 $BTN_TEXT_IMPORT = xl('Import Configuration');
79 // ViSolve: Create Log Backup button
80 $BTN_TEXT_CREATE_EVENTLOG = xl('Create Eventlog Backup');
81
82 $form_step = isset($_POST['form_step']) ? trim($_POST['form_step']) : '0';
83 $form_status = isset($_POST['form_status' ]) ? trim($_POST['form_status' ]) : '';
84
85 if (!empty($_POST['form_export'])) {
86 $form_step = 101;
87 }
88
89 if (!empty($_POST['form_import'])) {
90 $form_step = 201;
91 }
92
93 //ViSolve: Assign Unique Number for the Log Creation
94 if (!empty($_POST['form_backup'])) {
95 $form_step = 301;
96 }
97
98 // When true the current form will submit itself after a brief pause.
99 $auto_continue = false;
100
101 # set up main paths
102 $backup_file_prefix = "emr_backup";
103 $backup_file_suffix = ".tar";
104 $TMP_BASE = $GLOBALS['temporary_files_dir'] . "/openemr_web_backup";
105 $BACKUP_DIR = $TMP_BASE . "/emr_backup";
106 $TAR_FILE_PATH = $TMP_BASE . DIRECTORY_SEPARATOR . $backup_file_prefix . $backup_file_suffix;
107 $EXPORT_FILE = $GLOBALS['temporary_files_dir'] . "/openemr_config.sql";
108 $MYSQL_PATH = $GLOBALS['mysql_bin_dir'];
109 $PERL_PATH = $GLOBALS['perl_bin_dir'];
110
111 if ($form_step == 6) {
112 header("Pragma: public");
113 header("Expires: 0");
114 header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
115 header("Content-Type: application/force-download");
116 header("Content-Length: " . filesize($TAR_FILE_PATH));
117 header("Content-Disposition: attachment; filename=" . basename($TAR_FILE_PATH));
118 header("Content-Description: File Transfer");
119
120 if (is_file($TAR_FILE_PATH)) {
121 $chunkSize = 1024 * 1024;
122 $handle = fopen($TAR_FILE_PATH, 'rb');
123 while (!feof($handle)) {
124 $buffer = fread($handle, $chunkSize);
125 echo $buffer;
126 ob_flush();
127 flush();
128 }
129 fclose($handle);
130 } else {
131 obliterate_dir($BACKUP_DIR);
132 $dieMsg = xlt("Backup Failed missing generated file");
133 die($dieMsg);
134 }
135 unlink($TAR_FILE_PATH);
136 obliterate_dir($BACKUP_DIR);
137 exit(0);
138 }
139
140 if ($form_step == 104) {
141 header("Pragma: public");
142 header("Expires: 0");
143 header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
144 header("Content-Type: application/force-download");
145 header("Content-Length: " . filesize($EXPORT_FILE));
146 header("Content-Disposition: attachment; filename=" . basename($EXPORT_FILE));
147 header("Content-Description: File Transfer");
148 readfile($EXPORT_FILE);
149 unlink($EXPORT_FILE);
150 exit(0);
151 }
152 ?>
153 <html>
154
155 <head>
156 <link rel="stylesheet" href='<?php echo $css_header ?>' type='text/css'>
157 <title><?php echo xlt('Backup'); ?></title>
158 </head>
159
160 <body class="body_top">
161 <center>
162 &nbsp;<br />
163 <form method='post' action='backup.php' enctype='multipart/form-data' onsubmit='return top.restoreSession()'>
164 <input type="hidden" name="csrf_token_form" value="<?php echo attr(collectCsrfToken()); ?>" />
165
166 <table<?php echo ($form_step != 101) ? " style='width:50em'" : ""; ?>>
167 <tr>
168 <td>
169
170 <?php
171 $cmd = '';
172 $mysql_cmd = $MYSQL_PATH . DIRECTORY_SEPARATOR . 'mysql';
173 $mysql_dump_cmd = $mysql_cmd . 'dump';
174 $mysql_ssl = '';
175 if (file_exists($GLOBALS['OE_SITE_DIR'] . "/documents/certificates/mysql-ca")) {
176 // Support for mysql SSL encryption
177 $mysql_ssl = " --ssl-ca=" . escapeshellarg($GLOBALS['OE_SITE_DIR'] . "/documents/certificates/mysql-ca") . " ";
178 if (file_exists($GLOBALS['OE_SITE_DIR'] . "/documents/certificates/mysql-key") &&
179 file_exists($GLOBALS['OE_SITE_DIR'] . "/documents/certificates/mysql-cert")) {
180 // Support for mysql SSL client based cert authentication
181 $mysql_ssl .= "--ssl-cert=" . escapeshellarg($GLOBALS['OE_SITE_DIR'] . "/documents/certificates/mysql-cert") . " ";
182 $mysql_ssl .= "--ssl-key=" . escapeshellarg($GLOBALS['OE_SITE_DIR'] . "/documents/certificates/mysql-key") . " ";
183 }
184 }
185
186 $file_to_compress = ''; // if named, this iteration's file will be gzipped after it is created
187 $eventlog=0; // Eventlog Flag
188
189 if ($form_step == 0) {
190 echo "<table>\n";
191 echo " <tr>\n";
192 echo " <td><input type='submit' name='form_create' value='" . attr($BTN_TEXT_CREATE) . "' /></td>\n";
193 echo " <td>" . xlt('Create and download a full backup') . "</td>\n";
194 echo " </tr>\n";
195 // The config import/export feature is optional.
196 if (!empty($GLOBALS['configuration_import_export'])) {
197 echo " <tr>\n";
198 echo " <td><input type='submit' name='form_export' value='" . attr($BTN_TEXT_EXPORT) . "' /></td>\n";
199 echo " <td>" . xlt('Download configuration data') . "</td>\n";
200 echo " </tr>\n";
201 echo " <tr>\n";
202 echo " <td><input type='submit' name='form_import' value='" . attr($BTN_TEXT_IMPORT) . "' /></td>\n";
203 echo " <td>" . xlt('Upload configuration data') . "</td>\n";
204 echo " </tr>\n";
205 }
206
207 // ViSolve : Add ' Create Log table backup Button'
208 echo " <tr>\n";
209 echo " <td><input type='submit' name='form_backup' value='" . attr($BTN_TEXT_CREATE_EVENTLOG) . "' /></td>\n";
210 echo " <td>" . xlt('Create Eventlog Backup') . "</td>\n";
211 echo " </tr>\n";
212 echo " <tr>\n";
213 echo " <td></td><td class='text'><b>" . xlt('Note')."</b>&nbsp;" . xlt('Please refer to') . '&nbsp;README-Log-Backup.txt&nbsp;' . xlt('file in the Documentation directory to learn how to automate the process of creating log backups') . "</td>\n";
214 echo " </tr>\n";
215 echo "</table>\n";
216 }
217
218 if ($form_step == 1) {
219 $form_status .= xla('Dumping OpenEMR database') . "...<br />";
220 echo nl2br($form_status);
221 if (file_exists($TAR_FILE_PATH)) {
222 if (! unlink($TAR_FILE_PATH)) {
223 die(xlt("Couldn't remove old backup file:") . " " . text($TAR_FILE_PATH));
224 }
225 }
226
227 if (! obliterate_dir($TMP_BASE)) {
228 die(xlt("Couldn't remove dir:"). " " . text($TMP_BASE));
229 }
230
231 if (! mkdir($BACKUP_DIR, 0777, true)) {
232 die(xlt("Couldn't create backup dir:") . " " . text($BACKUP_DIR));
233 }
234
235 $file_to_compress = "$BACKUP_DIR/openemr.sql"; // gzip this file after creation
236
237 if ($GLOBALS['include_de_identification']==1) {
238 //include routines during backup when de-identification is enabled
239 $cmd = escapeshellcmd($mysql_dump_cmd) . " -u " . escapeshellarg($sqlconf["login"]) .
240 " -p" . escapeshellarg($sqlconf["pass"]) .
241 " -h " . escapeshellarg($sqlconf["host"]) .
242 " --port=".escapeshellarg($sqlconf["port"]) .
243 " --routines".
244 " --opt --quote-names -r " . escapeshellarg($file_to_compress) . " $mysql_ssl " .
245 escapeshellarg($sqlconf["dbase"]);
246 } else {
247 $cmd = escapeshellcmd($mysql_dump_cmd) . " -u " . escapeshellarg($sqlconf["login"]) .
248 " -p" . escapeshellarg($sqlconf["pass"]) .
249 " -h " . escapeshellarg($sqlconf["host"]) .
250 " --port=".escapeshellarg($sqlconf["port"]) .
251 " --opt --quote-names -r " . escapeshellarg($file_to_compress) . " $mysql_ssl " .
252 escapeshellarg($sqlconf["dbase"]);
253 }
254
255 $auto_continue = true;
256 }
257
258 if ($form_step == 2) {
259 if (!empty($phpgacl_location) && $gacl_object->_db_name != $sqlconf["dbase"]) {
260 $form_status .= xla('Dumping phpGACL database') . "...<br />";
261 echo nl2br($form_status);
262 $file_to_compress = "$BACKUP_DIR/phpgacl.sql"; // gzip this file after creation
263 $cmd = escapeshellcmd($mysql_dump_cmd) . " -u " . escapeshellarg($gacl_object->_db_user) .
264 " -p" . escapeshellarg($gacl_object->_db_password) .
265 " --opt --quote-names -r " . escapeshellarg($file_to_compress) . " $mysql_ssl " .
266 escapeshellarg($gacl_object->_db_name);
267 $auto_continue = true;
268 } else {
269 ++$form_step;
270 }
271 }
272
273 if ($form_step == 3) {
274 $form_status .= xla('Dumping OpenEMR web directory tree') . "...<br />";
275 echo nl2br($form_status);
276 $cur_dir = getcwd();
277 chdir($webserver_root);
278
279 // Select the files and directories to archive. Basically everything
280 // except site-specific data for other sites.
281 $file_list = array();
282 $dh = opendir($webserver_root);
283 if (!$dh) {
284 die("Cannot read directory '" . text($webserver_root) . "'.");
285 }
286
287 while (false !== ($filename = readdir($dh))) {
288 if ($filename == '.' || $filename == '..') {
289 continue;
290 }
291
292 if ($filename == 'sites') {
293 // Omit other sites.
294 $file_list[] = "$filename/" . $_SESSION['site_id'];
295 } else {
296 $file_list[] = $filename;
297 }
298 }
299
300 closedir($dh);
301
302 $arch_file = $BACKUP_DIR . DIRECTORY_SEPARATOR . "openemr.tar.gz";
303 if (!create_tar_archive($arch_file, "gz", $file_list)) {
304 die(xlt("An error occurred while dumping OpenEMR web directory tree"));
305 }
306
307 chdir($cur_dir);
308 $auto_continue = true;
309 }
310
311 if ($form_step == 4) {
312 if ((!empty($phpgacl_location)) && ($phpgacl_location != $srcdir."/../gacl")) {
313 $form_status .= xla('Dumping phpGACL web directory tree') . "...<br />";
314 echo nl2br($form_status);
315 $cur_dir = getcwd();
316 chdir($phpgacl_location);
317 $file_list = array('.'); // archive entire directory
318 $arch_file = $BACKUP_DIR . DIRECTORY_SEPARATOR . "phpgacl.tar.gz";
319 if (!create_tar_archive($arch_file, "gz", $file_list)) {
320 die(xlt("An error occurred while dumping phpGACL web directory tree"));
321 }
322
323 chdir($cur_dir);
324 $auto_continue = true;
325 } else {
326 ++$form_step;
327 }
328 }
329
330 if ($form_step == 5) { // create the final compressed tar containing all files
331 $form_status .= xla('Backup file has been created. Will now send download.') . "<br />";
332 echo nl2br($form_status);
333 $cur_dir = getcwd();
334 chdir($BACKUP_DIR);
335 $file_list = array('.');
336 if (!create_tar_archive($TAR_FILE_PATH, '', $file_list)) {
337 die(xlt("Error: Unable to create downloadable archive"));
338 }
339
340 chdir($cur_dir);
341 /* To log the backup event */
342 if ($GLOBALS['audit_events_backup']) {
343 EventAuditLogger::instance()->newEvent("backup", $_SESSION['authUser'], $_SESSION['authProvider'], 0, "Backup is completed");
344 }
345
346 $auto_continue = true;
347 }
348
349 if ($form_step == 101) {
350 echo "<p><b>&nbsp;" . xlt('Select the configuration items to export') . ":</b></p>";
351
352 echo "<table cellspacing='10' cellpadding='0'>\n<tr>\n<td valign='top' nowrap>\n";
353
354 echo "<b>" . xlt('Tables') . "</b><br />\n";
355 echo "<input type='checkbox' name='form_cb_services' value='1' />\n";
356 echo " " . xlt('Services') . "<br />\n";
357 echo "<input type='checkbox' name='form_cb_products' value='1' />\n";
358 echo " " . xlt('Products') . "<br />\n";
359 echo "<input type='checkbox' name='form_cb_prices' value='1' />\n";
360 echo " " . xlt('Prices') . "<br />\n";
361 echo "<input type='checkbox' name='form_cb_categories' value='1' />\n";
362 echo " " . xlt('Document Categories') . "<br />\n";
363 echo "<input type='checkbox' name='form_cb_feesheet' value='1' />\n";
364 echo " " . xlt('Fee Sheet Options') . "<br />\n";
365 echo "<input type='checkbox' name='form_cb_lang' value='1' />\n";
366 echo " " . xlt('Translations') . "<br />\n";
367
368 // Multi-select for lists.
369 echo "</td><td valign='top'>\n";
370 echo "<b>" . xlt('Lists') . "</b><br />\n";
371 echo "<select multiple name='form_sel_lists[]' size='15'>";
372 $lres = sqlStatement("SELECT option_id, title FROM list_options WHERE " .
373 "list_id = 'lists' AND activity = 1 ORDER BY title, seq");
374 while ($lrow = sqlFetchArray($lres)) {
375 echo "<option value='" . attr($lrow['option_id']) . "'";
376 echo ">" . text(xl_list_label($lrow['title'])) . "</option>\n";
377 }
378
379 echo "</select>\n";
380
381 // Multi-select for layouts.
382 echo "</td><td valign='top'>\n";
383 echo "<b>" . xlt('Layouts') . "</b><br />\n";
384 echo "<select multiple name='form_sel_layouts[]' size='15'>";
385 $lres = sqlStatement("SELECT grp_form_id, grp_title FROM layout_group_properties WHERE " .
386 "grp_group_id = '' AND grp_activity = 1 ORDER BY grp_form_id");
387 while ($lrow = sqlFetchArray($lres)) {
388 $key = $lrow['grp_form_id'];
389 echo "<option value='" . attr($key) . "'";
390 echo ">" . text($key) . ": " . text(xl_layout_label($lrow['grp_title'])) . "</option>\n";
391 }
392
393 echo "</select>\n";
394
395 echo "</td>\n</tr>\n</table>\n";
396 echo "&nbsp;<br /><input type='submit' value='" . xla('Continue') . "' />\n";
397 }
398
399 if ($form_step == 102) {
400 $tables = '';
401 if ($_POST['form_cb_services' ]) {
402 $tables .= ' codes';
403 }
404
405 if ($_POST['form_cb_products' ]) {
406 $tables .= ' drugs drug_templates';
407 }
408
409 if ($_POST['form_cb_prices' ]) {
410 $tables .= ' prices';
411 }
412
413 if ($_POST['form_cb_categories']) {
414 $tables .= ' categories categories_seq';
415 }
416
417 if ($_POST['form_cb_feesheet' ]) {
418 $tables .= ' fee_sheet_options';
419 }
420
421 if ($_POST['form_cb_lang' ]) {
422 $tables .= ' lang_languages lang_constants lang_definitions';
423 }
424
425 if ($tables || is_array($_POST['form_sel_lists']) || is_array($_POST['form_sel_layouts'])) {
426 $form_status .= xla('Creating export file') . "...<br />";
427 echo nl2br($form_status);
428 if (file_exists($EXPORT_FILE)) {
429 if (! unlink($EXPORT_FILE)) {
430 die(xlt("Couldn't remove old export file: ") . text($EXPORT_FILE));
431 }
432 }
433
434 // The substitutions below use perl because sed's not usually on windows systems.
435 $perl = $PERL_PATH . DIRECTORY_SEPARATOR . 'perl';
436
437
438 # This condition was added because the windows operating system uses different syntax for the shell commands.
439 # The test is if it is the windows operating system.
440 if (IS_WINDOWS) {
441 # This section sets the character_set_client to utf8 in the sql file as part or the import property.
442 # windows will place the quotes in the outputted code if they are there. we removed them here.
443 $cmd = "echo SET character_set_client = utf8; > " . escapeshellarg($EXPORT_FILE) . " & ";
444 } else {
445 $cmd = "echo 'SET character_set_client = utf8;' > " . escapeshellarg($EXPORT_FILE) . ";";
446 }
447
448 if ($tables) {
449 $cmd .= escapeshellcmd($mysql_dump_cmd) . " -u " . escapeshellarg($sqlconf["login"]) .
450 " -p" . escapeshellarg($sqlconf["pass"]) .
451 " -h " . escapeshellarg($sqlconf["host"]) .
452 " --port=".escapeshellarg($sqlconf["port"]) .
453 " --opt --quote-names $mysql_ssl " .
454 escapeshellarg($sqlconf["dbase"]) . " $tables";
455 if (IS_WINDOWS) {
456 # The Perl script differs in windows also.
457 $cmd .= " | " . escapeshellcmd($perl) . " -pe \"s/ DEFAULT CHARSET=utf8//i; s/ collate[ =][^ ;,]*//i;\"" .
458 " >> " . escapeshellarg($EXPORT_FILE) . " & ";
459 } else {
460 $cmd .= " | " . escapeshellcmd($perl) . " -pe 's/ DEFAULT CHARSET=utf8//i; s/ collate[ =][^ ;,]*//i;'" .
461 " > " . escapeshellarg($EXPORT_FILE) . ";";
462 }
463 }
464
465 $dumppfx = escapeshellcmd($mysql_dump_cmd) . " -u " . escapeshellarg($sqlconf["login"]) .
466 " -p" . escapeshellarg($sqlconf["pass"]) .
467 " -h " . escapeshellarg($sqlconf["host"]) .
468 " --port=" . escapeshellarg($sqlconf["port"]) .
469 " --skip-opt --quote-names --complete-insert --no-create-info $mysql_ssl";
470 // Individual lists.
471 if (is_array($_POST['form_sel_lists'])) {
472 foreach ($_POST['form_sel_lists'] as $listid) {
473 if (IS_WINDOWS) {
474 # windows will place the quotes in the outputted code if they are there. we removed them here.
475 $cmd .= " echo DELETE FROM list_options WHERE list_id = '" . add_escape_custom($listid) . "'; >> " . escapeshellarg($EXPORT_FILE) . " & ";
476 $cmd .= " echo DELETE FROM list_options WHERE list_id = 'lists' AND option_id = '" . add_escape_custom($listid) . "'; >> " . escapeshellarg($EXPORT_FILE) . " & ";
477 } else {
478 $cmd .= "echo \"DELETE FROM list_options WHERE list_id = '" . add_escape_custom($listid) . "';\" >> " . escapeshellarg($EXPORT_FILE) . ";";
479 $cmd .= "echo \"DELETE FROM list_options WHERE list_id = 'lists' AND option_id = '" . add_escape_custom($listid) . "';\" >> " . escapeshellarg($EXPORT_FILE) . ";";
480 }
481 $cmd .= $dumppfx .
482 " --where=\"list_id = 'lists' AND option_id = '" . add_escape_custom($listid) . "' OR list_id = '" . add_escape_custom($listid) . "' " .
483 "ORDER BY list_id != 'lists', seq, title\" " .
484 escapeshellarg($sqlconf["dbase"]) . " list_options";
485 if (IS_WINDOWS) {
486 # windows uses the & to join statements.
487 $cmd .= " >> " . escapeshellarg($EXPORT_FILE) . " & ";
488 } else {
489 $cmd .= " >> " . escapeshellarg($EXPORT_FILE) . ";";
490 }
491 }
492 }
493
494 // Individual layouts.
495 if (is_array($_POST['form_sel_layouts'])) {
496 foreach ($_POST['form_sel_layouts'] as $layoutid) {
497 if (IS_WINDOWS) {
498 # windows will place the quotes in the outputted code if they are there. we removed them here.
499 $cmd .= " echo DELETE FROM layout_options WHERE form_id = '" . add_escape_custom($layoutid) . "'; >> " . escapeshellarg($EXPORT_FILE) . " & ";
500 } else {
501 $cmd .= "echo \"DELETE FROM layout_options WHERE form_id = '" . add_escape_custom($layoutid) . "';\" >> " . escapeshellarg($EXPORT_FILE) . ";";
502 }
503 if (IS_WINDOWS) {
504 # windows will place the quotes in the outputted code if they are there. we removed them here.
505 $cmd .= "echo \"DELETE FROM layout_group_properties WHERE grp_form_id = '" . add_escape_custom($layoutid) . "';\" >> " . escapeshellarg($EXPORT_FILE) . " &;";
506 } else {
507 $cmd .= "echo \"DELETE FROM layout_group_properties WHERE grp_form_id = '" . add_escape_custom($layoutid) . "';\" >> " . escapeshellarg($EXPORT_FILE) . ";";
508 }
509 $cmd .= $dumppfx .
510 " --where=\"grp_form_id = '" . add_escape_custom($layoutid) . "'\" " .
511 escapeshellarg($sqlconf["dbase"]) . " layout_group_properties";
512 if (IS_WINDOWS) {
513 # windows uses the & to join statements.
514 $cmd .= " >> " . escapeshellarg($EXPORT_FILE) . " & ";
515 } else {
516 $cmd .= " >> " . escapeshellarg($EXPORT_FILE) . ";";
517 }
518 $cmd .= $dumppfx .
519 " --where=\"form_id = '" . add_escape_custom($layoutid) . "' ORDER BY group_id, seq, title\" " .
520 escapeshellarg($sqlconf["dbase"]) . " layout_options" ;
521 if (IS_WINDOWS) {
522 # windows uses the & to join statements.
523 $cmd .= " >> " . escapeshellarg($EXPORT_FILE) . " & ";
524 } else {
525 $cmd .= " >> " . escapeshellarg($EXPORT_FILE) . ";";
526 }
527 }
528 }
529 } else {
530 echo xlt('No items were selected!');
531 $form_step = -1;
532 }
533
534 $auto_continue = true;
535 }
536
537 if ($form_step == 103) {
538 $form_status .= xla('Done. Will now send download.') . "<br />";
539 echo nl2br($form_status);
540 $auto_continue = true;
541 }
542
543 if ($form_step == 201) {
544 echo xlt('WARNING: This will overwrite configuration information with data from the uploaded file!') . " \n";
545 echo xlt('Use this feature only with newly installed sites, ');
546 echo xlt('otherwise you will destroy references to/from existing data.') . "\n";
547 echo "<br />&nbsp;<br />\n";
548 echo xlt('File to upload') . ":\n";
549 echo "<input type='hidden' name='MAX_FILE_SIZE' value='4000000' />\n";
550 echo "<input type='file' name='userfile' /><br />&nbsp;<br />\n";
551 echo "<input type='submit' value='" . xla('Continue') . "' />\n";
552 }
553
554 if ($form_step == 202) {
555 // Process uploaded config file.
556 if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
557 if (move_uploaded_file($_FILES['userfile']['tmp_name'], $EXPORT_FILE)) {
558 $form_status .= xla('Applying') . "...<br />";
559 echo nl2br($form_status);
560 $cmd = escapeshellcmd($mysql_dump_cmd) . " -u " . escapeshellarg($sqlconf["login"]) .
561 " -p" . escapeshellarg($sqlconf["pass"]) .
562 " -h " . escapeshellarg($sqlconf["host"]) .
563 " --port=".escapeshellarg($sqlconf["port"]) .
564 " $mysql_ssl " .
565 escapeshellarg($sqlconf["dbase"]) .
566 " < " . escapeshellarg($EXPORT_FILE);
567 } else {
568 echo xlt('Internal error accessing uploaded file!');
569 $form_step = -1;
570 }
571 } else {
572 echo xlt('Upload failed!');
573 $form_step = -1;
574 }
575
576 $auto_continue = true;
577 }
578
579 if ($form_step == 203) {
580 $form_status .= xla('Done') . ".";
581 echo nl2br($form_status);
582 }
583
584 /// ViSolve : EventLog Backup
585 if ($form_step == 301) {
586 # Get the Current Timestamp, to attach with the log backup file
587 $backuptime=date("Ymd_His");
588 # Eventlog backup directory
589 $BACKUP_EVENTLOG_DIR = $GLOBALS['backup_log_dir'] . "/emr_eventlog_backup";
590
591 # Check if Eventlog Backup directory exists, if not create it with Write permission
592 if (!file_exists($BACKUP_EVENTLOG_DIR)) {
593 mkdir($BACKUP_EVENTLOG_DIR);
594 chmod($BACKUP_EVENTLOG_DIR, 0777);
595 }
596
597 # Frame the Eventlog Backup File Name
598 $BACKUP_EVENTLOG_FILE=$BACKUP_EVENTLOG_DIR.'/eventlog_'.$backuptime.'.sql';
599 # Create a new table similar to event table, rename the existing table as backup table, and rename the new table to event log table. Then export the contents of the table into a text file and drop the table.
600 $res=sqlStatement("create table if not exists log_comment_encrypt_new like log_comment_encrypt");
601 $res=sqlStatement("rename table log_comment_encrypt to log_comment_encrypt_backup,log_comment_encrypt_new to log_comment_encrypt");
602 $res=sqlStatement("create table if not exists log_new like log");
603 $res=sqlStatement("rename table log to log_backup,log_new to log");
604 $res=sqlStatement("create table if not exists log_validator_new like log_validator");
605 $res=sqlStatement("rename table log_validator to log_validator_backup, log_validator_new to log_validator");
606 echo "<br>";
607 $cmd = escapeshellcmd($mysql_dump_cmd) . " -u " . escapeshellarg($sqlconf["login"]) .
608 " -p" . escapeshellarg($sqlconf["pass"]) .
609 " -h " . escapeshellarg($sqlconf["host"]) .
610 " --port=" .escapeshellarg($sqlconf["port"]) .
611 " --opt --quote-names -r " . escapeshellarg($BACKUP_EVENTLOG_FILE) . " $mysql_ssl " .
612 escapeshellarg($sqlconf["dbase"]) ." --tables log_comment_encrypt_backup log_backup log_validator_backup";
613 # Set Eventlog Flag when it is done
614 $eventlog=1;
615 // 301 If ends here.
616 }
617
618 ++$form_step;
619 ?>
620
621 </td>
622 </tr>
623 </table>
624
625 <input type='hidden' name='form_step' value='<?php echo attr($form_step); ?>' />
626 <input type='hidden' name='form_status' value='<?php echo $form_status; ?>' />
627
628 </form>
629
630 <?php
631 ob_flush();
632 flush();
633 if ($cmd) {
634 $tmp0 = exec($cmd, $tmp1, $tmp2);
635
636 if ($tmp2) {
637 if ($eventlog==1) {
638 // ViSolve : Restore previous state, if backup fails.
639 $res=sqlStatement("drop table if exists log_comment_encrypt");
640 $res=sqlStatement("rename table log_comment_encrypt_backup to log_comment_encrypt");
641 $res=sqlStatement("drop table if exists log");
642 $res=sqlStatement("rename table log_backup to log");
643 $res=sqlStatement("drop table if exists log_validator");
644 $res=sqlStatement("rename table log_validator_backup to log_validator");
645 }
646 //Removed the connection details as it exposes all the database credentials
647
648 die("There was an error on the backup");
649 }
650
651 // ViSolve: If the Eventlog is set, then clear the temporary table -- Start here
652 if ($eventlog==1) {
653 $res=sqlStatement("drop table if exists log_backup");
654 $res=sqlStatement("drop table if exists log_comment_encrypt_backup");
655 $res=sqlStatement("drop table if exists log_validator_backup");
656 echo "<br><b>";
657 echo xlt('Backup Successfully taken in') . " ";
658 echo text($BACKUP_EVENTLOG_DIR);
659 echo "</b>";
660 }
661
662 // ViSolve: If the Eventlog is set, then clear the temporary table -- Ends here
663 }
664
665 // If a file was flagged to be gzip-compressed after this cmd, do it.
666 if ($file_to_compress) {
667 if (!gz_compress_file($file_to_compress)) {
668 die(xlt("Error in gzip compression of file: ") . text($file_to_compress));
669 }
670 }
671 ?>
672
673 </center>
674
675 <?php if ($auto_continue) { ?>
676 <script language="JavaScript">
677 setTimeout("document.forms[0].submit();", 500);
678 </script>
679 <?php }
680
681 // Recursive directory remove (like an O/S insensitive "rm -rf dirname")
682 function obliterate_dir($dir)
683 {
684 if (!file_exists($dir)) {
685 return true;
686 }
687
688 if (!is_dir($dir) || is_link($dir)) {
689 return unlink($dir);
690 }
691
692 foreach (scandir($dir) as $item) {
693 if ($item == '.' || $item == '..') {
694 continue;
695 }
696
697 if (!obliterate_dir($dir . DIRECTORY_SEPARATOR . $item)) {
698 chmod($dir . DIRECTORY_SEPARATOR . $item, 0777);
699 if (!obliterate_dir($dir . DIRECTORY_SEPARATOR . $item)) {
700 return false;
701 }
702 };
703 }
704
705 return rmdir($dir);
706 }
707
708 // Create a tar archive given the archive file name, compression method if any, and the
709 // array of file/directory names to archive
710 function create_tar_archive($archiveName, $compressMethod, $itemArray)
711 {
712 global $newBackupMethod;
713
714 if ($newBackupMethod) {
715 // Create a tar object using the pear library
716 // (this is the preferred method)
717 $tar = new Archive_Tar($archiveName, $compressMethod);
718 if ($tar->create($itemArray)) {
719 return true;
720 }
721 } else {
722 // Create the tar files via command line tools
723 // (this method used when the tar pear library is not available)
724 $files = '"' . implode('" "', $itemArray) . '"';
725 if ($compressMethod == "gz") {
726 $command = "tar --same-owner --ignore-failed-read -zcphf " . escapeshellarg($archiveName) . " $files";
727 } else {
728 $command = "tar -cpf " . escapeshellarg($archiveName) . " $files";
729 }
730
731 $temp0 = exec($command, $temp1, $temp2);
732 if ($temp2) {
733 die("\"" . text($command) . "\" returned " . text($temp2) . ": " . text($temp0));
734 }
735
736 return true;
737 }
738
739 return false;
740 }
741
742 // Compress a file using gzip. Source file removed, leaving only the compressed
743 // *.gz file, just like gzip command line would behave.
744 function gz_compress_file($source)
745 {
746 $dest=$source.'.gz';
747 $error=false;
748 if ($fp_in=fopen($source, 'rb')) {
749 if ($fp_out=gzopen($dest, 'wb')) {
750 while (!feof($fp_in)) {
751 gzwrite($fp_out, fread($fp_in, 1024*512));
752 }
753
754 gzclose($fp_out);
755 fclose($fp_in);
756 unlink($source);
757 } else {
758 $error=true;
759 }
760 } else {
761 $error=true;
762 }
763
764 if ($error) {
765 return false;
766 } else {
767 return $dest;
768 }
769 }
770 ?>
771
772 </body>
773 </html>
Mirror of official OpenEMR Sourceforge repository