X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=bin%2Fmozilla%2Fadmin.pl;h=c704174c8f66ec2fac026e3e217c8f708b91c369;hb=6881b4bd6a669dd991b227ecf41c3e8662806595;hp=9856c29550de158ee6ae7626107498ea81e35101;hpb=4dbb09950c9f5596646537c12d991c99086fe7c1;p=kivitendo-erp.git

diff --git a/bin/mozilla/admin.pl b/bin/mozilla/admin.pl
old mode 100644
new mode 100755
index 9856c2955..c704174c8
--- a/bin/mozilla/admin.pl
+++ b/bin/mozilla/admin.pl
@@ -32,1609 +32,1190 @@
 #
 #======================================================================
 
-$menufile = "menu.ini";
-
+use DBI;
+use Encode;
+use English qw(-no_match_vars);
+use Fcntl;
+use File::Copy;
+use File::Find;
+use File::Spec;
+use Cwd;
+use IO::File;
+use POSIX qw(strftime);
+use Sys::Hostname;
+
+use SL::Auth;
+use SL::Auth::PasswordPolicy;
 use SL::Form;
+use SL::Iconv;
+use SL::Mailer;
 use SL::User;
+use SL::Common;
+use SL::Inifile;
+use SL::DBUpgrade2;
+use SL::DBUtils;
+
+require "bin/mozilla/common.pl";
+require "bin/mozilla/admin_groups.pl";
+require "bin/mozilla/admin_printer.pl";
+
+use strict;
+
+# parserhappy(R):
+
+#  $locale->text('periodic')
+#  $locale->text('income')
+#  $locale->text('perpetual')
+#  $locale->text('balance')
+
+our $cgi;
+our $form;
+our $locale;
+our $auth;
+
+my @valid_dateformats = qw(mm/dd/yy dd/mm/yy dd.mm.yy yyyy-mm-dd);
+my @valid_numberformats = ('1,000.00', '1000.00', '1.000,00', '1000,00');
+my @all_stylesheets = qw(lx-office-erp.css Win2000.css Mobile.css kivitendo.css);
+my @all_menustyles = (
+  { id => 'old', title => $::locale->text('Old (on the side)') },
+  { id => 'v3',  title => $::locale->text('Top (CSS)') },
+  { id => 'v4',  title => $::locale->text('Top (CSS) new') },
+  { id => 'neu', title => $::locale->text('Top (Javascript)') },
+);
+
+sub run {
+  $::lxdebug->enter_sub;
+  my $session_result = shift;
+
+  $form   = $::form;
+  $locale = $::locale;
+  $auth   = $::auth;
+
+  $form->{stylesheet} = "lx-office-erp.css";
+  $form->{favicon}    = "favicon.ico";
+
+  if ($form->{action}) {
+    if ($auth->authenticate_root($form->{'{AUTH}admin_password'}) != $auth->OK()) {
+      $auth->punish_wrong_login;
+      $form->{error_message} = $locale->text('Incorrect Password!');
+      $auth->delete_session_value('admin_password');
+      adminlogin();
+    } else {
+      if ($auth->session_tables_present()) {
+        delete $::form->{'{AUTH}admin_password'};
+        _apply_dbupgrade_scripts();
+      }
 
+      call_sub($locale->findsub($form->{action}));
+    }
+  } else {
+    # if there are no drivers bail out
+    $form->error($locale->text('No Database Drivers available!'))
+      unless (User->dbdrivers);
 
-$form = new Form;
+    adminlogin();
+  }
+  $::lxdebug->leave_sub;
+}
 
-$locale = new Locale $language, "admin";
-  
-eval { require DBI; };
-$form->error($locale->text('DBI not installed!')) if ($@);
+sub adminlogin {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
+  $form->{title} = qq|kivitendo $form->{version} | . $locale->text('Administration');
 
-# customization
-if (-f "$form->{path}/custom_$form->{script}") {
-  eval { require "$form->{path}/custom_$form->{script}"; };
-  $form->error($@) if ($@);
+  $form->header();
+  print $form->parse_html_template('admin/adminlogin');
 }
 
+sub login {
+  check_auth_db_and_tables();
+  list_users();
+}
 
-$form->{stylesheet} = "lx-office-erp.css";
-$form->{favicon} = "favicon.ico";
+sub logout {
+  $main::auth->destroy_session();
+  adminlogin();
+}
 
-if ($form->{action}) {
+sub check_auth_db_and_tables {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
-  $subroutine = $locale->findsub($form->{action});
-  
-  if ($subroutine eq 'login') {
-    if ($form->{rpw}) {
-      $form->{rpw} = crypt $form->{rpw}, "ro";
-    }
-  }
-  
-  &check_password;
-  
-  &$subroutine;
-    
-} else {
-
-  # if there are no drivers bail out
-  $form->error($locale->text('No Database Drivers available!')) unless (User->dbdrivers);
-
-  # create memberfile
-  if (! -f $memberfile) {
-    open(FH, ">$memberfile") or $form->error("$memberfile : $!");
-    print FH qq|# SQL-Ledger Accounting members
-
-[root login]
-password=
-
-|;
-    close FH;
-  }
+  my %params;
 
-  &adminlogin;
+  map { $params{"db_${_}"} = $main::auth->{DB_config}->{$_} } keys %{ $auth->{DB_config} };
 
-}
+  $params{admin_password} = $::lx_office_conf{authentication}->{admin_password};
 
-1;
-# end
+  if (!$main::auth->check_database()) {
+    $form->{title} = $locale->text('Authentification database creation');
+    $form->header();
+    print $form->parse_html_template('admin/check_auth_database', \%params);
 
+    ::end_of_request();
+  }
 
-sub adminlogin {
+  if (!$main::auth->check_tables()) {
+    $form->{title} = $locale->text('Authentification tables creation');
+    $form->header();
+    print $form->parse_html_template('admin/check_auth_tables', \%params);
 
-  $form->{title} = qq|Lx-Office ERP $form->{version} |.$locale->text('Administration');
+    ::end_of_request();
+  }
 
-  $form->header;
-  
-  print qq|
-<body class=admin>
+  my $memberfile = $::lx_office_conf{paths}->{memberfile};
+  if (-f $memberfile) {
+    my $memberdir = "";
 
+    if ($memberfile =~ m|^.*/|) {
+      $memberdir = $&;
+    }
 
-<div align=center>
+    my $backupdir = "${memberdir}member-file-migration";
 
-<a href="http://www.lx-office.org"><img src="image/lx-office-erp.png" border=0></a>
-<h1 class=login>|.$locale->text('Version').qq| $form->{version}<p>|.$locale->text('Administration').qq|</h1>
+    $form->{title} = $locale->text('User data migration');
+    $form->header();
+    print $form->parse_html_template('admin/user_migration', { 'memberfile' => $memberfile,
+                                                               'backupdir'  => $backupdir });
 
-<form method=post action="$form->{script}">
+    ::end_of_request();
+  }
+}
 
-<table>
-  <tr>
-    <th>|.$locale->text('Password').qq|</th>
-    <td><input type=password name=rpw></td>
-    <td><input type=submit class=submit name=action value="|.$locale->text('Login').qq|"></td>
-  </tr>
-<input type=hidden name=action value=login>
-<input type=hidden name=root value="root login">
-<input type=hidden name=path value=$form->{path}>
-</table>
+sub create_auth_db {
+  my $form = $main::form;
 
+  $main::auth->create_database('superuser'          => $form->{db_superuser},
+                               'superuser_password' => $form->{db_superuser_password},
+                               'template'           => $form->{db_template});
+  login();
+}
 
-</form>
+sub create_auth_tables {
+  my $form   = $main::form;
+  my $locale = $main::locale;
+
+  $main::auth->create_tables();
+  $main::auth->set_session_value('admin_password', $form->{'{AUTH}admin_password'});
+  $main::auth->create_or_refresh_session();
+
+  my $memberfile = $::lx_office_conf{paths}->{memberfile};
+  if (!-f $memberfile) {
+    # New installation -- create a standard group with full access
+    my %members;
+    my $group = {
+      'name'        => $locale->text('Full Access'),
+      'description' => $locale->text('Full access to all functions'),
+      'rights'      => { map { $_ => 1 } SL::Auth::all_rights() },
+      'members'     => [ map { $_->{id} } values %members ],
+    };
+
+    $main::auth->save_group($group);
+  }
 
-<a href=http://www.lx-office.org>Lx-Office |.$locale->text('website').qq|</a>
+  _apply_dbupgrade_scripts();
+  login();
+}
 
-</div>
+sub migrate_users {
+  $main::lxdebug->enter_sub();
 
-</body>
-</html>
-|;
+  my $form      = $main::form;
+  my $locale    = $main::locale;
 
-}
+  my $memberdir = "";
 
+  my $memberfile = $::lx_office_conf{paths}->{memberfile};
+  if ($memberfile =~ m|^.*/|) {
+    $memberdir = $&;
+  }
 
+  my $backupdir = "${memberdir}member-file-migration";
 
+  if (! -d $backupdir && !mkdir $backupdir, 0700) {
+    $form->error(sprintf($locale->text('The directory "%s" could not be created:\n%s'), $backupdir, $!));
+  }
 
-sub login {
+  copy $memberfile, "users/member-file-migration/members";
 
-  &list_users;
+  my $in = IO::File->new($memberfile, "r");
 
-}
+  $form->error($locale->text('Could not open the old memberfile.')) if (!$in);
 
+  my (%members, $login);
 
+  while (<$in>) {
+    chomp;
 
-sub add_user {
-  
-  $form->{title} = "Lx-Office ERP ".$locale->text('Administration')." / ".$locale->text('Add User');
+    next if (m/^\s*\#/);
 
-  $form->{Oracle_sid} = $sid;
-  $form->{Oracle_dbport} = '1521';
-  $form->{Oracle_dbhost} = `hostname`;
+    if (m/^\[.*\]/) {
+      $login = $_;
+      $login =~ s/(\[|\])//g;
+      $login =~ s/^\s*//;
+      $login =~ s/\s*$//;
 
-  if (-f "css/lx-office-erp.css") {
-    $myconfig->{stylesheet} = "lx-office-erp.css";
-  }
-  $myconfig->{vclimit} = 200;
-  
-  &form_header;
-  &form_footer;
-  
-}
+      $members{$login} = { "login" => $login };
+      next;
+    }
 
+    if ($login && m/=/) {
+      my ($key, $value) = split m/\s*=\s*/, $_, 2;
+      $key   =~ s|^\s*||;
+      $value =~ s|\s*$||;
 
+      $value =~ s|\\r||g;
+      $value =~ s|\\n|\n|g;
 
-sub edit {
+      $members{$login}->{$key} = $value;
+    }
+  }
 
-  $form->{title} = "Lx-Office ERP ".$locale->text('Administration')." / ".$locale->text('Edit User');
-  $form->{edit} = 1;
+  $in->close();
 
-  &form_header;
-  &form_footer;
+  delete $members{"root login"};
 
-}
+  map { $_->{dbpasswd} = unpack 'u', $_->{dbpasswd} } values %members;
 
+  while (my ($login, $params) = each %members) {
+    $main::auth->save_user($login, %{ $params });
+    $main::auth->change_password($login, $params->{password}, 1);
 
-sub form_footer {
+    my $conf_file = "${memberdir}${login}.conf";
 
-  if ($form->{edit}) {
-    $delete = qq|<input type=submit class=submit name=action value="|.$locale->text('Delete').qq|">
-<input type=hidden name=edit value=1>|;
+    if (-f $conf_file) {
+      copy   $conf_file, "${backupdir}/${login}.conf";
+      unlink $conf_file;
+    }
   }
 
-  print qq|
-
-<input name=callback type=hidden value="$form->{script}?action=list_users&path=$form->{path}&root=$form->{root}&rpw=$form->{rpw}">
-<input type=hidden name=root value="$form->{root}">
-<input type=hidden name=path value=$form->{path}>
-<input type=hidden name=rpw value=$form->{rpw}>
-
-<input type=submit class=submit name=action value="|.$locale->text('Save').qq|">
-$delete
+  unlink $memberfile;
 
-</form>
+  my @member_list = sort { lc $a->{login} cmp lc $b->{login} } values %members;
 
-</body>
-</html>
-|;
+  $form->{title} = $locale->text('User data migration');
+  $form->header();
+  print $form->parse_html_template('admin/user_migration_done', { 'MEMBERS' => \@member_list });
 
+  $main::lxdebug->leave_sub();
 }
 
+sub create_standard_group_ask {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
-sub list_users {
+  $form->{title} = $locale->text('Create a standard group');
 
-  $form->error($locale->text('File locked!')) if (-f "${memberfile}.LCK");
+  $form->header();
+  print $form->parse_html_template("admin/create_standard_group_ask");
+}
 
-  open(FH, "$memberfile") or $form->error("$memberfile : $!");
+sub create_standard_group {
+  my $form    = $main::form;
+  my $locale  = $main::locale;
 
-  $nologin = qq|
-<input type=submit class=submit name=action value="|.$locale->text('Lock System').qq|">|;
+  my %members = $main::auth->read_all_users();
 
-  if (-e "$userspath/nologin") {
-    $nologin = qq|
-<input type=submit class=submit name=action value="|.$locale->text('Unlock System').qq|">|;
-  }
+  my $groups  = $main::auth->read_groups();
 
-
-  while (<FH>) {
-    chop;
-    
-    if (/^\[.*\]/) {
-      $login = $_;
-      $login =~ s/(\[|\])//g;
-    }
-
-    if (/^(name=|company=|templates=|dbuser=|dbdriver=|dbname=|dbhost=)/) {
-      chop ($var = $&);
-      ($null, $member{$login}{$var}) = split /=/, $_, 2;
+  foreach my $group (values %{$groups}) {
+    if (($form->{group_id} != $group->{id})
+        && ($form->{name} eq $group->{name})) {
+      $form->show_generic_error($locale->text("A group with that name does already exist."));
     }
   }
-  
-  close(FH);
 
-# type=submit $locale->text('Pg Database Administration')
-# type=submit $locale->text('Oracle Database Administration')
+  my $group = {
+    'name'        => $locale->text('Full Access'),
+    'description' => $locale->text('Full access to all functions'),
+    'rights'      => { map { $_ => 1 } SL::Auth::all_rights() },
+    'members'     => [ map { $_->{id} } values %members ],
+  };
 
-  foreach $item (User->dbdrivers) {
-    $dbdrivers .= qq|<input name=action type=submit class=submit value="|.$locale->text("$item Database Administration").qq|">|;
-  }
+  $main::auth->save_group($group);
 
-
-  $column_header{login} = qq|<th>|.$locale->text('Login').qq|</th>|;
-  $column_header{name} = qq|<th>|.$locale->text('Name').qq|</th>|;
-  $column_header{company} = qq|<th>|.$locale->text('Company').qq|</th>|;
-  $column_header{dbdriver} = qq|<th>|.$locale->text('Driver').qq|</th>|;
-  $column_header{dbhost} = qq|<th>|.$locale->text('Host').qq|</th>|;
-  $column_header{dataset} = qq|<th>|.$locale->text('Dataset').qq|</th>|;
-  $column_header{templates} = qq|<th>|.$locale->text('Templates').qq|</th>|;
-
-  @column_index = qw(login name company dbdriver dbhost dataset templates);
-
-  $form->{title} = "Lx-Office ERP ".$locale->text('Administration');
-
-  $form->header;
-
-  print qq|
-<body class=admin>
-
-<form method=post action=$form->{script}>
-
-<table width=100%>
-  <tr>
-  <tr class=listheading>
-    <th>$form->{title}</th>
-  </tr>
-  <tr size=5></tr>
-  <tr>
-    <td>
-      <table width=100%>
-        <tr class=listheading>|;
-
-  map { print "$column_header{$_}\n" } @column_index;
-  
-  print qq|
-        </tr>
-|;
-
-foreach $key (sort keys %member) {
-  $href = "$script?action=edit&login=$key&path=$form->{path}&root=$form->{root}&rpw=$form->{rpw}";
-  $href =~ s/ /%20/g;
-  
-  $member{$key}{templates} =~ s/^$templates\///;
-  $member{$key}{dbhost} = $locale->text('localhost') unless $member{$key}{dbhost};
-  $member{$key}{dbname} = $member{$key}{dbuser} if ($member{$key}{dbdriver} eq 'Oracle');
-
-  $column_data{login} = qq|<td><a href=$href>$key</a></td>|;
-  $column_data{name} = qq|<td>$member{$key}{name}</td>|;
-  $column_data{company} = qq|<td>$member{$key}{company}</td>|;
-  $column_data{dbdriver} = qq|<td>$member{$key}{dbdriver}</td>|;
-  $column_data{dbhost} = qq|<td>$member{$key}{dbhost}</td>|;
-  $column_data{dataset} = qq|<td>$member{$key}{dbname}</td>|;
-  $column_data{templates} = qq|<td>$member{$key}{templates}</td>|;
-  
-  $i++; $i %= 2;
-  print qq|
-        <tr class=listrow$i>|;
-
-  map { print "$column_data{$_}\n" } @column_index;
-
-  print qq|
-        </tr>|;
+  user_migration_complete(1);
 }
 
-
-print qq|
-      </table>
-    </td>
-  </tr>
-  <tr>
-    <td><hr size=3 noshade></td>
-  </tr>
-</table>
-
-<input type=hidden name=path value=$form->{path}>
-<input type=hidden name=rpw value=$form->{rpw}>
-<input type=hidden name=root value="$form->{root}">
-
-<br><input type=submit class=submit name=action value="|.$locale->text('Add User').qq|">
-<input type=submit class=submit name=action value="|.$locale->text('Change Admin Password').qq|">
-
-$dbdrivers
-$nologin
-
-</form>
-
-|.$locale->text('Click on login name to edit!').qq|
-<br>
-|.$locale->text('To add a user to a group edit a name, change the login name and save.  A new user with the same variables will then be saved under the new login name.').qq|
-
-<p>
-
-<form method=post action=login.pl>
-
-<table border=0 width=100%>
-  <tr class=listheading>
-    <th>Lx-Office ERP |.$locale->text('Login').qq|</th>
-  </tr>
-  <tr>
-    <td>
-      <table>
-        <tr>
-	  <th align=right>|.$locale->text('Name').qq|</th>
-	  <td><input class=login name=login></td>
-	  <td>&nbsp;</td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Password').qq|</th>
-	  <td><input class=login type=password name=password></td>
-	  <td><input type=submit name=action value="|.$locale->text('Login').qq|"></td>
-	</tr>
-<input type=hidden name=path value=$form->{path}>
-      </table>
-    </td>
-  </tr>
-</table>
-
-</form>
-
-<hr size=3 noshade>
-
-</body>
-</html>
-|;
-
+sub dont_create_standard_group {
+  user_migration_complete(0);
 }
 
+sub user_migration_complete {
+  my $standard_group_created = shift;
 
+  my $form                   = $main::form;
+  my $locale                 = $main::locale;
 
-sub form_header {
-
-  # if there is a login, get user
-  if ($form->{login}) {
-    # get user
-    $myconfig = new User "$memberfile", "$form->{login}";
+  $form->{title} = $locale->text('User migration complete');
+  $form->header();
 
-    $myconfig->{signature} =~ s/\\n/\r\n/g;
-    $myconfig->{address} =~ s/\\n/\r\n/g;
+  print $form->parse_html_template('admin/user_migration_complete', { 'standard_group_created' => $standard_group_created });
+}
 
-    # strip basedir from templates directory
-    $myconfig->{templates} =~ s/^$templates\///;
+sub list_users {
+  my $form    = $main::form;
+  my $locale  = $main::locale;
 
-    # $myconfig->{dbpasswd} = unpack 'u', $myconfig->{dbpasswd};
-  }
+  my %members = $main::auth->read_all_users();
 
+  delete $members{"root login"};
 
-  foreach $item (qw(mm-dd-yy mm/dd/yy dd-mm-yy dd/mm/yy dd.mm.yy yyyy-mm-dd)) {
-    $dateformat .= ($item eq $myconfig->{dateformat}) ? "<option selected>$item\n" : "<option>$item\n";
+  for (values %members) {
+    $_->{templates} =~ s|.*/||;
+    $_->{login_url} =  $::locale->is_utf8 ? Encode::encode('utf-8-strict', $_->{login}) : $_->{login_url};
   }
 
-  foreach $item (qw(1,000.00 1000.00 1.000,00 1000,00)) {
-    $numberformat .= ($item eq $myconfig->{numberformat}) ? "<option selected>$item\n" : "<option>$item\n";
-  }
+  $form->{title}   = "kivitendo " . $locale->text('Administration');
+  $form->{LOCKED}  = -e _nologin_file_name();
+  $form->{MEMBERS} = [ @members{sort { lc $a cmp lc $b } keys %members} ];
 
+  $form->header();
+  print $form->parse_html_template("admin/list_users");
+}
 
-  %countrycodes = User->country_codes;
-  $countrycodes = "";
-  foreach $key (sort { $countrycodes{$a} cmp $countrycodes{$b} } keys %countrycodes) {
-    $countrycodes .= ($myconfig->{countrycode} eq $key) ? "<option selected value=$key>$countrycodes{$key}" : "<option value=$key>$countrycodes{$key}";
-  }
-  $countrycodes = qq|<option value="">American English\n$countrycodes|;
+sub add_user {
+  $::form->{title}   = "kivitendo " . $::locale->text('Administration') . " / " . $::locale->text('Add User');
+
+# Note: Menu Style 'v3' is not compatible to all browsers!
+# "menustyle"    => "old" sets the HTML Menu to default.
+# User does not have a well behaved new constructor, so we#Ll just have to build one ourself
+  my $user     = bless {
+    "vclimit"      => 200,
+    "countrycode"  => "de",
+    "numberformat" => "1.000,00",
+    "dateformat"   => "dd.mm.yy",
+    "stylesheet"   => "lx-office-erp.css",
+    "menustyle"    => "old",
+    dbport         => $::auth->{DB_config}->{port} || 5432,
+    dbuser         => $::auth->{DB_config}->{user} || 'lxoffice',
+    dbhost         => $::auth->{DB_config}->{host} || 'localhost',
+  }, 'User';
+
+  edit_user_form($user);
+}
 
-  # is there a templates basedir
-  if (! -d "$templates") {
-    $form->error($locale->text('Directory').": $templates ".$locale->text('does not exist'));
-  }
+sub edit_user {
+  $::form->{title} = "kivitendo " . $::locale->text('Administration') . " / " . $::locale->text('Edit User');
+  $::form->{edit}  = 1;
 
-  opendir TEMPLATEDIR, "$templates/." or $form->error("$templates : $!");
-  @all = grep !/^\.\.?$/, readdir TEMPLATEDIR;
-  closedir TEMPLATEDIR;
+  # get user
+  my $user = User->new(id => $::form->{user}{id});
 
-  @allhtml = sort grep /\.html/, @all;
-  @alldir = grep !/\.(html|tex)$/, @all;
-  
-  @allhtml = reverse grep !/Default/, @allhtml;
-  push @allhtml, 'Default';
-  @allhtml = reverse @allhtml;
-  
-  foreach $item (@alldir) {
-    if ($item eq $myconfig->{templates}) {
-      $usetemplates .= qq|<option selected>$item\n|;
-    } else {
-      $usetemplates .= qq|<option>$item\n|;
-    }
-  }
-  
-  $lastitem = $allhtml[0];
-  $lastitem =~ s/-.*//g;
-  $mastertemplates = qq|<option>$lastitem\n|;
-  foreach $item (@allhtml) {
-    $item =~ s/-.*//g;
-    
-    if ($item ne $lastitem) {
-      $mastertemplates .= qq|<option>$item\n|;
-      $lastitem = $item;
-    }
-  }
+  # strip basedir from templates directory
+  $user->{templates} =~ s|.*/||;
 
-  opendir CSS, "css/.";
-  @all = grep /.*\.css$/, readdir CSS;
-  closedir CSS;
-  
-  foreach $item (@all) {
-    if ($item eq $myconfig->{stylesheet}) {
-      $selectstylesheet .= qq|<option selected>$item\n|;
-    } else {
-      $selectstylesheet .= qq|<option>$item\n|;
-    }
-  }
-  $selectstylesheet .= "<option>\n";
-  
-  
-  $form->header;
- 
-  print qq|
-<body class=admin>
-
-<form method=post action=$form->{script}>
-
-<table width=100%>
-  <tr class=listheading><th colspan=2>$form->{title}</th></tr>
-  <tr size=5></tr>
-  <tr valign=top>
-    <td>
-      <table>
-	<tr>
-	  <th align=right>|.$locale->text('Login').qq|</th>
-	  <td><input name=login value="$myconfig->{login}"></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Password').qq|</th>
-	  <td><input type=password name=password size=8 value=$myconfig->{password}></td>
-	  <input type=hidden name=old_password value=$myconfig->{password}>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Name').qq|</th>
-	  <td><input name=name size=15 value="$myconfig->{name}"></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('E-mail').qq|</th>
-	  <td><input name=email size=30 value="$myconfig->{email}"></td>
-	</tr>
-	<tr valign=top>
-	  <th align=right>|.$locale->text('Signature').qq|</th>
-	  <td><textarea name=signature rows=3 cols=35>$myconfig->{signature}</textarea></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Phone').qq|</th>
-	  <td><input name=tel size=14 value="$myconfig->{tel}"></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Fax').qq|</th>
-	  <td><input name=fax size=14 value="$myconfig->{fax}"></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Company').qq|</th>
-	  <td><input name=company size=35 value="$myconfig->{company}"></td>
-	</tr>
-	<tr valign=top>
-	  <th align=right>|.$locale->text('Address').qq|</th>
-	  <td><textarea name=address rows=4 cols=35>$myconfig->{address}</textarea></td>
-	</tr>
-        <tr valign=top>
-	  <th align=right>|.$locale->text('Steuernummer').qq|</th>
-	  <td><input name=steuernummer size=14 value="$myconfig->{steuernummer}"></td>
-	</tr>
-        <tr valign=top>
-	  <th align=right>|.$locale->text('Ust-IDNr').qq|</th>
-	  <td><input name=ustid size=14 value="$myconfig->{ustid}"></td>
-	</tr>
-        <tr valign=top>
-	  <th align=right>|.$locale->text('DUNS-Nr').qq|</th>
-	  <td><input name=duns size=14 value="$myconfig->{duns}"></td>
-	</tr>
-      </table>
-    </td>
-    <td>
-      <table>
-	<tr>
-	  <th align=right>|.$locale->text('Date Format').qq|</th>
-	  <td><select name=dateformat>$dateformat</select></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Number Format').qq|</th>
-	  <td><select name=numberformat>$numberformat</select></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Dropdown Limit').qq|</th>
-	  <td><input name=vclimit value="$myconfig->{vclimit}"></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Language').qq|</th>
-	  <td><select name=countrycode>$countrycodes</select></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Character Set').qq|</th>
-	  <td><input name=charset value="$myconfig->{charset}"></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Stylesheet').qq|</th>
-	  <td><select name=userstylesheet>$selectstylesheet</select></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Printer').qq|</th>
-	  <td><input name=printer size=20 value="$myconfig->{printer}"></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Use Templates').qq|</th>
-	  <td><select name=usetemplates>$usetemplates</select></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('New Templates').qq|</th>
-	  <td><input name=newtemplates></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Setup Templates').qq|</th>
-	  <td><select name=mastertemplates>$mastertemplates</select></td>
-	</tr>
-	<input type=hidden name=templates value=$myconfig->{templates}>
-      </table>
-    </td>
-  </tr>
-  <tr class=listheading>
-    <th colspan=2>|.$locale->text('Database').qq|</th>
-  </tr>|;
-
-    # list section for database drivers
-    foreach $item (User->dbdrivers) {
-      
-    print qq|
-  <tr>
-    <td colspan=2>
-      <table>
-	<tr>|;
-
-    $checked = "";
-    if ($myconfig->{dbdriver} eq $item) {
-      map { $form->{"${item}_$_"} = $myconfig->{$_} } qw(dbhost dbport dbuser dbpasswd dbname sid);
-      $checked = "checked";
-    }
+  edit_user_form($user);
+}
 
-    print qq|
-	  <th align=right>|.$locale->text('Driver').qq|</th>
-	  <td><input name=dbdriver type=radio class=radio value=$item $checked>&nbsp;$item</td>
-	  <th align=right>|.$locale->text('Host').qq|</th>
-	  <td><input name="${item}_dbhost" size=30 value=$form->{"${item}_dbhost"}></td>
-	</tr>
-	<tr>|;
-
-    if ($item eq 'Pg') {
-      print qq|
-	  <th align=right>|.$locale->text('Dataset').qq|</th>
-	  <td><input name=Pg_dbname size=15 value=$form->{Pg_dbname}></td>
-	  <th align=right>|.$locale->text('Port').qq|</th>
-	  <td><input name=Pg_dbport size=4 value=$form->{Pg_dbport}></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('User').qq|</th>
-	  <td><input name="${item}_dbuser" size=15 value=$form->{"${item}_dbuser"}></td>
-	  <th align=right>|.$locale->text('Password').qq|</th>
-	  <td><input name="${item}_dbpasswd" type=password size=10 value=$form->{"${item}_dbpasswd"}></td>
-	</tr>|;
+sub edit_user_form {
+  my ($user) = @_;
 
-    }
+  my %cc = $user->country_codes;
+  my @all_countrycodes = map { id => $_, title => $cc{$_} }, sort { $cc{$a} cmp $cc{$b} } keys %cc;
+  my ($all_dir, $all_master) = _search_templates();
+  my $groups = [];
 
-    if ($item eq 'Oracle') {
-      print qq|
-	  <th align=right>SID</th>
-	  <td><input name=Oracle_sid value=$form->{Oracle_sid}></td>
-	  <th align=right>|.$locale->text('Port').qq|</th>
-	  <td><input name=Oracle_dbport size=4 value=$form->{Oracle_dbport}></td>
-	</tr>
-	<tr>
-	  <th align=right>|.$locale->text('Dataset').qq|</th>
-	  <td><input name="${item}_dbuser" size=15 value=$form->{"${item}_dbuser"}></td>
-	  <th align=right>|.$locale->text('Password').qq|</th>
-	  <td><input name="${item}_dbpasswd" type=password size=10 value=$form->{"${item}_dbpasswd"}></td>
-	  
-	</tr>|;
+  if ($::form->{edit}) {
+    my $user_id    = $::auth->get_user_id($user->{login});
+    my $all_groups = $::auth->read_groups();
+
+    for my $group (values %{ $all_groups }) {
+      push @{ $groups }, $group if (grep { $user_id == $_ } @{ $group->{members} });
     }
-    
-      
-    print qq|
-	<input type=hidden name=old_dbpasswd value=$myconfig->{dbpasswd}>
-      </table>
-    </td>
-  </tr>
-  <tr>
-    <td colspan=2><hr size=2 noshade></td>
-  </tr>
-|;
 
+    $groups = [ sort { lc $a->{name} cmp lc $b->{name} } @{ $groups } ];
   }
 
+  $::form->header;
+  print $::form->parse_html_template("admin/edit_user", {
+    GROUPS               => $groups,
+    CAN_CHANGE_PASSWORD  => $::auth->can_change_password,
+    user                 => $user->data,
+    all_stylesheets      => \@all_stylesheets,
+    all_numberformats    => \@valid_numberformats,
+    all_dateformats      => \@valid_dateformats,
+    all_countrycodes     => \@all_countrycodes,
+    all_menustyles       => \@all_menustyles,
+    all_templates        => $all_dir,
+    all_master_templates => $all_master,
+  });
+}
+
+sub save_user {
+  my $form          = $main::form;
+  my $locale        = $main::locale;
 
-  # access control
-  open(FH, $menufile) or $form->error("$menufile : $!");
-  # scan for first menu level
-  @a = <FH>;
-  close(FH);
-  
-  if (open(FH, "custom_$menufile")) {
-    push @a, <FH>;
-  }
-  close(FH);
+  my $user = $form->{user};
 
-  foreach $item (@a) {
-    next unless $item =~ /\[/;
-    next if $item =~ /\#/;
+  $user->{dbdriver} = 'Pg';
 
-    $item =~ s/(\[|\])//g;
-    chop $item;
+  if (!$::form->{edit}) {
+    # no spaces allowed in login name
+    $user->{login} =~ s/\s//g;
+    $::form->show_generic_error($::locale->text('Login name missing!')) unless $user->{login};
 
-    if ($item =~ /--/) {
-      ($level, $menuitem) = split /--/, $item, 2;
-    } else {
-      $level = $item;
-      $menuitem = $item;
-      push @acsorder, $item;
+    # check for duplicates
+    my %members = $::auth->read_all_users;
+    if ($members{$user->{login}}) {
+      $::form->show_generic_error($locale->text('Another user with the login #1 does already exist.', $user->{login}), 'back_button' => 1);
     }
+  }
 
-    push @{ $acs{$level} }, $menuitem;
+  # no spaces allowed in directories
+  ($::form->{newtemplates}) = split / /, $::form->{newtemplates};
+  $user->{templates} = $::form->{newtemplates} || $::form->{usetemplates} || $user->{login};
 
+  # is there a basedir
+  if (!-d $::lx_office_conf{paths}->{templates}) {
+    $::form->error(sprintf($::locale->text("The directory %s does not exist."), $::lx_office_conf{paths}->{templates}));
   }
-  
-  %role = ( 'admin' => $locale->text('Administrator'),
-            'user' => $locale->text('User'),
-            'manager' => $locale->text('Manager'),
-	    'supervisor' => $locale->text('Supervisor')
-	   );
-	    
-  $selectrole = "";
-  foreach $item (qw(user supervisor manager admin)) {
-    $selectrole .= ($myconfig->{role} eq $item) ? "<option selected value=$item>$role{$item}\n" : "<option value=$item>$role{$item}\n";
-  }
-  
-  print qq|
-  <tr class=listheading>
-    <th colspan=2>|.$locale->text('Access Control').qq|</th>
-  </tr>
-  <tr>
-    <td><select name=role>$selectrole</select></td>
-  </tr>
-|;
-  
-  foreach $item (split /;/, $myconfig->{acs}) {
-    ($key, $value) = split /--/, $item, 2;
-    $excl{$key}{$value} = 1;
-  }
-  
-  foreach $key (@acsorder) {
 
-    $checked = "checked";
-    if ($form->{login}) {
-      $checked = ($excl{$key}{$key}) ? "" : "checked";
-    }
-    
-    # can't have variable names with spaces
-    # the 1 is for apache 2
-    $item = $form->escape("${key}--$key", 1);
-    
-    $acsheading = $key;
-    $acsheading =~ s/ /&nbsp;/g;
-    
-    $acsheading = qq|
-    <th align=left><input name="$item" class=checkbox type=checkbox value=1 $checked>&nbsp;$acsheading</th>\n|;
-    $menuitems .= "$item;";
-    $acsdata = "
-    <td>";
-
-    foreach $item (@{ $acs{$key} }) {
-      next if ($key eq $item);
-
-      $checked = "checked";
-      if ($form->{login}) {
-	$checked = ($excl{$key}{$item}) ? "" : "checked";
-      }
+  # add base directory to $form->{templates}
+  $user->{templates} =~ s|.*/||;
+  $user->{templates} =  $::lx_office_conf{paths}->{templates} . "/$user->{templates}";
 
-      $acsitem = $form->escape("${key}--$item", 1);
-      
-      $acsdata .= qq|
-    <br><input name="$acsitem" class=checkbox type=checkbox value=1 $checked>&nbsp;$item|;
-      $menuitems .= "$acsitem;";
-    }
+  my $myconfig = new User(id => $user->{id});
 
-    $acsdata .= "
-    </td>";
+  $::form->show_generic_error($::locale->text('Dataset missing!'))       unless $user->{dbname};
+  $::form->show_generic_error($::locale->text('Database User missing!')) unless $user->{dbuser};
 
-    print qq|
-  <tr valign=top>$acsheading $acsdata
-  </tr>
-|;
+  foreach my $item (keys %{$user}) {
+    $myconfig->{$item} = $user->{$item};
   }
-  
-  print qq|<input type=hidden name=acs value="$menuitems">
-|;
-   if ($webdav) {
-   @webdavdirs = qw(angebote bestellungen rechnungen anfragen lieferantenbestellungen einkaufsrechnungen);
-   foreach $directory (@webdavdirs) {
-     if ($myconfig->{$directory}) {
-     	$webdav{"${directory}c"} = "checked";
-     } else {
-     	$webdav{"${directory}c"} = "";
-	}
-   }
-   print qq|  
-   <tr>
-    <td colspan=2><hr size=3 noshade></td>
-  </tr>
-  <tr class=listheading>
-    <th colspan=2>|.$locale->text('WEBDAV-Zugriff').qq|</th>
-  </tr>
-  <table width=100%>
-	<tr>
-	<td><input name=angebote class=checkbox type=checkbox value=1 $webdav{angebotec}>&nbsp;Angebot</td>
-	<td><input name=bestellungen class=checkbox type=checkbox value=1 $webdav{bestellungenc}>&nbsp;Bestellung</td> 
-	<td><input name=rechnungen class=checkbox type=checkbox value=1 $webdav{rechnungenc}>&nbsp;Rechnung</td>
-	</tr>
-	<tr>
-	<td><input name=anfragen class=checkbox type=checkbox value=1 $webdav{anfragenc}>&nbsp;Angebot</td>
-	<td><input name=lieferantenbestellungen class=checkbox type=checkbox value=1 $webdav{lieferantenbestellungenc}>&nbsp;Lieferantenbestellung</td> 
-	<td><input name=einkaufsrechnungen class=checkbox type=checkbox value=1 $webdav{einkaufsrechnungenc}>&nbsp;Einkaufsrechnung</td>
-	</tr>
-  </table>    
-  <tr>
-    <td colspan=2><hr size=3 noshade></td>
-  </tr>
-|;
-}
-print qq|
-</table>
-</div>
-|;
 
-}
+  $myconfig->save_member;
 
+  $user->{templates}       =~ s|.*/||;
+  $user->{templates}       =  $::lx_office_conf{paths}->{templates} . "/$user->{templates}";
+  $::form->{mastertemplates} =~ s|.*/||;
 
-sub save {
+  # create user template directory and copy master files
+  if (!-d "$user->{templates}") {
+    umask(002);
 
-  # no driver checked
-  $form->error($locale->text('Database Driver not checked!')) unless $form->{dbdriver};
+    if (mkdir "$user->{templates}", oct("771")) {
 
-  # no spaces allowed in login name
-  ($form->{login}) = split / /, $form->{login};
+      umask(007);
 
-  $form->isblank("login", $locale->text('Login name missing!'));
-  
-  # check for duplicates
-  if (!$form->{edit}) {
-    $temp = new User "$memberfile", "$form->{login}";
-   
-    if ($temp->{login}) {
-      $form->error("$form->{login} ".$locale->text('is already a member!'));
-    }
-  }
-  
-  # no spaces allowed in directories
-  ($form->{newtemplates}) = split / /, $form->{newtemplates};
-  
-  if ($form->{newtemplates}) {
-    $form->{templates} = $form->{newtemplates};
-  } else {
-    $form->{templates} = ($form->{usetemplates}) ? $form->{usetemplates} : $form->{login};
-  }
-  
-  # is there a basedir
-  if (! -d "$templates") {
-    $form->error($locale->text('Directory').": $templates ".$locale->text('does not exist'));
-  }
+      # copy templates to the directory
 
-  # add base directory to $form->{templates}
-  $form->{templates} = "$templates/$form->{templates}";
+      my $oldcurrdir = getcwd();
+      if (!chdir("$::lx_office_conf{paths}->{templates}/print/$::form->{mastertemplates}")) {
+        $form->error("$ERRNO: chdir $::lx_office_conf{paths}->{templates}/print/$::form->{mastertemplates}");
+      }
 
+      my $newdir = File::Spec->catdir($oldcurrdir, $user->{templates});
 
-  $myconfig = new User "$memberfile", "$form->{login}";
+      find(
+        sub
+        {
+          next if ($_ eq ".");
 
-  # redo acs variable and delete all the acs codes
-  @acs = split /;/, $form->{acs};
+          if (-d $_) {
+            if (!mkdir (File::Spec->catdir($newdir, $File::Find::name))) {
+              chdir($oldcurrdir);
+              $form->error("$ERRNO: mkdir $File::Find::name");
+            }
+          } elsif (-l $_) {
+            if (!symlink (readlink($_),
+                          File::Spec->catfile($newdir, $File::Find::name))) {
+              chdir($oldcurrdir);
+              $form->error("$ERRNO: symlink $File::Find::name");
+            }
+          } elsif (-f $_) {
+            if (!copy($_, File::Spec->catfile($newdir, $File::Find::name))) {
+              chdir($oldcurrdir);
+              $form->error("$ERRNO: cp $File::Find::name");
+            }
+          }
+        }, "./");
 
-  $form->{acs} = "";
-  foreach $item (@acs) {
-    $item = $form->escape($item, 1);
+      chdir($oldcurrdir);
 
-    if (!$form->{$item}) {
-      $form->{acs} .= $form->unescape($form->unescape($item)).";";
+    } else {
+      $form->error("$ERRNO: $user->{templates}");
     }
-    delete $form->{$item};
   }
 
-  # check which database was filled in
-  if ($form->{dbdriver} eq 'Oracle') {
-    $form->{sid} = $form->{Oracle_sid}, ;
-    $form->{dbhost} = $form->{Oracle_dbhost}, ;
-    $form->{dbport} = $form->{Oracle_dbport};
-    $form->{dbpasswd} = $form->{Oracle_dbpasswd};
-    $form->{dbuser} = $form->{Oracle_dbuser};
-    $form->{dbname} = $form->{Oracle_dbuser};
-
-    $form->isblank("dbhost", $locale->text('Hostname missing!'));
-    $form->isblank("dbport", $locale->text('Port missing!'));
-    $form->isblank("dbuser", $locale->text('Dataset missing!'));
-  }
-  if ($form->{dbdriver} eq 'Pg') {
-    $form->{dbhost} = $form->{Pg_dbhost};
-    $form->{dbport} = $form->{Pg_dbport};
-    $form->{dbpasswd} = $form->{Pg_dbpasswd};
-    $form->{dbuser} = $form->{Pg_dbuser};
-    $form->{dbname} = $form->{Pg_dbname};
-    
-    $form->isblank("dbname", $locale->text('Dataset missing!'));
-    $form->isblank("dbuser", $locale->text('Database User missing!'));
-  }
+  # Add new user to his groups.
+  if (ref $form->{new_user_group_ids} eq 'ARRAY') {
+    my $all_groups = $main::auth->read_groups();
+    my %user       = $main::auth->read_user(login => $myconfig->{login});
+
+    foreach my $group_id (@{ $form->{new_user_group_ids} }) {
+      my $group = $all_groups->{$group_id};
 
-  if ($webdav) {
-    @webdavdirs = qw(angebote bestellungen rechnungen anfragen lieferantenbestellungen einkaufsrechnungen);
-    foreach $directory (@webdavdirs) {
-    	if ($form->{$directory}) {
-		$form->{$directory} = $form->{$directory};
-	} else {
-		$form->{$directory} = 0;
-	}
+      next if !$group;
+
+      push @{ $group->{members} }, $user{id};
+      $main::auth->save_group($group);
     }
   }
-  
-  foreach $item (keys %{$form}) {
-    $myconfig->{$item} = $form->{$item};
-  }
 
-  delete $myconfig->{stylesheet};
-  if ($form->{userstylesheet}) {
-    $myconfig->{stylesheet} = $form->{userstylesheet};
-  }
-  
-  $myconfig->save_member($memberfile, $userspath);
-  
-  if ($webdav) {
-    @webdavdirs = qw(angebote bestellungen rechnungen anfragen lieferantenbestellungen einkaufsrechnungen);
-    foreach $directory (@webdavdirs) {
-      $file = "webdav/".$directory."/webdav-user";
-      if ($form->{$directory}) {
-        if (open (HTACCESS, "$file")) {
-          while (<HTACCESS>) {
-            ($login,$password) = split(/:/, $_);
-            if ($login ne $form->{login}) {
-              $newfile .= $_;
-            }
-          }
-          close (HTACCESS);
-        }
-        open (HTACCESS, "> $file") or die "cannot open $file $!\n";
-        $newfile .= $myconfig->{login}.":".$myconfig->{password}."\n";
-        print (HTACCESS $newfile);
-        close (HTACCESS);
-      } else {
-        $form->{$directory} = 0;
-        if (open (HTACCESS, "$file")) {
-          while (<HTACCESS>) {
-            ($login,$password) = split(/:/, $_);
-            if ($login ne $form->{login}) {
-              $newfile .= $_;
-            }
-          }
-          close (HTACCESS);
-        }
-        open (HTACCESS, "> $file") or die "cannot open $file $!\n";
-        print (HTACCESS $newfile);
-        close (HTACCESS);
-      }
-    }
-  }    
+  if ($main::auth->can_change_password()
+      && defined $::form->{new_password}
+      && ($::form->{new_password} ne '********')) {
+    my $verifier = SL::Auth::PasswordPolicy->new;
+    my $result   = $verifier->verify($::form->{new_password}, 1);
 
-  # create user template directory and copy master files
-  if (! -d "$form->{templates}") {
-    umask(002);
-    
-    if (mkdir "$form->{templates}", oct("771")) {
-      
-      umask(007);
-      
-      # copy templates to the directory
-      opendir TEMPLATEDIR, "$templates/." or $form-error("$templates : $!");
-      @templates = grep /$form->{mastertemplates}.*?\.(html|tex)$/, readdir TEMPLATEDIR;
-      closedir TEMPLATEDIR;
-
-      foreach $file (@templates) {
-	open(TEMP, "$templates/$file") or $form->error("$templates/$file : $!");
-	
-	$file =~ s/$form->{mastertemplates}-//;
-	open(NEW, ">$form->{templates}/$file") or $form->error("$form->{templates}/$file : $!");
-	  
-	while ($line = <TEMP>) {
-	  print NEW $line;
-	}
-	close(TEMP);
-	close(NEW);
-      }
-    } else {
-      $form->error("$!: $form->{templates}");
+    if ($result != SL::Auth::PasswordPolicy->OK()) {
+      $form->error($::locale->text('The settings were saved, but the password was not changed.') . ' ' . join(' ', $verifier->errors($result)));
     }
-  }
-  
 
+    $main::auth->change_password($myconfig->{login}, $::form->{new_password});
+  }
 
-  $form->redirect($locale->text('User saved!'));
-  
+  $::form->redirect($::locale->text('User saved!'));
 }
 
+sub save_user_as_new {
+  my $form       = $main::form;
 
-sub delete {
+  $form->{user}{login} = $::form->{new_user_login};
+  delete $form->{user}{id};
+  delete @{$form}{qw(id edit new_user_login)};
 
-  $form->{templates} = ($form->{templates}) ? "$templates/$form->{templates}" : "$templates/$form->{login}";
-  
-  $form->error($locale->text('File locked!')) if (-f ${memberfile}.LCK);
-  open(FH, ">${memberfile}.LCK") or $form->error("${memberfile}.LCK : $!");
-  close(FH);
-  
-  open(CONF, "+<$memberfile") or $form->error("$memberfile : $!");
+  save_user();
+}
 
-  @config = <CONF>;
+sub delete_user {
+  my $form      = $main::form;
+  my $locale    = $main::locale;
 
-  seek(CONF, 0, 0);
-  truncate(CONF, 0);
-  
-  while ($line = shift @config) {
+  my $user = $::form->{user} || {};
 
-    if ($line =~ /^\[/) {
-      last if ($line =~ /\[$form->{login}\]/);
-      $login = &login_name($line);
-    }
-    
-    if ($line =~ /^templates=/) {
-      $user{$login} = &get_value($line);
-    }
+  $::form->show_generic_error($::locale->text('Missing user id!')) unless $user->{id};
 
-    print CONF $line;
-  }
+  my $loaded_user = User->new(id => $user->{id});
 
-  # remove everything up to next login or EOF
-  # and save template variable
-  while ($line = shift @config) {
-    if ($line =~ /^templates=/) {
-      $templatedir = &get_value($line);
-    }
-    last if ($line =~ /^\[/);
-  }
+  my %members   = $main::auth->read_all_users();
+  my $templates = $members{$loaded_user->{login}}->{templates};
 
-  # this one is either the next login or EOF
-  print CONF $line;
+  $main::auth->delete_user($loaded_user->{login});
 
-  $login = &login_name($line);
-  
+  if ($templates) {
+    my $templates_in_use = 0;
 
-  while ($line = shift @config) {
-    if ($line =~ /^\[/) {
-      $login = &login_name($line);
-    }
-    
-    if ($line =~ /^templates=/) {
-      $user{$login} = &get_value($line);
+    foreach my $login (keys %members) {
+      next if $loaded_user->{login} eq $login;
+      next if $members{$login}->{templates} ne $templates;
+      $templates_in_use = 1;
+      last;
     }
-    
-    print CONF $line;
-  }
-
-  close(CONF);
-  unlink "${memberfile}.LCK";
 
-  # scan %user for $templatedir
-  foreach $login (keys %user) {
-    last if ($found = ($templatedir eq $user{$login}));
-  }
-
-  # if found keep directory otherwise delete
-  if (!$found) {
-    # delete it if there is a template directory
-    $dir = "$form->{templates}";
-    if (-d "$dir") {
-      unlink <$dir/*.html>;
-      unlink <$dir/*.tex>;
-      rmdir "$dir";
+    if (!$templates_in_use && -d $templates) {
+      unlink <$templates/*>;
+      rmdir $templates;
     }
   }
-  
-  # delete config file for user
-  unlink "$userspath/$form->{login}.conf";
-    
+
   $form->redirect($locale->text('User deleted!'));
-  
-}
 
+}
 
 sub login_name {
   my $login = shift;
-  
+
   $login =~ s/\[\]//g;
   return ($login) ? $login : undef;
-  
-}
-
 
+}
 
 sub get_value {
-  my $line = shift;
-  
+  my $line           = shift;
   my ($null, $value) = split(/=/, $line, 2);
 
   # remove comments
   $value =~ s/\s#.*//g;
-      
+
   # remove any trailing whitespace
   $value =~ s/^\s*(.*?)\s*$/$1/;
 
   $value;
 }
 
+sub pg_database_administration {
+  my $form = $main::form;
 
-
-sub change_admin_password {
-
-  $form->{title} = qq|Lx-Office ERP |.$locale->text('Administration')." / ".$locale->text('Change Admin Password');
-  
-  $form->header;
-
-  print qq|
-<body class=admin>
-
-
-<h2>|.$locale->text('Change Admin Password').qq|</h2>
-
-<form method=post action=$form->{script}>
-
-<b>|.$locale->text('Password').qq|</b> <input type=password name=password size=8>
-
-<input type=hidden name=root value="$form->{root}">
-<input type=hidden name=path value=$form->{path}>
-<input type=hidden name=rpw value=$form->{rpw}>
-
-<p>
-<input type=submit class=submit name=action value="|.$locale->text('Change Password').qq|">
-
-</form>
-
-</body>
-</html>
-|;
-
-}
-
-
-sub change_password {
-
-  $root->{password} = $form->{password};
-  
-  $root->{'root login'} = 1;
-  $root->save_member($memberfile);
-
-  $form->{callback} = "$form->{script}?action=list_users&path=$form->{path}&root=$form->{root}&rpw=$root->{password}";
-
-  $form->redirect($locale->text('Password changed!'));
+  $form->{dbdriver} = 'Pg';
+  dbselect_source();
 
 }
 
+sub dbselect_source {
+  my $form           = $main::form;
+  my $locale         = $main::locale;
 
-sub check_password {
+  $form->{dbport}    = $::auth->{DB_config}->{port} || 5432;
+  $form->{dbuser}    = $::auth->{DB_config}->{user} || 'lxoffice';
+  $form->{dbdefault} = 'template1';
+  $form->{dbhost}    = $::auth->{DB_config}->{host} || 'localhost';
 
-  $root = new User "$memberfile", $form->{root};
+  $form->{title}     = "kivitendo / " . $locale->text('Database Administration');
 
-  if ($root->{password}) {
-    if ($root->{password} ne $form->{rpw}) {
-      $form->error($locale->text('Incorrect Password!'));
-    }
-  }
+  # Intentionnaly disabled unless fixed to work with the authentication DB.
+  $form->{ALLOW_DBBACKUP} = 0; # "$pg_dump_exe" ne "DISABLED";
 
+  $form->header();
+  print $form->parse_html_template("admin/dbadmin");
 }
 
-
-sub pg_database_administration {
+sub test_db_connection {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
   $form->{dbdriver} = 'Pg';
-  &dbselect_source;
+  User::dbconnect_vars($form, $form->{dbname});
 
-}
+  my $dbh = DBI->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd});
 
+  $form->{connection_ok} = $dbh ? 1 : 0;
+  $form->{errstr}        = $DBI::errstr;
 
-sub oracle_database_administration {
-  
-  $form->{dbdriver} = 'Oracle';
-  &dbselect_source;
+  $dbh->disconnect() if ($dbh);
 
+  $form->{title} = $locale->text('Database Connection Test');
+  $form->header();
+  print $form->parse_html_template("admin/test_db_connection");
 }
 
-
-sub dbdriver_defaults {
-
-  # load some defaults for the selected driver
-  %driverdefaults = ( 'Pg' => { dbport => '5432',
-                                dbuser => 'postgres',
-		             dbdefault => 'template1',
-				dbhost => 'localhost',
-			 connectstring => $locale->text('Connect to')
-			      },
-                  'Oracle' => { dbport => '1521',
-		                dbuser => 'oralin',
-		             dbdefault => $sid,
-				dbhost => `hostname`,
-			 connectstring => 'SID'
-			      }
-                    );
-
-  map { $form->{$_} = $driverdefaults{$form->{dbdriver}}{$_} } keys %{ $driverdefaults{Pg} };
-  
+sub continue {
+  call_sub($main::form->{"nextsub"});
 }
-  
 
-sub dbselect_source {
+sub update_dataset {
+  my $form              = $main::form;
+  my $locale            = $main::locale;
 
-  &dbdriver_defaults;
+  $form->{title}        = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Update Dataset');
 
-  $msg{Pg} = $locale->text('Leave host and port field empty unless you want to make a remote connection.');
-  $msg{Oracle} = $locale->text('You must enter a host and port for local and remote connections!');
-  
+  my @need_updates      = User->dbneedsupdate($form);
+  $form->{NEED_UPDATES} = \@need_updates;
+  $form->{ALL_UPDATED}  = !scalar @need_updates;
+
+  $form->header();
+  print $form->parse_html_template("admin/update_dataset");
+}
 
- $form->{title} = "Lx-Office ERP / ".$locale->text('Database Administration');
-  
+sub dbupdate {
+  my $form            = $main::form;
+  my $locale          = $main::locale;
 
-  $form->header;
+  $form->{stylesheet} = "lx-office-erp.css";
+  $form->{title}      = $locale->text("Dataset upgrade");
+  $form->header();
 
-  print qq|
-<body class=admin>
+  my $rowcount           = $form->{rowcount} * 1;
+  my @update_rows        = grep { $form->{"update_$_"} } (1 .. $rowcount);
+  $form->{NOTHING_TO_DO} = !scalar @update_rows;
+  my $saved_form         = save_form();
 
+  $| = 1;
 
-<center>
-<h2>$form->{title}</h2>
+  print $form->parse_html_template("admin/dbupgrade_all_header");
 
-<form method=post action=$form->{script}>
+  foreach my $i (@update_rows) {
+    restore_form($saved_form);
 
-<table>
-<tr><td>
+    %::myconfig = ();
+    map { $form->{$_} = $::myconfig{$_} = $form->{"${_}_${i}"} } qw(dbname dbdriver dbhost dbport dbuser dbpasswd);
 
-<table>
+    print $form->parse_html_template("admin/dbupgrade_header");
 
-  <tr class=listheading>
-    <th colspan=4>|.$locale->text('Database').qq|</th>
-  </tr>
+    $form->{dbupdate}        = $form->{dbname};
+    $form->{$form->{dbname}} = 1;
 
-<input type=hidden name=dbdriver value=$form->{dbdriver}>
+    User->dbupdate($form);
+    User->dbupdate2($form, SL::DBUpgrade2->new(form => $form, dbdriver => $form->{dbdriver})->parse_dbupdate_controls);
 
-  <tr><td>
-   <table>
+    print $form->parse_html_template("admin/dbupgrade_footer");
+  }
 
-  <tr>
+  print $form->parse_html_template("admin/dbupgrade_all_done");
+}
 
-    <th align=right>|.$locale->text('Host').qq|</th>
-    <td><input name=dbhost size=25 value=$form->{dbhost}></td>
-    <th align=right>|.$locale->text('Port').qq|</th>
-    <td><input name=dbport size=5 value=$form->{dbport}></td>
+sub create_dataset {
+  my $form           = $main::form;
+  my $locale         = $main::locale;
 
-  </tr>
+  $form->{dbsources} = join " ", map { "[${_}]" } sort User->dbsources($form);
 
-  <tr>
+  $form->{CHARTS}    = [];
 
-    <th align=right>|.$locale->text('User').qq|</th>
-    <td><input name=dbuser size=10 value=$form->{dbuser}></td>
-    <th align=right>|.$locale->text('Password').qq|</th>
-    <td><input type=password name=dbpasswd size=10></td>
+  opendir SQLDIR, "sql/." or $form->error($ERRNO);
+  foreach my $item (sort grep /-chart\.sql\z/, readdir SQLDIR) {
+    next if ($item eq 'Default-chart.sql');
+    $item =~ s/-chart\.sql//;
+    push @{ $form->{CHARTS} }, { "name"     => $item,
+                                 "selected" => $item eq "Germany-DATEV-SKR03EU" };
+  }
+  closedir SQLDIR;
 
-  </tr>
-  
-  <tr>
+  $form->{ACCOUNTING_METHODS} = [];
+  foreach my $item ( qw(accrual cash) ) {
+    push @{ $form->{ACCOUNTING_METHODS} }, { "name"     => $item,
+                                 "selected" => $item eq "cash" };
+  };
+
+  $form->{INVENTORY_SYSTEMS} = [];
+  foreach my $item ( qw(perpetual periodic) ) {
+    push @{ $form->{INVENTORY_SYSTEMS} }, { "name"     => $item,
+                                 "selected" => $item eq "periodic" };
+  };
+
+  $form->{PROFIT_DETERMINATIONS} = [];
+  foreach my $item ( qw(balance income) ) {
+    push @{ $form->{PROFIT_DETERMINATIONS} }, { "name"     => $item,
+                                 "selected" => $item eq "income" };
+  };
+
+  my $default_charset = $::lx_office_conf{system}->{dbcharset};
+  $default_charset ||= Common::DEFAULT_CHARSET;
+
+  my $cluster_encoding = User->dbclusterencoding($form);
+  if ($cluster_encoding && ($cluster_encoding =~ m/^(?:UTF-?8|UNICODE)$/i)) {
+    if ($::lx_office_conf{system}->{dbcharset} !~ m/^UTF-?8$/i) {
+      $form->show_generic_error($locale->text('The selected  PostgreSQL installation uses UTF-8 as its encoding. ' .
+                                              'Therefore you have to configure Lx-Office to use UTF-8 as well.'),
+                                'back_button' => 1);
+    }
 
-    <th align=right>$form->{connectstring}</th>
-    <td colspan=3><input name=dbdefault size=10 value=$form->{dbdefault}></td>
+    $form->{FORCE_DBENCODING} = 'UNICODE';
 
-  </tr>
+  } else {
+    $form->{DBENCODINGS} = [];
 
-</table>
+    foreach my $encoding (@Common::db_encodings) {
+      push @{ $form->{DBENCODINGS} }, { "dbencoding" => $encoding->{dbencoding},
+                                        "label"      => $encoding->{label},
+                                        "selected"   => $encoding->{charset} eq $default_charset };
+    }
+  }
 
-</td></tr>
-</table>
+  $form->{title} = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Create Dataset');
 
-<input name=callback type=hidden value="$form->{script}?action=list_users&path=$form->{path}&root=$form->{root}&rpw=$form->{rpw}">
-<input type=hidden name=root value="$form->{root}">
-<input type=hidden name=path value=$form->{path}>
-<input type=hidden name=rpw value=$form->{rpw}>
+  $form->header();
+  print $form->parse_html_template("admin/create_dataset");
+}
 
-<br>
+sub dbcreate {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
-<input type=submit class=submit name=action value="|.$locale->text('Create Dataset').qq|">
-<input type=submit class=submit name=action value="|.$locale->text('Update Dataset').qq|">
-<input type=submit class=submit name=action value="|.$locale->text('Delete Dataset').qq|">
+  $form->isblank("db", $locale->text('Dataset missing!'));
 
-</form>
+  User->dbcreate(\%$form);
 
-</td></tr>
-</table>
+  $form->{title} = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Create Dataset');
 
-<p>|.$locale->text('This is a preliminary check for existing sources. Nothing will be created or deleted at this stage!')
+  $form->header();
+  print $form->parse_html_template("admin/dbcreate");
+}
 
-.qq|
-<br>$msg{$form->{dbdriver}}
+sub delete_dataset {
+  my $form      = $main::form;
+  my $locale    = $main::locale;
 
+  my @dbsources = User->dbsources_unused($form);
+  $form->error($locale->text('Nothing to delete!')) unless @dbsources;
 
-</body>
-</html>
-|;
+  $form->{title}     = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Delete Dataset');
+  $form->{DBSOURCES} = [ map { { "name", $_ } } sort @dbsources ];
 
+  $form->header();
+  print $form->parse_html_template("admin/delete_dataset");
 }
 
+sub dbdelete {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
-sub continue {
+  if (!$form->{db}) {
+    $form->error($locale->text('No Dataset selected!'));
+  }
 
-  &{ $form->{nextsub} };
+  User->dbdelete(\%$form);
 
+  $form->{title} = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Delete Dataset');
+  $form->header();
+  print $form->parse_html_template("admin/dbdelete");
 }
 
+sub backup_dataset {
+  my $form       = $main::form;
+  my $locale     = $main::locale;
 
-sub update_dataset {
+  $form->{title} = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Backup Dataset');
 
-  %needsupdate = User->dbneedsupdate(\%$form);
+  if ($::lx_office_conf{applications}->{pg_dump} eq "DISABLED") {
+    $form->error($locale->text('Database backups and restorations are disabled in the configuration.'));
+  }
 
-  $form->{title} = "Lx-Office ERP ".$locale->text('Database Administration')." / ".$locale->text('Update Dataset');
-  
-  $form->header;
+  my @dbsources         = sort User->dbsources($form);
+  $form->{DATABASES}    = [ map { { "dbname" => $_ } } @dbsources ];
+  $form->{NO_DATABASES} = !scalar @dbsources;
 
-  print qq|
-<body class=admin>
+  my $username  = getpwuid $UID || "unknown-user";
+  my $hostname  = hostname() || "unknown-host";
+  $form->{from} = "kivitendo Admin <${username}\@${hostname}>";
 
+  $form->header();
+  print $form->parse_html_template("admin/backup_dataset");
+}
 
-<center>
-<h2>$form->{title}</h2>
-|;
+sub backup_dataset_start {
+  my $form       = $main::form;
+  my $locale     = $main::locale;
 
+  $form->{title} = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Backup Dataset');
 
-  foreach $key (sort keys %needsupdate) {
-    if ($needsupdate{$key} ne $form->{dbversion}) {
-      $upd .= qq|<input name="db$key" type=checkbox value=1 checked> $key\n|;
-      $form->{dbupdate} .= "db$key ";
-    }
+  my $pg_dump_exe = $::lx_office_conf{applications}->{pg_dump} || "pg_dump";
+
+  if ("$pg_dump_exe" eq "DISABLED") {
+    $form->error($locale->text('Database backups and restorations are disabled in the configuration.'));
   }
 
-  chop $form->{dbupdate};
+  $form->isblank("dbname", $locale->text('The dataset name is missing.'));
+  $form->isblank("to", $locale->text('The email address is missing.')) if $form->{destination} eq "email";
 
+  my $tmpdir = "/tmp/lx_office_backup_" . Common->unique_id();
+  mkdir $tmpdir, 0700 || $form->error($locale->text('A temporary directory could not be created:') . " $ERRNO");
 
-  if ($form->{dbupdate}) {
+  my $pgpass = IO::File->new("${tmpdir}/.pgpass", O_WRONLY | O_CREAT, 0600);
 
-    print qq|
-<table width=100%>
-<form method=post action=$form->{script}>
+  if (!$pgpass) {
+    unlink $tmpdir;
+    $form->error($locale->text('A temporary file could not be created:') . " $ERRNO");
+  }
 
-<input type=hidden name=dbdriver value=$form->{dbdriver}>
-<input type=hidden name=dbhost value=$form->{dbhost}>
-<input type=hidden name=dbport value=$form->{dbport}>
-<input type=hidden name=dbuser value=$form->{dbuser}>
-<input type=hidden name=dbpasswd value=$form->{dbpasswd}>
-<input type=hidden name=dbdefault value=$form->{dbdefault}>
+  print $pgpass "$form->{dbhost}:$form->{dbport}:$form->{dbname}:$form->{dbuser}:$form->{dbpasswd}\n";
+  $pgpass->close();
 
-<tr class=listheading>
-  <th>|.$locale->text('The following Datasets need to be updated').qq|</th>
-</tr>
-<tr>
-<td>
+  $ENV{HOME} = $tmpdir;
 
-$upd
+  my @args = ("-Ft", "-c", "-o", "-h", $form->{dbhost}, "-U", $form->{dbuser});
+  push @args, ("-p", $form->{dbport}) if ($form->{dbport});
+  push @args, $form->{dbname};
 
-</td>
-</tr>
-<tr>
-<td>
+  my $cmd  = "$pg_dump_exe " . join(" ", map { s/\\/\\\\/g; s/\"/\\\"/g; $_ } @args);
+  my $name = "dataset_backup_$form->{dbname}_" . strftime("%Y%m%d", localtime()) . ".tar";
 
-<input name=dbupdate type=hidden value="$form->{dbupdate}">
+  if ($form->{destination} ne "email") {
+    my $in = IO::File->new("$cmd |");
 
-<input name=callback type=hidden value="$form->{script}?action=list_users&path=$form->{path}&root=$form->{root}&rpw=$form->{rpw}">
+    if (!$in) {
+      unlink "${tmpdir}/.pgpass";
+      rmdir $tmpdir;
 
-<input type=hidden name=root value="$form->{root}">
-<input type=hidden name=path value=$form->{path}>
-<input type=hidden name=rpw value=$form->{rpw}>
+      $form->error($locale->text('The pg_dump process could not be started.'));
+    }
 
-<input type=hidden name=nextsub value=dbupdate>
+    print "content-type: application/x-tar\n";
+    print "content-disposition: attachment; filename=\"${name}\"\n\n";
 
-<hr size=3 noshade>
+    while (my $line = <$in>) {
+      print $line;
+    }
 
-<br>
-<input type=submit class=submit name=action value="|.$locale->text('Continue').qq|">
+    $in->close();
 
-</td></tr>
-</table>
-</form>
-|;
+    unlink "${tmpdir}/.pgpass";
+    rmdir $tmpdir;
 
   } else {
+    my $tmp = $tmpdir . "/dump_" . Common::unique_id();
 
-    print $locale->text('All Datasets up to date!');
+    if (system("$cmd > $tmp") != 0) {
+      unlink "${tmpdir}/.pgpass", $tmp;
+      rmdir $tmpdir;
 
-  }
-  
-  print qq|
+      $form->error($locale->text('The pg_dump process could not be started.'));
+    }
 
-</body>
-</html>
-|;
+    my $mail = new Mailer;
 
-}
+    map { $mail->{$_} = $form->{$_} } qw(from to cc subject message);
 
+    $mail->{charset}     = $::lx_office_conf{system}->{dbcharset} || Common::DEFAULT_CHARSET;
+    $mail->{attachments} = [ { "filename" => $tmp, "name" => $name } ];
+    $mail->send();
 
-sub dbupdate {
+    unlink "${tmpdir}/.pgpass", $tmp;
+    rmdir $tmpdir;
 
-  User->dbupdate(\%$form);
+    $form->{title} = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Backup Dataset');
 
-  $form->redirect($locale->text('Dataset updated!'));
-  
+    $form->header();
+    print $form->parse_html_template("admin/backup_dataset_email_done");
+  }
 }
 
+sub restore_dataset {
+  my $form       = $main::form;
+  my $locale     = $main::locale;
 
-sub create_dataset {
+  $form->{title} = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Restore Dataset');
 
-  foreach $item (sort User->dbsources(\%$form)) {
-    $dbsources .= "[$item] ";
+  if ($::lx_office_conf{applications}->{pg_restore} eq "DISABLED") {
+    $form->error($locale->text('Database backups and restorations are disabled in the configuration.'));
   }
 
-  opendir SQLDIR, "sql/." or $form-error($!);
-  foreach $item (sort grep /-chart\.sql/, readdir SQLDIR) {
-    next if ($item eq 'Default-chart.sql');
-    $item =~ s/-chart\.sql//;
-    push @charts, qq| <input name=chart class=radio type=radio value="$item">&nbsp;$item|;
-  }
-  closedir SQLDIR;
-
-  $selectencoding = qq|<option>
-  <option value=SQL_ASCII>ASCII
-  <option value=EUC_JP>Japanese Extended UNIX Code
-  <option value=EUC_CN>Chinese Extended UNIX Code
-  <option value=EUC_KR>Korean Extended UNIX Code
-  <option value=EUC_TW>Taiwan Extended UNIX Code
-  <option value=UNICODE>UTF-8 Unicode
-  <option value=MULE_INTERNAL>Mule internal type
-  <option value=LATIN1>ISO 8859-1
-  <option value=LATIN2>ISO 8859-2
-  <option value=LATIN3>ISO 8859-3
-  <option value=LATIN4>ISO 8859-4
-  <option value=LATIN5>ISO 8859-5
-  <option value=KOI8>KOI8-R
-  <option value=WIN>Windows CP1251
-  <option value=ALT>Windows CP866
-  |;
-  
-  $form->{title} = "Lx-Office ERP ".$locale->text('Database Administration')." / ".$locale->text('Create Dataset');
-  
-  $form->header;
-
-  print qq|
-<body class=admin>
-
-
-<center>
-<h2>$form->{title}</h2>
-
-<form method=post action=$form->{script}>
-
-<table width=100%>
-  <tr class=listheading>
-    <th colspan=2>&nbsp;</th>
-  </tr>
+  my $default_charset   = $::lx_office_conf{system}->{dbcharset};
+  $default_charset    ||= Common::DEFAULT_CHARSET;
 
-  <tr>
+  $form->{DBENCODINGS}  = [];
 
-    <th align=right nowrap>|.$locale->text('Existing Datasets').qq|</th>
-    <td>$dbsources</td>
-
-  </tr>
-  
-  <tr>
-
-    <th align=right nowrap>|.$locale->text('Create Dataset').qq|</th>
-    <td><input name=db></td>
-
-  </tr>
-
-  <tr>
+  foreach my $encoding (@Common::db_encodings) {
+    push @{ $form->{DBENCODINGS} }, { "dbencoding" => $encoding->{dbencoding},
+                                      "label"      => $encoding->{label},
+                                      "selected"   => $encoding->{charset} eq $default_charset };
+  }
 
-    <th align=right nowrap>|.$locale->text('Multibyte Encoding').qq|</th>
-    <td><select name=encoding>$selectencoding</select></td>
+  $form->header();
+  print $form->parse_html_template("admin/restore_dataset");
+}
 
-  </tr>
- 
-  <tr>
+sub restore_dataset_start {
+  my $form       = $main::form;
+  my $locale     = $main::locale;
 
-    <th align=right nowrap>|.$locale->text('Create Chart of Accounts').qq|</th>
-    <td>@charts</td>
+  $form->{title} = "kivitendo " . $locale->text('Database Administration') . " / " . $locale->text('Restore Dataset');
 
-  </tr>
- 
-  <tr><td colspan=2>
-<p>
-<input type=hidden name=dbdriver value=$form->{dbdriver}>
-<input type=hidden name=dbuser value=$form->{dbuser}>
-<input type=hidden name=dbhost value=$form->{dbhost}>
-<input type=hidden name=dbport value=$form->{dbport}>
-<input type=hidden name=dbpasswd value=$form->{dbpasswd}>
-<input type=hidden name=dbdefault value=$form->{dbdefault}>
+  my $pg_restore_exe = $::lx_office_conf{applications}->{pg_restore} || "pg_restore";
 
-<input name=callback type=hidden value="$form->{script}?action=list_users&path=$form->{path}&root=$form->{root}&rpw=$form->{rpw}">
+  if ("$pg_restore_exe" eq "DISABLED") {
+    $form->error($locale->text('Database backups and restorations are disabled in the configuration.'));
+  }
 
-<input type=hidden name=root value="$form->{root}">
-<input type=hidden name=path value=$form->{path}>
-<input type=hidden name=rpw value=$form->{rpw}>
+  $form->isblank("new_dbname", $locale->text('The dataset name is missing.'));
+  $form->isblank("content", $locale->text('No backup file has been uploaded.'));
 
-<input type=hidden name=nextsub value=dbcreate>
+  # Create temporary directories. Write the backup file contents to a temporary
+  # file. Create a .pgpass file with the username and password for the pg_restore
+  # utility.
 
-<hr size=3 noshade>
+  my $tmpdir = "/tmp/lx_office_backup_" . Common->unique_id();
+  mkdir $tmpdir, 0700 || $form->error($locale->text('A temporary directory could not be created:') . " $ERRNO");
 
-<br>
-<input type=submit class=submit name=action value="|.$locale->text('Continue').qq|">
+  my $pgpass = IO::File->new("${tmpdir}/.pgpass", O_WRONLY | O_CREAT, 0600);
 
-  </td></tr>
-</table>
+  if (!$pgpass) {
+    unlink $tmpdir;
+    $form->error($locale->text('A temporary file could not be created:') . " $ERRNO");
+  }
 
-</form>
+  print $pgpass "$form->{dbhost}:$form->{dbport}:$form->{new_dbname}:$form->{dbuser}:$form->{dbpasswd}\n";
+  $pgpass->close();
 
+  $ENV{HOME} = $tmpdir;
 
-</body>
-</html>
-|;
+  my $tmp = $tmpdir . "/dump_" . Common::unique_id();
+  my $tmpfile;
 
-}
+  if (substr($form->{content}, 0, 2) eq "\037\213") {
+    $tmpfile = IO::File->new("| gzip -d > $tmp");
+    $tmpfile->binary();
 
+  } else {
+    $tmpfile = IO::File->new($tmp, O_WRONLY | O_CREAT | O_BINARY, 0600);
+  }
 
-sub dbcreate {
+  if (!$tmpfile) {
+    unlink "${tmpdir}/.pgpass";
+    rmdir $tmpdir;
 
-  $form->isblank("db", $locale->text('Dataset missing!'));
+    $form->error($locale->text('A temporary file could not be created:') . " $ERRNO");
+  }
 
-  User->dbcreate(\%$form);
-  
-  $form->{title} = "Lx-Office ERP ".$locale->text('Database Administration')." / ".$locale->text('Create Dataset');
+  print $tmpfile $form->{content};
+  $tmpfile->close();
 
-  $form->header;
+  delete $form->{content};
 
-  print qq|
-<body class=admin>
+  # Try to connect to the database. Find out if a database with the same name exists.
+  # If yes, then drop the existing database. Create a new one with the name and encoding
+  # given by the user.
 
+  User::dbconnect_vars($form, "template1");
 
-<center>
-<h2>$form->{title}</h2>
+  my %myconfig = map { $_ => $form->{$_} } grep /^db/, keys %{ $form };
+  my $dbh      = $form->dbconnect(\%myconfig) || $form->dberror();
 
-<form method=post action=$form->{script}>|
+  my ($query, $sth);
 
-.$locale->text('Dataset')." $form->{db} ".$locale->text('successfully created!')
+  $form->{new_dbname} =~ s|[^a-zA-Z0-9_\-]||g;
 
-.qq|
+  $query = qq|SELECT COUNT(*) FROM pg_database WHERE datname = ?|;
+  my ($count) = selectrow_query($form, $dbh, $query, $form->{new_dbname});
+  if ($count) {
+    do_query($form, $dbh, qq|DROP DATABASE $form->{new_dbname}|);
+  }
 
-<input type=hidden name=root value="$form->{root}">
-<input type=hidden name=path value="$form->{path}">
-<input type=hidden name=rpw value="$form->{rpw}">
+  my $found = 0;
+  foreach my $item (@Common::db_encodings) {
+    if ($item->{dbencoding} eq $form->{dbencoding}) {
+      $found = 1;
+      last;
+    }
+  }
+  $form->{dbencoding} = "LATIN9" unless $form->{dbencoding};
 
-<input type=hidden name=nextsub value=list_users>
+  do_query($form, $dbh, qq|CREATE DATABASE $form->{new_dbname} ENCODING ? TEMPLATE template0|, $form->{dbencoding});
 
-<p><input type=submit class=submit name=action value="|.$locale->text('Continue').qq|">
-</form>
+  $dbh->disconnect();
 
+  # Spawn pg_restore on the temporary file.
 
-</body>
-</html>
-|;
+  my @args = ("-h", $form->{dbhost}, "-U", $form->{dbuser}, "-d", $form->{new_dbname});
+  push @args, ("-p", $form->{dbport}) if ($form->{dbport});
+  push @args, $tmp;
 
-}
+  my $cmd = "$pg_restore_exe " . join(" ", map { s/\\/\\\\/g; s/\"/\\\"/g; $_ } @args);
 
+  my $in = IO::File->new("$cmd 2>&1 |");
 
-sub delete_dataset {
+  if (!$in) {
+    unlink "${tmpdir}/.pgpass", $tmp;
+    rmdir $tmpdir;
 
-  if (@dbsources = User->dbsources_unused(\%$form, $memberfile)) {
-    foreach $item (sort @dbsources) {
-      $dbsources .= qq|<input name=db class=radio type=radio value=$item>&nbsp;$item |;
-    }
-  } else {
-    $form->error($locale->text('Nothing to delete!'));
+    $form->error($locale->text('The pg_restore process could not be started.'));
   }
 
-  $form->{title} = "Lx-Office ERP ".$locale->text('Database Administration')." / ".$locale->text('Delete Dataset');
+  $English::AUTOFLUSH = 1;
 
-  $form->header;
+  $form->header();
+  print $form->parse_html_template("admin/restore_dataset_start_header");
 
-  print qq|
-<body class=admin>
-
-<h2>$form->{title}</h2>
+  while (my $line = <$in>) {
+    print $line;
+  }
+  $in->close();
 
-<form method=post action=$form->{script}>
+  $form->{retval} = $CHILD_ERROR >> 8;
+  print $form->parse_html_template("admin/restore_dataset_start_footer");
 
-<table width=100%>
-  <tr class=listheading>
-    <th>|.$locale->text('The following Datasets are not in use and can be deleted').qq|</th>
-  </tr>
+  unlink "${tmpdir}/.pgpass", $tmp;
+  rmdir $tmpdir;
+}
 
-  <tr>
-    <td>
-    $dbsources
-    </td>
-  </tr>
-  
-  <tr><td>
-<p>
-<input type=hidden name=dbdriver value=$form->{dbdriver}>
-<input type=hidden name=dbuser value=$form->{dbuser}>
-<input type=hidden name=dbhost value=$form->{dbhost}>
-<input type=hidden name=dbport value=$form->{dbport}>
-<input type=hidden name=dbpasswd value=$form->{dbpasswd}>
-<input type=hidden name=dbdefault value=$form->{dbdefault}>
+sub unlock_system {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
-<input name=callback type=hidden value="$form->{script}?action=list_users&path=$form->{path}&root=$form->{root}&rpw=$form->{rpw}">
+  unlink _nologin_file_name();;
 
-<input type=hidden name=root value="$form->{root}">
-<input type=hidden name=path value="$form->{path}">
-<input type=hidden name=rpw value="$form->{rpw}">
+  $form->{callback} = "admin.pl?action=list_users";
 
-<input type=hidden name=nextsub value=dbdelete>
+  $form->redirect($locale->text('Lockfile removed!'));
 
-<hr size=3 noshade>
+}
 
-<br>
-<input type=submit class=submit name=action value="|.$locale->text('Continue').qq|">
+sub lock_system {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
-  </td></tr>
-</table>
+  open(FH, ">", _nologin_file_name())
+    or $form->error($locale->text('Cannot create Lock!'));
+  close(FH);
 
-</form>
+  $form->{callback} = "admin.pl?action=list_users";
 
-</body>
-</html>
-|;
+  $form->redirect($locale->text('Lockfile created!'));
 
 }
 
+sub yes {
+  call_sub($main::form->{yes_nextsub});
+}
 
-sub dbdelete {
-
-  if (!$form->{db}) {
-    $form->error($locale->text('No Dataset selected!'));
-  }
+sub no {
+  call_sub($main::form->{no_nextsub});
+}
 
-  User->dbdelete(\%$form);
+sub add {
+  call_sub($main::form->{add_nextsub});
+}
 
-  $form->{title} = "Lx-Office ERP ".$locale->text('Database Administration')." / ".$locale->text('Delete Dataset');
+sub edit {
+  my $form = $main::form;
 
-  $form->header;
+  $form->{edit_nextsub} ||= 'edit_user';
 
-  print qq|
-<body class=admin>
+  call_sub($form->{edit_nextsub});
+}
 
+sub delete {
+  my $form     = $main::form;
 
-<center>
-<h2>$form->{title}</h2>
+  $form->{delete_nextsub} ||= 'delete_user';
 
-<form method=post action=$form->{script}>
+  call_sub($form->{delete_nextsub});
+}
 
-$form->{db} |.$locale->text('successfully deleted!')
+sub save {
+  my $form = $main::form;
 
-.qq|
+  $form->{save_nextsub} ||= 'save_user';
 
-<input type=hidden name=root value="$form->{root}">
-<input type=hidden name=path value="$form->{path}">
-<input type=hidden name=rpw value="$form->{rpw}">
+  call_sub($form->{save_nextsub});
+}
 
-<input type=hidden name=nextsub value=list_users>
+sub back {
+  call_sub($main::form->{back_nextsub});
+}
 
-<p><input type=submit class=submit name=action value="|.$locale->text('Continue').qq|">
-</form>
+sub dispatcher {
+  my $form   = $main::form;
+  my $locale = $main::locale;
 
+  foreach my $action (qw(create_standard_group dont_create_standard_group
+                         save_user delete_user save_user_as_new)) {
+    if ($form->{"action_${action}"}) {
+      call_sub($action);
+      return;
+    }
+  }
 
-</body>
-</html>
-|;
+  call_sub($form->{default_action}) if ($form->{default_action});
 
+  $form->error($locale->text('No action defined.'));
 }
 
+sub _apply_dbupgrade_scripts {
+  ::end_of_request() if SL::DBUpgrade2->new(form => $::form, dbdriver => 'Pg', auth => 1)->apply_admin_dbupgrade_scripts(1);
+}
 
-sub unlock_system {
-
-  unlink "$userspath/nologin";
-  
-  $form->{callback} = "$form->{script}?action=list_users&path=$form->{path}&root=$form->{root}&rpw=$root->{password}";
-
-  $form->redirect($locale->text('Lockfile removed!'));
-
+sub _nologin_file_name {
+  return $::lx_office_conf{paths}->{userspath} . '/nologin';
 }
 
+sub _search_templates {
+  # is there a templates basedir
+  if (!-d $::lx_office_conf{paths}->{templates}) {
+    $::form->error(sprintf($::locale->text("The directory %s does not exist."), $::lx_office_conf{paths}->{templates}));
+  }
+
+  opendir TEMPLATEDIR, $::lx_office_conf{paths}->{templates} or $::form->error($::lx_office_conf{paths}->{templates} . " : $ERRNO");
+  my @all     = readdir(TEMPLATEDIR);
+  my @alldir  = sort grep { -d ($::lx_office_conf{paths}->{templates} . "/$_") && !/^\.\.?$/ } @all;
+  closedir TEMPLATEDIR;
 
-sub lock_system {
+  @alldir = grep !/\.(html|tex|sty|odt|xml|txb)$/, @alldir;
+  @alldir = grep !/^(webpages|print|\.svn)$/, @alldir;
 
-  open(FH, ">$userspath/nologin") or $form->error($locale->text('Cannot create Lock!'));
-  close(FH);
-  
-  $form->{callback} = "$form->{script}?action=list_users&path=$form->{path}&root=$form->{root}&rpw=$root->{password}";
+  # mastertemplates
+  opendir TEMPLATEDIR, "$::lx_office_conf{paths}->{templates}/print" or $::form->error("$::lx_office_conf{paths}->{templates}/print" . " : $ERRNO");
+  my @allmaster = readdir(TEMPLATEDIR);
+  closedir TEMPLATEDIR;
 
-  $form->redirect($locale->text('Lockfile created!'));
+  @allmaster  = sort grep { -d ("$::lx_office_conf{paths}->{templates}/print" . "/$_") && !/^\.\.?$/ } @allmaster;
+  @allmaster = reverse grep !/Default/, @allmaster;
+  push @allmaster, 'Default';
+  @allmaster = reverse @allmaster;
 
+  return \@alldir, \@allmaster;
 }
 
-
+1;