X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=bin%2Fmozilla%2Fadmin.pl;h=daae59a23b0c81a5992f1de721c49c68a09fe849;hb=f373f98d676d433b7db20e3e74435a34029cac0f;hp=e478d6ba1f68e86c657c61b9711272ef8b7856c2;hpb=2d6988532a665bd7e42bb88a38a8b52cbb352646;p=kivitendo-erp.git

diff --git a/bin/mozilla/admin.pl b/bin/mozilla/admin.pl
old mode 100644
new mode 100755
index e478d6ba1..daae59a23
--- a/bin/mozilla/admin.pl
+++ b/bin/mozilla/admin.pl
@@ -36,20 +36,38 @@ $menufile = "menu.ini";
 
 use DBI;
 use CGI;
-
+use English qw(-no_match_vars);
+use Fcntl;
+use File::Copy;
+use IO::File;
+use POSIX qw(strftime);
+use Sys::Hostname;
+
+use SL::Auth;
 use SL::Form;
+use SL::Mailer;
 use SL::User;
 use SL::Common;
+use SL::Inifile;
+use SL::DBUpgrade2;
+use SL::DBUtils;
 
 require "bin/mozilla/common.pl";
+require "bin/mozilla/admin_groups.pl";
 
 our $cgi = new CGI('');
 
 $form = new Form;
-$form->{"root"} = "root login";
 
 $locale = new Locale $language, "admin";
 
+our $auth = SL::Auth->new();
+if ($auth->session_tables_present()) {
+  $auth->expire_sessions();
+  $auth->restore_session();
+  $auth->set_session_value('rpw', $form->{rpw});
+}
+
 # customization
 if (-f "bin/mozilla/custom_$form->{script}") {
   eval { require "bin/mozilla/custom_$form->{script}"; };
@@ -60,39 +78,28 @@ $form->{stylesheet} = "lx-office-erp.css";
 $form->{favicon}    = "favicon.ico";
 
 if ($form->{action}) {
+  if ($auth->authenticate_root($form->{rpw}, 0) != Auth::OK) {
+    $form->{error_message} = $locale->text('Incorrect Password!');
+    adminlogin();
+    exit;
+  }
 
+  $auth->create_or_refresh_session() if ($auth->session_tables_present());
 
-  $subroutine = $locale->findsub($form->{action});
+  call_sub($locale->findsub($form->{action}));
 
-  if ($subroutine eq 'login') {
-    if ($form->{rpw}) {
-      $form->{rpw} = crypt $form->{rpw}, "ro";
-    }
-  }
+} elsif ($auth->authenticate_root($form->{rpw}, 0) == Auth::OK) {
 
-  &check_password;
+  $auth->create_or_refresh_session() if ($auth->session_tables_present());
 
-  call_sub($subroutine);
+  login();
 
 } else {
-
   # if there are no drivers bail out
   $form->error($locale->text('No Database Drivers available!'))
     unless (User->dbdrivers);
 
-  # create memberfile
-  if (!-f $memberfile) {
-    open(FH, ">$memberfile") or $form->error("$memberfile : $!");
-    print FH qq|# SQL-Ledger Accounting members
-
-[root login]
-password=
-
-|;
-    close FH;
-  }
-
-  &adminlogin;
+  adminlogin();
 
 }
 
@@ -102,571 +109,351 @@ password=
 
 sub adminlogin {
 
-  $form->{title} =
-    qq|Lx-Office ERP $form->{version} | . $locale->text('Administration');
+  $form->{title} = qq|Lx-Office ERP $form->{version} | . $locale->text('Administration');
 
   $form->header();
   print $form->parse_html_template('admin/adminlogin');
 }
 
 sub login {
+  check_auth_db_and_tables();
   list_users();
 }
 
-sub list_users {
+sub logout {
+  $auth->destroy_session();
+  adminlogin();
+}
 
-  $form->error($locale->text('File locked!')) if (-f "${memberfile}.LCK");
+sub check_auth_db_and_tables {
+  my %params;
 
-  open(FH, "$memberfile") or $form->error("$memberfile : $!");
+  map { $params{"db_${_}"} = $auth->{DB_config}->{$_} } keys %{ $auth->{DB_config} };
 
-  my %members;
+  if (!$auth->check_database()) {
+    $form->{title} = $locale->text('Authentification database creation');
+    $form->header();
+    print $form->parse_html_template('admin/check_auth_database', \%params);
 
-  while (<FH>) {
-    chomp;
+    exit 0;
+  }
 
-    if (/^\[.*\]/) {
-      $login = $_;
-      $login =~ s/(\[|\])//g;
+  if (!$auth->check_tables()) {
+    $form->{title} = $locale->text('Authentification tables creation');
+    $form->header();
+    print $form->parse_html_template('admin/check_auth_tables', \%params);
 
-      $members{$login} = { "login" => $login };
-    }
+    exit 0;
+  }
+
+  if (-f $memberfile) {
+    my $memberdir = "";
 
-    if (/^([a-z]+)=(.*)/) {
-      $members{$login}->{$1} = $2;
+    if ($memberfile =~ m|^.*/|) {
+      $memberdir = $&;
     }
+
+    my $backupdir = "${memberdir}member-file-migration";
+
+    $form->{title} = $locale->text('User data migration');
+    $form->header();
+    print $form->parse_html_template('admin/user_migration', { 'memberfile' => $memberfile,
+                                                               'backupdir'  => $backupdir });
+
+    exit 0
   }
+}
 
-  close(FH);
+sub create_auth_db {
+  $auth->create_database('superuser'          => $form->{db_superuser},
+                         'superuser_password' => $form->{db_superuser_password},
+                         'template'           => $form->{db_template});
+  login();
+}
 
-  delete $members{"root login"};
-  map { $_->{templates} =~ s|.*/||; } values %members;
+sub create_auth_tables {
+  $auth->create_tables();
+  $auth->set_session_value('rpw', $form->{rpw});
+  $auth->create_or_refresh_session();
 
-  $form->{title}  = "Lx-Office ERP " . $locale->text('Administration');
-  $form->{LOCKED} = -e "$userspath/nologin";
-  $form->{MEMBERS} = [ @members{sort { lc $a cmp lc $b } keys %members} ];
+  if (!-f $memberfile) {
+    # New installation -- create a standard group with full access
+    my $group = {
+      'name'        => $locale->text('Full Access'),
+      'description' => $locale->text('Full access to all functions'),
+      'rights'      => { map { $_ => 1 } SL::Auth::all_rights() },
+      'members'     => [ map { $_->{id} } values %members ],
+    };
+
+    $auth->save_group($group);
+  }
 
-  $form->header();
-  print $form->parse_html_template("admin/list_users");
+  login();
 }
 
-sub add_user {
+sub migrate_users {
+  $lxdebug->enter_sub();
 
-  $form->{title} =
-      "Lx-Office ERP "
-    . $locale->text('Administration') . " / "
-    . $locale->text('Add User');
+  my $memberdir = "";
+
+  if ($memberfile =~ m|^.*/|) {
+    $memberdir = $&;
+  }
 
-  $form->{Oracle_sid}    = $sid;
-  $form->{Oracle_dbport} = '1521';
-  $form->{Oracle_dbhost} = `hostname`;
+  my $backupdir = "${memberdir}member-file-migration";
 
-  if (-f "css/lx-office-erp.css") {
-    $myconfig->{stylesheet} = "lx-office-erp.css";
+  if (! -d $backupdir && !mkdir $backupdir, 0700) {
+    $form->error(sprintf($locale->text('The directory "%s" could not be created:\n%s'), $backupdir, $!));
   }
 
-  $myconfig->{vclimit}      = 200;
-  $myconfig->{countrycode}  = "de";
-  $myconfig->{numberformat} = "1000,00";
-  $myconfig->{dateformat}   = "dd.mm.yy";
+  copy $memberfile, "users/member-file-migration/members";
 
-  &form_header;
-  &form_footer;
+  my $in = IO::File->new($memberfile, "r");
 
-}
+  $form->error($locale->text('Could not open the old memberfile.')) if (!$in);
 
-sub edit {
+  my (%members, $login);
 
-  $form->{title} =
-      "Lx-Office ERP "
-    . $locale->text('Administration') . " / "
-    . $locale->text('Edit User');
-  $form->{edit} = 1;
+  while (<$in>) {
+    chomp;
 
-  &form_header;
-  &form_footer;
+    next if (m/^\s*\#/);
 
-}
+    if (m/^\[.*\]/) {
+      $login = $_;
+      $login =~ s/(\[|\])//g;
+      $login =~ s/^\s*//;
+      $login =~ s/\s*$//;
 
-sub form_footer {
+      $members{$login} = { "login" => $login };
+      next;
+    }
 
-  if ($form->{edit}) {
-    $delete =
-      qq|<input type=submit class=submit name=action value="|
-      . $locale->text('Delete') . qq|">
-<input type=hidden name=edit value=1>|;
+    if ($login && m/=/) {
+      my ($key, $value) = split m/\s*=\s*/, $_, 2;
+      $key   =~ s|^\s*||;
+      $value =~ s|\s*$||;
+
+      $value =~ s|\\r||g;
+      $value =~ s|\\n|\n|g;
+
+      $members{$login}->{$key} = $value;
+    }
   }
 
-  print qq|
+  $in->close();
 
-<input name=callback type=hidden value="$form->{script}?action=list_users&rpw=$form->{rpw}">
-<input type=hidden name=rpw value=$form->{rpw}>
+  delete $members{"root login"};
 
-<input type=submit class=submit name=action value="|
-    . $locale->text('Save') . qq|">
-$delete
+  map { $_->{dbpasswd} = unpack 'u', $_->{dbpasswd} } values %members;
 
-</form>
+  while (my ($login, $params) = each %members) {
+    $auth->save_user($login, %{ $params });
+    $auth->change_password($login, $params->{password}, 1);
 
-</body>
-</html>
-|;
+    my $conf_file = "${memberdir}${login}.conf";
 
-}
+    if (-f $conf_file) {
+      copy   $conf_file, "${backupdir}/${login}.conf";
+      unlink $conf_file;
+    }
+  }
 
-sub form_header {
+  unlink $memberfile;
 
-  # if there is a login, get user
-  if ($form->{login}) {
+  my @member_list = sort { lc $a->{login} cmp lc $b->{login} } values %members;
 
-    # get user
-    $myconfig = new User "$memberfile", "$form->{login}";
+  $form->{title} = $locale->text('User data migration');
+  $form->header();
+  print $form->parse_html_template('admin/user_migration_done', { 'MEMBERS' => \@member_list });
 
-    $myconfig->{signature} =~ s/\\n/\r\n/g;
-    $myconfig->{address}   =~ s/\\n/\r\n/g;
+  $lxdebug->leave_sub();
+}
 
-    # strip basedir from templates directory
-    $myconfig->{templates} =~ s/^$templates\///;
+sub create_standard_group_ask {
+  $form->{title} = $locale->text('Create a standard group');
 
-    # $myconfig->{dbpasswd} = unpack 'u', $myconfig->{dbpasswd};
-  }
+  $form->header();
+  print $form->parse_html_template("admin/create_standard_group_ask");
+}
 
-  foreach $item (qw(mm-dd-yy mm/dd/yy dd-mm-yy dd/mm/yy dd.mm.yy yyyy-mm-dd)) {
-    $dateformat .=
-      ($item eq $myconfig->{dateformat})
-      ? "<option selected>$item\n"
-      : "<option>$item\n";
-  }
+sub create_standard_group {
+  my %members = $auth->read_all_users();
 
-  foreach $item (qw(1,000.00 1000.00 1.000,00 1000,00)) {
-    $numberformat .=
-      ($item eq $myconfig->{numberformat})
-      ? "<option selected>$item\n"
-      : "<option>$item\n";
-  }
+  my $groups = $auth->read_groups();
 
-  %countrycodes = User->country_codes;
-  $countrycodes = "";
-  foreach $key (sort { $countrycodes{$a} cmp $countrycodes{$b} }
-                keys %countrycodes
-    ) {
-    $countrycodes .=
-      ($myconfig->{countrycode} eq $key)
-      ? "<option selected value=$key>$countrycodes{$key}"
-      : "<option value=$key>$countrycodes{$key}";
+  foreach my $group (values %{$groups}) {
+    if (($form->{group_id} != $group->{id})
+        && ($form->{name} eq $group->{name})) {
+      $form->show_generic_error($locale->text("A group with that name does already exist."));
+    }
   }
-  $countrycodes = qq|<option value="">American English\n$countrycodes|;
 
-  # is there a templates basedir
-  if (!-d "$templates") {
-    $form->error(  $locale->text('Directory')
-                 . ": $templates "
-                 . $locale->text('does not exist'));
-  }
+  my $group = {
+    'name'        => $locale->text('Full Access'),
+    'description' => $locale->text('Full access to all functions'),
+    'rights'      => { map { $_ => 1 } SL::Auth::all_rights() },
+    'members'     => [ map { $_->{id} } values %members ],
+  };
 
-  opendir TEMPLATEDIR, "$templates/." or $form->error("$templates : $!");
-  my @all = readdir(TEMPLATEDIR);
-  my @alldir = sort(grep({ -d "$templates/$_" && !/^\.\.?$/ } @all));
-  my @allhtml = sort(grep({ -f "$templates/$_" && /\.html$/ } @all));
-  closedir TEMPLATEDIR;
+  $auth->save_group($group);
 
-  @alldir = grep !/\.(html|tex|sty|odt|xml|txb)$/, @alldir;
-  @alldir = grep !/^(webpages|\.svn)$/, @alldir;
+  user_migration_complete(1);
+}
 
-  @allhtml = reverse grep !/Default/, @allhtml;
-  push @allhtml, 'Default';
-  @allhtml = reverse @allhtml;
+sub dont_create_standard_group {
+  user_migration_complete(0);
+}
 
-  foreach $item (@alldir) {
-    if ($item eq $myconfig->{templates}) {
-      $usetemplates .= qq|<option selected>$item\n|;
-    } else {
-      $usetemplates .= qq|<option>$item\n|;
-    }
-  }
+sub user_migration_complete {
+  my $standard_group_created = shift;
 
-  $lastitem = $allhtml[0];
-  $lastitem =~ s/-.*//g;
-  $mastertemplates = qq|<option>$lastitem\n|;
-  foreach $item (@allhtml) {
-    $item =~ s/-.*//g;
+  $form->{title} = $locale->text('User migration complete');
+  $form->header();
 
-    if ($item ne $lastitem) {
-      my $selected = $item eq "German" ? " selected" : "";
-      $mastertemplates .= qq|<option$selected>$item\n|;
-      $lastitem = $item;
-    }
-  }
+  print $form->parse_html_template('admin/user_migration_complete', { 'standard_group_created' => $standard_group_created });
+}
 
-#  opendir CSS, "css/.";
-#  @all = grep /.*\.css$/, readdir CSS;
-#  closedir CSS;
+sub list_users {
+  my %members = $auth->read_all_users();
 
-# css dir has styles that are not intended as general layouts.
-# reverting to hardcoded list
-  @all = qw(lx-office-erp.css Win2000.css);
+  delete $members{"root login"};
 
-  foreach $item (@all) {
-    if ($item eq $myconfig->{stylesheet}) {
-      $selectstylesheet .= qq|<option selected>$item\n|;
-    } else {
-      $selectstylesheet .= qq|<option>$item\n|;
-    }
-  }
+  map { $_->{templates} =~ s|.*/||; } values %members;
 
-  $form->header;
+  $form->{title}   = "Lx-Office ERP " . $locale->text('Administration');
+  $form->{LOCKED}  = -e "$userspath/nologin";
+  $form->{MEMBERS} = [ @members{sort { lc $a cmp lc $b } keys %members} ];
 
-  if ($myconfig->{menustyle} eq "v3") {
-    $menustyle_v3 = "checked";
-  } elsif ($myconfig->{menustyle} eq "neu") {
-    $menustyle_neu = "checked";
-  } else {
-    $menustyle_old = "checked";
-  }
+  $form->header();
+  print $form->parse_html_template("admin/list_users");
+}
 
-  print qq|
-<body class=admin>
-
-<form method=post action=$form->{script}>
-
-<table width=100%>
-  <tr class=listheading><th colspan=2>$form->{title}</th></tr>
-  <tr size=5></tr>
-  <tr valign=top>
-    <td>
-      <table>
-	<tr>
-	  <th align=right>| . $locale->text('Login') . qq|</th>
-	  <td><input name="login" value="$myconfig->{login}"></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Password') . qq|</th>
-	  <td><input type="password" name="password" size="8" value="$myconfig->{password}"></td>
-	  <input type="hidden" name="old_password" value="$myconfig->{password}">
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Name') . qq|</th>
-	  <td><input name="name" size="15" value="$myconfig->{name}"></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('E-mail') . qq|</th>
-	  <td><input name=email size=30 value="$myconfig->{email}"></td>
-	</tr>
-	<tr valign=top>
-	  <th align=right>| . $locale->text('Signature') . qq|</th>
-	  <td><textarea name=signature rows=3 cols=35>$myconfig->{signature}</textarea></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Phone') . qq|</th>
-	  <td><input name=tel size=14 value="$myconfig->{tel}"></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Fax') . qq|</th>
-	  <td><input name=fax size=14 value="$myconfig->{fax}"></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Company') . qq|</th>
-	  <td><input name=company size=35 value="$myconfig->{company}"></td>
-	</tr>
-	<tr valign=top>
-	  <th align=right>| . $locale->text('Address') . qq|</th>
-	  <td><textarea name=address rows=4 cols=35>$myconfig->{address}</textarea></td>
-	</tr>
-        <tr valign=top>
-	  <th align=right>| . $locale->text('Tax number') . qq|</th>
-	  <td><input name=taxnumber size=14 value="$myconfig->{taxnumber}"></td>
-	</tr>
-        <tr valign=top>
-	  <th align=right>| . $locale->text('Ust-IDNr') . qq|</th>
-	  <td><input name=co_ustid size=14 value="$myconfig->{co_ustid}"></td>
-	</tr>
-        <tr valign=top>
-	  <th align=right>| . $locale->text('DUNS-Nr') . qq|</th>
-	  <td><input name=duns size=14 value="$myconfig->{duns}"></td>
-	</tr>
-      </table>
-    </td>
-    <td>
-      <table>
-	<tr>
-	  <th align=right>| . $locale->text('Date Format') . qq|</th>
-	  <td><select name=dateformat>$dateformat</select></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Number Format') . qq|</th>
-	  <td><select name=numberformat>$numberformat</select></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Dropdown Limit') . qq|</th>
-	  <td><input name=vclimit value="$myconfig->{vclimit}"></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Language') . qq|</th>
-	  <td><select name=countrycode>$countrycodes</select></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Stylesheet') . qq|</th>
-	  <td><select name=userstylesheet>$selectstylesheet</select></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Printer') . qq|</th>
-	  <td><input name=printer size=20 value="$myconfig->{printer}"></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Use Templates') . qq|</th>
-	  <td><select name=usetemplates>$usetemplates</select></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('New Templates') . qq|</th>
-	  <td><input name=newtemplates></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Setup Templates') . qq|</th>
-	  <td><select name=mastertemplates>$mastertemplates</select></td>
-	</tr>
-       <tr>
-           <th align=right>| . $locale->text('Setup Menu') . qq|</th>
-           <td><input name=menustyle type=radio class=radio value=v3 $menustyle_v3>&nbsp;| .
-           $locale->text("Top (CSS)") . qq|
-           <input name=menustyle type=radio class=radio value=neu $menustyle_neu>&nbsp;| .
-           $locale->text("Top (Javascript)") . qq|
-           <input name=menustyle type=radio class=radio value=old $menustyle_old>&nbsp;| .
-           $locale->text("Old (on the side)") . qq|
-           </td>
-         </tr>
-	<input type=hidden name=templates value=$myconfig->{templates}>
-      </table>
-    </td>
-  </tr>
-  <tr class=listheading>
-    <th colspan=2>| . $locale->text('Database') . qq|</th>
-  </tr>|;
-
-  # list section for database drivers
-  foreach $item (User->dbdrivers) {
-
-    print qq|
-  <tr>
-    <td colspan=2>
-      <table>
-	<tr>|;
-
-    $checked = "";
-    if ($myconfig->{dbdriver} eq $item) {
-      map { $form->{"${item}_$_"} = $myconfig->{$_} }
-        qw(dbhost dbport dbuser dbpasswd dbname sid);
-      $checked = "checked";
-    }
+sub add_user {
 
-    print qq|
-	  <th align=right>| . $locale->text('Driver') . qq|</th>
-	  <td><input name="dbdriver" type="radio" class="radio" value="$item" $checked>&nbsp;$item</td>
-	  <th align=right>| . $locale->text('Host') . qq|</th>
-	  <td><input name="${item}_dbhost" size=30 value="$form->{"${item}_dbhost"}"></td>
-	</tr>
-	<tr>|;
-
-    if ($item eq 'Pg') {
-    
-      print qq|
-	  <th align=right>| . $locale->text('Dataset') . qq|</th>
-	  <td><input name="Pg_dbname" size="15" value="$form->{Pg_dbname}"></td>
-	  <th align=right>| . $locale->text('Port') . qq|</th>
-	  <td><input name="Pg_dbport" size="4" value="$form->{Pg_dbport}"></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('User') . qq|</th>
-	  <td><input name="${item}_dbuser" size=15 value="$form->{"${item}_dbuser"}"></td>
-	  <th align=right>| . $locale->text('Password') . qq|</th>
-	  <td><input name="${item}_dbpasswd" type=password size=10 value="$form->{"${item}_dbpasswd"}"></td>
-	</tr>|;
+  $form->{title} =
+      "Lx-Office ERP "
+    . $locale->text('Administration') . " / "
+    . $locale->text('Add User');
 
-    }
+  my $myconfig = {
+    "vclimit"      => 200,
+    "countrycode"  => "de",
+    "numberformat" => "1.000,00",
+    "dateformat"   => "dd.mm.yy",
+    "stylesheet"   => "lx-office-erp.css",
+    "menustyle"    => "v3",
+  };
 
-    if ($item eq 'Oracle') {
-      print qq|
-	  <th align=right>SID</th>
-	  <td><input name=Oracle_sid value=$form->{Oracle_sid}></td>
-	  <th align=right>| . $locale->text('Port') . qq|</th>
-	  <td><input name=Oracle_dbport size=4 value=$form->{Oracle_dbport}></td>
-	</tr>
-	<tr>
-	  <th align=right>| . $locale->text('Dataset') . qq|</th>
-	  <td><input name="${item}_dbuser" size=15 value=$form->{"${item}_dbuser"}></td>
-	  <th align=right>| . $locale->text('Password') . qq|</th>
-	  <td><input name="${item}_dbpasswd" type=password size=10 value="$form->{"${item}_dbpasswd"}"></td>
-
-	</tr>|;
-    }
+  edit_user_form($myconfig);
+}
 
-    print qq|
-	<input type="hidden" name="old_dbpasswd" value="$myconfig->{dbpasswd}">
-      </table>
-    </td>
-  </tr>
-  <tr>
-    <td colspan=2><hr size=2 noshade></td>
-  </tr>
-|;
+sub edit_user {
 
-  }
+  $form->{title} =
+      "Lx-Office ERP "
+    . $locale->text('Administration') . " / "
+    . $locale->text('Edit User');
+  $form->{edit} = 1;
 
-  # access control
-  open(FH, $menufile) or $form->error("$menufile : $!");
+  $form->isblank("login", $locale->text("The login is missing."));
 
-  # scan for first menu level
-  @a = <FH>;
-  close(FH);
+  # get user
+  my $myconfig = new User($form->{login});
 
-  foreach $item (@a) {
-    next unless $item =~ /\[/;
-    next if $item =~ /\#/;
+  # strip basedir from templates directory
+  $myconfig->{templates} =~ s|.*/||;
 
-    $item =~ s/(\[|\])//g;
-    chop $item;
+  edit_user_form($myconfig);
+}
 
-    if ($item =~ /--/) {
-      ($level, $menuitem) = split /--/, $item, 2;
-    } else {
-      $level    = $item;
-      $menuitem = $item;
-      push @acsorder, $item;
-    }
+sub edit_user_form {
+  my ($myconfig) = @_;
 
-    push @{ $acs{$level} }, $menuitem;
+  my @valid_dateformats = qw(mm-dd-yy mm/dd/yy dd-mm-yy dd/mm/yy dd.mm.yy yyyy-mm-dd);
+  $form->{ALL_DATEFORMATS} = [ map { { "format" => $_, "selected" => $_ eq $myconfig->{dateformat} } } @valid_dateformats ];
 
-  }
+  my @valid_numberformats = qw(1,000.00 1000.00 1.000,00 1000,00);
+  $form->{ALL_NUMBERFORMATS} = [ map { { "format" => $_, "selected" => $_ eq $myconfig->{numberformat} } } @valid_numberformats ];
 
-  %role = ('admin'      => $locale->text('Administrator'),
-           'user'       => $locale->text('User'),
-           'manager'    => $locale->text('Manager'),
-           'supervisor' => $locale->text('Supervisor'));
-
-  $selectrole = "";
-  foreach $item (qw(user supervisor manager admin)) {
-    $selectrole .=
-      ($myconfig->{role} eq $item)
-      ? "<option selected value=$item>$role{$item}\n"
-      : "<option value=$item>$role{$item}\n";
+  %countrycodes = User->country_codes;
+  $form->{ALL_COUNTRYCODES} = [];
+  foreach $countrycode (sort { $countrycodes{$a} cmp $countrycodes{$b} } keys %countrycodes) {
+    push @{ $form->{ALL_COUNTRYCODES} }, { "value"    => $countrycode,
+                                           "name"     => $countrycodes{$countrycode},
+                                           "selected" => $countrycode eq $myconfig->{countrycode} };
   }
 
-  print qq|
-  <tr class=listheading>
-    <th colspan=2>| . $locale->text('Access Control') . qq|</th>
-  </tr>
-  <tr>
-    <td><select name=role>$selectrole</select></td>
-  </tr>
-|;
-
-  foreach $item (split(/;/, $myconfig->{acs})) {
-    ($key, $value) = split /--/, $item, 2;
-    $excl{$key}{$value} = 1;
+  # is there a templates basedir
+  if (!-d "$templates") {
+    $form->error(sprintf($locale->text("The directory %s does not exist."), $templates));
   }
 
-  foreach $key (@acsorder) {
+  opendir TEMPLATEDIR, "$templates/." or $form->error("$templates : $ERRNO");
+  my @all     = readdir(TEMPLATEDIR);
+  my @alldir  = sort grep { -d "$templates/$_" && !/^\.\.?$/ } @all;
+  my @allhtml = sort grep { -f "$templates/$_" && /\.html$/ } @all;
+  closedir TEMPLATEDIR;
 
-    $checked = "checked";
-    if ($form->{login}) {
-      $checked = ($excl{$key}{$key}) ? "" : "checked";
-    }
+  @alldir = grep !/\.(html|tex|sty|odt|xml|txb)$/, @alldir;
+  @alldir = grep !/^(webpages|\.svn)$/, @alldir;
 
-    # can't have variable names with spaces
-    # the 1 is for apache 2
-    $item = $form->escape("${key}--$key", 1);
+  @allhtml = reverse grep !/Default/, @allhtml;
+  push @allhtml, 'Default';
+  @allhtml = reverse @allhtml;
 
-    $acsheading = $key;
-    $acsheading =~ s/ /&nbsp;/g;
+  $form->{ALL_TEMPLATES} = [ map { { "name", => $_, "selected" => $_ eq $myconfig->{templates} } } @alldir ];
 
-    $acsheading = qq|
-    <th align=left><input name="$item" class=checkbox type=checkbox value=1 $checked>&nbsp;$acsheading</th>\n|;
-    $menuitems .= "$item;";
-    $acsdata = "
-    <td>";
+  $lastitem = $allhtml[0];
+  $lastitem =~ s/-.*//g;
+  $form->{ALL_MASTER_TEMPLATES} = [ { "name" => $lastitem, "selected" => $lastitem eq "German" } ];
+  foreach $item (@allhtml) {
+    $item =~ s/-.*//g;
+    next if ($item eq $lastitem);
 
-    foreach $item (@{ $acs{$key} }) {
-      next if ($key eq $item);
+    push @{ $form->{ALL_MASTER_TEMPLATES} }, { "name" => $item, "selected" => $item eq "German" };
+    $lastitem = $item;
+  }
 
-      $checked = "checked";
-      if ($form->{login}) {
-        $checked = ($excl{$key}{$item}) ? "" : "checked";
-      }
+  # css dir has styles that are not intended as general layouts.
+  # reverting to hardcoded list
+  $form->{ALL_STYLESHEETS} = [ map { { "name" => $_, "selected" => $_ eq $myconfig->{stylesheet} } } qw(lx-office-erp.css Win2000.css) ];
 
-      $acsitem = $form->escape("${key}--$item", 1);
+  $form->{"menustyle_" . $myconfig->{menustyle} } = 1;
 
-      $acsdata .= qq|
-    <br><input name="$acsitem" class=checkbox type=checkbox value=1 $checked>&nbsp;$item|;
-      $menuitems .= "$acsitem;";
-    }
+  map { $form->{"myc_${_}"} = $myconfig->{$_} } keys %{ $myconfig };
 
-    $acsdata .= "
-    </td>";
+  my $groups = [];
 
-    print qq|
-  <tr valign=top>$acsheading $acsdata
-  </tr>
-|;
-  }
+  if ($form->{edit}) {
+    my $user_id    = $auth->get_user_id($form->{login});
+    my $all_groups = $auth->read_groups();
 
-  print qq|<input type=hidden name=acs value="$menuitems">
-|;
-  if ($webdav) {
-    @webdavdirs =
-      qw(angebote bestellungen rechnungen anfragen lieferantenbestellungen einkaufsrechnungen);
-    foreach $directory (@webdavdirs) {
-      if ($myconfig->{$directory}) {
-        $webdav{"${directory}c"} = "checked";
-      } else {
-        $webdav{"${directory}c"} = "";
-      }
+    foreach my $group (values %{ $all_groups }) {
+      push @{ $groups }, $group if (grep { $user_id == $_ } @{ $group->{members} });
     }
-    print qq|
-   <tr>
-    <td colspan=2><hr size=3 noshade></td>
-  </tr>
-  <tr class=listheading>
-    <th colspan=2>| . $locale->text('WEBDAV-Zugriff') . qq|</th>
-  </tr>
-  <table width=100%>
-	<tr>
-	<td><input name=angebote class=checkbox type=checkbox value=1 $webdav{angebotec}>&nbsp;Angebot</td>
-	<td><input name=bestellungen class=checkbox type=checkbox value=1 $webdav{bestellungenc}>&nbsp;Bestellung</td>
-	<td><input name=rechnungen class=checkbox type=checkbox value=1 $webdav{rechnungenc}>&nbsp;Rechnung</td>
-	</tr>
-	<tr>
-	<td><input name=anfragen class=checkbox type=checkbox value=1 $webdav{anfragenc}>&nbsp;Angebot</td>
-	<td><input name=lieferantenbestellungen class=checkbox type=checkbox value=1 $webdav{lieferantenbestellungenc}>&nbsp;Lieferantenbestellung</td>
-	<td><input name=einkaufsrechnungen class=checkbox type=checkbox value=1 $webdav{einkaufsrechnungenc}>&nbsp;Einkaufsrechnung</td>
-	</tr>
-  </table>
-  <tr>
-    <td colspan=2><hr size=3 noshade></td>
-  </tr>
-|;
+
+    $groups = [ sort { lc $a->{name} cmp lc $b->{name} } @{ $groups } ];
   }
-  print qq|
-</table>
-</div>
-|;
 
-}
+  $form->{CAN_CHANGE_PASSWORD} = $auth->can_change_password();
 
-sub save {
+  $form->header();
+  print $form->parse_html_template("admin/edit_user", { 'GROUPS' => $groups });
+}
 
-  # no driver checked
-  $form->error($locale->text('Database Driver not checked!'))
-    unless $form->{dbdriver};
+sub save_user {
+  $form->{dbdriver} = 'Pg';
 
   # no spaces allowed in login name
-  ($form->{login}) = split / /, $form->{login};
-
+  $form->{login} =~ s|\s||g;
   $form->isblank("login", $locale->text('Login name missing!'));
 
   # check for duplicates
   if (!$form->{edit}) {
-    $temp = new User "$memberfile", "$form->{login}";
-
-    if ($temp->{login}) {
-      $form->error("$form->{login} " . $locale->text('is already a member!'));
+    my %members = $auth->read_all_users();
+    if ($members{$form->{login}}) {
+      $form->show_generic_error($locale->text('Another user with the login #1 does already exist.', $form->{login}), 'back_button' => 1);
     }
   }
 
@@ -682,64 +469,17 @@ sub save {
 
   # is there a basedir
   if (!-d "$templates") {
-    $form->error(  $locale->text('Directory')
-                 . ": $templates "
-                 . $locale->text('does not exist'));
+    $form->error(sprintf($locale->text("The directory %s does not exist."), $templates));
   }
 
   # add base directory to $form->{templates}
-  $form->{templates} = "$templates/$form->{templates}";
-
-  $myconfig = new User "$memberfile", "$form->{login}";
+  $form->{templates} =~ s|.*/||;
+  $form->{templates} =  "$templates/$form->{templates}";
 
-  # redo acs variable and delete all the acs codes
-  @acs = split(/;/, $form->{acs});
+  $myconfig = new User($form->{login});
 
-  $form->{acs} = "";
-  foreach $item (@acs) {
-    $item = $form->escape($item, 1);
-
-    if (!$form->{$item}) {
-      $form->{acs} .= $form->unescape($form->unescape($item)) . ";";
-    }
-    delete $form->{$item};
-  }
-
-  # check which database was filled in
-  if ($form->{dbdriver} eq 'Oracle') {
-    $form->{sid}      = $form->{Oracle_sid},;
-    $form->{dbhost}   = $form->{Oracle_dbhost},;
-    $form->{dbport}   = $form->{Oracle_dbport};
-    $form->{dbpasswd} = $form->{Oracle_dbpasswd};
-    $form->{dbuser}   = $form->{Oracle_dbuser};
-    $form->{dbname}   = $form->{Oracle_dbuser};
-
-    $form->isblank("dbhost", $locale->text('Hostname missing!'));
-    $form->isblank("dbport", $locale->text('Port missing!'));
-    $form->isblank("dbuser", $locale->text('Dataset missing!'));
-  }
-  if ($form->{dbdriver} eq 'Pg') {
-    $form->{dbhost}   = $form->{Pg_dbhost};
-    $form->{dbport}   = $form->{Pg_dbport};
-    $form->{dbpasswd} = $form->{Pg_dbpasswd};
-    $form->{dbuser}   = $form->{Pg_dbuser};
-    $form->{dbname}   = $form->{Pg_dbname};
-
-    $form->isblank("dbname", $locale->text('Dataset missing!'));
-    $form->isblank("dbuser", $locale->text('Database User missing!'));
-  }
-
-  if ($webdav) {
-    @webdavdirs =
-      qw(angebote bestellungen rechnungen anfragen lieferantenbestellungen einkaufsrechnungen);
-    foreach $directory (@webdavdirs) {
-      if ($form->{$directory}) {
-        $form->{$directory} = $form->{$directory};
-      } else {
-        $form->{$directory} = 0;
-      }
-    }
-  }
+  $form->isblank("dbname", $locale->text('Dataset missing!'));
+  $form->isblank("dbuser", $locale->text('Database User missing!'));
 
   foreach $item (keys %{$form}) {
     $myconfig->{$item} = $form->{$item};
@@ -750,7 +490,13 @@ sub save {
     $myconfig->{stylesheet} = $form->{userstylesheet};
   }
 
-  $myconfig->save_member($memberfile, $userspath);
+  $myconfig->save_member();
+
+  if ($auth->can_change_password()
+      && defined $form->{new_password}
+      && ($form->{new_password} ne '********')) {
+    $auth->change_password($form->{login}, $form->{new_password});
+  }
 
   if ($webdav) {
     @webdavdirs =
@@ -767,7 +513,7 @@ sub save {
           }
           close(HTACCESS);
         }
-        open(HTACCESS, "> $file") or die "cannot open $file $!\n";
+        open(HTACCESS, "> $file") or die "cannot open $file $ERRNO\n";
         $newfile .= $myconfig->{login} . ":" . $myconfig->{password} . "\n";
         print(HTACCESS $newfile);
         close(HTACCESS);
@@ -782,7 +528,7 @@ sub save {
           }
           close(HTACCESS);
         }
-        open(HTACCESS, "> $file") or die "cannot open $file $!\n";
+        open(HTACCESS, "> $file") or die "cannot open $file $ERRNO\n";
         print(HTACCESS $newfile);
         close(HTACCESS);
       }
@@ -802,18 +548,18 @@ sub save {
       umask(007);
 
       # copy templates to the directory
-      opendir TEMPLATEDIR, "$templates/." or $form - error("$templates : $!");
+      opendir TEMPLATEDIR, "$templates/." or $form - error("$templates : $ERRNO");
       @templates = grep /$form->{mastertemplates}.*?\.(html|tex|sty|xml|txb)$/,
         readdir TEMPLATEDIR;
       closedir TEMPLATEDIR;
 
       foreach $file (@templates) {
         open(TEMP, "$templates/$file")
-          or $form->error("$templates/$file : $!");
+          or $form->error("$templates/$file : $ERRNO");
 
-        $file =~ s/$form->{mastertemplates}-//;
+        $file =~ s/\Q$form->{mastertemplates}\E-//;
         open(NEW, ">$form->{templates}/$file")
-          or $form->error("$form->{templates}/$file : $!");
+          or $form->error("$form->{templates}/$file : $ERRNO");
 
         while ($line = <TEMP>) {
           print NEW $line;
@@ -822,96 +568,58 @@ sub save {
         close(NEW);
       }
     } else {
-      $form->error("$!: $form->{templates}");
+      $form->error("$ERRNO: $form->{templates}");
     }
   }
 
-  $form->redirect($locale->text('User saved!'));
-
-}
-
-sub delete {
-
-  $form->{templates} =
-    ($form->{templates})
-    ? "$templates/$form->{templates}"
-    : "$templates/$form->{login}";
-
-  $form->error($locale->text('File locked!')) if (-f ${memberfile} . LCK);
-  open(FH, ">${memberfile}.LCK") or $form->error("${memberfile}.LCK : $!");
-  close(FH);
-
-  open(CONF, "+<$memberfile") or $form->error("$memberfile : $!");
+  # Add new user to his groups.
+  if (ref $form->{new_user_group_ids} eq 'ARRAY') {
+    my $all_groups = $auth->read_groups();
+    my %user       = $auth->read_user($form->{login});
 
-  @config = <CONF>;
+    foreach my $group_id (@{ $form->{new_user_group_ids} }) {
+      my $group = $all_groups->{$group_id};
 
-  seek(CONF, 0, 0);
-  truncate(CONF, 0);
+      next if !$group;
 
-  while ($line = shift @config) {
-
-    if ($line =~ /^\[/) {
-      last if ($line =~ /\[$form->{login}\]/);
-      $login = &login_name($line);
-    }
-
-    if ($line =~ /^templates=/) {
-      $user{$login} = &get_value($line);
-    }
-
-    print CONF $line;
-  }
-
-  # remove everything up to next login or EOF
-  # and save template variable
-  while ($line = shift @config) {
-    if ($line =~ /^templates=/) {
-      $templatedir = &get_value($line);
+      push @{ $group->{members} }, $user{id};
+      $auth->save_group($group);
     }
-    last if ($line =~ /^\[/);
   }
 
-  # this one is either the next login or EOF
-  print CONF $line;
+  $form->redirect($locale->text('User saved!'));
 
-  $login = &login_name($line);
+}
 
-  while ($line = shift @config) {
-    if ($line =~ /^\[/) {
-      $login = &login_name($line);
-    }
+sub save_user_as_new {
+  $form->{login} = $form->{new_user_login};
+  delete @{$form}{qw(edit new_user_login)};
 
-    if ($line =~ /^templates=/) {
-      $user{$login} = &get_value($line);
-    }
+  save_user();
+}
 
-    print CONF $line;
-  }
+sub delete_user {
+  my %members   = $auth->read_all_users();
+  my $templates = $members{$form->{login}}->{templates};
 
-  close(CONF);
-  unlink "${memberfile}.LCK";
+  $auth->delete_user($form->{login});
 
-  # scan %user for $templatedir
-  foreach $login (keys %user) {
-    last if ($found = ($templatedir eq $user{$login}));
-  }
+  if ($templates) {
+    my $templates_in_use = 0;
 
-  # if found keep directory otherwise delete
-  if (!$found) {
+    foreach $login (keys %members) {
+      next if $form->{login} eq $login;
+      next if $members{$login}->{templates} ne $templates;
+      $templates_in_use = 1;
+      last;
+    }
 
-    # delete it if there is a template directory
-    $dir = "$form->{templates}";
-    if (-d "$dir") {
-      unlink <$dir/*.html>;
-      unlink <$dir/*.tex>;
-      unlink <$dir/*.sty>;
-      rmdir "$dir";
+    if (!$templates_in_use && -d $templates) {
+      unlink <$templates/*>;
+      rmdir $templates;
     }
   }
 
-  # delete config file for user
-  unlink "$userspath/$form->{login}.conf";
-
   $form->redirect($locale->text('User deleted!'));
 
 }
@@ -938,324 +646,317 @@ sub get_value {
   $value;
 }
 
-sub change_admin_password {
+sub pg_database_administration {
 
-  $form->{title} =
-      qq|Lx-Office ERP |
-    . $locale->text('Administration') . " / "
-    . $locale->text('Change Admin Password');
+  $form->{dbdriver} = 'Pg';
+  dbselect_source();
 
-  $form->header();
-  print $form->parse_html_template("admin/change_admin_password");
 }
 
-sub change_password {
-  if ($form->{"password"} ne $form->{"password_again"}) {
-    $form->{title} =
-      qq|Lx-Office ERP |
-      . $locale->text('Administration') . " / "
-      . $locale->text('Change Admin Password');
-
-    $form->header();
-    $form->error($locale->text("The passwords do not match."));
-  }
-
-  $root->{password} = $form->{password};
-
-  $root->{'root login'} = 1;
-  $root->save_member($memberfile);
-
-  $form->{callback} =
-    "$form->{script}?action=list_users&rpw=$root->{password}";
+sub dbselect_source {
+  $form->{dbport}    = '5432';
+  $form->{dbuser}    = 'postgres';
+  $form->{dbdefault} = 'template1';
+  $form->{dbhost}    = 'localhost';
 
-  $form->redirect($locale->text('Password changed!'));
-}
+  $form->{title}     = "Lx-Office ERP / " . $locale->text('Database Administration');
 
-sub check_password {
-  $root = new User "$memberfile", $form->{root};
-
-  if (!defined($root->{password}) || ($root->{password} ne $form->{rpw})) {
-    $form->error($locale->text('Incorrect Password!'));
-  }
+  # Intentionnaly disabled unless fixed to work with the authentication DB.
+  $form->{ALLOW_DBBACKUP} = 0; # "$pg_dump_exe" ne "DISABLED";
 
+  $form->header();
+  print $form->parse_html_template("admin/dbadmin");
 }
 
-sub pg_database_administration {
-
+sub test_db_connection {
   $form->{dbdriver} = 'Pg';
-  &dbselect_source;
+  User::dbconnect_vars($form, $form->{dbname});
 
-}
+  my $dbh = DBI->connect($form->{dbconnect}, $form->{dbuser}, $form->{dbpasswd});
 
-sub oracle_database_administration {
+  $form->{connection_ok} = $dbh ? 1 : 0;
+  $form->{errstr}        = $DBI::errstr;
 
-  $form->{dbdriver} = 'Oracle';
-  &dbselect_source;
+  $dbh->disconnect() if ($dbh);
 
+  $form->{title} = $locale->text('Database Connection Test');
+  $form->header();
+  print $form->parse_html_template("admin/test_db_connection");
 }
 
-sub dbdriver_defaults {
-
-  # load some defaults for the selected driver
-  %driverdefaults = (
-                     'Pg' => { dbport        => '5432',
-                               dbuser        => 'postgres',
-                               dbdefault     => 'template1',
-                               dbhost        => 'localhost',
-                               connectstring => $locale->text('Connect to')
-                     },
-                     'Oracle' => { dbport        => '1521',
-                                   dbuser        => 'oralin',
-                                   dbdefault     => $sid,
-                                   dbhost        => `hostname`,
-                                   connectstring => 'SID'
-                     });
-
-  map { $form->{$_} = $driverdefaults{ $form->{dbdriver} }{$_} }
-    keys %{ $driverdefaults{Pg} };
-
+sub continue {
+  call_sub($form->{"nextsub"});
 }
 
-sub dbselect_source {
-
-  &dbdriver_defaults;
-
-  $msg{Pg} =
-    $locale->text(
-    'Leave host and port field empty unless you want to make a remote connection.'
-    );
-  $msg{Oracle} =
-    $locale->text(
-           'You must enter a host and port for local and remote connections!');
+sub back {
+  call_sub($form->{"back_nextsub"});
+}
 
+sub update_dataset {
   $form->{title} =
-    "Lx-Office ERP / " . $locale->text('Database Administration');
+      "Lx-Office ERP "
+    . $locale->text('Database Administration') . " / "
+    . $locale->text('Update Dataset');
 
-  $form->header;
+  my @need_updates      = User->dbneedsupdate($form);
+  $form->{NEED_UPDATES} = \@need_updates;
+  $form->{ALL_UPDATED}  = !scalar @need_updates;
 
-  print qq|
-<body class=admin>
+  $form->header();
+  print $form->parse_html_template("admin/update_dataset");
+}
 
+sub dbupdate {
+  $form->{stylesheet} = "lx-office-erp.css";
+  $form->{title}      = $locale->text("Dataset upgrade");
+  $form->header();
 
-<center>
-<h2>$form->{title}</h2>
+  my $rowcount           = $form->{rowcount} * 1;
+  my @update_rows        = grep { $form->{"update_$_"} } (1 .. $rowcount);
+  $form->{NOTHING_TO_DO} = !scalar @update_rows;
+  my $saved_form         = save_form();
 
-<form method=post action=$form->{script}>
+  $| = 1;
 
-<table>
-<tr><td>
+  print $form->parse_html_template("admin/dbupgrade_all_header");
 
-<table>
+  foreach my $i (@update_rows) {
+    restore_form($saved_form);
 
-  <tr class=listheading>
-    <th colspan=4>| . $locale->text('Database') . qq|</th>
-  </tr>
+    map { $form->{$_} = $form->{"${_}_${i}"} } qw(dbname dbdriver dbhost dbport dbuser dbpasswd);
 
-<input type=hidden name=dbdriver value=$form->{dbdriver}>
+    my $controls = parse_dbupdate_controls($form, $form->{dbdriver});
 
-  <tr><td>
-   <table>
+    print $form->parse_html_template("admin/dbupgrade_header");
 
-  <tr>
+    $form->{dbupdate}        = $form->{dbname};
+    $form->{$form->{dbname}} = 1;
 
-    <th align=right>| . $locale->text('Host') . qq|</th>
-    <td><input name=dbhost size=25 value=$form->{dbhost}></td>
-    <th align=right>| . $locale->text('Port') . qq|</th>
-    <td><input name=dbport size=5 value=$form->{dbport}></td>
+    User->dbupdate($form);
+    User->dbupdate2($form, $controls);
 
-  </tr>
+    print $form->parse_html_template("admin/dbupgrade_footer");
+  }
 
-  <tr>
+  print $form->parse_html_template("admin/dbupgrade_all_done");
+}
 
-    <th align=right>| . $locale->text('User') . qq|</th>
-    <td><input name="dbuser" size="10" value="$form->{dbuser}"></td>
-    <th align=right>| . $locale->text('Password') . qq|</th>
-    <td><input type="password" name="dbpasswd" size="10"></td>
+sub create_dataset {
+  $form->{dbsources} = join " ", map { "[${_}]" } sort User->dbsources($form);
 
-  </tr>
+  $form->{CHARTS} = [];
 
-  <tr>
+  opendir SQLDIR, "sql/." or $form - error($ERRNO);
+  foreach $item (sort grep /-chart\.sql\z/, readdir SQLDIR) {
+    next if ($item eq 'Default-chart.sql');
+    $item =~ s/-chart\.sql//;
+    push @{ $form->{CHARTS} }, { "name"     => $item,
+                                 "selected" => $item eq "Germany-DATEV-SKR03EU" };
+  }
+  closedir SQLDIR;
 
-    <th align=right>$form->{connectstring}</th>
-    <td colspan=3><input name=dbdefault size=10 value=$form->{dbdefault}></td>
+  my $default_charset = $dbcharset;
+  $default_charset ||= Common::DEFAULT_CHARSET;
 
-  </tr>
+  my $cluster_encoding = User->dbclusterencoding($form);
+  if ($cluster_encoding && ($cluster_encoding =~ m/^(?:UTF-?8|UNICODE)$/i)) {
+    if ($dbcharset !~ m/^UTF-?8$/i) {
+      $form->show_generic_error($locale->text('The selected  PostgreSQL installation uses UTF-8 as its encoding. ' .
+                                              'Therefore you have to configure Lx-Office to use UTF-8 as well.'),
+                                'back_button' => 1);
+    }
 
-</table>
+    $form->{FORCE_DBENCODING} = 'UNICODE';
 
-</td></tr>
-</table>
+  } else {
+    $form->{DBENCODINGS} = [];
 
-<input name=callback type=hidden value="$form->{script}?action=list_users&rpw=$form->{rpw}">
-<input type=hidden name=rpw value=$form->{rpw}>
+    foreach my $encoding (@Common::db_encodings) {
+      push @{ $form->{DBENCODINGS} }, { "dbencoding" => $encoding->{dbencoding},
+                                        "label"      => $encoding->{label},
+                                        "selected"   => $encoding->{charset} eq $default_charset };
+    }
+  }
 
-<br>
+  $form->{title} =
+      "Lx-Office ERP "
+    . $locale->text('Database Administration') . " / "
+    . $locale->text('Create Dataset');
 
-<input type=submit class=submit name=action value="|
-    . $locale->text('Create Dataset') . qq|">|;
-# Vorübergehend Deaktiviert
-# <input type=submit class=submit name=action value="|
-#     . $locale->text('Update Dataset') . qq|">
-print qq| <input type=submit class=submit name=action value="|
-    . $locale->text('Delete Dataset') . qq|">
+  $form->header();
+  print $form->parse_html_template("admin/create_dataset");
+}
 
-</form>
+sub dbcreate {
+  $form->isblank("db", $locale->text('Dataset missing!'));
 
-</td></tr>
-</table>
+  User->dbcreate(\%$form);
 
-<p>|
-    . $locale->text(
-    'This is a preliminary check for existing sources. Nothing will be created or deleted at this stage!'
-    )
+  $form->{title} =
+      "Lx-Office ERP "
+    . $locale->text('Database Administration') . " / "
+    . $locale->text('Create Dataset');
 
-    . qq|
-<br>$msg{$form->{dbdriver}}
+  $form->header();
+  print $form->parse_html_template("admin/dbcreate");
+}
 
+sub delete_dataset {
+  @dbsources = User->dbsources_unused($form);
+  $form->error($locale->text('Nothing to delete!')) unless @dbsources;
 
-</body>
-</html>
-|;
+  $form->{title} =
+      "Lx-Office ERP "
+    . $locale->text('Database Administration') . " / "
+    . $locale->text('Delete Dataset');
+  $form->{DBSOURCES} = [ map { { "name", $_ } } sort @dbsources ];
 
+  $form->header();
+  print $form->parse_html_template("admin/delete_dataset");
 }
 
-sub continue {
-  call_sub($form->{"nextsub"});
-}
+sub dbdelete {
 
-sub update_dataset {
+  if (!$form->{db}) {
+    $form->error($locale->text('No Dataset selected!'));
+  }
 
-  %needsupdate = User->dbneedsupdate(\%$form);
+  User->dbdelete(\%$form);
 
   $form->{title} =
       "Lx-Office ERP "
     . $locale->text('Database Administration') . " / "
-    . $locale->text('Update Dataset');
+    . $locale->text('Delete Dataset');
+  $form->header();
+  print $form->parse_html_template("admin/dbdelete");
+}
 
-  $form->header;
+sub backup_dataset {
+  $form->{title} =
+      "Lx-Office ERP "
+    . $locale->text('Database Administration') . " / "
+    . $locale->text('Backup Dataset');
 
-  print qq|
-<body class=admin>
+  if ("$pg_dump_exe" eq "DISABLED") {
+    $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.'));
+  }
 
+  my @dbsources         = sort User->dbsources($form);
+  $form->{DATABASES}    = [ map { { "dbname" => $_ } } @dbsources ];
+  $form->{NO_DATABASES} = !scalar @dbsources;
 
-<center>
-<h2>$form->{title}</h2>
-|;
-  my $field_id = 0;
-  foreach $key (sort keys %needsupdate) {
-    if ($needsupdate{$key} ne $form->{dbversion}) {
-      $upd .= qq|<input id="$field_id" name="db$key" type="checkbox" value="1" checked> $key\n|;
-      $form->{dbupdate} .= "db$key ";
-      $field_id++;
-    }
-  }
+  my $username  = getpwuid $UID || "unknown-user";
+  my $hostname  = hostname() || "unknown-host";
+  $form->{from} = "Lx-Office Admin <${username}\@${hostname}>";
 
-  chop $form->{dbupdate};
+  $form->header();
+  print $form->parse_html_template("admin/backup_dataset");
+}
 
-  if ($form->{dbupdate}) {
+sub backup_dataset_start {
+  $form->{title} =
+      "Lx-Office ERP "
+    . $locale->text('Database Administration') . " / "
+    . $locale->text('Backup Dataset');
 
-    print qq|
-<table width=100%>
-<form method=post action=$form->{script}>
+  $pg_dump_exe ||= "pg_dump";
 
-<input type=hidden name="dbdriver"  value="$form->{dbdriver}">
-<input type=hidden name="dbhost"    value="$form->{dbhost}">
-<input type=hidden name="dbport"    value="$form->{dbport}">
-<input type=hidden name="dbuser"    value="$form->{dbuser}">
-<input type=hidden name="dbpasswd"  value="$form->{dbpasswd}">
-<input type=hidden name="dbdefault" value="$form->{dbdefault}">
+  if ("$pg_dump_exe" eq "DISABLED") {
+    $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.'));
+  }
 
-<tr class=listheading>
-  <th>| . $locale->text('The following Datasets need to be updated') . qq|</th>
-</tr>
-<tr>
-<td>
+  $form->isblank("dbname", $locale->text('The dataset name is missing.'));
+  $form->isblank("to", $locale->text('The email address is missing.')) if $form->{destination} eq "email";
 
-$upd
+  my $tmpdir = "/tmp/lx_office_backup_" . Common->unique_id();
+  mkdir $tmpdir, 0700 || $form->error($locale->text('A temporary directory could not be created:') . " $ERRNO");
 
-</td>
-</tr>
-<tr>
-<td>
+  my $pgpass = IO::File->new("${tmpdir}/.pgpass", O_WRONLY | O_CREAT, 0600);
 
-<input name=dbupdate type=hidden value="$form->{dbupdate}">
+  if (!$pgpass) {
+    unlink $tmpdir;
+    $form->error($locale->text('A temporary file could not be created:') . " $ERRNO");
+  }
 
-<input name=callback type=hidden value="$form->{script}?action=list_users&rpw=$form->{rpw}">
+  print $pgpass "$form->{dbhost}:$form->{dbport}:$form->{dbname}:$form->{dbuser}:$form->{dbpasswd}\n";
+  $pgpass->close();
 
-<input type=hidden name=rpw value=$form->{rpw}>
+  $ENV{HOME} = $tmpdir;
 
-<input type=hidden name=nextsub value=dbupdate>
+  my @args = ("-Ft", "-c", "-o", "-h", $form->{dbhost}, "-U", $form->{dbuser});
+  push @args, ("-p", $form->{dbport}) if ($form->{dbport});
+  push @args, $form->{dbname};
 
-<hr size=3 noshade>
+  my $cmd  = "${pg_dump_exe} " . join(" ", map { s/\\/\\\\/g; s/\"/\\\"/g; $_ } @args);
+  my $name = "dataset_backup_$form->{dbname}_" . strftime("%Y%m%d", localtime()) . ".tar";
 
-<br>
-<input type=submit class=submit name=action value="|
-      . $locale->text('Continue') . qq|">
+  if ($form->{destination} ne "email") {
+    my $in = IO::File->new("$cmd |");
 
-</td></tr>
-</table>
-</form>
-|;
+    if (!$in) {
+      unlink "${tmpdir}/.pgpass";
+      rmdir $tmpdir;
 
-  } else {
+      $form->error($locale->text('The pg_dump process could not be started.'));
+    }
 
-    print $locale->text('All Datasets up to date!');
+    print "content-type: application/x-tar\n";
+    print "content-disposition: attachment; filename=\"${name}\"\n\n";
 
-  }
+    while (my $line = <$in>) {
+      print $line;
+    }
 
-  print qq|
+    $in->close();
 
-</body>
-</html>
-|;
+    unlink "${tmpdir}/.pgpass";
+    rmdir $tmpdir;
 
-}
+  } else {
+    my $tmp = $tmpdir . "/dump_" . Common::unique_id();
 
-sub dbupdate {
-  $form->{"stylesheet"} = "lx-office-erp.css";
-  $form->{"title"} = $main::locale->text("Dataset upgrade");
-  $form->header();
-  my $dbname =
-    join(" ",
-         map({ s/\s//g; s/^db//; $_; }
-             grep({ $form->{$_} }
-                  split(/\s+/, $form->{"dbupdate"}))));
-  print($form->parse_html_template("dbupgrade/header",
-                                   { "dbname" => $dbname }));
+    if (system("$cmd > $tmp") != 0) {
+      unlink "${tmpdir}/.pgpass", $tmp;
+      rmdir $tmpdir;
 
-  User->dbupdate(\%$form);
+      $form->error($locale->text('The pg_dump process could not be started.'));
+    }
 
-  print qq|
-<hr>
+    my $mail = new Mailer;
 
-| . $locale->text('Dataset updated!') . qq|
+    map { $mail->{$_} = $form->{$_} } qw(from to cc subject message);
 
-<br>
+    $mail->{charset}     = $dbcharset ? $dbcharset : Common::DEFAULT_CHARSET;
+    $mail->{attachments} = [ { "filename" => $tmp, "name" => $name } ];
+    $mail->send();
 
-<a id="enddatasetupdate" href="admin.pl?action=login&| .
-join("&", map({ "$_=" . $form->escape($form->{$_}); } qw(rpw))) .
-qq|">| . $locale->text("Continue") . qq|</a>|;
+    unlink "${tmpdir}/.pgpass", $tmp;
+    rmdir $tmpdir;
 
-}
+    $form->{title} =
+        "Lx-Office ERP "
+      . $locale->text('Database Administration') . " / "
+      . $locale->text('Backup Dataset');
 
-sub create_dataset {
-  $form->{dbsources} = join " ", map { "[${_}]" } sort User->dbsources(\%$form);
+    $form->header();
+    print $form->parse_html_template("admin/backup_dataset_email_done");
+  }
+}
 
-  $form->{CHARTS} = [];
+sub restore_dataset {
+  $form->{title} =
+      "Lx-Office ERP "
+    . $locale->text('Database Administration') . " / "
+    . $locale->text('Restore Dataset');
 
-  opendir SQLDIR, "sql/." or $form - error($!);
-  foreach $item (sort grep /-chart\.sql\z/, readdir SQLDIR) {
-    next if ($item eq 'Default-chart.sql');
-    $item =~ s/-chart\.sql//;
-    push @{ $form->{CHARTS} }, { "name"     => $item,
-                                 "selected" => $item eq "Germany-DATEV-SKR03EU" };
+  if ("$pg_restore_exe" eq "DISABLED") {
+    $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.'));
   }
-  closedir SQLDIR;
 
-  my $default_charset = $dbcharset;
-  $default_charset ||= Common::DEFAULT_CHARSET;
+  my $default_charset   = $dbcharset;
+  $default_charset    ||= Common::DEFAULT_CHARSET;
 
-  $form->{DBENCODINGS} = [];
+  $form->{DBENCODINGS}  = [];
 
   foreach my $encoding (@Common::db_encodings) {
     push @{ $form->{DBENCODINGS} }, { "dbencoding" => $encoding->{dbencoding},
@@ -1263,66 +964,138 @@ sub create_dataset {
                                       "selected"   => $encoding->{charset} eq $default_charset };
   }
 
+  $form->header();
+  print $form->parse_html_template("admin/restore_dataset");
+}
+
+sub restore_dataset_start {
   $form->{title} =
       "Lx-Office ERP "
     . $locale->text('Database Administration') . " / "
-    . $locale->text('Create Dataset');
+    . $locale->text('Restore Dataset');
 
-  $form->header();
-  print $form->parse_html_template("admin/create_dataset");
-}
+  $pg_restore_exe ||= "pg_restore";
 
-sub dbcreate {
-  $form->isblank("db", $locale->text('Dataset missing!'));
+  if ("$pg_restore_exe" eq "DISABLED") {
+    $form->error($locale->text('Database backups and restorations are disabled in lx-erp.conf.'));
+  }
 
-  User->dbcreate(\%$form);
+  $form->isblank("new_dbname", $locale->text('The dataset name is missing.'));
+  $form->isblank("content", $locale->text('No backup file has been uploaded.'));
 
-  $form->{title} =
-      "Lx-Office ERP "
-    . $locale->text('Database Administration') . " / "
-    . $locale->text('Create Dataset');
+  # Create temporary directories. Write the backup file contents to a temporary
+  # file. Create a .pgpass file with the username and password for the pg_restore
+  # utility.
 
-  $form->header();
-  print $form->parse_html_template("admin/dbcreate");
-}
+  my $tmpdir = "/tmp/lx_office_backup_" . Common->unique_id();
+  mkdir $tmpdir, 0700 || $form->error($locale->text('A temporary directory could not be created:') . " $ERRNO");
 
-sub delete_dataset {
-  @dbsources = User->dbsources_unused(\%$form, $memberfile);
-  $form->error($locale->text('Nothing to delete!')) unless @dbsources;
+  my $pgpass = IO::File->new("${tmpdir}/.pgpass", O_WRONLY | O_CREAT, 0600);
 
-  $form->{title} =
-      "Lx-Office ERP "
-    . $locale->text('Database Administration') . " / "
-    . $locale->text('Delete Dataset');
-  $form->{DBSOURCES} = [ map { { "name", $_ } } sort @dbsources ];
+  if (!$pgpass) {
+    unlink $tmpdir;
+    $form->error($locale->text('A temporary file could not be created:') . " $ERRNO");
+  }
 
-  $form->header();
-  print $form->parse_html_template("admin/delete_dataset");
-}
+  print $pgpass "$form->{dbhost}:$form->{dbport}:$form->{new_dbname}:$form->{dbuser}:$form->{dbpasswd}\n";
+  $pgpass->close();
 
-sub dbdelete {
+  $ENV{HOME} = $tmpdir;
 
-  if (!$form->{db}) {
-    $form->error($locale->text('No Dataset selected!'));
+  my $tmp = $tmpdir . "/dump_" . Common::unique_id();
+  my $tmpfile;
+
+  if (substr($form->{content}, 0, 2) eq "\037\213") {
+    $tmpfile = IO::File->new("| gzip -d > $tmp");
+    $tmpfile->binary();
+
+  } else {
+    $tmpfile = IO::File->new($tmp, O_WRONLY | O_CREAT | O_BINARY, 0600);
   }
 
-  User->dbdelete(\%$form);
+  if (!$tmpfile) {
+    unlink "${tmpdir}/.pgpass";
+    rmdir $tmpdir;
 
-  $form->{title} =
-      "Lx-Office ERP "
-    . $locale->text('Database Administration') . " / "
-    . $locale->text('Delete Dataset');
+    $form->error($locale->text('A temporary file could not be created:') . " $ERRNO");
+  }
+
+  print $tmpfile $form->{content};
+  $tmpfile->close();
+
+  delete $form->{content};
+
+  # Try to connect to the database. Find out if a database with the same name exists.
+  # If yes, then drop the existing database. Create a new one with the name and encoding
+  # given by the user.
+
+  User::dbconnect_vars($form, "template1");
+
+  my %myconfig = map { $_ => $form->{$_} } grep /^db/, keys %{ $form };
+  my $dbh      = $form->dbconnect(\%myconfig) || $form->dberror();
+
+  my ($query, $sth);
+
+  $form->{new_dbname} =~ s|[^a-zA-Z0-9_\-]||g;
+
+  $query = qq|SELECT COUNT(*) FROM pg_database WHERE datname = ?|;
+  my ($count) = selectrow_query($form, $dbh, $query, $form->{new_dbname});
+  if ($count) {
+    do_query($form, $dbh, qq|DROP DATABASE $form->{new_dbname}|);
+  }
+
+  my $found = 0;
+  foreach my $item (@Common::db_encodings) {
+    if ($item->{dbencoding} eq $form->{dbencoding}) {
+      $found = 1;
+      last;
+    }
+  }
+  $form->{dbencoding} = "LATIN9" unless $form->{dbencoding};
+
+  do_query($form, $dbh, qq|CREATE DATABASE $form->{new_dbname} ENCODING ? TEMPLATE template0|, $form->{dbencoding});
+
+  $dbh->disconnect();
+
+  # Spawn pg_restore on the temporary file.
+
+  my @args = ("-h", $form->{dbhost}, "-U", $form->{dbuser}, "-d", $form->{new_dbname});
+  push @args, ("-p", $form->{dbport}) if ($form->{dbport});
+  push @args, $tmp;
+
+  my $cmd = "${pg_restore_exe} " . join(" ", map { s/\\/\\\\/g; s/\"/\\\"/g; $_ } @args);
+
+  my $in = IO::File->new("$cmd 2>&1 |");
+
+  if (!$in) {
+    unlink "${tmpdir}/.pgpass", $tmp;
+    rmdir $tmpdir;
+
+    $form->error($locale->text('The pg_restore process could not be started.'));
+  }
+
+  $AUTOFLUSH = 1;
 
   $form->header();
-  print $form->parse_html_template("admin/dbdelete");
+  print $form->parse_html_template("admin/restore_dataset_start_header");
+
+  while (my $line = <$in>) {
+    print $line;
+  }
+  $in->close();
+
+  $form->{retval} = $CHILD_ERROR >> 8;
+  print $form->parse_html_template("admin/restore_dataset_start_footer");
+
+  unlink "${tmpdir}/.pgpass", $tmp;
+  rmdir $tmpdir;
 }
 
 sub unlock_system {
 
   unlink "$userspath/nologin";
 
-  $form->{callback} =
-    "$form->{script}?action=list_users&rpw=$root->{password}";
+  $form->{callback} = "admin.pl?action=list_users";
 
   $form->redirect($locale->text('Lockfile removed!'));
 
@@ -1334,9 +1107,58 @@ sub lock_system {
     or $form->error($locale->text('Cannot create Lock!'));
   close(FH);
 
-  $form->{callback} =
-    "$form->{script}?action=list_users&rpw=$root->{password}";
+  $form->{callback} = "admin.pl?action=list_users";
 
   $form->redirect($locale->text('Lockfile created!'));
 
 }
+
+sub yes {
+  call_sub($form->{yes_nextsub});
+}
+
+sub no {
+  call_sub($form->{no_nextsub});
+}
+
+sub add {
+  call_sub($form->{add_nextsub});
+}
+
+sub edit {
+  $form->{edit_nextsub} ||= 'edit_user';
+
+  call_sub($form->{edit_nextsub});
+}
+
+sub delete {
+  $form->{delete_nextsub} ||= 'delete_user';
+
+  call_sub($form->{delete_nextsub});
+}
+
+sub save {
+  $form->{save_nextsub} ||= 'save_user';
+
+  call_sub($form->{save_nextsub});
+}
+
+sub back {
+  call_sub($form->{back_nextsub});
+}
+
+sub dispatcher {
+  foreach my $action (qw(create_standard_group dont_create_standard_group
+                         save_user delete_user save_user_as_new)) {
+    if ($form->{"action_${action}"}) {
+      call_sub($action);
+      return;
+    }
+  }
+
+  call_sub($form->{default_action}) if ($form->{default_action});
+
+  $form->error($locale->text('No action defined.'));
+}
+
+1;