<?php
// osCommerce Product Manager for Windows (oscpmwin).
// Copyright Š2003,2004,2005 by Mario A. Valdez-Ramirez.

// You can contact Mario A. Valdez-Ramirez
// by email at mario@mariovaldez.org or paper mail at
// Olmos 809, San Nicolas, NL. 66495, Mexico.

// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or (at
// your option) any later version.

// This program is distributed in the hope that it will be useful, but
// WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// General Public License for more details.

// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA


// ==================================
// Start of configuration options...
// ==================================
$opm_images_directory = "images/";
$opm_enable_logfile = false;
$opm_enable_extralog = false;
$opm_debug_file = "opm_debug.txt";
$opm_browser_debug = false;
$opm_enable_auth = true;
$opm_password_override = "";
$opm_encoded_data = false;
$opm_upload_perms = "0644";
$opm_raw_records = true;
$opm_timezone_shift = 0;

$opm_cfg_useproxy = false;
$opm_cfg_proxyaddress = "192.168.0.1";
$opm_cfg_proxyport = 3128;

// ==================================
// End of configuration options...
// ==================================


$opm_httpconn_timeout = 60;                 // 60 seconds
$opm_tag_recordbegin = "BR";                // BR
$opm_tag_recordend = "ER";                  // ER
$opm_tag_field = "DF";                      // DF
$opm_tag_databegin = "[";                   // [
$opm_tag_dataend = "]";                     // ]


$opm_script_version = "0.1.15";
error_reporting(E_ALL & ~E_NOTICE);

$opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
$opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
$opm_tmposname = explode (" ", php_uname ());
$opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];


@set_time_limit (300);

if (!$opm_upload_perms) {
  $opm_upload_perms = "0600";
}
// Get all parameters about the request.
if (!$opm_browser_debug) {
  $opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
  $opm_operation = strtolower (trim ($_POST["Op"]));
  $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
  $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
  $opm_reqversion = trim ($_POST["Vn"]);
  $opm_logintimestamp = trim ($_POST["TS"]);
}
else {
  $opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
  $opm_operation = strtolower (trim ($_GET["Op"]));
  $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
  $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
  $opm_reqversion = trim ($_GET["Vn"]);
  $opm_logintimestamp = trim ($_GET["TS"]);
}
if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
  $opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
}

// Log basic information about the request.
if ($opm_enable_extralog) {
  if (!$opm_browser_debug) {
    opm_FNDebug_Log (print_r ($_POST, true));
  }
  else {
    opm_FNDebug_Log (print_r ($_GET, true));
  }
}
else {
  opm_FNDebug_Log ("");
}
opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
opm_FNDebug_Log ("OPERATION=" . $opm_operation);
opm_FNDebug_Log ("FILENAME=" . $opm_filename);
opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);


// Include osCommerce database configuration and functions.
require ("includes/configure.php");
require (DIR_WS_INCLUDES . "database_tables.php");
require (DIR_WS_FUNCTIONS . "database.php");


if ($opm_browser_debug) { echo "<pre>"; }

// Check if script version is the expected by client.
if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
  opm_FNDebug_Log ("ERROR wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
  echo "ERROR WRONG SCRIPT VERSION";
  return;
}

// Check if the image directory is valid.
if (!is_dir ($opm_realpath) && ($opm_operation)) {
  opm_FNDebug_Log ("ERROR cannot find the images directory. Expecting $opm_realpath exist.");
  echo "ERROR IMAGE DIRECTORY NOT FOUND";
  return;
}

// Get osCommerce DB password and compare it with client password.
// Unless no operation is requested.
if ($opm_operation) {
  if ($opm_enable_auth) {
    if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
      if ($opm_password_override != "") {
        opm_FNDebug_Log ("Password override is enabled.");
        $opm_serverpassword = strtoupper (md5 ($opm_logintimestamp . $opm_password_override));
      }
      else {
        $opm_serverpassword = strtoupper (md5 ($opm_logintimestamp . DB_SERVER_PASSWORD));
      }
      opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
      if ($opm_serverpassword != $opm_passwordhash) {
        opm_FNDebug_Log ("ERROR the server and client passwords do not match.");
        echo "ERROR PASSWORD MISMATCH";
        return;
      }
    }
    else {
      opm_FNDebug_Log ("ERROR the server password was not found.");
      echo "ERROR CANNOT FIND SERVER PASSWORD";
      return;
    }
  }
  else {
    opm_FNDebug_Log ("Password authentication is disabled.");
  }
}
else {
  $opm_simpletest_dbok = false;
  $opm_simpletest_imgok = false;
  echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
  echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
  echo "LI { padding: 5px; }\n";
  echo "H3 { padding: 5px 5px 5px 20px; }\n";
  echo "A { color: #0000FF; text-decoration: none; }\n";
  echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
  echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
  echo ".ok { background-color: #CCFFCC; }\n";
  echo ".notok { background-color: #FFCCCC; }\n";
  echo ".info { background-color: #EEEEFF; }\n";
  echo ".links { background-color: #EEEEEE; }\n";
  echo "</style>\n";
  echo "</head><body>\n";
  echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
  $opm_simpletest_dbok = (boolean) (tep_db_connect ());
  $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
  if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
    echo "<div class=\"ok\">";
  }
  else {
    echo "<div class=\"notok\">";
  }
  echo "<ul>\n";
  if ($opm_simpletest_dbok) {
    echo "<li><strong>Database connection seems OK.</strong></li>\n";
  }
  else {
    echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
  }
  if ($opm_simpletest_imgok) {
    echo "<li><strong>Image directory seems OK.</strong></li>\n";
  }
  else {
    echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
  }
  echo "</ul>";
  if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
    echo "<h3><strong>Everything seems OK. &nbsp; &nbsp; &nbsp; :)</strong></h3>\n";
  }
  else {
    echo "<h3><strong>There seems to be a problem. &nbsp; &nbsp; &nbsp; :(</strong></h3>\n";
  }
  echo "</div>";
  echo "<div class=\"info\"><ul>";
  if ($opm_browser_debug) {
    echo "<li>Browser-debug mode is enabled.";
  }
  else {
    echo "<li>Browser-debug mode is disabled";
  }
  echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";

  if ($opm_enable_logfile) {
    echo "<li>Logging file is enabled.";
  }
  else {
    echo "<li>Logging file is disabled";
  }
  echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";

  if ($opm_cfg_useproxy) {
    echo "<li>Proxy-usage is enabled.";
  }
  else {
    echo "<li>Proxy-usage is disabled";
  }
  echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
  echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
  echo "</ul></div>";
  echo "<div class=\"links\"><ul>";
  echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
  echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
  echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
  echo "</ul></div>";
  echo "<p><small>&copy;2002-2005 by Mario A. Valdez-Ramirez.<br>\n";
  echo "This program is free software; you can redistribute it and/or modify\n";
  echo "it under the terms of the GNU General Public License as published by\n";
  echo "the Free Software Foundation; either version 2 of the License, or (at\n";
  echo "your option) any later version.</small></p>\n";
  echo "</body></html>";
  return;
}


// Connect to database.
if (($opm_operation == "delete1") || ($opm_operation == "delete2") || ($opm_operation == "capa") || ($opm_operation == "backup")) {
  if (!tep_db_connect ()) {
    echo "ERROR NO DATABASE CONNECTION";
    return;
  }
}


// ==================================
// Do nothing.
// NOOP do nothing.
// ==================================
if ($opm_operation == "noop") {
  echo "OK NOOP START\n";
  opm_FNDebug_Log ("OK NOOP requested.");
  echo "OK NOOP END\n";
}

// ==================================
// CHECK if a file exists.
// CHECK requires the full path of the image.
// ==================================
if ($opm_operation == "check") {
  if ($opm_filename) {
    if (file_exists ($opm_realpath . $opm_filename)) {
      opm_FNDebug_Log ("OK file found $opm_filename.");
      echo "OK FILE EXISTS";
    }
    else {
      opm_FNDebug_Log ("ERROR file not found $opm_filename.");
      echo "ERROR FILE NOT FOUND";
    }
  }
}

// ==================================
// LIST all files recursively.
// LIST returns the filenames with paths.
// ==================================
if ($opm_operation == "list") {
  echo "OK LIST START\n";
  opm_FNList_Files ($opm_realpath, "", false);
  echo "OK LIST END\n";
}

// ==================================
// LISTDIRS only dirs recursively.
// LISTDIRS returns no filenames.
// ==================================
if ($opm_operation == "listdirs") {
  echo "OK LISTDIRS START\n";
  opm_FNList_Files ($opm_realpath, "", true);
  echo "OK LISTDIRS END\n";
}

// ==================================
// DELETE an image.
// DELETE requires the filename of the image with path.
// DELETE1 deletes the image if less than one record references it.
// DELETE2 deletes the image if less than two records reference it.
// ==================================
if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
  if ($opm_operation == "delete1") {
    $allowed_owners = 1;
  }
  else {
    $allowed_owners = 2;
  }
  if ($opm_filename) {
    // Check for More Pics 6 extension...
    $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6", $opm_raw_records));
    if ($opm_sqlresult[0]) {
      $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'", $opm_raw_records));
    }
    else {
      $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'", $opm_raw_records));
    }
    if ($opm_sqlresult[0] < $allowed_owners) {
      if (file_exists ($opm_realpath . $opm_filename)) {
        if (@unlink ($opm_realpath . $opm_filename)) {
          if (!file_exists ($opm_realpath . $opm_filename)) {
            opm_FNDebug_Log ("OK file deleted $opm_filename.");
            echo "OK DELETE";
          }
          else {
            opm_FNDebug_Log ("ERROR file cannot be deleted $opm_filename.");
            echo "ERROR DELETE FILE REMAINS";
          }
        }
        else {
          opm_FNDebug_Log ("ERROR when deleting $opm_filename.");
          echo "ERROR DELETE UNKNOWN";
        }
      }
      else {
        opm_FNDebug_Log ("OK file not found when deleting $opm_filename.");
        echo "OK DELETE FILE NOT FOUND";
      }
    }
    else {
      opm_FNDebug_Log ("OK file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
      echo "OK DELETE FILE IN USE";
    }
  }
  else {
    opm_FNDebug_Log ("OK filename empty.");
    echo "OK DELETE FILENAME EMPTY";
  }
}

// ==================================
// UPLOAD an image.
// UPLOAD requires the path, without filename, where the image will be stored.
// UPLOAD returns the image filename with the path.
// ==================================
if ($opm_operation == "upload") {
  if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
    if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
      if ($opm_filename) {
        $newfn = $opm_filename;
      }
      else {
        $newfn = trim ($_FILES["Fl"]["name"]);
      }
      $newfn = str_replace (" ", "_", $newfn);
      $newfn = str_replace ("/", "", $newfn);
      $newfn = str_replace ("\\", "", $newfn);
      $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
      $newfn = strtolower ($newfn);

      if ($opm_subdir) {
        if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
          opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
          opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
        }
        if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
          opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
          $newfn = $opm_subdir . "/" . $newfn;
        }
        else {
          opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
        }

      }
      opm_FNDebug_Log ("wanted filename=" . $newfn);
      $newfn = opm_FNSmart_Rename ($newfn, 100);
      opm_FNDebug_Log ("smart filename=" . $newfn);
      opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
      if (!file_exists ($opm_realpath . $newfn)) {
        opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
        if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
          opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
          if (file_exists ($opm_realpath . $newfn)) {
            opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
            @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
            echo "OK UPLOAD [" . $newfn . "]";
          }
          else {
            opm_FNDebug_Log ("ERROR file not copied=" . $opm_realpath . $newfn);
            echo "ERROR UPLOAD FILE NOT FOUND";
          }
        }
        else {
          opm_FNDebug_Log ("ERROR file not copied=" . $opm_realpath . $newfn);
          echo "ERROR UPLOAD CANNOT MOVE";
        }
      }
      else {
        opm_FNDebug_Log ("ERROR file exist=" . $opm_realpath . $newfn);
        echo "ERROR UPLOAD EXIST [" . $newfn . "]";
      }
    }
    else {
      opm_FNDebug_Log ("ERROR cannot find uploaded file!");
      echo "ERROR UPLOAD";
    }
  }
}

// ==================================
// CAPABILITY listing.
// CAPABILITY returns a list of identified modules.
// ==================================
if ($opm_operation == "capa") {
  opm_FNDebug_Log ("OK Capability search started.");
  echo "OK CAPABILITY START\n";

  // Credit Card Payment...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK PAY_CC capcbility found.");
    echo "PAY_CC\n";
  }

  // Money Order Payment...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK PAY_ORDER capcbility found.");
    echo "PAY_ORDER\n";
  }

  // COD Payment...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK PAY_CC capcbility found.");
    echo "PAY_CC\n";
  }

  // PayPal Payment...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK PAY_PP capcbility found.");
    echo "PAY_PP\n";
  }

  // Flat Rate Shipping...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK SHIP_FLAT capcbility found.");
    echo "SHIP_FLAT\n";
  }

  // Table Shipping...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK SHIP_TBL capcbility found.");
    echo "SHIP_TBL\n";
  }

  // Store PickUp Shipping...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK SHIP_SPU capcbility found.");
    echo "SHIP_SPU\n";
  }

  // Multi Pickup Shipping...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK SHIP_MPU capcbility found.");
    echo "SHIP_MPU\n";
  }

  // More Pics 6...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK MOREPICS6 capcbility found.");
    echo "MOREPICS6\n";
  }

  // Total B2B...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK TOTALB2B capcbility found.");
    echo "TOTALB2B\n";
  }

  // Poll Booth...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK POLLBOOTH capcbility found.");
    echo "POLLBOOTH\n";
  }

  // Header Tags Controller...
  $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag", $opm_raw_records));
  if ($opm_sqlresult[0]) {
    opm_FNDebug_Log ("OK HEADERTAGS capcbility found.");
    echo "HEADERTAGS\n";
  }

  opm_FNDebug_Log ("OK Capability search finished.");
  echo "OK CAPABILITY END\n";
}

// ==================================
// BACKUP database.
// BACKUP returns a SQL dump.
// ==================================
if ($opm_operation == "backup") {
  opm_FNDebug_Log ("OK Backup of database requested.");
  $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
  opm_FNBackup ($opm_realpath . $opm_bak_filename);
  if (file_exists ($opm_realpath . $opm_bak_filename)) {
    opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
    if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
      $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
      header ("Content-type: application/octet-stream");
      header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
      header("Content-Length: " . $opm_bak_filesize);
      header ("Pragma: no-store");
      readfile ($opm_realpath . $opm_bak_filename . ".gz");
      @unlink ($opm_realpath . $opm_bak_filename . ".gz");
      opm_FNDebug_Log ("OK Deleting compressed backup file.");
    }
    @unlink ($opm_realpath . $opm_bak_filename);
    opm_FNDebug_Log ("OK Deleting uncompressed backup file.");
  }
  else {
    opm_FNDebug_Log ("ERROR Backup file not found.");
  }
  opm_FNDebug_Log ("OK Backup operation finished.");
}


// ==================================
// Get XCHGRATES.
// XCHGRATES returns the exchange rates of currencies.
// ==================================
if ($opm_operation == "xchgrates") {
  opm_FNDebug_Log ("OK Starting XCHGRATES operation.");
  if ($opm_filename) {
    $opm_filename = strtoupper ($opm_filename);
    $opm_main_currency = substr ($opm_filename, 0, 3);
    $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
    if (($opm_main_currency) && ($opm_xchange_currencies)) {
      $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
      $opm_page_data = opm_FNget_webpage ($opm_xchange_page);
      if ($opm_page_data) {
        $opm_page_data = strip_tags ($opm_page_data);
        $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
        $opm_xr_matches = array ();
        preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
        echo "OK XCHGRATES START\n";
        foreach ($opm_xr_matches[2] as $key => $value) {
          echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
        }
        echo "OK XCHGRATES END\n";
      }
      else {
        opm_FNDebug_Log ("ERROR The remote server answer is empty or invalid.");
        echo "ERROR REMOTE SERVER ERROR";
      }
    }
    else {
      opm_FNDebug_Log ("ERROR The specified currency codes are invalid.");
      echo "ERROR INVALID CURRENCY";
    }
  }
  else {
    opm_FNDebug_Log ("ERROR The no currency codes were specified.");
    echo "ERROR EMPTY CURRENCY";
  }
}


if ($opm_browser_debug) { echo "</pre>"; }
return;


// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
	$dirhandle = opendir ($dirname);
  while (($file = readdir ($dirhandle)) != false)
    $sorteddir[count ($sorteddir)] = $file;
	closedir ($dirhandle);
  natcasesort ($sorteddir);
  if (!$onlydirs) {
  	foreach ($sorteddir as $file) {
      if (($file != ".") && ($file != "..")) {
        if (!is_dir ($dirname . $file)) {
          if ($parentdir) {
            echo $parentdir . "/" . $file . "\n";
          }
          else {
            echo $file . "\n";
          }
        }
      }
    }
    foreach ($sorteddir as $file) {
      if (($file != ".") && ($file != "..")) {
        if (is_dir ($dirname . $file)) {
          if ($parentdir) {
            opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
          }
          else {
            opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
          }
        }
      }
    }
  }
  else {
    foreach ($sorteddir as $file) {
      if (($file != ".") && ($file != "..")) {
        if (is_dir ($dirname . $file)) {
          if ($parentdir) {
            echo $parentdir . "/" . $file . "\n";
            opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
          }
          else {
            echo $file . "\n";
            opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
          }
        }
      }
    }
  }
}


// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNSmart_Rename ($wantedname, $tries) {
global $opm_realpath;
  $newname = $wantedname;
  $newext = '.' . array_pop (explode ('.', $wantedname));
  for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
    if (!file_exists ($opm_realpath . $newname)) {
      return ($newname);
    }
    else {
      $newdirname = dirname ($wantedname);
      if ($newdirname != ".") {
        $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
      }
      else {
        $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
      }
    }
  }
  return ($wantedname);
}


// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNDebug_Log ($logline) {
global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
  if ($opm_enable_logfile) {
    if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
      $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
      $opm_lfilef = @fopen ($opm_debug_file, 'a');
      if ($opm_lfilef) {
        if ($logline) {
          @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
        }
        else {
          @fwrite ($opm_lfilef, "\n");
        }
        @fclose ($opm_lfilef);
      }
    }
  }
}


// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNmkdirs ($dirname) {
  if (is_dir ($dirname) || empty ($dirname)) return 1;
  if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
  if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
    if (!file_exists($dirname)) {
      return @mkdir ($dirname);
    }
  }
  return 0;
}


// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNExec_Query ($sql_query, $rawdata) {
global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_databegin, $opm_tag_dataend, $opm_encoded_data;
  $result_string = "";
  opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
  $sql_result = tep_db_query ($sql_query);
  while ($sql_record = tep_db_fetch_array ($sql_result)) {
    $sql_fullrec = "";
    if ($rawdata) {
      foreach ($sql_record as $key => $value) {
        $result_string .= $value . "\n";
      }
    }
    else {
      $result_string .= "$opm_tag_recordbegin\n";
      foreach ($sql_record as $key => $value) {
        if ($opm_encoded_data) {
          $encodedfield = base64_encode ($value);
        }
        else {
          $encodedfield = htmlentities ($value);
        }
        $result_string .= $opm_tag_field . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
        $sql_fullrec .= $encodedfield;
      }
      $result_string .= "$opm_tag_recordend " . abs (crc32 ($sql_fullrec)) . "\n";
    }
  }
  return $result_string;
}


// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// Based on code from osCommerce (/admin/backup.php).
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNBackup ($dump_file) {
global $opm_script_version;
  if ($dump_file) {
    $bakfilef = fopen ($dump_file, 'w');
    $bakline  = "# OSCPMWin (server-side $opm_script_version)\n";
    $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
    $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
    fwrite ($bakfilef, $bakline);
    $tables_query = tep_db_query ("show tables");
    while ($tables = tep_db_fetch_array ($tables_query)) {
      list (, $table) = each ($tables);
      $bakline = "drop table if exists $table;\ncreate table $table (\n";
      $table_list = array ();
      $fields_query = tep_db_query ("show fields from $table");
      while ($fields = tep_db_fetch_array($fields_query)) {
        $table_list[] = $fields["Field"];
        $bakline .= "  " . $fields["Field"] . " " . $fields["Type"];
        if (strlen ($fields["Default"]) > 0) $bakline .= " default '" . $fields["Default"] . "'";
        if (strtoupper ($fields["Null"]) != "YES") $bakline .= " not null";
        if (isset ($fields["Extra"])) $bakline .= " " . $fields["Extra"];
        $bakline .= ",\n";
      }
      $bakline = ereg_replace(",\n$", '', $bakline);
      $index = array ();
      $keys_query = tep_db_query ("show keys from $table");
      while ($keys = tep_db_fetch_array ($keys_query)) {
        $kname = $keys["Key_name"];
        if (!isset ($index[$kname])) {
          $index[$kname] = array ("unique" => !$keys["Non_unique"], "columns" => array());
        }
        $index[$kname]["columns"][] = $keys["Column_name"];
      }
      while (list($kname, $info) = each($index)) {
        $bakline .= ",\n";
        $columns = implode($info["columns"], ", ");
        if ($kname == "PRIMARY") {
          $bakline .= "  PRIMARY KEY ($columns)";
        } elseif ($info["unique"]) {
          $bakline .= "  UNIQUE $kname ($columns)";
        } else {
          $bakline .= "  KEY $kname ($columns)";
        }
      }
      $bakline .= "\n);\n\n";
      fwrite ($bakfilef, $bakline);
      $rows_query = tep_db_query ("select " . implode (",", $table_list) . " from $table");
      while ($rows = tep_db_fetch_array ($rows_query)) {
        $bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
        reset ($table_list);
        while (list (, $i) = each ($table_list)) {
          if (!isset ($rows[$i])) {
            $bakline .= "NULL, ";
          } elseif (($rows[$i] != "") && (strtoupper ($rows[$i]) != "NULL")) {
            $row = addslashes ($rows[$i]);
            $row = ereg_replace("\n#", "\n".'\#', $row);
            $bakline .= "'$row', ";
          } else {
            $bakline .= "'', ";
          }
        }
        $bakline = ereg_replace (", $", "", $bakline) . ");\n";
        fwrite ($bakfilef, $bakline);
      }
    }
    fclose ($bakfilef);
  }
}


// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// Compress a file with the gzip algorithm.
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
  if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
    $opm_ungzfp = fopen($opm_gzsource, "rb");
    $opm_gzfp = gzopen($opm_gztarget, "wb9");
    if ($opm_gzfp && $opm_ungzfp) {
      while (!feof ($opm_ungzfp)) {
        gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
      }
      @fclose ($opm_ungzfp);
      @gzclose ($opm_gzfp);
      return (true);
    }
    else {
      @fclose ($opm_ungzfp);
      @gzclose ($opm_gzfp);
      return (false);
    }
  }
  else {
    return (false);
  }
}


// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// Request a page from a web server.
// If using a proxy server, redirect the call thru the proxy.
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNget_webpage ($target_url) {
  global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
  $opm_http_content = "";
  $errno = 0;
  $errstr = "";
  $urlparts = parse_url ($target_url);
  if ($urlparts["host"]) {
    @ignore_user_abort (true);
    if ($opm_cfg_useproxy) {
      $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
    }
    else {
      $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
    }
    if ($opm_sockconn) {
      if ($opm_cfg_useproxy) {
        fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
      }
      else {
        fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
      }
      while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
        $opm_http_content .= fgets ($opm_sockconn, 10240);
      }
      @fclose ($opm_sockconn);
      if (eregi ("HTTP.*200 OK", $opm_http_content)) {
        $opm_http_content = str_replace ("\r", "", $opm_http_content);
        $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
        return ($opm_http_content);
      }
    }
  }
  return ("");
}


?>