"; } // Check if script version is the expected by client. if (($opm_script_version != $opm_reqversion) && ($opm_operation)) { opm_FNDebug_Log ("$opm_error_string 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version."); echo "$opm_error_string 1000 WRONG SCRIPT VERSION"; return; } // Check if the image directory is valid. if (!is_dir ($opm_realpath) && ($opm_operation)) { opm_FNDebug_Log ("$opm_error_string 1010 cannot find the images directory. Expecting $opm_realpath exist."); echo "$opm_error_string 1010 IMAGE DIRECTORY NOT FOUND"; return; } // Connect to database. if (!fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD)) { echo "$opm_error_string 1031 NO DATABASE CONNECTION"; return; } // Get osCommerce DB password and compare it with client password. // Unless no operation is requested. if ($opm_operation) { if ($opm_enable_auth) { if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) { // Check if the client is known... $opm_failed_attempts = 0; $opm_failed_time = time (); $opm_sql_result = fopm_dbquery ("select customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url from " . TABLE_WHOS_ONLINE . " where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'"); if ($opm_sql_record = fopm_dbfetchrow ($opm_sql_result)) { // It is known... if (round (abs ($opm_sql_record[5])) > ($opm_failed_time - $opm_max_tracktime)) { $opm_failed_attempts = round (abs ($opm_sql_record[6])); if ($opm_failed_attempts > $opm_max_failedlogins) { // It is blocked... $opm_failed_time = time () + $opm_max_blocktime; } } else { // We are not tracking it... $opm_failed_attempts = 0; } // Updates the tracking information... $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'"); } else { // Creates a tracking record... $opm_sql_result = fopm_dbquery ("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (0, '$opm_session_string', '$opm_session_string', '$opm_ip_address', '$opm_failed_time', '$opm_failed_time', '0')"); } if ($opm_failed_attempts > $opm_max_failedlogins) { // The client is blocked, show error... opm_FNDebug_Log ("$opm_error_string 1024 the client ($opm_ip_address) has been blocked, too many failed logins ($opm_failed_attempts)."); sleep ($opm_sleep_afterfail); echo "$opm_error_string 1024 BLOCKED"; return; } else { // The client is not blocked, continue... if ($opm_password_override != "") { opm_FNDebug_Log ("Password override is enabled."); $opm_serverpassword = $opm_password_override; for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) { $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp)); } } else { $opm_serverpassword = DB_SERVER_PASSWORD; for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) { $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp)); } } opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword); if ($opm_serverpassword != $opm_passwordhash) { // Password mismatch... opm_FNDebug_Log ("$opm_error_string 1020 the server and client passwords do not match."); $opm_failed_attempts++; opm_FNDebug_Log ("Failed logins from $opm_ip_address = $opm_failed_attempts"); // Update tracking data about this... $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='$opm_failed_attempts' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'"); if ($opm_failed_attempts > 1) { // This is not the first failure, delay a bit... sleep ($opm_sleep_afterfail); } echo "$opm_error_string 1020 PASSWORD MISMATCH"; return; } else { // Password match, reset failures count in tracking data... $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='0' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'"); } } } else { opm_FNDebug_Log ("$opm_error_string 1021 the server password was not found."); echo "$opm_error_string 1021 CANNOT FIND SERVER PASSWORD"; return; } } else { opm_FNDebug_Log ("Password authentication is disabled."); } } else { // If called from a browser, display a simple information page $opm_simpletest_dbok = false; $opm_simpletest_imgok = false; echo "osCommerce Product Manager (OSCPMWin).\n"; echo "\n"; echo "\n"; echo "

osCommerce Product Manager (OSCPMWin),
server-side script $opm_script_version

\n"; $opm_simpletest_dbok = fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD); $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath)); if ($opm_simpletest_dbok && $opm_simpletest_imgok) { echo "
"; } else { echo "
"; } echo ""; if ($opm_simpletest_dbok && $opm_simpletest_imgok) { echo "

Everything seems OK.       :)

\n"; } else { echo "

There seems to be a problem.       :(

\n"; } echo "
"; echo "
"; echo "
"; echo "

©2003-2007 by Mario A. Valdez-Ramirez.
\n"; echo "This program is free software; you can redistribute it and/or modify\n"; echo "it under the terms of the GNU General Public License as published by\n"; echo "the Free Software Foundation; either version 2 of the License, or (at\n"; echo "your option) any later version.

\n"; echo ""; return; } // ================================== // Do nothing. // NOOP do nothing. // ================================== if ($opm_operation == "noop") { echo "$opm_ok_string NOOP START\n"; opm_FNDebug_Log ("$opm_ok_string NOOP requested."); echo "$opm_ok_string NOOP END\n"; } // ================================== // Returns a PHPINFO dump. // PHPINFO returns a dump of the PHPINFO function. // ================================== if ($opm_operation == "phpinfo") { echo "$opm_ok_string PHPINFO START\n"; ob_start (); phpinfo (); $opm_phpinfo = ob_get_contents (); ob_end_clean (); $opm_phpinfo = str_replace ("

", str_repeat ("=", 40) . "\n* ", $opm_phpinfo); $opm_phpinfo = str_replace ("

", "\n" . str_repeat ("=", 40) . "\n", $opm_phpinfo); $opm_phpinfo = str_replace ("", " | ", $opm_phpinfo); $opm_phpinfo = str_replace ("", " | ", $opm_phpinfo); $opm_phpinfo = str_replace ("", " | ", $opm_phpinfo); $opm_phpinfo = strip_tags ($opm_phpinfo); $opm_phpinfo_lines = explode ("\n", $opm_phpinfo); $opm_phpinfo = ""; foreach ($opm_phpinfo_lines as $opm_phpinfo_curline) { $opm_phpinfo_curline = trim ($opm_phpinfo_curline); if ($opm_phpinfo_curline) { $opm_phpinfo .= $opm_phpinfo_curline . "\n"; } } echo $opm_phpinfo; echo "$opm_ok_string PHPINFO END\n"; } // ================================== // CHECK if a file exists. // CHECK requires the full path of the image. // ================================== if ($opm_operation == "check") { if ($opm_filename) { if (file_exists ($opm_realpath . $opm_filename)) { opm_FNDebug_Log ("$opm_ok_string file found $opm_filename."); echo "$opm_ok_string FILE EXISTS"; } else { opm_FNDebug_Log ("$opm_error_string 1110 file not found $opm_filename."); echo "$opm_error_string 1110 FILE NOT FOUND"; } } } // ================================== // LIST all files recursively. // LIST returns the filenames with paths. // ================================== if ($opm_operation == "list") { echo "$opm_ok_string LIST START\n"; opm_FNList_Files ($opm_realpath, "", false); echo "$opm_ok_string LIST END\n"; } // ================================== // LISTDIRS only dirs recursively. // LISTDIRS returns no filenames. // ================================== if ($opm_operation == "listdirs") { echo "$opm_ok_string LISTDIRS START\n"; opm_FNList_Files ($opm_realpath, "", true); echo "$opm_ok_string LISTDIRS END\n"; } // ================================== // DELETE an image. // DELETE requires the filename of the image with path. // DELETE1 deletes the image if less than one record references it. // DELETE2 deletes the image if less than two records reference it. // ================================== if (($opm_operation == "delete1") || ($opm_operation == "delete2")) { if ($opm_operation == "delete1") { $allowed_owners = 1; } else { $allowed_owners = 2; } if ($opm_filename) { // Check for More Pics 6 extension... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6")); if ($opm_sqlresult[0]) { $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'")); } else { $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'")); } if ($opm_sqlresult[0] < $allowed_owners) { if (file_exists ($opm_realpath . $opm_filename)) { if (@unlink ($opm_realpath . $opm_filename)) { if (!file_exists ($opm_realpath . $opm_filename)) { opm_FNDebug_Log ("$opm_ok_string file deleted $opm_filename."); echo "$opm_ok_string DELETE"; } else { opm_FNDebug_Log ("$opm_error_string 1120 file cannot be deleted $opm_filename."); echo "$opm_error_string 1120 DELETE FILE REMAINS"; } } else { opm_FNDebug_Log ("$opm_error_string 1121 when deleting $opm_filename."); echo "$opm_error_string 1121 DELETE UNKNOWN"; } } else { opm_FNDebug_Log ("$opm_ok_string file not found when deleting $opm_filename."); echo "$opm_ok_string DELETE FILE NOT FOUND"; } } else { opm_FNDebug_Log ("$opm_ok_string file is used by other record (" . ($opm_sqlresult[0] - 1) . ")."); echo "$opm_ok_string DELETE FILE IN USE"; } } else { opm_FNDebug_Log ("$opm_ok_string filename empty."); echo "$opm_ok_string DELETE FILENAME EMPTY"; } } // ================================== // UPLOAD an image. // UPLOAD requires the path, without filename, where the image will be stored. // UPLOAD returns the image filename with the path. // ================================== if ($opm_operation == "upload") { if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) { if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) { if ($opm_filename) { $newfn = $opm_filename; } else { $newfn = trim ($_FILES["Fl"]["name"]); } $newfn = str_replace (" ", "_", $newfn); $newfn = str_replace ("/", "", $newfn); $newfn = str_replace ("\\", "", $newfn); $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn); $newfn = strtolower ($newfn); if ($opm_subdir) { if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) { opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir); opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777); } if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) { opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir); $newfn = $opm_subdir . "/" . $newfn; } else { opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir); } } opm_FNDebug_Log ("wanted filename=" . $newfn); $newfn = opm_FNSmart_Rename ($newfn, 100); opm_FNDebug_Log ("smart filename=" . $newfn); opm_FNDebug_Log ("REALPATH=" . $opm_realpath); if (!file_exists ($opm_realpath . $newfn)) { opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn); if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) { opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn); if (file_exists ($opm_realpath . $newfn)) { opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn); @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms)); echo "$opm_ok_string UPLOAD [" . $newfn . "]"; } else { opm_FNDebug_Log ("$opm_error_string 1130 file not copied=" . $opm_realpath . $newfn); echo "$opm_error_string 1130 UPLOAD FILE NOT FOUND"; } } else { opm_FNDebug_Log ("$opm_error_string 1131 file not copied=" . $opm_realpath . $newfn); echo "$opm_error_string 1131 UPLOAD CANNOT MOVE"; } } else { opm_FNDebug_Log ("$opm_error_string 1133 file exist=" . $opm_realpath . $newfn); echo "$opm_error_string 1133 UPLOAD EXIST [" . $newfn . "]"; } } else { opm_FNDebug_Log ("$opm_error_string 1134 cannot find uploaded file!"); echo "$opm_error_string 1134 UPLOAD"; } } } // ================================== // CAPABILITY listing. // CAPABILITY returns a list of identified modules. // ================================== if ($opm_operation == "capa") { opm_FNDebug_Log ("$opm_ok_string Capability search started."); echo "$opm_ok_string CAPABILITY START\n"; echo "OSCSTANDARD\n"; // Credit Card Payment... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string PAY_CC capability found."); echo "PAY_CC\n"; } // Money Order Payment... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string PAY_ORDER capability found."); echo "PAY_ORDER\n"; } // COD Payment... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string PAY_CC capability found."); echo "PAY_CC\n"; } // PayPal Payment... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string PAY_PP capability found."); echo "PAY_PP\n"; } // Flat Rate Shipping... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string SHIP_FLAT capability found."); echo "SHIP_FLAT\n"; } // Table Shipping... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string SHIP_TBL capability found."); echo "SHIP_TBL\n"; } // Store PickUp Shipping... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string SHIP_SPU capability found."); echo "SHIP_SPU\n"; } // Multi Pickup Shipping... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string SHIP_MPU capability found."); echo "SHIP_MPU\n"; } // More Pics 6... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string MOREPICS6 capability found."); echo "MOREPICS6\n"; } // Total B2B... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string TOTALB2B capability found."); echo "TOTALB2B\n"; } // Poll Booth... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string POLLBOOTH capability found."); echo "POLLBOOTH\n"; } // Header Tags Controller... $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string HEADERTAGS capability found."); echo "HEADERTAGS\n"; } // ZenCart... if (defined ("TABLE_EZPAGES")) { $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like '" . TABLE_EZPAGES . "'")); if ($opm_sqlresult[0]) { opm_FNDebug_Log ("$opm_ok_string ZENCART capability found."); echo "ZENCART\n"; } } opm_FNDebug_Log ("$opm_ok_string Capability search finished."); echo "$opm_ok_string CAPABILITY END\n"; } // ================================== // TABLES listing. // TABLES returns the name of database tables. // ================================== if ($opm_operation == "tables") { opm_FNDebug_Log ("$opm_ok_string Tables listing started."); echo "$opm_ok_string TABLES START\n"; // Table names... echo "TABLE_CATEGORIES=" . TABLE_CATEGORIES . "\n"; echo "TABLE_CATEGORIES_DESCRIPTION=" . TABLE_CATEGORIES_DESCRIPTION . "\n"; echo "TABLE_CONFIGURATION=" . TABLE_CONFIGURATION . "\n"; echo "TABLE_CURRENCIES=" . TABLE_CURRENCIES . "\n"; echo "TABLE_LANGUAGES=" . TABLE_LANGUAGES . "\n"; echo "TABLE_MANUFACTURERS=" . TABLE_MANUFACTURERS . "\n"; echo "TABLE_MANUFACTURERS_INFO=" . TABLE_MANUFACTURERS_INFO . "\n"; echo "TABLE_PRODUCTS=" . TABLE_PRODUCTS . "\n"; echo "TABLE_PRODUCTS_DESCRIPTION=" . TABLE_PRODUCTS_DESCRIPTION . "\n"; echo "TABLE_PRODUCTS_TO_CATEGORIES=" . TABLE_PRODUCTS_TO_CATEGORIES . "\n"; echo "TABLE_SPECIALS=" . TABLE_SPECIALS . "\n"; echo "TABLE_TAX_CLASS=" . TABLE_TAX_CLASS . "\n"; echo "TABLE_TAX_RATES=" . TABLE_TAX_RATES . "\n"; opm_FNDebug_Log ("$opm_ok_string Tables listing finished."); echo "$opm_ok_string TABLES END\n"; } // ================================== // BACKUP database. // BACKUP returns a SQL dump. // ================================== if ($opm_operation == "backup") { opm_FNDebug_Log ("$opm_ok_string Backup of database requested."); $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql"; opm_FNBackup ($opm_realpath . $opm_bak_filename); if (file_exists ($opm_realpath . $opm_bak_filename)) { opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz"); if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) { $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz"); header ("Content-type: application/octet-stream"); header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz"); header("Content-Length: " . $opm_bak_filesize); header ("Pragma: no-store"); readfile ($opm_realpath . $opm_bak_filename . ".gz"); @unlink ($opm_realpath . $opm_bak_filename . ".gz"); opm_FNDebug_Log ("$opm_ok_string Deleting compressed backup file."); } @unlink ($opm_realpath . $opm_bak_filename); opm_FNDebug_Log ("$opm_ok_string Deleting uncompressed backup file."); } else { opm_FNDebug_Log ("$opm_error_string 1140 Backup file not found."); } opm_FNDebug_Log ("$opm_ok_string Backup operation finished."); } // ================================== // Get XCHGRATES. // XCHGRATES returns the exchange rates of currencies. // ================================== if ($opm_operation == "xchgrates") { opm_FNDebug_Log ("$opm_ok_string Starting XCHGRATES operation."); if ($opm_filename) { $opm_filename = strtoupper ($opm_filename); $opm_main_currency = substr ($opm_filename, 0, 3); $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4)); if (($opm_main_currency) && ($opm_xchange_currencies)) { $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1"; $opm_page_data = opm_FNget_webpage ($opm_xchange_page); if ($opm_page_data) { $opm_page_data = strip_tags ($opm_page_data); $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data); $opm_xr_matches = array (); preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches); echo "$opm_ok_string XCHGRATES START\n"; foreach ($opm_xr_matches[2] as $key => $value) { echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n"; } echo "$opm_ok_string XCHGRATES END\n"; } else { opm_FNDebug_Log ("$opm_error_string 1150 The remote server answer is empty or invalid."); echo "$opm_error_string 1150 XCHGRATES REMOTE SERVER ERROR"; } } else { opm_FNDebug_Log ("$opm_error_string 1151 The specified currency codes are invalid."); echo "$opm_error_string 1151 XCHGRATES INVALID CURRENCY"; } } else { opm_FNDebug_Log ("$opm_error_string 1152 The no currency codes were specified."); echo "$opm_error_string 1152 XCHGRATES EMPTY CURRENCY"; } } // ================================== // Execute DBQUERY. // DBQUERY returns ... // ================================== if ($opm_operation == "dbquery") { opm_FNDebug_Log ("$opm_ok_string Starting DBQUERY operation."); if ($opm_query) { $opm_query_result = opm_FNExec_Query ($opm_query, false, true, $opm_enable_recordsetlog); if (substr ($opm_query_result, 0, strlen ($opm_error_string)) != $opm_error_string) { echo "$opm_ok_string DBQUERY START\n"; echo $opm_query_result; echo "$opm_ok_string DBQUERY END\n"; } else { echo $opm_query_result; } } else { opm_FNDebug_Log ("$opm_error_string 1171 The database query is empty."); echo "$opm_error_string 1171 DBQUERY EMPTY DATABASE QUERY"; } opm_FNDebug_Log ("$opm_ok_string Finishing DBQUERY operation."); } if ($opm_browser_debug) { echo ""; } return; // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function opm_FNList_Files ($dirname, $parentdir, $onlydirs) { $dirhandle = opendir ($dirname); while (($file = readdir ($dirhandle)) != false) $sorteddir[count ($sorteddir)] = $file; closedir ($dirhandle); natcasesort ($sorteddir); if (!$onlydirs) { foreach ($sorteddir as $file) { if (($file != ".") && ($file != "..")) { if (!is_dir ($dirname . $file)) { if ($parentdir) { echo $parentdir . "/" . $file . "\n"; } else { echo $file . "\n"; } } } } foreach ($sorteddir as $file) { if (($file != ".") && ($file != "..")) { if (is_dir ($dirname . $file)) { if ($parentdir) { opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs); } else { opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs); } } } } } else { foreach ($sorteddir as $file) { if (($file != ".") && ($file != "..")) { if (is_dir ($dirname . $file)) { if ($parentdir) { echo $parentdir . "/" . $file . "\n"; opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs); } else { echo $file . "\n"; opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs); } } } } } } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function opm_FNSmart_Rename ($wantedname, $tries) { global $opm_realpath; $newname = $wantedname; $newext = '.' . array_pop (explode ('.', $wantedname)); for ($trycounter = 1; $trycounter <= $tries; $trycounter++) { if (!file_exists ($opm_realpath . $newname)) { return ($newname); } else { $newdirname = dirname ($wantedname); if ($newdirname != ".") { $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext; } else { $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext; } } } return ($wantedname); } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function opm_FNDebug_Log ($logline) { global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift; if ($opm_enable_logfile) { if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) { $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))); $opm_lfilef = @fopen ($opm_debug_file, 'a'); if ($opm_lfilef) { if ($logline) { @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n"); } else { @fwrite ($opm_lfilef, "\n"); } @fclose ($opm_lfilef); } } } } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // Based on code posted on php.net by saint@corenova.com and bart@cdasites.com // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function opm_FNmkdirs ($dirname) { if (is_dir ($dirname) || empty ($dirname)) return 1; if (file_exists ($dirname) && !is_dir ($dirname)) return 0; if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) { if (!file_exists($dirname)) { return @mkdir ($dirname, 0777); } } return 0; } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false, $logdata = false) { global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_cfield, $opm_tag_fieldlist; global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats, $opm_error_string; global $opm_compress, $opm_compress_level; $result_string = ""; $record_count = 0; $query_type = strtoupper (substr ($sql_query, 0, strpos ($sql_query, " "))); opm_FNDebug_Log ("SQLQUERY=" . $sql_query); $sql_result = fopm_dbquery ($sql_query); if ($sql_result) { if (($query_type == "SELECT") || ($query_type == "SHOW") || ($query_type == "DESCRIBE")) { while ($sql_record = fopm_dbfetchrow ($sql_result)) { $record_count++; $sql_fullrec = ""; if ($rawdata) { foreach ($sql_record as $fielddata) { $result_string .= $fielddata . "\n"; } } else { $result_string .= "$opm_tag_recordbegin\n"; foreach ($sql_record as $fielddata) { if ($encodeddata) { $encodedfield = base64_encode ($fielddata); } else { $encodedfield = htmlentities ($fielddata); } $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n"; $sql_fullrec .= $encodedfield; } $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n"; } } } elseif ($query_type == "INSERT") { $sql_result = fopm_dblastid (); $record_count = 1; $sql_fullrec = ""; if ($rawdata) { $result_string .= $sql_result . "\n"; } else { $result_string .= "$opm_tag_recordbegin\n"; if ($encodeddata) { $encodedfield = base64_encode ($sql_result); } else { $encodedfield = htmlentities ($sql_result); } $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n"; $sql_fullrec .= $encodedfield; $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n"; } } } else { opm_FNDebug_Log ("$opm_error_string 2200 Error in SQL query: " . fopm_dberror () . "."); $result_string = "$opm_error_string 2200 : ERROR IN SQL QUERY: " . fopm_dberror () . "."; return $result_string; } if ($logdata) { opm_FNDebug_Log ("RECORDSET=\n$result_string\n"); } if (!$rawdata) { if ($opm_compress) { opm_FNDebug_Log ("RECORDSET SIZE (UNCOMPRESSED)=" . strlen ($result_string)); $result_string = base64_encode (gzcompress ($result_string, $opm_compress_level)) . "\n"; } } opm_FNDebug_Log ("RECORDSET SIZE=" . strlen ($result_string)); return $result_string; } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // Based on code from osCommerce (/admin/backup.php). // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function opm_FNBackup ($dump_file) { global $opm_script_version; if ($dump_file) { $bakfilef = fopen ($dump_file, 'w'); $bakline = "############################################################################\n"; $bakline .= "# OSCPMWin (server-side $opm_script_version)\n"; $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n"; $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n"; $bakline .= "############################################################################\n\n"; fwrite ($bakfilef, $bakline); $tables_query = fopm_dbquery ("show tables"); while ($tables = fopm_dbfetchrow ($tables_query)) { $table = $tables[0]; $bakline = "\n\n############################################################################\n"; $bakline .= "# " . strtoupper ($table) . "\n"; $bakline .= "############################################################################\n\n"; $bakline .= "drop table if exists $table;\ncreate table $table (\n"; $table_list = array (); $fields_query = fopm_dbquery ("show fields from $table"); while ($fields = fopm_dbfetchrow ($fields_query)) { $table_list[] = $fields[0]; $bakline .= " " . $fields[0] . " " . $fields[1]; if (strlen ($fields[4]) > 0) $bakline .= " default '" . $fields[4] . "'"; if (strtoupper ($fields[2]) != "YES") $bakline .= " not null"; if (isset ($fields[5])) $bakline .= " " . $fields[5]; $bakline .= ",\n"; } $bakline = ereg_replace(",\n$", '', $bakline); $index = array (); $keys_query = fopm_dbquery ("show keys from $table"); while ($keys = fopm_dbfetchrow ($keys_query)) { $kname = $keys[2]; if (!isset ($index[$kname])) { $index[$kname] = array ("unique" => !$keys[1], "columns" => array()); } $index[$kname]["columns"][] = $keys[4]; } while (list($kname, $info) = each($index)) { $bakline .= ",\n"; $columns = implode($info["columns"], ", "); if ($kname == "PRIMARY") { $bakline .= " PRIMARY KEY ($columns)"; } elseif ($info["unique"]) { $bakline .= " UNIQUE $kname ($columns)"; } else { $bakline .= " KEY $kname ($columns)"; } } $bakline .= "\n);\n\n"; fwrite ($bakfilef, $bakline); $rows_query = fopm_dbquery ("select " . implode (",", $table_list) . " from $table"); while ($rows = fopm_dbfetchrow ($rows_query)) { $bakline = "insert into $table (" . implode (", ", $table_list) . ") values ("; for ($curfield = 0; $curfield < count ($table_list); $curfield++) { if (!isset ($rows[$curfield])) { $bakline .= "NULL, "; } elseif (($rows[$curfield] != "") && (strtoupper ($rows[$curfield]) != "NULL")) { $row = addslashes ($rows[$curfield]); $row = ereg_replace("\n#", "\n".'\#', $row); $bakline .= "'$row', "; } else { $bakline .= "'', "; } } $bakline = ereg_replace (", $", "", $bakline) . ");\n"; fwrite ($bakfilef, $bakline); } } fclose ($bakfilef); } } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // Compress a file with the gzip algorithm. // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) { if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) { $opm_ungzfp = fopen($opm_gzsource, "rb"); $opm_gzfp = gzopen($opm_gztarget, "wb9"); if ($opm_gzfp && $opm_ungzfp) { while (!feof ($opm_ungzfp)) { gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535)); } @fclose ($opm_ungzfp); @gzclose ($opm_gzfp); return (true); } else { @fclose ($opm_ungzfp); @gzclose ($opm_gzfp); return (false); } } else { return (false); } } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // Request a page from a web server. // If using a proxy server, redirect the call thru the proxy. // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function opm_FNget_webpage ($target_url) { global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport; $opm_http_content = ""; $errno = 0; $errstr = ""; $urlparts = parse_url ($target_url); if ($urlparts["host"]) { @ignore_user_abort (true); if ($opm_cfg_useproxy) { $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout); } else { $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout); } if ($opm_sockconn) { if ($opm_cfg_useproxy) { fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n"); } else { fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n"); } while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) { $opm_http_content .= fgets ($opm_sockconn, 10240); } @fclose ($opm_sockconn); if (eregi ("HTTP.*200 OK", $opm_http_content)) { $opm_http_content = str_replace ("\r", "", $opm_http_content); $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2); return ($opm_http_content); } } } return (""); } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function fopm_dbconnect ($dbhost, $dbname, $dbusername, $dbpassword) { global $opm_db_handle, $opm_error_string; $opm_db_handle = false; if ($dbhost && $dbname && $dbusername) { if (function_exists ("mysql_connect")) { $opm_db_handle = @mysql_connect ($dbhost, $dbusername, $dbpassword); $database = @mysql_select_db ($dbname); if (!$opm_db_handle or (isset ($database) and !$database)) { opm_FNDebug_Log ("$opm_error_string 2000 Cannot connect to the database $dbname@$dbhost as $dbusername."); } else { return (true); } } else { opm_FNDebug_Log ("$opm_error_string 2010 Without support in PHP for MySQL."); echo "$opm_error_string 2010 PHP WITHOUT MYSQL SUPPORT."; } } else { opm_FNDebug_Log ("$opm_error_string 2020 Missing database connection parameters."); echo "$opm_error_string 2020 MISSING DB CONNECTION PARAMETERS."; } return (false); } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function fopm_dbquery ($query) { global $opm_db_handle, $opm_error_string; if ($opm_db_handle) { return (@mysql_query ($query)); } else { opm_FNDebug_Log ("$opm_error_string 2100 The provided database link is not connected."); echo "$opm_error_string 2100 DB LINK WITHOUT CONNECTION."; } } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function fopm_dberror () { global $opm_db_handle; if ($opm_db_handle) { return (mysql_errno ($opm_db_handle) . "=" . @mysql_error ($opm_db_handle)); } } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function fopm_dbfetchrow ($result) { global $opm_db_handle; return (mysql_fetch_row ($result)); } // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% function fopm_dblastid () { global $opm_db_handle; $result9 = fopm_dbquery ("select last_insert_id()"); $row9 = fopm_dbfetchrow ($result9); if ($row9) { return ($row9[0]); } else { return (0); } } ?>