<?php
// osCommerce Product Manager for Windows (oscpmwin).
// Copyright ©2003-2007 by Mario A. Valdez-Ramirez.
// You can contact Mario A. Valdez-Ramirez
// by email at mario@mariovaldez.org or paper mail at
// Olmos 809, San Nicolas, NL. 66495, Mexico.
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or (at
// your option) any later version.
// This program is distributed in the hope that it will be useful, but
// WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
// ==================================
// Start of configuration options...
// ==================================
$opm_images_directory = "images/";
$opm_enable_logfile = false;
$opm_enable_extralog = false;
$opm_enable_recordsetlog = false;
$opm_debug_file = "opm_debug.txt";
$opm_browser_debug = false;
$opm_enable_auth = true;
$opm_password_override = "";
$opm_upload_perms = "0644";
$opm_timezone_shift = 0;
$opm_allow_compression = true;
$opm_compress_level = 1;
$opm_cfg_useproxy = false;
$opm_cfg_proxyaddress = "192.168.0.1";
$opm_cfg_proxyport = 3128;
// ==================================
// End of configuration options...
// ==================================
$opm_httpconn_timeout = 60; // 60 seconds
$opm_tag_recordbegin = "BR"; // BR
$opm_tag_recordend = "ER"; // ER
$opm_tag_field = "DF"; // DF
$opm_tag_databegin = "["; // [
$opm_tag_dataend = "]"; // ]
$opm_tag_comment = "#"; // #
$opm_tag_stats = "ST"; // ST
$opm_tag_fieldlist = "FL"; // FL
$opm_ok_string = "MVOSCPM1_NOERROR";
$opm_error_string = "MVOSCPM1_ERROR";
$opm_session_string = "OSCPMCHECKER";
$opm_max_failedlogins = 8; // Max logins before blocking the client.
$opm_max_blocktime = 3600; // Time a client is blocked after too many failures.
$opm_max_tracktime = 900; // Time to store the login history of each client.
$opm_sleep_afterfail = 15; // Delay when login fails.
$opm_hash_strengh = 100;
$opm_script_version = "0.9.6";
error_reporting(E_ALL & ~E_NOTICE);
$opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
$opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
$opm_tmposname = explode (" ", php_uname ());
$opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];
@set_time_limit (300);
if (!$opm_upload_perms) {
$opm_upload_perms = "0600";
}
$opm_ip_address = $_SERVER["REMOTE_ADDR"];
if (!$opm_ip_address) {
$opm_ip_address = $HTTP_SERVER_VARS["REMOTE_ADDR"];
if (!$opm_ip_address) {
$opm_ip_address = $_ENV["REMOTE_ADDR"];
if (!$opm_ip_address) {
$opm_ip_address = getenv("REMOTE_ADDR");
}
else $opm_ip_address = "";
}
}
$opm_db_handle = false;
// Get all parameters about the request.
if (!$opm_browser_debug) {
$opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
$opm_operation = strtolower (trim ($_POST["Op"]));
$opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
$opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
$opm_query = base64_decode (trim ($_POST["Qy"]));
$opm_reqversion = trim ($_POST["Vn"]);
$opm_logintimestamp = trim ($_POST["TS"]);
$opm_compress = abs ($_POST["Gz"]);
}
else {
$opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
$opm_operation = strtolower (trim ($_GET["Op"]));
$opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
$opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
$opm_query = trim ($_GET["Qy"]);
$opm_reqversion = trim ($_GET["Vn"]);
$opm_logintimestamp = trim ($_GET["TS"]);
$opm_compress = abs ($_GET["Gz"]);
}
if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
$opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
}
$opm_compress = ($opm_compress && $opm_allow_compression);
// If timestamp is empty, create a dummy to force an authentication failure.
if (strlen ($opm_logintimestamp) < 15) {
$opm_logintimestamp = date ("YmdHis");
}
/*
Note on parameters:
When the operation needs a parameter, it shold be send using
either FN or QY (Filename or Query). The difference is that
FN is cleaned (deleting slashes, dots and spaces) while QY
is not cleaned. However, QY is always Base64-encoded.
*/
// Log basic information about the request.
if ($opm_enable_extralog) {
if (!$opm_browser_debug) {
opm_FNDebug_Log (print_r ($_POST, true));
}
else {
opm_FNDebug_Log (print_r ($_GET, true));
}
}
else {
opm_FNDebug_Log ("");
}
opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
opm_FNDebug_Log ("OPERATION=" . $opm_operation);
opm_FNDebug_Log ("FILENAME=" . $opm_filename);
opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
opm_FNDebug_Log ("QUERY=" . $opm_query);
opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);
opm_FNDebug_Log ("COMPRESS=" . $opm_compress);
// Include osCommerce database configuration and functions.
require ("includes/configure.php");
require (DIR_WS_INCLUDES . "database_tables.php");
if ($opm_browser_debug) { echo "<pre>"; }
// Check if script version is the expected by client.
if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
opm_FNDebug_Log ("$opm_error_string 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
echo "$opm_error_string 1000 WRONG SCRIPT VERSION";
return;
}
// Check if the image directory is valid.
if (!is_dir ($opm_realpath) && ($opm_operation)) {
opm_FNDebug_Log ("$opm_error_string 1010 cannot find the images directory. Expecting $opm_realpath exist.");
echo "$opm_error_string 1010 IMAGE DIRECTORY NOT FOUND";
return;
}
// Connect to database.
if (!fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD)) {
echo "$opm_error_string 1031 NO DATABASE CONNECTION";
return;
}
// Get osCommerce DB password and compare it with client password.
// Unless no operation is requested.
if ($opm_operation) {
if ($opm_enable_auth) {
if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
// Check if the client is known...
$opm_failed_attempts = 0;
$opm_failed_time = time ();
$opm_sql_result = fopm_dbquery ("select customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url from " . TABLE_WHOS_ONLINE . " where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
if ($opm_sql_record = fopm_dbfetchrow ($opm_sql_result)) {
// It is known...
if (round (abs ($opm_sql_record[5])) > ($opm_failed_time - $opm_max_tracktime)) {
$opm_failed_attempts = round (abs ($opm_sql_record[6]));
if ($opm_failed_attempts > $opm_max_failedlogins) {
// It is blocked...
$opm_failed_time = time () + $opm_max_blocktime;
}
}
else {
// We are not tracking it...
$opm_failed_attempts = 0;
}
// Updates the tracking information...
$opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
}
else {
// Creates a tracking record...
$opm_sql_result = fopm_dbquery ("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (0, '$opm_session_string', '$opm_session_string', '$opm_ip_address', '$opm_failed_time', '$opm_failed_time', '0')");
}
if ($opm_failed_attempts > $opm_max_failedlogins) {
// The client is blocked, show error...
opm_FNDebug_Log ("$opm_error_string 1024 the client ($opm_ip_address) has been blocked, too many failed logins ($opm_failed_attempts).");
sleep ($opm_sleep_afterfail);
echo "$opm_error_string 1024 BLOCKED";
return;
}
else {
// The client is not blocked, continue...
if ($opm_password_override != "") {
opm_FNDebug_Log ("Password override is enabled.");
$opm_serverpassword = $opm_password_override;
for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
$opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
}
}
else {
$opm_serverpassword = DB_SERVER_PASSWORD;
for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
$opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
}
}
opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
if ($opm_serverpassword != $opm_passwordhash) {
// Password mismatch...
opm_FNDebug_Log ("$opm_error_string 1020 the server and client passwords do not match.");
$opm_failed_attempts++;
opm_FNDebug_Log ("Failed logins from $opm_ip_address = $opm_failed_attempts");
// Update tracking data about this...
$opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='$opm_failed_attempts' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
if ($opm_failed_attempts > 1) {
// This is not the first failure, delay a bit...
sleep ($opm_sleep_afterfail);
}
echo "$opm_error_string 1020 PASSWORD MISMATCH";
return;
}
else {
// Password match, reset failures count in tracking data...
$opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='0' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
}
}
}
else {
opm_FNDebug_Log ("$opm_error_string 1021 the server password was not found.");
echo "$opm_error_string 1021 CANNOT FIND SERVER PASSWORD";
return;
}
}
else {
opm_FNDebug_Log ("Password authentication is disabled.");
}
}
else {
// If called from a browser, display a simple information page
$opm_simpletest_dbok = false;
$opm_simpletest_imgok = false;
echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
echo "LI { padding: 5px; }\n";
echo "H3 { padding: 5px 5px 5px 20px; }\n";
echo "A { color: #0000FF; text-decoration: none; }\n";
echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
echo ".ok { background-color: #CCFFCC; }\n";
echo ".notok { background-color: #FFCCCC; }\n";
echo ".info { background-color: #EEEEFF; }\n";
echo ".links { background-color: #EEEEEE; }\n";
echo "</style>\n";
echo "</head><body>\n";
echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
$opm_simpletest_dbok = fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
$opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
echo "<div class=\"ok\">";
}
else {
echo "<div class=\"notok\">";
}
echo "<ul>\n";
if ($opm_simpletest_dbok) {
echo "<li><strong>Database connection seems OK.</strong></li>\n";
}
else {
echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
}
if ($opm_simpletest_imgok) {
echo "<li><strong>Image directory seems OK.</strong></li>\n";
}
else {
echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
}
echo "</ul>";
if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
echo "<h3><strong>Everything seems OK. :)</strong></h3>\n";
}
else {
echo "<h3><strong>There seems to be a problem. :(</strong></h3>\n";
}
echo "</div>";
echo "<div class=\"info\"><ul>";
if ($opm_browser_debug) {
echo "<li>Browser-debug mode is enabled.";
}
else {
echo "<li>Browser-debug mode is disabled";
}
echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";
if ($opm_enable_logfile) {
echo "<li>Logging file is enabled.";
}
else {
echo "<li>Logging file is disabled";
}
echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";
if ($opm_cfg_useproxy) {
echo "<li>Proxy-usage is enabled.";
}
else {
echo "<li>Proxy-usage is disabled";
}
echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
if ($opm_allow_compression) {
echo "<li>Compression is enabled.";
}
else {
echo "<li>Compression is disabled";
}
echo "<br><small>Compression of data traffic improves the speed of the data transfer. The compression level is set to $opm_compress_level. This setting is not enforced unless the client application request a compressed data stream too.</small></li>\n";
echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
echo "</ul></div>";
echo "<div class=\"links\"><ul>";
echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
echo "</ul></div>";
echo "<p><small>©2003-2007 by Mario A. Valdez-Ramirez.<br>\n";
echo "This program is free software; you can redistribute it and/or modify\n";
echo "it under the terms of the GNU General Public License as published by\n";
echo "the Free Software Foundation; either version 2 of the License, or (at\n";
echo "your option) any later version.</small></p>\n";
echo "</body></html>";
return;
}
// ==================================
// Do nothing.
// NOOP do nothing.
// ==================================
if ($opm_operation == "noop") {
echo "$opm_ok_string NOOP START\n";
opm_FNDebug_Log ("$opm_ok_string NOOP requested.");
echo "$opm_ok_string NOOP END\n";
}
// ==================================
// Returns a PHPINFO dump.
// PHPINFO returns a dump of the PHPINFO function.
// ==================================
if ($opm_operation == "phpinfo") {
echo "$opm_ok_string PHPINFO START\n";
ob_start ();
phpinfo ();
$opm_phpinfo = ob_get_contents ();
ob_end_clean ();
$opm_phpinfo = str_replace ("<h2>", str_repeat ("=", 40) . "\n* ", $opm_phpinfo);
$opm_phpinfo = str_replace ("</h2>", "\n" . str_repeat ("=", 40) . "\n", $opm_phpinfo);
$opm_phpinfo = str_replace ("<th>", " | ", $opm_phpinfo);
$opm_phpinfo = str_replace ("</th>", " | ", $opm_phpinfo);
$opm_phpinfo = str_replace ("<td class=\"v\">", " | ", $opm_phpinfo);
$opm_phpinfo = strip_tags ($opm_phpinfo);
$opm_phpinfo_lines = explode ("\n", $opm_phpinfo);
$opm_phpinfo = "";
foreach ($opm_phpinfo_lines as $opm_phpinfo_curline) {
$opm_phpinfo_curline = trim ($opm_phpinfo_curline);
if ($opm_phpinfo_curline) {
$opm_phpinfo .= $opm_phpinfo_curline . "\n";
}
}
echo $opm_phpinfo;
echo "$opm_ok_string PHPINFO END\n";
}
// ==================================
// CHECK if a file exists.
// CHECK requires the full path of the image.
// ==================================
if ($opm_operation == "check") {
if ($opm_filename) {
if (file_exists ($opm_realpath . $opm_filename)) {
opm_FNDebug_Log ("$opm_ok_string file found $opm_filename.");
echo "$opm_ok_string FILE EXISTS";
}
else {
opm_FNDebug_Log ("$opm_error_string 1110 file not found $opm_filename.");
echo "$opm_error_string 1110 FILE NOT FOUND";
}
}
}
// ==================================
// LIST all files recursively.
// LIST returns the filenames with paths.
// ==================================
if ($opm_operation == "list") {
echo "$opm_ok_string LIST START\n";
opm_FNList_Files ($opm_realpath, "", false);
echo "$opm_ok_string LIST END\n";
}
// ==================================
// LISTDIRS only dirs recursively.
// LISTDIRS returns no filenames.
// ==================================
if ($opm_operation == "listdirs") {
echo "$opm_ok_string LISTDIRS START\n";
opm_FNList_Files ($opm_realpath, "", true);
echo "$opm_ok_string LISTDIRS END\n";
}
// ==================================
// DELETE an image.
// DELETE requires the filename of the image with path.
// DELETE1 deletes the image if less than one record references it.
// DELETE2 deletes the image if less than two records reference it.
// ==================================
if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
if ($opm_operation == "delete1") {
$allowed_owners = 1;
}
else {
$allowed_owners = 2;
}
if ($opm_filename) {
// Check for More Pics 6 extension...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
if ($opm_sqlresult[0]) {
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'"));
}
else {
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'"));
}
if ($opm_sqlresult[0] < $allowed_owners) {
if (file_exists ($opm_realpath . $opm_filename)) {
if (@unlink ($opm_realpath . $opm_filename)) {
if (!file_exists ($opm_realpath . $opm_filename)) {
opm_FNDebug_Log ("$opm_ok_string file deleted $opm_filename.");
echo "$opm_ok_string DELETE";
}
else {
opm_FNDebug_Log ("$opm_error_string 1120 file cannot be deleted $opm_filename.");
echo "$opm_error_string 1120 DELETE FILE REMAINS";
}
}
else {
opm_FNDebug_Log ("$opm_error_string 1121 when deleting $opm_filename.");
echo "$opm_error_string 1121 DELETE UNKNOWN";
}
}
else {
opm_FNDebug_Log ("$opm_ok_string file not found when deleting $opm_filename.");
echo "$opm_ok_string DELETE FILE NOT FOUND";
}
}
else {
opm_FNDebug_Log ("$opm_ok_string file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
echo "$opm_ok_string DELETE FILE IN USE";
}
}
else {
opm_FNDebug_Log ("$opm_ok_string filename empty.");
echo "$opm_ok_string DELETE FILENAME EMPTY";
}
}
// ==================================
// UPLOAD an image.
// UPLOAD requires the path, without filename, where the image will be stored.
// UPLOAD returns the image filename with the path.
// ==================================
if ($opm_operation == "upload") {
if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
if ($opm_filename) {
$newfn = $opm_filename;
}
else {
$newfn = trim ($_FILES["Fl"]["name"]);
}
$newfn = str_replace (" ", "_", $newfn);
$newfn = str_replace ("/", "", $newfn);
$newfn = str_replace ("\\", "", $newfn);
$newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
$newfn = strtolower ($newfn);
if ($opm_subdir) {
if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
}
if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
$newfn = $opm_subdir . "/" . $newfn;
}
else {
opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
}
}
opm_FNDebug_Log ("wanted filename=" . $newfn);
$newfn = opm_FNSmart_Rename ($newfn, 100);
opm_FNDebug_Log ("smart filename=" . $newfn);
opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
if (!file_exists ($opm_realpath . $newfn)) {
opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
if (file_exists ($opm_realpath . $newfn)) {
opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
@chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
echo "$opm_ok_string UPLOAD [" . $newfn . "]";
}
else {
opm_FNDebug_Log ("$opm_error_string 1130 file not copied=" . $opm_realpath . $newfn);
echo "$opm_error_string 1130 UPLOAD FILE NOT FOUND";
}
}
else {
opm_FNDebug_Log ("$opm_error_string 1131 file not copied=" . $opm_realpath . $newfn);
echo "$opm_error_string 1131 UPLOAD CANNOT MOVE";
}
}
else {
opm_FNDebug_Log ("$opm_error_string 1133 file exist=" . $opm_realpath . $newfn);
echo "$opm_error_string 1133 UPLOAD EXIST [" . $newfn . "]";
}
}
else {
opm_FNDebug_Log ("$opm_error_string 1134 cannot find uploaded file!");
echo "$opm_error_string 1134 UPLOAD";
}
}
}
// ==================================
// CAPABILITY listing.
// CAPABILITY returns a list of identified modules.
// ==================================
if ($opm_operation == "capa") {
opm_FNDebug_Log ("$opm_ok_string Capability search started.");
echo "$opm_ok_string CAPABILITY START\n";
echo "OSCSTANDARD\n";
// Credit Card Payment...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string PAY_CC capability found.");
echo "PAY_CC\n";
}
// Money Order Payment...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string PAY_ORDER capability found.");
echo "PAY_ORDER\n";
}
// COD Payment...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string PAY_CC capability found.");
echo "PAY_CC\n";
}
// PayPal Payment...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string PAY_PP capability found.");
echo "PAY_PP\n";
}
// Flat Rate Shipping...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string SHIP_FLAT capability found.");
echo "SHIP_FLAT\n";
}
// Table Shipping...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string SHIP_TBL capability found.");
echo "SHIP_TBL\n";
}
// Store PickUp Shipping...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string SHIP_SPU capability found.");
echo "SHIP_SPU\n";
}
// Multi Pickup Shipping...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string SHIP_MPU capability found.");
echo "SHIP_MPU\n";
}
// More Pics 6...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string MOREPICS6 capability found.");
echo "MOREPICS6\n";
}
// Total B2B...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string TOTALB2B capability found.");
echo "TOTALB2B\n";
}
// Poll Booth...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string POLLBOOTH capability found.");
echo "POLLBOOTH\n";
}
// Header Tags Controller...
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string HEADERTAGS capability found.");
echo "HEADERTAGS\n";
}
// ZenCart...
if (defined ("TABLE_EZPAGES")) {
$opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like '" . TABLE_EZPAGES . "'"));
if ($opm_sqlresult[0]) {
opm_FNDebug_Log ("$opm_ok_string ZENCART capability found.");
echo "ZENCART\n";
}
}
opm_FNDebug_Log ("$opm_ok_string Capability search finished.");
echo "$opm_ok_string CAPABILITY END\n";
}
// ==================================
// TABLES listing.
// TABLES returns the name of database tables.
// ==================================
if ($opm_operation == "tables") {
opm_FNDebug_Log ("$opm_ok_string Tables listing started.");
echo "$opm_ok_string TABLES START\n";
// Table names...
echo "TABLE_CATEGORIES=" . TABLE_CATEGORIES . "\n";
echo "TABLE_CATEGORIES_DESCRIPTION=" . TABLE_CATEGORIES_DESCRIPTION . "\n";
echo "TABLE_CONFIGURATION=" . TABLE_CONFIGURATION . "\n";
echo "TABLE_CURRENCIES=" . TABLE_CURRENCIES . "\n";
echo "TABLE_LANGUAGES=" . TABLE_LANGUAGES . "\n";
echo "TABLE_MANUFACTURERS=" . TABLE_MANUFACTURERS . "\n";
echo "TABLE_MANUFACTURERS_INFO=" . TABLE_MANUFACTURERS_INFO . "\n";
echo "TABLE_PRODUCTS=" . TABLE_PRODUCTS . "\n";
echo "TABLE_PRODUCTS_DESCRIPTION=" . TABLE_PRODUCTS_DESCRIPTION . "\n";
echo "TABLE_PRODUCTS_TO_CATEGORIES=" . TABLE_PRODUCTS_TO_CATEGORIES . "\n";
echo "TABLE_SPECIALS=" . TABLE_SPECIALS . "\n";
echo "TABLE_TAX_CLASS=" . TABLE_TAX_CLASS . "\n";
echo "TABLE_TAX_RATES=" . TABLE_TAX_RATES . "\n";
opm_FNDebug_Log ("$opm_ok_string Tables listing finished.");
echo "$opm_ok_string TABLES END\n";
}
// ==================================
// BACKUP database.
// BACKUP returns a SQL dump.
// ==================================
if ($opm_operation == "backup") {
opm_FNDebug_Log ("$opm_ok_string Backup of database requested.");
$opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
opm_FNBackup ($opm_realpath . $opm_bak_filename);
if (file_exists ($opm_realpath . $opm_bak_filename)) {
opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
$opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
header ("Content-type: application/octet-stream");
header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
header("Content-Length: " . $opm_bak_filesize);
header ("Pragma: no-store");
readfile ($opm_realpath . $opm_bak_filename . ".gz");
@unlink ($opm_realpath . $opm_bak_filename . ".gz");
opm_FNDebug_Log ("$opm_ok_string Deleting compressed backup file.");
}
@unlink ($opm_realpath . $opm_bak_filename);
opm_FNDebug_Log ("$opm_ok_string Deleting uncompressed backup file.");
}
else {
opm_FNDebug_Log ("$opm_error_string 1140 Backup file not found.");
}
opm_FNDebug_Log ("$opm_ok_string Backup operation finished.");
}
// ==================================
// Get XCHGRATES.
// XCHGRATES returns the exchange rates of currencies.
// ==================================
if ($opm_operation == "xchgrates") {
opm_FNDebug_Log ("$opm_ok_string Starting XCHGRATES operation.");
if ($opm_filename) {
$opm_filename = strtoupper ($opm_filename);
$opm_main_currency = substr ($opm_filename, 0, 3);
$opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
if (($opm_main_currency) && ($opm_xchange_currencies)) {
$opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
$opm_page_data = opm_FNget_webpage ($opm_xchange_page);
if ($opm_page_data) {
$opm_page_data = strip_tags ($opm_page_data);
$opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
$opm_xr_matches = array ();
preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
echo "$opm_ok_string XCHGRATES START\n";
foreach ($opm_xr_matches[2] as $key => $value) {
echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
}
echo "$opm_ok_string XCHGRATES END\n";
}
else {
opm_FNDebug_Log ("$opm_error_string 1150 The remote server answer is empty or invalid.");
echo "$opm_error_string 1150 XCHGRATES REMOTE SERVER ERROR";
}
}
else {
opm_FNDebug_Log ("$opm_error_string 1151 The specified currency codes are invalid.");
echo "$opm_error_string 1151 XCHGRATES INVALID CURRENCY";
}
}
else {
opm_FNDebug_Log ("$opm_error_string 1152 The no currency codes were specified.");
echo "$opm_error_string 1152 XCHGRATES EMPTY CURRENCY";
}
}
// ==================================
// Execute DBQUERY.
// DBQUERY returns ...
// ==================================
if ($opm_operation == "dbquery") {
opm_FNDebug_Log ("$opm_ok_string Starting DBQUERY operation.");
if ($opm_query) {
$opm_query_result = opm_FNExec_Query ($opm_query, false, true, $opm_enable_recordsetlog);
if (substr ($opm_query_result, 0, strlen ($opm_error_string)) != $opm_error_string) {
echo "$opm_ok_string DBQUERY START\n";
echo $opm_query_result;
echo "$opm_ok_string DBQUERY END\n";
}
else {
echo $opm_query_result;
}
}
else {
opm_FNDebug_Log ("$opm_error_string 1171 The database query is empty.");
echo "$opm_error_string 1171 DBQUERY EMPTY DATABASE QUERY";
}
opm_FNDebug_Log ("$opm_ok_string Finishing DBQUERY operation.");
}
if ($opm_browser_debug) { echo "</pre>"; }
return;
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
$dirhandle = opendir ($dirname);
while (($file = readdir ($dirhandle)) != false)
$sorteddir[count ($sorteddir)] = $file;
closedir ($dirhandle);
natcasesort ($sorteddir);
if (!$onlydirs) {
foreach ($sorteddir as $file) {
if (($file != ".") && ($file != "..")) {
if (!is_dir ($dirname . $file)) {
if ($parentdir) {
echo $parentdir . "/" . $file . "\n";
}
else {
echo $file . "\n";
}
}
}
}
foreach ($sorteddir as $file) {
if (($file != ".") && ($file != "..")) {
if (is_dir ($dirname . $file)) {
if ($parentdir) {
opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
}
else {
opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
}
}
}
}
}
else {
foreach ($sorteddir as $file) {
if (($file != ".") && ($file != "..")) {
if (is_dir ($dirname . $file)) {
if ($parentdir) {
echo $parentdir . "/" . $file . "\n";
opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
}
else {
echo $file . "\n";
opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
}
}
}
}
}
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNSmart_Rename ($wantedname, $tries) {
global $opm_realpath;
$newname = $wantedname;
$newext = '.' . array_pop (explode ('.', $wantedname));
for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
if (!file_exists ($opm_realpath . $newname)) {
return ($newname);
}
else {
$newdirname = dirname ($wantedname);
if ($newdirname != ".") {
$newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
}
else {
$newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
}
}
}
return ($wantedname);
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNDebug_Log ($logline) {
global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
if ($opm_enable_logfile) {
if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
$opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
$opm_lfilef = @fopen ($opm_debug_file, 'a');
if ($opm_lfilef) {
if ($logline) {
@fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
}
else {
@fwrite ($opm_lfilef, "\n");
}
@fclose ($opm_lfilef);
}
}
}
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNmkdirs ($dirname) {
if (is_dir ($dirname) || empty ($dirname)) return 1;
if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
if (!file_exists($dirname)) {
return @mkdir ($dirname, 0777);
}
}
return 0;
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false, $logdata = false) {
global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_cfield, $opm_tag_fieldlist;
global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats, $opm_error_string;
global $opm_compress, $opm_compress_level;
$result_string = "";
$record_count = 0;
$query_type = strtoupper (substr ($sql_query, 0, strpos ($sql_query, " ")));
opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
$sql_result = fopm_dbquery ($sql_query);
if ($sql_result) {
if (($query_type == "SELECT") || ($query_type == "SHOW") || ($query_type == "DESCRIBE")) {
while ($sql_record = fopm_dbfetchrow ($sql_result)) {
$record_count++;
$sql_fullrec = "";
if ($rawdata) {
foreach ($sql_record as $fielddata) {
$result_string .= $fielddata . "\n";
}
}
else {
$result_string .= "$opm_tag_recordbegin\n";
foreach ($sql_record as $fielddata) {
if ($encodeddata) {
$encodedfield = base64_encode ($fielddata);
}
else {
$encodedfield = htmlentities ($fielddata);
}
$result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
$sql_fullrec .= $encodedfield;
}
$result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
}
}
}
elseif ($query_type == "INSERT") {
$sql_result = fopm_dblastid ();
$record_count = 1;
$sql_fullrec = "";
if ($rawdata) {
$result_string .= $sql_result . "\n";
}
else {
$result_string .= "$opm_tag_recordbegin\n";
if ($encodeddata) {
$encodedfield = base64_encode ($sql_result);
}
else {
$encodedfield = htmlentities ($sql_result);
}
$result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
$sql_fullrec .= $encodedfield;
$result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
}
}
}
else {
opm_FNDebug_Log ("$opm_error_string 2200 Error in SQL query: " . fopm_dberror () . ".");
$result_string = "$opm_error_string 2200 : ERROR IN SQL QUERY: " . fopm_dberror () . ".";
return $result_string;
}
if ($logdata) {
opm_FNDebug_Log ("RECORDSET=\n$result_string\n");
}
if (!$rawdata) {
if ($opm_compress) {
opm_FNDebug_Log ("RECORDSET SIZE (UNCOMPRESSED)=" . strlen ($result_string));
$result_string = base64_encode (gzcompress ($result_string, $opm_compress_level)) . "\n";
}
}
opm_FNDebug_Log ("RECORDSET SIZE=" . strlen ($result_string));
return $result_string;
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// Based on code from osCommerce (/admin/backup.php).
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNBackup ($dump_file) {
global $opm_script_version;
if ($dump_file) {
$bakfilef = fopen ($dump_file, 'w');
$bakline = "############################################################################\n";
$bakline .= "# OSCPMWin (server-side $opm_script_version)\n";
$bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
$bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
$bakline .= "############################################################################\n\n";
fwrite ($bakfilef, $bakline);
$tables_query = fopm_dbquery ("show tables");
while ($tables = fopm_dbfetchrow ($tables_query)) {
$table = $tables[0];
$bakline = "\n\n############################################################################\n";
$bakline .= "# " . strtoupper ($table) . "\n";
$bakline .= "############################################################################\n\n";
$bakline .= "drop table if exists $table;\ncreate table $table (\n";
$table_list = array ();
$fields_query = fopm_dbquery ("show fields from $table");
while ($fields = fopm_dbfetchrow ($fields_query)) {
$table_list[] = $fields[0];
$bakline .= " " . $fields[0] . " " . $fields[1];
if (strlen ($fields[4]) > 0) $bakline .= " default '" . $fields[4] . "'";
if (strtoupper ($fields[2]) != "YES") $bakline .= " not null";
if (isset ($fields[5])) $bakline .= " " . $fields[5];
$bakline .= ",\n";
}
$bakline = ereg_replace(",\n$", '', $bakline);
$index = array ();
$keys_query = fopm_dbquery ("show keys from $table");
while ($keys = fopm_dbfetchrow ($keys_query)) {
$kname = $keys[2];
if (!isset ($index[$kname])) {
$index[$kname] = array ("unique" => !$keys[1], "columns" => array());
}
$index[$kname]["columns"][] = $keys[4];
}
while (list($kname, $info) = each($index)) {
$bakline .= ",\n";
$columns = implode($info["columns"], ", ");
if ($kname == "PRIMARY") {
$bakline .= " PRIMARY KEY ($columns)";
} elseif ($info["unique"]) {
$bakline .= " UNIQUE $kname ($columns)";
} else {
$bakline .= " KEY $kname ($columns)";
}
}
$bakline .= "\n);\n\n";
fwrite ($bakfilef, $bakline);
$rows_query = fopm_dbquery ("select " . implode (",", $table_list) . " from $table");
while ($rows = fopm_dbfetchrow ($rows_query)) {
$bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
for ($curfield = 0; $curfield < count ($table_list); $curfield++) {
if (!isset ($rows[$curfield])) {
$bakline .= "NULL, ";
} elseif (($rows[$curfield] != "") && (strtoupper ($rows[$curfield]) != "NULL")) {
$row = addslashes ($rows[$curfield]);
$row = ereg_replace("\n#", "\n".'\#', $row);
$bakline .= "'$row', ";
} else {
$bakline .= "'', ";
}
}
$bakline = ereg_replace (", $", "", $bakline) . ");\n";
fwrite ($bakfilef, $bakline);
}
}
fclose ($bakfilef);
}
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// Compress a file with the gzip algorithm.
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
$opm_ungzfp = fopen($opm_gzsource, "rb");
$opm_gzfp = gzopen($opm_gztarget, "wb9");
if ($opm_gzfp && $opm_ungzfp) {
while (!feof ($opm_ungzfp)) {
gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
}
@fclose ($opm_ungzfp);
@gzclose ($opm_gzfp);
return (true);
}
else {
@fclose ($opm_ungzfp);
@gzclose ($opm_gzfp);
return (false);
}
}
else {
return (false);
}
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// Request a page from a web server.
// If using a proxy server, redirect the call thru the proxy.
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function opm_FNget_webpage ($target_url) {
global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
$opm_http_content = "";
$errno = 0;
$errstr = "";
$urlparts = parse_url ($target_url);
if ($urlparts["host"]) {
@ignore_user_abort (true);
if ($opm_cfg_useproxy) {
$opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
}
else {
$opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
}
if ($opm_sockconn) {
if ($opm_cfg_useproxy) {
fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
}
else {
fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
}
while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
$opm_http_content .= fgets ($opm_sockconn, 10240);
}
@fclose ($opm_sockconn);
if (eregi ("HTTP.*200 OK", $opm_http_content)) {
$opm_http_content = str_replace ("\r", "", $opm_http_content);
$opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
return ($opm_http_content);
}
}
}
return ("");
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function fopm_dbconnect ($dbhost, $dbname, $dbusername, $dbpassword) {
global $opm_db_handle, $opm_error_string;
$opm_db_handle = false;
if ($dbhost && $dbname && $dbusername) {
if (function_exists ("mysql_connect")) {
$opm_db_handle = @mysql_connect ($dbhost, $dbusername, $dbpassword);
$database = @mysql_select_db ($dbname);
if (!$opm_db_handle or (isset ($database) and !$database)) {
opm_FNDebug_Log ("$opm_error_string 2000 Cannot connect to the database $dbname@$dbhost as $dbusername.");
}
else {
return (true);
}
}
else {
opm_FNDebug_Log ("$opm_error_string 2010 Without support in PHP for MySQL.");
echo "$opm_error_string 2010 PHP WITHOUT MYSQL SUPPORT.";
}
}
else {
opm_FNDebug_Log ("$opm_error_string 2020 Missing database connection parameters.");
echo "$opm_error_string 2020 MISSING DB CONNECTION PARAMETERS.";
}
return (false);
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function fopm_dbquery ($query) {
global $opm_db_handle, $opm_error_string;
if ($opm_db_handle) {
return (@mysql_query ($query));
}
else {
opm_FNDebug_Log ("$opm_error_string 2100 The provided database link is not connected.");
echo "$opm_error_string 2100 DB LINK WITHOUT CONNECTION.";
}
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function fopm_dberror () {
global $opm_db_handle;
if ($opm_db_handle) {
return (mysql_errno ($opm_db_handle) . "=" . @mysql_error ($opm_db_handle));
}
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function fopm_dbfetchrow ($result) {
global $opm_db_handle;
return (mysql_fetch_row ($result));
}
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
// %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
function fopm_dblastid () {
global $opm_db_handle;
$result9 = fopm_dbquery ("select last_insert_id()");
$row9 = fopm_dbfetchrow ($result9);
if ($row9) { return ($row9[0]); } else { return (0); }
}
?>