Source code of file oscpmwin/oscpm1_upload.txt from the
osCommerce Product Manager for Windows.


0000:   <?php
0001:   // osCommerce Product Manager for Windows (oscpmwin).
0002:   0003:   
0004:   // You can contact Mario A. Valdez-Ramirez
0005:   // by email at mario@mariovaldez.org or paper mail at
0006:   // Olmos 809, San Nicolas, NL. 66495, Mexico.
0007:   
0008:   // This program is free software; you can redistribute it and/or modify
0009:   // it under the terms of the GNU General Public License as published by
0010:   // the Free Software Foundation; either version 2 of the License, or (at
0011:   // your option) any later version.
0012:   
0013:   // This program is distributed in the hope that it will be useful, but
0014:   // WITHOUT ANY WARRANTY; without even the implied warranty of
0015:   // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
0016:   // General Public License for more details.
0017:   
0018:   // You should have received a copy of the GNU General Public License
0019:   // along with this program; if not, write to the Free Software
0020:   // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
0021:   
0022:   
0023:   // ==================================
0024:   // Start of configuration options...
0025:   // ==================================
0026:   $opm_images_directory = "images/";
0027:   $opm_enable_logfile = false;
0028:   $opm_enable_extralog = false;
0029:   $opm_enable_recordsetlog = false;
0030:   $opm_debug_file = "opm_debug.txt";
0031:   $opm_browser_debug = false;
0032:   $opm_enable_auth = true;
0033:   $opm_password_override = "";
0034:   $opm_upload_perms = "0644";
0035:   $opm_timezone_shift = 0;
0036:   $opm_allow_compression = true;
0037:   $opm_compress_level = 1;
0038:   
0039:   $opm_cfg_useproxy = false;
0040:   $opm_cfg_proxyaddress = "192.168.0.1";
0041:   $opm_cfg_proxyport = 3128;
0042:   
0043:   // ==================================
0044:   // End of configuration options...
0045:   // ==================================
0046:   
0047:   
0048:   $opm_httpconn_timeout = 60;                 // 60 seconds
0049:   $opm_tag_recordbegin = "BR";                // BR
0050:   $opm_tag_recordend = "ER";                  // ER
0051:   $opm_tag_field = "DF";                      // DF
0052:   $opm_tag_databegin = "[";                   // [
0053:   $opm_tag_dataend = "]";                     // ]
0054:   $opm_tag_comment = "#";                     // #
0055:   $opm_tag_stats = "ST";                      // ST
0056:   $opm_tag_fieldlist = "FL";                  // FL
0057:   
0058:   $opm_ok_string = "MVOSCPM1_NOERROR";
0059:   $opm_error_string = "MVOSCPM1_ERROR";
0060:   $opm_session_string = "OSCPMCHECKER";
0061:   $opm_max_failedlogins = 8;                  // Max logins before blocking the client.
0062:   $opm_max_blocktime = 3600;                  // Time a client is blocked after too many failures.
0063:   $opm_max_tracktime = 900;                   // Time to store the login history of each client.
0064:   $opm_sleep_afterfail = 15;                  // Delay when login fails.
0065:   
0066:   $opm_hash_strengh = 100;
0067:   
0068:   $opm_script_version = "0.9.6";
0069:   error_reporting(E_ALL & ~E_NOTICE);
0070:   
0071:   $opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
0072:   $opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
0073:   $opm_tmposname = explode (" ", php_uname ());
0074:   $opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];
0075:   
0076:   @set_time_limit (300);
0077:   
0078:   if (!$opm_upload_perms) {
0079:     $opm_upload_perms = "0600";
0080:   }
0081:   
0082:   $opm_ip_address = $_SERVER["REMOTE_ADDR"];
0083:   if (!$opm_ip_address) {
0084:     $opm_ip_address = $HTTP_SERVER_VARS["REMOTE_ADDR"];
0085:     if (!$opm_ip_address) {
0086:       $opm_ip_address = $_ENV["REMOTE_ADDR"];
0087:       if (!$opm_ip_address) {
0088:         $opm_ip_address = getenv("REMOTE_ADDR");
0089:       }
0090:       else $opm_ip_address = "";
0091:     }
0092:   }
0093:   
0094:   
0095:   $opm_db_handle = false;
0096:   
0097:   
0098:   // Get all parameters about the request.
0099:   if (!$opm_browser_debug) {
0100:     $opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
0101:     $opm_operation = strtolower (trim ($_POST["Op"]));
0102:     $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
0103:     $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
0104:     $opm_query = base64_decode (trim ($_POST["Qy"]));
0105:     $opm_reqversion = trim ($_POST["Vn"]);
0106:     $opm_logintimestamp = trim ($_POST["TS"]);
0107:     $opm_compress = abs ($_POST["Gz"]);
0108:   }
0109:   else {
0110:     $opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
0111:     $opm_operation = strtolower (trim ($_GET["Op"]));
0112:     $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
0113:     $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
0114:     $opm_query = trim ($_GET["Qy"]);
0115:     $opm_reqversion = trim ($_GET["Vn"]);
0116:     $opm_logintimestamp = trim ($_GET["TS"]);
0117:     $opm_compress = abs ($_GET["Gz"]);
0118:   }
0119:   if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
0120:     $opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
0121:   }
0122:   $opm_compress = ($opm_compress && $opm_allow_compression);
0123:   
0124:   // If timestamp is empty, create a dummy to force an authentication failure.
0125:   if (strlen ($opm_logintimestamp) < 15) {
0126:     $opm_logintimestamp = date ("YmdHis");
0127:   }
0128:   
0129:   /*
0130:   Note on parameters:
0131:   When the operation needs a parameter, it shold be send using
0132:   either FN or QY (Filename or Query). The difference is that
0133:   FN is cleaned (deleting slashes, dots and spaces) while QY
0134:   is not cleaned. However, QY is always Base64-encoded.
0135:   */
0136:   
0137:   
0138:   // Log basic information about the request.
0139:   if ($opm_enable_extralog) {
0140:     if (!$opm_browser_debug) {
0141:       opm_FNDebug_Log (print_r ($_POST, true));
0142:     }
0143:     else {
0144:       opm_FNDebug_Log (print_r ($_GET, true));
0145:     }
0146:   }
0147:   else {
0148:     opm_FNDebug_Log ("");
0149:   }
0150:   opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0151:   opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
0152:   opm_FNDebug_Log ("OPERATION=" . $opm_operation);
0153:   opm_FNDebug_Log ("FILENAME=" . $opm_filename);
0154:   opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
0155:   opm_FNDebug_Log ("QUERY=" . $opm_query);
0156:   opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
0157:   opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);
0158:   opm_FNDebug_Log ("COMPRESS=" . $opm_compress);
0159:   
0160:   
0161:   // Include osCommerce database configuration and functions.
0162:   require ("includes/configure.php");
0163:   require (DIR_WS_INCLUDES . "database_tables.php");
0164:   
0165:   
0166:   if ($opm_browser_debug) { echo "<pre>"; }
0167:   
0168:   // Check if script version is the expected by client.
0169:   if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
0170:     opm_FNDebug_Log ("$opm_error_string 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
0171:     echo "$opm_error_string 1000 WRONG SCRIPT VERSION";
0172:     return;
0173:   }
0174:   
0175:   // Check if the image directory is valid.
0176:   if (!is_dir ($opm_realpath) && ($opm_operation)) {
0177:     opm_FNDebug_Log ("$opm_error_string 1010 cannot find the images directory. Expecting $opm_realpath exist.");
0178:     echo "$opm_error_string 1010 IMAGE DIRECTORY NOT FOUND";
0179:     return;
0180:   }
0181:   
0182:   
0183:   // Connect to database.
0184:   if (!fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD)) {
0185:     echo "$opm_error_string 1031 NO DATABASE CONNECTION";
0186:     return;
0187:   }
0188:   
0189:   
0190:   // Get osCommerce DB password and compare it with client password.
0191:   // Unless no operation is requested.
0192:   if ($opm_operation) {
0193:     if ($opm_enable_auth) {
0194:       if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
0195:         // Check if the client is known...
0196:         $opm_failed_attempts = 0;
0197:         $opm_failed_time = time ();
0198:         $opm_sql_result = fopm_dbquery ("select customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url from " . TABLE_WHOS_ONLINE . " where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0199:         if ($opm_sql_record = fopm_dbfetchrow ($opm_sql_result)) {
0200:           // It is known...
0201:           if (round (abs ($opm_sql_record[5])) > ($opm_failed_time - $opm_max_tracktime)) {
0202:             $opm_failed_attempts = round (abs ($opm_sql_record[6]));
0203:             if ($opm_failed_attempts > $opm_max_failedlogins) {
0204:               // It is blocked...
0205:               $opm_failed_time = time () + $opm_max_blocktime;
0206:             }
0207:           }
0208:           else {
0209:             // We are not tracking it...
0210:             $opm_failed_attempts = 0;
0211:           }
0212:           // Updates the tracking information...
0213:           $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0214:         }
0215:         else {
0216:           // Creates a tracking record...
0217:           $opm_sql_result = fopm_dbquery ("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (0, '$opm_session_string', '$opm_session_string', '$opm_ip_address', '$opm_failed_time', '$opm_failed_time', '0')");
0218:         }
0219:         if ($opm_failed_attempts > $opm_max_failedlogins) {
0220:           // The client is blocked, show error...
0221:           opm_FNDebug_Log ("$opm_error_string 1024 the client ($opm_ip_address) has been blocked, too many failed logins ($opm_failed_attempts).");
0222:           sleep ($opm_sleep_afterfail);
0223:           echo "$opm_error_string 1024 BLOCKED";
0224:           return;
0225:         }
0226:         else {
0227:           // The client is not blocked, continue...
0228:           if ($opm_password_override != "") {
0229:             opm_FNDebug_Log ("Password override is enabled.");
0230:             $opm_serverpassword = $opm_password_override;
0231:             for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
0232:               $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
0233:             }
0234:           }
0235:           else {
0236:             $opm_serverpassword = DB_SERVER_PASSWORD;
0237:             for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
0238:               $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
0239:             }
0240:           }
0241:           opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
0242:           if ($opm_serverpassword != $opm_passwordhash) {
0243:             // Password mismatch...
0244:             opm_FNDebug_Log ("$opm_error_string 1020 the server and client passwords do not match.");
0245:             $opm_failed_attempts++;
0246:             opm_FNDebug_Log ("Failed logins from $opm_ip_address = $opm_failed_attempts");
0247:             // Update tracking data about this...
0248:             $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='$opm_failed_attempts' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0249:             if ($opm_failed_attempts > 1) {
0250:               // This is not the first failure, delay a bit...
0251:               sleep ($opm_sleep_afterfail);
0252:             }
0253:             echo "$opm_error_string 1020 PASSWORD MISMATCH";
0254:             return;
0255:           }
0256:           else {
0257:             // Password match, reset failures count in tracking data...
0258:             $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='0' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0259:           }
0260:         }
0261:       }
0262:       else {
0263:         opm_FNDebug_Log ("$opm_error_string 1021 the server password was not found.");
0264:         echo "$opm_error_string 1021 CANNOT FIND SERVER PASSWORD";
0265:         return;
0266:       }
0267:     }
0268:     else {
0269:       opm_FNDebug_Log ("Password authentication is disabled.");
0270:     }
0271:   }
0272:   else {
0273:     // If called from a browser, display a simple information page
0274:     $opm_simpletest_dbok = false;
0275:     $opm_simpletest_imgok = false;
0276:     echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
0277:     echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
0278:     echo "LI { padding: 5px; }\n";
0279:     echo "H3 { padding: 5px 5px 5px 20px; }\n";
0280:     echo "A { color: #0000FF; text-decoration: none; }\n";
0281:     echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
0282:     echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
0283:     echo ".ok { background-color: #CCFFCC; }\n";
0284:     echo ".notok { background-color: #FFCCCC; }\n";
0285:     echo ".info { background-color: #EEEEFF; }\n";
0286:     echo ".links { background-color: #EEEEEE; }\n";
0287:     echo "</style>\n";
0288:     echo "</head><body>\n";
0289:     echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
0290:     $opm_simpletest_dbok = fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
0291:     $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
0292:     if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0293:       echo "<div class=\"ok\">";
0294:     }
0295:     else {
0296:       echo "<div class=\"notok\">";
0297:     }
0298:     echo "<ul>\n";
0299:     if ($opm_simpletest_dbok) {
0300:       echo "<li><strong>Database connection seems OK.</strong></li>\n";
0301:     }
0302:     else {
0303:       echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
0304:     }
0305:     if ($opm_simpletest_imgok) {
0306:       echo "<li><strong>Image directory seems OK.</strong></li>\n";
0307:     }
0308:     else {
0309:       echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
0310:     }
0311:     echo "</ul>";
0312:     if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0313:       echo "<h3><strong>Everything seems OK. &nbsp; &nbsp; &nbsp; :)</strong></h3>\n";
0314:     }
0315:     else {
0316:       echo "<h3><strong>There seems to be a problem. &nbsp; &nbsp; &nbsp; :(</strong></h3>\n";
0317:     }
0318:     echo "</div>";
0319:     echo "<div class=\"info\"><ul>";
0320:     if ($opm_browser_debug) {
0321:       echo "<li>Browser-debug mode is enabled.";
0322:     }
0323:     else {
0324:       echo "<li>Browser-debug mode is disabled";
0325:     }
0326:     echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";
0327:   
0328:     if ($opm_enable_logfile) {
0329:       echo "<li>Logging file is enabled.";
0330:     }
0331:     else {
0332:       echo "<li>Logging file is disabled";
0333:     }
0334:     echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";
0335:   
0336:     if ($opm_cfg_useproxy) {
0337:       echo "<li>Proxy-usage is enabled.";
0338:     }
0339:     else {
0340:       echo "<li>Proxy-usage is disabled";
0341:     }
0342:     echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
0343:   
0344:     if ($opm_allow_compression) {
0345:       echo "<li>Compression is enabled.";
0346:     }
0347:     else {
0348:       echo "<li>Compression is disabled";
0349:     }
0350:     echo "<br><small>Compression of data traffic improves the speed of the data transfer. The compression level is set to $opm_compress_level. This setting is not enforced unless the client application request a compressed data stream too.</small></li>\n";
0351:   
0352:     echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
0353:     echo "</ul></div>";
0354:     echo "<div class=\"links\"><ul>";
0355:     echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
0356:     echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
0357:     echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
0358:     echo "</ul></div>";
0359:     echo "<p><small>&copy;2003-2007 by Mario A. Valdez-Ramirez.<br>\n";
0360:     echo "This program is free software; you can redistribute it and/or modify\n";
0361:     echo "it under the terms of the GNU General Public License as published by\n";
0362:     echo "the Free Software Foundation; either version 2 of the License, or (at\n";
0363:     echo "your option) any later version.</small></p>\n";
0364:     echo "</body></html>";
0365:     return;
0366:   }
0367:   
0368:   
0369:   
0370:   // ==================================
0371:   // Do nothing.
0372:   // NOOP do nothing.
0373:   // ==================================
0374:   if ($opm_operation == "noop") {
0375:     echo "$opm_ok_string NOOP START\n";
0376:     opm_FNDebug_Log ("$opm_ok_string NOOP requested.");
0377:     echo "$opm_ok_string NOOP END\n";
0378:   }
0379:   
0380:   // ==================================
0381:   // Returns a PHPINFO dump.
0382:   // PHPINFO returns a dump of the PHPINFO function.
0383:   // ==================================
0384:   if ($opm_operation == "phpinfo") {
0385:     echo "$opm_ok_string PHPINFO START\n";
0386:     ob_start ();
0387:     phpinfo ();
0388:     $opm_phpinfo = ob_get_contents ();
0389:     ob_end_clean ();
0390:     $opm_phpinfo = str_replace ("<h2>", str_repeat ("=", 40) . "\n* ", $opm_phpinfo);
0391:     $opm_phpinfo = str_replace ("</h2>", "\n" . str_repeat ("=", 40) . "\n", $opm_phpinfo);
0392:     $opm_phpinfo = str_replace ("<th>", " | ", $opm_phpinfo);
0393:     $opm_phpinfo = str_replace ("</th>", " | ", $opm_phpinfo);
0394:     $opm_phpinfo = str_replace ("<td class=\"v\">", " | ", $opm_phpinfo);
0395:     $opm_phpinfo = strip_tags ($opm_phpinfo);
0396:     $opm_phpinfo_lines = explode ("\n", $opm_phpinfo);
0397:     $opm_phpinfo = "";
0398:     foreach ($opm_phpinfo_lines as $opm_phpinfo_curline) {
0399:       $opm_phpinfo_curline = trim ($opm_phpinfo_curline);
0400:       if ($opm_phpinfo_curline) {
0401:         $opm_phpinfo .= $opm_phpinfo_curline . "\n";
0402:       }
0403:     }
0404:     echo $opm_phpinfo;
0405:     echo "$opm_ok_string PHPINFO END\n";
0406:   }
0407:   
0408:   // ==================================
0409:   // CHECK if a file exists.
0410:   // CHECK requires the full path of the image.
0411:   // ==================================
0412:   if ($opm_operation == "check") {
0413:     if ($opm_filename) {
0414:       if (file_exists ($opm_realpath . $opm_filename)) {
0415:         opm_FNDebug_Log ("$opm_ok_string file found $opm_filename.");
0416:         echo "$opm_ok_string FILE EXISTS";
0417:       }
0418:       else {
0419:         opm_FNDebug_Log ("$opm_error_string 1110 file not found $opm_filename.");
0420:         echo "$opm_error_string 1110 FILE NOT FOUND";
0421:       }
0422:     }
0423:   }
0424:   
0425:   // ==================================
0426:   // LIST all files recursively.
0427:   // LIST returns the filenames with paths.
0428:   // ==================================
0429:   if ($opm_operation == "list") {
0430:     echo "$opm_ok_string LIST START\n";
0431:     opm_FNList_Files ($opm_realpath, "", false);
0432:     echo "$opm_ok_string LIST END\n";
0433:   }
0434:   
0435:   // ==================================
0436:   // LISTDIRS only dirs recursively.
0437:   // LISTDIRS returns no filenames.
0438:   // ==================================
0439:   if ($opm_operation == "listdirs") {
0440:     echo "$opm_ok_string LISTDIRS START\n";
0441:     opm_FNList_Files ($opm_realpath, "", true);
0442:     echo "$opm_ok_string LISTDIRS END\n";
0443:   }
0444:   
0445:   // ==================================
0446:   // DELETE an image.
0447:   // DELETE requires the filename of the image with path.
0448:   // DELETE1 deletes the image if less than one record references it.
0449:   // DELETE2 deletes the image if less than two records reference it.
0450:   // ==================================
0451:   if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
0452:     if ($opm_operation == "delete1") {
0453:       $allowed_owners = 1;
0454:     }
0455:     else {
0456:       $allowed_owners = 2;
0457:     }
0458:     if ($opm_filename) {
0459:       // Check for More Pics 6 extension...
0460:       $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0461:       if ($opm_sqlresult[0]) {
0462:         $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'"));
0463:       }
0464:       else {
0465:         $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'"));
0466:       }
0467:       if ($opm_sqlresult[0] < $allowed_owners) {
0468:         if (file_exists ($opm_realpath . $opm_filename)) {
0469:           if (@unlink ($opm_realpath . $opm_filename)) {
0470:             if (!file_exists ($opm_realpath . $opm_filename)) {
0471:               opm_FNDebug_Log ("$opm_ok_string file deleted $opm_filename.");
0472:               echo "$opm_ok_string DELETE";
0473:             }
0474:             else {
0475:               opm_FNDebug_Log ("$opm_error_string 1120 file cannot be deleted $opm_filename.");
0476:               echo "$opm_error_string 1120 DELETE FILE REMAINS";
0477:             }
0478:           }
0479:           else {
0480:             opm_FNDebug_Log ("$opm_error_string 1121 when deleting $opm_filename.");
0481:             echo "$opm_error_string 1121 DELETE UNKNOWN";
0482:           }
0483:         }
0484:         else {
0485:           opm_FNDebug_Log ("$opm_ok_string file not found when deleting $opm_filename.");
0486:           echo "$opm_ok_string DELETE FILE NOT FOUND";
0487:         }
0488:       }
0489:       else {
0490:         opm_FNDebug_Log ("$opm_ok_string file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
0491:         echo "$opm_ok_string DELETE FILE IN USE";
0492:       }
0493:     }
0494:     else {
0495:       opm_FNDebug_Log ("$opm_ok_string filename empty.");
0496:       echo "$opm_ok_string DELETE FILENAME EMPTY";
0497:     }
0498:   }
0499:   
0500:   // ==================================
0501:   // UPLOAD an image.
0502:   // UPLOAD requires the path, without filename, where the image will be stored.
0503:   // UPLOAD returns the image filename with the path.
0504:   // ==================================
0505:   if ($opm_operation == "upload") {
0506:     if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
0507:       if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
0508:         if ($opm_filename) {
0509:           $newfn = $opm_filename;
0510:         }
0511:         else {
0512:           $newfn = trim ($_FILES["Fl"]["name"]);
0513:         }
0514:         $newfn = str_replace (" ", "_", $newfn);
0515:         $newfn = str_replace ("/", "", $newfn);
0516:         $newfn = str_replace ("\\", "", $newfn);
0517:         $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
0518:         $newfn = strtolower ($newfn);
0519:   
0520:         if ($opm_subdir) {
0521:           if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
0522:             opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
0523:             opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
0524:           }
0525:           if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
0526:             opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
0527:             $newfn = $opm_subdir . "/" . $newfn;
0528:           }
0529:           else {
0530:             opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
0531:           }
0532:         }
0533:         opm_FNDebug_Log ("wanted filename=" . $newfn);
0534:         $newfn = opm_FNSmart_Rename ($newfn, 100);
0535:         opm_FNDebug_Log ("smart filename=" . $newfn);
0536:         opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0537:         if (!file_exists ($opm_realpath . $newfn)) {
0538:           opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
0539:           if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
0540:             opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
0541:             if (file_exists ($opm_realpath . $newfn)) {
0542:               opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
0543:               @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
0544:               echo "$opm_ok_string UPLOAD [" . $newfn . "]";
0545:             }
0546:             else {
0547:               opm_FNDebug_Log ("$opm_error_string 1130 file not copied=" . $opm_realpath . $newfn);
0548:               echo "$opm_error_string 1130 UPLOAD FILE NOT FOUND";
0549:             }
0550:           }
0551:           else {
0552:             opm_FNDebug_Log ("$opm_error_string 1131 file not copied=" . $opm_realpath . $newfn);
0553:             echo "$opm_error_string 1131 UPLOAD CANNOT MOVE";
0554:           }
0555:         }
0556:         else {
0557:           opm_FNDebug_Log ("$opm_error_string 1133 file exist=" . $opm_realpath . $newfn);
0558:           echo "$opm_error_string 1133 UPLOAD EXIST [" . $newfn . "]";
0559:         }
0560:       }
0561:       else {
0562:         opm_FNDebug_Log ("$opm_error_string 1134 cannot find uploaded file!");
0563:         echo "$opm_error_string 1134 UPLOAD";
0564:       }
0565:     }
0566:   }
0567:   
0568:   // ==================================
0569:   // CAPABILITY listing.
0570:   // CAPABILITY returns a list of identified modules.
0571:   // ==================================
0572:   if ($opm_operation == "capa") {
0573:     opm_FNDebug_Log ("$opm_ok_string Capability search started.");
0574:     echo "$opm_ok_string CAPABILITY START\n";
0575:   
0576:     echo "OSCSTANDARD\n";
0577:   
0578:     // Credit Card Payment...
0579:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'"));
0580:     if ($opm_sqlresult[0]) {
0581:       opm_FNDebug_Log ("$opm_ok_string PAY_CC capability found.");
0582:       echo "PAY_CC\n";
0583:     }
0584:   
0585:     // Money Order Payment...
0586:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'"));
0587:     if ($opm_sqlresult[0]) {
0588:       opm_FNDebug_Log ("$opm_ok_string PAY_ORDER capability found.");
0589:       echo "PAY_ORDER\n";
0590:     }
0591:   
0592:     // COD Payment...
0593:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'"));
0594:     if ($opm_sqlresult[0]) {
0595:       opm_FNDebug_Log ("$opm_ok_string PAY_CC capability found.");
0596:       echo "PAY_CC\n";
0597:     }
0598:   
0599:     // PayPal Payment...
0600:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'"));
0601:     if ($opm_sqlresult[0]) {
0602:       opm_FNDebug_Log ("$opm_ok_string PAY_PP capability found.");
0603:       echo "PAY_PP\n";
0604:     }
0605:   
0606:     // Flat Rate Shipping...
0607:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'"));
0608:     if ($opm_sqlresult[0]) {
0609:       opm_FNDebug_Log ("$opm_ok_string SHIP_FLAT capability found.");
0610:       echo "SHIP_FLAT\n";
0611:     }
0612:   
0613:     // Table Shipping...
0614:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'"));
0615:     if ($opm_sqlresult[0]) {
0616:       opm_FNDebug_Log ("$opm_ok_string SHIP_TBL capability found.");
0617:       echo "SHIP_TBL\n";
0618:     }
0619:   
0620:     // Store PickUp Shipping...
0621:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'"));
0622:     if ($opm_sqlresult[0]) {
0623:       opm_FNDebug_Log ("$opm_ok_string SHIP_SPU capability found.");
0624:       echo "SHIP_SPU\n";
0625:     }
0626:   
0627:     // Multi Pickup Shipping...
0628:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'"));
0629:     if ($opm_sqlresult[0]) {
0630:       opm_FNDebug_Log ("$opm_ok_string SHIP_MPU capability found.");
0631:       echo "SHIP_MPU\n";
0632:     }
0633:   
0634:     // More Pics 6...
0635:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0636:     if ($opm_sqlresult[0]) {
0637:       opm_FNDebug_Log ("$opm_ok_string MOREPICS6 capability found.");
0638:       echo "MOREPICS6\n";
0639:     }
0640:   
0641:     // Total B2B...
0642:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id"));
0643:     if ($opm_sqlresult[0]) {
0644:       opm_FNDebug_Log ("$opm_ok_string TOTALB2B capability found.");
0645:       echo "TOTALB2B\n";
0646:     }
0647:   
0648:     // Poll Booth...
0649:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'"));
0650:     if ($opm_sqlresult[0]) {
0651:       opm_FNDebug_Log ("$opm_ok_string POLLBOOTH capability found.");
0652:       echo "POLLBOOTH\n";
0653:     }
0654:   
0655:     // Header Tags Controller...
0656:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag"));
0657:     if ($opm_sqlresult[0]) {
0658:       opm_FNDebug_Log ("$opm_ok_string HEADERTAGS capability found.");
0659:       echo "HEADERTAGS\n";
0660:     }
0661:   
0662:     // ZenCart...
0663:     if (defined ("TABLE_EZPAGES")) {
0664:       $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like '" . TABLE_EZPAGES . "'"));
0665:       if ($opm_sqlresult[0]) {
0666:         opm_FNDebug_Log ("$opm_ok_string ZENCART capability found.");
0667:         echo "ZENCART\n";
0668:       }
0669:     }
0670:   
0671:     opm_FNDebug_Log ("$opm_ok_string Capability search finished.");
0672:     echo "$opm_ok_string CAPABILITY END\n";
0673:   }
0674:   
0675:   // ==================================
0676:   // TABLES listing.
0677:   // TABLES returns the name of database tables.
0678:   // ==================================
0679:   if ($opm_operation == "tables") {
0680:     opm_FNDebug_Log ("$opm_ok_string Tables listing started.");
0681:     echo "$opm_ok_string TABLES START\n";
0682:     // Table names...
0683:     echo "TABLE_CATEGORIES=" . TABLE_CATEGORIES . "\n";
0684:     echo "TABLE_CATEGORIES_DESCRIPTION=" . TABLE_CATEGORIES_DESCRIPTION . "\n";
0685:     echo "TABLE_CONFIGURATION=" . TABLE_CONFIGURATION . "\n";
0686:     echo "TABLE_CURRENCIES=" . TABLE_CURRENCIES . "\n";
0687:     echo "TABLE_LANGUAGES=" . TABLE_LANGUAGES . "\n";
0688:     echo "TABLE_MANUFACTURERS=" . TABLE_MANUFACTURERS . "\n";
0689:     echo "TABLE_MANUFACTURERS_INFO=" . TABLE_MANUFACTURERS_INFO . "\n";
0690:     echo "TABLE_PRODUCTS=" . TABLE_PRODUCTS . "\n";
0691:     echo "TABLE_PRODUCTS_DESCRIPTION=" . TABLE_PRODUCTS_DESCRIPTION . "\n";
0692:     echo "TABLE_PRODUCTS_TO_CATEGORIES=" . TABLE_PRODUCTS_TO_CATEGORIES . "\n";
0693:     echo "TABLE_SPECIALS=" . TABLE_SPECIALS . "\n";
0694:     echo "TABLE_TAX_CLASS=" . TABLE_TAX_CLASS . "\n";
0695:     echo "TABLE_TAX_RATES=" . TABLE_TAX_RATES . "\n";
0696:     opm_FNDebug_Log ("$opm_ok_string Tables listing finished.");
0697:     echo "$opm_ok_string TABLES END\n";
0698:   }
0699:   
0700:   
0701:   // ==================================
0702:   // BACKUP database.
0703:   // BACKUP returns a SQL dump.
0704:   // ==================================
0705:   if ($opm_operation == "backup") {
0706:     opm_FNDebug_Log ("$opm_ok_string Backup of database requested.");
0707:     $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
0708:     opm_FNBackup ($opm_realpath . $opm_bak_filename);
0709:     if (file_exists ($opm_realpath . $opm_bak_filename)) {
0710:       opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
0711:       if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
0712:         $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
0713:         header ("Content-type: application/octet-stream");
0714:         header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
0715:         header("Content-Length: " . $opm_bak_filesize);
0716:         header ("Pragma: no-store");
0717:         readfile ($opm_realpath . $opm_bak_filename . ".gz");
0718:         @unlink ($opm_realpath . $opm_bak_filename . ".gz");
0719:         opm_FNDebug_Log ("$opm_ok_string Deleting compressed backup file.");
0720:       }
0721:       @unlink ($opm_realpath . $opm_bak_filename);
0722:       opm_FNDebug_Log ("$opm_ok_string Deleting uncompressed backup file.");
0723:     }
0724:     else {
0725:       opm_FNDebug_Log ("$opm_error_string 1140 Backup file not found.");
0726:     }
0727:     opm_FNDebug_Log ("$opm_ok_string Backup operation finished.");
0728:   }
0729:   
0730:   
0731:   // ==================================
0732:   // Get XCHGRATES.
0733:   // XCHGRATES returns the exchange rates of currencies.
0734:   // ==================================
0735:   if ($opm_operation == "xchgrates") {
0736:     opm_FNDebug_Log ("$opm_ok_string Starting XCHGRATES operation.");
0737:     if ($opm_filename) {
0738:       $opm_filename = strtoupper ($opm_filename);
0739:       $opm_main_currency = substr ($opm_filename, 0, 3);
0740:       $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
0741:       if (($opm_main_currency) && ($opm_xchange_currencies)) {
0742:         $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
0743:         $opm_page_data = opm_FNget_webpage ($opm_xchange_page);
0744:         if ($opm_page_data) {
0745:           $opm_page_data = strip_tags ($opm_page_data);
0746:           $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
0747:           $opm_xr_matches = array ();
0748:           preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
0749:           echo "$opm_ok_string XCHGRATES START\n";
0750:           foreach ($opm_xr_matches[2] as $key => $value) {
0751:             echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
0752:           }
0753:           echo "$opm_ok_string XCHGRATES END\n";
0754:         }
0755:         else {
0756:           opm_FNDebug_Log ("$opm_error_string 1150 The remote server answer is empty or invalid.");
0757:           echo "$opm_error_string 1150 XCHGRATES REMOTE SERVER ERROR";
0758:         }
0759:       }
0760:       else {
0761:         opm_FNDebug_Log ("$opm_error_string 1151 The specified currency codes are invalid.");
0762:         echo "$opm_error_string 1151 XCHGRATES INVALID CURRENCY";
0763:       }
0764:     }
0765:     else {
0766:       opm_FNDebug_Log ("$opm_error_string 1152 The no currency codes were specified.");
0767:       echo "$opm_error_string 1152 XCHGRATES EMPTY CURRENCY";
0768:     }
0769:   }
0770:   
0771:   
0772:   
0773:   // ==================================
0774:   // Execute DBQUERY.
0775:   // DBQUERY returns ...
0776:   // ==================================
0777:   if ($opm_operation == "dbquery") {
0778:     opm_FNDebug_Log ("$opm_ok_string Starting DBQUERY operation.");
0779:     if ($opm_query) {
0780:       $opm_query_result = opm_FNExec_Query ($opm_query, false, true, $opm_enable_recordsetlog);
0781:       if (substr ($opm_query_result, 0, strlen ($opm_error_string)) != $opm_error_string) {
0782:         echo "$opm_ok_string DBQUERY START\n";
0783:         echo $opm_query_result;
0784:         echo "$opm_ok_string DBQUERY END\n";
0785:       }
0786:       else {
0787:         echo $opm_query_result;
0788:       }
0789:     }
0790:     else {
0791:       opm_FNDebug_Log ("$opm_error_string 1171 The database query is empty.");
0792:       echo "$opm_error_string 1171 DBQUERY EMPTY DATABASE QUERY";
0793:     }
0794:     opm_FNDebug_Log ("$opm_ok_string Finishing DBQUERY operation.");
0795:   }
0796:   
0797:   
0798:   
0799:   if ($opm_browser_debug) { echo "</pre>"; }
0800:   return;
0801:   
0802:   
0803:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0804:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0805:   function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
0806:   	$dirhandle = opendir ($dirname);
0807:     while (($file = readdir ($dirhandle)) != false)
0808:       $sorteddir[count ($sorteddir)] = $file;
0809:   	closedir ($dirhandle);
0810:     natcasesort ($sorteddir);
0811:     if (!$onlydirs) {
0812:     	foreach ($sorteddir as $file) {
0813:         if (($file != ".") && ($file != "..")) {
0814:           if (!is_dir ($dirname . $file)) {
0815:             if ($parentdir) {
0816:               echo $parentdir . "/" . $file . "\n";
0817:             }
0818:             else {
0819:               echo $file . "\n";
0820:             }
0821:           }
0822:         }
0823:       }
0824:       foreach ($sorteddir as $file) {
0825:         if (($file != ".") && ($file != "..")) {
0826:           if (is_dir ($dirname . $file)) {
0827:             if ($parentdir) {
0828:               opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0829:             }
0830:             else {
0831:               opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0832:             }
0833:           }
0834:         }
0835:       }
0836:     }
0837:     else {
0838:       foreach ($sorteddir as $file) {
0839:         if (($file != ".") && ($file != "..")) {
0840:           if (is_dir ($dirname . $file)) {
0841:             if ($parentdir) {
0842:               echo $parentdir . "/" . $file . "\n";
0843:               opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0844:             }
0845:             else {
0846:               echo $file . "\n";
0847:               opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0848:             }
0849:           }
0850:         }
0851:       }
0852:     }
0853:   }
0854:   
0855:   
0856:   
0857:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0858:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0859:   function opm_FNSmart_Rename ($wantedname, $tries) {
0860:   global $opm_realpath;
0861:     $newname = $wantedname;
0862:     $newext = '.' . array_pop (explode ('.', $wantedname));
0863:     for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
0864:       if (!file_exists ($opm_realpath . $newname)) {
0865:         return ($newname);
0866:       }
0867:       else {
0868:         $newdirname = dirname ($wantedname);
0869:         if ($newdirname != ".") {
0870:           $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0871:         }
0872:         else {
0873:           $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0874:         }
0875:       }
0876:     }
0877:     return ($wantedname);
0878:   }
0879:   
0880:   
0881:   
0882:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0883:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0884:   function opm_FNDebug_Log ($logline) {
0885:   global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
0886:     if ($opm_enable_logfile) {
0887:       if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
0888:         $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
0889:         $opm_lfilef = @fopen ($opm_debug_file, 'a');
0890:         if ($opm_lfilef) {
0891:           if ($logline) {
0892:             @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
0893:           }
0894:           else {
0895:             @fwrite ($opm_lfilef, "\n");
0896:           }
0897:           @fclose ($opm_lfilef);
0898:         }
0899:       }
0900:     }
0901:   }
0902:   
0903:   
0904:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0905:   // Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
0906:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0907:   function opm_FNmkdirs ($dirname) {
0908:     if (is_dir ($dirname) || empty ($dirname)) return 1;
0909:     if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
0910:     if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
0911:       if (!file_exists($dirname)) {
0912:         return @mkdir ($dirname, 0777);
0913:       }
0914:     }
0915:     return 0;
0916:   }
0917:   
0918:   
0919:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0920:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0921:   function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false, $logdata = false) {
0922:   global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_cfield, $opm_tag_fieldlist;
0923:   global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats, $opm_error_string;
0924:   global $opm_compress, $opm_compress_level;
0925:     $result_string = "";
0926:     $record_count = 0;
0927:     $query_type = strtoupper (substr ($sql_query, 0, strpos ($sql_query, " ")));
0928:     opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
0929:     $sql_result = fopm_dbquery ($sql_query);
0930:     if ($sql_result) {
0931:       if (($query_type == "SELECT") || ($query_type == "SHOW") || ($query_type == "DESCRIBE")) {
0932:         while ($sql_record = fopm_dbfetchrow ($sql_result)) {
0933:           $record_count++;
0934:           $sql_fullrec = "";
0935:           if ($rawdata) {
0936:             foreach ($sql_record as $fielddata) {
0937:               $result_string .= $fielddata . "\n";
0938:             }
0939:           }
0940:           else {
0941:             $result_string .= "$opm_tag_recordbegin\n";
0942:             foreach ($sql_record as $fielddata) {
0943:               if ($encodeddata) {
0944:                 $encodedfield = base64_encode ($fielddata);
0945:               }
0946:               else {
0947:                 $encodedfield = htmlentities ($fielddata);
0948:               }
0949:               $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0950:               $sql_fullrec .= $encodedfield;
0951:             }
0952:             $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
0953:           }
0954:         }
0955:       }
0956:       elseif ($query_type == "INSERT") {
0957:         $sql_result = fopm_dblastid ();
0958:         $record_count = 1;
0959:         $sql_fullrec = "";
0960:         if ($rawdata) {
0961:           $result_string .= $sql_result . "\n";
0962:         }
0963:         else {
0964:           $result_string .= "$opm_tag_recordbegin\n";
0965:           if ($encodeddata) {
0966:             $encodedfield = base64_encode ($sql_result);
0967:           }
0968:           else {
0969:             $encodedfield = htmlentities ($sql_result);
0970:           }
0971:           $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0972:           $sql_fullrec .= $encodedfield;
0973:           $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
0974:         }
0975:       }
0976:     }
0977:     else {
0978:       opm_FNDebug_Log ("$opm_error_string 2200 Error in SQL query: " . fopm_dberror () . ".");
0979:       $result_string = "$opm_error_string 2200 : ERROR IN SQL QUERY: " . fopm_dberror () . ".";
0980:       return $result_string;
0981:     }
0982:     if ($logdata) {
0983:       opm_FNDebug_Log ("RECORDSET=\n$result_string\n");
0984:     }
0985:     if (!$rawdata) {
0986:       if ($opm_compress) {
0987:         opm_FNDebug_Log ("RECORDSET SIZE (UNCOMPRESSED)=" . strlen ($result_string));
0988:         $result_string = base64_encode (gzcompress ($result_string, $opm_compress_level)) . "\n";
0989:       }
0990:     }
0991:     opm_FNDebug_Log ("RECORDSET SIZE=" . strlen ($result_string));
0992:     return $result_string;
0993:   }
0994:   
0995:   
0996:   
0997:   
0998:   
0999:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1000:   // Based on code from osCommerce (/admin/backup.php).
1001:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1002:   function opm_FNBackup ($dump_file) {
1003:   global $opm_script_version;
1004:     if ($dump_file) {
1005:       $bakfilef = fopen ($dump_file, 'w');
1006:       $bakline  = "############################################################################\n";
1007:       $bakline .= "# OSCPMWin (server-side $opm_script_version)\n";
1008:       $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
1009:       $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
1010:       $bakline .= "############################################################################\n\n";
1011:       fwrite ($bakfilef, $bakline);
1012:       $tables_query = fopm_dbquery ("show tables");
1013:       while ($tables = fopm_dbfetchrow ($tables_query)) {
1014:         $table = $tables[0];
1015:         $bakline = "\n\n############################################################################\n";
1016:         $bakline .= "# " . strtoupper ($table) . "\n";
1017:         $bakline .= "############################################################################\n\n";
1018:         $bakline .= "drop table if exists $table;\ncreate table $table (\n";
1019:         $table_list = array ();
1020:         $fields_query = fopm_dbquery ("show fields from $table");
1021:         while ($fields = fopm_dbfetchrow ($fields_query)) {
1022:           $table_list[] = $fields[0];
1023:           $bakline .= "  " . $fields[0] . " " . $fields[1];
1024:           if (strlen ($fields[4]) > 0) $bakline .= " default '" . $fields[4] . "'";
1025:           if (strtoupper ($fields[2]) != "YES") $bakline .= " not null";
1026:           if (isset ($fields[5])) $bakline .= " " . $fields[5];
1027:           $bakline .= ",\n";
1028:         }
1029:         $bakline = ereg_replace(",\n$", '', $bakline);
1030:         $index = array ();
1031:         $keys_query = fopm_dbquery ("show keys from $table");
1032:         while ($keys = fopm_dbfetchrow ($keys_query)) {
1033:           $kname = $keys[2];
1034:           if (!isset ($index[$kname])) {
1035:             $index[$kname] = array ("unique" => !$keys[1], "columns" => array());
1036:           }
1037:           $index[$kname]["columns"][] = $keys[4];
1038:         }
1039:         while (list($kname, $info) = each($index)) {
1040:           $bakline .= ",\n";
1041:           $columns = implode($info["columns"], ", ");
1042:           if ($kname == "PRIMARY") {
1043:             $bakline .= "  PRIMARY KEY ($columns)";
1044:           } elseif ($info["unique"]) {
1045:             $bakline .= "  UNIQUE $kname ($columns)";
1046:           } else {
1047:             $bakline .= "  KEY $kname ($columns)";
1048:           }
1049:         }
1050:         $bakline .= "\n);\n\n";
1051:         fwrite ($bakfilef, $bakline);
1052:         $rows_query = fopm_dbquery ("select " . implode (",", $table_list) . " from $table");
1053:         while ($rows = fopm_dbfetchrow ($rows_query)) {
1054:           $bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
1055:           for ($curfield = 0; $curfield < count ($table_list); $curfield++) {
1056:             if (!isset ($rows[$curfield])) {
1057:               $bakline .= "NULL, ";
1058:             } elseif (($rows[$curfield] != "") && (strtoupper ($rows[$curfield]) != "NULL")) {
1059:               $row = addslashes ($rows[$curfield]);
1060:               $row = ereg_replace("\n#", "\n".'\#', $row);
1061:               $bakline .= "'$row', ";
1062:             } else {
1063:               $bakline .= "'', ";
1064:             }
1065:           }
1066:           $bakline = ereg_replace (", $", "", $bakline) . ");\n";
1067:           fwrite ($bakfilef, $bakline);
1068:         }
1069:       }
1070:       fclose ($bakfilef);
1071:     }
1072:   }
1073:   
1074:   
1075:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1076:   // Compress a file with the gzip algorithm.
1077:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1078:   function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
1079:     if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
1080:       $opm_ungzfp = fopen($opm_gzsource, "rb");
1081:       $opm_gzfp = gzopen($opm_gztarget, "wb9");
1082:       if ($opm_gzfp && $opm_ungzfp) {
1083:         while (!feof ($opm_ungzfp)) {
1084:           gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
1085:         }
1086:         @fclose ($opm_ungzfp);
1087:         @gzclose ($opm_gzfp);
1088:         return (true);
1089:       }
1090:       else {
1091:         @fclose ($opm_ungzfp);
1092:         @gzclose ($opm_gzfp);
1093:         return (false);
1094:       }
1095:     }
1096:     else {
1097:       return (false);
1098:     }
1099:   }
1100:   
1101:   
1102:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1103:   // Request a page from a web server.
1104:   // If using a proxy server, redirect the call thru the proxy.
1105:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1106:   function opm_FNget_webpage ($target_url) {
1107:     global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
1108:     $opm_http_content = "";
1109:     $errno = 0;
1110:     $errstr = "";
1111:     $urlparts = parse_url ($target_url);
1112:     if ($urlparts["host"]) {
1113:       @ignore_user_abort (true);
1114:       if ($opm_cfg_useproxy) {
1115:         $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
1116:       }
1117:       else {
1118:         $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
1119:       }
1120:       if ($opm_sockconn) {
1121:         if ($opm_cfg_useproxy) {
1122:           fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
1123:         }
1124:         else {
1125:           fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
1126:         }
1127:         while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
1128:           $opm_http_content .= fgets ($opm_sockconn, 10240);
1129:         }
1130:         @fclose ($opm_sockconn);
1131:         if (eregi ("HTTP.*200 OK", $opm_http_content)) {
1132:           $opm_http_content = str_replace ("\r", "", $opm_http_content);
1133:           $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
1134:           return ($opm_http_content);
1135:         }
1136:       }
1137:     }
1138:     return ("");
1139:   }
1140:   
1141:   
1142:   
1143:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1144:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1145:   function fopm_dbconnect ($dbhost, $dbname, $dbusername, $dbpassword) {
1146:     global $opm_db_handle, $opm_error_string;
1147:     $opm_db_handle = false;
1148:     if ($dbhost && $dbname && $dbusername) {
1149:       if (function_exists ("mysql_connect")) {
1150:         $opm_db_handle = @mysql_connect ($dbhost, $dbusername, $dbpassword);
1151:         $database = @mysql_select_db ($dbname);
1152:         if (!$opm_db_handle or (isset ($database) and !$database)) {
1153:           opm_FNDebug_Log ("$opm_error_string 2000 Cannot connect to the database $dbname@$dbhost as $dbusername.");
1154:         }
1155:         else {
1156:           return (true);
1157:         }
1158:       }
1159:       else {
1160:         opm_FNDebug_Log ("$opm_error_string 2010 Without support in PHP for MySQL.");
1161:         echo "$opm_error_string 2010 PHP WITHOUT MYSQL SUPPORT.";
1162:       }
1163:     }
1164:     else {
1165:       opm_FNDebug_Log ("$opm_error_string 2020 Missing database connection parameters.");
1166:       echo "$opm_error_string 2020 MISSING DB CONNECTION PARAMETERS.";
1167:     }
1168:     return (false);
1169:   }
1170:   
1171:   
1172:   
1173:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1174:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1175:   function fopm_dbquery ($query) {
1176:     global $opm_db_handle, $opm_error_string;
1177:     if ($opm_db_handle) {
1178:       return (@mysql_query ($query));
1179:     }
1180:     else {
1181:       opm_FNDebug_Log ("$opm_error_string 2100 The provided database link is not connected.");
1182:       echo "$opm_error_string 2100 DB LINK WITHOUT CONNECTION.";
1183:     }
1184:   }
1185:   
1186:   
1187:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1188:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1189:   function fopm_dberror () {
1190:     global $opm_db_handle;
1191:     if ($opm_db_handle) {
1192:       return (mysql_errno ($opm_db_handle) . "=" . @mysql_error ($opm_db_handle));
1193:     }
1194:   }
1195:   
1196:   
1197:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1198:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1199:   function fopm_dbfetchrow ($result) {
1200:     global $opm_db_handle;
1201:     return (mysql_fetch_row ($result));
1202:   }
1203:   
1204:   
1205:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1206:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1207:   function fopm_dblastid () {
1208:     global $opm_db_handle;
1209:     $result9 = fopm_dbquery ("select last_insert_id()");
1210:     $row9 = fopm_dbfetchrow ($result9);
1211:     if ($row9) { return ($row9[0]); } else { return (0); }
1212:   }
1213:   
1214:   
1215:   
1216:   
1217:   
1218:   
1219:   ?>
 
 
NA fum/lmd: 2007.07.15
Copyright ©1994-2017 by Mario A. Valdez-Ramírez.
no siga este enlace / do not follow this link