Source code of file oscpmwin_v0.4.1.692/oscpm1_upload.txt from the
osCommerce Product Manager for Windows.


0000:   <?php
0001:   // osCommerce Product Manager for Windows (oscpmwin).
0002:   0003:   
0004:   // You can contact Mario A. Valdez-Ramirez
0005:   // by email at mario@mariovaldez.org or paper mail at
0006:   // Olmos 809, San Nicolas, NL. 66495, Mexico.
0007:   
0008:   // This program is free software; you can redistribute it and/or modify
0009:   // it under the terms of the GNU General Public License as published by
0010:   // the Free Software Foundation; either version 2 of the License, or (at
0011:   // your option) any later version.
0012:   
0013:   // This program is distributed in the hope that it will be useful, but
0014:   // WITHOUT ANY WARRANTY; without even the implied warranty of
0015:   // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
0016:   // General Public License for more details.
0017:   
0018:   // You should have received a copy of the GNU General Public License
0019:   // along with this program; if not, write to the Free Software
0020:   // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
0021:   
0022:   
0023:   // ==================================
0024:   // Start of configuration options...
0025:   // ==================================
0026:   $opm_images_directory = "images/";
0027:   $opm_enable_logfile = false;
0028:   $opm_enable_extralog = false;
0029:   $opm_debug_file = "opm_debug.txt";
0030:   $opm_browser_debug = false;
0031:   $opm_enable_auth = true;
0032:   $opm_password_override = "";
0033:   $opm_upload_perms = "0644";
0034:   $opm_timezone_shift = 0;
0035:   $opm_allow_compression = true;
0036:   $opm_compress_level = 1;
0037:   
0038:   $opm_cfg_useproxy = false;
0039:   $opm_cfg_proxyaddress = "192.168.0.1";
0040:   $opm_cfg_proxyport = 3128;
0041:   
0042:   // ==================================
0043:   // End of configuration options...
0044:   // ==================================
0045:   
0046:   
0047:   $opm_httpconn_timeout = 60;                 // 60 seconds
0048:   $opm_tag_recordbegin = "BR";                // BR
0049:   $opm_tag_recordend = "ER";                  // ER
0050:   $opm_tag_field = "DF";                      // DF
0051:   $opm_tag_databegin = "[";                   // [
0052:   $opm_tag_dataend = "]";                     // ]
0053:   $opm_tag_comment = "#";                     // #
0054:   $opm_tag_stats = "ST";                      // ST
0055:   $opm_tag_fieldlist = "FL";                  // FL
0056:   
0057:   $opm_session_string = "OSCPMCHECKER";
0058:   $opm_max_failedlogins = 8;                  // Max logins before blocking the client.
0059:   $opm_max_blocktime = 3600;                  // Time a client is blocked after too many failures.
0060:   $opm_max_tracktime = 900;                   // Time to store the login history of each client.
0061:   $opm_sleep_afterfail = 15;                  // Delay when login fails.
0062:   
0063:   
0064:   $opm_script_version = "0.9.2";
0065:   error_reporting(E_ALL & ~E_NOTICE);
0066:   
0067:   $opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
0068:   $opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
0069:   $opm_tmposname = explode (" ", php_uname ());
0070:   $opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];
0071:   
0072:   @set_time_limit (300);
0073:   
0074:   if (!$opm_upload_perms) {
0075:     $opm_upload_perms = "0600";
0076:   }
0077:   
0078:   $opm_ip_address = $_SERVER["REMOTE_ADDR"];
0079:   if (!$opm_ip_address) {
0080:     $opm_ip_address = $HTTP_SERVER_VARS["REMOTE_ADDR"];
0081:     if (!$opm_ip_address) {
0082:       $opm_ip_address = $_ENV["REMOTE_ADDR"];
0083:       if (!$opm_ip_address) {
0084:         $opm_ip_address = getenv("REMOTE_ADDR");
0085:       }
0086:       else $opm_ip_address = "";
0087:     }
0088:   }
0089:   
0090:   
0091:   $opm_db_handle = false;
0092:   
0093:   
0094:   // Get all parameters about the request.
0095:   if (!$opm_browser_debug) {
0096:     $opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
0097:     $opm_operation = strtolower (trim ($_POST["Op"]));
0098:     $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
0099:     $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
0100:     $opm_query = base64_decode (trim ($_POST["Qy"]));
0101:     $opm_reqversion = trim ($_POST["Vn"]);
0102:     $opm_logintimestamp = trim ($_POST["TS"]);
0103:     $opm_compress = abs ($_POST["Gz"]);
0104:   }
0105:   else {
0106:     $opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
0107:     $opm_operation = strtolower (trim ($_GET["Op"]));
0108:     $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
0109:     $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
0110:     $opm_query = trim ($_GET["Qy"]);
0111:     $opm_reqversion = trim ($_GET["Vn"]);
0112:     $opm_logintimestamp = trim ($_GET["TS"]);
0113:     $opm_compress = abs ($_GET["Gz"]);
0114:   }
0115:   if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
0116:     $opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
0117:   }
0118:   $opm_compress = ($opm_compress && $opm_allow_compression);
0119:   /*
0120:   Note on parameters:
0121:   When the operation needs a parameter, it shold be send using
0122:   either FN or QY (Filename or Query). The difference is that
0123:   FN is cleaned (deleting slashes, dots and spaces) while QY
0124:   is not cleaned. However, QY is always Base64-encoded.
0125:   */
0126:   
0127:   
0128:   // Log basic information about the request.
0129:   if ($opm_enable_extralog) {
0130:     if (!$opm_browser_debug) {
0131:       opm_FNDebug_Log (print_r ($_POST, true));
0132:     }
0133:     else {
0134:       opm_FNDebug_Log (print_r ($_GET, true));
0135:     }
0136:   }
0137:   else {
0138:     opm_FNDebug_Log ("");
0139:   }
0140:   opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0141:   opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
0142:   opm_FNDebug_Log ("OPERATION=" . $opm_operation);
0143:   opm_FNDebug_Log ("FILENAME=" . $opm_filename);
0144:   opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
0145:   opm_FNDebug_Log ("QUERY=" . $opm_query);
0146:   opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
0147:   opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);
0148:   opm_FNDebug_Log ("COMPRESS=" . $opm_compress);
0149:   
0150:   
0151:   // Include osCommerce database configuration and functions.
0152:   require ("includes/configure.php");
0153:   require (DIR_WS_INCLUDES . "database_tables.php");
0154:   
0155:   
0156:   if ($opm_browser_debug) { echo "<pre>"; }
0157:   
0158:   // Check if script version is the expected by client.
0159:   if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
0160:     opm_FNDebug_Log ("ERROR 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
0161:     echo "ERROR 1000 WRONG SCRIPT VERSION";
0162:     return;
0163:   }
0164:   
0165:   // Check if the image directory is valid.
0166:   if (!is_dir ($opm_realpath) && ($opm_operation)) {
0167:     opm_FNDebug_Log ("ERROR 1010 cannot find the images directory. Expecting $opm_realpath exist.");
0168:     echo "ERROR 1010 IMAGE DIRECTORY NOT FOUND";
0169:     return;
0170:   }
0171:   
0172:   
0173:   // Connect to database.
0174:   if (!fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD)) {
0175:     echo "ERROR 1031 NO DATABASE CONNECTION";
0176:     return;
0177:   }
0178:   
0179:   
0180:   // Get osCommerce DB password and compare it with client password.
0181:   // Unless no operation is requested.
0182:   if ($opm_operation) {
0183:     if ($opm_enable_auth) {
0184:       if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
0185:         // Check if the client is known...
0186:         $opm_failed_attempts = 0;
0187:         $opm_failed_time = time ();
0188:         $opm_sql_result = fopm_dbquery ("select customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url from " . TABLE_WHOS_ONLINE . " where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0189:         if ($opm_sql_record = fopm_dbfetchrow ($opm_sql_result)) {
0190:           // It is known...
0191:           if (round (abs ($opm_sql_record[5])) > ($opm_failed_time - $opm_max_tracktime)) {
0192:             $opm_failed_attempts = round (abs ($opm_sql_record[6]));
0193:             if ($opm_failed_attempts > $opm_max_failedlogins) {
0194:               // It is blocked...
0195:               $opm_failed_time = time () + $opm_max_blocktime;
0196:             }
0197:           }
0198:           else {
0199:             // We are not tracking it...
0200:             $opm_failed_attempts = 0;
0201:           }
0202:           // Updates the tracking information...
0203:           $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0204:         }
0205:         else {
0206:           // Creates a tracking record...
0207:           $opm_sql_result = fopm_dbquery ("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (0, '$opm_session_string', '$opm_session_string', '$opm_ip_address', '$opm_failed_time', '$opm_failed_time', '0')");
0208:         }
0209:         if ($opm_failed_attempts > $opm_max_failedlogins) {
0210:           // The client is blocked, show error...
0211:           opm_FNDebug_Log ("ERROR 1024 the client ($opm_ip_address) has been blocked, too many failed logins ($opm_failed_attempts).");
0212:           sleep ($opm_sleep_afterfail);
0213:           echo "ERROR 1024 BLOCKED";
0214:           return;
0215:         }
0216:         else {
0217:           // The client is not blocked, continue...
0218:           if ($opm_password_override != "") {
0219:             opm_FNDebug_Log ("Password override is enabled.");
0220:             $opm_serverpassword = strtoupper (md5 ($opm_logintimestamp . $opm_password_override));
0221:           }
0222:           else {
0223:             $opm_serverpassword = strtoupper (md5 ($opm_logintimestamp . DB_SERVER_PASSWORD));
0224:           }
0225:           opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
0226:           if ($opm_serverpassword != $opm_passwordhash) {
0227:             // Password mismatch...
0228:             opm_FNDebug_Log ("ERROR 1020 the server and client passwords do not match.");
0229:             $opm_failed_attempts++;
0230:             opm_FNDebug_Log ("Failed logins from $opm_ip_address = $opm_failed_attempts");
0231:             // Update tracking data about this...
0232:             $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='$opm_failed_attempts' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0233:             if ($opm_failed_attempts > 1) {
0234:               // This is not the first failure, delay a bit...
0235:               sleep ($opm_sleep_afterfail);
0236:             }
0237:             echo "ERROR 1020 PASSWORD MISMATCH";
0238:             return;
0239:           }
0240:           else {
0241:             // Password match, reset failures count in tracking data...
0242:             $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='0' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0243:           }
0244:         }
0245:       }
0246:       else {
0247:         opm_FNDebug_Log ("ERROR 1021 the server password was not found.");
0248:         echo "ERROR 1021 CANNOT FIND SERVER PASSWORD";
0249:         return;
0250:       }
0251:     }
0252:     else {
0253:       opm_FNDebug_Log ("Password authentication is disabled.");
0254:     }
0255:   }
0256:   else {
0257:     // If called from a browser, display a simple information page
0258:     $opm_simpletest_dbok = false;
0259:     $opm_simpletest_imgok = false;
0260:     echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
0261:     echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
0262:     echo "LI { padding: 5px; }\n";
0263:     echo "H3 { padding: 5px 5px 5px 20px; }\n";
0264:     echo "A { color: #0000FF; text-decoration: none; }\n";
0265:     echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
0266:     echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
0267:     echo ".ok { background-color: #CCFFCC; }\n";
0268:     echo ".notok { background-color: #FFCCCC; }\n";
0269:     echo ".info { background-color: #EEEEFF; }\n";
0270:     echo ".links { background-color: #EEEEEE; }\n";
0271:     echo "</style>\n";
0272:     echo "</head><body>\n";
0273:     echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
0274:     $opm_simpletest_dbok = fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
0275:     $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
0276:     if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0277:       echo "<div class=\"ok\">";
0278:     }
0279:     else {
0280:       echo "<div class=\"notok\">";
0281:     }
0282:     echo "<ul>\n";
0283:     if ($opm_simpletest_dbok) {
0284:       echo "<li><strong>Database connection seems OK.</strong></li>\n";
0285:     }
0286:     else {
0287:       echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
0288:     }
0289:     if ($opm_simpletest_imgok) {
0290:       echo "<li><strong>Image directory seems OK.</strong></li>\n";
0291:     }
0292:     else {
0293:       echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
0294:     }
0295:     echo "</ul>";
0296:     if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0297:       echo "<h3><strong>Everything seems OK. &nbsp; &nbsp; &nbsp; :)</strong></h3>\n";
0298:     }
0299:     else {
0300:       echo "<h3><strong>There seems to be a problem. &nbsp; &nbsp; &nbsp; :(</strong></h3>\n";
0301:     }
0302:     echo "</div>";
0303:     echo "<div class=\"info\"><ul>";
0304:     if ($opm_browser_debug) {
0305:       echo "<li>Browser-debug mode is enabled.";
0306:     }
0307:     else {
0308:       echo "<li>Browser-debug mode is disabled";
0309:     }
0310:     echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";
0311:   
0312:     if ($opm_enable_logfile) {
0313:       echo "<li>Logging file is enabled.";
0314:     }
0315:     else {
0316:       echo "<li>Logging file is disabled";
0317:     }
0318:     echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";
0319:   
0320:     if ($opm_cfg_useproxy) {
0321:       echo "<li>Proxy-usage is enabled.";
0322:     }
0323:     else {
0324:       echo "<li>Proxy-usage is disabled";
0325:     }
0326:     echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
0327:   
0328:     if ($opm_allow_compression) {
0329:       echo "<li>Compression is enabled.";
0330:     }
0331:     else {
0332:       echo "<li>Compression is disabled";
0333:     }
0334:     echo "<br><small>Compression of data traffic improves the speed of the data transfer. The compression level is set to $opm_compress_level. This setting is not enforced unless the client application request a compressed data stream too.</small></li>\n";
0335:   
0336:     echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
0337:     echo "</ul></div>";
0338:     echo "<div class=\"links\"><ul>";
0339:     echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
0340:     echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
0341:     echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
0342:     echo "</ul></div>";
0343:     echo "<p><small>&copy;2003-2007 by Mario A. Valdez-Ramirez.<br>\n";
0344:     echo "This program is free software; you can redistribute it and/or modify\n";
0345:     echo "it under the terms of the GNU General Public License as published by\n";
0346:     echo "the Free Software Foundation; either version 2 of the License, or (at\n";
0347:     echo "your option) any later version.</small></p>\n";
0348:     echo "</body></html>";
0349:     return;
0350:   }
0351:   
0352:   
0353:   
0354:   // ==================================
0355:   // Do nothing.
0356:   // NOOP do nothing.
0357:   // ==================================
0358:   if ($opm_operation == "noop") {
0359:     echo "OK NOOP START\n";
0360:     opm_FNDebug_Log ("OK NOOP requested.");
0361:     echo "OK NOOP END\n";
0362:   }
0363:   
0364:   // ==================================
0365:   // Returns a PHPINFO dump.
0366:   // PHPINFO returns a dump of the PHPINFO function.
0367:   // ==================================
0368:   if ($opm_operation == "phpinfo") {
0369:     echo "OK PHPINFO START\n";
0370:     ob_start ();
0371:     phpinfo ();
0372:     $opm_phpinfo = ob_get_contents ();
0373:     ob_end_clean ();
0374:     $opm_phpinfo = str_replace ("<h2>", str_repeat ("=", 40) . "\n* ", $opm_phpinfo);
0375:     $opm_phpinfo = str_replace ("</h2>", "\n" . str_repeat ("=", 40) . "\n", $opm_phpinfo);
0376:     $opm_phpinfo = str_replace ("<th>", " | ", $opm_phpinfo);
0377:     $opm_phpinfo = str_replace ("</th>", " | ", $opm_phpinfo);
0378:     $opm_phpinfo = str_replace ("<td class=\"v\">", " | ", $opm_phpinfo);
0379:     $opm_phpinfo = strip_tags ($opm_phpinfo);
0380:     $opm_phpinfo_lines = explode ("\n", $opm_phpinfo);
0381:     $opm_phpinfo = "";
0382:     foreach ($opm_phpinfo_lines as $opm_phpinfo_curline) {
0383:       $opm_phpinfo_curline = trim ($opm_phpinfo_curline);
0384:       if ($opm_phpinfo_curline) {
0385:         $opm_phpinfo .= $opm_phpinfo_curline . "\n";
0386:       }
0387:     }
0388:     echo $opm_phpinfo;
0389:     echo "OK PHPINFO END\n";
0390:   }
0391:   
0392:   // ==================================
0393:   // CHECK if a file exists.
0394:   // CHECK requires the full path of the image.
0395:   // ==================================
0396:   if ($opm_operation == "check") {
0397:     if ($opm_filename) {
0398:       if (file_exists ($opm_realpath . $opm_filename)) {
0399:         opm_FNDebug_Log ("OK file found $opm_filename.");
0400:         echo "OK FILE EXISTS";
0401:       }
0402:       else {
0403:         opm_FNDebug_Log ("ERROR 1110 file not found $opm_filename.");
0404:         echo "ERROR 1110 FILE NOT FOUND";
0405:       }
0406:     }
0407:   }
0408:   
0409:   // ==================================
0410:   // LIST all files recursively.
0411:   // LIST returns the filenames with paths.
0412:   // ==================================
0413:   if ($opm_operation == "list") {
0414:     echo "OK LIST START\n";
0415:     opm_FNList_Files ($opm_realpath, "", false);
0416:     echo "OK LIST END\n";
0417:   }
0418:   
0419:   // ==================================
0420:   // LISTDIRS only dirs recursively.
0421:   // LISTDIRS returns no filenames.
0422:   // ==================================
0423:   if ($opm_operation == "listdirs") {
0424:     echo "OK LISTDIRS START\n";
0425:     opm_FNList_Files ($opm_realpath, "", true);
0426:     echo "OK LISTDIRS END\n";
0427:   }
0428:   
0429:   // ==================================
0430:   // DELETE an image.
0431:   // DELETE requires the filename of the image with path.
0432:   // DELETE1 deletes the image if less than one record references it.
0433:   // DELETE2 deletes the image if less than two records reference it.
0434:   // ==================================
0435:   if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
0436:     if ($opm_operation == "delete1") {
0437:       $allowed_owners = 1;
0438:     }
0439:     else {
0440:       $allowed_owners = 2;
0441:     }
0442:     if ($opm_filename) {
0443:       // Check for More Pics 6 extension...
0444:       $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0445:       if ($opm_sqlresult[0]) {
0446:         $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'"));
0447:       }
0448:       else {
0449:         $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'"));
0450:       }
0451:       if ($opm_sqlresult[0] < $allowed_owners) {
0452:         if (file_exists ($opm_realpath . $opm_filename)) {
0453:           if (@unlink ($opm_realpath . $opm_filename)) {
0454:             if (!file_exists ($opm_realpath . $opm_filename)) {
0455:               opm_FNDebug_Log ("OK file deleted $opm_filename.");
0456:               echo "OK DELETE";
0457:             }
0458:             else {
0459:               opm_FNDebug_Log ("ERROR 1120 file cannot be deleted $opm_filename.");
0460:               echo "ERROR 1120 DELETE FILE REMAINS";
0461:             }
0462:           }
0463:           else {
0464:             opm_FNDebug_Log ("ERROR 1121 when deleting $opm_filename.");
0465:             echo "ERROR 1121 DELETE UNKNOWN";
0466:           }
0467:         }
0468:         else {
0469:           opm_FNDebug_Log ("OK file not found when deleting $opm_filename.");
0470:           echo "OK DELETE FILE NOT FOUND";
0471:         }
0472:       }
0473:       else {
0474:         opm_FNDebug_Log ("OK file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
0475:         echo "OK DELETE FILE IN USE";
0476:       }
0477:     }
0478:     else {
0479:       opm_FNDebug_Log ("OK filename empty.");
0480:       echo "OK DELETE FILENAME EMPTY";
0481:     }
0482:   }
0483:   
0484:   // ==================================
0485:   // UPLOAD an image.
0486:   // UPLOAD requires the path, without filename, where the image will be stored.
0487:   // UPLOAD returns the image filename with the path.
0488:   // ==================================
0489:   if ($opm_operation == "upload") {
0490:     if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
0491:       if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
0492:         if ($opm_filename) {
0493:           $newfn = $opm_filename;
0494:         }
0495:         else {
0496:           $newfn = trim ($_FILES["Fl"]["name"]);
0497:         }
0498:         $newfn = str_replace (" ", "_", $newfn);
0499:         $newfn = str_replace ("/", "", $newfn);
0500:         $newfn = str_replace ("\\", "", $newfn);
0501:         $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
0502:         $newfn = strtolower ($newfn);
0503:   
0504:         if ($opm_subdir) {
0505:           if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
0506:             opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
0507:             opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
0508:           }
0509:           if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
0510:             opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
0511:             $newfn = $opm_subdir . "/" . $newfn;
0512:           }
0513:           else {
0514:             opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
0515:           }
0516:         }
0517:         opm_FNDebug_Log ("wanted filename=" . $newfn);
0518:         $newfn = opm_FNSmart_Rename ($newfn, 100);
0519:         opm_FNDebug_Log ("smart filename=" . $newfn);
0520:         opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0521:         if (!file_exists ($opm_realpath . $newfn)) {
0522:           opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
0523:           if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
0524:             opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
0525:             if (file_exists ($opm_realpath . $newfn)) {
0526:               opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
0527:               @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
0528:               echo "OK UPLOAD [" . $newfn . "]";
0529:             }
0530:             else {
0531:               opm_FNDebug_Log ("ERROR 1130 file not copied=" . $opm_realpath . $newfn);
0532:               echo "ERROR 1130 UPLOAD FILE NOT FOUND";
0533:             }
0534:           }
0535:           else {
0536:             opm_FNDebug_Log ("ERROR 1131 file not copied=" . $opm_realpath . $newfn);
0537:             echo "ERROR 1131 UPLOAD CANNOT MOVE";
0538:           }
0539:         }
0540:         else {
0541:           opm_FNDebug_Log ("ERROR 1133 file exist=" . $opm_realpath . $newfn);
0542:           echo "ERROR 1133 UPLOAD EXIST [" . $newfn . "]";
0543:         }
0544:       }
0545:       else {
0546:         opm_FNDebug_Log ("ERROR 1134 cannot find uploaded file!");
0547:         echo "ERROR 1134 UPLOAD";
0548:       }
0549:     }
0550:   }
0551:   
0552:   // ==================================
0553:   // CAPABILITY listing.
0554:   // CAPABILITY returns a list of identified modules.
0555:   // ==================================
0556:   if ($opm_operation == "capa") {
0557:     opm_FNDebug_Log ("OK Capability search started.");
0558:     echo "OK CAPABILITY START\n";
0559:   
0560:     // Credit Card Payment...
0561:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'"));
0562:     if ($opm_sqlresult[0]) {
0563:       opm_FNDebug_Log ("OK PAY_CC capability found.");
0564:       echo "PAY_CC\n";
0565:     }
0566:   
0567:     // Money Order Payment...
0568:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'"));
0569:     if ($opm_sqlresult[0]) {
0570:       opm_FNDebug_Log ("OK PAY_ORDER capability found.");
0571:       echo "PAY_ORDER\n";
0572:     }
0573:   
0574:     // COD Payment...
0575:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'"));
0576:     if ($opm_sqlresult[0]) {
0577:       opm_FNDebug_Log ("OK PAY_CC capability found.");
0578:       echo "PAY_CC\n";
0579:     }
0580:   
0581:     // PayPal Payment...
0582:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'"));
0583:     if ($opm_sqlresult[0]) {
0584:       opm_FNDebug_Log ("OK PAY_PP capability found.");
0585:       echo "PAY_PP\n";
0586:     }
0587:   
0588:     // Flat Rate Shipping...
0589:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'"));
0590:     if ($opm_sqlresult[0]) {
0591:       opm_FNDebug_Log ("OK SHIP_FLAT capability found.");
0592:       echo "SHIP_FLAT\n";
0593:     }
0594:   
0595:     // Table Shipping...
0596:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'"));
0597:     if ($opm_sqlresult[0]) {
0598:       opm_FNDebug_Log ("OK SHIP_TBL capability found.");
0599:       echo "SHIP_TBL\n";
0600:     }
0601:   
0602:     // Store PickUp Shipping...
0603:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'"));
0604:     if ($opm_sqlresult[0]) {
0605:       opm_FNDebug_Log ("OK SHIP_SPU capability found.");
0606:       echo "SHIP_SPU\n";
0607:     }
0608:   
0609:     // Multi Pickup Shipping...
0610:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'"));
0611:     if ($opm_sqlresult[0]) {
0612:       opm_FNDebug_Log ("OK SHIP_MPU capability found.");
0613:       echo "SHIP_MPU\n";
0614:     }
0615:   
0616:     // More Pics 6...
0617:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0618:     if ($opm_sqlresult[0]) {
0619:       opm_FNDebug_Log ("OK MOREPICS6 capability found.");
0620:       echo "MOREPICS6\n";
0621:     }
0622:   
0623:     // Total B2B...
0624:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id"));
0625:     if ($opm_sqlresult[0]) {
0626:       opm_FNDebug_Log ("OK TOTALB2B capability found.");
0627:       echo "TOTALB2B\n";
0628:     }
0629:   
0630:     // Poll Booth...
0631:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'"));
0632:     if ($opm_sqlresult[0]) {
0633:       opm_FNDebug_Log ("OK POLLBOOTH capability found.");
0634:       echo "POLLBOOTH\n";
0635:     }
0636:   
0637:     // Header Tags Controller...
0638:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag"));
0639:     if ($opm_sqlresult[0]) {
0640:       opm_FNDebug_Log ("OK HEADERTAGS capability found.");
0641:       echo "HEADERTAGS\n";
0642:     }
0643:   
0644:     // ZenCart...
0645:     if (defined ("TABLE_EZPAGES")) {
0646:       $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like '" . TABLE_EZPAGES . "'"));
0647:       if ($opm_sqlresult[0]) {
0648:         opm_FNDebug_Log ("OK ZENCART capability found.");
0649:         echo "ZENCART\n";
0650:       }
0651:     }
0652:   
0653:     opm_FNDebug_Log ("OK Capability search finished.");
0654:     echo "OK CAPABILITY END\n";
0655:   }
0656:   
0657:   // ==================================
0658:   // TABLES listing.
0659:   // TABLES returns the name of database tables.
0660:   // ==================================
0661:   if ($opm_operation == "tables") {
0662:     opm_FNDebug_Log ("OK Tables listing started.");
0663:     echo "OK TABLES START\n";
0664:     // Table names...
0665:     echo "TABLE_CATEGORIES=" . TABLE_CATEGORIES . "\n";
0666:     echo "TABLE_CATEGORIES_DESCRIPTION=" . TABLE_CATEGORIES_DESCRIPTION . "\n";
0667:     echo "TABLE_CONFIGURATION=" . TABLE_CONFIGURATION . "\n";
0668:     echo "TABLE_CURRENCIES=" . TABLE_CURRENCIES . "\n";
0669:     echo "TABLE_LANGUAGES=" . TABLE_LANGUAGES . "\n";
0670:     echo "TABLE_MANUFACTURERS=" . TABLE_MANUFACTURERS . "\n";
0671:     echo "TABLE_MANUFACTURERS_INFO=" . TABLE_MANUFACTURERS_INFO . "\n";
0672:     echo "TABLE_PRODUCTS=" . TABLE_PRODUCTS . "\n";
0673:     echo "TABLE_PRODUCTS_DESCRIPTION=" . TABLE_PRODUCTS_DESCRIPTION . "\n";
0674:     echo "TABLE_PRODUCTS_TO_CATEGORIES=" . TABLE_PRODUCTS_TO_CATEGORIES . "\n";
0675:     echo "TABLE_SPECIALS=" . TABLE_SPECIALS . "\n";
0676:     echo "TABLE_TAX_CLASS=" . TABLE_TAX_CLASS . "\n";
0677:     echo "TABLE_TAX_RATES=" . TABLE_TAX_RATES . "\n";
0678:     opm_FNDebug_Log ("OK Tables listing finished.");
0679:     echo "OK TABLES END\n";
0680:   }
0681:   
0682:   
0683:   // ==================================
0684:   // BACKUP database.
0685:   // BACKUP returns a SQL dump.
0686:   // ==================================
0687:   if ($opm_operation == "backup") {
0688:     opm_FNDebug_Log ("OK Backup of database requested.");
0689:     $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
0690:     opm_FNBackup ($opm_realpath . $opm_bak_filename);
0691:     if (file_exists ($opm_realpath . $opm_bak_filename)) {
0692:       opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
0693:       if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
0694:         $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
0695:         header ("Content-type: application/octet-stream");
0696:         header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
0697:         header("Content-Length: " . $opm_bak_filesize);
0698:         header ("Pragma: no-store");
0699:         readfile ($opm_realpath . $opm_bak_filename . ".gz");
0700:         @unlink ($opm_realpath . $opm_bak_filename . ".gz");
0701:         opm_FNDebug_Log ("OK Deleting compressed backup file.");
0702:       }
0703:       @unlink ($opm_realpath . $opm_bak_filename);
0704:       opm_FNDebug_Log ("OK Deleting uncompressed backup file.");
0705:     }
0706:     else {
0707:       opm_FNDebug_Log ("ERROR 1140 Backup file not found.");
0708:     }
0709:     opm_FNDebug_Log ("OK Backup operation finished.");
0710:   }
0711:   
0712:   
0713:   // ==================================
0714:   // Get XCHGRATES.
0715:   // XCHGRATES returns the exchange rates of currencies.
0716:   // ==================================
0717:   if ($opm_operation == "xchgrates") {
0718:     opm_FNDebug_Log ("OK Starting XCHGRATES operation.");
0719:     if ($opm_filename) {
0720:       $opm_filename = strtoupper ($opm_filename);
0721:       $opm_main_currency = substr ($opm_filename, 0, 3);
0722:       $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
0723:       if (($opm_main_currency) && ($opm_xchange_currencies)) {
0724:         $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
0725:         $opm_page_data = opm_FNget_webpage ($opm_xchange_page);
0726:         if ($opm_page_data) {
0727:           $opm_page_data = strip_tags ($opm_page_data);
0728:           $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
0729:           $opm_xr_matches = array ();
0730:           preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
0731:           echo "OK XCHGRATES START\n";
0732:           foreach ($opm_xr_matches[2] as $key => $value) {
0733:             echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
0734:           }
0735:           echo "OK XCHGRATES END\n";
0736:         }
0737:         else {
0738:           opm_FNDebug_Log ("ERROR 1150 The remote server answer is empty or invalid.");
0739:           echo "ERROR 1150 XCHGRATES REMOTE SERVER ERROR";
0740:         }
0741:       }
0742:       else {
0743:         opm_FNDebug_Log ("ERROR 1151 The specified currency codes are invalid.");
0744:         echo "ERROR 1151 XCHGRATES INVALID CURRENCY";
0745:       }
0746:     }
0747:     else {
0748:       opm_FNDebug_Log ("ERROR 1152 The no currency codes were specified.");
0749:       echo "ERROR 1152 XCHGRATES EMPTY CURRENCY";
0750:     }
0751:   }
0752:   
0753:   
0754:   
0755:   // ==================================
0756:   // Execute DBQUERY.
0757:   // DBQUERY returns ...
0758:   // ==================================
0759:   if ($opm_operation == "dbquery") {
0760:     opm_FNDebug_Log ("OK Starting DBQUERY operation.");
0761:     if ($opm_query) {
0762:       echo "OK DBQUERY START\n";
0763:       echo opm_FNExec_Query ($opm_query, false, true);
0764:       echo "OK DBQUERY END\n";
0765:     }
0766:     else {
0767:       opm_FNDebug_Log ("ERROR 1171 The database query is empty.");
0768:       echo "ERROR 1171 DBQUERY EMPTY DATABASE QUERY";
0769:     }
0770:     opm_FNDebug_Log ("OK Finishing DBQUERY operation.");
0771:   }
0772:   
0773:   
0774:   
0775:   if ($opm_browser_debug) { echo "</pre>"; }
0776:   return;
0777:   
0778:   
0779:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0780:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0781:   function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
0782:   	$dirhandle = opendir ($dirname);
0783:     while (($file = readdir ($dirhandle)) != false)
0784:       $sorteddir[count ($sorteddir)] = $file;
0785:   	closedir ($dirhandle);
0786:     natcasesort ($sorteddir);
0787:     if (!$onlydirs) {
0788:     	foreach ($sorteddir as $file) {
0789:         if (($file != ".") && ($file != "..")) {
0790:           if (!is_dir ($dirname . $file)) {
0791:             if ($parentdir) {
0792:               echo $parentdir . "/" . $file . "\n";
0793:             }
0794:             else {
0795:               echo $file . "\n";
0796:             }
0797:           }
0798:         }
0799:       }
0800:       foreach ($sorteddir as $file) {
0801:         if (($file != ".") && ($file != "..")) {
0802:           if (is_dir ($dirname . $file)) {
0803:             if ($parentdir) {
0804:               opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0805:             }
0806:             else {
0807:               opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0808:             }
0809:           }
0810:         }
0811:       }
0812:     }
0813:     else {
0814:       foreach ($sorteddir as $file) {
0815:         if (($file != ".") && ($file != "..")) {
0816:           if (is_dir ($dirname . $file)) {
0817:             if ($parentdir) {
0818:               echo $parentdir . "/" . $file . "\n";
0819:               opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0820:             }
0821:             else {
0822:               echo $file . "\n";
0823:               opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0824:             }
0825:           }
0826:         }
0827:       }
0828:     }
0829:   }
0830:   
0831:   
0832:   
0833:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0834:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0835:   function opm_FNSmart_Rename ($wantedname, $tries) {
0836:   global $opm_realpath;
0837:     $newname = $wantedname;
0838:     $newext = '.' . array_pop (explode ('.', $wantedname));
0839:     for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
0840:       if (!file_exists ($opm_realpath . $newname)) {
0841:         return ($newname);
0842:       }
0843:       else {
0844:         $newdirname = dirname ($wantedname);
0845:         if ($newdirname != ".") {
0846:           $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0847:         }
0848:         else {
0849:           $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0850:         }
0851:       }
0852:     }
0853:     return ($wantedname);
0854:   }
0855:   
0856:   
0857:   
0858:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0859:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0860:   function opm_FNDebug_Log ($logline) {
0861:   global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
0862:     if ($opm_enable_logfile) {
0863:       if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
0864:         $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
0865:         $opm_lfilef = @fopen ($opm_debug_file, 'a');
0866:         if ($opm_lfilef) {
0867:           if ($logline) {
0868:             @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
0869:           }
0870:           else {
0871:             @fwrite ($opm_lfilef, "\n");
0872:           }
0873:           @fclose ($opm_lfilef);
0874:         }
0875:       }
0876:     }
0877:   }
0878:   
0879:   
0880:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0881:   // Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
0882:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0883:   function opm_FNmkdirs ($dirname) {
0884:     if (is_dir ($dirname) || empty ($dirname)) return 1;
0885:     if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
0886:     if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
0887:       if (!file_exists($dirname)) {
0888:         return @mkdir ($dirname, 0777);
0889:       }
0890:     }
0891:     return 0;
0892:   }
0893:   
0894:   
0895:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0896:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0897:   function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false) {
0898:   global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_cfield, $opm_tag_fieldlist;
0899:   global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats;
0900:   global $opm_compress, $opm_compress_level;
0901:     $result_string = "";
0902:     $record_count = 0;
0903:     $query_type = strtoupper (substr ($sql_query, 0, strpos ($sql_query, " ")));
0904:     opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
0905:     $sql_result = fopm_dbquery ($sql_query);
0906:     if (($query_type == "SELECT") || ($query_type == "SHOW") || ($query_type == "DESCRIBE")) {
0907:       while ($sql_record = fopm_dbfetchrow ($sql_result)) {
0908:         $record_count++;
0909:         $sql_fullrec = "";
0910:         if ($rawdata) {
0911:           foreach ($sql_record as $fielddata) {
0912:             $result_string .= $fielddata . "\n";
0913:           }
0914:         }
0915:         else {
0916:           $result_string .= "$opm_tag_recordbegin\n";
0917:           foreach ($sql_record as $fielddata) {
0918:             if ($encodeddata) {
0919:               $encodedfield = base64_encode ($fielddata);
0920:             }
0921:             else {
0922:               $encodedfield = htmlentities ($fielddata);
0923:             }
0924:             $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0925:             $sql_fullrec .= $encodedfield;
0926:           }
0927:           $result_string .= "$opm_tag_recordend " . abs (crc32 ($sql_fullrec)) . "\n";
0928:         }
0929:       }
0930:     }
0931:     elseif ($query_type == "INSERT") {
0932:       $sql_result = fopm_dblastid ();
0933:       $record_count = 1;
0934:       $sql_fullrec = "";
0935:       if ($rawdata) {
0936:         $result_string .= $sql_result . "\n";
0937:       }
0938:       else {
0939:         $result_string .= "$opm_tag_recordbegin\n";
0940:         if ($encodeddata) {
0941:           $encodedfield = base64_encode ($sql_result);
0942:         }
0943:         else {
0944:           $encodedfield = htmlentities ($sql_result);
0945:         }
0946:         $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0947:         $sql_fullrec .= $encodedfield;
0948:         $result_string .= "$opm_tag_recordend " . abs (crc32 ($sql_fullrec)) . "\n";
0949:       }
0950:     }
0951:     if (!$rawdata) {
0952:       if ($opm_compress) {
0953:         opm_FNDebug_Log ("RECORDSET SIZE (UNCOMPRESSED)=" . strlen ($result_string));
0954:         $result_string = base64_encode (gzcompress ($result_string, $opm_compress_level)) . "\n";
0955:       }
0956:     }
0957:     opm_FNDebug_Log ("RECORDSET SIZE=" . strlen ($result_string));
0958:     return $result_string;
0959:   }
0960:   
0961:   
0962:   
0963:   
0964:   
0965:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0966:   // Based on code from osCommerce (/admin/backup.php).
0967:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0968:   function opm_FNBackup ($dump_file) {
0969:   global $opm_script_version;
0970:     if ($dump_file) {
0971:       $bakfilef = fopen ($dump_file, 'w');
0972:       $bakline  = "############################################################################\n";
0973:       $bakline .= "# OSCPMWin (server-side $opm_script_version)\n";
0974:       $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
0975:       $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
0976:       $bakline .= "############################################################################\n\n";
0977:       fwrite ($bakfilef, $bakline);
0978:       $tables_query = fopm_dbquery ("show tables");
0979:       while ($tables = fopm_dbfetchrow ($tables_query)) {
0980:         $table = $tables[0];
0981:         $bakline = "\n\n############################################################################\n";
0982:         $bakline .= "# " . strtoupper ($table) . "\n";
0983:         $bakline .= "############################################################################\n\n";
0984:         $bakline .= "drop table if exists $table;\ncreate table $table (\n";
0985:         $table_list = array ();
0986:         $fields_query = fopm_dbquery ("show fields from $table");
0987:         while ($fields = fopm_dbfetchrow ($fields_query)) {
0988:           $table_list[] = $fields[0];
0989:           $bakline .= "  " . $fields[0] . " " . $fields[1];
0990:           if (strlen ($fields[4]) > 0) $bakline .= " default '" . $fields[4] . "'";
0991:           if (strtoupper ($fields[2]) != "YES") $bakline .= " not null";
0992:           if (isset ($fields[5])) $bakline .= " " . $fields[5];
0993:           $bakline .= ",\n";
0994:         }
0995:         $bakline = ereg_replace(",\n$", '', $bakline);
0996:         $index = array ();
0997:         $keys_query = fopm_dbquery ("show keys from $table");
0998:         while ($keys = fopm_dbfetchrow ($keys_query)) {
0999:           $kname = $keys[2];
1000:           if (!isset ($index[$kname])) {
1001:             $index[$kname] = array ("unique" => !$keys[1], "columns" => array());
1002:           }
1003:           $index[$kname]["columns"][] = $keys[4];
1004:         }
1005:         while (list($kname, $info) = each($index)) {
1006:           $bakline .= ",\n";
1007:           $columns = implode($info["columns"], ", ");
1008:           if ($kname == "PRIMARY") {
1009:             $bakline .= "  PRIMARY KEY ($columns)";
1010:           } elseif ($info["unique"]) {
1011:             $bakline .= "  UNIQUE $kname ($columns)";
1012:           } else {
1013:             $bakline .= "  KEY $kname ($columns)";
1014:           }
1015:         }
1016:         $bakline .= "\n);\n\n";
1017:         fwrite ($bakfilef, $bakline);
1018:         $rows_query = fopm_dbquery ("select " . implode (",", $table_list) . " from $table");
1019:         while ($rows = fopm_dbfetchrow ($rows_query)) {
1020:           $bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
1021:           for ($curfield = 0; $curfield < count ($table_list); $curfield++) {
1022:             if (!isset ($rows[$curfield])) {
1023:               $bakline .= "NULL, ";
1024:             } elseif (($rows[$curfield] != "") && (strtoupper ($rows[$curfield]) != "NULL")) {
1025:               $row = addslashes ($rows[$curfield]);
1026:               $row = ereg_replace("\n#", "\n".'\#', $row);
1027:               $bakline .= "'$row', ";
1028:             } else {
1029:               $bakline .= "'', ";
1030:             }
1031:           }
1032:           $bakline = ereg_replace (", $", "", $bakline) . ");\n";
1033:           fwrite ($bakfilef, $bakline);
1034:         }
1035:       }
1036:       fclose ($bakfilef);
1037:     }
1038:   }
1039:   
1040:   
1041:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1042:   // Compress a file with the gzip algorithm.
1043:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1044:   function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
1045:     if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
1046:       $opm_ungzfp = fopen($opm_gzsource, "rb");
1047:       $opm_gzfp = gzopen($opm_gztarget, "wb9");
1048:       if ($opm_gzfp && $opm_ungzfp) {
1049:         while (!feof ($opm_ungzfp)) {
1050:           gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
1051:         }
1052:         @fclose ($opm_ungzfp);
1053:         @gzclose ($opm_gzfp);
1054:         return (true);
1055:       }
1056:       else {
1057:         @fclose ($opm_ungzfp);
1058:         @gzclose ($opm_gzfp);
1059:         return (false);
1060:       }
1061:     }
1062:     else {
1063:       return (false);
1064:     }
1065:   }
1066:   
1067:   
1068:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1069:   // Request a page from a web server.
1070:   // If using a proxy server, redirect the call thru the proxy.
1071:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1072:   function opm_FNget_webpage ($target_url) {
1073:     global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
1074:     $opm_http_content = "";
1075:     $errno = 0;
1076:     $errstr = "";
1077:     $urlparts = parse_url ($target_url);
1078:     if ($urlparts["host"]) {
1079:       @ignore_user_abort (true);
1080:       if ($opm_cfg_useproxy) {
1081:         $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
1082:       }
1083:       else {
1084:         $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
1085:       }
1086:       if ($opm_sockconn) {
1087:         if ($opm_cfg_useproxy) {
1088:           fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
1089:         }
1090:         else {
1091:           fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
1092:         }
1093:         while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
1094:           $opm_http_content .= fgets ($opm_sockconn, 10240);
1095:         }
1096:         @fclose ($opm_sockconn);
1097:         if (eregi ("HTTP.*200 OK", $opm_http_content)) {
1098:           $opm_http_content = str_replace ("\r", "", $opm_http_content);
1099:           $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
1100:           return ($opm_http_content);
1101:         }
1102:       }
1103:     }
1104:     return ("");
1105:   }
1106:   
1107:   
1108:   
1109:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1110:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1111:   function fopm_dbconnect ($dbhost, $dbname, $dbusername, $dbpassword) {
1112:     global $opm_db_handle;
1113:     $opm_db_handle = false;
1114:     if ($dbhost && $dbname && $dbusername) {
1115:       if (function_exists ("mysql_connect")) {
1116:         $opm_db_handle = @mysql_connect ($dbhost, $dbusername, $dbpassword);
1117:         $database = @mysql_select_db ($dbname);
1118:         if (!$opm_db_handle or (isset ($database) and !$database)) {
1119:           opm_FNDebug_Log ("ERROR 2000 Cannot connect to the database $dbname@$dbhost as $dbusername.");
1120:         }
1121:         else {
1122:           return (true);
1123:         }
1124:       }
1125:       else {
1126:         opm_FNDebug_Log ("ERROR 2010 Without support in PHP for MySQL.");
1127:         echo "ERROR 2010 PHP WITHOUT MYSQL SUPPORT.";
1128:       }
1129:     }
1130:     else {
1131:       opm_FNDebug_Log ("ERROR 2020 Missing database connection parameters.");
1132:       echo "ERROR 2020 MISSING DB CONNECTION PARAMETERS.";
1133:     }
1134:     return (false);
1135:   }
1136:   
1137:   
1138:   
1139:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1140:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1141:   function fopm_dbquery ($query) {
1142:     global $opm_db_handle;
1143:     if ($opm_db_handle) {
1144:       return (@mysql_query ($query));
1145:     }
1146:     else {
1147:       opm_FNDebug_Log ("ERROR 2100 The provided database link is not connected.");
1148:       echo "ERROR 2100 DB LINK WITHOUT CONNECTION.";
1149:     }
1150:   }
1151:   
1152:   
1153:   
1154:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1155:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1156:   function fopm_dbfetchrow ($result) {
1157:     global $opm_db_handle;
1158:     return (mysql_fetch_row ($result));
1159:   }
1160:   
1161:   
1162:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1163:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1164:   function fopm_dblastid () {
1165:     global $opm_db_handle;
1166:     $result9 = fopm_dbquery ("select last_insert_id()");
1167:     $row9 = fopm_dbfetchrow ($result9);
1168:     if ($row9) { return ($row9[0]); } else { return (0); }
1169:   }
1170:   
1171:   
1172:   
1173:   
1174:   
1175:   
1176:   ?>
 
 
NA fum/lmd: 2007.07.15
Copyright ©1994-2017 by Mario A. Valdez-Ramírez.
no siga este enlace / do not follow this link