Source code of file oscpmwin_v0.4.1.723/oscpm1_upload.txt from the
osCommerce Product Manager for Windows.


0000:   <?php
0001:   // osCommerce Product Manager for Windows (oscpmwin).
0002:   0003:   
0004:   // You can contact Mario A. Valdez-Ramirez
0005:   // by email at mario@mariovaldez.org or paper mail at
0006:   // Olmos 809, San Nicolas, NL. 66495, Mexico.
0007:   
0008:   // This program is free software; you can redistribute it and/or modify
0009:   // it under the terms of the GNU General Public License as published by
0010:   // the Free Software Foundation; either version 2 of the License, or (at
0011:   // your option) any later version.
0012:   
0013:   // This program is distributed in the hope that it will be useful, but
0014:   // WITHOUT ANY WARRANTY; without even the implied warranty of
0015:   // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
0016:   // General Public License for more details.
0017:   
0018:   // You should have received a copy of the GNU General Public License
0019:   // along with this program; if not, write to the Free Software
0020:   // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
0021:   
0022:   
0023:   // ==================================
0024:   // Start of configuration options...
0025:   // ==================================
0026:   $opm_images_directory = "images/";
0027:   $opm_enable_logfile = false;
0028:   $opm_enable_extralog = false;
0029:   $opm_enable_recordsetlog = false;
0030:   $opm_debug_file = "opm_debug.txt";
0031:   $opm_browser_debug = false;
0032:   $opm_enable_auth = true;
0033:   $opm_password_override = "";
0034:   $opm_upload_perms = "0644";
0035:   $opm_timezone_shift = 0;
0036:   $opm_allow_compression = true;
0037:   $opm_compress_level = 1;
0038:   
0039:   $opm_cfg_useproxy = false;
0040:   $opm_cfg_proxyaddress = "192.168.0.1";
0041:   $opm_cfg_proxyport = 3128;
0042:   
0043:   // ==================================
0044:   // End of configuration options...
0045:   // ==================================
0046:   
0047:   
0048:   $opm_httpconn_timeout = 60;                 // 60 seconds
0049:   $opm_tag_recordbegin = "BR";                // BR
0050:   $opm_tag_recordend = "ER";                  // ER
0051:   $opm_tag_field = "DF";                      // DF
0052:   $opm_tag_databegin = "[";                   // [
0053:   $opm_tag_dataend = "]";                     // ]
0054:   $opm_tag_comment = "#";                     // #
0055:   $opm_tag_stats = "ST";                      // ST
0056:   $opm_tag_fieldlist = "FL";                  // FL
0057:   
0058:   $opm_session_string = "OSCPMCHECKER";
0059:   $opm_max_failedlogins = 8;                  // Max logins before blocking the client.
0060:   $opm_max_blocktime = 3600;                  // Time a client is blocked after too many failures.
0061:   $opm_max_tracktime = 900;                   // Time to store the login history of each client.
0062:   $opm_sleep_afterfail = 15;                  // Delay when login fails.
0063:   
0064:   $opm_hash_strengh = 100;
0065:   
0066:   $opm_script_version = "0.9.5";
0067:   error_reporting(E_ALL & ~E_NOTICE);
0068:   
0069:   $opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
0070:   $opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
0071:   $opm_tmposname = explode (" ", php_uname ());
0072:   $opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];
0073:   
0074:   @set_time_limit (300);
0075:   
0076:   if (!$opm_upload_perms) {
0077:     $opm_upload_perms = "0600";
0078:   }
0079:   
0080:   $opm_ip_address = $_SERVER["REMOTE_ADDR"];
0081:   if (!$opm_ip_address) {
0082:     $opm_ip_address = $HTTP_SERVER_VARS["REMOTE_ADDR"];
0083:     if (!$opm_ip_address) {
0084:       $opm_ip_address = $_ENV["REMOTE_ADDR"];
0085:       if (!$opm_ip_address) {
0086:         $opm_ip_address = getenv("REMOTE_ADDR");
0087:       }
0088:       else $opm_ip_address = "";
0089:     }
0090:   }
0091:   
0092:   
0093:   $opm_db_handle = false;
0094:   
0095:   
0096:   // Get all parameters about the request.
0097:   if (!$opm_browser_debug) {
0098:     $opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
0099:     $opm_operation = strtolower (trim ($_POST["Op"]));
0100:     $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
0101:     $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
0102:     $opm_query = base64_decode (trim ($_POST["Qy"]));
0103:     $opm_reqversion = trim ($_POST["Vn"]);
0104:     $opm_logintimestamp = trim ($_POST["TS"]);
0105:     $opm_compress = abs ($_POST["Gz"]);
0106:   }
0107:   else {
0108:     $opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
0109:     $opm_operation = strtolower (trim ($_GET["Op"]));
0110:     $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
0111:     $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
0112:     $opm_query = trim ($_GET["Qy"]);
0113:     $opm_reqversion = trim ($_GET["Vn"]);
0114:     $opm_logintimestamp = trim ($_GET["TS"]);
0115:     $opm_compress = abs ($_GET["Gz"]);
0116:   }
0117:   if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
0118:     $opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
0119:   }
0120:   $opm_compress = ($opm_compress && $opm_allow_compression);
0121:   
0122:   // If timestamp is empty, create a dummy to force an authentication failure.
0123:   if (strlen ($opm_logintimestamp) < 15) {
0124:     $opm_logintimestamp = date ("YmdHis");
0125:   }
0126:   
0127:   /*
0128:   Note on parameters:
0129:   When the operation needs a parameter, it shold be send using
0130:   either FN or QY (Filename or Query). The difference is that
0131:   FN is cleaned (deleting slashes, dots and spaces) while QY
0132:   is not cleaned. However, QY is always Base64-encoded.
0133:   */
0134:   
0135:   
0136:   // Log basic information about the request.
0137:   if ($opm_enable_extralog) {
0138:     if (!$opm_browser_debug) {
0139:       opm_FNDebug_Log (print_r ($_POST, true));
0140:     }
0141:     else {
0142:       opm_FNDebug_Log (print_r ($_GET, true));
0143:     }
0144:   }
0145:   else {
0146:     opm_FNDebug_Log ("");
0147:   }
0148:   opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0149:   opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
0150:   opm_FNDebug_Log ("OPERATION=" . $opm_operation);
0151:   opm_FNDebug_Log ("FILENAME=" . $opm_filename);
0152:   opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
0153:   opm_FNDebug_Log ("QUERY=" . $opm_query);
0154:   opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
0155:   opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);
0156:   opm_FNDebug_Log ("COMPRESS=" . $opm_compress);
0157:   
0158:   
0159:   // Include osCommerce database configuration and functions.
0160:   require ("includes/configure.php");
0161:   require (DIR_WS_INCLUDES . "database_tables.php");
0162:   
0163:   
0164:   if ($opm_browser_debug) { echo "<pre>"; }
0165:   
0166:   // Check if script version is the expected by client.
0167:   if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
0168:     opm_FNDebug_Log ("ERROR 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
0169:     echo "ERROR 1000 WRONG SCRIPT VERSION";
0170:     return;
0171:   }
0172:   
0173:   // Check if the image directory is valid.
0174:   if (!is_dir ($opm_realpath) && ($opm_operation)) {
0175:     opm_FNDebug_Log ("ERROR 1010 cannot find the images directory. Expecting $opm_realpath exist.");
0176:     echo "ERROR 1010 IMAGE DIRECTORY NOT FOUND";
0177:     return;
0178:   }
0179:   
0180:   
0181:   // Connect to database.
0182:   if (!fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD)) {
0183:     echo "ERROR 1031 NO DATABASE CONNECTION";
0184:     return;
0185:   }
0186:   
0187:   
0188:   // Get osCommerce DB password and compare it with client password.
0189:   // Unless no operation is requested.
0190:   if ($opm_operation) {
0191:     if ($opm_enable_auth) {
0192:       if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
0193:         // Check if the client is known...
0194:         $opm_failed_attempts = 0;
0195:         $opm_failed_time = time ();
0196:         $opm_sql_result = fopm_dbquery ("select customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url from " . TABLE_WHOS_ONLINE . " where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0197:         if ($opm_sql_record = fopm_dbfetchrow ($opm_sql_result)) {
0198:           // It is known...
0199:           if (round (abs ($opm_sql_record[5])) > ($opm_failed_time - $opm_max_tracktime)) {
0200:             $opm_failed_attempts = round (abs ($opm_sql_record[6]));
0201:             if ($opm_failed_attempts > $opm_max_failedlogins) {
0202:               // It is blocked...
0203:               $opm_failed_time = time () + $opm_max_blocktime;
0204:             }
0205:           }
0206:           else {
0207:             // We are not tracking it...
0208:             $opm_failed_attempts = 0;
0209:           }
0210:           // Updates the tracking information...
0211:           $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0212:         }
0213:         else {
0214:           // Creates a tracking record...
0215:           $opm_sql_result = fopm_dbquery ("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (0, '$opm_session_string', '$opm_session_string', '$opm_ip_address', '$opm_failed_time', '$opm_failed_time', '0')");
0216:         }
0217:         if ($opm_failed_attempts > $opm_max_failedlogins) {
0218:           // The client is blocked, show error...
0219:           opm_FNDebug_Log ("ERROR 1024 the client ($opm_ip_address) has been blocked, too many failed logins ($opm_failed_attempts).");
0220:           sleep ($opm_sleep_afterfail);
0221:           echo "ERROR 1024 BLOCKED";
0222:           return;
0223:         }
0224:         else {
0225:           // The client is not blocked, continue...
0226:           if ($opm_password_override != "") {
0227:             opm_FNDebug_Log ("Password override is enabled.");
0228:             $opm_serverpassword = $opm_password_override;
0229:             for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
0230:               $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
0231:             }
0232:           }
0233:           else {
0234:             $opm_serverpassword = DB_SERVER_PASSWORD;
0235:             for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
0236:               $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
0237:             }
0238:           }
0239:           opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
0240:           if ($opm_serverpassword != $opm_passwordhash) {
0241:             // Password mismatch...
0242:             opm_FNDebug_Log ("ERROR 1020 the server and client passwords do not match.");
0243:             $opm_failed_attempts++;
0244:             opm_FNDebug_Log ("Failed logins from $opm_ip_address = $opm_failed_attempts");
0245:             // Update tracking data about this...
0246:             $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='$opm_failed_attempts' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0247:             if ($opm_failed_attempts > 1) {
0248:               // This is not the first failure, delay a bit...
0249:               sleep ($opm_sleep_afterfail);
0250:             }
0251:             echo "ERROR 1020 PASSWORD MISMATCH";
0252:             return;
0253:           }
0254:           else {
0255:             // Password match, reset failures count in tracking data...
0256:             $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='0' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0257:           }
0258:         }
0259:       }
0260:       else {
0261:         opm_FNDebug_Log ("ERROR 1021 the server password was not found.");
0262:         echo "ERROR 1021 CANNOT FIND SERVER PASSWORD";
0263:         return;
0264:       }
0265:     }
0266:     else {
0267:       opm_FNDebug_Log ("Password authentication is disabled.");
0268:     }
0269:   }
0270:   else {
0271:     // If called from a browser, display a simple information page
0272:     $opm_simpletest_dbok = false;
0273:     $opm_simpletest_imgok = false;
0274:     echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
0275:     echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
0276:     echo "LI { padding: 5px; }\n";
0277:     echo "H3 { padding: 5px 5px 5px 20px; }\n";
0278:     echo "A { color: #0000FF; text-decoration: none; }\n";
0279:     echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
0280:     echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
0281:     echo ".ok { background-color: #CCFFCC; }\n";
0282:     echo ".notok { background-color: #FFCCCC; }\n";
0283:     echo ".info { background-color: #EEEEFF; }\n";
0284:     echo ".links { background-color: #EEEEEE; }\n";
0285:     echo "</style>\n";
0286:     echo "</head><body>\n";
0287:     echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
0288:     $opm_simpletest_dbok = fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
0289:     $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
0290:     if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0291:       echo "<div class=\"ok\">";
0292:     }
0293:     else {
0294:       echo "<div class=\"notok\">";
0295:     }
0296:     echo "<ul>\n";
0297:     if ($opm_simpletest_dbok) {
0298:       echo "<li><strong>Database connection seems OK.</strong></li>\n";
0299:     }
0300:     else {
0301:       echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
0302:     }
0303:     if ($opm_simpletest_imgok) {
0304:       echo "<li><strong>Image directory seems OK.</strong></li>\n";
0305:     }
0306:     else {
0307:       echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
0308:     }
0309:     echo "</ul>";
0310:     if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0311:       echo "<h3><strong>Everything seems OK. &nbsp; &nbsp; &nbsp; :)</strong></h3>\n";
0312:     }
0313:     else {
0314:       echo "<h3><strong>There seems to be a problem. &nbsp; &nbsp; &nbsp; :(</strong></h3>\n";
0315:     }
0316:     echo "</div>";
0317:     echo "<div class=\"info\"><ul>";
0318:     if ($opm_browser_debug) {
0319:       echo "<li>Browser-debug mode is enabled.";
0320:     }
0321:     else {
0322:       echo "<li>Browser-debug mode is disabled";
0323:     }
0324:     echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";
0325:   
0326:     if ($opm_enable_logfile) {
0327:       echo "<li>Logging file is enabled.";
0328:     }
0329:     else {
0330:       echo "<li>Logging file is disabled";
0331:     }
0332:     echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";
0333:   
0334:     if ($opm_cfg_useproxy) {
0335:       echo "<li>Proxy-usage is enabled.";
0336:     }
0337:     else {
0338:       echo "<li>Proxy-usage is disabled";
0339:     }
0340:     echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
0341:   
0342:     if ($opm_allow_compression) {
0343:       echo "<li>Compression is enabled.";
0344:     }
0345:     else {
0346:       echo "<li>Compression is disabled";
0347:     }
0348:     echo "<br><small>Compression of data traffic improves the speed of the data transfer. The compression level is set to $opm_compress_level. This setting is not enforced unless the client application request a compressed data stream too.</small></li>\n";
0349:   
0350:     echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
0351:     echo "</ul></div>";
0352:     echo "<div class=\"links\"><ul>";
0353:     echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
0354:     echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
0355:     echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
0356:     echo "</ul></div>";
0357:     echo "<p><small>&copy;2003-2007 by Mario A. Valdez-Ramirez.<br>\n";
0358:     echo "This program is free software; you can redistribute it and/or modify\n";
0359:     echo "it under the terms of the GNU General Public License as published by\n";
0360:     echo "the Free Software Foundation; either version 2 of the License, or (at\n";
0361:     echo "your option) any later version.</small></p>\n";
0362:     echo "</body></html>";
0363:     return;
0364:   }
0365:   
0366:   
0367:   
0368:   // ==================================
0369:   // Do nothing.
0370:   // NOOP do nothing.
0371:   // ==================================
0372:   if ($opm_operation == "noop") {
0373:     echo "OK NOOP START\n";
0374:     opm_FNDebug_Log ("OK NOOP requested.");
0375:     echo "OK NOOP END\n";
0376:   }
0377:   
0378:   // ==================================
0379:   // Returns a PHPINFO dump.
0380:   // PHPINFO returns a dump of the PHPINFO function.
0381:   // ==================================
0382:   if ($opm_operation == "phpinfo") {
0383:     echo "OK PHPINFO START\n";
0384:     ob_start ();
0385:     phpinfo ();
0386:     $opm_phpinfo = ob_get_contents ();
0387:     ob_end_clean ();
0388:     $opm_phpinfo = str_replace ("<h2>", str_repeat ("=", 40) . "\n* ", $opm_phpinfo);
0389:     $opm_phpinfo = str_replace ("</h2>", "\n" . str_repeat ("=", 40) . "\n", $opm_phpinfo);
0390:     $opm_phpinfo = str_replace ("<th>", " | ", $opm_phpinfo);
0391:     $opm_phpinfo = str_replace ("</th>", " | ", $opm_phpinfo);
0392:     $opm_phpinfo = str_replace ("<td class=\"v\">", " | ", $opm_phpinfo);
0393:     $opm_phpinfo = strip_tags ($opm_phpinfo);
0394:     $opm_phpinfo_lines = explode ("\n", $opm_phpinfo);
0395:     $opm_phpinfo = "";
0396:     foreach ($opm_phpinfo_lines as $opm_phpinfo_curline) {
0397:       $opm_phpinfo_curline = trim ($opm_phpinfo_curline);
0398:       if ($opm_phpinfo_curline) {
0399:         $opm_phpinfo .= $opm_phpinfo_curline . "\n";
0400:       }
0401:     }
0402:     echo $opm_phpinfo;
0403:     echo "OK PHPINFO END\n";
0404:   }
0405:   
0406:   // ==================================
0407:   // CHECK if a file exists.
0408:   // CHECK requires the full path of the image.
0409:   // ==================================
0410:   if ($opm_operation == "check") {
0411:     if ($opm_filename) {
0412:       if (file_exists ($opm_realpath . $opm_filename)) {
0413:         opm_FNDebug_Log ("OK file found $opm_filename.");
0414:         echo "OK FILE EXISTS";
0415:       }
0416:       else {
0417:         opm_FNDebug_Log ("ERROR 1110 file not found $opm_filename.");
0418:         echo "ERROR 1110 FILE NOT FOUND";
0419:       }
0420:     }
0421:   }
0422:   
0423:   // ==================================
0424:   // LIST all files recursively.
0425:   // LIST returns the filenames with paths.
0426:   // ==================================
0427:   if ($opm_operation == "list") {
0428:     echo "OK LIST START\n";
0429:     opm_FNList_Files ($opm_realpath, "", false);
0430:     echo "OK LIST END\n";
0431:   }
0432:   
0433:   // ==================================
0434:   // LISTDIRS only dirs recursively.
0435:   // LISTDIRS returns no filenames.
0436:   // ==================================
0437:   if ($opm_operation == "listdirs") {
0438:     echo "OK LISTDIRS START\n";
0439:     opm_FNList_Files ($opm_realpath, "", true);
0440:     echo "OK LISTDIRS END\n";
0441:   }
0442:   
0443:   // ==================================
0444:   // DELETE an image.
0445:   // DELETE requires the filename of the image with path.
0446:   // DELETE1 deletes the image if less than one record references it.
0447:   // DELETE2 deletes the image if less than two records reference it.
0448:   // ==================================
0449:   if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
0450:     if ($opm_operation == "delete1") {
0451:       $allowed_owners = 1;
0452:     }
0453:     else {
0454:       $allowed_owners = 2;
0455:     }
0456:     if ($opm_filename) {
0457:       // Check for More Pics 6 extension...
0458:       $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0459:       if ($opm_sqlresult[0]) {
0460:         $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'"));
0461:       }
0462:       else {
0463:         $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'"));
0464:       }
0465:       if ($opm_sqlresult[0] < $allowed_owners) {
0466:         if (file_exists ($opm_realpath . $opm_filename)) {
0467:           if (@unlink ($opm_realpath . $opm_filename)) {
0468:             if (!file_exists ($opm_realpath . $opm_filename)) {
0469:               opm_FNDebug_Log ("OK file deleted $opm_filename.");
0470:               echo "OK DELETE";
0471:             }
0472:             else {
0473:               opm_FNDebug_Log ("ERROR 1120 file cannot be deleted $opm_filename.");
0474:               echo "ERROR 1120 DELETE FILE REMAINS";
0475:             }
0476:           }
0477:           else {
0478:             opm_FNDebug_Log ("ERROR 1121 when deleting $opm_filename.");
0479:             echo "ERROR 1121 DELETE UNKNOWN";
0480:           }
0481:         }
0482:         else {
0483:           opm_FNDebug_Log ("OK file not found when deleting $opm_filename.");
0484:           echo "OK DELETE FILE NOT FOUND";
0485:         }
0486:       }
0487:       else {
0488:         opm_FNDebug_Log ("OK file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
0489:         echo "OK DELETE FILE IN USE";
0490:       }
0491:     }
0492:     else {
0493:       opm_FNDebug_Log ("OK filename empty.");
0494:       echo "OK DELETE FILENAME EMPTY";
0495:     }
0496:   }
0497:   
0498:   // ==================================
0499:   // UPLOAD an image.
0500:   // UPLOAD requires the path, without filename, where the image will be stored.
0501:   // UPLOAD returns the image filename with the path.
0502:   // ==================================
0503:   if ($opm_operation == "upload") {
0504:     if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
0505:       if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
0506:         if ($opm_filename) {
0507:           $newfn = $opm_filename;
0508:         }
0509:         else {
0510:           $newfn = trim ($_FILES["Fl"]["name"]);
0511:         }
0512:         $newfn = str_replace (" ", "_", $newfn);
0513:         $newfn = str_replace ("/", "", $newfn);
0514:         $newfn = str_replace ("\\", "", $newfn);
0515:         $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
0516:         $newfn = strtolower ($newfn);
0517:   
0518:         if ($opm_subdir) {
0519:           if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
0520:             opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
0521:             opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
0522:           }
0523:           if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
0524:             opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
0525:             $newfn = $opm_subdir . "/" . $newfn;
0526:           }
0527:           else {
0528:             opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
0529:           }
0530:         }
0531:         opm_FNDebug_Log ("wanted filename=" . $newfn);
0532:         $newfn = opm_FNSmart_Rename ($newfn, 100);
0533:         opm_FNDebug_Log ("smart filename=" . $newfn);
0534:         opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0535:         if (!file_exists ($opm_realpath . $newfn)) {
0536:           opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
0537:           if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
0538:             opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
0539:             if (file_exists ($opm_realpath . $newfn)) {
0540:               opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
0541:               @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
0542:               echo "OK UPLOAD [" . $newfn . "]";
0543:             }
0544:             else {
0545:               opm_FNDebug_Log ("ERROR 1130 file not copied=" . $opm_realpath . $newfn);
0546:               echo "ERROR 1130 UPLOAD FILE NOT FOUND";
0547:             }
0548:           }
0549:           else {
0550:             opm_FNDebug_Log ("ERROR 1131 file not copied=" . $opm_realpath . $newfn);
0551:             echo "ERROR 1131 UPLOAD CANNOT MOVE";
0552:           }
0553:         }
0554:         else {
0555:           opm_FNDebug_Log ("ERROR 1133 file exist=" . $opm_realpath . $newfn);
0556:           echo "ERROR 1133 UPLOAD EXIST [" . $newfn . "]";
0557:         }
0558:       }
0559:       else {
0560:         opm_FNDebug_Log ("ERROR 1134 cannot find uploaded file!");
0561:         echo "ERROR 1134 UPLOAD";
0562:       }
0563:     }
0564:   }
0565:   
0566:   // ==================================
0567:   // CAPABILITY listing.
0568:   // CAPABILITY returns a list of identified modules.
0569:   // ==================================
0570:   if ($opm_operation == "capa") {
0571:     opm_FNDebug_Log ("OK Capability search started.");
0572:     echo "OK CAPABILITY START\n";
0573:   
0574:     echo "OSCSTANDARD\n";
0575:   
0576:     // Credit Card Payment...
0577:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'"));
0578:     if ($opm_sqlresult[0]) {
0579:       opm_FNDebug_Log ("OK PAY_CC capability found.");
0580:       echo "PAY_CC\n";
0581:     }
0582:   
0583:     // Money Order Payment...
0584:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'"));
0585:     if ($opm_sqlresult[0]) {
0586:       opm_FNDebug_Log ("OK PAY_ORDER capability found.");
0587:       echo "PAY_ORDER\n";
0588:     }
0589:   
0590:     // COD Payment...
0591:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'"));
0592:     if ($opm_sqlresult[0]) {
0593:       opm_FNDebug_Log ("OK PAY_CC capability found.");
0594:       echo "PAY_CC\n";
0595:     }
0596:   
0597:     // PayPal Payment...
0598:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'"));
0599:     if ($opm_sqlresult[0]) {
0600:       opm_FNDebug_Log ("OK PAY_PP capability found.");
0601:       echo "PAY_PP\n";
0602:     }
0603:   
0604:     // Flat Rate Shipping...
0605:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'"));
0606:     if ($opm_sqlresult[0]) {
0607:       opm_FNDebug_Log ("OK SHIP_FLAT capability found.");
0608:       echo "SHIP_FLAT\n";
0609:     }
0610:   
0611:     // Table Shipping...
0612:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'"));
0613:     if ($opm_sqlresult[0]) {
0614:       opm_FNDebug_Log ("OK SHIP_TBL capability found.");
0615:       echo "SHIP_TBL\n";
0616:     }
0617:   
0618:     // Store PickUp Shipping...
0619:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'"));
0620:     if ($opm_sqlresult[0]) {
0621:       opm_FNDebug_Log ("OK SHIP_SPU capability found.");
0622:       echo "SHIP_SPU\n";
0623:     }
0624:   
0625:     // Multi Pickup Shipping...
0626:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'"));
0627:     if ($opm_sqlresult[0]) {
0628:       opm_FNDebug_Log ("OK SHIP_MPU capability found.");
0629:       echo "SHIP_MPU\n";
0630:     }
0631:   
0632:     // More Pics 6...
0633:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0634:     if ($opm_sqlresult[0]) {
0635:       opm_FNDebug_Log ("OK MOREPICS6 capability found.");
0636:       echo "MOREPICS6\n";
0637:     }
0638:   
0639:     // Total B2B...
0640:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id"));
0641:     if ($opm_sqlresult[0]) {
0642:       opm_FNDebug_Log ("OK TOTALB2B capability found.");
0643:       echo "TOTALB2B\n";
0644:     }
0645:   
0646:     // Poll Booth...
0647:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'"));
0648:     if ($opm_sqlresult[0]) {
0649:       opm_FNDebug_Log ("OK POLLBOOTH capability found.");
0650:       echo "POLLBOOTH\n";
0651:     }
0652:   
0653:     // Header Tags Controller...
0654:     $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag"));
0655:     if ($opm_sqlresult[0]) {
0656:       opm_FNDebug_Log ("OK HEADERTAGS capability found.");
0657:       echo "HEADERTAGS\n";
0658:     }
0659:   
0660:     // ZenCart...
0661:     if (defined ("TABLE_EZPAGES")) {
0662:       $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like '" . TABLE_EZPAGES . "'"));
0663:       if ($opm_sqlresult[0]) {
0664:         opm_FNDebug_Log ("OK ZENCART capability found.");
0665:         echo "ZENCART\n";
0666:       }
0667:     }
0668:   
0669:     opm_FNDebug_Log ("OK Capability search finished.");
0670:     echo "OK CAPABILITY END\n";
0671:   }
0672:   
0673:   // ==================================
0674:   // TABLES listing.
0675:   // TABLES returns the name of database tables.
0676:   // ==================================
0677:   if ($opm_operation == "tables") {
0678:     opm_FNDebug_Log ("OK Tables listing started.");
0679:     echo "OK TABLES START\n";
0680:     // Table names...
0681:     echo "TABLE_CATEGORIES=" . TABLE_CATEGORIES . "\n";
0682:     echo "TABLE_CATEGORIES_DESCRIPTION=" . TABLE_CATEGORIES_DESCRIPTION . "\n";
0683:     echo "TABLE_CONFIGURATION=" . TABLE_CONFIGURATION . "\n";
0684:     echo "TABLE_CURRENCIES=" . TABLE_CURRENCIES . "\n";
0685:     echo "TABLE_LANGUAGES=" . TABLE_LANGUAGES . "\n";
0686:     echo "TABLE_MANUFACTURERS=" . TABLE_MANUFACTURERS . "\n";
0687:     echo "TABLE_MANUFACTURERS_INFO=" . TABLE_MANUFACTURERS_INFO . "\n";
0688:     echo "TABLE_PRODUCTS=" . TABLE_PRODUCTS . "\n";
0689:     echo "TABLE_PRODUCTS_DESCRIPTION=" . TABLE_PRODUCTS_DESCRIPTION . "\n";
0690:     echo "TABLE_PRODUCTS_TO_CATEGORIES=" . TABLE_PRODUCTS_TO_CATEGORIES . "\n";
0691:     echo "TABLE_SPECIALS=" . TABLE_SPECIALS . "\n";
0692:     echo "TABLE_TAX_CLASS=" . TABLE_TAX_CLASS . "\n";
0693:     echo "TABLE_TAX_RATES=" . TABLE_TAX_RATES . "\n";
0694:     opm_FNDebug_Log ("OK Tables listing finished.");
0695:     echo "OK TABLES END\n";
0696:   }
0697:   
0698:   
0699:   // ==================================
0700:   // BACKUP database.
0701:   // BACKUP returns a SQL dump.
0702:   // ==================================
0703:   if ($opm_operation == "backup") {
0704:     opm_FNDebug_Log ("OK Backup of database requested.");
0705:     $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
0706:     opm_FNBackup ($opm_realpath . $opm_bak_filename);
0707:     if (file_exists ($opm_realpath . $opm_bak_filename)) {
0708:       opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
0709:       if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
0710:         $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
0711:         header ("Content-type: application/octet-stream");
0712:         header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
0713:         header("Content-Length: " . $opm_bak_filesize);
0714:         header ("Pragma: no-store");
0715:         readfile ($opm_realpath . $opm_bak_filename . ".gz");
0716:         @unlink ($opm_realpath . $opm_bak_filename . ".gz");
0717:         opm_FNDebug_Log ("OK Deleting compressed backup file.");
0718:       }
0719:       @unlink ($opm_realpath . $opm_bak_filename);
0720:       opm_FNDebug_Log ("OK Deleting uncompressed backup file.");
0721:     }
0722:     else {
0723:       opm_FNDebug_Log ("ERROR 1140 Backup file not found.");
0724:     }
0725:     opm_FNDebug_Log ("OK Backup operation finished.");
0726:   }
0727:   
0728:   
0729:   // ==================================
0730:   // Get XCHGRATES.
0731:   // XCHGRATES returns the exchange rates of currencies.
0732:   // ==================================
0733:   if ($opm_operation == "xchgrates") {
0734:     opm_FNDebug_Log ("OK Starting XCHGRATES operation.");
0735:     if ($opm_filename) {
0736:       $opm_filename = strtoupper ($opm_filename);
0737:       $opm_main_currency = substr ($opm_filename, 0, 3);
0738:       $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
0739:       if (($opm_main_currency) && ($opm_xchange_currencies)) {
0740:         $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
0741:         $opm_page_data = opm_FNget_webpage ($opm_xchange_page);
0742:         if ($opm_page_data) {
0743:           $opm_page_data = strip_tags ($opm_page_data);
0744:           $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
0745:           $opm_xr_matches = array ();
0746:           preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
0747:           echo "OK XCHGRATES START\n";
0748:           foreach ($opm_xr_matches[2] as $key => $value) {
0749:             echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
0750:           }
0751:           echo "OK XCHGRATES END\n";
0752:         }
0753:         else {
0754:           opm_FNDebug_Log ("ERROR 1150 The remote server answer is empty or invalid.");
0755:           echo "ERROR 1150 XCHGRATES REMOTE SERVER ERROR";
0756:         }
0757:       }
0758:       else {
0759:         opm_FNDebug_Log ("ERROR 1151 The specified currency codes are invalid.");
0760:         echo "ERROR 1151 XCHGRATES INVALID CURRENCY";
0761:       }
0762:     }
0763:     else {
0764:       opm_FNDebug_Log ("ERROR 1152 The no currency codes were specified.");
0765:       echo "ERROR 1152 XCHGRATES EMPTY CURRENCY";
0766:     }
0767:   }
0768:   
0769:   
0770:   
0771:   // ==================================
0772:   // Execute DBQUERY.
0773:   // DBQUERY returns ...
0774:   // ==================================
0775:   if ($opm_operation == "dbquery") {
0776:     opm_FNDebug_Log ("OK Starting DBQUERY operation.");
0777:     if ($opm_query) {
0778:       echo "OK DBQUERY START\n";
0779:       echo  opm_FNExec_Query ($opm_query, false, true, $opm_enable_recordsetlog);
0780:       echo "OK DBQUERY END\n";
0781:     }
0782:     else {
0783:       opm_FNDebug_Log ("ERROR 1171 The database query is empty.");
0784:       echo "ERROR 1171 DBQUERY EMPTY DATABASE QUERY";
0785:     }
0786:     opm_FNDebug_Log ("OK Finishing DBQUERY operation.");
0787:   }
0788:   
0789:   
0790:   
0791:   if ($opm_browser_debug) { echo "</pre>"; }
0792:   return;
0793:   
0794:   
0795:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0796:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0797:   function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
0798:   	$dirhandle = opendir ($dirname);
0799:     while (($file = readdir ($dirhandle)) != false)
0800:       $sorteddir[count ($sorteddir)] = $file;
0801:   	closedir ($dirhandle);
0802:     natcasesort ($sorteddir);
0803:     if (!$onlydirs) {
0804:     	foreach ($sorteddir as $file) {
0805:         if (($file != ".") && ($file != "..")) {
0806:           if (!is_dir ($dirname . $file)) {
0807:             if ($parentdir) {
0808:               echo $parentdir . "/" . $file . "\n";
0809:             }
0810:             else {
0811:               echo $file . "\n";
0812:             }
0813:           }
0814:         }
0815:       }
0816:       foreach ($sorteddir as $file) {
0817:         if (($file != ".") && ($file != "..")) {
0818:           if (is_dir ($dirname . $file)) {
0819:             if ($parentdir) {
0820:               opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0821:             }
0822:             else {
0823:               opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0824:             }
0825:           }
0826:         }
0827:       }
0828:     }
0829:     else {
0830:       foreach ($sorteddir as $file) {
0831:         if (($file != ".") && ($file != "..")) {
0832:           if (is_dir ($dirname . $file)) {
0833:             if ($parentdir) {
0834:               echo $parentdir . "/" . $file . "\n";
0835:               opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0836:             }
0837:             else {
0838:               echo $file . "\n";
0839:               opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0840:             }
0841:           }
0842:         }
0843:       }
0844:     }
0845:   }
0846:   
0847:   
0848:   
0849:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0850:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0851:   function opm_FNSmart_Rename ($wantedname, $tries) {
0852:   global $opm_realpath;
0853:     $newname = $wantedname;
0854:     $newext = '.' . array_pop (explode ('.', $wantedname));
0855:     for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
0856:       if (!file_exists ($opm_realpath . $newname)) {
0857:         return ($newname);
0858:       }
0859:       else {
0860:         $newdirname = dirname ($wantedname);
0861:         if ($newdirname != ".") {
0862:           $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0863:         }
0864:         else {
0865:           $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0866:         }
0867:       }
0868:     }
0869:     return ($wantedname);
0870:   }
0871:   
0872:   
0873:   
0874:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0875:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0876:   function opm_FNDebug_Log ($logline) {
0877:   global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
0878:     if ($opm_enable_logfile) {
0879:       if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
0880:         $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
0881:         $opm_lfilef = @fopen ($opm_debug_file, 'a');
0882:         if ($opm_lfilef) {
0883:           if ($logline) {
0884:             @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
0885:           }
0886:           else {
0887:             @fwrite ($opm_lfilef, "\n");
0888:           }
0889:           @fclose ($opm_lfilef);
0890:         }
0891:       }
0892:     }
0893:   }
0894:   
0895:   
0896:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0897:   // Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
0898:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0899:   function opm_FNmkdirs ($dirname) {
0900:     if (is_dir ($dirname) || empty ($dirname)) return 1;
0901:     if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
0902:     if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
0903:       if (!file_exists($dirname)) {
0904:         return @mkdir ($dirname, 0777);
0905:       }
0906:     }
0907:     return 0;
0908:   }
0909:   
0910:   
0911:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0912:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0913:   function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false, $logdata = false) {
0914:   global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_cfield, $opm_tag_fieldlist;
0915:   global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats;
0916:   global $opm_compress, $opm_compress_level;
0917:     $result_string = "";
0918:     $record_count = 0;
0919:     $query_type = strtoupper (substr ($sql_query, 0, strpos ($sql_query, " ")));
0920:     opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
0921:     $sql_result = fopm_dbquery ($sql_query);
0922:     if (($query_type == "SELECT") || ($query_type == "SHOW") || ($query_type == "DESCRIBE")) {
0923:       while ($sql_record = fopm_dbfetchrow ($sql_result)) {
0924:         $record_count++;
0925:         $sql_fullrec = "";
0926:         if ($rawdata) {
0927:           foreach ($sql_record as $fielddata) {
0928:             $result_string .= $fielddata . "\n";
0929:           }
0930:         }
0931:         else {
0932:           $result_string .= "$opm_tag_recordbegin\n";
0933:           foreach ($sql_record as $fielddata) {
0934:             if ($encodeddata) {
0935:               $encodedfield = base64_encode ($fielddata);
0936:             }
0937:             else {
0938:               $encodedfield = htmlentities ($fielddata);
0939:             }
0940:             $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0941:             $sql_fullrec .= $encodedfield;
0942:           }
0943:           $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
0944:         }
0945:       }
0946:     }
0947:     elseif ($query_type == "INSERT") {
0948:       $sql_result = fopm_dblastid ();
0949:       $record_count = 1;
0950:       $sql_fullrec = "";
0951:       if ($rawdata) {
0952:         $result_string .= $sql_result . "\n";
0953:       }
0954:       else {
0955:         $result_string .= "$opm_tag_recordbegin\n";
0956:         if ($encodeddata) {
0957:           $encodedfield = base64_encode ($sql_result);
0958:         }
0959:         else {
0960:           $encodedfield = htmlentities ($sql_result);
0961:         }
0962:         $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0963:         $sql_fullrec .= $encodedfield;
0964:         $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
0965:       }
0966:     }
0967:     if ($logdata) {
0968:       opm_FNDebug_Log ("RECORDSET=\n$result_string\n");
0969:     }
0970:     if (!$rawdata) {
0971:       if ($opm_compress) {
0972:         opm_FNDebug_Log ("RECORDSET SIZE (UNCOMPRESSED)=" . strlen ($result_string));
0973:         $result_string = base64_encode (gzcompress ($result_string, $opm_compress_level)) . "\n";
0974:       }
0975:     }
0976:     opm_FNDebug_Log ("RECORDSET SIZE=" . strlen ($result_string));
0977:     return $result_string;
0978:   }
0979:   
0980:   
0981:   
0982:   
0983:   
0984:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0985:   // Based on code from osCommerce (/admin/backup.php).
0986:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0987:   function opm_FNBackup ($dump_file) {
0988:   global $opm_script_version;
0989:     if ($dump_file) {
0990:       $bakfilef = fopen ($dump_file, 'w');
0991:       $bakline  = "############################################################################\n";
0992:       $bakline .= "# OSCPMWin (server-side $opm_script_version)\n";
0993:       $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
0994:       $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
0995:       $bakline .= "############################################################################\n\n";
0996:       fwrite ($bakfilef, $bakline);
0997:       $tables_query = fopm_dbquery ("show tables");
0998:       while ($tables = fopm_dbfetchrow ($tables_query)) {
0999:         $table = $tables[0];
1000:         $bakline = "\n\n############################################################################\n";
1001:         $bakline .= "# " . strtoupper ($table) . "\n";
1002:         $bakline .= "############################################################################\n\n";
1003:         $bakline .= "drop table if exists $table;\ncreate table $table (\n";
1004:         $table_list = array ();
1005:         $fields_query = fopm_dbquery ("show fields from $table");
1006:         while ($fields = fopm_dbfetchrow ($fields_query)) {
1007:           $table_list[] = $fields[0];
1008:           $bakline .= "  " . $fields[0] . " " . $fields[1];
1009:           if (strlen ($fields[4]) > 0) $bakline .= " default '" . $fields[4] . "'";
1010:           if (strtoupper ($fields[2]) != "YES") $bakline .= " not null";
1011:           if (isset ($fields[5])) $bakline .= " " . $fields[5];
1012:           $bakline .= ",\n";
1013:         }
1014:         $bakline = ereg_replace(",\n$", '', $bakline);
1015:         $index = array ();
1016:         $keys_query = fopm_dbquery ("show keys from $table");
1017:         while ($keys = fopm_dbfetchrow ($keys_query)) {
1018:           $kname = $keys[2];
1019:           if (!isset ($index[$kname])) {
1020:             $index[$kname] = array ("unique" => !$keys[1], "columns" => array());
1021:           }
1022:           $index[$kname]["columns"][] = $keys[4];
1023:         }
1024:         while (list($kname, $info) = each($index)) {
1025:           $bakline .= ",\n";
1026:           $columns = implode($info["columns"], ", ");
1027:           if ($kname == "PRIMARY") {
1028:             $bakline .= "  PRIMARY KEY ($columns)";
1029:           } elseif ($info["unique"]) {
1030:             $bakline .= "  UNIQUE $kname ($columns)";
1031:           } else {
1032:             $bakline .= "  KEY $kname ($columns)";
1033:           }
1034:         }
1035:         $bakline .= "\n);\n\n";
1036:         fwrite ($bakfilef, $bakline);
1037:         $rows_query = fopm_dbquery ("select " . implode (",", $table_list) . " from $table");
1038:         while ($rows = fopm_dbfetchrow ($rows_query)) {
1039:           $bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
1040:           for ($curfield = 0; $curfield < count ($table_list); $curfield++) {
1041:             if (!isset ($rows[$curfield])) {
1042:               $bakline .= "NULL, ";
1043:             } elseif (($rows[$curfield] != "") && (strtoupper ($rows[$curfield]) != "NULL")) {
1044:               $row = addslashes ($rows[$curfield]);
1045:               $row = ereg_replace("\n#", "\n".'\#', $row);
1046:               $bakline .= "'$row', ";
1047:             } else {
1048:               $bakline .= "'', ";
1049:             }
1050:           }
1051:           $bakline = ereg_replace (", $", "", $bakline) . ");\n";
1052:           fwrite ($bakfilef, $bakline);
1053:         }
1054:       }
1055:       fclose ($bakfilef);
1056:     }
1057:   }
1058:   
1059:   
1060:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1061:   // Compress a file with the gzip algorithm.
1062:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1063:   function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
1064:     if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
1065:       $opm_ungzfp = fopen($opm_gzsource, "rb");
1066:       $opm_gzfp = gzopen($opm_gztarget, "wb9");
1067:       if ($opm_gzfp && $opm_ungzfp) {
1068:         while (!feof ($opm_ungzfp)) {
1069:           gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
1070:         }
1071:         @fclose ($opm_ungzfp);
1072:         @gzclose ($opm_gzfp);
1073:         return (true);
1074:       }
1075:       else {
1076:         @fclose ($opm_ungzfp);
1077:         @gzclose ($opm_gzfp);
1078:         return (false);
1079:       }
1080:     }
1081:     else {
1082:       return (false);
1083:     }
1084:   }
1085:   
1086:   
1087:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1088:   // Request a page from a web server.
1089:   // If using a proxy server, redirect the call thru the proxy.
1090:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1091:   function opm_FNget_webpage ($target_url) {
1092:     global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
1093:     $opm_http_content = "";
1094:     $errno = 0;
1095:     $errstr = "";
1096:     $urlparts = parse_url ($target_url);
1097:     if ($urlparts["host"]) {
1098:       @ignore_user_abort (true);
1099:       if ($opm_cfg_useproxy) {
1100:         $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
1101:       }
1102:       else {
1103:         $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
1104:       }
1105:       if ($opm_sockconn) {
1106:         if ($opm_cfg_useproxy) {
1107:           fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
1108:         }
1109:         else {
1110:           fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
1111:         }
1112:         while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
1113:           $opm_http_content .= fgets ($opm_sockconn, 10240);
1114:         }
1115:         @fclose ($opm_sockconn);
1116:         if (eregi ("HTTP.*200 OK", $opm_http_content)) {
1117:           $opm_http_content = str_replace ("\r", "", $opm_http_content);
1118:           $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
1119:           return ($opm_http_content);
1120:         }
1121:       }
1122:     }
1123:     return ("");
1124:   }
1125:   
1126:   
1127:   
1128:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1129:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1130:   function fopm_dbconnect ($dbhost, $dbname, $dbusername, $dbpassword) {
1131:     global $opm_db_handle;
1132:     $opm_db_handle = false;
1133:     if ($dbhost && $dbname && $dbusername) {
1134:       if (function_exists ("mysql_connect")) {
1135:         $opm_db_handle = @mysql_connect ($dbhost, $dbusername, $dbpassword);
1136:         $database = @mysql_select_db ($dbname);
1137:         if (!$opm_db_handle or (isset ($database) and !$database)) {
1138:           opm_FNDebug_Log ("ERROR 2000 Cannot connect to the database $dbname@$dbhost as $dbusername.");
1139:         }
1140:         else {
1141:           return (true);
1142:         }
1143:       }
1144:       else {
1145:         opm_FNDebug_Log ("ERROR 2010 Without support in PHP for MySQL.");
1146:         echo "ERROR 2010 PHP WITHOUT MYSQL SUPPORT.";
1147:       }
1148:     }
1149:     else {
1150:       opm_FNDebug_Log ("ERROR 2020 Missing database connection parameters.");
1151:       echo "ERROR 2020 MISSING DB CONNECTION PARAMETERS.";
1152:     }
1153:     return (false);
1154:   }
1155:   
1156:   
1157:   
1158:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1159:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1160:   function fopm_dbquery ($query) {
1161:     global $opm_db_handle;
1162:     if ($opm_db_handle) {
1163:       return (@mysql_query ($query));
1164:     }
1165:     else {
1166:       opm_FNDebug_Log ("ERROR 2100 The provided database link is not connected.");
1167:       echo "ERROR 2100 DB LINK WITHOUT CONNECTION.";
1168:     }
1169:   }
1170:   
1171:   
1172:   
1173:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1174:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1175:   function fopm_dbfetchrow ($result) {
1176:     global $opm_db_handle;
1177:     return (mysql_fetch_row ($result));
1178:   }
1179:   
1180:   
1181:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1182:   // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1183:   function fopm_dblastid () {
1184:     global $opm_db_handle;
1185:     $result9 = fopm_dbquery ("select last_insert_id()");
1186:     $row9 = fopm_dbfetchrow ($result9);
1187:     if ($row9) { return ($row9[0]); } else { return (0); }
1188:   }
1189:   
1190:   
1191:   
1192:   
1193:   
1194:   
1195:   ?>
 
 
NA fum/lmd: 2007.07.15
Copyright ©1994-2017 by Mario A. Valdez-Ramírez.
no siga este enlace / do not follow this link