Source code of file oscpmwin_v0.4.1.723/oscpm1_upload.txt from the
osCommerce Product Manager for Windows.
0000: <?php
0001: // osCommerce Product Manager for Windows (oscpmwin).
0002: 0003:
0004: // You can contact Mario A. Valdez-Ramirez
0005: // by email at mario@mariovaldez.org or paper mail at
0006: // Olmos 809, San Nicolas, NL. 66495, Mexico.
0007:
0008: // This program is free software; you can redistribute it and/or modify
0009: // it under the terms of the GNU General Public License as published by
0010: // the Free Software Foundation; either version 2 of the License, or (at
0011: // your option) any later version.
0012:
0013: // This program is distributed in the hope that it will be useful, but
0014: // WITHOUT ANY WARRANTY; without even the implied warranty of
0015: // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
0016: // General Public License for more details.
0017:
0018: // You should have received a copy of the GNU General Public License
0019: // along with this program; if not, write to the Free Software
0020: // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
0021:
0022:
0023: // ==================================
0024: // Start of configuration options...
0025: // ==================================
0026: $opm_images_directory = "images/";
0027: $opm_enable_logfile = false;
0028: $opm_enable_extralog = false;
0029: $opm_enable_recordsetlog = false;
0030: $opm_debug_file = "opm_debug.txt";
0031: $opm_browser_debug = false;
0032: $opm_enable_auth = true;
0033: $opm_password_override = "";
0034: $opm_upload_perms = "0644";
0035: $opm_timezone_shift = 0;
0036: $opm_allow_compression = true;
0037: $opm_compress_level = 1;
0038:
0039: $opm_cfg_useproxy = false;
0040: $opm_cfg_proxyaddress = "192.168.0.1";
0041: $opm_cfg_proxyport = 3128;
0042:
0043: // ==================================
0044: // End of configuration options...
0045: // ==================================
0046:
0047:
0048: $opm_httpconn_timeout = 60; // 60 seconds
0049: $opm_tag_recordbegin = "BR"; // BR
0050: $opm_tag_recordend = "ER"; // ER
0051: $opm_tag_field = "DF"; // DF
0052: $opm_tag_databegin = "["; // [
0053: $opm_tag_dataend = "]"; // ]
0054: $opm_tag_comment = "#"; // #
0055: $opm_tag_stats = "ST"; // ST
0056: $opm_tag_fieldlist = "FL"; // FL
0057:
0058: $opm_session_string = "OSCPMCHECKER";
0059: $opm_max_failedlogins = 8; // Max logins before blocking the client.
0060: $opm_max_blocktime = 3600; // Time a client is blocked after too many failures.
0061: $opm_max_tracktime = 900; // Time to store the login history of each client.
0062: $opm_sleep_afterfail = 15; // Delay when login fails.
0063:
0064: $opm_hash_strengh = 100;
0065:
0066: $opm_script_version = "0.9.5";
0067: error_reporting(E_ALL & ~E_NOTICE);
0068:
0069: $opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
0070: $opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
0071: $opm_tmposname = explode (" ", php_uname ());
0072: $opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];
0073:
0074: @set_time_limit (300);
0075:
0076: if (!$opm_upload_perms) {
0077: $opm_upload_perms = "0600";
0078: }
0079:
0080: $opm_ip_address = $_SERVER["REMOTE_ADDR"];
0081: if (!$opm_ip_address) {
0082: $opm_ip_address = $HTTP_SERVER_VARS["REMOTE_ADDR"];
0083: if (!$opm_ip_address) {
0084: $opm_ip_address = $_ENV["REMOTE_ADDR"];
0085: if (!$opm_ip_address) {
0086: $opm_ip_address = getenv("REMOTE_ADDR");
0087: }
0088: else $opm_ip_address = "";
0089: }
0090: }
0091:
0092:
0093: $opm_db_handle = false;
0094:
0095:
0096: // Get all parameters about the request.
0097: if (!$opm_browser_debug) {
0098: $opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
0099: $opm_operation = strtolower (trim ($_POST["Op"]));
0100: $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
0101: $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
0102: $opm_query = base64_decode (trim ($_POST["Qy"]));
0103: $opm_reqversion = trim ($_POST["Vn"]);
0104: $opm_logintimestamp = trim ($_POST["TS"]);
0105: $opm_compress = abs ($_POST["Gz"]);
0106: }
0107: else {
0108: $opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
0109: $opm_operation = strtolower (trim ($_GET["Op"]));
0110: $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
0111: $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
0112: $opm_query = trim ($_GET["Qy"]);
0113: $opm_reqversion = trim ($_GET["Vn"]);
0114: $opm_logintimestamp = trim ($_GET["TS"]);
0115: $opm_compress = abs ($_GET["Gz"]);
0116: }
0117: if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
0118: $opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
0119: }
0120: $opm_compress = ($opm_compress && $opm_allow_compression);
0121:
0122: // If timestamp is empty, create a dummy to force an authentication failure.
0123: if (strlen ($opm_logintimestamp) < 15) {
0124: $opm_logintimestamp = date ("YmdHis");
0125: }
0126:
0127: /*
0128: Note on parameters:
0129: When the operation needs a parameter, it shold be send using
0130: either FN or QY (Filename or Query). The difference is that
0131: FN is cleaned (deleting slashes, dots and spaces) while QY
0132: is not cleaned. However, QY is always Base64-encoded.
0133: */
0134:
0135:
0136: // Log basic information about the request.
0137: if ($opm_enable_extralog) {
0138: if (!$opm_browser_debug) {
0139: opm_FNDebug_Log (print_r ($_POST, true));
0140: }
0141: else {
0142: opm_FNDebug_Log (print_r ($_GET, true));
0143: }
0144: }
0145: else {
0146: opm_FNDebug_Log ("");
0147: }
0148: opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0149: opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
0150: opm_FNDebug_Log ("OPERATION=" . $opm_operation);
0151: opm_FNDebug_Log ("FILENAME=" . $opm_filename);
0152: opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
0153: opm_FNDebug_Log ("QUERY=" . $opm_query);
0154: opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
0155: opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);
0156: opm_FNDebug_Log ("COMPRESS=" . $opm_compress);
0157:
0158:
0159: // Include osCommerce database configuration and functions.
0160: require ("includes/configure.php");
0161: require (DIR_WS_INCLUDES . "database_tables.php");
0162:
0163:
0164: if ($opm_browser_debug) { echo "<pre>"; }
0165:
0166: // Check if script version is the expected by client.
0167: if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
0168: opm_FNDebug_Log ("ERROR 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
0169: echo "ERROR 1000 WRONG SCRIPT VERSION";
0170: return;
0171: }
0172:
0173: // Check if the image directory is valid.
0174: if (!is_dir ($opm_realpath) && ($opm_operation)) {
0175: opm_FNDebug_Log ("ERROR 1010 cannot find the images directory. Expecting $opm_realpath exist.");
0176: echo "ERROR 1010 IMAGE DIRECTORY NOT FOUND";
0177: return;
0178: }
0179:
0180:
0181: // Connect to database.
0182: if (!fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD)) {
0183: echo "ERROR 1031 NO DATABASE CONNECTION";
0184: return;
0185: }
0186:
0187:
0188: // Get osCommerce DB password and compare it with client password.
0189: // Unless no operation is requested.
0190: if ($opm_operation) {
0191: if ($opm_enable_auth) {
0192: if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
0193: // Check if the client is known...
0194: $opm_failed_attempts = 0;
0195: $opm_failed_time = time ();
0196: $opm_sql_result = fopm_dbquery ("select customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url from " . TABLE_WHOS_ONLINE . " where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0197: if ($opm_sql_record = fopm_dbfetchrow ($opm_sql_result)) {
0198: // It is known...
0199: if (round (abs ($opm_sql_record[5])) > ($opm_failed_time - $opm_max_tracktime)) {
0200: $opm_failed_attempts = round (abs ($opm_sql_record[6]));
0201: if ($opm_failed_attempts > $opm_max_failedlogins) {
0202: // It is blocked...
0203: $opm_failed_time = time () + $opm_max_blocktime;
0204: }
0205: }
0206: else {
0207: // We are not tracking it...
0208: $opm_failed_attempts = 0;
0209: }
0210: // Updates the tracking information...
0211: $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0212: }
0213: else {
0214: // Creates a tracking record...
0215: $opm_sql_result = fopm_dbquery ("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (0, '$opm_session_string', '$opm_session_string', '$opm_ip_address', '$opm_failed_time', '$opm_failed_time', '0')");
0216: }
0217: if ($opm_failed_attempts > $opm_max_failedlogins) {
0218: // The client is blocked, show error...
0219: opm_FNDebug_Log ("ERROR 1024 the client ($opm_ip_address) has been blocked, too many failed logins ($opm_failed_attempts).");
0220: sleep ($opm_sleep_afterfail);
0221: echo "ERROR 1024 BLOCKED";
0222: return;
0223: }
0224: else {
0225: // The client is not blocked, continue...
0226: if ($opm_password_override != "") {
0227: opm_FNDebug_Log ("Password override is enabled.");
0228: $opm_serverpassword = $opm_password_override;
0229: for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
0230: $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
0231: }
0232: }
0233: else {
0234: $opm_serverpassword = DB_SERVER_PASSWORD;
0235: for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
0236: $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
0237: }
0238: }
0239: opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
0240: if ($opm_serverpassword != $opm_passwordhash) {
0241: // Password mismatch...
0242: opm_FNDebug_Log ("ERROR 1020 the server and client passwords do not match.");
0243: $opm_failed_attempts++;
0244: opm_FNDebug_Log ("Failed logins from $opm_ip_address = $opm_failed_attempts");
0245: // Update tracking data about this...
0246: $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='$opm_failed_attempts' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0247: if ($opm_failed_attempts > 1) {
0248: // This is not the first failure, delay a bit...
0249: sleep ($opm_sleep_afterfail);
0250: }
0251: echo "ERROR 1020 PASSWORD MISMATCH";
0252: return;
0253: }
0254: else {
0255: // Password match, reset failures count in tracking data...
0256: $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='0' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0257: }
0258: }
0259: }
0260: else {
0261: opm_FNDebug_Log ("ERROR 1021 the server password was not found.");
0262: echo "ERROR 1021 CANNOT FIND SERVER PASSWORD";
0263: return;
0264: }
0265: }
0266: else {
0267: opm_FNDebug_Log ("Password authentication is disabled.");
0268: }
0269: }
0270: else {
0271: // If called from a browser, display a simple information page
0272: $opm_simpletest_dbok = false;
0273: $opm_simpletest_imgok = false;
0274: echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
0275: echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
0276: echo "LI { padding: 5px; }\n";
0277: echo "H3 { padding: 5px 5px 5px 20px; }\n";
0278: echo "A { color: #0000FF; text-decoration: none; }\n";
0279: echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
0280: echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
0281: echo ".ok { background-color: #CCFFCC; }\n";
0282: echo ".notok { background-color: #FFCCCC; }\n";
0283: echo ".info { background-color: #EEEEFF; }\n";
0284: echo ".links { background-color: #EEEEEE; }\n";
0285: echo "</style>\n";
0286: echo "</head><body>\n";
0287: echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
0288: $opm_simpletest_dbok = fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
0289: $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
0290: if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0291: echo "<div class=\"ok\">";
0292: }
0293: else {
0294: echo "<div class=\"notok\">";
0295: }
0296: echo "<ul>\n";
0297: if ($opm_simpletest_dbok) {
0298: echo "<li><strong>Database connection seems OK.</strong></li>\n";
0299: }
0300: else {
0301: echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
0302: }
0303: if ($opm_simpletest_imgok) {
0304: echo "<li><strong>Image directory seems OK.</strong></li>\n";
0305: }
0306: else {
0307: echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
0308: }
0309: echo "</ul>";
0310: if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0311: echo "<h3><strong>Everything seems OK. :)</strong></h3>\n";
0312: }
0313: else {
0314: echo "<h3><strong>There seems to be a problem. :(</strong></h3>\n";
0315: }
0316: echo "</div>";
0317: echo "<div class=\"info\"><ul>";
0318: if ($opm_browser_debug) {
0319: echo "<li>Browser-debug mode is enabled.";
0320: }
0321: else {
0322: echo "<li>Browser-debug mode is disabled";
0323: }
0324: echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";
0325:
0326: if ($opm_enable_logfile) {
0327: echo "<li>Logging file is enabled.";
0328: }
0329: else {
0330: echo "<li>Logging file is disabled";
0331: }
0332: echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";
0333:
0334: if ($opm_cfg_useproxy) {
0335: echo "<li>Proxy-usage is enabled.";
0336: }
0337: else {
0338: echo "<li>Proxy-usage is disabled";
0339: }
0340: echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
0341:
0342: if ($opm_allow_compression) {
0343: echo "<li>Compression is enabled.";
0344: }
0345: else {
0346: echo "<li>Compression is disabled";
0347: }
0348: echo "<br><small>Compression of data traffic improves the speed of the data transfer. The compression level is set to $opm_compress_level. This setting is not enforced unless the client application request a compressed data stream too.</small></li>\n";
0349:
0350: echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
0351: echo "</ul></div>";
0352: echo "<div class=\"links\"><ul>";
0353: echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
0354: echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
0355: echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
0356: echo "</ul></div>";
0357: echo "<p><small>©2003-2007 by Mario A. Valdez-Ramirez.<br>\n";
0358: echo "This program is free software; you can redistribute it and/or modify\n";
0359: echo "it under the terms of the GNU General Public License as published by\n";
0360: echo "the Free Software Foundation; either version 2 of the License, or (at\n";
0361: echo "your option) any later version.</small></p>\n";
0362: echo "</body></html>";
0363: return;
0364: }
0365:
0366:
0367:
0368: // ==================================
0369: // Do nothing.
0370: // NOOP do nothing.
0371: // ==================================
0372: if ($opm_operation == "noop") {
0373: echo "OK NOOP START\n";
0374: opm_FNDebug_Log ("OK NOOP requested.");
0375: echo "OK NOOP END\n";
0376: }
0377:
0378: // ==================================
0379: // Returns a PHPINFO dump.
0380: // PHPINFO returns a dump of the PHPINFO function.
0381: // ==================================
0382: if ($opm_operation == "phpinfo") {
0383: echo "OK PHPINFO START\n";
0384: ob_start ();
0385: phpinfo ();
0386: $opm_phpinfo = ob_get_contents ();
0387: ob_end_clean ();
0388: $opm_phpinfo = str_replace ("<h2>", str_repeat ("=", 40) . "\n* ", $opm_phpinfo);
0389: $opm_phpinfo = str_replace ("</h2>", "\n" . str_repeat ("=", 40) . "\n", $opm_phpinfo);
0390: $opm_phpinfo = str_replace ("<th>", " | ", $opm_phpinfo);
0391: $opm_phpinfo = str_replace ("</th>", " | ", $opm_phpinfo);
0392: $opm_phpinfo = str_replace ("<td class=\"v\">", " | ", $opm_phpinfo);
0393: $opm_phpinfo = strip_tags ($opm_phpinfo);
0394: $opm_phpinfo_lines = explode ("\n", $opm_phpinfo);
0395: $opm_phpinfo = "";
0396: foreach ($opm_phpinfo_lines as $opm_phpinfo_curline) {
0397: $opm_phpinfo_curline = trim ($opm_phpinfo_curline);
0398: if ($opm_phpinfo_curline) {
0399: $opm_phpinfo .= $opm_phpinfo_curline . "\n";
0400: }
0401: }
0402: echo $opm_phpinfo;
0403: echo "OK PHPINFO END\n";
0404: }
0405:
0406: // ==================================
0407: // CHECK if a file exists.
0408: // CHECK requires the full path of the image.
0409: // ==================================
0410: if ($opm_operation == "check") {
0411: if ($opm_filename) {
0412: if (file_exists ($opm_realpath . $opm_filename)) {
0413: opm_FNDebug_Log ("OK file found $opm_filename.");
0414: echo "OK FILE EXISTS";
0415: }
0416: else {
0417: opm_FNDebug_Log ("ERROR 1110 file not found $opm_filename.");
0418: echo "ERROR 1110 FILE NOT FOUND";
0419: }
0420: }
0421: }
0422:
0423: // ==================================
0424: // LIST all files recursively.
0425: // LIST returns the filenames with paths.
0426: // ==================================
0427: if ($opm_operation == "list") {
0428: echo "OK LIST START\n";
0429: opm_FNList_Files ($opm_realpath, "", false);
0430: echo "OK LIST END\n";
0431: }
0432:
0433: // ==================================
0434: // LISTDIRS only dirs recursively.
0435: // LISTDIRS returns no filenames.
0436: // ==================================
0437: if ($opm_operation == "listdirs") {
0438: echo "OK LISTDIRS START\n";
0439: opm_FNList_Files ($opm_realpath, "", true);
0440: echo "OK LISTDIRS END\n";
0441: }
0442:
0443: // ==================================
0444: // DELETE an image.
0445: // DELETE requires the filename of the image with path.
0446: // DELETE1 deletes the image if less than one record references it.
0447: // DELETE2 deletes the image if less than two records reference it.
0448: // ==================================
0449: if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
0450: if ($opm_operation == "delete1") {
0451: $allowed_owners = 1;
0452: }
0453: else {
0454: $allowed_owners = 2;
0455: }
0456: if ($opm_filename) {
0457: // Check for More Pics 6 extension...
0458: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0459: if ($opm_sqlresult[0]) {
0460: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'"));
0461: }
0462: else {
0463: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'"));
0464: }
0465: if ($opm_sqlresult[0] < $allowed_owners) {
0466: if (file_exists ($opm_realpath . $opm_filename)) {
0467: if (@unlink ($opm_realpath . $opm_filename)) {
0468: if (!file_exists ($opm_realpath . $opm_filename)) {
0469: opm_FNDebug_Log ("OK file deleted $opm_filename.");
0470: echo "OK DELETE";
0471: }
0472: else {
0473: opm_FNDebug_Log ("ERROR 1120 file cannot be deleted $opm_filename.");
0474: echo "ERROR 1120 DELETE FILE REMAINS";
0475: }
0476: }
0477: else {
0478: opm_FNDebug_Log ("ERROR 1121 when deleting $opm_filename.");
0479: echo "ERROR 1121 DELETE UNKNOWN";
0480: }
0481: }
0482: else {
0483: opm_FNDebug_Log ("OK file not found when deleting $opm_filename.");
0484: echo "OK DELETE FILE NOT FOUND";
0485: }
0486: }
0487: else {
0488: opm_FNDebug_Log ("OK file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
0489: echo "OK DELETE FILE IN USE";
0490: }
0491: }
0492: else {
0493: opm_FNDebug_Log ("OK filename empty.");
0494: echo "OK DELETE FILENAME EMPTY";
0495: }
0496: }
0497:
0498: // ==================================
0499: // UPLOAD an image.
0500: // UPLOAD requires the path, without filename, where the image will be stored.
0501: // UPLOAD returns the image filename with the path.
0502: // ==================================
0503: if ($opm_operation == "upload") {
0504: if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
0505: if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
0506: if ($opm_filename) {
0507: $newfn = $opm_filename;
0508: }
0509: else {
0510: $newfn = trim ($_FILES["Fl"]["name"]);
0511: }
0512: $newfn = str_replace (" ", "_", $newfn);
0513: $newfn = str_replace ("/", "", $newfn);
0514: $newfn = str_replace ("\\", "", $newfn);
0515: $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
0516: $newfn = strtolower ($newfn);
0517:
0518: if ($opm_subdir) {
0519: if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
0520: opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
0521: opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
0522: }
0523: if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
0524: opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
0525: $newfn = $opm_subdir . "/" . $newfn;
0526: }
0527: else {
0528: opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
0529: }
0530: }
0531: opm_FNDebug_Log ("wanted filename=" . $newfn);
0532: $newfn = opm_FNSmart_Rename ($newfn, 100);
0533: opm_FNDebug_Log ("smart filename=" . $newfn);
0534: opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0535: if (!file_exists ($opm_realpath . $newfn)) {
0536: opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
0537: if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
0538: opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
0539: if (file_exists ($opm_realpath . $newfn)) {
0540: opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
0541: @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
0542: echo "OK UPLOAD [" . $newfn . "]";
0543: }
0544: else {
0545: opm_FNDebug_Log ("ERROR 1130 file not copied=" . $opm_realpath . $newfn);
0546: echo "ERROR 1130 UPLOAD FILE NOT FOUND";
0547: }
0548: }
0549: else {
0550: opm_FNDebug_Log ("ERROR 1131 file not copied=" . $opm_realpath . $newfn);
0551: echo "ERROR 1131 UPLOAD CANNOT MOVE";
0552: }
0553: }
0554: else {
0555: opm_FNDebug_Log ("ERROR 1133 file exist=" . $opm_realpath . $newfn);
0556: echo "ERROR 1133 UPLOAD EXIST [" . $newfn . "]";
0557: }
0558: }
0559: else {
0560: opm_FNDebug_Log ("ERROR 1134 cannot find uploaded file!");
0561: echo "ERROR 1134 UPLOAD";
0562: }
0563: }
0564: }
0565:
0566: // ==================================
0567: // CAPABILITY listing.
0568: // CAPABILITY returns a list of identified modules.
0569: // ==================================
0570: if ($opm_operation == "capa") {
0571: opm_FNDebug_Log ("OK Capability search started.");
0572: echo "OK CAPABILITY START\n";
0573:
0574: echo "OSCSTANDARD\n";
0575:
0576: // Credit Card Payment...
0577: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'"));
0578: if ($opm_sqlresult[0]) {
0579: opm_FNDebug_Log ("OK PAY_CC capability found.");
0580: echo "PAY_CC\n";
0581: }
0582:
0583: // Money Order Payment...
0584: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'"));
0585: if ($opm_sqlresult[0]) {
0586: opm_FNDebug_Log ("OK PAY_ORDER capability found.");
0587: echo "PAY_ORDER\n";
0588: }
0589:
0590: // COD Payment...
0591: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'"));
0592: if ($opm_sqlresult[0]) {
0593: opm_FNDebug_Log ("OK PAY_CC capability found.");
0594: echo "PAY_CC\n";
0595: }
0596:
0597: // PayPal Payment...
0598: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'"));
0599: if ($opm_sqlresult[0]) {
0600: opm_FNDebug_Log ("OK PAY_PP capability found.");
0601: echo "PAY_PP\n";
0602: }
0603:
0604: // Flat Rate Shipping...
0605: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'"));
0606: if ($opm_sqlresult[0]) {
0607: opm_FNDebug_Log ("OK SHIP_FLAT capability found.");
0608: echo "SHIP_FLAT\n";
0609: }
0610:
0611: // Table Shipping...
0612: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'"));
0613: if ($opm_sqlresult[0]) {
0614: opm_FNDebug_Log ("OK SHIP_TBL capability found.");
0615: echo "SHIP_TBL\n";
0616: }
0617:
0618: // Store PickUp Shipping...
0619: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'"));
0620: if ($opm_sqlresult[0]) {
0621: opm_FNDebug_Log ("OK SHIP_SPU capability found.");
0622: echo "SHIP_SPU\n";
0623: }
0624:
0625: // Multi Pickup Shipping...
0626: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'"));
0627: if ($opm_sqlresult[0]) {
0628: opm_FNDebug_Log ("OK SHIP_MPU capability found.");
0629: echo "SHIP_MPU\n";
0630: }
0631:
0632: // More Pics 6...
0633: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0634: if ($opm_sqlresult[0]) {
0635: opm_FNDebug_Log ("OK MOREPICS6 capability found.");
0636: echo "MOREPICS6\n";
0637: }
0638:
0639: // Total B2B...
0640: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id"));
0641: if ($opm_sqlresult[0]) {
0642: opm_FNDebug_Log ("OK TOTALB2B capability found.");
0643: echo "TOTALB2B\n";
0644: }
0645:
0646: // Poll Booth...
0647: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'"));
0648: if ($opm_sqlresult[0]) {
0649: opm_FNDebug_Log ("OK POLLBOOTH capability found.");
0650: echo "POLLBOOTH\n";
0651: }
0652:
0653: // Header Tags Controller...
0654: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag"));
0655: if ($opm_sqlresult[0]) {
0656: opm_FNDebug_Log ("OK HEADERTAGS capability found.");
0657: echo "HEADERTAGS\n";
0658: }
0659:
0660: // ZenCart...
0661: if (defined ("TABLE_EZPAGES")) {
0662: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like '" . TABLE_EZPAGES . "'"));
0663: if ($opm_sqlresult[0]) {
0664: opm_FNDebug_Log ("OK ZENCART capability found.");
0665: echo "ZENCART\n";
0666: }
0667: }
0668:
0669: opm_FNDebug_Log ("OK Capability search finished.");
0670: echo "OK CAPABILITY END\n";
0671: }
0672:
0673: // ==================================
0674: // TABLES listing.
0675: // TABLES returns the name of database tables.
0676: // ==================================
0677: if ($opm_operation == "tables") {
0678: opm_FNDebug_Log ("OK Tables listing started.");
0679: echo "OK TABLES START\n";
0680: // Table names...
0681: echo "TABLE_CATEGORIES=" . TABLE_CATEGORIES . "\n";
0682: echo "TABLE_CATEGORIES_DESCRIPTION=" . TABLE_CATEGORIES_DESCRIPTION . "\n";
0683: echo "TABLE_CONFIGURATION=" . TABLE_CONFIGURATION . "\n";
0684: echo "TABLE_CURRENCIES=" . TABLE_CURRENCIES . "\n";
0685: echo "TABLE_LANGUAGES=" . TABLE_LANGUAGES . "\n";
0686: echo "TABLE_MANUFACTURERS=" . TABLE_MANUFACTURERS . "\n";
0687: echo "TABLE_MANUFACTURERS_INFO=" . TABLE_MANUFACTURERS_INFO . "\n";
0688: echo "TABLE_PRODUCTS=" . TABLE_PRODUCTS . "\n";
0689: echo "TABLE_PRODUCTS_DESCRIPTION=" . TABLE_PRODUCTS_DESCRIPTION . "\n";
0690: echo "TABLE_PRODUCTS_TO_CATEGORIES=" . TABLE_PRODUCTS_TO_CATEGORIES . "\n";
0691: echo "TABLE_SPECIALS=" . TABLE_SPECIALS . "\n";
0692: echo "TABLE_TAX_CLASS=" . TABLE_TAX_CLASS . "\n";
0693: echo "TABLE_TAX_RATES=" . TABLE_TAX_RATES . "\n";
0694: opm_FNDebug_Log ("OK Tables listing finished.");
0695: echo "OK TABLES END\n";
0696: }
0697:
0698:
0699: // ==================================
0700: // BACKUP database.
0701: // BACKUP returns a SQL dump.
0702: // ==================================
0703: if ($opm_operation == "backup") {
0704: opm_FNDebug_Log ("OK Backup of database requested.");
0705: $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
0706: opm_FNBackup ($opm_realpath . $opm_bak_filename);
0707: if (file_exists ($opm_realpath . $opm_bak_filename)) {
0708: opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
0709: if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
0710: $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
0711: header ("Content-type: application/octet-stream");
0712: header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
0713: header("Content-Length: " . $opm_bak_filesize);
0714: header ("Pragma: no-store");
0715: readfile ($opm_realpath . $opm_bak_filename . ".gz");
0716: @unlink ($opm_realpath . $opm_bak_filename . ".gz");
0717: opm_FNDebug_Log ("OK Deleting compressed backup file.");
0718: }
0719: @unlink ($opm_realpath . $opm_bak_filename);
0720: opm_FNDebug_Log ("OK Deleting uncompressed backup file.");
0721: }
0722: else {
0723: opm_FNDebug_Log ("ERROR 1140 Backup file not found.");
0724: }
0725: opm_FNDebug_Log ("OK Backup operation finished.");
0726: }
0727:
0728:
0729: // ==================================
0730: // Get XCHGRATES.
0731: // XCHGRATES returns the exchange rates of currencies.
0732: // ==================================
0733: if ($opm_operation == "xchgrates") {
0734: opm_FNDebug_Log ("OK Starting XCHGRATES operation.");
0735: if ($opm_filename) {
0736: $opm_filename = strtoupper ($opm_filename);
0737: $opm_main_currency = substr ($opm_filename, 0, 3);
0738: $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
0739: if (($opm_main_currency) && ($opm_xchange_currencies)) {
0740: $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
0741: $opm_page_data = opm_FNget_webpage ($opm_xchange_page);
0742: if ($opm_page_data) {
0743: $opm_page_data = strip_tags ($opm_page_data);
0744: $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
0745: $opm_xr_matches = array ();
0746: preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
0747: echo "OK XCHGRATES START\n";
0748: foreach ($opm_xr_matches[2] as $key => $value) {
0749: echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
0750: }
0751: echo "OK XCHGRATES END\n";
0752: }
0753: else {
0754: opm_FNDebug_Log ("ERROR 1150 The remote server answer is empty or invalid.");
0755: echo "ERROR 1150 XCHGRATES REMOTE SERVER ERROR";
0756: }
0757: }
0758: else {
0759: opm_FNDebug_Log ("ERROR 1151 The specified currency codes are invalid.");
0760: echo "ERROR 1151 XCHGRATES INVALID CURRENCY";
0761: }
0762: }
0763: else {
0764: opm_FNDebug_Log ("ERROR 1152 The no currency codes were specified.");
0765: echo "ERROR 1152 XCHGRATES EMPTY CURRENCY";
0766: }
0767: }
0768:
0769:
0770:
0771: // ==================================
0772: // Execute DBQUERY.
0773: // DBQUERY returns ...
0774: // ==================================
0775: if ($opm_operation == "dbquery") {
0776: opm_FNDebug_Log ("OK Starting DBQUERY operation.");
0777: if ($opm_query) {
0778: echo "OK DBQUERY START\n";
0779: echo opm_FNExec_Query ($opm_query, false, true, $opm_enable_recordsetlog);
0780: echo "OK DBQUERY END\n";
0781: }
0782: else {
0783: opm_FNDebug_Log ("ERROR 1171 The database query is empty.");
0784: echo "ERROR 1171 DBQUERY EMPTY DATABASE QUERY";
0785: }
0786: opm_FNDebug_Log ("OK Finishing DBQUERY operation.");
0787: }
0788:
0789:
0790:
0791: if ($opm_browser_debug) { echo "</pre>"; }
0792: return;
0793:
0794:
0795: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0796: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0797: function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
0798: $dirhandle = opendir ($dirname);
0799: while (($file = readdir ($dirhandle)) != false)
0800: $sorteddir[count ($sorteddir)] = $file;
0801: closedir ($dirhandle);
0802: natcasesort ($sorteddir);
0803: if (!$onlydirs) {
0804: foreach ($sorteddir as $file) {
0805: if (($file != ".") && ($file != "..")) {
0806: if (!is_dir ($dirname . $file)) {
0807: if ($parentdir) {
0808: echo $parentdir . "/" . $file . "\n";
0809: }
0810: else {
0811: echo $file . "\n";
0812: }
0813: }
0814: }
0815: }
0816: foreach ($sorteddir as $file) {
0817: if (($file != ".") && ($file != "..")) {
0818: if (is_dir ($dirname . $file)) {
0819: if ($parentdir) {
0820: opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0821: }
0822: else {
0823: opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0824: }
0825: }
0826: }
0827: }
0828: }
0829: else {
0830: foreach ($sorteddir as $file) {
0831: if (($file != ".") && ($file != "..")) {
0832: if (is_dir ($dirname . $file)) {
0833: if ($parentdir) {
0834: echo $parentdir . "/" . $file . "\n";
0835: opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0836: }
0837: else {
0838: echo $file . "\n";
0839: opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0840: }
0841: }
0842: }
0843: }
0844: }
0845: }
0846:
0847:
0848:
0849: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0850: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0851: function opm_FNSmart_Rename ($wantedname, $tries) {
0852: global $opm_realpath;
0853: $newname = $wantedname;
0854: $newext = '.' . array_pop (explode ('.', $wantedname));
0855: for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
0856: if (!file_exists ($opm_realpath . $newname)) {
0857: return ($newname);
0858: }
0859: else {
0860: $newdirname = dirname ($wantedname);
0861: if ($newdirname != ".") {
0862: $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0863: }
0864: else {
0865: $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0866: }
0867: }
0868: }
0869: return ($wantedname);
0870: }
0871:
0872:
0873:
0874: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0875: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0876: function opm_FNDebug_Log ($logline) {
0877: global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
0878: if ($opm_enable_logfile) {
0879: if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
0880: $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
0881: $opm_lfilef = @fopen ($opm_debug_file, 'a');
0882: if ($opm_lfilef) {
0883: if ($logline) {
0884: @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
0885: }
0886: else {
0887: @fwrite ($opm_lfilef, "\n");
0888: }
0889: @fclose ($opm_lfilef);
0890: }
0891: }
0892: }
0893: }
0894:
0895:
0896: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0897: // Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
0898: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0899: function opm_FNmkdirs ($dirname) {
0900: if (is_dir ($dirname) || empty ($dirname)) return 1;
0901: if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
0902: if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
0903: if (!file_exists($dirname)) {
0904: return @mkdir ($dirname, 0777);
0905: }
0906: }
0907: return 0;
0908: }
0909:
0910:
0911: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0912: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0913: function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false, $logdata = false) {
0914: global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_cfield, $opm_tag_fieldlist;
0915: global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats;
0916: global $opm_compress, $opm_compress_level;
0917: $result_string = "";
0918: $record_count = 0;
0919: $query_type = strtoupper (substr ($sql_query, 0, strpos ($sql_query, " ")));
0920: opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
0921: $sql_result = fopm_dbquery ($sql_query);
0922: if (($query_type == "SELECT") || ($query_type == "SHOW") || ($query_type == "DESCRIBE")) {
0923: while ($sql_record = fopm_dbfetchrow ($sql_result)) {
0924: $record_count++;
0925: $sql_fullrec = "";
0926: if ($rawdata) {
0927: foreach ($sql_record as $fielddata) {
0928: $result_string .= $fielddata . "\n";
0929: }
0930: }
0931: else {
0932: $result_string .= "$opm_tag_recordbegin\n";
0933: foreach ($sql_record as $fielddata) {
0934: if ($encodeddata) {
0935: $encodedfield = base64_encode ($fielddata);
0936: }
0937: else {
0938: $encodedfield = htmlentities ($fielddata);
0939: }
0940: $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0941: $sql_fullrec .= $encodedfield;
0942: }
0943: $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
0944: }
0945: }
0946: }
0947: elseif ($query_type == "INSERT") {
0948: $sql_result = fopm_dblastid ();
0949: $record_count = 1;
0950: $sql_fullrec = "";
0951: if ($rawdata) {
0952: $result_string .= $sql_result . "\n";
0953: }
0954: else {
0955: $result_string .= "$opm_tag_recordbegin\n";
0956: if ($encodeddata) {
0957: $encodedfield = base64_encode ($sql_result);
0958: }
0959: else {
0960: $encodedfield = htmlentities ($sql_result);
0961: }
0962: $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0963: $sql_fullrec .= $encodedfield;
0964: $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
0965: }
0966: }
0967: if ($logdata) {
0968: opm_FNDebug_Log ("RECORDSET=\n$result_string\n");
0969: }
0970: if (!$rawdata) {
0971: if ($opm_compress) {
0972: opm_FNDebug_Log ("RECORDSET SIZE (UNCOMPRESSED)=" . strlen ($result_string));
0973: $result_string = base64_encode (gzcompress ($result_string, $opm_compress_level)) . "\n";
0974: }
0975: }
0976: opm_FNDebug_Log ("RECORDSET SIZE=" . strlen ($result_string));
0977: return $result_string;
0978: }
0979:
0980:
0981:
0982:
0983:
0984: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0985: // Based on code from osCommerce (/admin/backup.php).
0986: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0987: function opm_FNBackup ($dump_file) {
0988: global $opm_script_version;
0989: if ($dump_file) {
0990: $bakfilef = fopen ($dump_file, 'w');
0991: $bakline = "############################################################################\n";
0992: $bakline .= "# OSCPMWin (server-side $opm_script_version)\n";
0993: $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
0994: $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
0995: $bakline .= "############################################################################\n\n";
0996: fwrite ($bakfilef, $bakline);
0997: $tables_query = fopm_dbquery ("show tables");
0998: while ($tables = fopm_dbfetchrow ($tables_query)) {
0999: $table = $tables[0];
1000: $bakline = "\n\n############################################################################\n";
1001: $bakline .= "# " . strtoupper ($table) . "\n";
1002: $bakline .= "############################################################################\n\n";
1003: $bakline .= "drop table if exists $table;\ncreate table $table (\n";
1004: $table_list = array ();
1005: $fields_query = fopm_dbquery ("show fields from $table");
1006: while ($fields = fopm_dbfetchrow ($fields_query)) {
1007: $table_list[] = $fields[0];
1008: $bakline .= " " . $fields[0] . " " . $fields[1];
1009: if (strlen ($fields[4]) > 0) $bakline .= " default '" . $fields[4] . "'";
1010: if (strtoupper ($fields[2]) != "YES") $bakline .= " not null";
1011: if (isset ($fields[5])) $bakline .= " " . $fields[5];
1012: $bakline .= ",\n";
1013: }
1014: $bakline = ereg_replace(",\n$", '', $bakline);
1015: $index = array ();
1016: $keys_query = fopm_dbquery ("show keys from $table");
1017: while ($keys = fopm_dbfetchrow ($keys_query)) {
1018: $kname = $keys[2];
1019: if (!isset ($index[$kname])) {
1020: $index[$kname] = array ("unique" => !$keys[1], "columns" => array());
1021: }
1022: $index[$kname]["columns"][] = $keys[4];
1023: }
1024: while (list($kname, $info) = each($index)) {
1025: $bakline .= ",\n";
1026: $columns = implode($info["columns"], ", ");
1027: if ($kname == "PRIMARY") {
1028: $bakline .= " PRIMARY KEY ($columns)";
1029: } elseif ($info["unique"]) {
1030: $bakline .= " UNIQUE $kname ($columns)";
1031: } else {
1032: $bakline .= " KEY $kname ($columns)";
1033: }
1034: }
1035: $bakline .= "\n);\n\n";
1036: fwrite ($bakfilef, $bakline);
1037: $rows_query = fopm_dbquery ("select " . implode (",", $table_list) . " from $table");
1038: while ($rows = fopm_dbfetchrow ($rows_query)) {
1039: $bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
1040: for ($curfield = 0; $curfield < count ($table_list); $curfield++) {
1041: if (!isset ($rows[$curfield])) {
1042: $bakline .= "NULL, ";
1043: } elseif (($rows[$curfield] != "") && (strtoupper ($rows[$curfield]) != "NULL")) {
1044: $row = addslashes ($rows[$curfield]);
1045: $row = ereg_replace("\n#", "\n".'\#', $row);
1046: $bakline .= "'$row', ";
1047: } else {
1048: $bakline .= "'', ";
1049: }
1050: }
1051: $bakline = ereg_replace (", $", "", $bakline) . ");\n";
1052: fwrite ($bakfilef, $bakline);
1053: }
1054: }
1055: fclose ($bakfilef);
1056: }
1057: }
1058:
1059:
1060: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1061: // Compress a file with the gzip algorithm.
1062: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1063: function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
1064: if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
1065: $opm_ungzfp = fopen($opm_gzsource, "rb");
1066: $opm_gzfp = gzopen($opm_gztarget, "wb9");
1067: if ($opm_gzfp && $opm_ungzfp) {
1068: while (!feof ($opm_ungzfp)) {
1069: gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
1070: }
1071: @fclose ($opm_ungzfp);
1072: @gzclose ($opm_gzfp);
1073: return (true);
1074: }
1075: else {
1076: @fclose ($opm_ungzfp);
1077: @gzclose ($opm_gzfp);
1078: return (false);
1079: }
1080: }
1081: else {
1082: return (false);
1083: }
1084: }
1085:
1086:
1087: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1088: // Request a page from a web server.
1089: // If using a proxy server, redirect the call thru the proxy.
1090: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1091: function opm_FNget_webpage ($target_url) {
1092: global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
1093: $opm_http_content = "";
1094: $errno = 0;
1095: $errstr = "";
1096: $urlparts = parse_url ($target_url);
1097: if ($urlparts["host"]) {
1098: @ignore_user_abort (true);
1099: if ($opm_cfg_useproxy) {
1100: $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
1101: }
1102: else {
1103: $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
1104: }
1105: if ($opm_sockconn) {
1106: if ($opm_cfg_useproxy) {
1107: fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
1108: }
1109: else {
1110: fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
1111: }
1112: while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
1113: $opm_http_content .= fgets ($opm_sockconn, 10240);
1114: }
1115: @fclose ($opm_sockconn);
1116: if (eregi ("HTTP.*200 OK", $opm_http_content)) {
1117: $opm_http_content = str_replace ("\r", "", $opm_http_content);
1118: $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
1119: return ($opm_http_content);
1120: }
1121: }
1122: }
1123: return ("");
1124: }
1125:
1126:
1127:
1128: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1129: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1130: function fopm_dbconnect ($dbhost, $dbname, $dbusername, $dbpassword) {
1131: global $opm_db_handle;
1132: $opm_db_handle = false;
1133: if ($dbhost && $dbname && $dbusername) {
1134: if (function_exists ("mysql_connect")) {
1135: $opm_db_handle = @mysql_connect ($dbhost, $dbusername, $dbpassword);
1136: $database = @mysql_select_db ($dbname);
1137: if (!$opm_db_handle or (isset ($database) and !$database)) {
1138: opm_FNDebug_Log ("ERROR 2000 Cannot connect to the database $dbname@$dbhost as $dbusername.");
1139: }
1140: else {
1141: return (true);
1142: }
1143: }
1144: else {
1145: opm_FNDebug_Log ("ERROR 2010 Without support in PHP for MySQL.");
1146: echo "ERROR 2010 PHP WITHOUT MYSQL SUPPORT.";
1147: }
1148: }
1149: else {
1150: opm_FNDebug_Log ("ERROR 2020 Missing database connection parameters.");
1151: echo "ERROR 2020 MISSING DB CONNECTION PARAMETERS.";
1152: }
1153: return (false);
1154: }
1155:
1156:
1157:
1158: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1159: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1160: function fopm_dbquery ($query) {
1161: global $opm_db_handle;
1162: if ($opm_db_handle) {
1163: return (@mysql_query ($query));
1164: }
1165: else {
1166: opm_FNDebug_Log ("ERROR 2100 The provided database link is not connected.");
1167: echo "ERROR 2100 DB LINK WITHOUT CONNECTION.";
1168: }
1169: }
1170:
1171:
1172:
1173: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1174: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1175: function fopm_dbfetchrow ($result) {
1176: global $opm_db_handle;
1177: return (mysql_fetch_row ($result));
1178: }
1179:
1180:
1181: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1182: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1183: function fopm_dblastid () {
1184: global $opm_db_handle;
1185: $result9 = fopm_dbquery ("select last_insert_id()");
1186: $row9 = fopm_dbfetchrow ($result9);
1187: if ($row9) { return ($row9[0]); } else { return (0); }
1188: }
1189:
1190:
1191:
1192:
1193:
1194:
1195: ?>
