Source code of file oscpmwin/oscpm1_upload.txt from the
osCommerce Product Manager for Windows.
0000: <?php
0001: // osCommerce Product Manager for Windows (oscpmwin).
0002: // Copyright �2003-2007 by Mario A. Valdez-Ramirez.
0003:
0004: // You can contact Mario A. Valdez-Ramirez
0005: // by email at mario@mariovaldez.org or paper mail at
0006: // Olmos 809, San Nicolas, NL. 66495, Mexico.
0007:
0008: // This program is free software; you can redistribute it and/or modify
0009: // it under the terms of the GNU General Public License as published by
0010: // the Free Software Foundation; either version 2 of the License, or (at
0011: // your option) any later version.
0012:
0013: // This program is distributed in the hope that it will be useful, but
0014: // WITHOUT ANY WARRANTY; without even the implied warranty of
0015: // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
0016: // General Public License for more details.
0017:
0018: // You should have received a copy of the GNU General Public License
0019: // along with this program; if not, write to the Free Software
0020: // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
0021:
0022:
0023: // ==================================
0024: // Start of configuration options...
0025: // ==================================
0026: $opm_images_directory = "images/";
0027: $opm_enable_logfile = false;
0028: $opm_enable_extralog = false;
0029: $opm_enable_recordsetlog = false;
0030: $opm_debug_file = "opm_debug.txt";
0031: $opm_browser_debug = false;
0032: $opm_enable_auth = true;
0033: $opm_password_override = "";
0034: $opm_upload_perms = "0644";
0035: $opm_timezone_shift = 0;
0036: $opm_allow_compression = true;
0037: $opm_compress_level = 1;
0038:
0039: $opm_cfg_useproxy = false;
0040: $opm_cfg_proxyaddress = "192.168.0.1";
0041: $opm_cfg_proxyport = 3128;
0042:
0043: // ==================================
0044: // End of configuration options...
0045: // ==================================
0046:
0047:
0048: $opm_httpconn_timeout = 60; // 60 seconds
0049: $opm_tag_recordbegin = "BR"; // BR
0050: $opm_tag_recordend = "ER"; // ER
0051: $opm_tag_field = "DF"; // DF
0052: $opm_tag_databegin = "["; // [
0053: $opm_tag_dataend = "]"; // ]
0054: $opm_tag_comment = "#"; // #
0055: $opm_tag_stats = "ST"; // ST
0056: $opm_tag_fieldlist = "FL"; // FL
0057:
0058: $opm_ok_string = "MVOSCPM1_NOERROR";
0059: $opm_error_string = "MVOSCPM1_ERROR";
0060: $opm_session_string = "OSCPMCHECKER";
0061: $opm_max_failedlogins = 8; // Max logins before blocking the client.
0062: $opm_max_blocktime = 3600; // Time a client is blocked after too many failures.
0063: $opm_max_tracktime = 900; // Time to store the login history of each client.
0064: $opm_sleep_afterfail = 15; // Delay when login fails.
0065:
0066: $opm_hash_strengh = 100;
0067:
0068: $opm_script_version = "0.9.6";
0069: error_reporting(E_ALL & ~E_NOTICE);
0070:
0071: $opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
0072: $opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
0073: $opm_tmposname = explode (" ", php_uname ());
0074: $opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];
0075:
0076: @set_time_limit (300);
0077:
0078: if (!$opm_upload_perms) {
0079: $opm_upload_perms = "0600";
0080: }
0081:
0082: $opm_ip_address = $_SERVER["REMOTE_ADDR"];
0083: if (!$opm_ip_address) {
0084: $opm_ip_address = $HTTP_SERVER_VARS["REMOTE_ADDR"];
0085: if (!$opm_ip_address) {
0086: $opm_ip_address = $_ENV["REMOTE_ADDR"];
0087: if (!$opm_ip_address) {
0088: $opm_ip_address = getenv("REMOTE_ADDR");
0089: }
0090: else $opm_ip_address = "";
0091: }
0092: }
0093:
0094:
0095: $opm_db_handle = false;
0096:
0097:
0098: // Get all parameters about the request.
0099: if (!$opm_browser_debug) {
0100: $opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
0101: $opm_operation = strtolower (trim ($_POST["Op"]));
0102: $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
0103: $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
0104: $opm_query = base64_decode (trim ($_POST["Qy"]));
0105: $opm_reqversion = trim ($_POST["Vn"]);
0106: $opm_logintimestamp = trim ($_POST["TS"]);
0107: $opm_compress = abs ($_POST["Gz"]);
0108: }
0109: else {
0110: $opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
0111: $opm_operation = strtolower (trim ($_GET["Op"]));
0112: $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
0113: $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
0114: $opm_query = trim ($_GET["Qy"]);
0115: $opm_reqversion = trim ($_GET["Vn"]);
0116: $opm_logintimestamp = trim ($_GET["TS"]);
0117: $opm_compress = abs ($_GET["Gz"]);
0118: }
0119: if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
0120: $opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
0121: }
0122: $opm_compress = ($opm_compress && $opm_allow_compression);
0123:
0124: // If timestamp is empty, create a dummy to force an authentication failure.
0125: if (strlen ($opm_logintimestamp) < 15) {
0126: $opm_logintimestamp = date ("YmdHis");
0127: }
0128:
0129: /*
0130: Note on parameters:
0131: When the operation needs a parameter, it shold be send using
0132: either FN or QY (Filename or Query). The difference is that
0133: FN is cleaned (deleting slashes, dots and spaces) while QY
0134: is not cleaned. However, QY is always Base64-encoded.
0135: */
0136:
0137:
0138: // Log basic information about the request.
0139: if ($opm_enable_extralog) {
0140: if (!$opm_browser_debug) {
0141: opm_FNDebug_Log (print_r ($_POST, true));
0142: }
0143: else {
0144: opm_FNDebug_Log (print_r ($_GET, true));
0145: }
0146: }
0147: else {
0148: opm_FNDebug_Log ("");
0149: }
0150: opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0151: opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
0152: opm_FNDebug_Log ("OPERATION=" . $opm_operation);
0153: opm_FNDebug_Log ("FILENAME=" . $opm_filename);
0154: opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
0155: opm_FNDebug_Log ("QUERY=" . $opm_query);
0156: opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
0157: opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);
0158: opm_FNDebug_Log ("COMPRESS=" . $opm_compress);
0159:
0160:
0161: // Include osCommerce database configuration and functions.
0162: require ("includes/configure.php");
0163: require (DIR_WS_INCLUDES . "database_tables.php");
0164:
0165:
0166: if ($opm_browser_debug) { echo "<pre>"; }
0167:
0168: // Check if script version is the expected by client.
0169: if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
0170: opm_FNDebug_Log ("$opm_error_string 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
0171: echo "$opm_error_string 1000 WRONG SCRIPT VERSION";
0172: return;
0173: }
0174:
0175: // Check if the image directory is valid.
0176: if (!is_dir ($opm_realpath) && ($opm_operation)) {
0177: opm_FNDebug_Log ("$opm_error_string 1010 cannot find the images directory. Expecting $opm_realpath exist.");
0178: echo "$opm_error_string 1010 IMAGE DIRECTORY NOT FOUND";
0179: return;
0180: }
0181:
0182:
0183: // Connect to database.
0184: if (!fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD)) {
0185: echo "$opm_error_string 1031 NO DATABASE CONNECTION";
0186: return;
0187: }
0188:
0189:
0190: // Get osCommerce DB password and compare it with client password.
0191: // Unless no operation is requested.
0192: if ($opm_operation) {
0193: if ($opm_enable_auth) {
0194: if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
0195: // Check if the client is known...
0196: $opm_failed_attempts = 0;
0197: $opm_failed_time = time ();
0198: $opm_sql_result = fopm_dbquery ("select customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url from " . TABLE_WHOS_ONLINE . " where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0199: if ($opm_sql_record = fopm_dbfetchrow ($opm_sql_result)) {
0200: // It is known...
0201: if (round (abs ($opm_sql_record[5])) > ($opm_failed_time - $opm_max_tracktime)) {
0202: $opm_failed_attempts = round (abs ($opm_sql_record[6]));
0203: if ($opm_failed_attempts > $opm_max_failedlogins) {
0204: // It is blocked...
0205: $opm_failed_time = time () + $opm_max_blocktime;
0206: }
0207: }
0208: else {
0209: // We are not tracking it...
0210: $opm_failed_attempts = 0;
0211: }
0212: // Updates the tracking information...
0213: $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0214: }
0215: else {
0216: // Creates a tracking record...
0217: $opm_sql_result = fopm_dbquery ("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values (0, '$opm_session_string', '$opm_session_string', '$opm_ip_address', '$opm_failed_time', '$opm_failed_time', '0')");
0218: }
0219: if ($opm_failed_attempts > $opm_max_failedlogins) {
0220: // The client is blocked, show error...
0221: opm_FNDebug_Log ("$opm_error_string 1024 the client ($opm_ip_address) has been blocked, too many failed logins ($opm_failed_attempts).");
0222: sleep ($opm_sleep_afterfail);
0223: echo "$opm_error_string 1024 BLOCKED";
0224: return;
0225: }
0226: else {
0227: // The client is not blocked, continue...
0228: if ($opm_password_override != "") {
0229: opm_FNDebug_Log ("Password override is enabled.");
0230: $opm_serverpassword = $opm_password_override;
0231: for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
0232: $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
0233: }
0234: }
0235: else {
0236: $opm_serverpassword = DB_SERVER_PASSWORD;
0237: for ($hashcounter = 1; $hashcounter <= $opm_hash_strengh; $hashcounter++) {
0238: $opm_serverpassword = strtoupper (md5 ($opm_serverpassword . $opm_logintimestamp));
0239: }
0240: }
0241: opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
0242: if ($opm_serverpassword != $opm_passwordhash) {
0243: // Password mismatch...
0244: opm_FNDebug_Log ("$opm_error_string 1020 the server and client passwords do not match.");
0245: $opm_failed_attempts++;
0246: opm_FNDebug_Log ("Failed logins from $opm_ip_address = $opm_failed_attempts");
0247: // Update tracking data about this...
0248: $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='$opm_failed_attempts' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0249: if ($opm_failed_attempts > 1) {
0250: // This is not the first failure, delay a bit...
0251: sleep ($opm_sleep_afterfail);
0252: }
0253: echo "$opm_error_string 1020 PASSWORD MISMATCH";
0254: return;
0255: }
0256: else {
0257: // Password match, reset failures count in tracking data...
0258: $opm_sql_result = fopm_dbquery ("update " . TABLE_WHOS_ONLINE . " set time_last_click='$opm_failed_time', last_page_url='0' where customer_id=0 and session_id='$opm_session_string' and ip_address='$opm_ip_address'");
0259: }
0260: }
0261: }
0262: else {
0263: opm_FNDebug_Log ("$opm_error_string 1021 the server password was not found.");
0264: echo "$opm_error_string 1021 CANNOT FIND SERVER PASSWORD";
0265: return;
0266: }
0267: }
0268: else {
0269: opm_FNDebug_Log ("Password authentication is disabled.");
0270: }
0271: }
0272: else {
0273: // If called from a browser, display a simple information page
0274: $opm_simpletest_dbok = false;
0275: $opm_simpletest_imgok = false;
0276: echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
0277: echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
0278: echo "LI { padding: 5px; }\n";
0279: echo "H3 { padding: 5px 5px 5px 20px; }\n";
0280: echo "A { color: #0000FF; text-decoration: none; }\n";
0281: echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
0282: echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
0283: echo ".ok { background-color: #CCFFCC; }\n";
0284: echo ".notok { background-color: #FFCCCC; }\n";
0285: echo ".info { background-color: #EEEEFF; }\n";
0286: echo ".links { background-color: #EEEEEE; }\n";
0287: echo "</style>\n";
0288: echo "</head><body>\n";
0289: echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
0290: $opm_simpletest_dbok = fopm_dbconnect (DB_SERVER, DB_DATABASE, DB_SERVER_USERNAME, DB_SERVER_PASSWORD);
0291: $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
0292: if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0293: echo "<div class=\"ok\">";
0294: }
0295: else {
0296: echo "<div class=\"notok\">";
0297: }
0298: echo "<ul>\n";
0299: if ($opm_simpletest_dbok) {
0300: echo "<li><strong>Database connection seems OK.</strong></li>\n";
0301: }
0302: else {
0303: echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
0304: }
0305: if ($opm_simpletest_imgok) {
0306: echo "<li><strong>Image directory seems OK.</strong></li>\n";
0307: }
0308: else {
0309: echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
0310: }
0311: echo "</ul>";
0312: if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0313: echo "<h3><strong>Everything seems OK. :)</strong></h3>\n";
0314: }
0315: else {
0316: echo "<h3><strong>There seems to be a problem. :(</strong></h3>\n";
0317: }
0318: echo "</div>";
0319: echo "<div class=\"info\"><ul>";
0320: if ($opm_browser_debug) {
0321: echo "<li>Browser-debug mode is enabled.";
0322: }
0323: else {
0324: echo "<li>Browser-debug mode is disabled";
0325: }
0326: echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";
0327:
0328: if ($opm_enable_logfile) {
0329: echo "<li>Logging file is enabled.";
0330: }
0331: else {
0332: echo "<li>Logging file is disabled";
0333: }
0334: echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";
0335:
0336: if ($opm_cfg_useproxy) {
0337: echo "<li>Proxy-usage is enabled.";
0338: }
0339: else {
0340: echo "<li>Proxy-usage is disabled";
0341: }
0342: echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
0343:
0344: if ($opm_allow_compression) {
0345: echo "<li>Compression is enabled.";
0346: }
0347: else {
0348: echo "<li>Compression is disabled";
0349: }
0350: echo "<br><small>Compression of data traffic improves the speed of the data transfer. The compression level is set to $opm_compress_level. This setting is not enforced unless the client application request a compressed data stream too.</small></li>\n";
0351:
0352: echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
0353: echo "</ul></div>";
0354: echo "<div class=\"links\"><ul>";
0355: echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
0356: echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
0357: echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
0358: echo "</ul></div>";
0359: echo "<p><small>©2003-2007 by Mario A. Valdez-Ramirez.<br>\n";
0360: echo "This program is free software; you can redistribute it and/or modify\n";
0361: echo "it under the terms of the GNU General Public License as published by\n";
0362: echo "the Free Software Foundation; either version 2 of the License, or (at\n";
0363: echo "your option) any later version.</small></p>\n";
0364: echo "</body></html>";
0365: return;
0366: }
0367:
0368:
0369:
0370: // ==================================
0371: // Do nothing.
0372: // NOOP do nothing.
0373: // ==================================
0374: if ($opm_operation == "noop") {
0375: echo "$opm_ok_string NOOP START\n";
0376: opm_FNDebug_Log ("$opm_ok_string NOOP requested.");
0377: echo "$opm_ok_string NOOP END\n";
0378: }
0379:
0380: // ==================================
0381: // Returns a PHPINFO dump.
0382: // PHPINFO returns a dump of the PHPINFO function.
0383: // ==================================
0384: if ($opm_operation == "phpinfo") {
0385: echo "$opm_ok_string PHPINFO START\n";
0386: ob_start ();
0387: phpinfo ();
0388: $opm_phpinfo = ob_get_contents ();
0389: ob_end_clean ();
0390: $opm_phpinfo = str_replace ("<h2>", str_repeat ("=", 40) . "\n* ", $opm_phpinfo);
0391: $opm_phpinfo = str_replace ("</h2>", "\n" . str_repeat ("=", 40) . "\n", $opm_phpinfo);
0392: $opm_phpinfo = str_replace ("<th>", " | ", $opm_phpinfo);
0393: $opm_phpinfo = str_replace ("</th>", " | ", $opm_phpinfo);
0394: $opm_phpinfo = str_replace ("<td class=\"v\">", " | ", $opm_phpinfo);
0395: $opm_phpinfo = strip_tags ($opm_phpinfo);
0396: $opm_phpinfo_lines = explode ("\n", $opm_phpinfo);
0397: $opm_phpinfo = "";
0398: foreach ($opm_phpinfo_lines as $opm_phpinfo_curline) {
0399: $opm_phpinfo_curline = trim ($opm_phpinfo_curline);
0400: if ($opm_phpinfo_curline) {
0401: $opm_phpinfo .= $opm_phpinfo_curline . "\n";
0402: }
0403: }
0404: echo $opm_phpinfo;
0405: echo "$opm_ok_string PHPINFO END\n";
0406: }
0407:
0408: // ==================================
0409: // CHECK if a file exists.
0410: // CHECK requires the full path of the image.
0411: // ==================================
0412: if ($opm_operation == "check") {
0413: if ($opm_filename) {
0414: if (file_exists ($opm_realpath . $opm_filename)) {
0415: opm_FNDebug_Log ("$opm_ok_string file found $opm_filename.");
0416: echo "$opm_ok_string FILE EXISTS";
0417: }
0418: else {
0419: opm_FNDebug_Log ("$opm_error_string 1110 file not found $opm_filename.");
0420: echo "$opm_error_string 1110 FILE NOT FOUND";
0421: }
0422: }
0423: }
0424:
0425: // ==================================
0426: // LIST all files recursively.
0427: // LIST returns the filenames with paths.
0428: // ==================================
0429: if ($opm_operation == "list") {
0430: echo "$opm_ok_string LIST START\n";
0431: opm_FNList_Files ($opm_realpath, "", false);
0432: echo "$opm_ok_string LIST END\n";
0433: }
0434:
0435: // ==================================
0436: // LISTDIRS only dirs recursively.
0437: // LISTDIRS returns no filenames.
0438: // ==================================
0439: if ($opm_operation == "listdirs") {
0440: echo "$opm_ok_string LISTDIRS START\n";
0441: opm_FNList_Files ($opm_realpath, "", true);
0442: echo "$opm_ok_string LISTDIRS END\n";
0443: }
0444:
0445: // ==================================
0446: // DELETE an image.
0447: // DELETE requires the filename of the image with path.
0448: // DELETE1 deletes the image if less than one record references it.
0449: // DELETE2 deletes the image if less than two records reference it.
0450: // ==================================
0451: if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
0452: if ($opm_operation == "delete1") {
0453: $allowed_owners = 1;
0454: }
0455: else {
0456: $allowed_owners = 2;
0457: }
0458: if ($opm_filename) {
0459: // Check for More Pics 6 extension...
0460: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0461: if ($opm_sqlresult[0]) {
0462: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'"));
0463: }
0464: else {
0465: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'"));
0466: }
0467: if ($opm_sqlresult[0] < $allowed_owners) {
0468: if (file_exists ($opm_realpath . $opm_filename)) {
0469: if (@unlink ($opm_realpath . $opm_filename)) {
0470: if (!file_exists ($opm_realpath . $opm_filename)) {
0471: opm_FNDebug_Log ("$opm_ok_string file deleted $opm_filename.");
0472: echo "$opm_ok_string DELETE";
0473: }
0474: else {
0475: opm_FNDebug_Log ("$opm_error_string 1120 file cannot be deleted $opm_filename.");
0476: echo "$opm_error_string 1120 DELETE FILE REMAINS";
0477: }
0478: }
0479: else {
0480: opm_FNDebug_Log ("$opm_error_string 1121 when deleting $opm_filename.");
0481: echo "$opm_error_string 1121 DELETE UNKNOWN";
0482: }
0483: }
0484: else {
0485: opm_FNDebug_Log ("$opm_ok_string file not found when deleting $opm_filename.");
0486: echo "$opm_ok_string DELETE FILE NOT FOUND";
0487: }
0488: }
0489: else {
0490: opm_FNDebug_Log ("$opm_ok_string file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
0491: echo "$opm_ok_string DELETE FILE IN USE";
0492: }
0493: }
0494: else {
0495: opm_FNDebug_Log ("$opm_ok_string filename empty.");
0496: echo "$opm_ok_string DELETE FILENAME EMPTY";
0497: }
0498: }
0499:
0500: // ==================================
0501: // UPLOAD an image.
0502: // UPLOAD requires the path, without filename, where the image will be stored.
0503: // UPLOAD returns the image filename with the path.
0504: // ==================================
0505: if ($opm_operation == "upload") {
0506: if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
0507: if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
0508: if ($opm_filename) {
0509: $newfn = $opm_filename;
0510: }
0511: else {
0512: $newfn = trim ($_FILES["Fl"]["name"]);
0513: }
0514: $newfn = str_replace (" ", "_", $newfn);
0515: $newfn = str_replace ("/", "", $newfn);
0516: $newfn = str_replace ("\\", "", $newfn);
0517: $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
0518: $newfn = strtolower ($newfn);
0519:
0520: if ($opm_subdir) {
0521: if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
0522: opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
0523: opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
0524: }
0525: if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
0526: opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
0527: $newfn = $opm_subdir . "/" . $newfn;
0528: }
0529: else {
0530: opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
0531: }
0532: }
0533: opm_FNDebug_Log ("wanted filename=" . $newfn);
0534: $newfn = opm_FNSmart_Rename ($newfn, 100);
0535: opm_FNDebug_Log ("smart filename=" . $newfn);
0536: opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0537: if (!file_exists ($opm_realpath . $newfn)) {
0538: opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
0539: if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
0540: opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
0541: if (file_exists ($opm_realpath . $newfn)) {
0542: opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
0543: @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
0544: echo "$opm_ok_string UPLOAD [" . $newfn . "]";
0545: }
0546: else {
0547: opm_FNDebug_Log ("$opm_error_string 1130 file not copied=" . $opm_realpath . $newfn);
0548: echo "$opm_error_string 1130 UPLOAD FILE NOT FOUND";
0549: }
0550: }
0551: else {
0552: opm_FNDebug_Log ("$opm_error_string 1131 file not copied=" . $opm_realpath . $newfn);
0553: echo "$opm_error_string 1131 UPLOAD CANNOT MOVE";
0554: }
0555: }
0556: else {
0557: opm_FNDebug_Log ("$opm_error_string 1133 file exist=" . $opm_realpath . $newfn);
0558: echo "$opm_error_string 1133 UPLOAD EXIST [" . $newfn . "]";
0559: }
0560: }
0561: else {
0562: opm_FNDebug_Log ("$opm_error_string 1134 cannot find uploaded file!");
0563: echo "$opm_error_string 1134 UPLOAD";
0564: }
0565: }
0566: }
0567:
0568: // ==================================
0569: // CAPABILITY listing.
0570: // CAPABILITY returns a list of identified modules.
0571: // ==================================
0572: if ($opm_operation == "capa") {
0573: opm_FNDebug_Log ("$opm_ok_string Capability search started.");
0574: echo "$opm_ok_string CAPABILITY START\n";
0575:
0576: echo "OSCSTANDARD\n";
0577:
0578: // Credit Card Payment...
0579: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'"));
0580: if ($opm_sqlresult[0]) {
0581: opm_FNDebug_Log ("$opm_ok_string PAY_CC capability found.");
0582: echo "PAY_CC\n";
0583: }
0584:
0585: // Money Order Payment...
0586: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'"));
0587: if ($opm_sqlresult[0]) {
0588: opm_FNDebug_Log ("$opm_ok_string PAY_ORDER capability found.");
0589: echo "PAY_ORDER\n";
0590: }
0591:
0592: // COD Payment...
0593: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'"));
0594: if ($opm_sqlresult[0]) {
0595: opm_FNDebug_Log ("$opm_ok_string PAY_CC capability found.");
0596: echo "PAY_CC\n";
0597: }
0598:
0599: // PayPal Payment...
0600: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'"));
0601: if ($opm_sqlresult[0]) {
0602: opm_FNDebug_Log ("$opm_ok_string PAY_PP capability found.");
0603: echo "PAY_PP\n";
0604: }
0605:
0606: // Flat Rate Shipping...
0607: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'"));
0608: if ($opm_sqlresult[0]) {
0609: opm_FNDebug_Log ("$opm_ok_string SHIP_FLAT capability found.");
0610: echo "SHIP_FLAT\n";
0611: }
0612:
0613: // Table Shipping...
0614: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'"));
0615: if ($opm_sqlresult[0]) {
0616: opm_FNDebug_Log ("$opm_ok_string SHIP_TBL capability found.");
0617: echo "SHIP_TBL\n";
0618: }
0619:
0620: // Store PickUp Shipping...
0621: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'"));
0622: if ($opm_sqlresult[0]) {
0623: opm_FNDebug_Log ("$opm_ok_string SHIP_SPU capability found.");
0624: echo "SHIP_SPU\n";
0625: }
0626:
0627: // Multi Pickup Shipping...
0628: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'"));
0629: if ($opm_sqlresult[0]) {
0630: opm_FNDebug_Log ("$opm_ok_string SHIP_MPU capability found.");
0631: echo "SHIP_MPU\n";
0632: }
0633:
0634: // More Pics 6...
0635: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0636: if ($opm_sqlresult[0]) {
0637: opm_FNDebug_Log ("$opm_ok_string MOREPICS6 capability found.");
0638: echo "MOREPICS6\n";
0639: }
0640:
0641: // Total B2B...
0642: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id"));
0643: if ($opm_sqlresult[0]) {
0644: opm_FNDebug_Log ("$opm_ok_string TOTALB2B capability found.");
0645: echo "TOTALB2B\n";
0646: }
0647:
0648: // Poll Booth...
0649: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'"));
0650: if ($opm_sqlresult[0]) {
0651: opm_FNDebug_Log ("$opm_ok_string POLLBOOTH capability found.");
0652: echo "POLLBOOTH\n";
0653: }
0654:
0655: // Header Tags Controller...
0656: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag"));
0657: if ($opm_sqlresult[0]) {
0658: opm_FNDebug_Log ("$opm_ok_string HEADERTAGS capability found.");
0659: echo "HEADERTAGS\n";
0660: }
0661:
0662: // ZenCart...
0663: if (defined ("TABLE_EZPAGES")) {
0664: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like '" . TABLE_EZPAGES . "'"));
0665: if ($opm_sqlresult[0]) {
0666: opm_FNDebug_Log ("$opm_ok_string ZENCART capability found.");
0667: echo "ZENCART\n";
0668: }
0669: }
0670:
0671: opm_FNDebug_Log ("$opm_ok_string Capability search finished.");
0672: echo "$opm_ok_string CAPABILITY END\n";
0673: }
0674:
0675: // ==================================
0676: // TABLES listing.
0677: // TABLES returns the name of database tables.
0678: // ==================================
0679: if ($opm_operation == "tables") {
0680: opm_FNDebug_Log ("$opm_ok_string Tables listing started.");
0681: echo "$opm_ok_string TABLES START\n";
0682: // Table names...
0683: echo "TABLE_CATEGORIES=" . TABLE_CATEGORIES . "\n";
0684: echo "TABLE_CATEGORIES_DESCRIPTION=" . TABLE_CATEGORIES_DESCRIPTION . "\n";
0685: echo "TABLE_CONFIGURATION=" . TABLE_CONFIGURATION . "\n";
0686: echo "TABLE_CURRENCIES=" . TABLE_CURRENCIES . "\n";
0687: echo "TABLE_LANGUAGES=" . TABLE_LANGUAGES . "\n";
0688: echo "TABLE_MANUFACTURERS=" . TABLE_MANUFACTURERS . "\n";
0689: echo "TABLE_MANUFACTURERS_INFO=" . TABLE_MANUFACTURERS_INFO . "\n";
0690: echo "TABLE_PRODUCTS=" . TABLE_PRODUCTS . "\n";
0691: echo "TABLE_PRODUCTS_DESCRIPTION=" . TABLE_PRODUCTS_DESCRIPTION . "\n";
0692: echo "TABLE_PRODUCTS_TO_CATEGORIES=" . TABLE_PRODUCTS_TO_CATEGORIES . "\n";
0693: echo "TABLE_SPECIALS=" . TABLE_SPECIALS . "\n";
0694: echo "TABLE_TAX_CLASS=" . TABLE_TAX_CLASS . "\n";
0695: echo "TABLE_TAX_RATES=" . TABLE_TAX_RATES . "\n";
0696: opm_FNDebug_Log ("$opm_ok_string Tables listing finished.");
0697: echo "$opm_ok_string TABLES END\n";
0698: }
0699:
0700:
0701: // ==================================
0702: // BACKUP database.
0703: // BACKUP returns a SQL dump.
0704: // ==================================
0705: if ($opm_operation == "backup") {
0706: opm_FNDebug_Log ("$opm_ok_string Backup of database requested.");
0707: $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
0708: opm_FNBackup ($opm_realpath . $opm_bak_filename);
0709: if (file_exists ($opm_realpath . $opm_bak_filename)) {
0710: opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
0711: if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
0712: $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
0713: header ("Content-type: application/octet-stream");
0714: header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
0715: header("Content-Length: " . $opm_bak_filesize);
0716: header ("Pragma: no-store");
0717: readfile ($opm_realpath . $opm_bak_filename . ".gz");
0718: @unlink ($opm_realpath . $opm_bak_filename . ".gz");
0719: opm_FNDebug_Log ("$opm_ok_string Deleting compressed backup file.");
0720: }
0721: @unlink ($opm_realpath . $opm_bak_filename);
0722: opm_FNDebug_Log ("$opm_ok_string Deleting uncompressed backup file.");
0723: }
0724: else {
0725: opm_FNDebug_Log ("$opm_error_string 1140 Backup file not found.");
0726: }
0727: opm_FNDebug_Log ("$opm_ok_string Backup operation finished.");
0728: }
0729:
0730:
0731: // ==================================
0732: // Get XCHGRATES.
0733: // XCHGRATES returns the exchange rates of currencies.
0734: // ==================================
0735: if ($opm_operation == "xchgrates") {
0736: opm_FNDebug_Log ("$opm_ok_string Starting XCHGRATES operation.");
0737: if ($opm_filename) {
0738: $opm_filename = strtoupper ($opm_filename);
0739: $opm_main_currency = substr ($opm_filename, 0, 3);
0740: $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
0741: if (($opm_main_currency) && ($opm_xchange_currencies)) {
0742: $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
0743: $opm_page_data = opm_FNget_webpage ($opm_xchange_page);
0744: if ($opm_page_data) {
0745: $opm_page_data = strip_tags ($opm_page_data);
0746: $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
0747: $opm_xr_matches = array ();
0748: preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
0749: echo "$opm_ok_string XCHGRATES START\n";
0750: foreach ($opm_xr_matches[2] as $key => $value) {
0751: echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
0752: }
0753: echo "$opm_ok_string XCHGRATES END\n";
0754: }
0755: else {
0756: opm_FNDebug_Log ("$opm_error_string 1150 The remote server answer is empty or invalid.");
0757: echo "$opm_error_string 1150 XCHGRATES REMOTE SERVER ERROR";
0758: }
0759: }
0760: else {
0761: opm_FNDebug_Log ("$opm_error_string 1151 The specified currency codes are invalid.");
0762: echo "$opm_error_string 1151 XCHGRATES INVALID CURRENCY";
0763: }
0764: }
0765: else {
0766: opm_FNDebug_Log ("$opm_error_string 1152 The no currency codes were specified.");
0767: echo "$opm_error_string 1152 XCHGRATES EMPTY CURRENCY";
0768: }
0769: }
0770:
0771:
0772:
0773: // ==================================
0774: // Execute DBQUERY.
0775: // DBQUERY returns ...
0776: // ==================================
0777: if ($opm_operation == "dbquery") {
0778: opm_FNDebug_Log ("$opm_ok_string Starting DBQUERY operation.");
0779: if ($opm_query) {
0780: $opm_query_result = opm_FNExec_Query ($opm_query, false, true, $opm_enable_recordsetlog);
0781: if (substr ($opm_query_result, 0, strlen ($opm_error_string)) != $opm_error_string) {
0782: echo "$opm_ok_string DBQUERY START\n";
0783: echo $opm_query_result;
0784: echo "$opm_ok_string DBQUERY END\n";
0785: }
0786: else {
0787: echo $opm_query_result;
0788: }
0789: }
0790: else {
0791: opm_FNDebug_Log ("$opm_error_string 1171 The database query is empty.");
0792: echo "$opm_error_string 1171 DBQUERY EMPTY DATABASE QUERY";
0793: }
0794: opm_FNDebug_Log ("$opm_ok_string Finishing DBQUERY operation.");
0795: }
0796:
0797:
0798:
0799: if ($opm_browser_debug) { echo "</pre>"; }
0800: return;
0801:
0802:
0803: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0804: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0805: function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
0806: $dirhandle = opendir ($dirname);
0807: while (($file = readdir ($dirhandle)) != false)
0808: $sorteddir[count ($sorteddir)] = $file;
0809: closedir ($dirhandle);
0810: natcasesort ($sorteddir);
0811: if (!$onlydirs) {
0812: foreach ($sorteddir as $file) {
0813: if (($file != ".") && ($file != "..")) {
0814: if (!is_dir ($dirname . $file)) {
0815: if ($parentdir) {
0816: echo $parentdir . "/" . $file . "\n";
0817: }
0818: else {
0819: echo $file . "\n";
0820: }
0821: }
0822: }
0823: }
0824: foreach ($sorteddir as $file) {
0825: if (($file != ".") && ($file != "..")) {
0826: if (is_dir ($dirname . $file)) {
0827: if ($parentdir) {
0828: opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0829: }
0830: else {
0831: opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0832: }
0833: }
0834: }
0835: }
0836: }
0837: else {
0838: foreach ($sorteddir as $file) {
0839: if (($file != ".") && ($file != "..")) {
0840: if (is_dir ($dirname . $file)) {
0841: if ($parentdir) {
0842: echo $parentdir . "/" . $file . "\n";
0843: opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0844: }
0845: else {
0846: echo $file . "\n";
0847: opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0848: }
0849: }
0850: }
0851: }
0852: }
0853: }
0854:
0855:
0856:
0857: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0858: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0859: function opm_FNSmart_Rename ($wantedname, $tries) {
0860: global $opm_realpath;
0861: $newname = $wantedname;
0862: $newext = '.' . array_pop (explode ('.', $wantedname));
0863: for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
0864: if (!file_exists ($opm_realpath . $newname)) {
0865: return ($newname);
0866: }
0867: else {
0868: $newdirname = dirname ($wantedname);
0869: if ($newdirname != ".") {
0870: $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0871: }
0872: else {
0873: $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0874: }
0875: }
0876: }
0877: return ($wantedname);
0878: }
0879:
0880:
0881:
0882: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0883: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0884: function opm_FNDebug_Log ($logline) {
0885: global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
0886: if ($opm_enable_logfile) {
0887: if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
0888: $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
0889: $opm_lfilef = @fopen ($opm_debug_file, 'a');
0890: if ($opm_lfilef) {
0891: if ($logline) {
0892: @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
0893: }
0894: else {
0895: @fwrite ($opm_lfilef, "\n");
0896: }
0897: @fclose ($opm_lfilef);
0898: }
0899: }
0900: }
0901: }
0902:
0903:
0904: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0905: // Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
0906: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0907: function opm_FNmkdirs ($dirname) {
0908: if (is_dir ($dirname) || empty ($dirname)) return 1;
0909: if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
0910: if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
0911: if (!file_exists($dirname)) {
0912: return @mkdir ($dirname, 0777);
0913: }
0914: }
0915: return 0;
0916: }
0917:
0918:
0919: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0920: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0921: function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false, $logdata = false) {
0922: global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_cfield, $opm_tag_fieldlist;
0923: global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats, $opm_error_string;
0924: global $opm_compress, $opm_compress_level;
0925: $result_string = "";
0926: $record_count = 0;
0927: $query_type = strtoupper (substr ($sql_query, 0, strpos ($sql_query, " ")));
0928: opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
0929: $sql_result = fopm_dbquery ($sql_query);
0930: if ($sql_result) {
0931: if (($query_type == "SELECT") || ($query_type == "SHOW") || ($query_type == "DESCRIBE")) {
0932: while ($sql_record = fopm_dbfetchrow ($sql_result)) {
0933: $record_count++;
0934: $sql_fullrec = "";
0935: if ($rawdata) {
0936: foreach ($sql_record as $fielddata) {
0937: $result_string .= $fielddata . "\n";
0938: }
0939: }
0940: else {
0941: $result_string .= "$opm_tag_recordbegin\n";
0942: foreach ($sql_record as $fielddata) {
0943: if ($encodeddata) {
0944: $encodedfield = base64_encode ($fielddata);
0945: }
0946: else {
0947: $encodedfield = htmlentities ($fielddata);
0948: }
0949: $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0950: $sql_fullrec .= $encodedfield;
0951: }
0952: $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
0953: }
0954: }
0955: }
0956: elseif ($query_type == "INSERT") {
0957: $sql_result = fopm_dblastid ();
0958: $record_count = 1;
0959: $sql_fullrec = "";
0960: if ($rawdata) {
0961: $result_string .= $sql_result . "\n";
0962: }
0963: else {
0964: $result_string .= "$opm_tag_recordbegin\n";
0965: if ($encodeddata) {
0966: $encodedfield = base64_encode ($sql_result);
0967: }
0968: else {
0969: $encodedfield = htmlentities ($sql_result);
0970: }
0971: $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0972: $sql_fullrec .= $encodedfield;
0973: $result_string .= "$opm_tag_recordend " . strtoupper (md5 ($sql_fullrec)) . "\n";
0974: }
0975: }
0976: }
0977: else {
0978: opm_FNDebug_Log ("$opm_error_string 2200 Error in SQL query: " . fopm_dberror () . ".");
0979: $result_string = "$opm_error_string 2200 : ERROR IN SQL QUERY: " . fopm_dberror () . ".";
0980: return $result_string;
0981: }
0982: if ($logdata) {
0983: opm_FNDebug_Log ("RECORDSET=\n$result_string\n");
0984: }
0985: if (!$rawdata) {
0986: if ($opm_compress) {
0987: opm_FNDebug_Log ("RECORDSET SIZE (UNCOMPRESSED)=" . strlen ($result_string));
0988: $result_string = base64_encode (gzcompress ($result_string, $opm_compress_level)) . "\n";
0989: }
0990: }
0991: opm_FNDebug_Log ("RECORDSET SIZE=" . strlen ($result_string));
0992: return $result_string;
0993: }
0994:
0995:
0996:
0997:
0998:
0999: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1000: // Based on code from osCommerce (/admin/backup.php).
1001: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1002: function opm_FNBackup ($dump_file) {
1003: global $opm_script_version;
1004: if ($dump_file) {
1005: $bakfilef = fopen ($dump_file, 'w');
1006: $bakline = "############################################################################\n";
1007: $bakline .= "# OSCPMWin (server-side $opm_script_version)\n";
1008: $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
1009: $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
1010: $bakline .= "############################################################################\n\n";
1011: fwrite ($bakfilef, $bakline);
1012: $tables_query = fopm_dbquery ("show tables");
1013: while ($tables = fopm_dbfetchrow ($tables_query)) {
1014: $table = $tables[0];
1015: $bakline = "\n\n############################################################################\n";
1016: $bakline .= "# " . strtoupper ($table) . "\n";
1017: $bakline .= "############################################################################\n\n";
1018: $bakline .= "drop table if exists $table;\ncreate table $table (\n";
1019: $table_list = array ();
1020: $fields_query = fopm_dbquery ("show fields from $table");
1021: while ($fields = fopm_dbfetchrow ($fields_query)) {
1022: $table_list[] = $fields[0];
1023: $bakline .= " " . $fields[0] . " " . $fields[1];
1024: if (strlen ($fields[4]) > 0) $bakline .= " default '" . $fields[4] . "'";
1025: if (strtoupper ($fields[2]) != "YES") $bakline .= " not null";
1026: if (isset ($fields[5])) $bakline .= " " . $fields[5];
1027: $bakline .= ",\n";
1028: }
1029: $bakline = ereg_replace(",\n$", '', $bakline);
1030: $index = array ();
1031: $keys_query = fopm_dbquery ("show keys from $table");
1032: while ($keys = fopm_dbfetchrow ($keys_query)) {
1033: $kname = $keys[2];
1034: if (!isset ($index[$kname])) {
1035: $index[$kname] = array ("unique" => !$keys[1], "columns" => array());
1036: }
1037: $index[$kname]["columns"][] = $keys[4];
1038: }
1039: while (list($kname, $info) = each($index)) {
1040: $bakline .= ",\n";
1041: $columns = implode($info["columns"], ", ");
1042: if ($kname == "PRIMARY") {
1043: $bakline .= " PRIMARY KEY ($columns)";
1044: } elseif ($info["unique"]) {
1045: $bakline .= " UNIQUE $kname ($columns)";
1046: } else {
1047: $bakline .= " KEY $kname ($columns)";
1048: }
1049: }
1050: $bakline .= "\n);\n\n";
1051: fwrite ($bakfilef, $bakline);
1052: $rows_query = fopm_dbquery ("select " . implode (",", $table_list) . " from $table");
1053: while ($rows = fopm_dbfetchrow ($rows_query)) {
1054: $bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
1055: for ($curfield = 0; $curfield < count ($table_list); $curfield++) {
1056: if (!isset ($rows[$curfield])) {
1057: $bakline .= "NULL, ";
1058: } elseif (($rows[$curfield] != "") && (strtoupper ($rows[$curfield]) != "NULL")) {
1059: $row = addslashes ($rows[$curfield]);
1060: $row = ereg_replace("\n#", "\n".'\#', $row);
1061: $bakline .= "'$row', ";
1062: } else {
1063: $bakline .= "'', ";
1064: }
1065: }
1066: $bakline = ereg_replace (", $", "", $bakline) . ");\n";
1067: fwrite ($bakfilef, $bakline);
1068: }
1069: }
1070: fclose ($bakfilef);
1071: }
1072: }
1073:
1074:
1075: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1076: // Compress a file with the gzip algorithm.
1077: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1078: function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
1079: if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
1080: $opm_ungzfp = fopen($opm_gzsource, "rb");
1081: $opm_gzfp = gzopen($opm_gztarget, "wb9");
1082: if ($opm_gzfp && $opm_ungzfp) {
1083: while (!feof ($opm_ungzfp)) {
1084: gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
1085: }
1086: @fclose ($opm_ungzfp);
1087: @gzclose ($opm_gzfp);
1088: return (true);
1089: }
1090: else {
1091: @fclose ($opm_ungzfp);
1092: @gzclose ($opm_gzfp);
1093: return (false);
1094: }
1095: }
1096: else {
1097: return (false);
1098: }
1099: }
1100:
1101:
1102: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1103: // Request a page from a web server.
1104: // If using a proxy server, redirect the call thru the proxy.
1105: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1106: function opm_FNget_webpage ($target_url) {
1107: global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
1108: $opm_http_content = "";
1109: $errno = 0;
1110: $errstr = "";
1111: $urlparts = parse_url ($target_url);
1112: if ($urlparts["host"]) {
1113: @ignore_user_abort (true);
1114: if ($opm_cfg_useproxy) {
1115: $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
1116: }
1117: else {
1118: $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
1119: }
1120: if ($opm_sockconn) {
1121: if ($opm_cfg_useproxy) {
1122: fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
1123: }
1124: else {
1125: fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
1126: }
1127: while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
1128: $opm_http_content .= fgets ($opm_sockconn, 10240);
1129: }
1130: @fclose ($opm_sockconn);
1131: if (eregi ("HTTP.*200 OK", $opm_http_content)) {
1132: $opm_http_content = str_replace ("\r", "", $opm_http_content);
1133: $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
1134: return ($opm_http_content);
1135: }
1136: }
1137: }
1138: return ("");
1139: }
1140:
1141:
1142:
1143: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1144: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1145: function fopm_dbconnect ($dbhost, $dbname, $dbusername, $dbpassword) {
1146: global $opm_db_handle, $opm_error_string;
1147: $opm_db_handle = false;
1148: if ($dbhost && $dbname && $dbusername) {
1149: if (function_exists ("mysql_connect")) {
1150: $opm_db_handle = @mysql_connect ($dbhost, $dbusername, $dbpassword);
1151: $database = @mysql_select_db ($dbname);
1152: if (!$opm_db_handle or (isset ($database) and !$database)) {
1153: opm_FNDebug_Log ("$opm_error_string 2000 Cannot connect to the database $dbname@$dbhost as $dbusername.");
1154: }
1155: else {
1156: return (true);
1157: }
1158: }
1159: else {
1160: opm_FNDebug_Log ("$opm_error_string 2010 Without support in PHP for MySQL.");
1161: echo "$opm_error_string 2010 PHP WITHOUT MYSQL SUPPORT.";
1162: }
1163: }
1164: else {
1165: opm_FNDebug_Log ("$opm_error_string 2020 Missing database connection parameters.");
1166: echo "$opm_error_string 2020 MISSING DB CONNECTION PARAMETERS.";
1167: }
1168: return (false);
1169: }
1170:
1171:
1172:
1173: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1174: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1175: function fopm_dbquery ($query) {
1176: global $opm_db_handle, $opm_error_string;
1177: if ($opm_db_handle) {
1178: return (@mysql_query ($query));
1179: }
1180: else {
1181: opm_FNDebug_Log ("$opm_error_string 2100 The provided database link is not connected.");
1182: echo "$opm_error_string 2100 DB LINK WITHOUT CONNECTION.";
1183: }
1184: }
1185:
1186:
1187: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1188: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1189: function fopm_dberror () {
1190: global $opm_db_handle;
1191: if ($opm_db_handle) {
1192: return (mysql_errno ($opm_db_handle) . "=" . @mysql_error ($opm_db_handle));
1193: }
1194: }
1195:
1196:
1197: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1198: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1199: function fopm_dbfetchrow ($result) {
1200: global $opm_db_handle;
1201: return (mysql_fetch_row ($result));
1202: }
1203:
1204:
1205: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1206: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
1207: function fopm_dblastid () {
1208: global $opm_db_handle;
1209: $result9 = fopm_dbquery ("select last_insert_id()");
1210: $row9 = fopm_dbfetchrow ($result9);
1211: if ($row9) { return ($row9[0]); } else { return (0); }
1212: }
1213:
1214:
1215:
1216:
1217:
1218:
1219: ?>
