Source code of file oscpmwin_v0.1.2.484/oscpm1_upload.txt from the
osCommerce Product Manager for Windows.
0000: <?php
0001: // osCommerce Product Manager for Windows (oscpmwin).
0002: // Copyright �2003-2006 by Mario A. Valdez-Ramirez.
0003:
0004: // You can contact Mario A. Valdez-Ramirez
0005: // by email at mario@mariovaldez.org or paper mail at
0006: // Olmos 809, San Nicolas, NL. 66495, Mexico.
0007:
0008: // This program is free software; you can redistribute it and/or modify
0009: // it under the terms of the GNU General Public License as published by
0010: // the Free Software Foundation; either version 2 of the License, or (at
0011: // your option) any later version.
0012:
0013: // This program is distributed in the hope that it will be useful, but
0014: // WITHOUT ANY WARRANTY; without even the implied warranty of
0015: // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
0016: // General Public License for more details.
0017:
0018: // You should have received a copy of the GNU General Public License
0019: // along with this program; if not, write to the Free Software
0020: // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
0021:
0022:
0023: // ==================================
0024: // Start of configuration options...
0025: // ==================================
0026: $opm_images_directory = "images/";
0027: $opm_enable_logfile = false;
0028: $opm_enable_extralog = false;
0029: $opm_debug_file = "opm_debug.txt";
0030: $opm_browser_debug = false;
0031: $opm_enable_auth = true;
0032: $opm_password_override = "";
0033: $opm_upload_perms = "0644";
0034: $opm_timezone_shift = 0;
0035:
0036: $opm_cfg_useproxy = false;
0037: $opm_cfg_proxyaddress = "192.168.0.1";
0038: $opm_cfg_proxyport = 3128;
0039:
0040: // ==================================
0041: // End of configuration options...
0042: // ==================================
0043:
0044:
0045: $opm_httpconn_timeout = 60; // 60 seconds
0046: $opm_tag_recordbegin = "BR"; // BR
0047: $opm_tag_recordend = "ER"; // ER
0048: $opm_tag_field = "DF"; // DF
0049: $opm_tag_databegin = "["; // [
0050: $opm_tag_dataend = "]"; // ]
0051: $opm_tag_comment = "#"; // #
0052: $opm_tag_stats = "ST"; // ST
0053: $opm_tag_fieldlist = "FL"; // FL
0054:
0055:
0056: $opm_script_version = "0.8.1";
0057: error_reporting(E_ALL & ~E_NOTICE);
0058:
0059: $opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
0060: $opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
0061: $opm_tmposname = explode (" ", php_uname ());
0062: $opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];
0063:
0064:
0065:
0066: @set_time_limit (300);
0067:
0068: if (!$opm_upload_perms) {
0069: $opm_upload_perms = "0600";
0070: }
0071: // Get all parameters about the request.
0072: if (!$opm_browser_debug) {
0073: $opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
0074: $opm_operation = strtolower (trim ($_POST["Op"]));
0075: $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
0076: $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
0077: $opm_query = trim ($_POST["Qy"]);
0078: $opm_reqversion = trim ($_POST["Vn"]);
0079: $opm_logintimestamp = trim ($_POST["TS"]);
0080: }
0081: else {
0082: $opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
0083: $opm_operation = strtolower (trim ($_GET["Op"]));
0084: $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
0085: $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
0086: $opm_query = trim ($_GET["Qy"]);
0087: $opm_reqversion = trim ($_GET["Vn"]);
0088: $opm_logintimestamp = trim ($_GET["TS"]);
0089: }
0090: if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
0091: $opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
0092: }
0093: /*
0094: Note on parameters:
0095: When the operation needs a parameter, it shold be send using
0096: either FN or QY (Filename or Query). The difference is that
0097: FN is cleaned (deleting slashes, dots and spaces) while QY
0098: is not cleaned.
0099: So, if the client is setting some file, it should use FN. If
0100: is sending a database query or is asking for a file it should
0101: use QY.
0102: */
0103:
0104:
0105: // Log basic information about the request.
0106: if ($opm_enable_extralog) {
0107: if (!$opm_browser_debug) {
0108: opm_FNDebug_Log (print_r ($_POST, true));
0109: }
0110: else {
0111: opm_FNDebug_Log (print_r ($_GET, true));
0112: }
0113: }
0114: else {
0115: opm_FNDebug_Log ("");
0116: }
0117: opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0118: opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
0119: opm_FNDebug_Log ("OPERATION=" . $opm_operation);
0120: opm_FNDebug_Log ("FILENAME=" . $opm_filename);
0121: opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
0122: opm_FNDebug_Log ("QUERY=" . $opm_query);
0123: opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
0124: opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);
0125:
0126:
0127: // Include osCommerce database configuration and functions.
0128: require ("includes/configure.php");
0129: require (DIR_WS_INCLUDES . "database_tables.php");
0130: require (DIR_WS_FUNCTIONS . "database.php");
0131:
0132:
0133: if ($opm_browser_debug) { echo "<pre>"; }
0134:
0135: // Check if script version is the expected by client.
0136: if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
0137: opm_FNDebug_Log ("ERROR 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
0138: echo "ERROR 1000 WRONG SCRIPT VERSION";
0139: return;
0140: }
0141:
0142: // Check if the image directory is valid.
0143: if (!is_dir ($opm_realpath) && ($opm_operation)) {
0144: opm_FNDebug_Log ("ERROR 1010 cannot find the images directory. Expecting $opm_realpath exist.");
0145: echo "ERROR 1010 IMAGE DIRECTORY NOT FOUND";
0146: return;
0147: }
0148:
0149: // Get osCommerce DB password and compare it with client password.
0150: // Unless no operation is requested.
0151: if ($opm_operation) {
0152: if ($opm_enable_auth) {
0153: if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
0154: if ($opm_password_override != "") {
0155: opm_FNDebug_Log ("Password override is enabled.");
0156: $opm_serverpassword = strtoupper (md5 ($opm_logintimestamp . $opm_password_override));
0157: }
0158: else {
0159: $opm_serverpassword = strtoupper (md5 ($opm_logintimestamp . DB_SERVER_PASSWORD));
0160: }
0161: opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
0162: if ($opm_serverpassword != $opm_passwordhash) {
0163: opm_FNDebug_Log ("ERROR 1020 the server and client passwords do not match.");
0164: echo "ERROR 1020 PASSWORD MISMATCH";
0165: return;
0166: }
0167: }
0168: else {
0169: opm_FNDebug_Log ("ERROR 1021 the server password was not found.");
0170: echo "ERROR 1021 CANNOT FIND SERVER PASSWORD";
0171: return;
0172: }
0173: }
0174: else {
0175: opm_FNDebug_Log ("Password authentication is disabled.");
0176: }
0177: }
0178: else {
0179: $opm_simpletest_dbok = false;
0180: $opm_simpletest_imgok = false;
0181: echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
0182: echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
0183: echo "LI { padding: 5px; }\n";
0184: echo "H3 { padding: 5px 5px 5px 20px; }\n";
0185: echo "A { color: #0000FF; text-decoration: none; }\n";
0186: echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
0187: echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
0188: echo ".ok { background-color: #CCFFCC; }\n";
0189: echo ".notok { background-color: #FFCCCC; }\n";
0190: echo ".info { background-color: #EEEEFF; }\n";
0191: echo ".links { background-color: #EEEEEE; }\n";
0192: echo "</style>\n";
0193: echo "</head><body>\n";
0194: echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
0195: $opm_simpletest_dbok = (boolean) (tep_db_connect ());
0196: $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
0197: if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0198: echo "<div class=\"ok\">";
0199: }
0200: else {
0201: echo "<div class=\"notok\">";
0202: }
0203: echo "<ul>\n";
0204: if ($opm_simpletest_dbok) {
0205: echo "<li><strong>Database connection seems OK.</strong></li>\n";
0206: }
0207: else {
0208: echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
0209: }
0210: if ($opm_simpletest_imgok) {
0211: echo "<li><strong>Image directory seems OK.</strong></li>\n";
0212: }
0213: else {
0214: echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
0215: }
0216: echo "</ul>";
0217: if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0218: echo "<h3><strong>Everything seems OK. :)</strong></h3>\n";
0219: }
0220: else {
0221: echo "<h3><strong>There seems to be a problem. :(</strong></h3>\n";
0222: }
0223: echo "</div>";
0224: echo "<div class=\"info\"><ul>";
0225: if ($opm_browser_debug) {
0226: echo "<li>Browser-debug mode is enabled.";
0227: }
0228: else {
0229: echo "<li>Browser-debug mode is disabled";
0230: }
0231: echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";
0232:
0233: if ($opm_enable_logfile) {
0234: echo "<li>Logging file is enabled.";
0235: }
0236: else {
0237: echo "<li>Logging file is disabled";
0238: }
0239: echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";
0240:
0241: if ($opm_cfg_useproxy) {
0242: echo "<li>Proxy-usage is enabled.";
0243: }
0244: else {
0245: echo "<li>Proxy-usage is disabled";
0246: }
0247: echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
0248: echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
0249: echo "</ul></div>";
0250: echo "<div class=\"links\"><ul>";
0251: echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
0252: echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
0253: echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
0254: echo "</ul></div>";
0255: echo "<p><small>©2003-2006 by Mario A. Valdez-Ramirez.<br>\n";
0256: echo "This program is free software; you can redistribute it and/or modify\n";
0257: echo "it under the terms of the GNU General Public License as published by\n";
0258: echo "the Free Software Foundation; either version 2 of the License, or (at\n";
0259: echo "your option) any later version.</small></p>\n";
0260: echo "</body></html>";
0261: return;
0262: }
0263:
0264:
0265: // Connect to database.
0266: if (($opm_operation == "dbquery") || ($opm_operation == "delete1") || ($opm_operation == "delete2") || ($opm_operation == "capa") || ($opm_operation == "backup")) {
0267: if (!tep_db_connect ()) {
0268: echo "ERROR 1031 NO DATABASE CONNECTION";
0269: return;
0270: }
0271: }
0272:
0273:
0274: // ==================================
0275: // Do nothing.
0276: // NOOP do nothing.
0277: // ==================================
0278: if ($opm_operation == "noop") {
0279: echo "OK NOOP START\n";
0280: opm_FNDebug_Log ("OK NOOP requested.");
0281: echo "OK NOOP END\n";
0282: }
0283:
0284: // ==================================
0285: // CHECK if a file exists.
0286: // CHECK requires the full path of the image.
0287: // ==================================
0288: if ($opm_operation == "check") {
0289: if ($opm_filename) {
0290: if (file_exists ($opm_realpath . $opm_filename)) {
0291: opm_FNDebug_Log ("OK file found $opm_filename.");
0292: echo "OK FILE EXISTS";
0293: }
0294: else {
0295: opm_FNDebug_Log ("ERROR 1110 file not found $opm_filename.");
0296: echo "ERROR 1110 FILE NOT FOUND";
0297: }
0298: }
0299: }
0300:
0301: // ==================================
0302: // LIST all files recursively.
0303: // LIST returns the filenames with paths.
0304: // ==================================
0305: if ($opm_operation == "list") {
0306: echo "OK LIST START\n";
0307: opm_FNList_Files ($opm_realpath, "", false);
0308: echo "OK LIST END\n";
0309: }
0310:
0311: // ==================================
0312: // LISTDIRS only dirs recursively.
0313: // LISTDIRS returns no filenames.
0314: // ==================================
0315: if ($opm_operation == "listdirs") {
0316: echo "OK LISTDIRS START\n";
0317: opm_FNList_Files ($opm_realpath, "", true);
0318: echo "OK LISTDIRS END\n";
0319: }
0320:
0321: // ==================================
0322: // DELETE an image.
0323: // DELETE requires the filename of the image with path.
0324: // DELETE1 deletes the image if less than one record references it.
0325: // DELETE2 deletes the image if less than two records reference it.
0326: // ==================================
0327: if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
0328: if ($opm_operation == "delete1") {
0329: $allowed_owners = 1;
0330: }
0331: else {
0332: $allowed_owners = 2;
0333: }
0334: if ($opm_filename) {
0335: // Check for More Pics 6 extension...
0336: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0337: if ($opm_sqlresult[0]) {
0338: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'"));
0339: }
0340: else {
0341: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'"));
0342: }
0343: if ($opm_sqlresult[0] < $allowed_owners) {
0344: if (file_exists ($opm_realpath . $opm_filename)) {
0345: if (@unlink ($opm_realpath . $opm_filename)) {
0346: if (!file_exists ($opm_realpath . $opm_filename)) {
0347: opm_FNDebug_Log ("OK file deleted $opm_filename.");
0348: echo "OK DELETE";
0349: }
0350: else {
0351: opm_FNDebug_Log ("ERROR 1120 file cannot be deleted $opm_filename.");
0352: echo "ERROR 1120 DELETE FILE REMAINS";
0353: }
0354: }
0355: else {
0356: opm_FNDebug_Log ("ERROR 1121 when deleting $opm_filename.");
0357: echo "ERROR 1121 DELETE UNKNOWN";
0358: }
0359: }
0360: else {
0361: opm_FNDebug_Log ("OK file not found when deleting $opm_filename.");
0362: echo "OK DELETE FILE NOT FOUND";
0363: }
0364: }
0365: else {
0366: opm_FNDebug_Log ("OK file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
0367: echo "OK DELETE FILE IN USE";
0368: }
0369: }
0370: else {
0371: opm_FNDebug_Log ("OK filename empty.");
0372: echo "OK DELETE FILENAME EMPTY";
0373: }
0374: }
0375:
0376: // ==================================
0377: // UPLOAD an image.
0378: // UPLOAD requires the path, without filename, where the image will be stored.
0379: // UPLOAD returns the image filename with the path.
0380: // ==================================
0381: if ($opm_operation == "upload") {
0382: if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
0383: if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
0384: if ($opm_filename) {
0385: $newfn = $opm_filename;
0386: }
0387: else {
0388: $newfn = trim ($_FILES["Fl"]["name"]);
0389: }
0390: $newfn = str_replace (" ", "_", $newfn);
0391: $newfn = str_replace ("/", "", $newfn);
0392: $newfn = str_replace ("\\", "", $newfn);
0393: $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
0394: $newfn = strtolower ($newfn);
0395:
0396: if ($opm_subdir) {
0397: if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
0398: opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
0399: opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
0400: }
0401: if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
0402: opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
0403: $newfn = $opm_subdir . "/" . $newfn;
0404: }
0405: else {
0406: opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
0407: }
0408:
0409: }
0410: opm_FNDebug_Log ("wanted filename=" . $newfn);
0411: $newfn = opm_FNSmart_Rename ($newfn, 100);
0412: opm_FNDebug_Log ("smart filename=" . $newfn);
0413: opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0414: if (!file_exists ($opm_realpath . $newfn)) {
0415: opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
0416: if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
0417: opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
0418: if (file_exists ($opm_realpath . $newfn)) {
0419: opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
0420: @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
0421: echo "OK UPLOAD [" . $newfn . "]";
0422: }
0423: else {
0424: opm_FNDebug_Log ("ERROR 1130 file not copied=" . $opm_realpath . $newfn);
0425: echo "ERROR 1130 UPLOAD FILE NOT FOUND";
0426: }
0427: }
0428: else {
0429: opm_FNDebug_Log ("ERROR 1131 file not copied=" . $opm_realpath . $newfn);
0430: echo "ERROR 1131 UPLOAD CANNOT MOVE";
0431: }
0432: }
0433: else {
0434: opm_FNDebug_Log ("ERROR 1133 file exist=" . $opm_realpath . $newfn);
0435: echo "ERROR 1133 UPLOAD EXIST [" . $newfn . "]";
0436: }
0437: }
0438: else {
0439: opm_FNDebug_Log ("ERROR 1134 cannot find uploaded file!");
0440: echo "ERROR 1134 UPLOAD";
0441: }
0442: }
0443: }
0444:
0445: // ==================================
0446: // CAPABILITY listing.
0447: // CAPABILITY returns a list of identified modules.
0448: // ==================================
0449: if ($opm_operation == "capa") {
0450: opm_FNDebug_Log ("OK Capability search started.");
0451: echo "OK CAPABILITY START\n";
0452:
0453: // Credit Card Payment...
0454: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'"));
0455: if ($opm_sqlresult[0]) {
0456: opm_FNDebug_Log ("OK PAY_CC capcbility found.");
0457: echo "PAY_CC\n";
0458: }
0459:
0460: // Money Order Payment...
0461: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'"));
0462: if ($opm_sqlresult[0]) {
0463: opm_FNDebug_Log ("OK PAY_ORDER capcbility found.");
0464: echo "PAY_ORDER\n";
0465: }
0466:
0467: // COD Payment...
0468: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'"));
0469: if ($opm_sqlresult[0]) {
0470: opm_FNDebug_Log ("OK PAY_CC capcbility found.");
0471: echo "PAY_CC\n";
0472: }
0473:
0474: // PayPal Payment...
0475: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'"));
0476: if ($opm_sqlresult[0]) {
0477: opm_FNDebug_Log ("OK PAY_PP capcbility found.");
0478: echo "PAY_PP\n";
0479: }
0480:
0481: // Flat Rate Shipping...
0482: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'"));
0483: if ($opm_sqlresult[0]) {
0484: opm_FNDebug_Log ("OK SHIP_FLAT capcbility found.");
0485: echo "SHIP_FLAT\n";
0486: }
0487:
0488: // Table Shipping...
0489: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'"));
0490: if ($opm_sqlresult[0]) {
0491: opm_FNDebug_Log ("OK SHIP_TBL capcbility found.");
0492: echo "SHIP_TBL\n";
0493: }
0494:
0495: // Store PickUp Shipping...
0496: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'"));
0497: if ($opm_sqlresult[0]) {
0498: opm_FNDebug_Log ("OK SHIP_SPU capcbility found.");
0499: echo "SHIP_SPU\n";
0500: }
0501:
0502: // Multi Pickup Shipping...
0503: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'"));
0504: if ($opm_sqlresult[0]) {
0505: opm_FNDebug_Log ("OK SHIP_MPU capcbility found.");
0506: echo "SHIP_MPU\n";
0507: }
0508:
0509: // More Pics 6...
0510: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0511: if ($opm_sqlresult[0]) {
0512: opm_FNDebug_Log ("OK MOREPICS6 capcbility found.");
0513: echo "MOREPICS6\n";
0514: }
0515:
0516: // Total B2B...
0517: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id"));
0518: if ($opm_sqlresult[0]) {
0519: opm_FNDebug_Log ("OK TOTALB2B capcbility found.");
0520: echo "TOTALB2B\n";
0521: }
0522:
0523: // Poll Booth...
0524: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'"));
0525: if ($opm_sqlresult[0]) {
0526: opm_FNDebug_Log ("OK POLLBOOTH capcbility found.");
0527: echo "POLLBOOTH\n";
0528: }
0529:
0530: // Header Tags Controller...
0531: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag"));
0532: if ($opm_sqlresult[0]) {
0533: opm_FNDebug_Log ("OK HEADERTAGS capcbility found.");
0534: echo "HEADERTAGS\n";
0535: }
0536:
0537: opm_FNDebug_Log ("OK Capability search finished.");
0538: echo "OK CAPABILITY END\n";
0539: }
0540:
0541: // ==================================
0542: // BACKUP database.
0543: // BACKUP returns a SQL dump.
0544: // ==================================
0545: if ($opm_operation == "backup") {
0546: opm_FNDebug_Log ("OK Backup of database requested.");
0547: $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
0548: opm_FNBackup ($opm_realpath . $opm_bak_filename);
0549: if (file_exists ($opm_realpath . $opm_bak_filename)) {
0550: opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
0551: if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
0552: $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
0553: header ("Content-type: application/octet-stream");
0554: header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
0555: header("Content-Length: " . $opm_bak_filesize);
0556: header ("Pragma: no-store");
0557: readfile ($opm_realpath . $opm_bak_filename . ".gz");
0558: @unlink ($opm_realpath . $opm_bak_filename . ".gz");
0559: opm_FNDebug_Log ("OK Deleting compressed backup file.");
0560: }
0561: @unlink ($opm_realpath . $opm_bak_filename);
0562: opm_FNDebug_Log ("OK Deleting uncompressed backup file.");
0563: }
0564: else {
0565: opm_FNDebug_Log ("ERROR 1140 Backup file not found.");
0566: }
0567: opm_FNDebug_Log ("OK Backup operation finished.");
0568: }
0569:
0570:
0571: // ==================================
0572: // Get XCHGRATES.
0573: // XCHGRATES returns the exchange rates of currencies.
0574: // ==================================
0575: if ($opm_operation == "xchgrates") {
0576: opm_FNDebug_Log ("OK Starting XCHGRATES operation.");
0577: if ($opm_filename) {
0578: $opm_filename = strtoupper ($opm_filename);
0579: $opm_main_currency = substr ($opm_filename, 0, 3);
0580: $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
0581: if (($opm_main_currency) && ($opm_xchange_currencies)) {
0582: $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
0583: $opm_page_data = opm_FNget_webpage ($opm_xchange_page);
0584: if ($opm_page_data) {
0585: $opm_page_data = strip_tags ($opm_page_data);
0586: $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
0587: $opm_xr_matches = array ();
0588: preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
0589: echo "OK XCHGRATES START\n";
0590: foreach ($opm_xr_matches[2] as $key => $value) {
0591: echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
0592: }
0593: echo "OK XCHGRATES END\n";
0594: }
0595: else {
0596: opm_FNDebug_Log ("ERROR 1150 The remote server answer is empty or invalid.");
0597: echo "ERROR 1150 XCHGRATES REMOTE SERVER ERROR";
0598: }
0599: }
0600: else {
0601: opm_FNDebug_Log ("ERROR 1151 The specified currency codes are invalid.");
0602: echo "ERROR 1151 XCHGRATES INVALID CURRENCY";
0603: }
0604: }
0605: else {
0606: opm_FNDebug_Log ("ERROR 1152 The no currency codes were specified.");
0607: echo "ERROR 1152 XCHGRATES EMPTY CURRENCY";
0608: }
0609: }
0610:
0611:
0612:
0613: // ==================================
0614: // Execute DBQUERY.
0615: // DBQUERY returns ...
0616: // ==================================
0617: if ($opm_operation == "dbquery") {
0618: opm_FNDebug_Log ("OK Starting DBQUERY operation.");
0619: if ($opm_query) {
0620: echo "OK DBQUERY START\n";
0621: echo opm_FNExec_Query ($opm_query, false, true);
0622: echo "OK DBQUERY END\n";
0623: }
0624: else {
0625: opm_FNDebug_Log ("ERROR 1171 The database query is empty.");
0626: echo "ERROR 1171 DBQUERY EMPTY DATABASE QUERY";
0627: }
0628: opm_FNDebug_Log ("OK Finishing DBQUERY operation.");
0629: }
0630:
0631:
0632:
0633: if ($opm_browser_debug) { echo "</pre>"; }
0634: return;
0635:
0636:
0637: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0638: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0639: function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
0640: $dirhandle = opendir ($dirname);
0641: while (($file = readdir ($dirhandle)) != false)
0642: $sorteddir[count ($sorteddir)] = $file;
0643: closedir ($dirhandle);
0644: natcasesort ($sorteddir);
0645: if (!$onlydirs) {
0646: foreach ($sorteddir as $file) {
0647: if (($file != ".") && ($file != "..")) {
0648: if (!is_dir ($dirname . $file)) {
0649: if ($parentdir) {
0650: echo $parentdir . "/" . $file . "\n";
0651: }
0652: else {
0653: echo $file . "\n";
0654: }
0655: }
0656: }
0657: }
0658: foreach ($sorteddir as $file) {
0659: if (($file != ".") && ($file != "..")) {
0660: if (is_dir ($dirname . $file)) {
0661: if ($parentdir) {
0662: opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0663: }
0664: else {
0665: opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0666: }
0667: }
0668: }
0669: }
0670: }
0671: else {
0672: foreach ($sorteddir as $file) {
0673: if (($file != ".") && ($file != "..")) {
0674: if (is_dir ($dirname . $file)) {
0675: if ($parentdir) {
0676: echo $parentdir . "/" . $file . "\n";
0677: opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0678: }
0679: else {
0680: echo $file . "\n";
0681: opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0682: }
0683: }
0684: }
0685: }
0686: }
0687: }
0688:
0689:
0690:
0691: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0692: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0693: function opm_FNSmart_Rename ($wantedname, $tries) {
0694: global $opm_realpath;
0695: $newname = $wantedname;
0696: $newext = '.' . array_pop (explode ('.', $wantedname));
0697: for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
0698: if (!file_exists ($opm_realpath . $newname)) {
0699: return ($newname);
0700: }
0701: else {
0702: $newdirname = dirname ($wantedname);
0703: if ($newdirname != ".") {
0704: $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0705: }
0706: else {
0707: $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0708: }
0709: }
0710: }
0711: return ($wantedname);
0712: }
0713:
0714:
0715:
0716: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0717: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0718: function opm_FNDebug_Log ($logline) {
0719: global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
0720: if ($opm_enable_logfile) {
0721: if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
0722: $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
0723: $opm_lfilef = @fopen ($opm_debug_file, 'a');
0724: if ($opm_lfilef) {
0725: if ($logline) {
0726: @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
0727: }
0728: else {
0729: @fwrite ($opm_lfilef, "\n");
0730: }
0731: @fclose ($opm_lfilef);
0732: }
0733: }
0734: }
0735: }
0736:
0737:
0738: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0739: // Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
0740: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0741: function opm_FNmkdirs ($dirname) {
0742: if (is_dir ($dirname) || empty ($dirname)) return 1;
0743: if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
0744: if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
0745: if (!file_exists($dirname)) {
0746: return @mkdir ($dirname);
0747: }
0748: }
0749: return 0;
0750: }
0751:
0752:
0753: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0754: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0755: function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false) {
0756: global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_fieldlist;
0757: global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats;
0758: $result_string = "";
0759: $record_count = 0;
0760: opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
0761: /*
0762: if ($encodeddata) {
0763: $result_string .= "$opm_tag_comment " . base64_encode ($sql_query) . "\n";
0764: }
0765: else {
0766: $result_string .= "$opm_tag_comment " . htmlentities ($sql_query) . "\n";
0767: }
0768: */
0769: $sql_result = tep_db_query ($sql_query);
0770: while ($sql_record = tep_db_fetch_array ($sql_result)) {
0771: $record_count++;
0772: // $result_string .= "$opm_tag_comment $record_count\n";
0773: $sql_fullrec = "";
0774: if ($rawdata) {
0775: foreach ($sql_record as $key => $value) {
0776: $result_string .= $value . "\n";
0777: }
0778: }
0779: else {
0780: $result_string .= "$opm_tag_recordbegin\n";
0781: foreach ($sql_record as $key => $value) {
0782: if ($encodeddata) {
0783: $encodedfield = base64_encode ($value);
0784: }
0785: else {
0786: $encodedfield = htmlentities ($value);
0787: }
0788: $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0789: $sql_fullrec .= $encodedfield;
0790: }
0791: $result_string .= "$opm_tag_recordend " . abs (crc32 ($sql_fullrec)) . "\n";
0792: }
0793: }
0794: return $result_string;
0795: }
0796:
0797:
0798:
0799:
0800:
0801: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0802: // Based on code from osCommerce (/admin/backup.php).
0803: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0804: function opm_FNBackup ($dump_file) {
0805: global $opm_script_version;
0806: if ($dump_file) {
0807: $bakfilef = fopen ($dump_file, 'w');
0808: $bakline = "# OSCPMWin (server-side $opm_script_version)\n";
0809: $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
0810: $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
0811: fwrite ($bakfilef, $bakline);
0812: $tables_query = tep_db_query ("show tables");
0813: while ($tables = tep_db_fetch_array ($tables_query)) {
0814: list (, $table) = each ($tables);
0815: $bakline = "drop table if exists $table;\ncreate table $table (\n";
0816: $table_list = array ();
0817: $fields_query = tep_db_query ("show fields from $table");
0818: while ($fields = tep_db_fetch_array($fields_query)) {
0819: $table_list[] = $fields["Field"];
0820: $bakline .= " " . $fields["Field"] . " " . $fields["Type"];
0821: if (strlen ($fields["Default"]) > 0) $bakline .= " default '" . $fields["Default"] . "'";
0822: if (strtoupper ($fields["Null"]) != "YES") $bakline .= " not null";
0823: if (isset ($fields["Extra"])) $bakline .= " " . $fields["Extra"];
0824: $bakline .= ",\n";
0825: }
0826: $bakline = ereg_replace(",\n$", '', $bakline);
0827: $index = array ();
0828: $keys_query = tep_db_query ("show keys from $table");
0829: while ($keys = tep_db_fetch_array ($keys_query)) {
0830: $kname = $keys["Key_name"];
0831: if (!isset ($index[$kname])) {
0832: $index[$kname] = array ("unique" => !$keys["Non_unique"], "columns" => array());
0833: }
0834: $index[$kname]["columns"][] = $keys["Column_name"];
0835: }
0836: while (list($kname, $info) = each($index)) {
0837: $bakline .= ",\n";
0838: $columns = implode($info["columns"], ", ");
0839: if ($kname == "PRIMARY") {
0840: $bakline .= " PRIMARY KEY ($columns)";
0841: } elseif ($info["unique"]) {
0842: $bakline .= " UNIQUE $kname ($columns)";
0843: } else {
0844: $bakline .= " KEY $kname ($columns)";
0845: }
0846: }
0847: $bakline .= "\n);\n\n";
0848: fwrite ($bakfilef, $bakline);
0849: $rows_query = tep_db_query ("select " . implode (",", $table_list) . " from $table");
0850: while ($rows = tep_db_fetch_array ($rows_query)) {
0851: $bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
0852: reset ($table_list);
0853: while (list (, $i) = each ($table_list)) {
0854: if (!isset ($rows[$i])) {
0855: $bakline .= "NULL, ";
0856: } elseif (($rows[$i] != "") && (strtoupper ($rows[$i]) != "NULL")) {
0857: $row = addslashes ($rows[$i]);
0858: $row = ereg_replace("\n#", "\n".'\#', $row);
0859: $bakline .= "'$row', ";
0860: } else {
0861: $bakline .= "'', ";
0862: }
0863: }
0864: $bakline = ereg_replace (", $", "", $bakline) . ");\n";
0865: fwrite ($bakfilef, $bakline);
0866: }
0867: }
0868: fclose ($bakfilef);
0869: }
0870: }
0871:
0872:
0873: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0874: // Compress a file with the gzip algorithm.
0875: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0876: function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
0877: if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
0878: $opm_ungzfp = fopen($opm_gzsource, "rb");
0879: $opm_gzfp = gzopen($opm_gztarget, "wb9");
0880: if ($opm_gzfp && $opm_ungzfp) {
0881: while (!feof ($opm_ungzfp)) {
0882: gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
0883: }
0884: @fclose ($opm_ungzfp);
0885: @gzclose ($opm_gzfp);
0886: return (true);
0887: }
0888: else {
0889: @fclose ($opm_ungzfp);
0890: @gzclose ($opm_gzfp);
0891: return (false);
0892: }
0893: }
0894: else {
0895: return (false);
0896: }
0897: }
0898:
0899:
0900: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0901: // Request a page from a web server.
0902: // If using a proxy server, redirect the call thru the proxy.
0903: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0904: function opm_FNget_webpage ($target_url) {
0905: global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
0906: $opm_http_content = "";
0907: $errno = 0;
0908: $errstr = "";
0909: $urlparts = parse_url ($target_url);
0910: if ($urlparts["host"]) {
0911: @ignore_user_abort (true);
0912: if ($opm_cfg_useproxy) {
0913: $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
0914: }
0915: else {
0916: $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
0917: }
0918: if ($opm_sockconn) {
0919: if ($opm_cfg_useproxy) {
0920: fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
0921: }
0922: else {
0923: fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
0924: }
0925: while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
0926: $opm_http_content .= fgets ($opm_sockconn, 10240);
0927: }
0928: @fclose ($opm_sockconn);
0929: if (eregi ("HTTP.*200 OK", $opm_http_content)) {
0930: $opm_http_content = str_replace ("\r", "", $opm_http_content);
0931: $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
0932: return ($opm_http_content);
0933: }
0934: }
0935: }
0936: return ("");
0937: }
0938:
0939:
0940:
0941:
0942: ?>
