Source code of file oscpmwin_v0.4.1.642/oscpm1_upload.txt from the
osCommerce Product Manager for Windows.
0000: <?php
0001: // osCommerce Product Manager for Windows (oscpmwin).
0002: // Copyright �2003-2006 by Mario A. Valdez-Ramirez.
0003:
0004: // You can contact Mario A. Valdez-Ramirez
0005: // by email at mario@mariovaldez.org or paper mail at
0006: // Olmos 809, San Nicolas, NL. 66495, Mexico.
0007:
0008: // This program is free software; you can redistribute it and/or modify
0009: // it under the terms of the GNU General Public License as published by
0010: // the Free Software Foundation; either version 2 of the License, or (at
0011: // your option) any later version.
0012:
0013: // This program is distributed in the hope that it will be useful, but
0014: // WITHOUT ANY WARRANTY; without even the implied warranty of
0015: // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
0016: // General Public License for more details.
0017:
0018: // You should have received a copy of the GNU General Public License
0019: // along with this program; if not, write to the Free Software
0020: // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
0021:
0022:
0023: // ==================================
0024: // Start of configuration options...
0025: // ==================================
0026: $opm_images_directory = "images/";
0027: $opm_enable_logfile = false;
0028: $opm_enable_extralog = false;
0029: $opm_debug_file = "opm_debug.txt";
0030: $opm_browser_debug = false;
0031: $opm_enable_auth = true;
0032: $opm_password_override = "";
0033: $opm_upload_perms = "0644";
0034: $opm_timezone_shift = 0;
0035: $opm_allow_compression = true;
0036: $opm_compress_level = 1;
0037:
0038: $opm_cfg_useproxy = false;
0039: $opm_cfg_proxyaddress = "192.168.0.1";
0040: $opm_cfg_proxyport = 3128;
0041:
0042: // ==================================
0043: // End of configuration options...
0044: // ==================================
0045:
0046:
0047: $opm_httpconn_timeout = 60; // 60 seconds
0048: $opm_tag_recordbegin = "BR"; // BR
0049: $opm_tag_recordend = "ER"; // ER
0050: $opm_tag_field = "DF"; // DF
0051: $opm_tag_databegin = "["; // [
0052: $opm_tag_dataend = "]"; // ]
0053: $opm_tag_comment = "#"; // #
0054: $opm_tag_stats = "ST"; // ST
0055: $opm_tag_fieldlist = "FL"; // FL
0056:
0057:
0058: $opm_script_version = "0.8.5";
0059: error_reporting(E_ALL & ~E_NOTICE);
0060:
0061: $opm_realpath = str_replace (basename (__FILE__), "", __FILE__) . $opm_images_directory;
0062: $opm_tmpsoftwarename = explode (" ", $HTTP_SERVER_VARS["SERVER_SOFTWARE"]);
0063: $opm_tmposname = explode (" ", php_uname ());
0064: $opm_useragent = "User-Agent: OSCPMWin/$opm_script_version " . $opm_tmpsoftwarename[0] . " MySQL/unknown " . $opm_tmposname[0];
0065:
0066:
0067:
0068: @set_time_limit (300);
0069:
0070: if (!$opm_upload_perms) {
0071: $opm_upload_perms = "0600";
0072: }
0073: // Get all parameters about the request.
0074: if (!$opm_browser_debug) {
0075: $opm_passwordhash = strtoupper (trim ($_POST["Pw"]));
0076: $opm_operation = strtolower (trim ($_POST["Op"]));
0077: $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["Fn"])))));
0078: $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_POST["SD"])))));
0079: $opm_query = base64_decode (trim ($_POST["Qy"]));
0080: $opm_reqversion = trim ($_POST["Vn"]);
0081: $opm_logintimestamp = trim ($_POST["TS"]);
0082: }
0083: else {
0084: $opm_passwordhash = strtoupper (trim ($_GET["Pw"]));
0085: $opm_operation = strtolower (trim ($_GET["Op"]));
0086: $opm_filename = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["Fn"])))));
0087: $opm_subdir = str_replace (" ", "_", str_replace ("..", "", str_replace ("\\", "", str_replace ("//", "/", trim ($_GET["SD"])))));
0088: $opm_query = trim ($_GET["Qy"]);
0089: $opm_reqversion = trim ($_GET["Vn"]);
0090: $opm_logintimestamp = trim ($_GET["TS"]);
0091: }
0092: if (($opm_filename{0} == "/") || ($opm_filename{0} == ".")) {
0093: $opm_filename = substr ($opm_filename, 1, strlen ($opm_filename) - 1);
0094: }
0095: /*
0096: Note on parameters:
0097: When the operation needs a parameter, it shold be send using
0098: either FN or QY (Filename or Query). The difference is that
0099: FN is cleaned (deleting slashes, dots and spaces) while QY
0100: is not cleaned. However, QY is always Base64-encoded.
0101: */
0102:
0103:
0104: // Log basic information about the request.
0105: if ($opm_enable_extralog) {
0106: if (!$opm_browser_debug) {
0107: opm_FNDebug_Log (print_r ($_POST, true));
0108: }
0109: else {
0110: opm_FNDebug_Log (print_r ($_GET, true));
0111: }
0112: }
0113: else {
0114: opm_FNDebug_Log ("");
0115: }
0116: opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0117: opm_FNDebug_Log ("PASSWORDHASH=" . $opm_passwordhash);
0118: opm_FNDebug_Log ("OPERATION=" . $opm_operation);
0119: opm_FNDebug_Log ("FILENAME=" . $opm_filename);
0120: opm_FNDebug_Log ("SUBDIR=" . $opm_subdir);
0121: opm_FNDebug_Log ("QUERY=" . $opm_query);
0122: opm_FNDebug_Log ("REQVERSION=" . $opm_reqversion);
0123: opm_FNDebug_Log ("LOGINTIMESTAMP=" . $opm_logintimestamp);
0124:
0125:
0126: // Include osCommerce database configuration and functions.
0127: require ("includes/configure.php");
0128: require (DIR_WS_INCLUDES . "database_tables.php");
0129: require (DIR_WS_FUNCTIONS . "database.php");
0130:
0131:
0132: if ($opm_browser_debug) { echo "<pre>"; }
0133:
0134: // Check if script version is the expected by client.
0135: if (($opm_script_version != $opm_reqversion) && ($opm_operation)) {
0136: opm_FNDebug_Log ("ERROR 1000 wrong script version. Expected $opm_reqversion, but we are $opm_script_version.");
0137: echo "ERROR 1000 WRONG SCRIPT VERSION";
0138: return;
0139: }
0140:
0141: // Check if the image directory is valid.
0142: if (!is_dir ($opm_realpath) && ($opm_operation)) {
0143: opm_FNDebug_Log ("ERROR 1010 cannot find the images directory. Expecting $opm_realpath exist.");
0144: echo "ERROR 1010 IMAGE DIRECTORY NOT FOUND";
0145: return;
0146: }
0147:
0148: // Get osCommerce DB password and compare it with client password.
0149: // Unless no operation is requested.
0150: if ($opm_operation) {
0151: if ($opm_enable_auth) {
0152: if (defined ("DB_SERVER_PASSWORD") || ($opm_password_override != "")) {
0153: if ($opm_password_override != "") {
0154: opm_FNDebug_Log ("Password override is enabled.");
0155: $opm_serverpassword = strtoupper (md5 ($opm_logintimestamp . $opm_password_override));
0156: }
0157: else {
0158: $opm_serverpassword = strtoupper (md5 ($opm_logintimestamp . DB_SERVER_PASSWORD));
0159: }
0160: opm_FNDebug_Log ("SERVERPASSWORDHASH=" . $opm_serverpassword);
0161: if ($opm_serverpassword != $opm_passwordhash) {
0162: opm_FNDebug_Log ("ERROR 1020 the server and client passwords do not match.");
0163: echo "ERROR 1020 PASSWORD MISMATCH";
0164: return;
0165: }
0166: }
0167: else {
0168: opm_FNDebug_Log ("ERROR 1021 the server password was not found.");
0169: echo "ERROR 1021 CANNOT FIND SERVER PASSWORD";
0170: return;
0171: }
0172: }
0173: else {
0174: opm_FNDebug_Log ("Password authentication is disabled.");
0175: }
0176: }
0177: else {
0178: $opm_simpletest_dbok = false;
0179: $opm_simpletest_imgok = false;
0180: echo "<html><head><title>osCommerce Product Manager (OSCPMWin).</title>\n";
0181: echo "<style>\nBODY { font-family: sans-serif; background-color: #FFFFFF; }\n";
0182: echo "LI { padding: 5px; }\n";
0183: echo "H3 { padding: 5px 5px 5px 20px; }\n";
0184: echo "A { color: #0000FF; text-decoration: none; }\n";
0185: echo "A:hover { color: #FF0000; text-decoration: underline; }\n";
0186: echo "DIV { border: solid 2px #000000; margin: 10px 20px 10px 20px; }";
0187: echo ".ok { background-color: #CCFFCC; }\n";
0188: echo ".notok { background-color: #FFCCCC; }\n";
0189: echo ".info { background-color: #EEEEFF; }\n";
0190: echo ".links { background-color: #EEEEEE; }\n";
0191: echo "</style>\n";
0192: echo "</head><body>\n";
0193: echo "<h3>osCommerce Product Manager (OSCPMWin),<br>server-side script $opm_script_version</h3>\n";
0194: $opm_simpletest_dbok = (boolean) (tep_db_connect ());
0195: $opm_simpletest_imgok = (boolean) (file_exists ($opm_realpath) && is_readable ($opm_realpath) && is_writable ($opm_realpath) && is_dir ($opm_realpath));
0196: if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0197: echo "<div class=\"ok\">";
0198: }
0199: else {
0200: echo "<div class=\"notok\">";
0201: }
0202: echo "<ul>\n";
0203: if ($opm_simpletest_dbok) {
0204: echo "<li><strong>Database connection seems OK.</strong></li>\n";
0205: }
0206: else {
0207: echo "<li><strong>Database connection failed.</strong><br><small>Check that the database server is working properly. This should not happen if the web store is working properly.</small></li>\n";
0208: }
0209: if ($opm_simpletest_imgok) {
0210: echo "<li><strong>Image directory seems OK.</strong></li>\n";
0211: }
0212: else {
0213: echo "<li><strong>Image directory not found, not readable or not writable.</strong><br><small>Check the opm_images_directory option in this script, and that this script has permissions to read and write in that directory.</small></li>\n";
0214: }
0215: echo "</ul>";
0216: if ($opm_simpletest_dbok && $opm_simpletest_imgok) {
0217: echo "<h3><strong>Everything seems OK. :)</strong></h3>\n";
0218: }
0219: else {
0220: echo "<h3><strong>There seems to be a problem. :(</strong></h3>\n";
0221: }
0222: echo "</div>";
0223: echo "<div class=\"info\"><ul>";
0224: if ($opm_browser_debug) {
0225: echo "<li>Browser-debug mode is enabled.";
0226: }
0227: else {
0228: echo "<li>Browser-debug mode is disabled";
0229: }
0230: echo "<br><small>This is for developers only. To be used only if you are debugging this script or the client application.</small></li>\n";
0231:
0232: if ($opm_enable_logfile) {
0233: echo "<li>Logging file is enabled.";
0234: }
0235: else {
0236: echo "<li>Logging file is disabled";
0237: }
0238: echo "<br><small>For debugging purposes only, not for production stores (because if enabled, slows the server down and consumes too much disk space).</small></li>\n";
0239:
0240: if ($opm_cfg_useproxy) {
0241: echo "<li>Proxy-usage is enabled.";
0242: }
0243: else {
0244: echo "<li>Proxy-usage is disabled";
0245: }
0246: echo "<br><small>To be used if the web server is behind a proxy so that all http connections are done thru the proxy.</small></li>\n";
0247:
0248: if ($opm_allow_compression) {
0249: echo "<li>Compression is enabled.";
0250: }
0251: else {
0252: echo "<li>Compression is disabled";
0253: }
0254: echo "<br><small>Compression of transfered data improves the speed of the data transfer. The compression level is set to $opm_compress_level.</small></li>\n";
0255:
0256: echo "<li>The time zone shift is set to $opm_timezone_shift.<br><small>To be used with some timestamps</small>.</li>\n";
0257: echo "</ul></div>";
0258: echo "<div class=\"links\"><ul>";
0259: echo "<li><a href=\"http://www.mariovaldez.net/software/oscpmwin/\">OSCPMWin homepage</a>.</li>\n";
0260: echo "<li><a href=\"http://www.mariovaldez.net/webapps/forums/index.php?c=9\">OSCPMWin web forums</a>.</li>\n";
0261: echo "<li><a href=\"http://www.oscommerce.org/\">osCommerce homepage</a>.</li>\n";
0262: echo "</ul></div>";
0263: echo "<p><small>©2003-2006 by Mario A. Valdez-Ramirez.<br>\n";
0264: echo "This program is free software; you can redistribute it and/or modify\n";
0265: echo "it under the terms of the GNU General Public License as published by\n";
0266: echo "the Free Software Foundation; either version 2 of the License, or (at\n";
0267: echo "your option) any later version.</small></p>\n";
0268: echo "</body></html>";
0269: return;
0270: }
0271:
0272:
0273: // Connect to database.
0274: if (($opm_operation == "dbquery") || ($opm_operation == "delete1") || ($opm_operation == "delete2") || ($opm_operation == "capa") || ($opm_operation == "backup")) {
0275: if (!tep_db_connect ()) {
0276: echo "ERROR 1031 NO DATABASE CONNECTION";
0277: return;
0278: }
0279: }
0280:
0281:
0282: // ==================================
0283: // Do nothing.
0284: // NOOP do nothing.
0285: // ==================================
0286: if ($opm_operation == "noop") {
0287: echo "OK NOOP START\n";
0288: opm_FNDebug_Log ("OK NOOP requested.");
0289: echo "OK NOOP END\n";
0290: }
0291:
0292: // ==================================
0293: // CHECK if a file exists.
0294: // CHECK requires the full path of the image.
0295: // ==================================
0296: if ($opm_operation == "check") {
0297: if ($opm_filename) {
0298: if (file_exists ($opm_realpath . $opm_filename)) {
0299: opm_FNDebug_Log ("OK file found $opm_filename.");
0300: echo "OK FILE EXISTS";
0301: }
0302: else {
0303: opm_FNDebug_Log ("ERROR 1110 file not found $opm_filename.");
0304: echo "ERROR 1110 FILE NOT FOUND";
0305: }
0306: }
0307: }
0308:
0309: // ==================================
0310: // LIST all files recursively.
0311: // LIST returns the filenames with paths.
0312: // ==================================
0313: if ($opm_operation == "list") {
0314: echo "OK LIST START\n";
0315: opm_FNList_Files ($opm_realpath, "", false);
0316: echo "OK LIST END\n";
0317: }
0318:
0319: // ==================================
0320: // LISTDIRS only dirs recursively.
0321: // LISTDIRS returns no filenames.
0322: // ==================================
0323: if ($opm_operation == "listdirs") {
0324: echo "OK LISTDIRS START\n";
0325: opm_FNList_Files ($opm_realpath, "", true);
0326: echo "OK LISTDIRS END\n";
0327: }
0328:
0329: // ==================================
0330: // DELETE an image.
0331: // DELETE requires the filename of the image with path.
0332: // DELETE1 deletes the image if less than one record references it.
0333: // DELETE2 deletes the image if less than two records reference it.
0334: // ==================================
0335: if (($opm_operation == "delete1") || ($opm_operation == "delete2")) {
0336: if ($opm_operation == "delete1") {
0337: $allowed_owners = 1;
0338: }
0339: else {
0340: $allowed_owners = 2;
0341: }
0342: if ($opm_filename) {
0343: // Check for More Pics 6 extension...
0344: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0345: if ($opm_sqlresult[0]) {
0346: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename' or products_subimage1='$opm_filename' or products_subimage2='$opm_filename' or products_subimage3='$opm_filename' or products_subimage4='$opm_filename' or products_subimage5='$opm_filename' or products_subimage6='$opm_filename'"));
0347: }
0348: else {
0349: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select count(products_id) from " . TABLE_PRODUCTS . " where products_image='$opm_filename'"));
0350: }
0351: if ($opm_sqlresult[0] < $allowed_owners) {
0352: if (file_exists ($opm_realpath . $opm_filename)) {
0353: if (@unlink ($opm_realpath . $opm_filename)) {
0354: if (!file_exists ($opm_realpath . $opm_filename)) {
0355: opm_FNDebug_Log ("OK file deleted $opm_filename.");
0356: echo "OK DELETE";
0357: }
0358: else {
0359: opm_FNDebug_Log ("ERROR 1120 file cannot be deleted $opm_filename.");
0360: echo "ERROR 1120 DELETE FILE REMAINS";
0361: }
0362: }
0363: else {
0364: opm_FNDebug_Log ("ERROR 1121 when deleting $opm_filename.");
0365: echo "ERROR 1121 DELETE UNKNOWN";
0366: }
0367: }
0368: else {
0369: opm_FNDebug_Log ("OK file not found when deleting $opm_filename.");
0370: echo "OK DELETE FILE NOT FOUND";
0371: }
0372: }
0373: else {
0374: opm_FNDebug_Log ("OK file is used by other record (" . ($opm_sqlresult[0] - 1) . ").");
0375: echo "OK DELETE FILE IN USE";
0376: }
0377: }
0378: else {
0379: opm_FNDebug_Log ("OK filename empty.");
0380: echo "OK DELETE FILENAME EMPTY";
0381: }
0382: }
0383:
0384: // ==================================
0385: // UPLOAD an image.
0386: // UPLOAD requires the path, without filename, where the image will be stored.
0387: // UPLOAD returns the image filename with the path.
0388: // ==================================
0389: if ($opm_operation == "upload") {
0390: if ($_FILES["Fl"]["name"] && $_FILES["Fl"]["size"]) {
0391: if (is_uploaded_file ($_FILES["Fl"]["tmp_name"])) {
0392: if ($opm_filename) {
0393: $newfn = $opm_filename;
0394: }
0395: else {
0396: $newfn = trim ($_FILES["Fl"]["name"]);
0397: }
0398: $newfn = str_replace (" ", "_", $newfn);
0399: $newfn = str_replace ("/", "", $newfn);
0400: $newfn = str_replace ("\\", "", $newfn);
0401: $newfn = ereg_replace("[^[:alnum:]\._]", "", $newfn);
0402: $newfn = strtolower ($newfn);
0403:
0404: if ($opm_subdir) {
0405: if ((!file_exists ($opm_realpath . $opm_subdir)) || (!is_dir ($opm_realpath . $opm_subdir))) {
0406: opm_FNDebug_Log ("will create directory=" . $opm_realpath . $opm_subdir);
0407: opm_FNmkdirs ($opm_realpath . $opm_subdir, 0777);
0408: }
0409: if (file_exists ($opm_realpath . $opm_subdir) && (is_dir ($opm_realpath . $opm_subdir))) {
0410: opm_FNDebug_Log ("directory exists=" . $opm_realpath . $opm_subdir);
0411: $newfn = $opm_subdir . "/" . $newfn;
0412: }
0413: else {
0414: opm_FNDebug_Log ("directory does not exist, will ignore=" . $opm_realpath . $opm_subdir);
0415: }
0416: }
0417: opm_FNDebug_Log ("wanted filename=" . $newfn);
0418: $newfn = opm_FNSmart_Rename ($newfn, 100);
0419: opm_FNDebug_Log ("smart filename=" . $newfn);
0420: opm_FNDebug_Log ("REALPATH=" . $opm_realpath);
0421: if (!file_exists ($opm_realpath . $newfn)) {
0422: opm_FNDebug_Log ("file not exist=" . $opm_realpath . $newfn);
0423: if (@move_uploaded_file ($_FILES["Fl"]["tmp_name"], $opm_realpath . $newfn)) {
0424: opm_FNDebug_Log ("moving file to=" . $opm_realpath . $newfn);
0425: if (file_exists ($opm_realpath . $newfn)) {
0426: opm_FNDebug_Log ("upload complete=" . $opm_realpath . $newfn);
0427: @chmod ($opm_realpath . $newfn, octdec ($opm_upload_perms));
0428: echo "OK UPLOAD [" . $newfn . "]";
0429: }
0430: else {
0431: opm_FNDebug_Log ("ERROR 1130 file not copied=" . $opm_realpath . $newfn);
0432: echo "ERROR 1130 UPLOAD FILE NOT FOUND";
0433: }
0434: }
0435: else {
0436: opm_FNDebug_Log ("ERROR 1131 file not copied=" . $opm_realpath . $newfn);
0437: echo "ERROR 1131 UPLOAD CANNOT MOVE";
0438: }
0439: }
0440: else {
0441: opm_FNDebug_Log ("ERROR 1133 file exist=" . $opm_realpath . $newfn);
0442: echo "ERROR 1133 UPLOAD EXIST [" . $newfn . "]";
0443: }
0444: }
0445: else {
0446: opm_FNDebug_Log ("ERROR 1134 cannot find uploaded file!");
0447: echo "ERROR 1134 UPLOAD";
0448: }
0449: }
0450: }
0451:
0452: // ==================================
0453: // CAPABILITY listing.
0454: // CAPABILITY returns a list of identified modules.
0455: // ==================================
0456: if ($opm_operation == "capa") {
0457: opm_FNDebug_Log ("OK Capability search started.");
0458: echo "OK CAPABILITY START\n";
0459:
0460: // Credit Card Payment...
0461: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_CC_STATUS'"));
0462: if ($opm_sqlresult[0]) {
0463: opm_FNDebug_Log ("OK PAY_CC capcbility found.");
0464: echo "PAY_CC\n";
0465: }
0466:
0467: // Money Order Payment...
0468: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_MONEYORDER_STATUS'"));
0469: if ($opm_sqlresult[0]) {
0470: opm_FNDebug_Log ("OK PAY_ORDER capcbility found.");
0471: echo "PAY_ORDER\n";
0472: }
0473:
0474: // COD Payment...
0475: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_COD_STATUS'"));
0476: if ($opm_sqlresult[0]) {
0477: opm_FNDebug_Log ("OK PAY_CC capcbility found.");
0478: echo "PAY_CC\n";
0479: }
0480:
0481: // PayPal Payment...
0482: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_PAYPAL_STATUS'"));
0483: if ($opm_sqlresult[0]) {
0484: opm_FNDebug_Log ("OK PAY_PP capcbility found.");
0485: echo "PAY_PP\n";
0486: }
0487:
0488: // Flat Rate Shipping...
0489: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_FLAT_STATUS'"));
0490: if ($opm_sqlresult[0]) {
0491: opm_FNDebug_Log ("OK SHIP_FLAT capcbility found.");
0492: echo "SHIP_FLAT\n";
0493: }
0494:
0495: // Table Shipping...
0496: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_TABLE_STATUS'"));
0497: if ($opm_sqlresult[0]) {
0498: opm_FNDebug_Log ("OK SHIP_TBL capcbility found.");
0499: echo "SHIP_TBL\n";
0500: }
0501:
0502: // Store PickUp Shipping...
0503: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_SHIPPING_SPU_STATUS'"));
0504: if ($opm_sqlresult[0]) {
0505: opm_FNDebug_Log ("OK SHIP_SPU capcbility found.");
0506: echo "SHIP_SPU\n";
0507: }
0508:
0509: // Multi Pickup Shipping...
0510: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'stores'"));
0511: if ($opm_sqlresult[0]) {
0512: opm_FNDebug_Log ("OK SHIP_MPU capcbility found.");
0513: echo "SHIP_MPU\n";
0514: }
0515:
0516: // More Pics 6...
0517: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS . " products_subimage6"));
0518: if ($opm_sqlresult[0]) {
0519: opm_FNDebug_Log ("OK MOREPICS6 capcbility found.");
0520: echo "MOREPICS6\n";
0521: }
0522:
0523: // Total B2B...
0524: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_CUSTOMERS . " customers_groups_id"));
0525: if ($opm_sqlresult[0]) {
0526: opm_FNDebug_Log ("OK TOTALB2B capcbility found.");
0527: echo "TOTALB2B\n";
0528: }
0529:
0530: // Poll Booth...
0531: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("show tables like 'phesis_poll_config'"));
0532: if ($opm_sqlresult[0]) {
0533: opm_FNDebug_Log ("OK POLLBOOTH capcbility found.");
0534: echo "POLLBOOTH\n";
0535: }
0536:
0537: // Header Tags Controller...
0538: $opm_sqlresult = explode ("\n", opm_FNExec_Query ("describe " . TABLE_PRODUCTS_DESCRIPTION . " products_head_keywords_tag"));
0539: if ($opm_sqlresult[0]) {
0540: opm_FNDebug_Log ("OK HEADERTAGS capcbility found.");
0541: echo "HEADERTAGS\n";
0542: }
0543:
0544: opm_FNDebug_Log ("OK Capability search finished.");
0545: echo "OK CAPABILITY END\n";
0546: }
0547:
0548: // ==================================
0549: // BACKUP database.
0550: // BACKUP returns a SQL dump.
0551: // ==================================
0552: if ($opm_operation == "backup") {
0553: opm_FNDebug_Log ("OK Backup of database requested.");
0554: $opm_bak_filename = date ("Ymd_His", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . ".sql";
0555: opm_FNBackup ($opm_realpath . $opm_bak_filename);
0556: if (file_exists ($opm_realpath . $opm_bak_filename)) {
0557: opm_FNgzip_file ($opm_realpath . $opm_bak_filename, $opm_realpath . $opm_bak_filename . ".gz");
0558: if (file_exists ($opm_realpath . $opm_bak_filename . ".gz")) {
0559: $opm_bak_filesize = filesize ($opm_realpath . $opm_bak_filename . ".gz");
0560: header ("Content-type: application/octet-stream");
0561: header ("Content-disposition: attachement; filename=" . $opm_bak_filename . ".gz");
0562: header("Content-Length: " . $opm_bak_filesize);
0563: header ("Pragma: no-store");
0564: readfile ($opm_realpath . $opm_bak_filename . ".gz");
0565: @unlink ($opm_realpath . $opm_bak_filename . ".gz");
0566: opm_FNDebug_Log ("OK Deleting compressed backup file.");
0567: }
0568: @unlink ($opm_realpath . $opm_bak_filename);
0569: opm_FNDebug_Log ("OK Deleting uncompressed backup file.");
0570: }
0571: else {
0572: opm_FNDebug_Log ("ERROR 1140 Backup file not found.");
0573: }
0574: opm_FNDebug_Log ("OK Backup operation finished.");
0575: }
0576:
0577:
0578: // ==================================
0579: // Get XCHGRATES.
0580: // XCHGRATES returns the exchange rates of currencies.
0581: // ==================================
0582: if ($opm_operation == "xchgrates") {
0583: opm_FNDebug_Log ("OK Starting XCHGRATES operation.");
0584: if ($opm_filename) {
0585: $opm_filename = strtoupper ($opm_filename);
0586: $opm_main_currency = substr ($opm_filename, 0, 3);
0587: $opm_xchange_currencies = str_replace (",", "_", substr ($opm_filename, 4));
0588: if (($opm_main_currency) && ($opm_xchange_currencies)) {
0589: $opm_xchange_page = "http://www.oanda.com/convert/fxdaily?value=1&exch=$opm_main_currency&dest=Get+Table&sel_list=$opm_xchange_currencies&format=CSV&redirected=1";
0590: $opm_page_data = opm_FNget_webpage ($opm_xchange_page);
0591: if ($opm_page_data) {
0592: $opm_page_data = strip_tags ($opm_page_data);
0593: $opm_page_data = preg_replace ("/[\r\n]+[\s\t]*[\r\n]+/", "", $opm_page_data);
0594: $opm_xr_matches = array ();
0595: preg_match_all ("/(.+),(\w{3}),([0-9.]+),([0-9.]+)/i", $opm_page_data, $opm_xr_matches);
0596: echo "OK XCHGRATES START\n";
0597: foreach ($opm_xr_matches[2] as $key => $value) {
0598: echo $opm_xr_matches[2][$key] . "," . $opm_xr_matches[4][$key] . "\n";
0599: }
0600: echo "OK XCHGRATES END\n";
0601: }
0602: else {
0603: opm_FNDebug_Log ("ERROR 1150 The remote server answer is empty or invalid.");
0604: echo "ERROR 1150 XCHGRATES REMOTE SERVER ERROR";
0605: }
0606: }
0607: else {
0608: opm_FNDebug_Log ("ERROR 1151 The specified currency codes are invalid.");
0609: echo "ERROR 1151 XCHGRATES INVALID CURRENCY";
0610: }
0611: }
0612: else {
0613: opm_FNDebug_Log ("ERROR 1152 The no currency codes were specified.");
0614: echo "ERROR 1152 XCHGRATES EMPTY CURRENCY";
0615: }
0616: }
0617:
0618:
0619:
0620: // ==================================
0621: // Execute DBQUERY.
0622: // DBQUERY returns ...
0623: // ==================================
0624: if ($opm_operation == "dbquery") {
0625: opm_FNDebug_Log ("OK Starting DBQUERY operation.");
0626: if ($opm_query) {
0627: echo "OK DBQUERY START\n";
0628: echo opm_FNExec_Query ($opm_query, false, true);
0629: echo "OK DBQUERY END\n";
0630: }
0631: else {
0632: opm_FNDebug_Log ("ERROR 1171 The database query is empty.");
0633: echo "ERROR 1171 DBQUERY EMPTY DATABASE QUERY";
0634: }
0635: opm_FNDebug_Log ("OK Finishing DBQUERY operation.");
0636: }
0637:
0638:
0639:
0640: if ($opm_browser_debug) { echo "</pre>"; }
0641: return;
0642:
0643:
0644: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0645: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0646: function opm_FNList_Files ($dirname, $parentdir, $onlydirs) {
0647: $dirhandle = opendir ($dirname);
0648: while (($file = readdir ($dirhandle)) != false)
0649: $sorteddir[count ($sorteddir)] = $file;
0650: closedir ($dirhandle);
0651: natcasesort ($sorteddir);
0652: if (!$onlydirs) {
0653: foreach ($sorteddir as $file) {
0654: if (($file != ".") && ($file != "..")) {
0655: if (!is_dir ($dirname . $file)) {
0656: if ($parentdir) {
0657: echo $parentdir . "/" . $file . "\n";
0658: }
0659: else {
0660: echo $file . "\n";
0661: }
0662: }
0663: }
0664: }
0665: foreach ($sorteddir as $file) {
0666: if (($file != ".") && ($file != "..")) {
0667: if (is_dir ($dirname . $file)) {
0668: if ($parentdir) {
0669: opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0670: }
0671: else {
0672: opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0673: }
0674: }
0675: }
0676: }
0677: }
0678: else {
0679: foreach ($sorteddir as $file) {
0680: if (($file != ".") && ($file != "..")) {
0681: if (is_dir ($dirname . $file)) {
0682: if ($parentdir) {
0683: echo $parentdir . "/" . $file . "\n";
0684: opm_FNList_Files ($dirname . $file . "/", $parentdir . "/" . $file, $onlydirs);
0685: }
0686: else {
0687: echo $file . "\n";
0688: opm_FNList_Files ($dirname . $file . "/", $file, $onlydirs);
0689: }
0690: }
0691: }
0692: }
0693: }
0694: }
0695:
0696:
0697:
0698: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0699: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0700: function opm_FNSmart_Rename ($wantedname, $tries) {
0701: global $opm_realpath;
0702: $newname = $wantedname;
0703: $newext = '.' . array_pop (explode ('.', $wantedname));
0704: for ($trycounter = 1; $trycounter <= $tries; $trycounter++) {
0705: if (!file_exists ($opm_realpath . $newname)) {
0706: return ($newname);
0707: }
0708: else {
0709: $newdirname = dirname ($wantedname);
0710: if ($newdirname != ".") {
0711: $newname = dirname ($wantedname) . "/" . basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0712: }
0713: else {
0714: $newname = basename ($wantedname, $newext) . "_" . $trycounter . $newext;
0715: }
0716: }
0717: }
0718: return ($wantedname);
0719: }
0720:
0721:
0722:
0723: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0724: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0725: function opm_FNDebug_Log ($logline) {
0726: global $opm_enable_logfile, $opm_debug_file, $opm_timezone_shift;
0727: if ($opm_enable_logfile) {
0728: if (!(file_exists ($opm_debug_file) && !is_writable ($opm_debug_file))) {
0729: $opm_timestamp = date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y")));
0730: $opm_lfilef = @fopen ($opm_debug_file, 'a');
0731: if ($opm_lfilef) {
0732: if ($logline) {
0733: @fwrite ($opm_lfilef, $opm_timestamp . ": " . $logline . "\n");
0734: }
0735: else {
0736: @fwrite ($opm_lfilef, "\n");
0737: }
0738: @fclose ($opm_lfilef);
0739: }
0740: }
0741: }
0742: }
0743:
0744:
0745: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0746: // Based on code posted on php.net by saint@corenova.com and bart@cdasites.com
0747: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0748: function opm_FNmkdirs ($dirname) {
0749: if (is_dir ($dirname) || empty ($dirname)) return 1;
0750: if (file_exists ($dirname) && !is_dir ($dirname)) return 0;
0751: if (opm_FNmkdirs (substr ($dirname, 0, strrpos ($dirname, '/')))) {
0752: if (!file_exists($dirname)) {
0753: return @mkdir ($dirname);
0754: }
0755: }
0756: return 0;
0757: }
0758:
0759:
0760: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0761: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0762: function opm_FNExec_Query ($sql_query, $rawdata = true, $encodeddata = false) {
0763: global $opm_tag_recordbegin, $opm_tag_recordend, $opm_tag_field, $opm_tag_cfield, $opm_tag_fieldlist;
0764: global $opm_tag_databegin, $opm_tag_dataend, $opm_tag_comment, $opm_tag_stats;
0765: global $opm_allow_compression, $opm_compress_level;
0766: $result_string = "";
0767: $record_count = 0;
0768: $query_type = strtoupper (substr ($sql_query, 0, strpos ($sql_query, " ")));
0769: opm_FNDebug_Log ("SQLQUERY=" . $sql_query);
0770: $sql_result = tep_db_query ($sql_query);
0771: if (($query_type == "SELECT") || ($query_type == "SHOW") || ($query_type == "DESCRIBE")) {
0772: while ($sql_record = tep_db_fetch_array ($sql_result)) {
0773: $record_count++;
0774: $sql_fullrec = "";
0775: if ($rawdata) {
0776: foreach ($sql_record as $key => $value) {
0777: $result_string .= $value . "\n";
0778: }
0779: }
0780: else {
0781: $result_string .= "$opm_tag_recordbegin\n";
0782: foreach ($sql_record as $key => $value) {
0783: if ($encodeddata) {
0784: $encodedfield = base64_encode ($value);
0785: }
0786: else {
0787: $encodedfield = htmlentities ($value);
0788: }
0789: $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0790: $sql_fullrec .= $encodedfield;
0791: }
0792: $result_string .= "$opm_tag_recordend " . abs (crc32 ($sql_fullrec)) . "\n";
0793: }
0794: }
0795: }
0796: elseif ($query_type == "INSERT") {
0797: $sql_result = tep_db_insert_id ();
0798: $record_count = 1;
0799: $sql_fullrec = "";
0800: if ($rawdata) {
0801: $result_string .= $sql_result . "\n";
0802: }
0803: else {
0804: $result_string .= "$opm_tag_recordbegin\n";
0805: if ($encodeddata) {
0806: $encodedfield = base64_encode ($sql_result);
0807: }
0808: else {
0809: $encodedfield = htmlentities ($sql_result);
0810: }
0811: $result_string .= "$opm_tag_field " . $opm_tag_databegin . $encodedfield . $opm_tag_dataend . "\n";
0812: $sql_fullrec .= $encodedfield;
0813: $result_string .= "$opm_tag_recordend " . abs (crc32 ($sql_fullrec)) . "\n";
0814: }
0815: }
0816: if (!$rawdata) {
0817: if ($opm_allow_compression) {
0818: $result_string = base64_encode (gzcompress ($result_string, $opm_compress_level)) . "\n";
0819: }
0820: }
0821: return $result_string;
0822: }
0823:
0824:
0825:
0826:
0827:
0828: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0829: // Based on code from osCommerce (/admin/backup.php).
0830: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0831: function opm_FNBackup ($dump_file) {
0832: global $opm_script_version;
0833: if ($dump_file) {
0834: $bakfilef = fopen ($dump_file, 'w');
0835: $bakline = "# OSCPMWin (server-side $opm_script_version)\n";
0836: $bakline .= "# Database: " . DB_DATABASE . "@" . DB_SERVER . "\n";
0837: $bakline .= "# Date: " . date ("Y-m-d H:i:s", mktime(date("H")+$opm_timezone_shift,date("i"),date("s"),date("m"),date("d"),date("Y"))) . "\n";
0838: fwrite ($bakfilef, $bakline);
0839: $tables_query = tep_db_query ("show tables");
0840: while ($tables = tep_db_fetch_array ($tables_query)) {
0841: list (, $table) = each ($tables);
0842: $bakline = "drop table if exists $table;\ncreate table $table (\n";
0843: $table_list = array ();
0844: $fields_query = tep_db_query ("show fields from $table");
0845: while ($fields = tep_db_fetch_array($fields_query)) {
0846: $table_list[] = $fields["Field"];
0847: $bakline .= " " . $fields["Field"] . " " . $fields["Type"];
0848: if (strlen ($fields["Default"]) > 0) $bakline .= " default '" . $fields["Default"] . "'";
0849: if (strtoupper ($fields["Null"]) != "YES") $bakline .= " not null";
0850: if (isset ($fields["Extra"])) $bakline .= " " . $fields["Extra"];
0851: $bakline .= ",\n";
0852: }
0853: $bakline = ereg_replace(",\n$", '', $bakline);
0854: $index = array ();
0855: $keys_query = tep_db_query ("show keys from $table");
0856: while ($keys = tep_db_fetch_array ($keys_query)) {
0857: $kname = $keys["Key_name"];
0858: if (!isset ($index[$kname])) {
0859: $index[$kname] = array ("unique" => !$keys["Non_unique"], "columns" => array());
0860: }
0861: $index[$kname]["columns"][] = $keys["Column_name"];
0862: }
0863: while (list($kname, $info) = each($index)) {
0864: $bakline .= ",\n";
0865: $columns = implode($info["columns"], ", ");
0866: if ($kname == "PRIMARY") {
0867: $bakline .= " PRIMARY KEY ($columns)";
0868: } elseif ($info["unique"]) {
0869: $bakline .= " UNIQUE $kname ($columns)";
0870: } else {
0871: $bakline .= " KEY $kname ($columns)";
0872: }
0873: }
0874: $bakline .= "\n);\n\n";
0875: fwrite ($bakfilef, $bakline);
0876: $rows_query = tep_db_query ("select " . implode (",", $table_list) . " from $table");
0877: while ($rows = tep_db_fetch_array ($rows_query)) {
0878: $bakline = "insert into $table (" . implode (", ", $table_list) . ") values (";
0879: reset ($table_list);
0880: while (list (, $i) = each ($table_list)) {
0881: if (!isset ($rows[$i])) {
0882: $bakline .= "NULL, ";
0883: } elseif (($rows[$i] != "") && (strtoupper ($rows[$i]) != "NULL")) {
0884: $row = addslashes ($rows[$i]);
0885: $row = ereg_replace("\n#", "\n".'\#', $row);
0886: $bakline .= "'$row', ";
0887: } else {
0888: $bakline .= "'', ";
0889: }
0890: }
0891: $bakline = ereg_replace (", $", "", $bakline) . ");\n";
0892: fwrite ($bakfilef, $bakline);
0893: }
0894: }
0895: fclose ($bakfilef);
0896: }
0897: }
0898:
0899:
0900: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0901: // Compress a file with the gzip algorithm.
0902: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0903: function opm_FNgzip_file ($opm_gzsource, $opm_gztarget) {
0904: if (function_exists ("gzwrite") && file_exists ($opm_gzsource)) {
0905: $opm_ungzfp = fopen($opm_gzsource, "rb");
0906: $opm_gzfp = gzopen($opm_gztarget, "wb9");
0907: if ($opm_gzfp && $opm_ungzfp) {
0908: while (!feof ($opm_ungzfp)) {
0909: gzwrite ($opm_gzfp, fread ($opm_ungzfp, 65535));
0910: }
0911: @fclose ($opm_ungzfp);
0912: @gzclose ($opm_gzfp);
0913: return (true);
0914: }
0915: else {
0916: @fclose ($opm_ungzfp);
0917: @gzclose ($opm_gzfp);
0918: return (false);
0919: }
0920: }
0921: else {
0922: return (false);
0923: }
0924: }
0925:
0926:
0927: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0928: // Request a page from a web server.
0929: // If using a proxy server, redirect the call thru the proxy.
0930: // %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
0931: function opm_FNget_webpage ($target_url) {
0932: global $opm_useragent, $opm_httpconn_timeout, $opm_cfg_useproxy, $opm_cfg_proxyaddress, $opm_cfg_proxyport;
0933: $opm_http_content = "";
0934: $errno = 0;
0935: $errstr = "";
0936: $urlparts = parse_url ($target_url);
0937: if ($urlparts["host"]) {
0938: @ignore_user_abort (true);
0939: if ($opm_cfg_useproxy) {
0940: $opm_sockconn = @fsockopen ($opm_cfg_proxyaddress, $opm_cfg_proxyport, $errno, $errstr, $opm_httpconn_timeout);
0941: }
0942: else {
0943: $opm_sockconn = @fsockopen ($urlparts["host"], (empty($urlparts["port"]) ? "80" : $urlparts["port"]), $errno, $errstr, $opm_httpconn_timeout);
0944: }
0945: if ($opm_sockconn) {
0946: if ($opm_cfg_useproxy) {
0947: fputs ($opm_sockconn, "GET " . $urlparts["scheme"] . "://" . $urlparts["host"] . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $opm_cfg_proxyaddress . "\r\nUser-Agent: $opm_useragent\r\nPragma: no-cache\r\nConnection: Close\r\n\r\n");
0948: }
0949: else {
0950: fputs ($opm_sockconn, "GET " . $urlparts["path"] . "?" . $urlparts["query"] . " HTTP/1.0\r\nHost: " . $urlparts["host"] . "\r\nUser-Agent: $opm_useragent\r\nConnection: Close\r\n\r\n");
0951: }
0952: while ((!feof($opm_sockconn)) && (!is_readable ($opm_skfilename))) {
0953: $opm_http_content .= fgets ($opm_sockconn, 10240);
0954: }
0955: @fclose ($opm_sockconn);
0956: if (eregi ("HTTP.*200 OK", $opm_http_content)) {
0957: $opm_http_content = str_replace ("\r", "", $opm_http_content);
0958: $opm_http_content = substr ($opm_http_content, strpos ($opm_http_content, "\n\n") + 2);
0959: return ($opm_http_content);
0960: }
0961: }
0962: }
0963: return ("");
0964: }
0965:
0966:
0967:
0968:
0969: ?>
