PHP-Fusion PHP Cross Reference Web Portal Systems

Source: /administration/db_backup.php - 383 lines - 18625 bytes - Summary - Text - Print

   1  <?php
   2  /*-------------------------------------------------------+
   3  | PHP-Fusion Content Management System
   4  | Copyright (C) 2002 - 2011 Nick Jones
   5  | http://www.php-fusion.co.uk/
   6  +--------------------------------------------------------+
   7  | Filename: db_backup.php
   8  | Author: Nick Jones (Digitanium)
   9  +--------------------------------------------------------+
  10  | This program is released as free software under the
  11  | Affero GPL license. You can redistribute it and/or
  12  | modify it under the terms of this license which you
  13  | can read by viewing the included agpl.txt or online
  14  | at www.gnu.org/licenses/agpl.html. Removal of this
  15  | copyright header is strictly prohibited without
  16  | written permission from the original author(s).
  17  +--------------------------------------------------------*/
  18  require_once  "../maincore.php";
  19  
  20  if (!checkrights("DB") || !defined("iAUTH") || !isset($_GET['aid']) || $_GET['aid'] != iAUTH) redirect("../index.php");
  21  
  22  // Unstrip text
  23  function stripsiteinput($text) {
  24      $search = array("&amp;", "&quot;", "&#39;", "&#92;", "&quot;", "&#39;", "&lt;", "&gt;", " ");
  25      $replace = array("", "", "", "", "", "", "", "", "");
  26      $text = str_replace($search, $replace, $text);
  27      return $text;
  28  }
  29  
  30  if (isset($_POST['btn_create_backup'])) {
  31      if (!check_admin_pass(isset($_POST['user_admin_password']) ? stripinput($_POST['user_admin_password']) : "")) {
  32          redirect(FUSION_SELF.$aidlink."&status=pw");
  33      }
  34      $db_tables = $_POST['db_tables'];
  35      if (count($db_tables)) {
  36          $crlf = "\n";
  37          ob_start();
  38          @ob_implicit_flush(0);
  39          echo "#----------------------------------------------------------".$crlf;
  40          echo "# PHP-Fusion SQL Data Dump".$crlf;
  41          echo "# Database Name: `".$db_name."`".$crlf;
  42          echo "# Table Prefix: `".$db_prefix."`".$crlf;
  43          echo "# Date: `".date("d/m/Y H:i")."`".$crlf;
  44          echo "#----------------------------------------------------------".$crlf;
  45          dbquery('SET SQL_QUOTE_SHOW_CREATE=1');
  46          foreach ($db_tables as $table) {
  47              if (!ini_get('safe_mode')) {
  48                  @set_time_limit(1200);
  49              }
  50              dbquery("OPTIMIZE TABLE $table");
  51              echo $crlf."#".$crlf."# Structure for Table `".$table."`".$crlf."#".$crlf;
  52              echo "DROP TABLE IF EXISTS `$table`;$crlf";
  53              $row = dbarraynum(dbquery("SHOW CREATE TABLE $table"));
  54              echo $row[1].";".$crlf;
  55              $result = dbquery("SELECT * FROM $table");
  56              if ($result && dbrows($result)) {
  57                  echo $crlf."#".$crlf."# Table Data for `".$table."`".$crlf."#".$crlf;
  58                  $column_list = "";
  59                  $num_fields= mysql_num_fields($result);
  60                  for ($i = 0; $i < $num_fields; $i++) {
  61                      $column_list .= (($column_list != "") ? ", " : "")."`".mysql_field_name($result, $i)."`";
  62                  }
  63              }
  64              while ($row = dbarraynum($result)) {
  65                  $dump = "INSERT INTO `$table` ($column_list) VALUES (";
  66                  for ($i = 0; $i < $num_fields; $i++) {
  67                      $dump .= ($i > 0) ? ", " : "";
  68                      if (!isset($row[$i])) {
  69                          $dump .= "NULL";
  70                      } elseif ($row[$i] == "0" || $row[$i] != ""){
  71                          $type = mysql_field_type($result, $i);
  72                          if ($type == "tinyint" || $type == "smallint" || $type == "mediumint" || $type == "int" || $type == "bigint"|| $type == "timestamp") {
  73                              $dump .= $row[$i];
  74                          } else {
  75                              $search_array = array('\\', '\'', "\x00", "\x0a", "\x0d", "\x1a");
  76                              $replace_array = array('\\\\', '\\\'', '\0', '\n', '\r', '\Z');
  77                              $row[$i] = str_replace($search_array, $replace_array, $row[$i]);
  78                              $dump .= "'$row[$i]'";
  79                          }
  80                      } else {
  81                      $dump .= "''";
  82                      }
  83                  }
  84                  $dump .= ");";
  85                  echo $dump.$crlf;
  86              }
  87          }
  88          $contents = ob_get_contents();
  89          ob_end_clean();
  90          $file = stripinput($_POST['backup_filename']).".sql";
  91          require_once  INCLUDES."class.httpdownload.php";
  92          $object = new httpdownload;
  93          $object->use_resume = false;
  94          if ($_POST['backup_type'] == ".gz") {
  95               $object->use_resume = false;
  96              $object->set_mime("application/x-gzip gz tgz");
  97              $object->set_bydata(gzencode($contents, 9));
  98              $object->set_filename($file.".gz");
  99          } else {
 100               $object->use_resume = false;
 101              $object->set_mime("text/plain");
 102              $object->set_bydata($contents);
 103              $object->set_filename($file);
 104          }
 105          $object->download();
 106          exit;
 107      }
 108      redirect(FUSION_SELF.$aidlink);
 109  }
 110  
 111  require_once THEMES."templates/admin_header.php";
 112  include LOCALE.LOCALESET."admin/db-backup.php";
 113  
 114  if (isset($_GET['status']) && !isset($message)) {
 115      if ($_GET['status'] == "pw") {
 116          $message = $locale['global_182'];
 117      }
 118      if ($message) {    echo "<div id='close-message'><div class='admin-message'>".$message."</div></div>\n"; }
 119  }
 120  
 121  if (!isset($_POST['btn_do_restore']) && (!isset($_GET['action']) || $_GET['action'] != "restore")) {
 122      $backup_files = makefilelist(ADMIN."db_backups/", ".|..|index.php", true);
 123      if (is_array($backup_files) && count($backup_files) > 0) {
 124          for ($i = 0; $i < count($backup_files); $i++) {
 125              @unlink(ADMIN."db_backups/".$backup_files[$i]);
 126          }
 127      }
 128  }
 129  
 130  if (isset($_POST['btn_do_restore'])) {
 131      if (!check_admin_pass(isset($_POST['user_admin_password']) ? stripinput($_POST['user_admin_password']) : "")) {
 132          redirect(FUSION_SELF.$aidlink."&status=pw");
 133      }
 134      $result = gzfile(ADMIN."db_backups/".$_POST['file']);
 135      if ((preg_match("/# Database Name: `(.+?)`/i", $result[2], $tmp1)) && (preg_match("/# Table Prefix: `(.+?)`/i", $result[3], $tmp2))) {
 136          $restore_tblpre = stripinput($_POST['restore_tblpre']);
 137          $inf_dbname = $tmp1[1];
 138          $inf_tblpre = $tmp2[1];
 139          $result = array_slice($result, 7);
 140          $results = preg_split("/;$/m", implode("",$result));
 141          if (count($_POST['list_tbl']) > 0) {
 142              foreach ($results as $result){
 143                  $result = html_entity_decode($result, ENT_QUOTES);
 144                  if (preg_match("/^DROP TABLE IF EXISTS `(.*?)`/im",$result,$tmp)) {
 145                      $tbl = $tmp[1];
 146                      if (in_array($tbl, $_POST['list_tbl'])) {
 147                          $result = preg_replace("/^DROP TABLE IF EXISTS `$inf_tblpre(.*?)`/im","DROP TABLE IF EXISTS `$restore_tblpre\\1`",$result);
 148                          mysql_unbuffered_query($result);
 149                      }
 150                  }
 151                  if (preg_match("/^CREATE TABLE `(.*?)`/im",$result,$tmp)) {
 152                      $tbl = $tmp[1];
 153                      if (in_array($tbl, $_POST['list_tbl'])) {
 154                          $result = preg_replace("/^CREATE TABLE `$inf_tblpre(.*?)`/im","CREATE TABLE `$restore_tblpre\\1`",$result);
 155                          mysql_unbuffered_query($result);
 156                      }
 157                  }
 158              }
 159          }
 160          if (count($_POST['list_ins'])) {
 161              foreach($results as $result){
 162                  if (preg_match("/INSERT INTO `(.*?)`/i",$result,$tmp)) {
 163                      $ins = $tmp[1];
 164                      if (in_array($ins, $_POST['list_ins'])) {
 165                          $result = preg_replace("/INSERT INTO `$inf_tblpre(.*?)`/i","INSERT INTO `$restore_tblpre\\1`",$result);
 166                          mysql_unbuffered_query($result);
 167                      }
 168                  }
 169              }
 170          }
 171          @unlink(ADMIN."db_backups/temp.txt");
 172          redirect(FUSION_SELF.$aidlink);
 173      } else {
 174          opentable($locale['400']);
 175          echo "<div style='text-align:center'>".$locale['401']."<br /><br />".$locale['402']."<br /><br />\n";
 176          echo "<form action='".FUSION_SELF.$aidlink."' name='frm_info' method='post'>\n";
 177          echo "<input class='button' type='submit' name='btn_cancel' style='width:100px;' value='".$locale['403']."' />\n";
 178          echo "</form>\n</div>\n";
 179          closetable();
 180      }
 181  } elseif (isset($_GET['action']) && $_GET['action'] == "restore") {
 182      if (is_uploaded_file($_FILES['upload_backup_file']['tmp_name'])) {
 183          $temp_rand = rand(1000000, 9999999);
 184          $temp_hash = substr(md5($temp_rand), 8, 8);
 185          $file = "temp_".$temp_hash.".txt";
 186          $backup_name = $_FILES['upload_backup_file']['name'];
 187          move_uploaded_file($_FILES['upload_backup_file']['tmp_name'], ADMIN."db_backups/".$file);
 188          $backup_data = gzfile(ADMIN."db_backups/".$file);
 189      } else {
 190          redirect(FUSION_SELF.$aidlink);
 191      }
 192      $info_dbname = ""; $info_date = ""; $info_tblpref = ""; $info_tbls = array(); $info_ins_cnt = array(); $info_inserts = array();
 193      foreach ($backup_data as $resultline) {
 194          if (preg_match_all("/^# Database Name: `(.*?)`/", $resultline, $resultinfo)) { $info_dbname = $resultinfo[1][0]; }
 195          if (preg_match_all("/^# Table Prefix: `(.*?)`/", $resultline, $resultinfo)) { $info_tblpref = $resultinfo[1][0]; }
 196          if (preg_match_all("/^# Date: `(.*?)`/", $resultline, $resultinfo)) { $info_date = $resultinfo[1][0]; }
 197          if (preg_match_all("/^CREATE TABLE `(.+?)`/i", $resultline, $resultinfo)) { $info_tbls[] = $resultinfo[1][0]; }
 198          if (preg_match_all("/^INSERT INTO `(.+?)`/i", $resultline, $resultinfo)) {
 199              if (!in_array($resultinfo[1][0], $info_inserts)) { $info_inserts[] = $resultinfo[1][0]; }
 200              $info_ins_cnt[] = $resultinfo[1][0];
 201          }
 202      }
 203      $table_opt_list = "";
 204      sort($info_tbls);
 205      foreach ($info_tbls as $key => $info_tbl) {
 206          $table_opt_list .= "<option value='$info_tbl' selected='selected'>".$info_tbl."</option>\n";
 207      }
 208      $insert_ins_cnt = array_count_values($info_ins_cnt);
 209      $insert_opt_list = "";
 210      sort($info_inserts);
 211      foreach ($info_inserts as $key => $info_insert) {
 212          $insert_opt_list .= "<option value='".$info_insert."' selected='selected'>".$info_insert." (".$insert_ins_cnt[$info_insert].")</option>";
 213      }
 214      $maxrows = max(count($info_tbls), count($info_inserts));
 215      opentable($locale['400']);
 216      echo "<script type='text/javascript'>\n<!--\n";
 217      echo "function tableSelectAll(){for(i=0;i<document.restoreform.elements['list_tbl[]'].length;i++){document.restoreform.elements['list_tbl[]'].options[i].selected=true;}}\n";
 218      echo "function tableSelectNone(){for(i=0;i<document.restoreform.elements['list_tbl[]'].length;i++){document.restoreform.elements['list_tbl[]'].options[i].selected=false;}}\n";
 219      echo "function populateSelectAll(){for(i=0;i<document.restoreform.elements['list_ins[]'].length;i++){document.restoreform.elements['list_ins[]'].options[i].selected=true;}}\n";
 220      echo "function populateSelectNone(){for(i=0;i<document.restoreform.elements['list_ins[]'].length;i++){document.restoreform.elements['list_ins[]'].options[i].selected=false;}}\n";
 221      echo "//-->\n</script>\n";
 222      echo "<form name='restoreform' method='post' action='".FUSION_SELF.$aidlink."'>\n";
 223      echo "<table align='center' cellspacing='0' cellpadding='0'>\n<tr>\n";
 224      echo "<td colspan='2' class='tbl2'>".$locale['430']."</td>\n";
 225      echo "</tr>\n<tr>\n";
 226      echo "<td colspan='2' class='tbl'>".$locale['431']." ".$backup_name."</td>\n";
 227      echo "</tr>\n<tr>\n";
 228      echo "<td colspan='2' class='tbl'>".$locale['414']." ".$info_dbname."</td>\n";
 229      echo "</tr>\n<tr>\n";
 230      echo "<td colspan='2' class='tbl'>".$locale['432']." ".$info_date."</td>\n";
 231      echo "</tr>\n<tr>\n";
 232      echo "<td colspan='2' class='tbl'>".$locale['415']." <input class='textbox' type='text' name='restore_tblpre' value='".$info_tblpref."' style='width:150px' /></td>\n";
 233      echo "</tr>\n<tr>\n";
 234      echo "<td valign='top' class='tbl'>".$locale['433']."<br />\n";
 235      echo "<select name='list_tbl[]' id='list_tbl' size='".$maxrows."' class='textbox' style='width:180px;' multiple='multiple'>".$table_opt_list."</select>\n";
 236      echo "<div style='text-align:center'>".$locale['435']." [<a href=\"javascript:void(0)\" onclick=\"javascript:tableSelectAll()\">".$locale['436']."</a>]\n";
 237      echo "[<a href=\"javascript:void(0)\" onclick=\"javascript:tableSelectNone()\">".$locale['437']."</a>]</div></td>\n";
 238      echo "<td valign='top' class='tbl'>".$locale['434']."<br />\n";
 239      echo "<select name='list_ins[]' id='list_ins' size='".$maxrows."' class='textbox' style='width:180px;' multiple='multiple'>".$insert_opt_list."</select>\n";
 240      echo "<div style='text-align:center'>".$locale['435']." [<a href=\"javascript:void(0)\" onclick=\"javascript:populateSelectAll()\">".$locale['436']."</a>]\n";
 241      echo "[<a href=\"javascript:void(0)\" onclick=\"javascript:populateSelectNone()\">".$locale['437']."</a>]</div></td>\n";
 242      echo "</tr>\n<tr>\n";
 243      echo "<td align='center' colspan='2' class='tbl'><hr />".$locale['460']." <span style='color:#ff0000'>*</span>\n";
 244      echo "<input type='password' name='user_admin_password' value='' class='textbox' style='width:150px;' autocomplete='off' /></td>\n";
 245      echo "</tr>\n<tr>\n";
 246      echo "<td align='center' colspan='2' class='tbl'>\n";
 247      echo "<input type='hidden' name='file' value='$file' />\n";
 248      echo "<input class='button' type='submit' name='btn_do_restore' style='width:100px;' value='".$locale['438']."' />\n";
 249      echo "<input class='button' type='submit' name='btn_cancel' style='width:100px;' value='".$locale['439']."' /></td>\n";
 250      echo "</tr>\n</table>\n</form>\n";
 251      closetable();
 252  }else{
 253      $table_opt_list = "";
 254      $result = dbquery("SHOW tables");
 255      while ($row = dbarraynum($result)) {
 256          $table_opt_list .= "<option value='".$row[0]."'";
 257          if (preg_match("/^".DB_PREFIX."/i", $row[0])){
 258              $table_opt_list .= " selected='selected'";
 259          }
 260          $table_opt_list .= ">".$row[0]."</option>\n";
 261      }
 262      opentable($locale['450']);
 263      echo "<script type='text/javascript'>\n<!--\n";
 264      echo "function backupSelectCore(){for(i=0;i<document.backupform.elements['db_tables[]'].length;i++){document.backupform.elements['db_tables[]'].options[i].selected=(document.backupform.elements['db_tables[]'].options[i].text).match(/^$db_prefix/);}}\n";
 265      echo "function backupSelectAll(){for(i=0;i<document.backupform.elements['db_tables[]'].length;i++){document.backupform.elements['db_tables[]'].options[i].selected=true;}}\n";
 266      echo "function backupSelectNone(){for(i=0;i<document.backupform.elements['db_tables[]'].length;i++){document.backupform.elements['db_tables[]'].options[i].selected=false;}}\n";
 267      echo "//-->\n</script>\n";
 268      echo "<form action='".FUSION_SELF.$aidlink."' name='backupform' method='post'>\n";
 269      echo "<table align='center' cellspacing='0' cellpadding='0'>\n<tr>\n";
 270      echo "<td valign='top'>\n";
 271      echo "<table align='center' cellspacing='0' cellpadding='0'>\n<tr>\n";
 272      echo "<td colspan='2' class='tbl2' align='left'>".$locale['451']."</td>\n";
 273      echo "</tr>\n<tr>\n";
 274      echo "<td align='right' class='tbl'>".$locale['414']."</td>\n";
 275      echo "<td class='tbl'>".$db_name."</td>\n";
 276      echo "</tr>\n<tr>\n";
 277      echo "<td align='right' class='tbl'>".$locale['415']."</td>\n";
 278      echo "<td class='tbl'>".$db_prefix."</td>\n";
 279      echo "</tr>\n<tr>\n";
 280      echo "<td align='right' class='tbl'>".$locale['452']."</td>\n";
 281      echo "<td class='tbl'>".parsebytesize(get_database_size(), 2, false)." (".get_table_count()." ".$locale['419'].")</td>\n";
 282      echo "</tr>\n<tr>\n";
 283      echo "<td align='right' class='tbl'>".$locale['453']."</td>\n";
 284      echo "<td class='tbl'>".parsebytesize(get_database_size($db_prefix), 2, false)." (".get_table_count($db_prefix)." ".$locale['419'].")</td>\n";
 285      echo "</tr>\n<tr>\n";
 286      echo "<td align='left' colspan='2' class='tbl2'>".$locale['454']."</td>\n";
 287      echo "</tr>\n<tr>\n";
 288      echo "<td align='right' class='tbl'>".$locale['431']." <span style='color:#ff0000'>*</span></td>\n";
 289      echo "<td class='tbl'><input type='text' name='backup_filename' value='backup_".stripsiteinput($settings['sitename'])."_".date('Y-m-d-Hi')."' class='textbox' style='width:200px;' /></td>\n";
 290      echo "</tr>\n<tr>\n";
 291      echo "<td align='right' class='tbl'>".$locale['455']."</td>\n";
 292      echo "<td class='tbl'><select name='backup_type' class='textbox' style='width:150px;'>\n";
 293      if (function_exists("gzencode")){
 294          echo "<option value='.gz' selected='selected'>.sql.gz ".$locale['456']."</option>\n";
 295      }
 296      echo "<option value='.sql'>.sql</option>\n";
 297      echo "</select></td>\n";
 298      echo "</tr>\n<tr>\n";
 299      echo "<td align='right' class='tbl'>".$locale['460']." <span style='color:#ff0000'>*</span></td>\n";
 300      echo "<td class='tbl'><input type='password' name='user_admin_password' value='' class='textbox' style='width:150px;' autocomplete='off' /></td>\n";
 301      echo "</tr>\n<tr>\n";
 302      echo "<td align='center' colspan='2' class='tbl'><br /><span style='color:#ff0000'>*</span> ".$locale['461']."</td>\n";
 303      echo "</tr>\n</table>\n</td>\n";
 304      echo "<td valign='top'>\n";
 305      echo "<table border='0' cellpadding='0' cellspacing='0'>\n<tr>\n";
 306      echo "<td class='tbl2'>".$locale['457']."</td>\n";
 307      echo "</tr>\n<tr>\n";
 308      echo "<td class='tbl'>\n";
 309      echo "<select name='db_tables[]' id='tablelist' size='17' class='textbox' style='margin:5px 0px' multiple='multiple'>".$table_opt_list."</select>\n";
 310      echo "<div style='text-align:center'>".$locale['435']." [<a href=\"javascript:void(0)\" onclick=\"javascript:backupSelectCore()\">".$locale['458']."</a>]\n";
 311      echo "[<a href=\"javascript:void(0)\" onclick=\"javascript:backupSelectAll()\">".$locale['436']."</a>]\n";
 312      echo "[<a href=\"javascript:void(0)\" onclick=\"javascript:backupSelectNone()\">".$locale['437']."</a>]</div>\n";
 313      echo "</td>\n</tr>\n</table>\n</td>\n";
 314      echo "</tr>\n<tr>\n";
 315      echo "<td align='center' colspan='2' class='tbl'><hr />\n";
 316      echo "<input type='submit' name='btn_create_backup' value='".$locale['459']."' class='button' style='width:100px;' /></td>\n";
 317      echo "</tr>\n</table>\n</form>\n";
 318      closetable();
 319  
 320      opentable($locale['480']);
 321      $file_types = (function_exists("gzencode")) ? ".gz " : ""; // added
 322      echo "<form name='restore' method='post' action='".FUSION_SELF.$aidlink."&amp;action=restore' enctype='multipart/form-data'>\n";
 323      echo "<div style='text-align:center'>".$locale['431']." <input type='file' name='upload_backup_file' class='textbox' /><br />\n";// edited
 324      echo $locale['440']." ".$file_types.".sql<br /><br />\n"; // added
 325      echo "<input class='button' type='submit' name='restore' style='width:100px;' value='".$locale['438']."' />\n";
 326      echo "</div>\n</form>\n";
 327      closetable();
 328  }
 329  
 330  function get_database_size($prefix = ""){
 331      global $db_name;
 332      $db_size = 0;
 333      $result = dbquery("SHOW TABLE STATUS FROM `".$db_name."`");
 334      while ($row = dbarray($result)) {
 335          if (!isset($row['Type'])) { $row['Type'] = ""; }
 336          if (!isset($row['Engine'])) { $row['Engine'] = ""; }
 337          if ((preg_match('/^(MyISAM|ISAM|HEAP|InnoDB)$/i', $row['Type'])) || (preg_match('/^(MyISAM|ISAM|HEAP|InnoDB)$/i', $row['Engine'])) && (preg_match("/^".$prefix."/", $row['Name']))) {
 338              $db_size += $row['Data_length'] + $row['Index_length'];
 339          }
 340      }
 341      return $db_size;
 342  }
 343  
 344  function get_table_count($prefix = ""){
 345      global $db_name;
 346      $tbl_count = 0;
 347      $result = dbquery("SHOW TABLE STATUS FROM `".$db_name."`");
 348      while ($row = dbarray($result)) {
 349          if (!isset($row['Type'])) { $row['Type'] = ""; }
 350          if (!isset($row['Engine'])) { $row['Engine'] = ""; }
 351          if ((preg_match('/^(MyISAM|ISAM|HEAP|InnoDB)$/i', $row['Type'])) || (preg_match('/^(MyISAM|ISAM|HEAP|InnoDB)$/i', $row['Engine'])) && (preg_match("/^".$prefix."/", $row['Name']))) {
 352              $tbl_count++;
 353          }
 354      }
 355      return $tbl_count;
 356  }
 357  
 358  function gzcompressfile($source, $level = false) {
 359      $dest = $source.".gz";
 360      $mode = "wb".$level;
 361      $error = false;
 362      if ($fp_out = gzopen($dest, $mode)) {
 363          if ($fp_in = fopen($source, "rb")) {
 364              while (!feof($fp_in)) {
 365                  gzputs($fp_out, fread($fp_in, 1024 * 512));
 366              }
 367              fclose($fp_in);
 368          } else {
 369              $error = true;
 370          }
 371          gzclose($fp_out);
 372      } else {
 373          $error = true;
 374      }
 375      if ($error) {
 376          return false;
 377      } else {
 378          return $dest;
 379      }
 380  }
 381  
 382  require_once THEMES."templates/footer.php";
 383  ?>

title

Description

title

Description

title

Description

title

title

Body