<?php
/*---------------------------------------------------+
| PHPFusion 6 Content Management System
+----------------------------------------------------+
| Copyright © 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------+
| Database Backup developed by CrappoMan
| email: simonpatterson@dsl.pipex.com
+----------------------------------------------------*/
require_once "../maincore.php";
if (!checkrights("DB") || !defined("iAUTH") || $aid != iAUTH) fallback("../index.php");
if(isset($_POST['btn_create_backup'])){
$user_password = [color=#ff0000]md5([/color]md5($_POST['user_password'])[color=#ff0000])[/color];
if ($user_password != $userdata['user_password']) fallback(FUSION_SELF.$aidlink);
$db_tables = $_POST['db_tables'];
if(count($db_tables)>0){
$crlf = "\n";
ob_start();
@ob_implicit_flush(0);
echo "#----------------------------------------------------------".$crlf;
echo "# PHPFusion SQL Data Dump".$crlf;
echo "# Database Name: $db_name
".$crlf;
echo "# Table Prefix: ".$db_prefix."
".$crlf;
echo "# Date: ".date("d/m/Y H:i")."
".$crlf;
echo "#----------------------------------------------------------".$crlf;
dbquery('SET SQL_QUOTE_SHOW_CREATE=1');
foreach($db_tables as $table){
@set_time_limit(1200);
dbquery("OPTIMIZE TABLE $table");
echo $crlf."#".$crlf."# Structure for Table ".$table."
".$crlf."#".$crlf;
echo "DROP TABLE IF EXISTS $table
;$crlf";
$row=dbarraynum(dbquery("SHOW CREATE TABLE $table"));
echo $row[1].";".$crlf;
$result=dbquery("SELECT * FROM $table");
if($result&&dbrows($result)){
echo $crlf."#".$crlf."# Table Data for ".$table."
".$crlf."#".$crlf;
$column_list="";
$num_fields=mysql_num_fields($result);
for($i=0;$i<$num_fields;$i++){
$column_list.=(($column_list!="")?", ":"")."".mysql_field_name($result,$i)."
";
}
}
while($row=dbarraynum($result)){
$dump="INSERT INTO $table
($column_list) VALUES (";
for($i=0;$i<$num_fields;$i++){
$dump.=($i>0)?", ":"";
if(!isset($row[$i])){
$dump.="NULL";
}elseif($row[$i]=="0"||$row[$i]!=""){
$type=mysql_field_type($result,$i);
if($type=="tinyint"||$type=="smallint"||$type=="mediumint"||$type=="int"||$type=="bigint"||$type=="timestamp"){
$dump.=$row[$i];
}else{
$search_array=array('\\','\'',"\x00","\x0a","\x0d","\x1a");
$replace_array=array('\\\\','\\\'','\0','\n','\r','\Z');
$row[$i]=str_replace($search_array,$replace_array,$row[$i]);
$dump.="'$row[$i]'";
}
}else{
$dump.="''";
}
}
$dump.=');';
echo $dump.$crlf;
}
}
$contents = ob_get_contents();
ob_end_clean();
$file = stripinput($_POST['backup_filename']).".sql";
require_once INCLUDES."class.httpdownload.php";
$dl = new httpdownload;
$dl->use_resume = false;
if ($_POST['backup_type'] == ".gz") {
$dl->set_mime("application/x-gzip gz tgz");
$dl->set_bydata(gzencode($contents,9));
$dl->set_filename($file.".gz");
} else {
$dl->set_mime("text/plain");
$dl->set_bydata($contents);
$dl->set_filename($file);
}
$dl->download();
exit;
}
fallback(FUSION_SELF.$aidlink);
}
require_once BASEDIR."subheader.php";
require_once ADMIN."navigation.php";
include LOCALE.LOCALESET."admin/db-backup.php";
if (!isset($action)) $action = "";
if (!isset($_POST['btn_do_restore']) && $action != "restore") {
$backup_files = makefilelist(ADMIN."db_backups/", ".|..|index.php", true);
if (is_array($backup_files) && count($backup_files) > 0) {
for ($i=0;$i < count($backup_files);$i++) {
@unlink(ADMIN."db_backups/".$backup_files[$i]);
}
}
}
if (isset($_POST['btn_cancel'])) {
@unlink(ADMIN."db_backups/".$_POST['file']);
redirect(FUSION_SELF.$aidlink);
}
if (isset($_POST['btn_do_restore'])) {
$user_password = [color=#ff0000]md5([/color]md5($_POST['user_password'])[color=#ff0000])[/color];
if ($user_password != $userdata['user_password']) {
fallback(FUSION_SELF.$aidlink);
}
...
if(isset($_POST['btn_create_backup'])){
$user_password = md5[b](md5[/b]($_POST['user_password'])[b])[/b];
if (isset($_POST['btn_do_restore'])) {
$user_password = md5[b](md5[/b]($_POST['user_password'])[b])[/b];
if ($user_password != $userdata['user_password']) {
if (isset($_POST['login'])) {
$user_pass = md5($_POST['user_pass']);
$user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_POST['user_name']));
$result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_name='$user_name' AND (user_password='".md5($user_pass)."' OR user_password='$user_pass')");
if (dbrows($result) != 0) {
$data = dbarray($result);
if ($data['user_password'] == $user_pass) {
$result = dbquery("UPDATE ".$db_prefix."users SET user_password='".md5($user_pass)."' WHERE user_id='".$data['user_id']."'");
}
$cookie_value = $data['user_id'].".".$user_pass;
if ($data['user_status'] == 0) {
$cookie_exp = isset($_POST['remember_me']) ? time() + 3600*24*30 : time() + 3600*3;
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie("fusion_user", $cookie_value, $cookie_exp, "/", "", "0");
redirect(BASEDIR."setuser.php?user=".$data['user_name'], "script");
} elseif ($data['user_status'] == 1) {
redirect(BASEDIR."setuser.php?error=1", "script");
} elseif ($data['user_status'] == 2) {
redirect(BASEDIR."setuser.php?error=2", "script");
}
} else {
redirect(BASEDIR."setuser.php?error=3");
}
}
Category Forum
Bugs and Errors - 6Labels
None yet
Statistics
0 participants
Notifications
You are not receiving notifications from this thread.
Related Questions