function backup_tables($host, $user, $pass, $tables = '*', $db) { //get all of the tables if ($tables == '*') { $tables = array(); $result = DB_query('SHOW TABLES', $db); while ($row = DB_fetch_row($result)) { $tables[] = $row[0]; } } else { $tables = is_array($tables) ? $tables : explode(',', $tables); } //cycle through foreach ($tables as $table) { $result = DB_query('SELECT * FROM ' . $table, $db); $num_fields = DB_num_fields($result); $num_rows = DB_num_rows($result); $return .= 'DROP TABLE IF EXISTS ' . $table . ';'; $row2 = DB_fetch_row(DB_query('SHOW CREATE TABLE ' . $table, $db)); $return .= "\n\n" . $row2[1] . ";\n\n"; $return .= 'INSERT INTO ' . $table . ' VALUES'; for ($i = 0; $i < $num_fields; $i++) { $last = 0; while ($row = DB_fetch_row($result)) { $last = $last + 1; $return .= '('; for ($j = 0; $j < $num_fields; $j++) { $row[$j] = addslashes($row[$j]); $row[$j] = ereg_replace("\n", "\\n", $row[$j]); if (isset($row[$j])) { $return .= '"' . $row[$j] . '"'; } else { $return .= '""'; } if ($j < $num_fields - 1 and isset($row[$j])) { $return .= ','; } } if ($last == $num_rows) { $return .= ");\n"; } else { $return .= "),"; } } } $return .= "\n\n\n"; } //save file $handle = fopen('db-backup-' . time() . '-' . md5(implode(',', $tables)) . '.sql', 'w+'); fwrite($handle, $return); fclose($handle); prnMsg(_(' back up successful'), 'success'); }
function module_article_search() { global $months; echo "<!-- start search for article -->"; echo "<table class=\"default_table\"><tr><td colspan=2><div class=\"default_header\">Artikkelsøk</td></tr></div>"; if (isset($_REQUEST['searchtype'])) { $searchtype = $_REQUEST['searchtype']; } if (isset($searchtype)) { if (!isset($_REQUEST['table'])) { $_REQUEST['table'] = ""; } if (!isset($_REQUEST['column'])) { $_REQUEST['column'] = ""; } if (!isset($_REQUEST['condition'])) { $_REQUEST['condition'] = ""; } $table = strip_tags($_REQUEST['table']); $column = strip_tags($_REQUEST['column']); $condition = strip_tags($_REQUEST['condition']); if ($searchtype == "selectquery" && ($table && $column) && $_SESSION['valid_admin']) { if ($condition) { $query = "SELECT " . $_GET['column'] . " FROM " . $_GET['table'] . " WHERE " . stripslashes($_GET['condition']) . ";"; } else { $query = "SELECT " . $_GET['column'] . " FROM " . $_GET['table'] . ";"; } $result = DB_get_table($query); $num_results = DB_rows_affected($result); $field_count = DB_num_fields($result); for ($i = 0; $i < $num_results; $i++) { $row = DB_next_row_numeric($result); echo '<tr><td colspan=2>'; for ($j = 0; $j < $field_count; $j++) { echo strip_tags($row[$j]) . " - "; } $j = 0; echo "</td></tr>"; } } else { if ($searchtype == "commentquery") { global $article_author; $comment_query = "SELECT title,articleid,author_username,author,intro,body,date_posted,time_posted FROM articles WHERE author='" . strip_tags($_GET['author']) . "' AND is_deleted IS NULL AND (is_draft=0 OR is_draft IS NULL) AND (comment_to IS NOT NULL) ORDER BY date_posted, time_posted DESC;"; $result = DB_get_table($comment_query); $num_results = DB_rows_affected($result); if (!$num_results || $num_results == 0) { echo "Fant ingen artikler."; } else { list_articles($result, $num_results); } } elseif ($searchtype == "bymonth") { $month = $_REQUEST['month']; $year = $_REQUEST['year']; $query = "SELECT * FROM articles WHERE (date_posted <= '" . date("Y-m-d") . "' OR (time_posted <= '" . date("H:i") . "' AND date_posted <= '" . date("Y-m-d") . "')) AND date_posted LIKE '" . $year . "-" . $month . "-%' AND is_deleted IS NULL AND comment_to IS NULL AND is_draft IS NULL ORDER BY date_posted DESC, time_posted DESC;\t"; debug($query); $result = DB_get_table($query); $num_rows = DB_rows_affected($result); if ($result && $num_rows > 0) { echo $num_rows . " artikler funnet.<br/>"; list_articles($result, $num_rows); } else { $month += 0; // VERY corny way of converting $month from string to int to remove leading zero echo "Fant ingen artikler fra " . $months[$month] . " " . $year . ".<br/><br/>"; } } else { if ($searchtype == "username") { $query = "SELECT comment_to,title,articleid,author_username,author,intro,body,date_posted,time_posted FROM articles WHERE author_username='******'username']) . "' AND is_deleted IS NULL AND is_draft IS NULL ORDER BY date_posted DESC, time_posted DESC;"; $result = DB_get_table($query); $num_results = DB_rows_affected($result); if (!$num_results || $num_results == 0) { echo "Fant ingen artikler."; } else { list_articles($result, $num_results); } } } } } else { //echo "Ugyldig søk."; } if (isset($_SESSION['valid_admin'])) { echo '<tr><td>'; echo "Altmuligsøk, eksklusivt for admins</td><td>"; form_start_get(); form_hidden("searchtype", "selectquery"); form_hidden("m_c", "module_article_search"); echo "<br/>SELECT "; form_textfield("column", ""); echo "<br/>FROM "; form_textfield("table", ""); echo "<br/>WHERE "; form_textfield("condition", ""); echo "<br/>"; form_submit("submit", "Søk"); form_end(); echo "</td></tr>"; } echo '<tr><td>'; $query = "SELECT firstname,username FROM user;"; $result = DB_get_table($query); $num_results = DB_rows_affected($result); form_start_get(); form_hidden("searchtype", "username"); form_hidden("m_c", "module_article_search"); echo "Vis alle artikler og kommentarer skrevet av forfatter:</td><td>"; echo '<select name="username">'; while ($row = DB_next_row($result)) { echo '<option value="' . $row['username'] . '" >' . $row['firstname'] . " (" . $row['username'] . ')</option>'; } echo '</select>'; form_submit("submit", "Søk"); form_end(); echo '</td></tr>'; echo '<tr><td>'; form_start_get(); form_hidden("searchtype", "commentquery"); form_hidden("m_c", "module_article_search"); echo "Vis alle kommentarer skrevet av forfatter:</td><td>"; form_textfield("author", ""); form_submit("submit", "Søk"); form_end(); echo '</td></tr><tr><td>'; form_start_get(); form_hidden("searchtype", "bymonth"); form_hidden("m_c", "module_article_search"); echo "Vis alle artikler publisert i:</td><td>"; echo '<select name="month">'; for ($i = 1; $i < 10; $i++) { echo '<option value="0' . $i . '">' . $months[$i] . '</option>\\n'; } for ($i = 10; $i < 13; $i++) { echo '<option value="' . $i . '">' . $months[$i] . '</option>\\n'; } echo '</select>'; form_select_number("year", 2004, date("Y"), date("Y")); form_submit("submit", "Søk"); form_end(); echo '</td><tr>'; echo '</table>'; }