function lcm_panic($message) { global $lcm_version, $lcm_db_version; function lcm_ini_get($param) { $ret = ini_get($param); return $ret ? $ret : 'n/a'; } echo "<p>" . _T('warning_panic_is_useful') . "</p>\n"; $error = "[INTERNAL] (v" . $lcm_version . "-db" . $lcm_db_version . ", PHP v" . PHP_VERSION . ")\n"; $error .= "Server: " . $_SERVER['SERVER_SOFTWARE'] . "\n"; if (function_exists('lcm_sql_server_info')) { $error .= "SQL server: " . lcm_sql_server_info() . "\n"; } else { $error .= "SQL server: not yet connected\n"; } $error .= "Referer: " . $_SERVER['HTTP_REFERER'] . "\n"; $error .= "Request: " . $_SERVER['REQUEST_METHOD'] . " " . $_SERVER['REQUEST_URI'] . "\n"; $error .= "Error: " . $message . "\n"; // Show DB version in meta cache $error .= "Version-DB: " . read_meta('lcm_db_version') . " (in cache)\n"; // Show existence + size of cache, in case it doesnt exist, or there were // problems while generating it (i.e. it will be less than 30kb) if (include_data_exists('inc_meta_cache')) { if (isset($_SERVER['LcmDataDir'])) { $prefix = $_SERVER['LcmDataDir'] . '/'; } else { $prefix = 'inc/data/'; } $error .= "inc_meta_cache: exists (" . filesize($prefix . 'inc_meta_cache.php') . " bytes)\n"; } else { $error .= "inc_meta_cache: does NOT exists\n"; } $check_confs = array('safe_mode', 'safe_mode_gid', 'safe_mode_include_dir', 'safe_mode_exec_dir', 'open_basedir', 'disable_functions'); foreach ($check_confs as $conf) { $error .= $conf . ': ' . lcm_ini_get($conf) . "\n"; } if ($GLOBALS['debug']) { $error .= "cookie_prefix: " . $GLOBALS['cookie_prefix'] . "\n"; $error .= "table_prefix: " . $GLOBALS['table_prefix'] . "\n"; $error .= "_GET: " . get_var_dump($_GET) . "\n"; $error .= "_POST: " . get_var_dump($_POST) . "\n"; $error .= "_COOKIE: " . get_var_dump($_COOKIE) . "\n"; $error .= "_SERVER: " . get_var_dump($_SERVER) . "\n"; $error .= "included_files: " . get_var_dump($GLOBALS['included_files']) . "\n"; $error .= "meta: " . get_var_dump($GLOBALS['meta']) . "\n"; } // Too much paranoia? I am not even sure if we can inject code // either XSS or shellcode .. but should not hurt.. $error = htmlspecialchars($error); // Make different lcm_getbacktrace() calls to avoid html in logs lcm_log($error . lcm_getbacktrace(false) . "END OF REPORT\n"); die("<pre>" . $error . " " . lcm_getbacktrace() . "END OF REPORT\n</pre>"); }
function export_database($output_filename = '', $ignore_old = false) { global $tabs; $output_filename = clean_input($output_filename); if (!$output_filename) { $output_filename = "lcm-" . date('Ymd'); } // // Check if file exists. If exists, add a revision number to name (ex: foo-2) // $cpt = 0; while (file_exists(DIR_BACKUPS_PREFIX . $output_filename . ($cpt ? "-" . $cpt : ''))) { $cpt++; } if ($cpt) { $output_filename .= "-" . $cpt; } // // Export database // if (!mkdir(DIR_BACKUPS_PREFIX . $output_filename, 0777)) { lcm_panic("Could not create " . DIR_BACKUPS_PREFIX . $output_filename); } // Record database version $file = fopen(DIR_BACKUPS_PREFIX . $output_filename . '/db-version', 'w'); fwrite($file, read_meta('lcm_db_version')); fclose($file); // Get the list of tables in the database $q = "SHOW TABLES"; $result = lcm_query($q); while ($row = lcm_fetch_array($result)) { // Backup table structure $q = "SHOW CREATE TABLE " . $row[0]; $res = lcm_query($q); $sql = lcm_fetch_row($res); $file = fopen(DIR_BACKUPS_PREFIX . $output_filename . '/' . $row[0] . ".structure", 'w'); fwrite($file, $sql[1]); fclose($file); // Backup data $q = "SELECT * FROM " . $row[0] . "\n\t\t\t\tINTO OUTFILE '" . DIR_BACKUPS_PREFIX . $output_filename . '/' . $row[0] . DATA_EXT_NAME . "'\n\t\t\t\tFIELDS TERMINATED BY ','\n\t\t\t\t\tOPTIONALLY ENCLOSED BY '\"'\n\t\t\t\t\tESCAPED BY '\\\\'\n\t\t\t\tLINES TERMINATED BY '\r\n'"; $res = lcm_query($q, true); if (!$res) { die("<p>Configuration error: please make sure that your MySQL user\n\t\t\thas 'File_priv' = 'Y'. For example, in phpmyadmin or using the\n\t\t\tcommand line mysql tool, go to the mysql.user table, and update\n\t\t\tthe File_priv of your LCM database account. Do not forget to\n\t\t\texecute 'flush privileges' afterwards. For more information,\n\t\t\tplease refer to: <a href='http://www.lcm.ngo-bg.org/article147.html'>http://www.lcm.ngo-bg.org/article147.html</a></p>"); // TRAD } } // By default, in most installations, directory will have 0777 mode // and will be owned by the Apache process' user. chmod(DIR_BACKUPS_PREFIX . $output_filename, 0700); @(include "Archive/Tar.php"); $tar_worked = false; if (class_exists("Archive_Tar")) { $tar_worked = true; $old_cwd = getcwd(); chdir(DIR_BACKUPS); $tar_object = new Archive_Tar(FILE_PREFIX . $output_filename . '.tar'); $files = array(); $file_dir = opendir(FILE_PREFIX . $output_filename); if (!$file_dir) { lcm_panic("Could not open dir: {$file_dir}"); } while ($file = readdir($file_dir)) { if (is_file(FILE_PREFIX . $output_filename . '/' . $file)) { $files[] = FILE_PREFIX . $output_filename . '/' . $file; } } if (count($files)) { $tar_object->setErrorHandling(PEAR_ERROR_PRINT); $tar_object->create($files) or lcm_panic("Could not add files " . get_var_dump($files)); } chdir($old_cwd); } // // Finished // lcm_page_start(_T('title_archives'), '', '', 'archives_export'); show_tabs_links($tabs, 0); echo '<div class="sys_msg_box">' . "\n"; if ($tar_worked) { $name = '<a class="content_link" href="export_db.php?action=download&file=' . $output_filename . '.tar">' . $output_filename . '.tar' . '</a> (' . filesize_in_bytes(DIR_BACKUPS_PREFIX . $output_filename . '.tar') . ')'; echo _T('archives_info_new_success', array('name' => $name)); } else { echo _T('archives_info_new_success', array('name' => $output_filename)); } echo "</div>\n"; show_export_form_partial(); lcm_page_end(); }