exit; } // Check if user has rights to access this page if (!SEC_hasRights('dbman.edit')) { // Someone is trying to illegally access this page COM_errorLog("Dbman: Someone has tried to illegally access the Dbman page. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$_SERVER['REMOTE_ADDR']}", 1); $display = COM_siteHeader() . COM_startBlock($LANG_DBMAN['access_denied']) . DBMAN_str('access_denied_msg') . COM_endBlock() . COM_siteFooter(); echo $display; exit; } // Checks if filename contains directory, or if filename ends with '.sql' or '.sql.gz' $filename = COM_applyFilter($_GET['filename']); if ($filename !== basename($filename) || !preg_match('/\\.sql$/i', $filename) && !preg_match('/\\.sql\\.gz$/i', $filename)) { // Invalid file name was designated. COM_errorLog("Invalid file name was designated for download. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$_SERVER['REMOTE_ADDR']}", 1); $display = COM_siteHeader() . COM_startBlock($LANG_DBMAN['access_denied']) . DBMAN_str('invalid_filename') . COM_endBlock() . COM_siteFooter(); echo $display; exit; } // Checks if the file really exists $filename = $_CONF['backup_path'] . $filename; clearstatcache(); if (!file_exists($filename)) { // The designated file doesn't exist COM_errorLog("Dbman: The file you designated doesn't exist. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$_SERVER['REMOTE_ADDR']}", 1); $display = COM_siteHeader() . COM_startBlock($LANG_DBMAN['access_denied']) . $LANG_DBMAN['file_not_found'] . COM_endBlock() . COM_siteFooter(); echo $display; exit; } // Download it! clearstatcache();
$restore_data = $_POST['restore_data']; } if (DBMAN_restore($filename, $restore_structure, $restore_data)) { $display = COM_refresh($_CONF['site_admin_url'] . '/plugins/dbman/index.php') . $display; $display .= '<p style="font-size: 20px; font-weight: bold; color: green;">' . DBMAN_str('resore_success') . '</p>' . COM_siteFooter(1); echo $display; exit; } else { $display .= '<p style="font-size: 20px; font-weight: bold; color: red;">' . DBMAN_str('restore_failure') . '</p>'; } } break; case 'delete': if (isset($_POST['deletefiles'])) { DBMAN_checkToken(); $display .= COM_startBlock(DBMAN_str('ttl_delete_file')); $deletefiles = $_POST['deletefiles']; foreach ($deletefiles as $deletefile) { $result = DBMAN_delete(COM_applyFilter($deletefile)); if ($result) { COM_errorLog("Dbman: successfully deleted {$deletefile}."); $display .= '<span style="color: green;">[success]</span> <strong>' . $deletefile . '</strong><br' . XHTML . '>'; } else { COM_errorLog("Dbman: failed in deleting {$deletefile}."); $display .= '<span style="color: red;">[failure]</span> <strong>' . $deletefile . '</strong><br' . XHTML . '>'; } } $display .= '<p><a href="' . $_CONF['site_admin_url'] . '/plugins/dbman/index.php' . '">Dbman HOME</a></p>' . COM_endBlock(); } break; case 'console':