$upload_error_codes[4] = "No file was uploaded."; $top_message['content'] = cw_get_langvar_by_name("msg_adm_err_file_upload") . " [" . $_FILES['userfile']['error'] . ": " . $upload_error_codes[$_FILES['userfile']['error']] . "]"; $top_message['type'] = "E"; cw_log_flag('log_database', 'DATABASE', $log_prefix . $top_message['content']); cw_header_location("index.php?target=db_backup"); } if ($REQUEST_METHOD == "POST" && $action == "restore" && ($userfile != "none" && $userfile != "" || $_POST['local_file'] && $file_exists)) { cw_log_flag('log_database', 'DATABASE', $log_prefix . 'Started'); $source_file = "uploaded"; if ($_POST['local_file']) { if ($fd = cw_fopen($sqldump_file, "r", true)) { $source_file = "local"; } } if ($source_file == "uploaded") { $userfile = cw_move_uploaded_file("userfile"); } else { $userfile = $sqldump_file; } $fp = cw_fopen($userfile, "rb", true); if ($fp === false) { $top_message['content'] = cw_get_langvar_by_name("msg_adm_err_sql_file_not_found"); $top_message['type'] = "E"; cw_log_flag('log_database', 'DATABASE', $log_prefix . cw_get_langvar_by_name("msg_adm_err_sql_file_not_found", false, false, true)); cw_header_location("index.php?target=db_backup"); } $command = ""; echo cw_get_langvar_by_name("lbl_please_wait", false, false, true) . "<br />\n"; $cmdcnt = 0; while (!feof($fp)) { $c = fgets($fp, 1500000);
<?php $dir_to_unpack = $var_dirs['tmp'] . '/addons'; $addonname =& cw_session_register('addonname'); $files_to_import = array(); $files_to_import = cw_files_get_dir($dir_to_unpack, 2); if (is_array($files_to_import)) { $addonname = basename($files_to_import[0]); } else { $addonname = ''; } if ($action == 'upload') { $file_path = cw_move_uploaded_file('filename'); if (is_file($file_path)) { cw_rm_dir($dir_to_unpack); @mkdir($dir_to_unpack); system('tar -xzf ' . escapeshellarg($file_path) . ' -C ' . $dir_to_unpack); cw_header_location('index.php?target=addons_manager&action=install'); } } elseif ($action == 'install') { $smarty->assign('addonname', $addonname); } if (!file_exists($dir_to_unpack . "/{$addonname}/INSTALLED")) { $smarty->assign('uploaded', $addonname); } $smarty->assign('main', 'addons_manager');
<?php if ($action == 'delete' && is_array($del)) { cw_load('file_area'); foreach ($del as $file_id => $v) { cw_file_area_delete('customers_letters', $file_id); } cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}"); } if ($action == 'upload') { cw_load('file_area'); $data = array(); $data['file_path'] = cw_move_uploaded_file('userfile'); $data['filename'] = basename($_FILES['userfile']['name']); if ($data['file_path']) { cw_file_area_save('customers_letters', $user, $data); } cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}"); } $search =& cw_session_register('search'); if (isset($_GET['substring'])) { $search['letters']['substring'] = $substring; } if (isset($_GET['fromdate'])) { $search['letters']['fromdate'] = cw_core_strtotime($fromdate); } if (isset($_GET['dateto'])) { $search['letters']['todate'] = cw_core_strtotime($todate) + 86399; } $conditions = ''; $data = $search['letters'];
cw_close_window(); } $userfiles_dir = cw_user_get_files_location() . DIRECTORY_SEPARATOR; if ($REQUEST_METHOD == "POST") { $data = array(); $userfiles = $_FILES['userfiles']; if (is_array($userfiles)) { foreach ($userfiles['tmp_name'] as $index => $userfile) { if (zerolen($userfile)) { break; } if (cw_is_image_userfile($userfile, $userfiles['size'][$index], $userfiles['type'][$index])) { $tmp = array(); $tmp['is_copied'] = true; $tmp['filename'] = strtolower($userfiles['name'][$index]); $tmp['file_path'] = cw_move_uploaded_file('userfiles', '', $index); $tmp['source'] = 'S'; $data[] = $tmp; } } } if (is_array($filenames)) { foreach ($filenames as $ind => $filename) { $filename = trim($filename); if (!zerolen($filename)) { $tmp = array(); $tmp['file_path'] = $userfiles_dir . $file_paths[$ind]; $tmp['is_copied'] = false; $tmp['source'] = 'L'; $data[] = $tmp; }
$top_message = array('content' => $fillerror, 'type' => 'E'); cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}&record_id={$record_id}"); } if (!$record_id) { $record_id = cw_array2insert('accounting_records', array('date' => cw_core_get_time())); } $to_update = array('customer_id' => $record_data['customer_id'], 'accounting_category_id' => $record_data['accounting_category_id'], 'descr' => $record_data['descr'], 'date_ref' => cw_core_strtotime($record_data['date_ref']), 'bank_code' => $record_data['bank_code'], 'payment_code' => $record_data['payment_code'], 'status' => $record_data['status']); if (!$record['reference']) { $to_update['total'] = $record_data['total']; } cw_array2update('accounting_records', $to_update, "accounting_record_id='{$record_id}'"); cw_accounting_category_recalc_subcat_count($record_data['accounting_category_id']); if (count($_FILES)) { foreach ($_FILES['enfiles']['name'] as $index => $name) { $data = array(); $data['file_path'] = cw_move_uploaded_file('enfiles', '', $index); $data['filename'] = basename($name); if ($data['file_path']) { cw_file_area_save('accounting_records_files', $record_id, $data); } } } cw_session_unregister('record_saved_data'); cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}&record_id={$record_id}"); } if ($action == 'delete_enfile' && $file_id) { $record_id = cw_query_first_cell("select customer_id from {$tables['accounting_records_files']} where file_id='{$file_id}'"); cw_file_area_delete('accounting_records_files', $file_id); cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}&record_id={$record_id}"); } if ($record_saved_data) {
$to_insert = array('keywords' => $data['keywords'], 'author' => $data['author'], 'email' => $data['email'], 'rubrik_id' => $data['rubrik_id'], 'active' => $data['active'], 'comment' => $data['comment'], 'date' => time()); if ($current_language == $config['default_admin_language']) { $to_insert['thema'] = $data['thema']; $to_insert['content'] = $data['content']; } if (!$field_errors) { if ($question_id) { cw_array2update('faq_questions', $to_insert, "question_id='{$question_id}'"); } else { $question_id = cw_array2insert('faq_questions', $to_insert, "question_id='{$question_id}'"); } $lng_insert = array('question_id' => $question_id, 'thema' => $data['thema'], 'content' => $data['content'], 'code' => $current_language); cw_array2insert('faq_questions_lng', $lng_insert, true); if ($_FILES) { $data = array(); $data['file_path'] = cw_move_uploaded_file('file', ''); $data['filename'] = $_FILES['file']['name']; if ($data['file_path']) { cw_file_area_save('faq_files', $question_id, $data); } } // cw_faq_recalc_counters(array_shift(cw_faq_rubrik_path($to_insert['rubrik_id']))); $parents = cw_faq_parent_rubriks($to_insert['rubrik_id']); cw_faq_recalc_counters($parents[0]['rubrik_id']); cw_header_location('index.php?target=faq&mode=question&question_id=' . $question_id); } $saved_question = $to_insert; cw_header_location('index.php?target=faq&mode=question&error=1&question_id=' . $question_id); } if ($error) { $smarty->assign('question', array_map('stripslashes', $saved_question));
$lngs = cw_query_column("SELECT code FROM {$tables['languages']} GROUP BY code"); } if ($source == "server" && !empty($localfile)) { # File is located on the server $localfile = stripslashes($localfile); if (cw_allow_file($localfile, true) && is_file($localfile)) { $import_file = $localfile; $is_import = true; } else { $top_message['content'] = cw_get_langvar_by_name("msg_err_file_wrong"); $top_message['type'] = "E"; $serverfile = $localfile; cw_header_location("index.php?target=languages"); } } elseif ($source == "upload" && $import_file && $import_file != "none") { $import_file = cw_move_uploaded_file("import_file"); $is_import = true; } else { $is_import = false; } if ($is_import) { if ($fp = cw_fopen($import_file, "r", true)) { $lngs = $avail_languages; while ($columns = fgetcsv($fp, 65536, $delimiter)) { if (sizeof($columns) >= 4) { $res = cw_query_first("SELECT * FROM {$tables['languages']} WHERE name='{$columns['0']}' AND {$tables['languages']}.code = '{$new_language}' LIMIT 1"); if ($res) { db_query("UPDATE {$tables['languages']} SET value='" . addslashes($columns[1]) . "', topic='" . addslashes($columns[3]) . "' WHERE name='{$columns['0']}' AND code='{$new_language}'"); } else { db_query("INSERT INTO {$tables['languages']} (code, name, value, topic) VALUES ('{$new_language}','{$columns['0']}','" . addslashes($columns[1]) . "','" . addslashes($columns[3]) . "')"); }
if (!$product_id) { $is_new_product = true; $product_data['product_id'] = $product_id = cw_array2insert('products', array('productcode' => $product_data['productcode'], 'product_type' => $product_data['product_type'])); if (cw_image_check_posted($file_upload_data['products_images_thumb'])) { if (!$file_upload_data['products_images_det']) { cw_image_copy($file_upload_data, 'products_images_thumb', 'products_images_det'); } cw_image_save($file_upload_data['products_images_thumb'], array('id' => $product_id)); } if (cw_image_check_posted($file_upload_data['products_images_det'])) { cw_image_save($file_upload_data['products_images_det'], array('id' => $product_id)); } } else { if ($pdf_file_name != 'none' && $pdf_file_name != "") { $destination = $var_dirs['pdf'] . '/' . $pdf_file_name; $path = cw_move_uploaded_file('pdf_file', $destination); if ($path) { $product_data['pdf_link'] = $var_dirs_web['pdf'] . '/' . $pdf_file_name; } } if (cw_image_check_posted($file_upload_data['products_images_thumb'])) { cw_image_save($file_upload_data['products_images_thumb'], array('id' => $product_id)); } if (cw_image_check_posted($file_upload_data['products_images_det'])) { cw_image_save($file_upload_data['products_images_det'], array('id' => $product_id)); } if ($fields['thumbnail']) { cw_group_edit_copy($ge_id, 'products_images_thumb', 'id', $product_id); } if ($fields['product_image']) { cw_group_edit_copy($ge_id, 'products_images_det', 'id', $product_id);