$upload_error_codes[4] = "No file was uploaded.";
$top_message['content'] = cw_get_langvar_by_name("msg_adm_err_file_upload") . " [" . $_FILES['userfile']['error'] . ": " . $upload_error_codes[$_FILES['userfile']['error']] . "]";
$top_message['type'] = "E";
cw_log_flag('log_database', 'DATABASE', $log_prefix . $top_message['content']);
cw_header_location("index.php?target=db_backup");
}
if ($REQUEST_METHOD == "POST" && $action == "restore" && ($userfile != "none" && $userfile != "" || $_POST['local_file'] && $file_exists)) {
cw_log_flag('log_database', 'DATABASE', $log_prefix . 'Started');
$source_file = "uploaded";
if ($_POST['local_file']) {
if ($fd = cw_fopen($sqldump_file, "r", true)) {
$source_file = "local";
}
}
if ($source_file == "uploaded") {
$userfile = cw_move_uploaded_file("userfile");
} else {
$userfile = $sqldump_file;
}
$fp = cw_fopen($userfile, "rb", true);
if ($fp === false) {
$top_message['content'] = cw_get_langvar_by_name("msg_adm_err_sql_file_not_found");
$top_message['type'] = "E";
cw_log_flag('log_database', 'DATABASE', $log_prefix . cw_get_langvar_by_name("msg_adm_err_sql_file_not_found", false, false, true));
cw_header_location("index.php?target=db_backup");
}
$command = "";
echo cw_get_langvar_by_name("lbl_please_wait", false, false, true) . "<br />\n";
$cmdcnt = 0;
while (!feof($fp)) {
$c = fgets($fp, 1500000);
<?php
$dir_to_unpack = $var_dirs['tmp'] . '/addons';
$addonname =& cw_session_register('addonname');
$files_to_import = array();
$files_to_import = cw_files_get_dir($dir_to_unpack, 2);
if (is_array($files_to_import)) {
$addonname = basename($files_to_import[0]);
} else {
$addonname = '';
}
if ($action == 'upload') {
$file_path = cw_move_uploaded_file('filename');
if (is_file($file_path)) {
cw_rm_dir($dir_to_unpack);
@mkdir($dir_to_unpack);
system('tar -xzf ' . escapeshellarg($file_path) . ' -C ' . $dir_to_unpack);
cw_header_location('index.php?target=addons_manager&action=install');
}
} elseif ($action == 'install') {
$smarty->assign('addonname', $addonname);
}
if (!file_exists($dir_to_unpack . "/{$addonname}/INSTALLED")) {
$smarty->assign('uploaded', $addonname);
}
$smarty->assign('main', 'addons_manager');
<?php
if ($action == 'delete' && is_array($del)) {
cw_load('file_area');
foreach ($del as $file_id => $v) {
cw_file_area_delete('customers_letters', $file_id);
}
cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}");
}
if ($action == 'upload') {
cw_load('file_area');
$data = array();
$data['file_path'] = cw_move_uploaded_file('userfile');
$data['filename'] = basename($_FILES['userfile']['name']);
if ($data['file_path']) {
cw_file_area_save('customers_letters', $user, $data);
}
cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}");
}
$search =& cw_session_register('search');
if (isset($_GET['substring'])) {
$search['letters']['substring'] = $substring;
}
if (isset($_GET['fromdate'])) {
$search['letters']['fromdate'] = cw_core_strtotime($fromdate);
}
if (isset($_GET['dateto'])) {
$search['letters']['todate'] = cw_core_strtotime($todate) + 86399;
}
$conditions = '';
$data = $search['letters'];
cw_close_window();
}
$userfiles_dir = cw_user_get_files_location() . DIRECTORY_SEPARATOR;
if ($REQUEST_METHOD == "POST") {
$data = array();
$userfiles = $_FILES['userfiles'];
if (is_array($userfiles)) {
foreach ($userfiles['tmp_name'] as $index => $userfile) {
if (zerolen($userfile)) {
break;
}
if (cw_is_image_userfile($userfile, $userfiles['size'][$index], $userfiles['type'][$index])) {
$tmp = array();
$tmp['is_copied'] = true;
$tmp['filename'] = strtolower($userfiles['name'][$index]);
$tmp['file_path'] = cw_move_uploaded_file('userfiles', '', $index);
$tmp['source'] = 'S';
$data[] = $tmp;
}
}
}
if (is_array($filenames)) {
foreach ($filenames as $ind => $filename) {
$filename = trim($filename);
if (!zerolen($filename)) {
$tmp = array();
$tmp['file_path'] = $userfiles_dir . $file_paths[$ind];
$tmp['is_copied'] = false;
$tmp['source'] = 'L';
$data[] = $tmp;
}
$top_message = array('content' => $fillerror, 'type' => 'E');
cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}&record_id={$record_id}");
}
if (!$record_id) {
$record_id = cw_array2insert('accounting_records', array('date' => cw_core_get_time()));
}
$to_update = array('customer_id' => $record_data['customer_id'], 'accounting_category_id' => $record_data['accounting_category_id'], 'descr' => $record_data['descr'], 'date_ref' => cw_core_strtotime($record_data['date_ref']), 'bank_code' => $record_data['bank_code'], 'payment_code' => $record_data['payment_code'], 'status' => $record_data['status']);
if (!$record['reference']) {
$to_update['total'] = $record_data['total'];
}
cw_array2update('accounting_records', $to_update, "accounting_record_id='{$record_id}'");
cw_accounting_category_recalc_subcat_count($record_data['accounting_category_id']);
if (count($_FILES)) {
foreach ($_FILES['enfiles']['name'] as $index => $name) {
$data = array();
$data['file_path'] = cw_move_uploaded_file('enfiles', '', $index);
$data['filename'] = basename($name);
if ($data['file_path']) {
cw_file_area_save('accounting_records_files', $record_id, $data);
}
}
}
cw_session_unregister('record_saved_data');
cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}&record_id={$record_id}");
}
if ($action == 'delete_enfile' && $file_id) {
$record_id = cw_query_first_cell("select customer_id from {$tables['accounting_records_files']} where file_id='{$file_id}'");
cw_file_area_delete('accounting_records_files', $file_id);
cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}&record_id={$record_id}");
}
if ($record_saved_data) {
$to_insert = array('keywords' => $data['keywords'], 'author' => $data['author'], 'email' => $data['email'], 'rubrik_id' => $data['rubrik_id'], 'active' => $data['active'], 'comment' => $data['comment'], 'date' => time());
if ($current_language == $config['default_admin_language']) {
$to_insert['thema'] = $data['thema'];
$to_insert['content'] = $data['content'];
}
if (!$field_errors) {
if ($question_id) {
cw_array2update('faq_questions', $to_insert, "question_id='{$question_id}'");
} else {
$question_id = cw_array2insert('faq_questions', $to_insert, "question_id='{$question_id}'");
}
$lng_insert = array('question_id' => $question_id, 'thema' => $data['thema'], 'content' => $data['content'], 'code' => $current_language);
cw_array2insert('faq_questions_lng', $lng_insert, true);
if ($_FILES) {
$data = array();
$data['file_path'] = cw_move_uploaded_file('file', '');
$data['filename'] = $_FILES['file']['name'];
if ($data['file_path']) {
cw_file_area_save('faq_files', $question_id, $data);
}
}
// cw_faq_recalc_counters(array_shift(cw_faq_rubrik_path($to_insert['rubrik_id'])));
$parents = cw_faq_parent_rubriks($to_insert['rubrik_id']);
cw_faq_recalc_counters($parents[0]['rubrik_id']);
cw_header_location('index.php?target=faq&mode=question&question_id=' . $question_id);
}
$saved_question = $to_insert;
cw_header_location('index.php?target=faq&mode=question&error=1&question_id=' . $question_id);
}
if ($error) {
$smarty->assign('question', array_map('stripslashes', $saved_question));
$lngs = cw_query_column("SELECT code FROM {$tables['languages']} GROUP BY code");
}
if ($source == "server" && !empty($localfile)) {
# File is located on the server
$localfile = stripslashes($localfile);
if (cw_allow_file($localfile, true) && is_file($localfile)) {
$import_file = $localfile;
$is_import = true;
} else {
$top_message['content'] = cw_get_langvar_by_name("msg_err_file_wrong");
$top_message['type'] = "E";
$serverfile = $localfile;
cw_header_location("index.php?target=languages");
}
} elseif ($source == "upload" && $import_file && $import_file != "none") {
$import_file = cw_move_uploaded_file("import_file");
$is_import = true;
} else {
$is_import = false;
}
if ($is_import) {
if ($fp = cw_fopen($import_file, "r", true)) {
$lngs = $avail_languages;
while ($columns = fgetcsv($fp, 65536, $delimiter)) {
if (sizeof($columns) >= 4) {
$res = cw_query_first("SELECT * FROM {$tables['languages']} WHERE name='{$columns['0']}' AND {$tables['languages']}.code = '{$new_language}' LIMIT 1");
if ($res) {
db_query("UPDATE {$tables['languages']} SET value='" . addslashes($columns[1]) . "', topic='" . addslashes($columns[3]) . "' WHERE name='{$columns['0']}' AND code='{$new_language}'");
} else {
db_query("INSERT INTO {$tables['languages']} (code, name, value, topic) VALUES ('{$new_language}','{$columns['0']}','" . addslashes($columns[1]) . "','" . addslashes($columns[3]) . "')");
}
if (!$product_id) {
$is_new_product = true;
$product_data['product_id'] = $product_id = cw_array2insert('products', array('productcode' => $product_data['productcode'], 'product_type' => $product_data['product_type']));
if (cw_image_check_posted($file_upload_data['products_images_thumb'])) {
if (!$file_upload_data['products_images_det']) {
cw_image_copy($file_upload_data, 'products_images_thumb', 'products_images_det');
}
cw_image_save($file_upload_data['products_images_thumb'], array('id' => $product_id));
}
if (cw_image_check_posted($file_upload_data['products_images_det'])) {
cw_image_save($file_upload_data['products_images_det'], array('id' => $product_id));
}
} else {
if ($pdf_file_name != 'none' && $pdf_file_name != "") {
$destination = $var_dirs['pdf'] . '/' . $pdf_file_name;
$path = cw_move_uploaded_file('pdf_file', $destination);
if ($path) {
$product_data['pdf_link'] = $var_dirs_web['pdf'] . '/' . $pdf_file_name;
}
}
if (cw_image_check_posted($file_upload_data['products_images_thumb'])) {
cw_image_save($file_upload_data['products_images_thumb'], array('id' => $product_id));
}
if (cw_image_check_posted($file_upload_data['products_images_det'])) {
cw_image_save($file_upload_data['products_images_det'], array('id' => $product_id));
}
if ($fields['thumbnail']) {
cw_group_edit_copy($ge_id, 'products_images_thumb', 'id', $product_id);
}
if ($fields['product_image']) {
cw_group_edit_copy($ge_id, 'products_images_det', 'id', $product_id);
