Example #1
0
<?php

/*
  $Id$

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2014 osCommerce

  Released under the GNU General Public License
*/
require '../includes/database_tables.php';
osc_db_connect(trim($_POST['DB_SERVER']), trim($_POST['DB_SERVER_USERNAME']), trim($_POST['DB_SERVER_PASSWORD']));
osc_db_select_db(trim($_POST['DB_DATABASE']));
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_NAME']) . '" where configuration_key = "STORE_NAME"');
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_NAME']) . '" where configuration_key = "STORE_OWNER"');
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '" where configuration_key = "STORE_OWNER_EMAIL_ADDRESS"');
if (!empty($_POST['CFG_STORE_OWNER_NAME']) && !empty($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS'])) {
    osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "\\"' . trim($_POST['CFG_STORE_OWNER_NAME']) . '\\" <' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '>" where configuration_key = "EMAIL_FROM"');
} else {
    osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '" where configuration_key = "EMAIL_FROM"');
}
if (!empty($_POST['CFG_ADMINISTRATOR_USERNAME'])) {
    $check_query = osc_db_query('select user_name from ' . TABLE_ADMINISTRATORS . ' where user_name = "' . trim($_POST['CFG_ADMINISTRATOR_USERNAME']) . '"');
    if (osc_db_num_rows($check_query)) {
        osc_db_query('update ' . TABLE_ADMINISTRATORS . ' set user_password = "******" where user_name = "' . trim($_POST['CFG_ADMINISTRATOR_USERNAME']) . '"');
    } else {
        osc_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (user_name, user_password) values ("' . trim($_POST['CFG_ADMINISTRATOR_USERNAME']) . '", "' . osc_encrypt_password(trim($_POST['CFG_ADMINISTRATOR_PASSWORD'])) . '")');
    }
}
Example #2
0
<?php

/*
  $Id: $

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2007 osCommerce

  Released under the GNU General Public License
*/
require '../includes/database_tables.php';
osc_db_connect($HTTP_POST_VARS['DB_SERVER'], $HTTP_POST_VARS['DB_SERVER_USERNAME'], $HTTP_POST_VARS['DB_SERVER_PASSWORD']);
osc_db_select_db($HTTP_POST_VARS['DB_DATABASE']);
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_NAME'] . '" where configuration_key = "STORE_NAME"');
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_OWNER_NAME'] . '" where configuration_key = "STORE_OWNER"');
osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '" where configuration_key = "STORE_OWNER_EMAIL_ADDRESS"');
if (!empty($HTTP_POST_VARS['CFG_STORE_OWNER_NAME']) && !empty($HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'])) {
    osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "\\"' . $HTTP_POST_VARS['CFG_STORE_OWNER_NAME'] . '\\" <' . $HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '>" where configuration_key = "EMAIL_FROM"');
}
$check_query = osc_db_query('select user_name from ' . TABLE_ADMINISTRATORS . ' where user_name = "' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '"');
if (osc_db_num_rows($check_query)) {
    osc_db_query('update ' . TABLE_ADMINISTRATORS . ' set user_password = "******" where user_name = "' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '"');
} else {
    osc_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (user_name, user_password) values ("' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '", "' . osc_encrypt_string(trim($HTTP_POST_VARS['CFG_ADMINISTRATOR_PASSWORD'])) . '")');
}
?>

<div class="mainBlock">
  <div class="stepsBox">
Example #3
0
  Copyright (c) 2003 osCommerce

  Released under the GNU General Public License
*/
?>

<p class="pageTitle">Upgrade</p>

<?php 
$db = array();
$db['DB_SERVER'] = trim(stripslashes($_POST['DB_SERVER']));
$db['DB_SERVER_USERNAME'] = trim(stripslashes($_POST['DB_SERVER_USERNAME']));
$db['DB_SERVER_PASSWORD'] = trim(stripslashes($_POST['DB_SERVER_PASSWORD']));
$db['DB_DATABASE'] = trim(stripslashes($_POST['DB_DATABASE']));
osc_db_connect($db['DB_SERVER'], $db['DB_SERVER_USERNAME'], $db['DB_SERVER_PASSWORD']);
osc_db_select_db($db['DB_DATABASE']);
function osc_get_languages()
{
    $languages_query = osc_db_query("select languages_id, name, code, image, directory from languages order by sort_order");
    while ($languages = osc_db_fetch_array($languages_query)) {
        $languages_array[] = array('id' => $languages['languages_id'], 'name' => $languages['name'], 'code' => $languages['code'], 'image' => $languages['image'], 'directory' => $languages['directory']);
    }
    return $languages_array;
}
function osc_currency_format($number, $calculate_currency_value = true, $currency_code = DEFAULT_CURRENCY, $value = '')
{
    $currency_query = osc_db_query("select symbol_left, symbol_right, decimal_point, thousands_point, decimal_places, value from currencies where code = '" . $currency_code . "'");
    $currency = osc_db_fetch_array($currency_query);
    if ($calculate_currency_value == true) {
        if (strlen($currency_code) == 3) {
            if ($value) {
Example #4
0
$length2 = strlen($_SERVER['PHP_SELF']) - strlen('install/install.php');
$folder = substr($_SERVER['PHP_SELF'], 0, $length2);
//$folder = str_replace("/"," ",$folder);
$baseURL = substr($baseURL, 0, $length);
$mysqlHost = '';
$mysqlUname = '';
$mysqlPass = '';
$mysqlDB = '';
if (isset($_POST['submit']) && $_POST['submit'] == 'Submit' && trim($_POST['base_url']) != '' && trim($_POST['mysql_host']) != '' && trim($_POST['mysql_uname']) != '' && trim($_POST['mysql_db']) != '') {
    $error = '';
    $link = @osc_db_connect(trim($_POST['mysql_host']), trim($_POST['mysql_uname']), trim($_POST['mysql_password']));
    if (!$link) {
        $error = 'Could not connect to the host specified. Error: ' . mysql_error();
    } else {
        //Connected successfully
        $db_selected = @osc_db_select_db(trim($_POST['mysql_db']));
        if (!$db_selected) {
            $error = $error . '<BR>Can\'t use the database specified. Error: ' . mysql_error();
        }
        //mysql_close($link);
    }
    $baseURL = trim($_POST['base_url']);
    $mysqlHost = trim($_POST['mysql_host']);
    $mysqlUname = trim($_POST['mysql_uname']);
    $mysqlPass = trim($_POST['mysql_password']);
    $mysqlDB = trim($_POST['mysql_db']);
    if ($error == '') {
        $basePath = dirname(__FILE__);
        $db_error = false;
        $sql_file = $basePath . '/cogzidel.sql';
        osc_set_time_limit(0);
Example #5
0
<?php

session_start();
include "db.php";
if (isset($_POST['submit']) && $_POST['submit'] == 'Submit' && trim($_POST['site_title']) != '' && trim($_POST['site_admin_mail']) != '' && trim($_POST['admin_password']) != '') {
    osc_db_connect($_SESSION['mysql_host'], $_SESSION['mysql_uname'], $_SESSION['mysql_password']);
    osc_db_select_db($_SESSION['mysql_db']);
    osc_db_query('update settings set string_value = "' . trim($_POST['site_title']) . '",created = "' . time() . '" where code = "SITE_TITLE"');
    osc_db_query('update settings set string_value = "' . trim($_POST['site_admin_mail']) . '",created = "' . time() . '" where code = "SITE_ADMIN_MAIL"');
    osc_db_query('update settings set string_value = "' . trim($_SESSION['baseurl']) . '",created = "' . time() . '" where code = "BASE_URL"');
    //echo 'select admin_name from admins where admin_name = "' . trim($HTTP_POST_VARS['admin_name']) . '"';exit;
    $check_query = osc_db_query('select admin_name from admins where admin_name = "' . trim($_POST['admin_name']) . '"');
    if (osc_db_num_rows($check_query)) {
        osc_db_query('update admins set password = "******" where admin_name = "' . trim($_POST['admin_name']) . '"');
    } else {
        osc_db_query('insert into admins set admin_name = "' . trim($_POST['admin_name']) . '", password = "******"');
    }
    header('Location: complete.php');
} elseif (isset($_POST['submit']) && $_POST['submit'] == 'Submit') {
    $site_title = trim($_POST['site_title']);
    $site_admin_mail = trim($_POST['site_admin_mail']);
    $admin_name = trim($_POST['admin_name']);
    $admin_password = trim(md5($_POST['admin_password']));
    $error = 'All the fields are required';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link href="css/common.css" rel="stylesheet" type="text/css" /> 
Example #6
0
<?php

session_start();
error_reporting(0);
require_once "../app/config/config.php";
include "db.php";
if ($config['hostname'] != '' && $config['db_username'] != '' && $config['db'] != '') {
    $link = @osc_db_connect(trim($config['hostname']), trim($config['db_username']), trim($config['db_password']));
    if (!$link) {
        $error = 'Could not connect to the host specified. Error: ' . mysql_error();
    } else {
        //Connected successfully
        $db_selected = @osc_db_select_db(trim($config['db']));
        if (!$db_selected) {
            $error = $error . '<BR>Can\'t use the database specified. Error: ' . mysql_error();
        }
        //mysql_close($link);
    }
    //echo $error;exit;
    $sql = " SHOW TABLES FROM " . trim($config['db']);
    $result = osc_db_query($sql);
    if (!$result) {
        echo "DB Error, could not list tables\n";
        echo 'MySQL Error: ' . mysql_error();
        exit;
    }
    $numtable = osc_db_num_rows($result);
    mysql_free_result($result);
    if ($numtable > 0) {
        header("Location: ../");
    }
Example #7
0
function osc_db_install($database, $sql_file)
{
    global $db_error;
    $db_error = false;
    if (!@osc_db_select_db($database)) {
        if (@osc_db_query('create database ' . $database)) {
            osc_db_select_db($database);
        } else {
            $db_error = mysql_error();
        }
    }
    if (!$db_error) {
        if (file_exists($sql_file)) {
            $fd = fopen($sql_file, 'rb');
            $restore_query = fread($fd, filesize($sql_file));
            fclose($fd);
        } else {
            $db_error = 'SQL file does not exist: ' . $sql_file;
            return false;
        }
        $sql_array = array();
        $sql_length = strlen($restore_query);
        $pos = strpos($restore_query, ';');
        for ($i = $pos; $i < $sql_length; $i++) {
            if ($restore_query[0] == '#') {
                $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n")));
                $sql_length = strlen($restore_query);
                $i = strpos($restore_query, ';') - 1;
                continue;
            }
            if ($restore_query[$i + 1] == "\n") {
                for ($j = $i + 2; $j < $sql_length; $j++) {
                    if (trim($restore_query[$j]) != '') {
                        $next = substr($restore_query, $j, 6);
                        if ($next[0] == '#') {
                            // find out where the break position is so we can remove this line (#comment line)
                            for ($k = $j; $k < $sql_length; $k++) {
                                if ($restore_query[$k] == "\n") {
                                    break;
                                }
                            }
                            $query = substr($restore_query, 0, $i + 1);
                            $restore_query = substr($restore_query, $k);
                            // join the query before the comment appeared, with the rest of the dump
                            $restore_query = $query . $restore_query;
                            $sql_length = strlen($restore_query);
                            $i = strpos($restore_query, ';') - 1;
                            continue 2;
                        }
                        break;
                    }
                }
                if ($next == '') {
                    // get the last insert query
                    $next = 'insert';
                }
                if (eregi('create', $next) || eregi('insert', $next) || eregi('drop t', $next)) {
                    $next = '';
                    $sql_array[] = substr($restore_query, 0, $i);
                    $restore_query = ltrim(substr($restore_query, $i + 1));
                    $sql_length = strlen($restore_query);
                    $i = strpos($restore_query, ';') - 1;
                }
            }
        }
        osc_db_query("drop table if exists address_book, address_format, banners, banners_history, categories, categories_description, configuration, configuration_group, counter, counter_history, countries, currencies, customers, customers_basket, customers_basket_attributes, customers_info, languages, manufacturers, manufacturers_info, orders, orders_products, orders_status, orders_status_history, orders_products_attributes, orders_products_download, products, products_attributes, products_attributes_download, prodcts_description, products_options, products_options_values, products_options_values_to_products_options, products_to_categories, reviews, reviews_description, sessions, specials, tax_class, tax_rates, geo_zones, whos_online, zones, zones_to_geo_zones");
        for ($i = 0; $i < sizeof($sql_array); $i++) {
            osc_db_query($sql_array[$i]);
        }
    } else {
        return false;
    }
}
Example #8
0
function osc_db_install($database, $sql_file, $link = 'db_link')
{
    global ${$link}, $db_error;
    $db_error = false;
    if (!@osc_db_select_db($database)) {
        if (@osc_db_query('create database ' . $database)) {
            osc_db_select_db($database);
        } else {
            $db_error = mysqli_error(${$link});
        }
    }
    if (!$db_error) {
        if (file_exists($sql_file)) {
            $fd = fopen($sql_file, 'rb');
            $restore_query = fread($fd, filesize($sql_file));
            fclose($fd);
        } else {
            $db_error = 'SQL Datei existiert nicht: ' . $sql_file;
            return false;
        }
        $sql_array = array();
        $sql_length = strlen($restore_query);
        $pos = strpos($restore_query, ';');
        for ($i = $pos; $i < $sql_length; $i++) {
            if ($restore_query[0] == '#') {
                $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n")));
                $sql_length = strlen($restore_query);
                $i = strpos($restore_query, ';') - 1;
                continue;
            }
            if ($restore_query[$i + 1] == "\n") {
                for ($j = $i + 2; $j < $sql_length; $j++) {
                    if (trim($restore_query[$j]) != '') {
                        $next = substr($restore_query, $j, 6);
                        if ($next[0] == '#') {
                            // find out where the break position is so we can remove this line (#comment line)
                            for ($k = $j; $k < $sql_length; $k++) {
                                if ($restore_query[$k] == "\n") {
                                    break;
                                }
                            }
                            $query = substr($restore_query, 0, $i + 1);
                            $restore_query = substr($restore_query, $k);
                            // join the query before the comment appeared, with the rest of the dump
                            $restore_query = $query . $restore_query;
                            $sql_length = strlen($restore_query);
                            $i = strpos($restore_query, ';') - 1;
                            continue 2;
                        }
                        break;
                    }
                }
                if ($next == '') {
                    // get the last insert query
                    $next = 'insert';
                }
                if (preg_match('/create/i', $next) || preg_match('/insert/i', $next) || preg_match('/drop t/i', $next)) {
                    $next = '';
                    $sql_array[] = substr($restore_query, 0, $i);
                    $restore_query = ltrim(substr($restore_query, $i + 1));
                    $sql_length = strlen($restore_query);
                    $i = strpos($restore_query, ';') - 1;
                }
            }
        }
        for ($i = 0; $i < sizeof($sql_array); $i++) {
            if (!osc_db_query($sql_array[$i])) {
                $db_error = mysqli_error(${$link});
                return false;
            }
        }
    } else {
        return false;
    }
}
Example #9
0
function osc_db_install($database, $sql_file)
{
    global $db_error;
    $db_error = false;
    if (!@osc_db_select_db($database)) {
        if (@osc_db_query('create database ' . $database)) {
            osc_db_select_db($database);
        } else {
            $db_error = mysql_error();
        }
    }
    if (!$db_error) {
        if (file_exists($sql_file)) {
            $fd = fopen($sql_file, 'rb');
            $restore_query = fread($fd, filesize($sql_file));
            fclose($fd);
        } else {
            $db_error = 'SQL file does not exist: ' . $sql_file;
            return false;
        }
        $sql_array = array();
        $sql_length = strlen($restore_query);
        $pos = strpos($restore_query, ';');
        for ($i = $pos; $i < $sql_length; $i++) {
            if ($restore_query[0] == '#') {
                $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n")));
                $sql_length = strlen($restore_query);
                $i = strpos($restore_query, ';') - 1;
                continue;
            }
            if ($restore_query[$i + 1] == "\n") {
                for ($j = $i + 2; $j < $sql_length; $j++) {
                    if (trim($restore_query[$j]) != '') {
                        $next = substr($restore_query, $j, 6);
                        if ($next[0] == '#') {
                            // find out where the break position is so we can remove this line (#comment line)
                            for ($k = $j; $k < $sql_length; $k++) {
                                if ($restore_query[$k] == "\n") {
                                    break;
                                }
                            }
                            $query = substr($restore_query, 0, $i + 1);
                            $restore_query = substr($restore_query, $k);
                            // join the query before the comment appeared, with the rest of the dump
                            $restore_query = $query . $restore_query;
                            $sql_length = strlen($restore_query);
                            $i = strpos($restore_query, ';') - 1;
                            continue 2;
                        }
                        break;
                    }
                }
                if ($next == '') {
                    // get the last insert query
                    $next = 'insert';
                }
                if (stristr($next, 'create') || stristr($next, 'insert') || stristr($next, 'drop t')) {
                    $next = '';
                    $sql_array[] = substr($restore_query, 0, $i);
                    $restore_query = ltrim(substr($restore_query, $i + 1));
                    $sql_length = strlen($restore_query);
                    $i = strpos($restore_query, ';') - 1;
                }
            }
        }
        osc_db_query("drop table if exists `admin`, `amnities`, `ci_sessions`, `list`, `login_attempts`, `paywhom`, `permissions`, `price`, `profiles`, `reservation`, `roles`, `users`, `user_autologin`, `user_profile`, `user_temp`");
        for ($i = 0; $i < sizeof($sql_array); $i++) {
            osc_db_query($sql_array[$i]);
        }
    } else {
        return false;
    }
}
Example #10
0
function osc_db_install($database, $sql_file)
{
    global $db_error;
    $db_error = false;
    if (!@osc_db_select_db($database)) {
        if (@osc_db_query('create database ' . $database)) {
            osc_db_select_db($database);
        } else {
            $db_error = mysql_error();
        }
    }
    if (!$db_error) {
        if (file_exists($sql_file)) {
            $fd = fopen($sql_file, 'rb');
            $restore_query = fread($fd, filesize($sql_file));
            fclose($fd);
        } else {
            $db_error = 'SQL file does not exist: ' . $sql_file;
            return false;
        }
        $sql_array = array();
        $sql_length = strlen($restore_query);
        $pos = strpos($restore_query, ';');
        for ($i = $pos; $i < $sql_length; $i++) {
            if ($restore_query[0] == '#') {
                $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n")));
                $sql_length = strlen($restore_query);
                $i = strpos($restore_query, ';') - 1;
                continue;
            }
            if ($restore_query[$i + 1] == "\n") {
                for ($j = $i + 2; $j < $sql_length; $j++) {
                    if (trim($restore_query[$j]) != '') {
                        $next = substr($restore_query, $j, 6);
                        if ($next[0] == '#') {
                            // find out where the break position is so we can remove this line (#comment line)
                            for ($k = $j; $k < $sql_length; $k++) {
                                if ($restore_query[$k] == "\n") {
                                    break;
                                }
                            }
                            $query = substr($restore_query, 0, $i + 1);
                            $restore_query = substr($restore_query, $k);
                            // join the query before the comment appeared, with the rest of the dump
                            $restore_query = $query . $restore_query;
                            $sql_length = strlen($restore_query);
                            $i = strpos($restore_query, ';') - 1;
                            continue 2;
                        }
                        break;
                    }
                }
                if ($next == '') {
                    // get the last insert query
                    $next = 'insert';
                }
                if (eregi('create', $next) || eregi('insert', $next) || eregi('drop t', $next)) {
                    $next = '';
                    $sql_array[] = substr($restore_query, 0, $i);
                    $restore_query = ltrim(substr($restore_query, $i + 1));
                    $sql_length = strlen($restore_query);
                    $i = strpos($restore_query, ';') - 1;
                }
            }
        }
        osc_db_query("drop table if exists `admins`, `bans`, `bids`, `bookmark`, `categories`, `contacts`, `country`, `draftprojects`, `email_templates`, `escrow_release_request`, `faqs`, `faq_categories`, `files`, `groups`, `ipn_return`, `messages`, `page`, `payments`, `popular_search`, `portfolio`, `projects`, `project_invitation`, `rating_hold`, `report_violation`, `reviews`, `roles`, `sessions`, `settings`, `transactions`, `users`, `user_balance`, `user_categories`, `user_contacts`, `user_list`");
        for ($i = 0; $i < sizeof($sql_array); $i++) {
            osc_db_query($sql_array[$i]);
        }
    } else {
        return false;
    }
}