/** * recursively delete a directory * * @param string $directory directory to check * * @return null */ public static function delete($directory) { if (is_dir($directory)) { $objects = scandir($directory); foreach ($objects as $object) { if ($object != '.' && $object != '..') { if (is_dir($directory . '/' . $object)) { CoreDirectory::delete($directory . '/' . $object); } else { unlink($directory . '/' . $object); } } } reset($objects); rmdir($directory); } }
* @package None * @subpackage Form * @author Kae Verens <*****@*****.**> * @license GPL Version 2 * @link www.kvweb.me */ $session_id = @$_POST['PHPSESSID']; session_id($session_id); require '../../../ww.incs/basics.php'; $dir = USERBASE . '/f/.files/forms/'; if (!is_dir($dir)) { // make forms dir mkdir($dir); } $dir .= $session_id . '/'; if (!is_dir($dir)) { // make dir named after $session_id mkdir($dir); } // { make sure too many files aren't being uploaded $size = CoreDirectory::getSize($dir); if ($size > 52428800) { // greater than 50mb CoreDirectory::delete($dir); Core_quit(__('Deleted')); } // } if (isset($_FILES['file-upload'])) { move_uploaded_file($_FILES['file-upload']['tmp_name'], $dir . $_FILES['file-upload']['name']); } echo __('Upload');
`cd {$ubase} && zip -r {$dir}/files.zip f`; $theme = $DBVARS['theme']; `cd {$ubase} && zip -r {$dir}/theme.zip themes-personal/{$theme}`; $tables = dbAll('show tables'); mkdir($dir . '/db'); foreach ($tables as $table) { foreach ($table as $k => $v) { mkdir($dir . '/db/' . $v); $count = dbOne('select count(*) as cnt from ' . $v, 'cnt'); for ($i = 0; $i < $count; $i += 100) { $data = dbAll('select * from `' . $v . '` limit ' . $i . ', 100'); file_put_contents($dir . '/db/' . $v . '/' . $i / 100 . '.json', json_encode($data)); } } } require CONFIG_FILE; unset($DBVARS['username']); unset($DBVARS['password']); unset($DBVARS['hostname']); unset($DBVARS['db_name']); unset($DBVARS['userbase']); unset($DBVARS['theme_dir']); unset($DBVARS['theme_dir_personal']); file_put_contents($dir . '/config.json', json_encode($DBVARS)); $sname = $_SERVER['HTTP_HOST'] . date('-Y-m-d') . '.zip'; `cd {$tmpdir} && zip -r -P "{$password}" {$sname} site`; header('Content-type: force/download'); header('Content-Disposition: attachment; filename="' . $sname . '"'); readfile($tmpdir . '/' . $sname); CoreDirectory::delete($tmpdir);
echo '<tr><th>Banner</th><td><div id="banner_image_html">' . ckeditor('html_' . $fdata['id'], Core_unfixImageResizes($fdata['html']), 0, '', 180) . '</div></td></tr>'; // } // { show submit button and end form echo '<tr><td><a href="./plugin.php?_plugin=banner-image&_page=index&dele' . 'te_banner=' . $fdata['id'] . '" onclick="return confirm(\'are you sure yo' . 'u want to remove this banner?\');" title="remove banner">[x]</a></td>' . '<td><input type="submit" name="save_banner" value="Update" /></td></tr>'; // } echo '</table></form>'; } // } $id = 0; if (isset($_GET['delete_banner']) && (int) $_GET['delete_banner']) { $id = (int) $_GET['delete_banner']; dbQuery("delete from banners_images where id={$id}"); dbQuery("delete from banners_pages where bannerid={$id}"); unlink(USERBASE . '/f/skin_files/banner-image/' . $id . '.png'); $n = USERBASE . '/f/skin_files/banner-image/' . $id . '_*'; CoreDirectory::delete($n); $updated = 'Banner Deleted'; Core_cacheClear('banner-images'); } if (isset($_POST['save_banner'])) { $id = (int) $_POST['id']; $pages = @$_POST['pages_' . $id]; $html = Core_sanitiseHtml($_POST['html_' . $id]); $sql = 'set html="' . addslashes($html) . '",name="' . addslashes($_POST['name']) . '",pages=' . (count($pages) ? 1 : 0); if ($id) { dbQuery("update banners_images {$sql} where id={$id}"); } else { dbQuery("insert into banners_images {$sql}"); $id = dbOne('select last_insert_id() as id', 'id'); $_REQUEST['id'] = $id; }
/** * sends a form, or displays the form instead with errors on top * * @param array $page page db row * @param array $vars page meta data * @param array $form_fields array of fields * * @return HTML of either the result, or the form with errors on top */ function Form_send($page, $vars, $form_fields) { $c = ''; $plaintext = ''; $values = array(); $email = ''; foreach ($form_fields as $r2) { $name = preg_replace('/[^a-zA-Z0-9_]/', '', $r2['name']); $separator = "\n" . str_repeat('-', 80) . "\n"; $val = ''; switch ($r2['type']) { case 'checkbox': // { $val = @$_REQUEST[$name]; $values[$r2['name']] = $val == 'on' ? 'yes' : 'no'; if ($val == 'on') { $plaintext .= 'selected option: ' . htmlspecialchars($r2['name']) . $separator; } break; // } // } case 'date': case 'ccdate': // { $val = Core_dateM2H(@$_REQUEST[$name]); if ($r2['type'] == 'ccdate') { $val = preg_replace('#.* ([a-zA-Z]*, [0-9]+)#', "\$1", $val); } $values[$r2['name']] = $val; $plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator; break; // } // } case 'email': // { $val = @$_REQUEST[$name]; $values[$r2['name']] = $val; $plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator; $email = $val; break; // } // } case 'file': // { build $files array which emulates the $_FILES array // { first remove old uploads $dir = USERBASE . '/f/.files/forms/'; if (!is_dir($dir)) { break; } $fs = new DirectoryIterator($dir); $time = time(); foreach ($fs as $f) { if ($f->isDot()) { continue; } if ($f->isDir()) { $diff = $time - $f->getMTime(); if ($diff > 600) { // file is older than 10 minutes CoreDirectory::delete($f->getPathname()); } } } // } $session_id = session_id(); $dir .= $session_id; if (!is_dir($dir)) { break; } $_FILES = array(); $uploads = new DirectoryIterator($dir); foreach ($uploads as $upload) { if ($upload->isDot() || $upload->isDir()) { continue; } array_push($_FILES, array('name' => $upload->getFileName(), 'type' => mime_content_type($upload->getPathname()), 'tmp_name' => $upload->getPathname(), 'error' => 0, 'size' => $upload->getSize())); } break; // } // } case 'html-block': case 'next-page-link': case 'previous-page-link': case 'page-break': // { not inputs - don't add them break; // } // } default: // { $val = @$_REQUEST[$name]; $values[$r2['name']] = $val; $val = nl2br($val); $plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator; // } } } $from_field = preg_replace('/[^a-zA-Z]/', '', $vars['forms_replyto']); $from = isset($_REQUEST[$from_field]) ? $_REQUEST[$from_field] : ''; if (@$vars['forms_create_user']) { $id = dbOne('select id from user_accounts where email="' . addslashes($email) . '"', 'id'); if (!$id) { dbQuery('insert into user_accounts set email="' . addslashes($email) . '",' . 'extras="' . addslashes(json_encode($values)) . '"'); $id = dbLastInsertId(); if (isset($_FILES) && count($_FILES)) { @mkdir(USERBASE . '/f/user-files'); @mkdir(USERBASE . '/f/user-files/' . $id); foreach ($_FILES as $file) { copy($file['tmp_name'], USERBASE . '/f/user-files/' . $id . '/' . $file['name']); } } } } if ($vars['forms_send_as_email']) { $form = Form_readonly($page['id'], $vars, $form_fields); $to = $vars['forms_recipient']; $form = str_replace(array('<input type="submit" value="' . __('Submit Form') . '" />', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" ' . 'class="ww_form" enctype="multipart/form-data">', '</form>'), '', $form); cmsMail($to, $from, $_SERVER['HTTP_HOST'] . ' ' . __FromJson($page['name']), '<html><head></head><body>' . $form . '</body></html>', $_FILES); if (is_dir(USERBASE . '/f/.files/forms/' . session_id())) { // remove uploaded files CoreDirectory::delete(USERBASE . '/f/.files/forms/' . session_id()); } } if ($vars['forms_record_in_db']) { Form_saveValues($page['id'], $form_fields); } $c .= '<div id="thankyoumessage">' . $vars['forms_successmsg'] . '</div>'; return $c; }
echo $table . ' '; dbQuery('delete from `' . addslashes($table) . '`'); $tmpdir2 = $tmpdir . '/site/db/' . $table . '/'; for ($i = 0; file_exists($tmpdir2 . $i . '.json'); $i++) { $rows = json_decode(file_get_contents($tmpdir2 . $i . '.json')); foreach ($rows as $row) { $parts = array(); foreach ($row as $key => $val) { $parts[] = '`' . addslashes($key) . '` = "' . addslashes($val) . '" '; } $query = 'insert into `' . addslashes($table) . '` set ' . join(',', $parts); dbQuery($query); } } } echo '<br/>'; } echo 'cleaning up.<br />'; CoreDirectory::delete($tmpdir); echo 'clearing local cache...<br />'; CoreDirectory::delete($udir . '/ww.cache/*'); echo 'done<img style="width:1px;height:1px" src="./" /><p>Import completed.</p>'; dbQuery('update pages set alias=name where alias is null'); Core_cacheClear(); return; } } if (count($errors)) { echo '<em>' . join('<br />', $errors) . '</em>'; } echo '<em>NOTE: uploading a backup will OVERWRITE your present website.</em>' . '<p>Please only upload if you are certain you need to!</p>' . '<p>Seriously! Back away now if you are AT ALL unsure of this.</p>' . '<form action="/ww.admin/plugin.php?_plugin=backup&_page=import"' . ' method="post" enctype="multipart/form-data" /><table>' . '<tr><th>Backup file</th><td><input type="file" name="file" /></td></tr>' . '<tr><th>Password</th><td><input name="password" type="password" /></td>' . '</tr>' . '<tr><th colspan="2"><input type="submit" name="action" value="submit" />' . '</td></tr>' . '</table></form>';
$name = @$_POST['theme_name']; if ($name == '') { Core_quit(); } /** * install theme if selected */ if (isset($_POST['install-theme'])) { $DBVARS['theme'] = $name; $variant = @$_POST['theme_variant']; if ($variant != '') { $DBVARS['theme_variant'] = $variant; } Core_configRewrite(); Core_cacheClear('pages'); } /** * delete theme if selected */ if (isset($_POST['delete-theme'])) { if ($DBVARS['theme'] == $name) { header('location: /ww.admin/siteoptions.php?page=themes'); } elseif (is_dir(USERBASE . '/themes-personal/' . $name)) { CoreDirectory::delete(USERBASE . '/themes-personal/' . $name); } } /** * redirect to themes personal */ echo '<script>document.location="/ww.admin/siteoptions.php?page=themes";</script>'; Core_quit();