$backupType['backupType'] = secureVar(trim($_POST['backupType']), 'html'); if ($backupType['hidden'] != '') { $error = new Error("Humans only ! Go away WALL·E"); die($error->showError()); } if ($backupType['backupType'] == 'restore') { if (base64_decode($_SESSION['privilege']) == 1) { $errorField = ''; $uploadedFilePost = @$HTTP_POST_FILES['uploadField']['name']; if (isset($uploadedFilePost) && !empty($uploadedFilePost)) { $uploadedFile = $config['backupFolder'] . '/' . basename($_FILES['uploadField']['name']); if (@move_uploaded_file($_FILES['uploadField']['tmp_name'], $uploadedFile)) { include_once '../classes/database/mysql_dump.inc.php'; $mysql_dump = new MYSQL_DUMP($data['dbHost'], $data['dbUsername'], $data['dbPassword']); $con->connect(); if ($mysql_dump->restoreDB($uploadedFile)) { @unlink($uploadedFile); $queryMsg = "insert into " . $dbTables['backupLog'] . " (id, date, operation) values (NULL, '" . secureVar(time(), 'sql') . "', '" . secureVar('r', 'sql') . "');"; $con->modify($queryMsg); echo "<div class=\"msgSuccess\">" . $lang['changeSuccess'] . "</div>"; } else { echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; } $con->close(); } else { $errorField .= $lang['permissionsError'] . '<br />'; } } else { $errorField .= $lang['sqlFile'] . ' ' . $lang['isEmpty'] . '<br />'; } if ($errorField != '') {
function SQLFromFile($file) { global $db, $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DB_NAME, $MYSQL_CHARSET; // try to upload dump via exec("mysql") $err_code = 127; @exec("mysql --host={$MYSQL_HOST} --user={$MYSQL_USER}" . ($MYSQL_PASSWORD ? " --password={$MYSQL_PASSWORD} " : "") . ((double) mysql_get_server_info() > 4 ? " --default-character-set={$MYSQL_CHARSET} " : "") . " {$MYSQL_DB_NAME} < {$file} 2>&1", $output, $err_code); // exec failed if ($err_code) { $mysql_dump = new MYSQL_DUMP($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_CHARSET); // $sql = $mysql_dump->dumpDB($MYSQL_DB_NAME); if ($mysql_dump->restoreDB($file) == false) { echo $mysql_dump->error(); return false; } } return true; }
function restore_dump($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DB_NAME, $MYSQL_CHARSET) { // Try via command-line mysql first $err_code = 127; $path = dirname(__FILE__) . DIRECTORY_SEPARATOR; $exec_str = "mysql --host=" . escapeshellarg($MYSQL_HOST) . " --user="******" --password="******" --default-character-set={$MYSQL_CHARSET} " : "") . " " . escapeshellarg($MYSQL_DB_NAME) . " < {$path}netcat.sql 2>&1"; exec($exec_str, $output, $err_code); if ($err_code) { $mysql_dump = new MYSQL_DUMP($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_CHARSET); $mysql_dump->dumpDB($MYSQL_DB_NAME); if ($mysql_dump->restoreDB("{$path}netcat.sql") == false) { echo "Failed to import MySQL dump:<br />\n"; echo $mysql_dump->error(); echo "Cmdline output: \n<br />\n"; foreach ($output as $l) { echo $l . "\n<br />"; } echo "\n<br />\n"; return false; } } return true; }