$backupType['backupType'] = secureVar(trim($_POST['backupType']), 'html');
if ($backupType['hidden'] != '') {
$error = new Error("Humans only ! Go away WALL·E");
die($error->showError());
}
if ($backupType['backupType'] == 'restore') {
if (base64_decode($_SESSION['privilege']) == 1) {
$errorField = '';
$uploadedFilePost = @$HTTP_POST_FILES['uploadField']['name'];
if (isset($uploadedFilePost) && !empty($uploadedFilePost)) {
$uploadedFile = $config['backupFolder'] . '/' . basename($_FILES['uploadField']['name']);
if (@move_uploaded_file($_FILES['uploadField']['tmp_name'], $uploadedFile)) {
include_once '../classes/database/mysql_dump.inc.php';
$mysql_dump = new MYSQL_DUMP($data['dbHost'], $data['dbUsername'], $data['dbPassword']);
$con->connect();
if ($mysql_dump->restoreDB($uploadedFile)) {
@unlink($uploadedFile);
$queryMsg = "insert into " . $dbTables['backupLog'] . " (id, date, operation) values (NULL, '" . secureVar(time(), 'sql') . "', '" . secureVar('r', 'sql') . "');";
$con->modify($queryMsg);
echo "<div class=\"msgSuccess\">" . $lang['changeSuccess'] . "</div>";
} else {
echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>";
}
$con->close();
} else {
$errorField .= $lang['permissionsError'] . '<br />';
}
} else {
$errorField .= $lang['sqlFile'] . ' ' . $lang['isEmpty'] . '<br />';
}
if ($errorField != '') {
function SQLFromFile($file)
{
global $db, $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DB_NAME, $MYSQL_CHARSET;
// try to upload dump via exec("mysql")
$err_code = 127;
@exec("mysql --host={$MYSQL_HOST} --user={$MYSQL_USER}" . ($MYSQL_PASSWORD ? " --password={$MYSQL_PASSWORD} " : "") . ((double) mysql_get_server_info() > 4 ? " --default-character-set={$MYSQL_CHARSET} " : "") . " {$MYSQL_DB_NAME} < {$file} 2>&1", $output, $err_code);
// exec failed
if ($err_code) {
$mysql_dump = new MYSQL_DUMP($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_CHARSET);
// $sql = $mysql_dump->dumpDB($MYSQL_DB_NAME);
if ($mysql_dump->restoreDB($file) == false) {
echo $mysql_dump->error();
return false;
}
}
return true;
}
function restore_dump($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DB_NAME, $MYSQL_CHARSET)
{
// Try via command-line mysql first
$err_code = 127;
$path = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$exec_str = "mysql --host=" . escapeshellarg($MYSQL_HOST) . " --user="******" --password="******" --default-character-set={$MYSQL_CHARSET} " : "") . " " . escapeshellarg($MYSQL_DB_NAME) . " < {$path}netcat.sql 2>&1";
exec($exec_str, $output, $err_code);
if ($err_code) {
$mysql_dump = new MYSQL_DUMP($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_CHARSET);
$mysql_dump->dumpDB($MYSQL_DB_NAME);
if ($mysql_dump->restoreDB("{$path}netcat.sql") == false) {
echo "Failed to import MySQL dump:<br />\n";
echo $mysql_dump->error();
echo "Cmdline output: \n<br />\n";
foreach ($output as $l) {
echo $l . "\n<br />";
}
echo "\n<br />\n";
return false;
}
}
return true;
}
