public function index(Request $request)
{
if ($request->initSession() && $request->isReferer()) {
$user = $this->db()->createQuery()->from('user')->where($request->get('id')->toInt())->cacheOn()->toArray()->first('icon');
if ($user) {
if (!empty($user['icon']) && is_file(ROOT_PATH . self::$cfg->usericon_folder . $user['icon'])) {
$icon = ROOT_PATH . self::$cfg->usericon_folder . $user['icon'];
}
}
if (empty($icon)) {
$icon = is_file(ROOT_PATH . 'skin/' . self::$cfg->skin . '/img/noicon.jpg') ? ROOT_PATH . 'skin/' . self::$cfg->skin . '/img/noicon.jpg' : ROOT_PATH . 'skin/img/noicon.jpg';
}
// ตรวจสอบรูป
$info = getImageSize($icon);
if (empty($info['error'])) {
$response = new Response();
$response->withHeaders(array('Pragma' => 'public', 'Cache-Control' => 'max-age=86400', 'Expires' => gmdate('D, d M Y H:i:s GMT', time() + 86400), 'Content-type' => $info['mime']))->withContent(file_get_contents($icon))->send();
}
}
}
/**
* export database to file
*/
public function export()
{
// referer, session, member
if (self::$request->initSession() && self::$request->isReferer() && ($login = Login::isAdmin())) {
if ($login['email'] != 'demo' && empty($login['fb'])) {
$sqls = array();
$rows = array();
$database = array();
$datas = array();
foreach (self::$request->getParsedBody() as $table => $values) {
foreach ($values as $k => $v) {
if (isset($datas[$table][$v])) {
$datas[$table][$v]++;
} else {
$datas[$table][$v] = 1;
}
}
}
$web_url = str_replace(array('http://', 'https://', 'www.'), '', WEB_URL);
$web_url = '/http(s)?:\\/\\/(www\\.)?' . preg_quote($web_url, '/') . '/';
// database
$model = new static();
// ชื่อฐานข้อมูล
$fname = $model->getSetting('dbname') . '.sql';
// memory limit
ini_set('memory_limit', '1024M');
// prefix
$prefix = $model->getSetting('prefix');
// ตารางทั้งหมด
$tables = $model->db()->customQuery('SHOW TABLE STATUS', true);
// ตารางทั้งหมด
foreach ($tables as $table) {
if (preg_match('/^' . $prefix . '(.*?)$/', $table['Name']) && isset($datas[$table['Name']])) {
$fields = $model->db()->customQuery('SHOW FULL FIELDS FROM ' . $table['Name'], true);
$primarykey = array();
$rows = array();
foreach ($fields as $field) {
if ($field['Key'] == 'PRI') {
$primarykey[] = '`' . $field['Field'] . '`';
}
$database[$table['Name']]['Field'][] = $field['Field'];
$rows[] = '`' . $field['Field'] . '` ' . $field['Type'] . ($field['Collation'] != '' ? ' collate ' . $field['Collation'] : '') . ($field['Null'] == 'NO' ? ' NOT NULL' : '') . ($field['Default'] != '' ? " DEFAULT '" . $field['Default'] . "'" : '') . ($field['Extra'] != '' ? ' ' . $field['Extra'] : '');
}
if (sizeof($primarykey) > 0) {
$rows[] = 'PRIMARY KEY (' . implode(',', $primarykey) . ')';
}
if (isset($datas[$table['Name']]['sturcture'])) {
$table_name = $prefix == '' ? $table['Name'] : preg_replace('/^' . $prefix . '/', '{prefix}', $table['Name']);
$sqls[] = 'DROP TABLE IF EXISTS `' . $table_name . '`;';
$q = 'CREATE TABLE `' . $table_name . '` (' . implode(',', $rows) . ') ENGINE=' . $table['Engine'];
$q .= ' DEFAULT CHARSET=' . preg_replace('/([a-zA-Z0-9]+)_.*?/Uu', '\\1', $table['Collation']) . ' COLLATE=' . $table['Collation'];
$q .= ($table['Create_options'] != '' ? ' ' . strtoupper($table['Create_options']) : '') . ';';
$sqls[] = $q;
}
}
}
// ข้อมูลในตาราง
foreach ($tables as $table) {
if (preg_match('/^' . $prefix . '(.*?)$/', $table['Name'], $match)) {
if ($match[1] == '_emailtemplate') {
if (isset($datas[$table['Name']]['datas'])) {
if (($key = array_search('id', $database[$table['Name']]['Field'])) !== false) {
unset($database[$table['Name']]['Field'][$key]);
}
$table_name = $prefix == '' ? $table['Name'] : preg_replace('/^' . $prefix . '/', '{prefix}', $table['Name']);
$data = "INSERT INTO `{$table_name}` (`" . implode('`, `', $database[$table['Name']]['Field']) . "`) VALUES ('%s');";
$records = $model->db()->customQuery('SELECT * FROM ' . $table['Name'], true);
foreach ($records as $record) {
foreach ($record as $field => $value) {
if ($field === 'copy_to' || $field === 'from_email') {
$record[$field] = $value == $login['email'] ? '{WEBMASTER}' : '';
} elseif ($field == 'id') {
unset($record['id']);
} else {
$record[$field] = addslashes(preg_replace($web_url, '{WEBURL}', $value));
}
}
$sqls[] = preg_replace(array('/[\\r]/u', '/[\\n]/u'), array('\\r', '\\n'), sprintf($data, implode("','", $record)));
}
}
} elseif (isset($datas[$table['Name']]['datas'])) {
$table_name = $prefix == '' ? $table['Name'] : preg_replace('/^' . $prefix . '/', '{prefix}', $table['Name']);
$data = "INSERT INTO `{$table_name}` (`" . implode('`, `', $database[$table['Name']]['Field']) . "`) VALUES ('%s');";
$records = $model->db()->customQuery('SELECT * FROM ' . $table['Name'], true);
foreach ($records as $record) {
foreach ($record as $field => $value) {
$record[$field] = addslashes(preg_replace($web_url, '{WEBURL}', $value));
}
$sqls[] = preg_replace(array('/[\\r]/u', '/[\\n]/u'), array('\\r', '\\n'), sprintf($data, implode("','", $record)));
}
}
}
}
// send file
$response = new Response();
$response->withHeaders(array('Content-Type' => 'application/force-download', 'Content-Disposition' => 'attachment; filename=' . $fname))->withContent(preg_replace(array('/[\\\\]+/', '/\\\\"/'), array('\\', '"'), implode("\r\n", $sqls)))->send();
exit;
}
}
// ไม่สามารถดาวน์โหลดได้
$response = new Response(404);
$response->withContent('File Not Found!')->send();
}
