<?php /* * Constant that is checked in included files to prevent direct access. * define() is used in the installation folder rather than "const" to not error for PHP 5.2 and lower */ define('_CMSEXEC', 1); //include protection /* Время генерации старт */ include_once 'engine/scripts/start.php'; require_once 'engine/scripts/check.php'; //Подключаем функции первичных проверок clientip(); //идентификация ip клиента $arrycheckurlrequest = array("?", ".php", ".asp", ".py", ".js", "&", ".dat", "<script>"); foreach ($arrycheckurlrequest as $value) { checkurlrequest($value); } require_once 'engine/config.dat'; //Подключаем файл общей конфигурации if ($showerrors === "on") { error_reporting(E_ALL); } //показ всех ошибок if ($webapp === "on") { require_once 'engine/scripts/functional.php'; //Подключаем файл функций и классов $test_info = 'Ура! У нас получилось подключить стартовый модуль <b style="color:#f00">' . $modul_name . '</b> ))))<br>'; $file_config = file('engine/module.dat'); // Подключаем МЕНЮ Активных модулей foreach ($file_config as $line) {
break; } } } if (empty($_SESSION['auth']['administrator']['id'])) { $_view['administrator'] = $_POST; $_view['warnings'] = array('ユーザ名もしくはパスワードが違います。'); } } else { $addresses = array(); foreach ($GLOBALS['config']['administrators'] as $information) { if (!empty($information['address'])) { $addresses = array_merge($addresses, $information['address']); } } if (!empty($addresses) && !in_array(clientip(), $addresses)) { error('不正なアクセスです。'); } $_view['administrator'] = array('username' => '', 'password' => ''); } // ログイン確認 if (!empty($_SESSION['auth']['administrator']['id'])) { if ($_REQUEST['_work'] === 'index') { if (isset($_GET['referer']) && regexp_match('^\\/', $_GET['referer'])) { $url = $_GET['referer']; } else { $url = '/admin/home'; } // リダイレクト redirect($url); } else {
/** * Export SQL to the file. * * @param string|null $file * @param string|null $target * @param bool $combined */ function db_export($file = null, $target = null, $combined = true) { $resource = db_query(db_sql('table_list')); $results = db_result($resource); $tables = array(); foreach ($results as $result) { $tables[] = array_shift($result); } $text = '-- Database: ' . DATABASE_NAME . ' (' . DATABASE_TYPE . ")\n"; $text .= '-- Datetime: ' . localdate('Y-m-d H:i:s') . "\n"; $text .= '-- Host: ' . gethostbyaddr(clientip()) . "\n"; $text .= "\n"; foreach ($tables as $table) { if ($target === null || $target === $table) { $resource = db_query(db_sql('table_create', $table)); $results = db_result($resource); if (DATABASE_TYPE === 'pdo_mysql' || DATABASE_TYPE === 'mysql') { $text .= "DROP TABLE IF EXISTS " . $table . ";\n"; $text .= $results[0]['Create Table'] . ";\n"; $text .= "\n"; } elseif (DATABASE_TYPE === 'pdo_pgsql' || DATABASE_TYPE === 'pgsql') { $text .= "DROP TABLE IF EXISTS " . $table . ";\n"; $text .= $results[0]['case'] . ";\n"; $text .= "\n"; } elseif (DATABASE_TYPE === 'pdo_sqlite' || DATABASE_TYPE === 'pdo_sqlite2' || DATABASE_TYPE === 'sqlite') { $text .= "DROP TABLE IF EXISTS " . $table . ";\n"; $text .= $results[0]['sql'] . ";\n"; $text .= "\n"; } $resource = db_query('SELECT * FROM ' . $table . ';'); $results = db_result($resource); $values = array(); $i = 0; foreach ($results as $result) { $inserts = array(); foreach ($result as $data) { if ($data === null) { $inserts[] = 'NULL'; } else { $inserts[] = db_escape($data); } } if ($combined === true) { $values[intval($i / 50)][] = '(' . implode(', ', $inserts) . ')'; } else { $text .= "INSERT INTO " . $table . " VALUES(" . implode(', ', $inserts) . ");\n"; } $i++; } if ($combined === true && !empty($values)) { foreach ($values as $value) { $text .= "INSERT INTO " . $table . " VALUES\n"; $text .= implode(",\n", $value); $text .= ";\n"; } } $text .= "\n"; } } if ($file === null) { if ($target === null) { $filename = DATABASE_NAME . '.sql'; } else { $filename = DATABASE_NAME . '-' . $target . '.sql'; } header('Content-Type: text/plain'); header('Content-Disposition: attachment; filename="' . $filename . '"'); echo $text; exit; } else { if (file_put_contents($file, $text) === false) { error('db: Export file can\'t write'); } } return; }
/** * Check the authorization. * * @return bool */ function auth() { if (!DEBUG_LEVEL) { if (DEBUG_PASSWORD && empty($_SESSION['_auth'])) { password(); } elseif (DEBUG_ADDR && !in_array(clientip(), explode(',', DEBUG_ADDR))) { return false; } elseif (!DEBUG_PASSWORD && !DEBUG_ADDR) { return false; } } return true; }