<?php
/*
* Constant that is checked in included files to prevent direct access.
* define() is used in the installation folder rather than "const" to not error for PHP 5.2 and lower
*/
define('_CMSEXEC', 1);
//include protection
/* Время генерации старт */
include_once 'engine/scripts/start.php';
require_once 'engine/scripts/check.php';
//Подключаем функции первичных проверок
clientip();
//идентификация ip клиента
$arrycheckurlrequest = array("?", ".php", ".asp", ".py", ".js", "&", ".dat", "<script>");
foreach ($arrycheckurlrequest as $value) {
checkurlrequest($value);
}
require_once 'engine/config.dat';
//Подключаем файл общей конфигурации
if ($showerrors === "on") {
error_reporting(E_ALL);
}
//показ всех ошибок
if ($webapp === "on") {
require_once 'engine/scripts/functional.php';
//Подключаем файл функций и классов
$test_info = 'Ура! У нас получилось подключить стартовый модуль <b style="color:#f00">' . $modul_name . '</b> ))))<br>';
$file_config = file('engine/module.dat');
// Подключаем МЕНЮ Активных модулей
foreach ($file_config as $line) {
break;
}
}
}
if (empty($_SESSION['auth']['administrator']['id'])) {
$_view['administrator'] = $_POST;
$_view['warnings'] = array('ユーザ名もしくはパスワードが違います。');
}
} else {
$addresses = array();
foreach ($GLOBALS['config']['administrators'] as $information) {
if (!empty($information['address'])) {
$addresses = array_merge($addresses, $information['address']);
}
}
if (!empty($addresses) && !in_array(clientip(), $addresses)) {
error('不正なアクセスです。');
}
$_view['administrator'] = array('username' => '', 'password' => '');
}
// ログイン確認
if (!empty($_SESSION['auth']['administrator']['id'])) {
if ($_REQUEST['_work'] === 'index') {
if (isset($_GET['referer']) && regexp_match('^\\/', $_GET['referer'])) {
$url = $_GET['referer'];
} else {
$url = '/admin/home';
}
// リダイレクト
redirect($url);
} else {
/**
* Export SQL to the file.
*
* @param string|null $file
* @param string|null $target
* @param bool $combined
*/
function db_export($file = null, $target = null, $combined = true)
{
$resource = db_query(db_sql('table_list'));
$results = db_result($resource);
$tables = array();
foreach ($results as $result) {
$tables[] = array_shift($result);
}
$text = '-- Database: ' . DATABASE_NAME . ' (' . DATABASE_TYPE . ")\n";
$text .= '-- Datetime: ' . localdate('Y-m-d H:i:s') . "\n";
$text .= '-- Host: ' . gethostbyaddr(clientip()) . "\n";
$text .= "\n";
foreach ($tables as $table) {
if ($target === null || $target === $table) {
$resource = db_query(db_sql('table_create', $table));
$results = db_result($resource);
if (DATABASE_TYPE === 'pdo_mysql' || DATABASE_TYPE === 'mysql') {
$text .= "DROP TABLE IF EXISTS " . $table . ";\n";
$text .= $results[0]['Create Table'] . ";\n";
$text .= "\n";
} elseif (DATABASE_TYPE === 'pdo_pgsql' || DATABASE_TYPE === 'pgsql') {
$text .= "DROP TABLE IF EXISTS " . $table . ";\n";
$text .= $results[0]['case'] . ";\n";
$text .= "\n";
} elseif (DATABASE_TYPE === 'pdo_sqlite' || DATABASE_TYPE === 'pdo_sqlite2' || DATABASE_TYPE === 'sqlite') {
$text .= "DROP TABLE IF EXISTS " . $table . ";\n";
$text .= $results[0]['sql'] . ";\n";
$text .= "\n";
}
$resource = db_query('SELECT * FROM ' . $table . ';');
$results = db_result($resource);
$values = array();
$i = 0;
foreach ($results as $result) {
$inserts = array();
foreach ($result as $data) {
if ($data === null) {
$inserts[] = 'NULL';
} else {
$inserts[] = db_escape($data);
}
}
if ($combined === true) {
$values[intval($i / 50)][] = '(' . implode(', ', $inserts) . ')';
} else {
$text .= "INSERT INTO " . $table . " VALUES(" . implode(', ', $inserts) . ");\n";
}
$i++;
}
if ($combined === true && !empty($values)) {
foreach ($values as $value) {
$text .= "INSERT INTO " . $table . " VALUES\n";
$text .= implode(",\n", $value);
$text .= ";\n";
}
}
$text .= "\n";
}
}
if ($file === null) {
if ($target === null) {
$filename = DATABASE_NAME . '.sql';
} else {
$filename = DATABASE_NAME . '-' . $target . '.sql';
}
header('Content-Type: text/plain');
header('Content-Disposition: attachment; filename="' . $filename . '"');
echo $text;
exit;
} else {
if (file_put_contents($file, $text) === false) {
error('db: Export file can\'t write');
}
}
return;
}
/**
* Check the authorization.
*
* @return bool
*/
function auth()
{
if (!DEBUG_LEVEL) {
if (DEBUG_PASSWORD && empty($_SESSION['_auth'])) {
password();
} elseif (DEBUG_ADDR && !in_array(clientip(), explode(',', DEBUG_ADDR))) {
return false;
} elseif (!DEBUG_PASSWORD && !DEBUG_ADDR) {
return false;
}
}
return true;
}
