function __construct()
 {
     global $_zp_authority, $_userAddressFields;
     $firstTime = false;
     $tablecols = db_list_fields('administrators');
     foreach ($tablecols as $key => $datum) {
         if ($datum['Field'] == 'custom_data') {
             $firstTime = true;
             enableExtension('userAddressFields', true);
             break;
         }
     }
     parent::constructor('userAddressFields', self::fields());
     if ($firstTime) {
         //	migrate the custom data user data
         $result = query('SELECT * FROM ' . prefix('administrators') . ' WHERE `valid`!=0');
         if ($result) {
             while ($row = db_fetch_assoc($result)) {
                 $custom = getSerializedArray($row['custom_data']);
                 if (!empty($custom)) {
                     $sql = 'UPDATE ' . prefix('administrators') . ' SET ';
                     foreach ($custom as $field => $val) {
                         $sql .= '`' . $field . '`=' . db_quote($val) . ',';
                     }
                     setupQuery($sql);
                 }
             }
             db_free_result($result);
         }
         setupQuery('ALTER TABLE ' . prefix('administrators') . ' DROP `custom_data`');
     }
     $cloneid = bin2hex(FULLWEBPATH);
     if (OFFSET_PATH == 2 && isset($_SESSION['admin'][$cloneid])) {
         $user = unserialize($_SESSION['admin'][$cloneid]);
         $user2 = $_zp_authority->getAnAdmin(array('`user`=' => $user->getUser(), '`pass`=' => $user->getPass(), '`valid`=' => 1));
         if ($user2) {
             foreach (userAddressFields::fields() as $field) {
                 $user2->set($field['name'], $user->get($field['name']));
             }
             $user2->save();
         }
     }
 }
Exemple #2
0
     $check = -1;
 }
 if (empty($tableslist)) {
     $msg = gettext('<em>SHOW TABLES</em> [found no tables]');
     $msg2 = '';
 } else {
     $msg = sprintf(gettext("<em>SHOW TABLES</em> found: %s"), substr($tableslist, 0, -2));
     $msg2 = '';
 }
 checkMark($check, $msg, gettext("<em>SHOW TABLES</em> [Failed]"), sprintf(gettext("The database did not return a list of the database tables for <code>%s</code>."), $_zp_conf_vars['mysql_database']) . "<br />" . gettext("<strong>Setup</strong> will attempt to create all tables. This will not over write any existing tables."));
 if (isset($_zp_conf_vars['UTF-8']) && $_zp_conf_vars['UTF-8']) {
     $fields = 0;
     $fieldlist = array();
     foreach (array('images' => 1, 'albums' => 2) as $lookat => $add) {
         if (in_array($_zp_conf_vars['mysql_prefix'] . $lookat, $tables)) {
             $columns = db_list_fields('images');
             if ($columns) {
                 foreach ($columns as $col => $utf8) {
                     if (!is_null($row['Collation']) && $row['Collation'] != 'utf8_unicode_ci') {
                         $fields = $fields | $add;
                         $fieldlist[] = '<code>' . $lookat . '->' . $col . '</code>';
                     }
                 }
             } else {
                 $fields = 4;
             }
         }
     }
     $err = -1;
     switch ($fields) {
         case 0:
 /**
  * Searches the table for tags
  * Returns an array of database records.
  *
  * @param string $searchstring
  * @param string $tbl set to 'albums' or 'images'
  * @param string $sorttype what to sort on
  * @param string $sortdirection what direction
  * @return array
  */
 function searchFieldsAndTags($searchstring, $tbl, $sorttype, $sortdirection)
 {
     $allIDs = null;
     $idlist = array();
     $exact = EXACT_TAG_MATCH;
     // create an array of [tag, objectid] pairs for tags
     $tag_objects = array();
     $fields = $this->fieldList;
     if (count($fields) == 0) {
         // then use the default ones
         $fields = $this->allowedSearchFields();
     }
     foreach ($fields as $key => $field) {
         if (strtolower($field) == 'tags') {
             unset($fields[$key]);
             $tagsql = 'SELECT t.`name`, o.`objectid` FROM ' . prefix('tags') . ' AS t, ' . prefix('obj_to_tag') . ' AS o WHERE t.`id`=o.`tagid` AND o.`type`="' . $tbl . '" AND (';
             foreach ($searchstring as $singlesearchstring) {
                 switch ($singlesearchstring) {
                     case '&':
                     case '!':
                     case '|':
                     case '(':
                     case ')':
                         break;
                     default:
                         $targetfound = true;
                         if ($exact) {
                             $tagsql .= '`name` = ' . db_quote($singlesearchstring) . ' OR ';
                         } else {
                             $tagsql .= '`name` LIKE ' . db_quote('%' . $singlesearchstring . '%') . ' OR ';
                         }
                 }
             }
             $tagsql = substr($tagsql, 0, strlen($tagsql) - 4) . ') ORDER BY t.`id`';
             $objects = query_full_array($tagsql, false);
             if (is_array($objects)) {
                 $tag_objects = $objects;
             }
             break;
         }
     }
     // create an array of [name, objectid] pairs for the search fields.
     $field_objects = array();
     if (count($fields) > 0) {
         $columns = array();
         $dbfields = db_list_fields($tbl);
         if (is_array($dbfields)) {
             foreach ($dbfields as $row) {
                 $columns[] = strtolower($row['Field']);
             }
         }
         foreach ($searchstring as $singlesearchstring) {
             switch ($singlesearchstring) {
                 case '&':
                 case '!':
                 case '|':
                 case '(':
                 case ')':
                     break;
                 default:
                     $targetfound = true;
                     query('SET @serachtarget=' . db_quote($singlesearchstring));
                     $fieldsql = '';
                     foreach ($fields as $fieldname) {
                         if ($tbl == 'albums' && $fieldname == 'filename') {
                             $fieldname = 'folder';
                         } else {
                             $fieldname = strtolower($fieldname);
                         }
                         if ($fieldname && in_array($fieldname, $columns)) {
                             $fieldsql .= ' `' . $fieldname . '` LIKE ' . db_quote('%' . $singlesearchstring . '%') . ' OR ';
                         }
                     }
                     if (!empty($fieldsql)) {
                         $fieldsql = substr($fieldsql, 0, strlen($fieldsql) - 4) . ') ORDER BY `id`';
                         $sql = 'SELECT @serachtarget AS name, `id` AS `objectid` FROM ' . prefix($tbl) . ' WHERE (' . $fieldsql;
                         $objects = query_full_array($sql, false);
                         if (is_array($objects)) {
                             $field_objects = array_merge($field_objects, $objects);
                         }
                     }
             }
         }
     }
     $objects = array_merge($tag_objects, $field_objects);
     if (count($objects) != 0) {
         $tagid = '';
         $taglist = array();
         foreach ($objects as $object) {
             $tagid = strtolower($object['name']);
             if (!isset($taglist[$tagid]) || !is_array($taglist[$tagid])) {
                 $taglist[$tagid] = array();
             }
             $taglist[$tagid][] = $object['objectid'];
         }
         $op = '';
         $idstack = array();
         $opstack = array();
         while (count($searchstring) > 0) {
             $singlesearchstring = array_shift($searchstring);
             switch ($singlesearchstring) {
                 case '&':
                 case '!':
                 case '|':
                     $op = $op . $singlesearchstring;
                     break;
                 case '(':
                     array_push($idstack, $idlist);
                     array_push($opstack, $op);
                     $idlist = array();
                     $op = '';
                     break;
                 case ')':
                     $objectid = $idlist;
                     $idlist = array_pop($idstack);
                     $op = array_pop($opstack);
                     switch ($op) {
                         case '&':
                             if (is_array($objectid)) {
                                 $idlist = array_intersect($idlist, $objectid);
                             } else {
                                 $idlist = array();
                             }
                             break;
                         case '!':
                             break;
                             // Paren followed by NOT is nonsensical?
                         // Paren followed by NOT is nonsensical?
                         case '&!':
                             if (is_array($objectid)) {
                                 $idlist = array_diff($idlist, $objectid);
                             }
                             break;
                         case '':
                         case '|':
                             if (is_array($objectid)) {
                                 $idlist = array_merge($idlist, $objectid);
                             }
                             break;
                     }
                     $op = '';
                     break;
                 default:
                     $lookfor = strtolower($singlesearchstring);
                     $objectid = NULL;
                     foreach ($taglist as $key => $objlist) {
                         if ($exact && $lookfor == $key || !$exact && preg_match('%' . $lookfor . '%', $key)) {
                             if (is_array($objectid)) {
                                 $objectid = array_merge($objectid, $objlist);
                             } else {
                                 $objectid = $objlist;
                             }
                         }
                     }
                     switch ($op) {
                         case '&':
                             if (is_array($objectid)) {
                                 $idlist = array_intersect($idlist, $objectid);
                             } else {
                                 $idlist = array();
                             }
                             break;
                         case '!':
                             if (is_null($allIDs)) {
                                 $allIDs = array();
                                 $result = query_full_array("SELECT `id` FROM " . prefix($tbl));
                                 if (is_array($result)) {
                                     foreach ($result as $row) {
                                         $allIDs[] = $row['id'];
                                     }
                                 }
                             }
                             if (is_array($objectid)) {
                                 $idlist = array_merge($idlist, array_diff($allIDs, $objectid));
                             }
                             break;
                         case '&!':
                             if (is_array($objectid)) {
                                 $idlist = array_diff($idlist, $objectid);
                             }
                             break;
                         case '':
                         case '|':
                             if (is_array($objectid)) {
                                 $idlist = array_merge($idlist, $objectid);
                             }
                             break;
                     }
                     $idlist = array_unique($idlist);
                     $op = '';
                     break;
             }
             $idlist = array_unique($idlist);
         }
     }
     if (count($idlist) == 0) {
         return NULL;
     }
     $sql = 'SELECT DISTINCT `id`,`show`,`title`,';
     switch ($tbl) {
         case 'pages':
         case 'news':
             $sql .= '`titlelink` ';
             break;
         case 'albums':
             $sql .= "`desc`,`folder` ";
             break;
         default:
             $sql .= "`desc`,`albumid`,`filename`,`location`,`city`,`state`,`country` ";
             break;
     }
     if (zp_loggedin()) {
         $show = '';
     } else {
         $show = "`show` = 1 AND ";
     }
     switch ($tbl) {
         case 'news':
             if (is_array($this->category_list)) {
                 $news_list = $this->subsetNewsCategories();
                 $idlist = array_intersect($news_list, $idlist);
                 if (count($idlist) == 0) {
                     return NULL;
                 }
             }
             if (empty($sorttype)) {
                 $key = '`date` DESC';
             } else {
                 $key = trim('`' . $sorttype . '` ' . $sortdirection);
             }
             if ($show) {
                 $show .= '`date`<=' . db_quote(date('Y-m-d H:i:s')) . ' AND ';
             }
             break;
         case 'pages':
             if ($show) {
                 $show .= '`date`<=' . db_quote(date('Y-m-d H:i:s')) . ' AND ';
             }
             $key = '`sort_order`';
             break;
         case 'albums':
             if (is_null($sorttype)) {
                 if (empty($this->dynalbumname)) {
                     $key = lookupSortKey($this->gallery->getSortType(), 'sort_order', 'folder');
                     if ($this->gallery->getSortDirection()) {
                         $key .= " DESC";
                     }
                 } else {
                     $gallery = new Gallery();
                     $album = new Album($gallery, $this->dynalbumname);
                     $key = $album->getAlbumSortKey();
                     if ($key != '`sort_order`' && $key != 'RAND()') {
                         if ($album->getSortDirection('album')) {
                             $key .= " DESC";
                         }
                     }
                 }
             } else {
                 $sorttype = lookupSortKey($sorttype, 'sort_order', 'folder');
                 $key = trim($sorttype . ' ' . $sortdirection);
             }
             break;
         default:
             if (is_null($sorttype)) {
                 if (empty($this->dynalbumname)) {
                     $key = lookupSortKey(IMAGE_SORT_TYPE, 'filename', 'filename');
                     if (IMAGE_SORT_DIRECTION) {
                         $key .= " DESC";
                     }
                 } else {
                     $gallery = new Gallery();
                     $album = new Album($gallery, $this->dynalbumname);
                     $key = $album->getImageSortKey();
                     if ($key != '`sort_order`') {
                         if ($album->getSortDirection('image')) {
                             $key .= " DESC";
                         }
                     }
                 }
             } else {
                 $sorttype = lookupSortKey($sorttype, 'filename', 'filename');
                 $key = trim($sorttype . ' ' . $sortdirection);
             }
             break;
     }
     $sql .= "FROM " . prefix($tbl) . " WHERE " . $show;
     $sql .= '(' . $this->compressedIDList($idlist) . ')';
     $sql .= " ORDER BY " . $key;
     $result = query_full_array($sql);
     return $result;
 }
Exemple #4
0
datepickerJS();
codeblocktabsJS();
if (!isset($_GET['massedit']) && !isset($_GET['album']) || $subtab == 'subalbuminfo') {
    printSortableHead();
}
if (isset($_GET['album']) && (empty($subtab) || $subtab == 'albuminfo') || isset($_GET['massedit'])) {
    $result = db_list_fields('albums');
    $dbfields = array();
    if ($result) {
        foreach ($result as $row) {
            $dbfields[] = "'" . $row['Field'] . "'";
        }
    }
    sort($dbfields);
    $albumdbfields = implode(',', $dbfields);
    $result = db_list_fields('images');
    $dbfields = array();
    if ($result) {
        foreach ($result as $row) {
            $dbfields[] = "'" . $row['Field'] . "'";
        }
    }
    sort($dbfields);
    $imagedbfields = implode(',', $dbfields);
    ?>
	<script type="text/javascript" src="js/encoder.js"></script>
	<script type="text/javascript" src="js/tag.js"></script>
	<script type="text/javascript">
						//<!-- <![CDATA[
						var albumdbfields = [<?php 
    echo $albumdbfields;
     while ($row = db_fetch_assoc($resource)) {
         $result[] = $row;
     }
     db_free_result($resource);
 } else {
     $result = false;
 }
 $unique = $tables = array();
 $table_cleared = array();
 if (is_array($result)) {
     foreach ($result as $row) {
         extendExecution();
         $table = array_shift($row);
         $tables[$table] = array();
         $table_cleared[$table] = false;
         $result2 = db_list_fields(substr($table, $prefixLen));
         if (is_array($result2)) {
             foreach ($result2 as $row) {
                 $tables[$table][] = $row['Field'];
             }
         }
         $result2 = db_show('index', $table);
         if (is_array($result2)) {
             foreach ($result2 as $row) {
                 if (is_array($row)) {
                     if (array_key_exists('Non_unique', $row) && !$row['Non_unique']) {
                         $unique[$table][] = $row['Column_name'];
                     }
                 }
             }
         }
Exemple #6
0
/**
 * Returns a sort field part for querying
 * Note: $sorttype may be a comma separated list of field names. If so,
 *       these are peckmarked and returned otherwise unchanged.
 *
 * @param string $sorttype the 'Display" name of the sort
 * @param string $default the default if $sorttype is empty
 * @param string $table the database table being used.
 * @return string
 */
function lookupSortKey($sorttype, $default, $table)
{
    global $_zp_fieldLists;
    switch (strtolower($sorttype)) {
        case 'random':
            return 'RAND()';
        case "manual":
            return 'sort_order';
        default:
            if (empty($sorttype)) {
                if (empty($default)) {
                    return 'id';
                }
                return $default;
            }
            if (substr($sorttype, 0) == '(') {
                return $sorttype;
            }
            if ($table == 'albums') {
                // filename is synonomon for folder with albums
                $sorttype = str_replace('filename', 'folder', $sorttype);
            }
            if (is_array($_zp_fieldLists) && isset($_zp_fieldLists[$table])) {
                $dbfields = $_zp_fieldLists[$table];
            } else {
                $result = db_list_fields($table);
                $dbfields = array();
                if ($result) {
                    foreach ($result as $row) {
                        $dbfields[strtolower($row['Field'])] = $row['Field'];
                    }
                }
                $_zp_fieldLists[$table] = $dbfields;
            }
            $sorttype = strtolower($sorttype);
            $list = explode(',', $sorttype);
            $rslt = array();
            foreach ($list as $key => $field) {
                if (array_key_exists($field = trim($field, '`'), $dbfields)) {
                    $rslt[] = '`' . trim($dbfields[$field]) . '`';
                }
            }
            if (empty($rslt)) {
                return 'id';
            }
            return implode(',', $rslt);
    }
}
 /**
  *
  * This method establishes the current set of database fields. It will add the
  * fields to the database if they are not already present. Fields from previous
  * constructor calls that are no longer in the list will be removed from the
  * database (along with any data associated with them.)
  *
  * @param array $newfields
  */
 function constructor($me, $newfields)
 {
     $database = array();
     foreach (getDBTables() as $table) {
         $tablecols = db_list_fields($table);
         foreach ($tablecols as $key => $datum) {
             $database[$table][$datum['Field']] = $datum;
         }
     }
     $current = $fields = $searchDefault = array();
     if (extensionEnabled($me)) {
         //need to update the database tables.
         foreach ($newfields as $newfield) {
             $table = $newfield['table'];
             $name = $newfield['name'];
             if (!($existng = isset($database[$table][$name]))) {
                 if (isset($newfield['searchDefault']) && $newfield['searchDefault']) {
                     $searchDefault[] = $name;
                 }
             }
             if (is_null($newfield['type'])) {
                 if ($name == 'tags') {
                     setOption('adminTagsTab', 1);
                 }
             } else {
                 switch (strtolower($newfield['type'])) {
                     default:
                         $dbType = strtoupper($newfield['type']);
                         break;
                     case 'int':
                         $dbType = strtoupper($newfield['type']) . '(' . min(255, $newfield['size']) . ')';
                         if (isset($newfield['attribute'])) {
                             $dbType .= ' ' . $newfield['attribute'];
                             unset($newfield['attribute']);
                         }
                         break;
                     case 'varchar':
                         $dbType = strtoupper($newfield['type']) . '(' . min(255, $newfield['size']) . ')';
                         break;
                 }
                 if ($existng) {
                     if (strtoupper($database[$table][$name]['Type']) != $dbType || empty($database[$table][$name]['Comment'])) {
                         $cmd = ' CHANGE `' . $name . '`';
                     } else {
                         $cmd = NULL;
                     }
                     unset($database[$table][$name]);
                 } else {
                     $cmd = ' ADD COLUMN';
                 }
                 $sql = 'ALTER TABLE ' . prefix($newfield['table']) . $cmd . ' `' . $name . '` ' . $dbType;
                 if (isset($newfield['attribute'])) {
                     $sql .= ' ' . $newfield['attribute'];
                 }
                 if (isset($newfield['default'])) {
                     $sql .= ' DEFAULT ' . $newfield['default'];
                 }
                 $sql .= " COMMENT 'optional_{$me}'";
                 if ((!$cmd || setupQuery($sql)) && in_array($newfield['table'], array('albums', 'images', 'news', 'news_categories', 'pages'))) {
                     $fields[] = strtolower($newfield['name']);
                 }
                 $current[$newfield['table']][$newfield['name']] = $dbType;
             }
         }
         setOption(get_class($this) . '_addedFields', serialize($current));
         if (!empty($searchDefault)) {
             $fieldExtenderMutex = new zpMutex('fE');
             $fieldExtenderMutex->lock();
             $engine = new SearchEngine();
             $set_fields = $engine->allowedSearchFields();
             $set_fields = array_unique(array_merge($set_fields, $searchDefault));
             setOption('search_fields', implode(',', $set_fields));
             $fieldExtenderMutex->unlock();
         }
     } else {
         purgeOption(get_class($this) . '_addedFields');
     }
     foreach ($database as $table => $fields) {
         //drop fields no longer defined
         foreach ($fields as $field => $orphaned) {
             if ($orphaned['Comment'] == "optional_{$me}") {
                 $sql = 'ALTER TABLE ' . prefix($table) . ' DROP `' . $field . '`';
                 setupQuery($sql);
             }
         }
     }
 }
    }
}
printAdminHeader($_current_tab);
?>
<script type="text/javascript" src="js/farbtastic.js"></script>
<link rel="stylesheet" href="js/farbtastic.css" type="text/css" />
<?php 
if ($_zp_admin_subtab == 'gallery' || $_zp_admin_subtab == 'image') {
    if ($_zp_admin_subtab == 'image') {
        $table = 'images';
        $targetid = 'customimagesort';
    } else {
        $table = 'albums';
        $targetid = 'customalbumsort';
    }
    $result = db_list_fields($table);
    $dbfields = array();
    if ($result) {
        foreach ($result as $row) {
            $dbfields[] = "'" . $row['Field'] . "'";
        }
        sort($dbfields);
    }
    ?>
	<script type="text/javascript" src="js/encoder.js"></script>
	<script type="text/javascript" src="js/tag.js"></script>
	<script type="text/javascript">
						// <!-- <![CDATA[
						$(function () {
						$('#<?php 
    echo $targetid;
 /**
  * Searches the table for tags
  * Returns an array of database records.
  *
  * @param array $searchstring
  * @param string $tbl set DB table name to be searched
  * @param string $sorttype what to sort on
  * @param string $sortdirection what direction
  * @return array
  */
 protected function searchFieldsAndTags($searchstring, $tbl, $sorttype, $sortdirection)
 {
     global $_zp_gallery;
     $weights = $idlist = array();
     $sql = $allIDs = NULL;
     $tagPattern = $this->tagPattern;
     // create an array of [tag, objectid] pairs for tags
     $tag_objects = array();
     $fields = $this->fieldList;
     if (count($fields) == 0) {
         // then use the default ones
         $fields = $this->allowedSearchFields();
     }
     foreach ($fields as $key => $field) {
         switch ($field) {
             case 'news_categories':
                 if ($tbl != 'news') {
                     break;
                 }
                 unset($fields[$key]);
                 query('SET @serachfield="news_categories"');
                 $tagsql = 'SELECT @serachfield AS field, t.`title` AS name, o.`news_id` AS `objectid` FROM ' . prefix('news_categories') . ' AS t, ' . prefix('news2cat') . ' AS o WHERE t.`id`=o.`cat_id` AND (';
                 foreach ($searchstring as $singlesearchstring) {
                     switch ($singlesearchstring) {
                         case '&':
                         case '!':
                         case '|':
                         case '(':
                         case ')':
                             break;
                         case '*':
                             $targetfound = true;
                             $tagsql .= "COALESCE(title, '') != '' OR ";
                             break;
                         default:
                             $targetfound = true;
                             $tagsql .= '`title` = ' . db_quote($singlesearchstring) . ' OR ';
                     }
                 }
                 $tagsql = substr($tagsql, 0, strlen($tagsql) - 4) . ') ORDER BY t.`id`';
                 $objects = query_full_array($tagsql, false);
                 if (is_array($objects)) {
                     $tag_objects = $objects;
                 }
                 break;
             case 'tags_exact':
                 $tagPattern = array('type' => '=', 'open' => '', 'close' => '');
             case 'tags':
                 unset($fields[$key]);
                 query('SET @serachfield="tags"');
                 $tagsql = 'SELECT @serachfield AS field, t.`name`, o.`objectid` FROM ' . prefix('tags') . ' AS t, ' . prefix('obj_to_tag') . ' AS o WHERE t.`id`=o.`tagid` AND o.`type`="' . $tbl . '" AND (';
                 foreach ($searchstring as $singlesearchstring) {
                     switch ($singlesearchstring) {
                         case '&':
                         case '!':
                         case '|':
                         case '(':
                         case ')':
                             break;
                         case '*':
                             query('SET @emptyfield="*"');
                             $tagsql = str_replace('t.`name`', '@emptyfield as name', $tagsql);
                             $tagsql .= "t.`name` IS NOT NULL OR ";
                             break;
                         default:
                             $targetfound = true;
                             if ($tagPattern['type'] == 'like') {
                                 $target = db_LIKE_escape($singlesearchstring);
                             } else {
                                 $target = $singlesearchstring;
                             }
                             $tagsql .= 't.`name` ' . strtoupper($tagPattern['type']) . ' ' . db_quote($tagPattern['open'] . $target . $tagPattern['close']) . ' OR ';
                     }
                 }
                 $tagsql = substr($tagsql, 0, strlen($tagsql) - 4) . ') ORDER BY t.`id`';
                 $objects = query_full_array($tagsql, false);
                 if (is_array($objects)) {
                     $tag_objects = array_merge($tag_objects, $objects);
                 }
                 break;
             default:
                 break;
         }
     }
     // create an array of [name, objectid] pairs for the search fields.
     $field_objects = array();
     if (count($fields) > 0) {
         $columns = array();
         $dbfields = db_list_fields($tbl);
         if (is_array($dbfields)) {
             foreach ($dbfields as $row) {
                 $columns[] = strtolower($row['Field']);
             }
         }
         foreach ($searchstring as $singlesearchstring) {
             switch ($singlesearchstring) {
                 case '!':
                 case '&':
                 case '|':
                 case '(':
                 case ')':
                     break;
                 default:
                     $targetfound = true;
                     query('SET @serachtarget=' . db_quote($singlesearchstring));
                     foreach ($fields as $fieldname) {
                         if ($tbl == 'albums' && strtolower($fieldname) == 'filename') {
                             $fieldname = 'folder';
                         } else {
                             $fieldname = strtolower($fieldname);
                         }
                         if ($fieldname && in_array($fieldname, $columns)) {
                             query('SET @serachfield=' . db_quote($fieldname));
                             switch ($singlesearchstring) {
                                 case '*':
                                     $sql = 'SELECT @serachtarget AS name, @serachfield AS field, `id` AS `objectid` FROM ' . prefix($tbl) . ' WHERE (' . "COALESCE(`{$fieldname}`, '') != ''" . ') ORDER BY `id`';
                                     break;
                                 default:
                                     if ($this->pattern['type'] == 'like') {
                                         $target = db_LIKE_escape($singlesearchstring);
                                     } else {
                                         $target = $singlesearchstring;
                                     }
                                     $fieldsql = ' `' . $fieldname . '` ' . strtoupper($this->pattern['type']) . ' ' . db_quote($this->pattern['open'] . $target . $this->pattern['close']);
                                     $sql = 'SELECT @serachtarget AS name, @serachfield AS field, `id` AS `objectid` FROM ' . prefix($tbl) . ' WHERE (' . $fieldsql . ') ORDER BY `id`';
                             }
                             $objects = query_full_array($sql, false);
                             if (is_array($objects)) {
                                 $field_objects = array_merge($field_objects, $objects);
                             }
                         }
                     }
             }
         }
     }
     // now do the boolean logic of the search string
     $exact = $tagPattern['type'] == '=';
     $objects = array_merge($tag_objects, $field_objects);
     if (count($objects) != 0) {
         $tagid = '';
         $taglist = array();
         foreach ($objects as $object) {
             $tagid = strtolower($object['name']);
             if (!isset($taglist[$tagid]) || !is_array($taglist[$tagid])) {
                 $taglist[$tagid] = array();
             }
             $taglist[$tagid][] = $object['objectid'];
         }
         $op = '';
         $idstack = array();
         $opstack = array();
         while (count($searchstring) > 0) {
             $singlesearchstring = array_shift($searchstring);
             switch ($singlesearchstring) {
                 case '&':
                 case '!':
                 case '|':
                     $op = $op . $singlesearchstring;
                     break;
                 case '(':
                     array_push($idstack, $idlist);
                     array_push($opstack, $op);
                     $idlist = array();
                     $op = '';
                     break;
                 case ')':
                     $objectid = $idlist;
                     $idlist = array_pop($idstack);
                     $op = array_pop($opstack);
                     switch ($op) {
                         case '&':
                             if (is_array($objectid)) {
                                 $idlist = array_intersect($idlist, $objectid);
                             } else {
                                 $idlist = array();
                             }
                             break;
                         case '!':
                             break;
                             // Paren followed by NOT is nonsensical?
                         // Paren followed by NOT is nonsensical?
                         case '&!':
                             if (is_array($objectid)) {
                                 $idlist = array_diff($idlist, $objectid);
                             }
                             break;
                         case '':
                         case '|':
                             if (is_array($objectid)) {
                                 $idlist = array_merge($idlist, $objectid);
                             }
                             break;
                     }
                     $op = '';
                     break;
                 default:
                     $lookfor = strtolower($singlesearchstring);
                     $objectid = NULL;
                     foreach ($taglist as $key => $objlist) {
                         if ($exact && $lookfor == $key || !$exact && preg_match('|' . preg_quote($lookfor) . '|', $key)) {
                             if (is_array($objectid)) {
                                 $objectid = array_merge($objectid, $objlist);
                             } else {
                                 $objectid = $objlist;
                             }
                         }
                     }
                     switch ($op) {
                         case '&':
                             if (is_array($objectid)) {
                                 $idlist = array_intersect($idlist, $objectid);
                             } else {
                                 $idlist = array();
                             }
                             break;
                         case '!':
                             if (is_null($allIDs)) {
                                 $allIDs = array();
                                 $result = query("SELECT `id` FROM " . prefix($tbl));
                                 if ($result) {
                                     while ($row = db_fetch_assoc($result)) {
                                         $allIDs[] = $row['id'];
                                     }
                                     db_free_result($result);
                                 }
                             }
                             if (is_array($objectid)) {
                                 $idlist = array_merge($idlist, array_diff($allIDs, $objectid));
                             }
                             break;
                         case '&!':
                             if (is_array($objectid)) {
                                 $idlist = array_diff($idlist, $objectid);
                             }
                             break;
                         case '':
                         case '|':
                             if (is_array($objectid)) {
                                 $idlist = array_merge($idlist, $objectid);
                             }
                             break;
                     }
                     $op = '';
                     break;
             }
         }
     }
     // we now have an id list of the items that were found and will create the SQL Search to retrieve their records
     if (count($idlist) > 0) {
         $weights = array_count_values($idlist);
         arsort($weights, SORT_NUMERIC);
         $sql = 'SELECT DISTINCT `id`,`show`,';
         switch ($tbl) {
             case 'news':
                 if ($this->search_unpublished || zp_loggedin(MANAGE_ALL_NEWS_RIGHTS)) {
                     $show = '';
                 } else {
                     $show = "`show` = 1 AND ";
                 }
                 $sql .= '`titlelink` ';
                 if (is_array($this->category_list)) {
                     $news_list = $this->subsetNewsCategories();
                     $idlist = array_intersect($news_list, $idlist);
                     if (count($idlist) == 0) {
                         return array(false, array());
                     }
                 }
                 if (empty($sorttype)) {
                     $key = '`date` DESC';
                 } else {
                     $key = trim($sorttype . $sortdirection);
                 }
                 if ($show) {
                     $show .= '`date`<=' . db_quote(date('Y-m-d H:i:s')) . ' AND ';
                 }
                 break;
             case 'pages':
                 if (zp_loggedin(MANAGE_ALL_PAGES_RIGHTS)) {
                     $show = '';
                 } else {
                     $show = "`show` = 1 AND ";
                 }
                 $sql .= '`titlelink` ';
                 if ($show) {
                     $show .= '`date`<=' . db_quote(date('Y-m-d H:i:s')) . ' AND ';
                 }
                 $key = '`sort_order`';
                 break;
             case 'albums':
                 if ($this->search_unpublished || zp_loggedin()) {
                     $show = '';
                 } else {
                     $show = "`show` = 1 AND ";
                 }
                 $sql .= "`folder`, `title` ";
                 if (is_null($sorttype)) {
                     if (empty($this->album)) {
                         list($key, $sortdirection) = $this->sortKey($_zp_gallery->getSortType(), $sortdirection, 'title', 'albums');
                         if ($_zp_gallery->getSortDirection()) {
                             $key .= " DESC";
                         }
                     } else {
                         $key = $this->album->getAlbumSortKey();
                         if ($key != '`sort_order`' && $key != 'RAND()') {
                             if ($this->album->getSortDirection('album')) {
                                 $key .= " DESC";
                             }
                         }
                     }
                 } else {
                     list($key, $sortdirection) = $this->sortKey($sorttype, $sortdirection, 'title', 'albums');
                     $key = trim($key . ' ' . $sortdirection);
                 }
                 break;
             default:
                 // images
                 if ($this->search_unpublished || zp_loggedin()) {
                     $show = '';
                 } else {
                     $show = "`show` = 1 AND ";
                 }
                 $sql .= "`albumid`, `filename`, `title` ";
                 if (is_null($sorttype)) {
                     if (empty($this->album)) {
                         list($key, $sortdirection) = $this->sortKey($sorttype, $sortdirection, 'title', 'images');
                         if ($sortdirection) {
                             $key .= " DESC";
                         }
                     } else {
                         $key = $this->album->getImageSortKey();
                         if ($key != '`sort_order`') {
                             if ($this->album->getSortDirection('image')) {
                                 $key .= " DESC";
                             }
                         }
                     }
                 } else {
                     list($key, $sortdirection) = $this->sortKey($sorttype, $sortdirection, 'title', 'images');
                     $key = trim($key . ' ' . $sortdirection);
                 }
                 break;
         }
         $sql .= "FROM " . prefix($tbl) . " WHERE " . $show;
         $sql .= '(' . self::compressedIDList($idlist) . ')';
         $sql .= " ORDER BY " . $key;
         return array($sql, $weights);
     }
     return array(false, array());
 }
 if ($resource) {
     $result = array();
     while ($row = db_fetch_assoc($resource)) {
         $result[] = $row;
     }
 } else {
     $result = false;
 }
 $tables = array();
 $table_cleared = array();
 if (is_array($result)) {
     foreach ($result as $row) {
         $table = array_shift($row);
         $tables[$table] = array();
         $table_cleared[$table] = false;
         $result2 = db_list_fields(str_replace($prefix, '', $table));
         if (is_array($result2)) {
             foreach ($result2 as $row) {
                 $tables[$table][] = $row['Field'];
             }
         }
     }
 }
 $success = 0;
 $string = getrow($handle);
 while (substr($string, 0, strlen(HEADER)) == HEADER) {
     $string = substr($string, strlen(HEADER));
     $i = strpos($string, '=');
     $type = substr($string, 0, $i);
     $what = substr($string, $i + 1);
     switch ($type) {
    echo str_replace($prefix, '', $table);
    ?>
</a></h3>
	<table id = "t_<?php 
    echo $i;
    ?>
" class="bordered" <?php 
    if ($i > 1) {
        ?>
style="display: none;" <?php 
    }
    ?>
>
		<tr>
			<?php 
    $cols = $tablecols = db_list_fields(str_replace($prefix, '', $table), true);
    $cols = array_shift($cols);
    foreach ($cols as $col => $value) {
        ?>
				 <th><?php 
        echo $col;
        ?>
</th>
				 <?php 
    }
    ?>
		</tr>
		<?php 
    //echo "<pre>"; print_r($tablecols); echo "</pre>";
    $rowcount = 0;
    foreach ($tablecols as $col) {
Exemple #12
0
 $fieldlist = array();
 if (strpos($tableslist, $_zp_conf_vars['mysql_prefix'] . 'images') !== false) {
     $columns = db_list_fields('images');
     if ($columns) {
         foreach ($columns as $col => $utf8) {
             if (!is_null($row['Collation']) && $row['Collation'] != 'utf8_unicode_ci') {
                 $fields = $fields | 1;
                 $fieldlist[] = '<code>images->' . $col . '</code>';
             }
         }
     } else {
         $fields = 4;
     }
 }
 if (strpos($tableslist, $_zp_conf_vars['mysql_prefix'] . 'albums') !== false) {
     $columns = db_list_fields('albums');
     if ($columns) {
         foreach ($columns as $col => $utf8) {
             if (!is_null($row['Collation']) && $row['Collation'] != 'utf8_unicode_ci') {
                 $fields = $fields | 2;
                 $fieldlist[] = '<code>albums->' . $col . '</code>';
             }
         }
     } else {
         $fields = 4;
     }
 }
 $err = -1;
 switch ($fields) {
     case 0:
         // all is well
Exemple #13
0
/**
 * Returns a sort field part for querying
 * Note: $sorttype may be a comma separated list of field names. If so,
 *       these are peckmarked and returned otherwise unchanged.
 *
 * @param string $sorttype the 'Display" name of the sort
 * @param string $default the default if $sorttype is empty
 * @param string $table the database table being used.
 * @return string
 */
function lookupSortKey($sorttype, $default, $table)
{
    global $_zp_fieldLists;
    switch (strtolower($sorttype)) {
        case 'random':
            return 'RAND()';
        case "manual":
            return 'sort_order';
        case "filename":
            switch ($table) {
                case 'images':
                    return 'filename';
                case 'albums':
                    return 'folder';
            }
        default:
            if (empty($sorttype)) {
                return $default;
            }
            if (substr($sorttype, 0) == '(') {
                return $sorttype;
            }
            if (is_array($_zp_fieldLists) && isset($_zp_fieldLists[$table])) {
                $dbfields = $_zp_fieldLists[$table];
            } else {
                $result = db_list_fields($table);
                $dbfields = array();
                if ($result) {
                    foreach ($result as $row) {
                        $dbfields[strtolower($row['Field'])] = $row['Field'];
                    }
                }
                $_zp_fieldLists[$table] = $dbfields;
            }
            $sorttype = strtolower($sorttype);
            $list = explode(',', $sorttype);
            $fields = array();
            // Critical for preventing SQL injection: only return parts of
            // the custom sort that are exactly equal to database fields.
            foreach ($list as $key => $field) {
                $field = trim($field);
                if (array_key_exists($field, $dbfields)) {
                    $fields[$key] = trim($dbfields[$field]);
                }
            }
            return implode(',', $fields);
    }
}
Exemple #14
0
 function __construct()
 {
     if (OFFSET_PATH == 2) {
         $present = array('albums' => 0, 'images' => 0, 'news' => 0, 'pages' => 0, 'news_categories' => 0);
         foreach ($present as $table => $v) {
             $tablecols = db_list_fields($table);
             foreach ($tablecols as $key => $datum) {
                 if ($datum['Field'] == 'custom_data') {
                     $present[$table] = 1 + (int) (!empty($datum['Comment']));
                 }
             }
         }
         if (extensionEnabled('customdata')) {
             setOptionDefault('customDataAlbums', $present['albums']);
             setOptionDefault('customDataImages', $present['images']);
             setOptionDefault('customDataNews', $present['news']);
             setOptionDefault('customDataPages', $present['pages']);
             setOptionDefault('customDataCategories', $present['news_categories']);
         } else {
             purgeOption('customDataAlbums');
             purgeOption('customDataImages');
             purgeOption('customDataNews');
             purgeOption('customDataPages');
             purgeOption('customDataCategories');
         }
         if (getOption('customDataAlbums')) {
             if (!$present['albums']) {
                 setupQuery('ALTER TABLE ' . prefix('albums') . " ADD COLUMN `custom_data` TEXT COMMENT 'optional_customData'");
             }
         } else {
             if ($present['albums']) {
                 setupQuery('ALTER TABLE ' . prefix('albums') . ' DROP `custom_data`');
             }
         }
         if (getOption('customDataImages')) {
             if (!$present['images']) {
                 setupQuery('ALTER TABLE ' . prefix('images') . " ADD COLUMN `custom_data` TEXT COMMENT 'optional_customData'");
             }
         } else {
             if ($present['images']) {
                 setupQuery('ALTER TABLE ' . prefix('images') . ' DROP `custom_data`');
             }
         }
         if (getOption('customDataNews')) {
             if (!$present['news']) {
                 setupQuery('ALTER TABLE ' . prefix('news') . " ADD COLUMN `custom_data` TEXT COMMENT 'optional_customData'");
             }
         } else {
             if ($present['news']) {
                 setupQuery('ALTER TABLE ' . prefix('news') . ' DROP `custom_data`');
             }
         }
         if (getOption('customDataPages')) {
             if (!$present['pages']) {
                 setupQuery('ALTER TABLE ' . prefix('pages') . " ADD COLUMN `custom_data` TEXT COMMENT 'optional_customData'");
             }
         } else {
             if ($present['pages']) {
                 setupQuery('ALTER TABLE ' . prefix('pages') . ' DROP `custom_data`');
             }
         }
         if (getOption('customDataCategories')) {
             if (!$present['news_categories']) {
                 setupQuery('ALTER TABLE ' . prefix('news_categories') . " ADD COLUMN `custom_data` TEXT COMMENT 'optional_customData'");
             }
         } else {
             if ($present['news_categories']) {
                 setupQuery('ALTER TABLE ' . prefix('news_categories') . ' DROP `custom_data`');
             }
         }
     }
 }
Exemple #15
0
/**
 * Returns a sort field part for querying
 * Note: $sorttype may be a comma separated list of field names. If so,
 *       these are peckmarked and returned otherwise unchanged.
 *
 * @param string $sorttype the 'Display" name of the sort
 * @param string $default the default if $sorttype is empty
 * @param string $table the database table being used.
 * @return string
 */
function lookupSortKey($sorttype, $default, $table)
{
    global $_zp_fieldLists;
    switch (strtolower($sorttype)) {
        case 'random':
            return 'RAND()';
        case "manual":
            return '`sort_order`';
        case "filename":
            switch ($table) {
                case 'images':
                    return '`filename`';
                case 'albums':
                    return '`folder`';
            }
        default:
            if (empty($sorttype)) {
                return '`' . $default . '`';
            }
            if (substr($sorttype, 0) == '(') {
                return $sorttype;
            }
            if (is_array($_zp_fieldLists) && isset($_zp_fieldLists[$table])) {
                $dbfields = $_zp_fieldLists[$table];
            } else {
                $result = db_list_fields($table);
                $dbfields = array();
                if ($result) {
                    foreach ($result as $row) {
                        $dbfields[strtolower($row['Field'])] = $row['Field'];
                    }
                }
                $_zp_fieldLists[$table] = $dbfields;
            }
            $sorttype = strtolower($sorttype);
            $list = explode(',', $sorttype);
            foreach ($list as $key => $field) {
                if (array_key_exists($field, $dbfields)) {
                    $list[$key] = '`' . trim($dbfields[$field]) . '`';
                }
            }
            return implode(',', $list);
    }
}
Exemple #16
0
function db_fetch_one($sql, $bind = null)
{
    $query = is_string($sql) ? db_query($sql, $bind) : $sql;
    $data = null;
    if ($query) {
        if ($query instanceof mysqli_stmt) {
            $vars = db_list_fields($query);
            $size = count($vars);
            $args = $vars;
            for ($i = 0; $i < $size; $i++) {
                $args[$i] =& $args[$i];
            }
            call_user_func_array('mysqli_stmt_bind_result', array_merge(array($query), $args));
            if (mysqli_stmt_fetch($query)) {
                $data = array();
                for ($i = 0; $i < $size; $i++) {
                    $data[$vars[$i]] = $args[$i];
                }
            }
        } else {
            $data = mysqli_fetch_array($query, MYSQLI_ASSOC);
        }
        db_free_result($query);
    }
    return $data;
}
    echo $table;
    ?>
</a></h3>
					<table id = "t_<?php 
    echo $i;
    ?>
" class="bordered" <?php 
    if ($i > 1) {
        ?>
style="display: none;" <?php 
    }
    ?>
>
						<tr>
							<?php 
    $cols = $tablecols = db_list_fields($table);
    $cols = array_shift($cols);
    foreach ($cols as $col => $value) {
        ?>
								<th><?php 
        echo $col;
        ?>
</th>
								<?php 
    }
    ?>
						</tr>
						<?php 
    $rowcount = 0;
    foreach ($tablecols as $col) {
        $rowcount++;
Exemple #18
0
function setBackup()
{
    global $dbname, $dbh;
    global $PARAM, $SUBS, $MSG, $MONTHS;
    if (!is_dir(getAdmSetting('BACKUP_DIR'))) {
        MkDir(getAdmSetting('BACKUP_DIR'), 0777);
    }
    if ($PARAM['upload'] == 1) {
        global $bckFile, $bckFile_name;
        if ($bckFile_name == '') {
            $SUBS['ERROR'] = $MSG[20108];
            $SUBS['BACKUP_ERROR'] = fileParse('_admin_error.htmlt');
        } else {
            if (!($UPLOAD = @file($bckFile))) {
                setLogAndStatus("Reading", $bckFile, 0, "setBackup()", 'READ_UPLOAD');
            }
            $file = date('d F Y H_i_s');
            $filename = getAdmSetting('BACKUP_DIR') . "/{$file}.sql";
            $upload = '## ' . $MSG[20109] . date(' d F Y H:i:s') . "\n";
            $upload .= "## {$MSG['20110']} {$bckFile_name}\n";
            $upload .= join('', $UPLOAD);
            if (!($fp = fopen($filename, 'w'))) {
                setLogAndStatus("Opening", $filename, 0, "setBackup()", 'OPEN_FILE');
            }
            fwrite($fp, $upload);
            fclose($fp);
            $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20050";
            printPage('_admin_done.htmlt');
            return;
        }
    }
    //export database backup
    if ($PARAM['export'] == 1) {
        $file = date('d F Y H_i_s');
        $filename = getAdmSetting('BACKUP_DIR') . "/{$file}.sql";
        if (!($fp = fopen($filename, 'w'))) {
            setLogAndStatus("Opening", 0, $filename, "setBackup()", 'OPEN_FILE');
        }
        //write comments if any
        if ($PARAM['bckComments'] != '') {
            $comments = '##' . ereg_replace("\n", "\n##", $PARAM['bckComments']) . "\n";
            fwrite($fp, $comments);
        }
        if (!($res = db_list_tables($dbname, $dbh))) {
            setLogAndStatus("db_list_tables()", 0, $dbname, "setBackup()", 'LIST_TABLES');
        }
        $num_tables = db_num_rows($res);
        $i = 0;
        while ($i < $num_tables) {
            $table = db_tablename($res, $i);
            $fields = db_list_fields($dbname, $table, $dbh);
            $columns = db_num_fields($fields);
            $tablelist = '';
            for ($j = 0; $j < $columns; $j++) {
                if ($columns - $j == 1) {
                    $tablelist .= db_field_name($fields, $j);
                } else {
                    $tablelist .= db_field_name($fields, $j) . ',';
                }
            }
            $schema = "REPLACE INTO {$table} ({$tablelist}) VALUES (";
            $query = "SELECT * FROM {$dbname}.{$table}";
            $result = runQuery($query, 'setBackup()', 'SELECT_TABLES');
            while ($row = db_fetch_row($result)) {
                $schema_insert = '';
                for ($j = 0; $j < $columns; $j++) {
                    if (!isset($row[$j])) {
                        $schema_insert .= ' NULL,';
                    } else {
                        $schema_insert .= ' ' . dbQuote($row[$j]) . ',';
                    }
                }
                $schema_insert = $schema . ereg_replace(',$', '', $schema_insert);
                $schema_insert .= ");\r\n";
                fwrite($fp, $schema_insert);
            }
            $i++;
        }
        fclose($fp);
        // the ZIP thing --------------------
        $fp = fopen($filename, "rb");
        $data = fread($fp, filesize($filename));
        fclose($fp);
        $name = array(baseName($filename));
        $data = array($data);
        $content = makezip($name, $data);
        $fp = fopen('./zip/' . basename($filename) . '.ZIP', "wb");
        fputs($fp, $content);
        fclose($fp);
        // the ZIP thing --------------------
        $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20052";
        printPage('_admin_done.htmlt');
        return;
    }
    //prepare for import or delete
    $backups = opendir(getAdmSetting('BACKUP_DIR'));
    while (($file = readdir($backups)) != false) {
        if (!is_dir($file)) {
            $BCKUPS[eregi_replace('[^a-z0-9]', '_', $file)] = getAdmSetting('BACKUP_DIR') . "/{$file}";
        }
    }
    closedir($backups);
    reset($PARAM);
    while (list($k, $v) = each($PARAM)) {
        if (ereg('^bck_(.*)$', $k, $R)) {
            $BACKUPS[] = $R[1];
        }
    }
    reset($PARAM);
    //delete backups
    if ($PARAM['delete'] == 1) {
        if (count($BACKUPS) == 0) {
            $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20008";
            printPage('_admin_done.htmlt');
            return;
        }
        for ($i = 0; $i < count($BACKUPS); $i++) {
            if (!@unlink($BCKUPS[$BACKUPS[$i]])) {
                setLogAndStatus("Deleting", $BCKUPS[$BACKUPS[$i]], "setBackup()", 'DEL_BACKUP');
            }
        }
        $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20054";
        printPage('_admin_done.htmlt');
        return;
    }
    //import database backup
    if ($PARAM['import'] == 1) {
        if (count($BACKUPS) > 1) {
            $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20053";
            printPage('_admin_done.htmlt');
            return;
        }
        if (count($BACKUPS) == 0) {
            $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20008";
            printPage('_admin_done.htmlt');
            return;
        }
        //get backup file
        $file = fread(fopen($BCKUPS[$BACKUPS[0]], 'r'), filesize($BCKUPS[$BACKUPS[0]]));
        ////---- [Mrasnika's] Edition 21.03.2002
        split_sql_file($BACKUP, $file);
        //reset tables
        if (!($res = db_list_tables($dbname, $dbh))) {
            setLogAndStatus("db_list_tables()", 1, $dbname, "databaseBackup()", 'LIST_TABLES_2');
        }
        $num_tables = db_num_rows($res);
        $i = 0;
        while ($i < $num_tables) {
            $table = db_tablename($res, $i);
            $query = "DELETE FROM {$dbname}.{$table}";
            $result = runQuery($query, 'setBackup()', 'RESET_TABLES');
            $i++;
        }
        //fill tables
        while (list($k, $query) = each($BACKUP)) {
            if (!ereg('^#', $query)) {
                if (!($result = db_query($query, $dbh))) {
                    setLogAndStatus($query, db_errno($dbh), db_error($dbh), "databaseBackup()", 'RESTORE_DB');
                    $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20055";
                    printPage('_admin_done.htmlt');
                    return;
                }
            }
        }
        $SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20056";
        printPage('_admin_done.htmlt');
        return;
    }
    $backups = opendir(getAdmSetting('BACKUP_DIR'));
    $last = 0;
    while (($file = readdir($backups)) != false) {
        if (!is_dir($file)) {
            $date = stat(getAdmSetting('BACKUP_DIR') . "/{$file}");
            if ($last < $date[9]) {
                $month = intval(date('m'));
                $SUBS['LAST'] = $MSG[20051] . date(' d ', $date[9]) . $MONTHS[$month] . date(' Y H.i.s', $date[9]);
            }
            $SUBS['SIZE'] = sprintf('%0.2f KB', $date[7] / 1024);
            $SUBS['NAME'] = eregi_replace('_', ':', $file);
            $SUBS['CHECK'] = eregi_replace('[^a-z0-9]', '_', $file);
            //checkbox name
            $SUBS['WHERE'] = getAdmSetting('BACKUP_DIR') . "/{$file}";
            if (!($BACKUP = @file(getAdmSetting('BACKUP_DIR') . "/{$file}"))) {
                setLogAndStatus("Reading", 0, getAdmSetting('BACKUP_DIR') . "/{$file}", "setBackup()", 'READ_FILE');
            }
            $comments = '';
            //get comments from the beginning of the file
            for ($i = 0; $i < count($BACKUP); $i++) {
                if (eregi('^##(.*)$', $BACKUP[$i], $R)) {
                    $comments .= $R[1];
                }
            }
            if ($comments != '') {
                $SUBS['COMMENTS'] = ' &nbsp; ' . ereg_replace("\n", '<BR> &nbsp; ', htmlEncode($comments));
                $SUBS['COMMENTS'] = ereg_replace('<BR> &nbsp; $', '', $SUBS['COMMENTS']);
            } else {
                $SUBS['COMMENTS'] = '';
            }
            $SUBS['BACKUPS'] .= fileParse('_admin_backup_row.htmlt');
        }
    }
    closedir($backups);
    if ($PARAM['err'] != '') {
        $SUBS['ERROR'] = $MSG[$PARAM['err']];
        $SUBS['BACKUP_ERROR'] = fileParse('_admin_error.htmlt');
    }
    printPage('_admin_backup.htmlt');
}
Exemple #19
0
 /**
  * Load the data array from the database, using the unique id set to get the unique record.
  *
  * @param bool $allowCreate set to true to enable new object creation.
  * @return false if the record already exists, true if a new record was created.
  */
 private function load($allowCreate)
 {
     $new = $entry = null;
     // First, try the cache.
     if ($this->use_cache) {
         $entry = $this->getFromCache();
     }
     // Check the database if: 1) not using cache, or 2) didn't get a hit.
     if (empty($entry) && !$this->transient) {
         $sql = 'SELECT * FROM ' . prefix($this->table) . getWhereClause($this->unique_set) . ' LIMIT 1;';
         $entry = query_single_row($sql, false);
         // Save this entry into the cache so we get a hit next time.
         if ($entry) {
             $this->addToCache($entry);
         }
     }
     // If we don't have an entry yet, this is a new record. Create it.
     if (empty($entry)) {
         if ($this->transient || !$allowCreate) {
             // no don't save it in the DB!
             //	populate $this->data so that the set method will work correctly
             $result = db_list_fields($this->table);
             if ($result) {
                 foreach ($result as $row) {
                     $this->data[$row['Field']] = NULL;
                 }
             }
             if ($allowCreate) {
                 $entry = array_merge($this->data, $this->unique_set);
                 $entry['id'] = 0;
                 $this->addToCache($entry);
             } else {
                 return NULL;
                 // does not exist and we are not allowed to create it
             }
         } else {
             $new = true;
             $this->save();
             $entry = query_single_row($sql);
             // If we still don't have an entry, something went wrong...
             if (!$entry) {
                 return null;
             }
             // Save this new entry into the cache so we get a hit next time.
             $this->addToCache($entry);
         }
     }
     $this->data = $entry;
     $this->id = (int) $entry['id'];
     $this->loaded = true;
     return $new;
 }