/** * Perform database backup * * @return string HTML success or error message * */ function DBADMIN_backup() { global $_CONF, $LANG08, $LANG_DB_BACKUP, $MESSAGE, $_IMAGE_TYPE, $_DB_host, $_DB_name, $_DB_user, $_DB_pass; $retval = ''; $backup = new dbBackup(); $backup->perform_backup(); $backup->Purge(); $retval .= DBADMIN_list(); return $retval; }
$tables = explode('|', $_POST['groupmembers']); $items['lglib_dbback_exclude'] = DB_escapeString(@serialize($tables)); $items['lglib_dbback_files'] = (int) $_POST['db_backup_maxfiles']; if (isset($_POST['disable_cron'])) { $str = '-1'; } else { $str = (int) $_POST['db_backup_interval']; } $items['lglib_dbback_cron'] = $str; $items['lglib_dbback_gzip'] = isset($_POST['use_gzip']) ? 1 : 0; foreach ($items as $name => $value) { $sql = "INSERT INTO {$_TABLES['vars']} (name, value)\n VALUES ('{$name}', '{$value}')\n ON DUPLICATE KEY UPDATE value='{$value}'"; DB_query($sql); } break; } switch ($view) { case 'config': $content .= DBADMIN_configBackup(); break; case 'none': break; default: SEC_createToken(); $content .= DBADMIN_list(); break; } $display .= COM_siteHeader('menu', $pi_title); $display .= $content; $display .= COM_siteFooter(); echo $display;
if (isset($_GET['file'])) { $file = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', COM_applyFilter($_GET['file'])); $file = str_replace('..', '', $file); if (!file_exists($_CONF['backup_path'] . $file)) { $file = ''; } } if (!empty($file)) { DBADMIN_download($file); exit; } break; case 'delete': if (isset($_POST['delitem']) and SEC_checkToken()) { foreach ($_POST['delitem'] as $delfile) { $file = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', COM_applyFilter($delfile)); $file = str_replace('..', '', $file); if (!@unlink($_CONF['backup_path'] . $file)) { COM_errorLog('Unable to remove backup file "' . $file . '"'); } } } else { COM_accessLog("User {$_USER['username']} tried to illegally delete database backup(s) and failed CSRF checks."); echo COM_refresh($_CONF['site_admin_url'] . '/index.php'); } break; } $display .= COM_siteHeader('menu', $LANG_DB_BACKUP['last_ten_backups']); $display .= DBADMIN_list(); $display .= COM_siteFooter(); echo $display;