$do = 0; if (isset($_POST['sqlfile']) && isset($_GET["do"]) && $_GET["do"] == "upgrade") { $file = str_replace('inc/showsql.php?f=', '', slweg($_POST['sqlfile'])); if (file_exists("update_sql/" . $file)) { $do = 1; } } if ($do) { @mysql_query('SET storage_engine=MYISAM', $db); if ($phpwcms['db_version'] > 40100) { $value = "SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO'"; @mysql_query($value, $db); $value = "SET NAMES '" . $phpwcms['db_charset'] . "'" . (empty($phpwcms['db_collation']) ? '' : " COLLATE '" . $phpwcms['db_collation'] . "'"); @mysql_query($value, $db); } $sql_data = read_textfile("update_sql/" . $file); $sql_data = preg_replace("/#.*.\n/", "", $sql_data); $sql_data = preg_replace("/ `phpwcms/", " `" . DB_PREPEND . "phpwcms", $sql_data); $sql = explode(";", $sql_data); echo '<div id="license" style="width:550px">'; echo '<p><a href="upgrade.php">Chosse another SQL file...</a></p>'; echo '<pre>'; foreach ($sql as $key => $value) { $value = trim($value); if (!$value) { unset($sql[$key]); } else { if ($phpwcms['db_version'] > 40100 && $phpwcms['db_charset'] == 'utf8') { $value = utf8_encode($value); } if (!mysql_query($value)) {
/** * phpwcms content management system * * @author Oliver Georgi <*****@*****.**> * @copyright Copyright (c) 2002-2015, Oliver Georgi * @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2 * @link http://www.phpwcms.de * **/ // ---------------------------------------------------------------- // obligate check for phpwcms constants if (!defined('PHPWCMS_ROOT')) { die("You Cannot Access This Script Directly, Have a Nice Day."); } // ---------------------------------------------------------------- $frontend_css = read_textfile(PHPWCMS_TEMPLATE . "inc_css/frontend.css"); //reads the css template $frontend_css = $frontend_css ? html($frontend_css) : ""; ?> <form action="include/inc_act/act_frontendcss.php" method="post" name="css" target="_self"><table width="538" border="0" cellpadding="0" cellspacing="0" summary=""> <tr> <td colspan="2" class="title"><?php echo $BL['be_admin_css_title']; ?> </td> </tr> <tr> <td width="35"><img src="img/leer.gif" alt="" width="35" height="4"></td> <td width="503"><img src="img/leer.gif" alt="" width="1" height="1"></td> </tr>
$mail->setFrom($recipient, $phpwcms['SMTP_FROM_NAME']); $mail->AddReplyTo($recipient); } $mail->clearAddresses(); $mail->addAddress($recipient); if (!$mail->send()) { $false .= '(2) ' . html($mail->ErrorInfo) . '<br>'; } $mail->smtpClose(); if (isset($redirect) && !$false) { headerRedirect($redirect); } else { //Success show form success template $table = ""; if ($false) { $table .= '<tr bgcolor="#F4F4F4">'; $table .= "<td>Mailer Error:</td>"; $table .= "<td>" . $false . "</td>"; $table .= "</tr>\n"; } foreach ($form as $key => $value) { $table .= "<tr bgcolor=\"#F4F4F4\">"; $table .= "<td>" . html($key) . "</td>"; $table .= "<td>" . html($value) . "</td>"; $table .= "</tr>\n"; } $success_template = read_textfile(PHPWCMS_ROOT . '/include/inc_lang/formmailer/' . $lang . '_formmailer.success.html'); $success_template = str_replace("<!-- RESULT //-->", $table, $success_template); echo $success_template; } }
function include_url($url) { // include given URL but only take content between <body></body> global $include_urlparts; if (is_string($url)) { $url = array(1 => $url); } elseif (!isset($url[1])) { return ''; } $k = ''; $url = trim($url[1]); $url = explode(' ', $url); $cache = isset($url[1]) ? intval(str_replace('CACHE=', '', strtoupper($url[1]))) : 0; $url = $url[0]; $cache_status = 'MISSING'; if ($url && $cache) { $cache_filename = md5($url) . '-url'; // set cache file name $cache_file = PHPWCMS_CONTENT . 'tmp/' . $cache_filename; // set caching file $cache_status = check_cache($cache_file, $cache); // ceck existence if ($cache_status == 'VALID') { // read cache $k = read_textfile($cache_file); $k = trim($k); if (empty($k)) { $cache_status == 'EXPIRED'; // check if cache content is available } } } if ($cache_status != 'VALID' && $url) { // cache file is missing or outdated $include_urlparts = parse_url($url); if (!empty($include_urlparts['path'])) { $include_urlparts['path'] = dirname($include_urlparts['path']); $include_urlparts['path'] = str_replace('\\', '/', $include_urlparts['path']); } $k = @file_get_contents($url); if ($k) { // now check against charset if (preg_match('/charset=(.*?)"/i', $k, $match)) { $charset = $match[1]; $charset = str_replace(array('"', "'", '/'), '', $charset); $charset = strtolower(trim($charset)); } elseif (preg_match('/http-equiv="{0,1}Content-Type"{0,1}\\s{1,}(content="{0,1}.*?"{0,1}.{0,3}>)/i', $k, $match)) { $charset = ''; if (!empty($match[1])) { $charset = strtolower($match[1]); $charset = trim(str_replace(array('"', "'", '/', 'content=', ' ', '>'), '', $charset)); } } else { $charset = false; } if (preg_match('/<body[^>]*?' . '>(.*)<\\/body>/is', $k, $match)) { $k = $match[1]; } $k = str_replace(array('<?', '?>', '<%', '%>'), array('<?', '?>', '<%', '%>'), $k); $k = preg_replace_callback('/(href|src|action)=[\'|"]{0,1}(.*?)[\'|"]{0,1}( .*?){0,1}>/i', 'make_absoluteURL', $k); $k = htmlfilter_sanitize(trim($k), array(false, 'link', 'meta'), array(), array('img', 'br', 'hr', 'input'), true); if ($charset != false) { $k = makeCharsetConversion($k, $charset, PHPWCMS_CHARSET, 1); } // now write or update cache file in case there is timeout or content if ($cache && $k) { @write_textfile($cache_file, $k); } } $include_urlparts = ''; } return $k; }
$_SESSION['admin_save'] = 0; } // enable additional db settings like collation and charset if (empty($err)) { $db_additional = true; if (isset($_collation_warning) && $_collation_warning === false) { $db_init = true; if (isset($_POST['db_sql_hidden'])) { if (empty($db_sql)) { $_SESSION['admin_set'] = true; $db_no_create = true; } else { // now read and display sql queries $_db_prepend = $phpwcms["db_prepend"] ? $phpwcms["db_prepend"] . '_' : ''; $sql_data = read_textfile($DOCROOT . '/setup/default_sql/phpwcms_init.sql'); $sql_data = $sql_data . read_textfile($DOCROOT . '/setup/default_sql/phpwcms_inserts.sql'); $sql_data = preg_replace("/(#|--).*.\n/", '', $sql_data); $sql_data = preg_replace('/ `phpwcms/', ' `' . $_db_prepend . 'phpwcms', $sql_data); $sql_data = str_replace("\r", '', $sql_data); $sql_data = str_replace("\n\n", "\n", $sql_data); $sql_data = trim($sql_data); // if True create initial database if (isset($_POST['db_create'])) { $db_create_err = array(); @mysql_query('SET storage_engine=MYISAM', $db); $value = "SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO'"; @mysql_query($value, $db); $value = "SET NAMES '" . $phpwcms['db_charset'] . "'" . (empty($phpwcms['db_collation']) ? '' : " COLLATE '" . $phpwcms['db_collation'] . "'"); @mysql_query($value, $db); $db_create_sql = explode(';', $sql_data); foreach ($db_create_sql as $key => $value) {
* phpwcms content management system * * @author Oliver Georgi <*****@*****.**> * @copyright Copyright (c) 2002-2015, Oliver Georgi * @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2 * @link http://www.phpwcms.de * **/ require_once '../../include/config/conf.inc.php'; require_once '../../include/inc_lib/default.inc.php'; require_once PHPWCMS_ROOT . '/include/inc_lib/dbcon.inc.php'; require_once PHPWCMS_ROOT . '/include/inc_lib/general.inc.php'; $sqldata = ''; if (isset($_GET['f'])) { $file = str_replace(array('..', '/', "\\"), '', clean_slweg($_GET['f'])); $sql_data = read_textfile(PHPWCMS_ROOT . '/setup/update_sql/' . $file); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Upgrade phpwcms</title> <style type="text/css"> <!-- pre { font-size: 9pt; font-family:"Courier New", Courier, mono; margin: 0; padding: 0; }
</tr> <tr> <td align="right" class="v10"> </td> <td colspan="3"><table border="0" cellpadding="0" cellspacing="0" summary=""> <tr> <td bgcolor="#99CC00"> </td> <td class="v10"> OK </td> <td bgcolor="#FF3300"> </td> <td class="v10"> PROBLEM</td> </tr> </table></td> </tr> </table> <?php $this_root = dirname(dirname(dirname(__FILE__))); $config_setup = read_textfile($this_root . '/setup/setup.conf.inc.php'); $config_setup = str_replace('?>', "\$NO_ACCESS = true;\n\n?>", $config_setup); $result = false; if (!is_file($this_root . '/include/config/conf.inc.php')) { // try to chmod //set_chmod($phpwcms["root"]."/include/config', // Try to write config file to the correct position if (!write_textfile($this_root . '/include/config/conf.inc.php', $config_setup)) { // Try to copy if (!@copy($this_root . '/setup/setup.conf.inc.php', $this_root . '/include/config/conf.inc.php')) { // Try to move if (@rename($this_root . '/setup/setup.conf.inc.php', $this_root . '/include/config/conf.inc.php')) { // moved successfully $result = true; } } else {
* @author Oliver Georgi <*****@*****.**> * @copyright Copyright (c) 2002-2015, Oliver Georgi * @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2 * @link http://www.phpwcms.de * **/ $base_path = dirname(__FILE__); if (is_file($base_path . '/setup.conf.inc.php')) { require_once $base_path . '/inc/setup.func.inc.php'; require_once $base_path . '/setup.conf.inc.php'; if (empty($NO_ACCESS)) { header('Cache-Control: no-cache, must-revalidate'); // HTTP/1.1 header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); // Datum in der Vergangenheit header('Content-type: text/plain'); header('Content-Disposition: attachment; filename="conf.inc.php"'); $filesize = @filesize($base_path . '/setup.conf.inc.php'); if ($filesize) { header('Content-length: ' . $filesize); $temp = read_textfile($base_path . '/setup.conf.inc.php'); write_textfile($base_path . '/setup.conf.inc.php', str_replace('?>', "\$NO_ACCESS = true;\n\n?>", $temp)); } else { $temp = 'Sorry there was a problem downloading "conf.inc.php". Check manually!'; } echo $temp; } else { header('Location: ' . $phpwcms['site'] . $phpwcms['root']); } } exit;
/** * phpwcms content management system * * @author Oliver Georgi <*****@*****.**> * @copyright Copyright (c) 2002-2015, Oliver Georgi * @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2 * @link http://www.phpwcms.de * **/ // ---------------------------------------------------------------- // obligate check for phpwcms constants if (!defined('PHPWCMS_ROOT')) { die("You Cannot Access This Script Directly, Have a Nice Day."); } // ---------------------------------------------------------------- $startup_default = read_textfile(PHPWCMS_TEMPLATE . "inc_default/startup.php"); //reads the css template $startup_default = $startup_default ? html($startup_default) : ""; ?> <form action="include/inc_act/act_startuptext.php" method="post" name="startup" target="_self"><table width="538" border="0" cellpadding="0" cellspacing="0" summary=""> <tr> <td colspan="2" class="title"><?php echo $BL['be_admin_startup_title']; ?> </td> </tr> <tr> <td width="35"><img src="img/leer.gif" alt="" width="35" height="4"></td> <td width="503"><img src="img/leer.gif" alt="" width="1" height="1"></td> </tr>