require dirname(__FILE__) . '/path.inc.php'; require $CONFIG_FILE; require $PATH . 'classes/FX.php'; require $PATH . 'classes/BackupMain.php'; require $PATH . 'classes/BackupFile.php'; filecopy_connect_db(); // globals holen: evtl. durch etwas anderes ersetzen... $params = array_merge($_GET, $_POST); // keine XSS Injection Safety!!! - nicht extern zugänglich machen. extract($params); if (isset($d0)) { // erwartet einen Parameter in der Form: dateFrom=2007-12-12+08:00:00 , dateTo=2007-12-19+20:59:59 $timeStampFrom = FX::parseDBDate(str_replace("+", " ", $d0)); $timeStampTo = FX::parseDBDate(str_replace("+", " ", $d1)); echo "Dateien, auf die zwischen den Daten " . FX::makeDBDate($timeStampFrom) . " und " . FX::makeDBDate($timeStampTo) . " schreibend zugegriffen wurde.\n"; $sql = "SELECT path, fname, mtime FROM files WHERE " . "(mtime > '" . FX::makeDBDate($timeStampFrom) . "') " . " AND (mtime < '" . FX::makeDBDate($timeStampTo) . "') " . " AND (status='C')" . " ORDER BY mtime DESC;"; $result = @mysqli_query($LNK, $sql); if (!$result) { errlog(__FILE__ . "@" . __LINE__ . ": " . mysqli_error($LNK) . " ( SQL = " . $sql . ")"); } while ($row = mysqli_fetch_assoc($result)) { extract($row); echo $path . "/" . $fname . " [" . $mtime . "]" . "\n"; } } if (isset($sameName)) { echo "Dateien mit dem Namen " . FX::html_encode($sameName) . " existieren in den Verzeichnissen:\n"; $sql = "SELECT path, size FROM files WHERE fname LIKE '" . mysqli_escape_string($LNK, $sameName) . "' AND status='C';"; $result = @mysqli_query($LNK, $sql); if (!$result) { errlog(__FILE__ . "@" . __LINE__ . ": " . mysqli_error($LNK) . " ( SQL = " . $sql . ")");
/** * */ function toDB() { global $LNK; if (!isset($this->fileid) or $this->fileid < 0 or !$this->fileid) { if (!isset($this->fname) or $this->fname == "" or (!isset($this->path) or $this->path == "")) { $e = new FileCopyMessage(__FILE__ . '@' . __LINE__ . ': neither fileid nor fname/path are valid in toDB() - cannot store this!'); return false; } else { // fileid not set, but fname / path - find new fileid: $sql = "SELECT MAX(fileid) AS maxfid FROM files;"; $result = @mysqli_query($LNK, $sql); if (!$result) { $e = new FileCopyMessage(__FILE__ . "@" . __LINE__ . ": " . mysqli_error($LNK) . " ( SQL = " . $sql . ")", 'WARN'); return false; } if ($row = mysqli_fetch_assoc($result)) { $this->fileid = $row['maxfid'] + 1; } } } if ($this->version == -1) { // determine latest version: $this->version = 0; // default: very first version // or are there previous versions? $sql = "SELECT MAX(version) AS maxversion FROM files WHERE fileid = " . $this->fileid . ";"; $result = @mysqli_query($LNK, $sql); if (!$result) { $e = new FileCopyMessage(__FILE__ . "@" . __LINE__ . ": " . mysqli_error($LNK) . " ( SQL = " . $sql . ")", 'WARN'); return false; } if ($row = mysqli_fetch_assoc($result)) { $this->version = $row['maxversion'] + 1; } } else { // delete any possibly existing entry for the same fileid AND version: $result = @mysqli_query($LNK, "DELETE FROM files WHERE fileid = " . $this->fileid . " AND version = " . $this->version . ";"); if (!$result) { $e = new FileCopyMessage(__FILE__ . "@" . __LINE__ . ": " . mysqli_error($LNK) . " ( SQL = " . $sql . ")", 'WARN'); return false; } } // neuen Eintrag in die DB $sql = "INSERT DELAYED INTO files (" . "fileid," . "version," . "status," . "path," . "fname," . "extension," . "size," . "ctime," . "mtime," . "sha1" . ") VALUES (" . $this->fileid . "," . $this->version . "," . "'" . mysqli_escape_string($LNK, $this->status) . "'," . "'" . mysqli_escape_string($LNK, $this->path) . "'," . "'" . mysqli_escape_string($LNK, $this->fname) . "'," . "'" . mysqli_escape_string($LNK, $this->extension) . "'," . $this->size . "," . "'" . FX::makeDBDate($this->ctime) . "'," . "'" . FX::makeDBDate($this->mtime) . "'," . "'" . $this->sha1 . "'" . ");"; // echo $sql . "\n"; $result = @mysqli_query($LNK, $sql); if (!$result) { $msg = __FILE__ . "@" . __LINE__ . ": " . mysqli_error($LNK) . " ( SQL = " . $sql . ")"; $e = new FileCopyMessage($msg, 'WARN'); echo $msg . "\n"; return FALSE; } return TRUE; }