function autologin()
{
if (isset($_COOKIE['user']) && isset($_COOKIE['passwd']) && isset($_COOKIE['userid'])) {
global $db;
$pass = $_COOKIE['passwd'];
$user = $_COOKIE['user'];
$userid = $_COOKIE['userid'];
$res =& $db->query("SELECT * FROM " . db_tablename('users') . " WHERE id=" . $db->quote((int) $userid) . " AND user=" . $db->quote($user));
if (DB::isError($res)) {
return;
}
$row = $res->fetchRow(DB_FETCHMODE_ASSOC);
if (!isset($row['password'])) {
return;
}
$passchk = md5($row['password'] . $row['salt']);
if ($pass == $passchk) {
$_SESSION['user'] = $row['user'];
$_SESSION['level'] = $row['level'];
$_SESSION['userid'] = $row['id'];
$_SESSION['logged_in'] = 1;
mk_cookie('user', $row['user']);
mk_cookie('userid', $row['id']);
mk_cookie('passwd', $passchk);
}
}
}
function autologin()
{
if (isset($_COOKIE['user']) && isset($_COOKIE['passwd']) && isset($_COOKIE['userid'])) {
global $db;
$pass = $_COOKIE['passwd'];
$user = $_COOKIE['user'];
$userid = $_COOKIE['userid'];
$sql = 'SELECT * FROM ' . db_tablename('users') . ' WHERE id=' . $db->quote((int) $userid) . ' AND user='******'password'])) {
return;
}
$passchk = md5($row['password'] . $row['salt']);
if ($pass == $passchk) {
$_SESSION['user'] = $row['user'];
$_SESSION['level'] = $row['level'];
$_SESSION['userid'] = $row['id'];
$_SESSION['logged_in'] = 1;
mk_cookie('user', $row['user']);
mk_cookie('userid', $row['id']);
mk_cookie('passwd', $passchk);
}
}
}
function setBackup()
{
global $dbname, $dbh;
global $PARAM, $SUBS, $MSG, $MONTHS;
if (!is_dir(getAdmSetting('BACKUP_DIR'))) {
MkDir(getAdmSetting('BACKUP_DIR'), 0777);
}
if ($PARAM['upload'] == 1) {
global $bckFile, $bckFile_name;
if ($bckFile_name == '') {
$SUBS['ERROR'] = $MSG[20108];
$SUBS['BACKUP_ERROR'] = fileParse('_admin_error.htmlt');
} else {
if (!($UPLOAD = @file($bckFile))) {
setLogAndStatus("Reading", $bckFile, 0, "setBackup()", 'READ_UPLOAD');
}
$file = date('d F Y H_i_s');
$filename = getAdmSetting('BACKUP_DIR') . "/{$file}.sql";
$upload = '## ' . $MSG[20109] . date(' d F Y H:i:s') . "\n";
$upload .= "## {$MSG['20110']} {$bckFile_name}\n";
$upload .= join('', $UPLOAD);
if (!($fp = fopen($filename, 'w'))) {
setLogAndStatus("Opening", $filename, 0, "setBackup()", 'OPEN_FILE');
}
fwrite($fp, $upload);
fclose($fp);
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20050";
printPage('_admin_done.htmlt');
return;
}
}
//export database backup
if ($PARAM['export'] == 1) {
$file = date('d F Y H_i_s');
$filename = getAdmSetting('BACKUP_DIR') . "/{$file}.sql";
if (!($fp = fopen($filename, 'w'))) {
setLogAndStatus("Opening", 0, $filename, "setBackup()", 'OPEN_FILE');
}
//write comments if any
if ($PARAM['bckComments'] != '') {
$comments = '##' . ereg_replace("\n", "\n##", $PARAM['bckComments']) . "\n";
fwrite($fp, $comments);
}
if (!($res = db_list_tables($dbname, $dbh))) {
setLogAndStatus("db_list_tables()", 0, $dbname, "setBackup()", 'LIST_TABLES');
}
$num_tables = db_num_rows($res);
$i = 0;
while ($i < $num_tables) {
$table = db_tablename($res, $i);
$fields = db_list_fields($dbname, $table, $dbh);
$columns = db_num_fields($fields);
$tablelist = '';
for ($j = 0; $j < $columns; $j++) {
if ($columns - $j == 1) {
$tablelist .= db_field_name($fields, $j);
} else {
$tablelist .= db_field_name($fields, $j) . ',';
}
}
$schema = "REPLACE INTO {$table} ({$tablelist}) VALUES (";
$query = "SELECT * FROM {$dbname}.{$table}";
$result = runQuery($query, 'setBackup()', 'SELECT_TABLES');
while ($row = db_fetch_row($result)) {
$schema_insert = '';
for ($j = 0; $j < $columns; $j++) {
if (!isset($row[$j])) {
$schema_insert .= ' NULL,';
} else {
$schema_insert .= ' ' . dbQuote($row[$j]) . ',';
}
}
$schema_insert = $schema . ereg_replace(',$', '', $schema_insert);
$schema_insert .= ");\r\n";
fwrite($fp, $schema_insert);
}
$i++;
}
fclose($fp);
// the ZIP thing --------------------
$fp = fopen($filename, "rb");
$data = fread($fp, filesize($filename));
fclose($fp);
$name = array(baseName($filename));
$data = array($data);
$content = makezip($name, $data);
$fp = fopen('./zip/' . basename($filename) . '.ZIP', "wb");
fputs($fp, $content);
fclose($fp);
// the ZIP thing --------------------
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20052";
printPage('_admin_done.htmlt');
return;
}
//prepare for import or delete
$backups = opendir(getAdmSetting('BACKUP_DIR'));
while (($file = readdir($backups)) != false) {
if (!is_dir($file)) {
$BCKUPS[eregi_replace('[^a-z0-9]', '_', $file)] = getAdmSetting('BACKUP_DIR') . "/{$file}";
}
}
closedir($backups);
reset($PARAM);
while (list($k, $v) = each($PARAM)) {
if (ereg('^bck_(.*)$', $k, $R)) {
$BACKUPS[] = $R[1];
}
}
reset($PARAM);
//delete backups
if ($PARAM['delete'] == 1) {
if (count($BACKUPS) == 0) {
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20008";
printPage('_admin_done.htmlt');
return;
}
for ($i = 0; $i < count($BACKUPS); $i++) {
if (!@unlink($BCKUPS[$BACKUPS[$i]])) {
setLogAndStatus("Deleting", $BCKUPS[$BACKUPS[$i]], "setBackup()", 'DEL_BACKUP');
}
}
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20054";
printPage('_admin_done.htmlt');
return;
}
//import database backup
if ($PARAM['import'] == 1) {
if (count($BACKUPS) > 1) {
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20053";
printPage('_admin_done.htmlt');
return;
}
if (count($BACKUPS) == 0) {
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20008";
printPage('_admin_done.htmlt');
return;
}
//get backup file
$file = fread(fopen($BCKUPS[$BACKUPS[0]], 'r'), filesize($BCKUPS[$BACKUPS[0]]));
////---- [Mrasnika's] Edition 21.03.2002
split_sql_file($BACKUP, $file);
//reset tables
if (!($res = db_list_tables($dbname, $dbh))) {
setLogAndStatus("db_list_tables()", 1, $dbname, "databaseBackup()", 'LIST_TABLES_2');
}
$num_tables = db_num_rows($res);
$i = 0;
while ($i < $num_tables) {
$table = db_tablename($res, $i);
$query = "DELETE FROM {$dbname}.{$table}";
$result = runQuery($query, 'setBackup()', 'RESET_TABLES');
$i++;
}
//fill tables
while (list($k, $query) = each($BACKUP)) {
if (!ereg('^#', $query)) {
if (!($result = db_query($query, $dbh))) {
setLogAndStatus($query, db_errno($dbh), db_error($dbh), "databaseBackup()", 'RESTORE_DB');
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20055";
printPage('_admin_done.htmlt');
return;
}
}
}
$SUBS['COMMAND'] = $PARAM['cmd'] . "&err=20056";
printPage('_admin_done.htmlt');
return;
}
$backups = opendir(getAdmSetting('BACKUP_DIR'));
$last = 0;
while (($file = readdir($backups)) != false) {
if (!is_dir($file)) {
$date = stat(getAdmSetting('BACKUP_DIR') . "/{$file}");
if ($last < $date[9]) {
$month = intval(date('m'));
$SUBS['LAST'] = $MSG[20051] . date(' d ', $date[9]) . $MONTHS[$month] . date(' Y H.i.s', $date[9]);
}
$SUBS['SIZE'] = sprintf('%0.2f KB', $date[7] / 1024);
$SUBS['NAME'] = eregi_replace('_', ':', $file);
$SUBS['CHECK'] = eregi_replace('[^a-z0-9]', '_', $file);
//checkbox name
$SUBS['WHERE'] = getAdmSetting('BACKUP_DIR') . "/{$file}";
if (!($BACKUP = @file(getAdmSetting('BACKUP_DIR') . "/{$file}"))) {
setLogAndStatus("Reading", 0, getAdmSetting('BACKUP_DIR') . "/{$file}", "setBackup()", 'READ_FILE');
}
$comments = '';
//get comments from the beginning of the file
for ($i = 0; $i < count($BACKUP); $i++) {
if (eregi('^##(.*)$', $BACKUP[$i], $R)) {
$comments .= $R[1];
}
}
if ($comments != '') {
$SUBS['COMMENTS'] = ' ' . ereg_replace("\n", '<BR> ', htmlEncode($comments));
$SUBS['COMMENTS'] = ereg_replace('<BR> $', '', $SUBS['COMMENTS']);
} else {
$SUBS['COMMENTS'] = '';
}
$SUBS['BACKUPS'] .= fileParse('_admin_backup_row.htmlt');
}
}
closedir($backups);
if ($PARAM['err'] != '') {
$SUBS['ERROR'] = $MSG[$PARAM['err']];
$SUBS['BACKUP_ERROR'] = fileParse('_admin_error.htmlt');
}
printPage('_admin_backup.htmlt');
}
if (file_exists('settings.php')) {
die("settings.php already exists.");
}
if (!isset($_POST['template'])) {
header('Location: install.php');
exit;
}
$data = array('template' => "'" . $_POST['template'] . "'", 'phptype' => "'" . $_POST['phptype'] . "'", 'hostspec' => "'" . $_POST['hostspec'] . "'", 'port' => "''", 'socket' => "''", 'database' => "'" . $_POST['database'] . "'", 'username' => "'" . $_POST['username'] . "'", 'password' => "'" . $_POST['password'] . "'", 'db_table_prefix' => "'" . $_POST['db_table_prefix'] . "'", 'site_short_title' => "'" . $_POST['site_short_title'] . "'", 'site_long_title' => "'" . $_POST['site_long_title'] . "'", 'prefix_short_title' => $_POST['prefix_short_title'] == 'on' ? 1 : 0, 'rss_url' => "'" . preg_replace('/\\/$/', '', $_POST['rss_url']) . "'", 'rss_title' => "'" . $_POST['rss_title'] . "'", 'rss_desc' => "'" . $_POST['rss_desc'] . "'", 'rss_entries' => !isset($_POST['rss_entries']) || $_POST['rss_entries'] < 1 ? 15 : $_POST['rss_entries'], 'secret_salt' => "'" . $_POST['secret_salt'] . "'", 'language' => "'" . $_POST['language'] . "'", 'captcha' => "'" . $_POST['captcha'] . "'", 'use_captcha' => "array(" . (isset($_POST['use_captcha']) ? "'" . implode("'=>1, '", $_POST['use_captcha']) . "'=>1" : '') . ")", 'spam_regex' => "'" . $_POST['spam_regex'] . "'", 'auto_block_spam_ip' => $_POST['auto_block_spam_ip'], 'spam_expire_time' => $_POST['spam_expire_time'], 'admin_email' => "'" . $_POST['admin_email'] . "'", 'quote_limit' => $_POST['quote_limit'], 'page_limit' => $_POST['page_limit'], 'quote_list_limit' => $_POST['quote_list_limit'], 'min_latest' => $_POST['min_latest'], 'min_quote_length' => $_POST['min_quote_length'], 'moderated_quotes' => isset($_POST['moderated_quotes']) && $_POST['moderated_quotes'] == 'on' ? 1 : 0, 'login_required' => isset($_POST['login_required']) && $_POST['login_required'] == 'on' ? 1 : 0, 'auto_flagged_quotes' => $_POST['auto_flagged_quotes'] == 'on' ? 0 : 1, 'public_queue' => isset($_POST['public_queue']) && $_POST['public_queue'] == 'on' ? 0 : 1, 'timezone' => "'" . $_POST['timezone'] . "'", 'news_time_format' => "'" . $_POST['news_time_format'] . "'", 'quote_time_format' => "'" . $_POST['quote_time_format'] . "'", 'GET_SEPARATOR' => "ini_get('arg_separator.output')", 'GET_SEPARATOR_HTML' => 'htmlspecialchars($CONFIG[\'GET_SEPARATOR\'], ENT_QUOTES)');
if (!write_settings('settings.php', $data)) {
die("Sorry, cannot write settings.php");
}
if (!file_exists('settings.php')) {
die("settings.php does not exist.");
}
$salt = str_rand();
$sqldata = array_merge($data, array('QUOTETABLE' => db_tablename('quotes'), 'QUEUETABLE' => db_tablename('queue'), 'USERSTABLE' => db_tablename('users'), 'TRACKINGTABLE' => db_tablename('tracking'), 'NEWSTABLE' => db_tablename('news'), 'SPAMTABLE' => db_tablename('spamlog'), 'DUPETABLE' => db_tablename('dupes'), 'ADMINUSER' => "'" . $_POST['adminuser'] . "'", 'ADMINPASS' => "'\\\$1" . crypt($_POST['adminpass'], "\$1\$" . substr($salt, 0, 8) . "\$") . "'", 'ADMINSALT' => '\'\\$1\\$' . $salt . '\\$\''));
$sql = mangle_sql('install.sql', $sqldata);
print '<pre>' . $sql . '</pre>';
$CONFIG = remove_quotes($data);
include 'db.php';
$db = get_db($CONFIG);
if ($db) {
db_query($sql);
$db = null;
} else {
print '<p>Sorry, cannot access the database. You may need to do the commands manually.';
}
} else {
if (!file_exists('settings.php')) {
if (!write_settings('settings.php', null)) {
die('Cannot write settings.');
function mk_user($username, $password)
{
print 'Creating user ' . $username . ': ';
$salt = str_rand();
$level = 1;
$str = "INSERT INTO " . db_tablename('users') . " (user, password, level, salt) VALUES('{$username}', '" . crypt($password, "\$1\$" . substr($salt, 0, 8) . "\$") . "', '{$level}', '\$1\$" . $salt . "\$');";
return db_query($str);
}
function add_quote_do_inner()
{
global $CONFIG, $TEMPLATE, $db;
$flag = isset($CONFIG['auto_flagged_quotes']) && $CONFIG['auto_flagged_quotes'] == 1 ? 2 : 0;
$quotxt = htmlspecialchars(trim($_POST["rash_quote"]));
$innerhtml = $TEMPLATE->add_quote_outputmsg(mangle_quote_text($quotxt));
$res =& $db->query("INSERT INTO " . db_tablename('quotes') . " (quote, rating, flag, queue, date) VALUES(" . $db->quote($quotxt) . ", 0, " . $flag . ", " . $CONFIG['moderated_quotes'] . ", '" . mktime() . "')");
if (DB::isError($res)) {
die($res->getMessage());
}
return $innerhtml;
}
phpMyBackup v.0.4 Beta - Documentation
Homepage: http://www.nm-service.de/phpmybackup
Copyright (c) 2000-2001 by Holger Mauermann, mauermann@nm-service.de
phpMyBackup is distributed in the hope that it will be useful for you, but
WITHOUT ANY WARRANTY. This programm may be used freely as long as all credit
and copyright information are left intact.
*/
if ($writer->countWriters()) {
$version = "0.4 beta";
$cur_time = date("Y-m-d H:i");
$writer->write("-- Dump created with 'phpMyBackup v." . $version . "' on " . $cur_time . "\r\n");
$tables = db_list_tables(DBDATE);
$num_tables = @db_num_rows($tables);
$i = 0;
while ($i < $num_tables) {
$table = db_tablename($tables, $i);
if (isset($_POST['prefix']) and strpos($table, DBPREF) === false) {
$i++;
continue;
}
get_def(DBDATE, $table, $writer);
get_content(DBDATE, $table, $writer);
$i++;
}
$writer->close();
}
} else {
$design = new design('Ilch Admin-Control-Panel :: Backup', '', 2);
$design->header();
$tpl = new tpl('backup', 1);
$tpl->out(0);
function import_quotes_do_inner()
{
global $CONFIG, $TEMPLATE, $db;
$flag = isset($CONFIG['auto_flagged_quotes']) && $CONFIG['auto_flagged_quotes'] == 1 ? 2 : 0;
$spamre = isset($CONFIG['spam_regex']) && $CONFIG['spam_regex'] != '' ? $CONFIG['spam_regex'] : NULL;
$sep = html_entity_decode($_POST['separator_regex']);
$quotes = preg_split("/" . $sep . "/m", html_entity_decode(trim($_POST['rash_quote'])));
foreach ($quotes as $quotxt) {
$quotxt = htmlspecialchars(trim($quotxt));
if (!(strlen($quotxt) < $CONFIG['min_quote_length'])) {
$t = time();
$ip = $_SERVER['REMOTE_ADDR'];
if ($CONFIG['moderated_quotes']) {
$table = 'queue';
} else {
$table = 'quotes';
}
$db->query("INSERT INTO " . db_tablename($table) . " (quote, submitip, date) VALUES(" . $db->quote($quotxt) . ", " . $db->quote($ip) . ", " . $t . ")");
}
}
return '';
}
function do_queue($db, $params)
{
$qt = db_tablename('quotes', $params);
return make_query($db, "SELECT * FROM {$qt} where queue=1");
}
