function hs_install() { global $CONFIG, $thisplugin, $lang_plugin_highslide_install; require 'plugins/highslide/include/init.inc.php'; if ($_POST['submit'] == $lang_plugin_highslide_install['button_install']) { if (!isset($CONFIG['highslide_enable'])) { require 'include/sql_parse.php'; $query = "INSERT INTO " . $CONFIG['TABLE_CONFIG'] . " VALUES ('highslide_enable', '1');"; cpg_db_query($query); // create table $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } // Put default setting $db_schema = $thisplugin->fullpath . '/basic.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } } return true; } else { return 1; } }
function final_extract_install() { global $CONFIG, $lang_plugin_final_extract, $lang_plugin_final_extract_config, $thisplugin; require 'plugins/final_extract/configuration.php'; require 'include/sql_parse.php'; if (!isset($CONFIG['fex_enable'])) { $query = "INSERT INTO " . $CONFIG['TABLE_CONFIG'] . " VALUES ('fex_enable', '1');"; cpg_db_query($query); // create table $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } // Put default setting $db_schema = $thisplugin->fullpath . '/basic.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } } return true; }
function newsletter_install() { global $CONFIG, $newsletter_installation, $thisplugin, $USER_DATA, $lang_plugin_newsletter; // Create the super cage $superCage = Inspekt::makeSuperCage(); $newsletter_installation = 1; require 'include/sql_parse.php'; // Perform the database changes $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = preg_replace('/ADMIN_EMAIL/', $CONFIG['gallery_admin_email'], $sql_query); $sql_query = preg_replace('/ADMIN_USERNAME/', $USER_DATA['user_name'], $sql_query); $sql_query = preg_replace('/COPPERMINE_SITE_NAME/', $CONFIG['gallery_name'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } // Set the plugin config defaults $plugin_config_defaults = array('plugin_newsletter_guest_subscriptions' => '0', 'plugin_newsletter_salutation_for_guests' => 'Dear subscriber,', 'plugin_newsletter_from_email' => $CONFIG['gallery_admin_email'], 'plugin_newsletter_from_name' => $USER_DATA['user_name'], 'plugin_newsletter_mails_per_page' => '1', 'plugin_newsletter_page_refresh_delay' => '10', 'plugin_newsletter_admin_menu_links' => '1', 'plugin_newsletter_visitor_menu_links' => '2', 'plugin_newsletter_retries' => '2', 'plugin_newsletter_default_on_register' => '0'); foreach ($plugin_config_defaults as $key => $value) { if (!$CONFIG[$key]) { $CONFIG[$key] = $value; } } if ($superCage->post->keyExists('submit')) { newsletter_configuration_submit(); return true; } else { return 1; } }
function update_history_install() { $superCage = Inspekt::makeSuperCage(); global $CONFIG, $lang_plugin_update_history_config, $thisplugin; require 'plugins/update_history/include/init.inc.php'; if ($superCage->post->getAlnum('submit') == $lang_plugin_update_history_config['button_install']) { require 'include/sql_parse.php'; //if(!isset($CONFIG['fex_enable'])) { // $query="INSERT INTO ".$CONFIG['TABLE_CONFIG']." VALUES ('fex_enable', '1');"; // cpg_db_query($query); // create table $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } // Put default setting $db_schema = $thisplugin->fullpath . '/basic.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } //} return true; } else { return 1; } }
function social_bookmarks_install() { global $CONFIG, $social_bookmarks_installation, $thisplugin, $USER_DATA, $lang_plugin_social_bookmarks; // Create the super cage $superCage = Inspekt::makeSuperCage(); $social_bookmarks_installation = 1; require 'include/sql_parse.php'; // Perform the database changes $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } // Set the plugin config defaults $plugin_config_defaults = array('plugin_social_bookmarks_position' => '2', 'plugin_social_bookmarks_visibility' => '2', 'plugin_social_bookmarks_greyout' => '0', 'plugin_social_bookmarks_layout' => '2', 'plugin_social_bookmarks_columns' => '5', 'plugin_social_bookmarks_smart_language' => '1', 'plugin_social_bookmarks_admin_menu' => '0'); foreach ($plugin_config_defaults as $key => $value) { if (!$CONFIG[$key]) { $CONFIG[$key] = $value; } } if ($superCage->post->keyExists('submit')) { social_bookmarks_configuration_submit(); return true; } else { return 1; } }
function avmaker_configure($stop = true) { global $errors, $CONFIG; require 'include/sql_parse.php'; $db_update = 'plugins/avmaker/sql/basic.sql'; $sql_query = fread(fopen($db_update, 'r'), filesize($db_update)); // Update table prefix $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); ?> <h2>Performing Database Updates<h2> <table class="maintable"> <?php foreach ($sql_query as $q) { echo "<tr><td class='debug_text' style='color: black;'>\r\n\t\t{$q}\r\n\t\t</td>"; if (mysql_query($q)) { echo "<td class='debug_text' style='color: green;'>OK</td></tr>"; } else { echo "<td class='debug_text' style='color: black;'>Already Done</td></tr>"; } } echo "</table>"; if ($stop) { echo <<<EOT <form action="{$_SERVER['REQUEST_URI']}" method="post"> <input type="submit" value="Go!" name="submit" /> </form> EOT; } }
function external_edit_install() { global $CONFIG, $thisplugin; require 'include/sql_parse.php'; // Perform the database changes $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } return true; }
function captcha_install() { global $CONFIG, $lang_plugin_captcha; require 'plugins/captcha/include/init.inc.php'; require 'include/sql_parse.php'; // create table $db_schema = 'plugins/captcha/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } return true; }
function potd_install() { global $CONFIG, $thisplugin, $lang_plugin_potd_config; require 'plugins/potd/include/init.inc.php'; if ($_POST['submit'] == $lang_plugin_potd_config['button_done']) { require 'include/sql_parse.php'; $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } return true; } else { return 1; } }
function sql_import($sql) { $ci = get_instance(); $sql = file_get_contents($sql); $sql = remove_remarks($sql); $delimiter = ";"; $tokens = explode($delimiter, $sql); $sql = ""; $matches = array(); $token_count = count($tokens); for ($i = 0; $i < $token_count; $i++) { if ($i != $token_count - 1 || strlen($tokens[$i] > 0)) { $total_quotes = preg_match_all("/'/", $tokens[$i], $matches); $escaped_quotes = preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/", $tokens[$i], $matches); $unescaped_quotes = $total_quotes - $escaped_quotes; if ($unescaped_quotes % 2 == 0) { $ci->db->query($tokens[$i]); $tokens[$i] = ""; } else { $temp = $tokens[$i] . $delimiter; $tokens[$i] = ""; $complete_stmt = false; for ($j = $i + 1; !$complete_stmt && $j < $token_count; $j++) { $total_quotes = preg_match_all("/'/", $tokens[$j], $matches); $escaped_quotes = preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/", $tokens[$j], $matches); $unescaped_quotes = $total_quotes - $escaped_quotes; if ($unescaped_quotes % 2 == 1) { $ci->db->query($temp . $tokens[$j]); $tokens[$j] = ""; $temp = ""; $complete_stmt = true; $i = $j; } else { $temp .= $tokens[$j] . $delimiter; $tokens[$j] = ""; } } } } } }
function copperad_install() { global $CONFIG, $lang_plugin_copperad, $lang_plugin_copperad_config, $thisplugin; require 'plugins/copper_ad/include/init.inc.php'; if ($_POST['submit'] == $lang_plugin_copperad_config['button_install']) { if (!isset($CONFIG['cpa_enable'])) { require 'include/sql_parse.php'; $query = "INSERT INTO " . $CONFIG['TABLE_CONFIG'] . " VALUES ('cpa_enable', '1');"; cpg_db_query($query); // Copy needed file and ADV directory ===If you can't CHMODE you gallery then comment these line 40~46 and after installation copy "banner.php.sample" and "bannermgr.php.sample" to your gallery root and remove ".sample" extention. copy($thisplugin->fullpath . "/banner.php.sample", "banner.php") or cpg_die(ERROR, $lang_plugin_copperad_config['permission'], __FILE__, __LINE__); copy($thisplugin->fullpath . "/bannermgr.php.sample", "bannermgr.php") or cpg_die(ERROR, $lang_plugin_copperad_config['permission'], __FILE__, __LINE__); mkdir('adv') or cpg_die(ERROR, $lang_plugin_copperad_config['permission'], __FILE__, __LINE__); mkdir('adv/pic') or cpg_die(ERROR, $lang_plugin_copperad_config['permission'], __FILE__, __LINE__); mkdir('adv/flash') or cpg_die(ERROR, $lang_plugin_copperad_config['permission'], __FILE__, __LINE__); copy($thisplugin->fullpath . "/adv/pic/copperad.jpg", "adv/pic/copperad.jpg") or cpg_die(ERROR, $lang_plugin_copperad_config['permission'], __FILE__, __LINE__); copy($thisplugin->fullpath . "/adv/flash/copperad.swf", "adv/flash/copperad.swf") or cpg_die(ERROR, $lang_plugin_copperad_config['permission'], __FILE__, __LINE__); // create table $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } // Put default setting $db_schema = $thisplugin->fullpath . '/basic.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } } return true; } else { return 1; } }
function multi_install() { global $CONFIG, $thisplugin; if (isset($_POST['langs'])) { require 'include/sql_parse.php'; $langStr = implode(',', $_POST['langs']); // create table $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); $sql_query[] = "REPLACE INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES ('mod_active_lang', '{$langStr}')"; foreach ($sql_query as $q) { cpg_db_query($q); } return true; } else { return 1; } }
$mysql_access_host_array[] = $serverip; foreach ($mysql_access_host_array as $mysql_access_host) { $db_root->query('GRANT ALL PRIVILEGES ON `' . $db_root->escape(str_replace('`', '', $mysql_database)) . "`.* TO '" . $db_root->escape($mysql_unpriv_user) . "'@'" . $db_root->escape($mysql_access_host) . "' IDENTIFIED BY 'password'"); $db_root->query("SET PASSWORD FOR '" . $db_root->escape($mysql_unpriv_user) . "'@'" . $db_root->escape($mysql_access_host) . "' = PASSWORD('" . $db_root->escape($mysql_unpriv_pass) . "')"); } $db_root->query('FLUSH PRIVILEGES;'); $mysql_access_host = implode(',', $mysql_access_host_array); status_message('green', 'OK'); //now a new database and the new syscp-unprivileged-mysql-account have been created and we can fill it now with the data. status_message('begin', $lng['install']['testing_new_db']); $db = new db($mysql_host, $mysql_unpriv_user, $mysql_unpriv_pass, $mysql_database); status_message('green', 'OK'); status_message('begin', $lng['install']['importing_data']); $db_schema = './syscp.sql'; $sql_query = @file_get_contents($db_schema, 'r'); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); for ($i = 0; $i < sizeof($sql_query); ++$i) { if (trim($sql_query[$i]) != '') { $result = $db->query($sql_query[$i]); } } status_message('green', 'OK'); status_message('begin', 'System Servername...'); if (validate_ip($_SERVER['SERVER_NAME'], true) !== false) { status_message('red', $lng['install']['servername_should_be_fqdn']); } else { status_message('green', 'OK'); } //now let's change the settings in our settings-table status_message('begin', $lng['install']['changing_data']);
function annotate_page_start() { global $CONFIG, $lang_meta_album_names, $valid_meta_albums; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; $superCage = Inspekt::MakeSuperCage(); $note = $superCage->get->keyExists('note') ? $superCage->get->getRaw('note') : $superCage->cookie->getRaw($CONFIG['cookie_name'] . 'note'); $lang_meta_album_names['lastnotes'] = $lang_plugin_annotate['lastnotes']; $lang_meta_album_names['shownotes'] = $lang_plugin_annotate['shownotes'] . " '{$note}'"; $valid_meta_albums[] = 'lastnotes'; $valid_meta_albums[] = 'shownotes'; $superCage = Inspekt::makeSuperCage(); if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('delete_orphans')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['delete_orphaned_entries']); if (version_compare(cpg_phpinfo_mysql_version(), '4.1', '>=')) { // we can use subqueries here cpg_db_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE pid NOT IN (SELECT pid FROM {$CONFIG['TABLE_PICTURES']})"); } else { $result = cpg_db_query("SELECT pid FROM {$CONFIG['TABLE_PICTURES']}"); $pids = array(); while ($row = mysql_fetch_row($result)) { $pids[] = $row[0]; } $pids = implode(",", $pids); mysql_free_result($result); // cpg_db_query can cause browser to crash if debug output is enabled mysql_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE pid NOT IN ({$pids})"); } $count = mysql_affected_rows(); if ($count == 1) { $count_output = $lang_plugin_annotate['1_orphaned_entry_deleted']; } else { $count_output = sprintf($lang_plugin_annotate['x_orphaned_entries_deleted'], $count); } starttable('-1', $annotate_icon_array['delete'] . $lang_plugin_annotate['delete_orphaned_entries']); echo <<<EOT <tr> <td class="tableb"> {$count_output} </td> </tr> EOT; endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('import')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['import']); starttable('-1', $annotate_icon_array['import'] . $lang_plugin_annotate['import']); if ($superCage->get->keyExists('do') && $CONFIG['plugin_annotate_import'] != "1") { if (!mysql_query("SELECT user_time FROM {$CONFIG['TABLE_PREFIX']}notes")) { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_annotate (pid, posx, posy, width, height, note, user_id, user_time) \n SELECT pid, posx, posy, width, height, note, user_id, UNIX_TIMESTAMP() FROM {$CONFIG['TABLE_PREFIX']}notes"); } else { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_annotate (pid, posx, posy, width, height, note, user_id, user_time) \n SELECT pid, posx, posy, width, height, note, user_id, user_time FROM {$CONFIG['TABLE_PREFIX']}notes"); } echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_success'], mysql_affected_rows()) . '</td></tr>'; cpg_db_query("INSERT INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES ('plugin_annotate_import', '1')"); } else { $notes_to_import = mysql_result(cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PREFIX']}notes"), 0); if (!$notes_to_import) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_found'], $notes_to_import) . '</td></tr>'; } elseif ($CONFIG['plugin_annotate_import'] == "1") { echo '<tr><td class="tableb">' . $lang_plugin_annotate['imported_already'] . '</td></tr>'; } else { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['import_found'], $notes_to_import) . ' <a href="index.php?plugin=annotate&import&do" class="admin_menu">' . $lang_plugin_annotate['import'] . '</a></td></tr>'; } } endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('update_database')) { global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); pageheader($lang_plugin_annotate['update_database']); require 'include/sql_parse.php'; $db_schema = './plugins/annotate/update.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { @mysql_query($q); } starttable('-1', $annotate_icon_array['update_database'] . $lang_plugin_annotate['update_database']); echo <<<EOT <tr> <td class="tableb"> {$lang_plugin_annotate['update_database_success']} </td> </tr> EOT; endtable(); pagefooter(); exit; } if ($superCage->get->getAlpha('plugin') == "annotate" && $superCage->get->keyExists('manage')) { if (!GALLERY_ADMIN_MODE) { return; } global $CONFIG; require_once './plugins/annotate/init.inc.php'; $annotate_init_array = annotate_initialize(); $lang_plugin_annotate = $annotate_init_array['language']; $annotate_icon_array = $annotate_init_array['icon']; load_template(); if ($superCage->post->keyExists('submit')) { if (!checkFormToken()) { global $lang_errors; cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } if ($superCage->get->keyExists('batch_rename')) { if (strlen($superCage->post->getRaw('note_new')) < 1) { header("Location: index.php?plugin=annotate&manage&batch_rename&status=0¬e_old=" . $superCage->post->getRaw('note_old') . "¬e_new=" . $superCage->post->getRaw('note_new')); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_PREFIX']}plugin_annotate SET note = '" . addslashes(addslashes($superCage->post->getRaw('note_new'))) . "' WHERE note = '" . addslashes(addslashes($superCage->post->getRaw('note_old'))) . "'"); header("Location: index.php?plugin=annotate&manage&batch_rename&status=1¬e_old=" . $superCage->post->getRaw('note_old') . "¬e_new=" . $superCage->post->getRaw('note_new')); } } if ($superCage->get->keyExists('batch_delete')) { cpg_db_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate WHERE note = '" . addslashes(addslashes($superCage->post->getRaw('note_old'))) . "'"); header("Location: index.php?plugin=annotate&manage&batch_delete&status=1¬e_old=" . $superCage->post->getRaw('note_old')); } } pageheader($lang_plugin_annotate['manage']); if ($superCage->get->keyExists('batch_rename')) { starttable("100%", $lang_plugin_annotate['batch_rename']); } elseif ($superCage->get->keyExists('batch_delete')) { starttable("100%", $lang_plugin_annotate['batch_delete']); } else { starttable("100%", $lang_plugin_annotate['manage']); } if ($superCage->post->keyExists('sure')) { if ($superCage->get->keyExists('batch_rename')) { global $lang_common; $note_new = $superCage->post->getRaw('note_new'); if (strlen($note_new) < 1) { echo '<tr><td class="tableb">' . $lang_plugin_annotate['note_empty'] . ' <a href="javascript:history.back();">' . $lang_common['back'] . '</a></td></tr>'; endtable(); pagefooter(); die; } list($timestamp, $form_token) = getFormToken(); echo ' <tr><td class="tableb"> <form method="post" action="index.php?plugin=annotate&manage&batch_rename"> ' . sprintf($lang_plugin_annotate['sure_rename'], $superCage->post->getRaw('note_old'), $note_new) . ' <input type="hidden" name="note_old" class="textinput" value="' . $superCage->post->getRaw('note_old') . '" readonly="readonly"> <input type="hidden" name="note_new" class="textinput" value="' . $note_new . '" readonly="readonly"> <input type="hidden" name="form_token" value="' . $form_token . '" /> <input type="hidden" name="timestamp" value="' . $timestamp . '" /> <input type="submit" name="submit" class="button" value="' . $lang_common['go'] . '"> <a href="javascript:history.back();">' . $lang_common['back'] . '</a> </form> </td></tr> '; } if ($superCage->get->keyExists('batch_delete')) { global $lang_common; list($timestamp, $form_token) = getFormToken(); echo ' <tr><td class="tableb"> <form method="post" action="index.php?plugin=annotate&manage&batch_delete"> ' . sprintf($lang_plugin_annotate['sure_delete'], $superCage->post->getRaw('note_old')) . ' <input type="hidden" name="note_old" class="textinput" value="' . $superCage->post->getRaw('note_old') . '" readonly="readonly"> <input type="hidden" name="form_token" value="' . $form_token . '" /> <input type="hidden" name="timestamp" value="' . $timestamp . '" /> <input type="submit" name="submit" class="button" value="' . $lang_common['go'] . '"> <a href="javascript:history.back();">' . $lang_common['back'] . '</a> </form> </td></tr> '; } } if (!$superCage->post->keyExists('note_old')) { if ($superCage->get->keyExists('status')) { if ($superCage->get->keyExists('batch_rename')) { if ($superCage->get->getInt('status') == 1) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['rename_success'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . ' </td></tr>'; } if ($superCage->get->getInt('status') == 0) { echo '<tr><td class="tableb">"' . sprintf($lang_plugin_annotate['rename_fail'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . '. ' . $lang_plugin_annotate['note_empty'] . '</td></tr>'; } } if ($superCage->get->keyExists('batch_delete') && $superCage->get->getInt('status') == 1) { echo '<tr><td class="tableb">' . sprintf($lang_plugin_annotate['delete_success'], $superCage->get->getRaw('note_old'), $superCage->get->getRaw('note_new')) . ' </td></tr>'; } } if ($superCage->get->keyExists('note')) { if ($superCage->get->keyExists('batch_rename')) { global $lang_common; echo ' <tr><td class="tableb"> <form method="post"> <input type="text" name="note_old" size="40" class="textinput" value="' . $superCage->get->getRaw('note') . '" readonly="readonly"> ' . $lang_plugin_annotate['rename_to'] . ' <input type="text" name="note_new" size="40" class="textinput" id="note_new"> <input type="submit" name="sure" class="button" value="' . $lang_common['go'] . '"> </form> <script type="text/javascript"> document.getElementById("note_new").select(); </script> </td></tr> '; } if ($superCage->get->keyExists('batch_delete')) { global $lang_common; echo ' <tr><td class="tableb"> <form method="post"> ' . $lang_common['delete'] . ' <input type="text" name="note_old" class="textinput" value="' . $superCage->get->getRaw('note') . '" readonly="readonly"> <input type="submit" name="sure" class="button" value="' . $lang_common['go'] . '"> </form> </td></tr> '; } } $result = cpg_db_query("SELECT DISTINCT(note) FROM {$CONFIG['TABLE_PREFIX']}plugin_annotate ORDER BY note"); if (mysql_num_rows($result)) { $person_array = array(); while ($row = mysql_fetch_assoc($result)) { $person_array[] = stripslashes($row['note']); } echo '<tr><td class="tableb" align="left">'; for ($i = 0; $i < count($person_array); $i++) { $note = str_replace(array("#", "&"), array("%23", "%26"), $person_array[$i]); echo "\n <a href=\"index.php?plugin=annotate&manage&batch_delete&note={$note}\" title=\"{$lang_plugin_annotate['batch_delete']}\"><img src=\"images/icons/delete.png\" border=\"0\" /></a>\n <a href=\"index.php?plugin=annotate&manage&batch_rename&note={$note}\" title=\"{$lang_plugin_annotate['batch_rename']}\"><img src=\"images/icons/edit.png\" border=\"0\" /></a>\n {$person_array[$i]}<br />\n "; } echo '</td></tr>'; } mysql_free_result($result); } endtable(); pagefooter(); exit; } }
/** * The standard upgrader * This parses the requested sql file for database upgrade * Most upgrades will use this function */ function standard_upgrader() { global $roster; $ver = str_replace('.', '', $this->versions[$this->index]); $db_structure_file = ROSTER_LIB . 'dbal' . DIR_SEP . 'structure' . DIR_SEP . 'upgrade_' . $ver . '.sql'; if (file_exists($db_structure_file)) { // Parse structure file and create database tables $sql = @fread(@fopen($db_structure_file, 'r'), @filesize($db_structure_file)); $sql = preg_replace('#renprefix\\_(\\S+?)([\\s\\.,]|$)#', $roster->db->prefix . '\\1\\2', $sql); $sql = remove_remarks($sql); $sql = parse_sql($sql, ';'); $sql_count = count($sql); for ($i = 0; $i < $sql_count; $i++) { $roster->db->query($sql[$i]); } unset($sql); } else { roster_die('Could not obtain SQL structure/data', $roster->locale->act['upgrade_wowroster']); } $roster->db->query("UPDATE `" . $roster->db->table('config') . "` SET `config_value` = '" . ROSTER_VERSION . "' WHERE `id` = '4' LIMIT 1;"); $roster->db->query("ALTER TABLE `" . $roster->db->table('config') . "` ORDER BY `id`;"); return; }
function update_tables() { global $errors, $CONFIG, $lang_update_php, $lang_common, $LINEBREAK, $help; global $update_icon, $ok_icon, $already_done_icon, $error_icon, $file_system_icon; $loopCounter = 0; $cellStyle = ''; $superCage = Inspekt::makeSuperCage(); $db_update = 'sql/update.sql'; $sql_query = fread(fopen($db_update, 'r'), filesize($db_update)); // Update table prefix $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); $sql_query = array_map('trim', $sql_query); echo <<<EOT <tr> <td class="tableh1" colspan="2"> {$update_icon}{$lang_update_php['performing_database_updates']}{$help} </td> </tr> EOT; foreach ($sql_query as $q) { $cellStyle = $loopCounter / 2 == floor($loopCounter / 2) ? 'tableb' : 'tableb tableb_alternate'; $loopCounter++; echo '<tr>' . $LINEBREAK . ' <td width="80%" class="' . $cellStyle . '">' . $q; /** * Determining if the Alter Table actually made a change * to properly reflect it's status on the update page. */ if (strpos(strtolower($q), 'alter table') !== false) { $query = explode(' ', $q); $result = mysql_query("DESCRIBE " . $query[2]); $description = array(); while ($row = mysql_fetch_row($result)) { $description[] = $row; } $result = @mysql_query($q); $affected = mysql_affected_rows(); $warnings = mysql_query('SHOW WARNINGS'); $result = mysql_query("DESCRIBE " . $query[2]); $description2 = array(); while ($row = mysql_fetch_row($result)) { $description2[] = $row; } if ($description == $description2) { $affected = 0; } } else { $result = @mysql_query($q); $affected = mysql_affected_rows(); $warnings = mysql_query('SHOW WARNINGS;'); } if ($superCage->get->keyExists('debug')) { echo '<hr />Debug output:<br />'; if ($affected > -1) { echo "Rows Affected: " . $affected . ". "; } if ($warnings) { while ($warning = mysql_fetch_row($warnings)) { if ($warning[0] != '') { $warning_text = 'MySQL said: '; } else { $warning_text = ''; } echo $warning_text . '<tt class="code">' . $warning[0] . ' (' . $warning[1] . ') ' . $warning[2] . '</tt><br />'; } } } echo '</td>' . $LINEBREAK; // end the table cell that contains the output if ($result && $affected) { echo ' <td width="20%" class="' . $cellStyle . ' updatesOK">' . $ok_icon . $lang_common['ok'] . '</td>' . $LINEBREAK; } else { echo ' <td width="20%" class="' . $cellStyle . ' updatesFail">' . $already_done_icon . $lang_update_php['already_done'] . '</td>' . $LINEBREAK; } echo '</tr>' . $LINEBREAK; } // end foreach loop // Check password encryption and perform the conversion if applicable $cellStyle = $loopCounter / 2 == floor($loopCounter / 2) ? 'tableb' : 'tableb tableb_alternate'; $loopCounter++; echo <<<EOT <tr> <td class="{$cellStyle}"> {$lang_update_php['password_encryption']}: </td> EOT; $CONFIG['enable_encrypted_passwords'] = cpg_get_config_value('enable_encrypted_passwords'); if ($CONFIG['enable_encrypted_passwords'] != '1') { echo <<<EOT <td class="{$cellStyle} updatesOK"> {$ok_icon}{$lang_common['ok']} </td> </tr> EOT; $result = mysql_query("update {$CONFIG['TABLE_PREFIX']}users set user_password=md5(user_password);"); if ($CONFIG['enable_encrypted_passwords'] === '0') { $result = mysql_query("update {$CONFIG['TABLE_PREFIX']}config set value = '1' WHERE name = 'enable_encrypted_passwords'"); } else { $result = mysql_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}config ( `name` , `value` ) VALUES ('enable_encrypted_passwords', '1')"); } } else { echo <<<EOT <td class="{$cellStyle} updatesFail"> {$already_done_icon}{$lang_update_php['already_done']} </td> </tr> EOT; } // Check album password encryption and perform the conversion if applicable $cellStyle = $loopCounter / 2 == floor($loopCounter / 2) ? 'tableb' : 'tableb tableb_alternate'; $loopCounter++; echo <<<EOT <tr> <td class="{$cellStyle}"> {$lang_update_php['alb_password_encryption']}: </td> EOT; $CONFIG['enable_encrypted_alb_passwords'] = cpg_get_config_value('enable_encrypted_alb_passwords'); if ($CONFIG['enable_encrypted_alb_passwords'] != 1) { echo <<<EOT <td class="{$cellStyle} updatesOK"> {$ok_icon}{$lang_common['ok']} </td> </tr> EOT; // Encrypt the album password but only for those albums which have a password assigned. $result = mysql_query("update {$CONFIG['TABLE_PREFIX']}albums set alb_password=md5(alb_password) WHERE alb_password IS NOT NULL AND alb_password != '';"); if ($CONFIG['enable_encrypted_alb_passwords'] != NULL) { $result = mysql_query("update {$CONFIG['TABLE_PREFIX']}config set value = 1 WHERE name = 'enable_encrypted_alb_passwords'"); } else { $result = mysql_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}config ( `name` , `value` ) VALUES ('enable_encrypted_alb_passwords', '1')"); } } else { echo <<<EOT <td class="{$cellStyle} updatesFail"> {$already_done_icon}{$lang_update_php['already_done']} </td> </tr> EOT; } // Check category tree modifications $cellStyle = $loopCounter / 2 == floor($loopCounter / 2) ? 'tableb' : 'tableb tableb_alternate'; $loopCounter++; echo <<<EOT <tr> <td class="{$cellStyle}"> {$lang_update_php['category_tree']}: </td> EOT; if (check_rebuild_tree()) { echo <<<EOT <td class="{$cellStyle} updatesOK"> {$ok_icon}{$lang_common['ok']} </td> </tr> EOT; } else { echo <<<EOT <td class="{$cellStyle} updatesFail"> {$already_done_icon}{$lang_update_php['already_done']} </td> </tr> EOT; } }
function createAdmin() { global $CONFIG, $config, $language; if (!isset($config['admin_username']) || $config['admin_username'] == '') { $GLOBALS['error'] = $language['no_admin_username']; return false; } if (!isset($config['admin_password']) || $config['admin_password'] == '') { $GLOBALS['error'] = $language['no_admin_password']; return false; } if (!isset($config['admin_email']) || $config['admin_email'] == '') { $GLOBALS['error'] = $language['no_admin_email']; return false; } require 'include/passwordhash.inc.php'; $password_params = explode(':', cpg_password_create_hash($config['admin_password'])); // Insert the admin account $sql_query = "INSERT INTO {$config['db_prefix']}users " . "(user_group, user_active, user_name, user_password, user_password_salt, " . " user_password_hash_algorithm, user_password_iterations, user_lastvisit, " . " user_regdate, user_group_list, user_email, user_profile1, user_profile2, " . " user_profile3, user_profile4, user_profile5, user_profile6, user_actkey) " . "VALUES " . "(1, 'YES', '{$config['admin_username']}', '{$password_params[HASH_PBKDF2_INDEX]}', " . " '{$password_params[HASH_SALT_INDEX]}', '{$password_params[HASH_ALGORITHM_INDEX]}', '{$password_params[HASH_ITERATION_INDEX]}', " . " NOW(), NOW(), '', '{$config['admin_email']}', '', '', '', '', '', '', '');\n"; // Set gallery admin mail $sql_query .= "REPLACE INTO CPG_config VALUES ('gallery_admin_email', '{$config['admin_email']}');\n"; // Update table prefix $sql_query = preg_replace('/CPG_/', $config['db_prefix'], $sql_query); require_once 'include/sql_parse.php'; $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); // Get a connection with the db. // if (!checkSqlConnection()) { // return false; // } foreach ($sql_query as $q) { if (!cpg_db_query($q)) { $GLOBALS['error'] = $language['dbase_error'] . cpg_db_getError() . ' ' . $language['on_q'] . " '{$q}'"; return false; } } return true; }
function update_tables() { global $errors, $CONFIG; $superCage = Inspekt::makeSuperCage(); $possibilities = array('REDIRECT_URL', 'PHP_SELF', 'SCRIPT_URL', 'SCRIPT_NAME', 'SCRIPT_FILENAME'); foreach ($possibilities as $test) { if ($matches = $superCage->server->getMatched($test, '/([^\\/]+\\.php)$/')) { $CPG_PHP_SELF = $matches[1]; break; } } //$CPG_PHP_SELF = $_SERVER['PHP_SELF']; $gallery_dir = strtr(dirname($CPG_PHP_SELF), '\\', '/'); //$gallery_url_prefix = 'http://' . $_SERVER['HTTP_HOST'] . $gallery_dir . (substr($gallery_dir, -1) == '/' ? '' : '/'); $gallery_url_prefix = 'http://' . $superCage->server->getRaw('HTTP_HOST') . $gallery_dir . (substr($gallery_dir, -1) == '/' ? '' : '/'); $db_update = 'sql/update.sql'; $sql_query = fread(fopen($db_update, 'r'), filesize($db_update)); // Update table prefix $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); ?> <h2>Performing Database Updates<h2> <table class="maintable"> <?php foreach ($sql_query as $q) { echo "<tr><td class='tableb'>{$q}</td>"; /** * Determining if the Alter Table actually made a change * to properly reflect it's status on the update page. */ if (strpos(strtolower($q), 'alter table') !== false) { $query = explode(" ", $q); //var_dump($query); $result = mysql_query("DESCRIBE " . $query[2]); while ($row = mysql_fetch_row($result)) { $description[] = $row; } $result = @mysql_query($q); $affected = mysql_affected_rows(); $warnings = mysql_query('SHOW WARNINGS'); $result = mysql_query("DESCRIBE " . $query[2]); while ($row = mysql_fetch_row($result)) { $description2[] = $row; } if ($description == $description2) { $affected = 0; } } else { $result = @mysql_query($q); $affected = mysql_affected_rows(); $warnings = mysql_query('SHOW WARNINGS;'); } if ($result && $affected) { echo "<td class='updatesOK'>OK</td>"; } else { echo "<td class='updatesFail'>Already Done</td>"; } //if (isset($_REQUEST['debug'])) { if ($superCage->get->keyExists('debug')) { echo "<tr><td class='tablef'>"; if ($affected > -1) { echo "Rows Affected: " . $affected . "<br />"; } if ($warnings) { while ($warning = mysql_fetch_row($warnings)) { echo "{$warning[0]} ({$warning[1]}) {$warning[2]}<br />"; } } echo "</td><td class='tableh2_compact'>MySQL Said</td></tr>"; } } echo "</table>"; }
/** * Load a schema (and execute) * * @param string $install_path */ function load_schema_30($install_path = '', $install_dbms = false) { global $settings, $db, $table_prefix; static $available_dbms = false; if ($install_dbms === false) { $dbms = $settings->get_config('dbms'); $install_dbms = $dbms; } if (!function_exists('get_available_dbms')) { global $phpbb_root_path, $phpEx; include $phpbb_root_path . 'includes/functions_install.' . $phpEx; } if (!$available_dbms) { $available_dbms = get_available_dbms($install_dbms); if ($install_dbms == 'mysql') { if (version_compare($db->mysql_version, '4.1.3', '>=')) { $available_dbms[$install_dbms]['SCHEMA'] .= '_41'; } else { $available_dbms[$install_dbms]['SCHEMA'] .= '_40'; } } } $remove_remarks = $available_dbms[$install_dbms]['COMMENTS']; $delimiter = $available_dbms[$install_dbms]['DELIM']; $dbms_schema = $install_path . $available_dbms[$install_dbms]['SCHEMA'] . '_schema.sql'; if (file_exists($dbms_schema)) { $sql_query = @file_get_contents($dbms_schema); $sql_query = preg_replace('#phpbb_#i', $table_prefix, $sql_query); $remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, $delimiter); foreach ($sql_query as $sql) { $db->sql_query($sql); } unset($sql_query); } if (file_exists($install_path . 'schema_data.sql')) { $sql_query = file_get_contents($install_path . 'schema_data.sql'); switch ($install_dbms) { case 'mssql': case 'mssql_odbc': $sql_query = preg_replace('#\\# MSSQL IDENTITY (phpbb_[a-z_]+) (ON|OFF) \\##s', 'SET IDENTITY_INSERT \\1 \\2;', $sql_query); break; case 'postgres': $sql_query = preg_replace('#\\# POSTGRES (BEGIN|COMMIT) \\##s', '\\1; ', $sql_query); break; } $sql_query = preg_replace('# phpbb_([^\\s]*) #i', ' ' . $table_prefix . '\\1 ', $sql_query); $sql_query = preg_replace_callback('#\\{L_([A-Z0-9\\-_]*)\\}#s', 'adjust_language_keys_callback', $sql_query); remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $sql) { $db->sql_query($sql); } unset($sql_query); } }
function main($id, $mode) { global $db, $user, $auth, $template, $table_prefix; global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx; $user->add_lang('acp/database'); $this->tpl_name = 'acp_database'; $this->page_title = 'ACP_DATABASE'; $action = request_var('action', ''); $submit = isset($_POST['submit']) ? true : false; $template->assign_vars(array('MODE' => $mode)); switch ($mode) { case 'backup': switch ($action) { case 'download': $type = request_var('type', ''); $table = request_var('table', array('')); $format = request_var('method', ''); $where = request_var('where', ''); $store = $download = $structure = $schema_data = false; if ($where == 'store_and_download' || $where == 'store') { $store = true; } if ($where == 'store_and_download' || $where == 'download') { $download = true; } if ($type == 'full' || $type == 'structure') { $structure = true; } if ($type == 'full' || $type == 'data') { $schema_data = true; } @set_time_limit(1200); $filename = time(); // We set up the info needed for our on-the-fly creation :D switch ($format) { case 'text': $ext = '.sql'; $open = 'fopen'; $write = 'fwrite'; $close = 'fclose'; $oper = ''; $mimetype = 'text/x-sql'; break; case 'bzip2': $ext = '.sql.bz2'; $open = 'bzopen'; $write = 'bzwrite'; $close = 'bzclose'; $oper = 'bzcompress'; $mimetype = 'application/x-bzip2'; break; case 'gzip': $ext = '.sql.gz'; $open = 'gzopen'; $write = 'gzwrite'; $close = 'gzclose'; $oper = 'gzencode'; $mimetype = 'application/x-gzip'; break; } // We write the file to "store" first (and then compress the file) to not use too much // memory. The server process can be easily killed by storing too much data at once. if ($store == true) { $file = $phpbb_root_path . 'store/' . $filename . $ext; $fp = $open($file, 'w'); if (!$fp) { trigger_error('Unable to write temporary file to storage folder'); } } if ($download == true) { $name = $filename . $ext; header('Pragma: no-cache'); header("Content-Type: {$mimetype}; name=\"{$name}\""); header("Content-disposition: attachment; filename={$name}"); } // All of the generated queries go here $sql_data = ''; $sql_data .= "#\n"; $sql_data .= "# phpBB Backup Script\n"; $sql_data .= "# Dump of tables for {$table_prefix}\n"; $sql_data .= "# DATE : " . gmdate("d-m-Y H:i:s", $filename) . " GMT\n"; $sql_data .= "#\n"; switch (SQL_LAYER) { case 'sqlite': $sql_data .= "BEGIN TRANSACTION;\n"; break; case 'postgres': $sql_data .= "BEGIN;\n"; break; case 'mssql': case 'mssql_odbc': $sql_data .= "BEGIN TRANSACTION\nGO\n"; break; } foreach ($table as $table_name) { // Get the table structure if ($structure) { switch (SQL_LAYER) { case 'mysqli': case 'mysql4': case 'mysql': case 'sqlite': $sql_data .= '# Table: ' . $table_name . "\n"; $sql_data .= "DROP TABLE IF EXISTS {$table_name};\n"; break; case 'oracle': $sql_data .= '# Table: ' . $table_name . "\n"; $sql_data .= "DROP TABLE {$table_name};\n\\\n"; break; case 'postgres': case 'firebird': $sql_data .= '# Table: ' . $table_name . "\n"; $sql_data .= "DROP TABLE {$table_name};\n"; break; case 'mssql': case 'mssql_odbc': $sql_data .= '# Table: ' . $table_name . "\n"; $sql_data .= "IF OBJECT_ID(N'{$table_name}', N'U') IS NOT NULL\n"; $sql_data .= "DROP TABLE {$table_name};\nGO\n"; break; } $sql_data .= $this->get_table_structure($table_name); } // Now write the data for the first time. :) if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; // Data if ($schema_data) { $sql_data .= "\n"; switch (SQL_LAYER) { case 'mysqli': $sql = "SELECT * FROM {$table_name}"; $result = mysqli_query($db->db_connect_id, $sql, MYSQLI_USE_RESULT); if ($result != false) { $fields_cnt = mysqli_num_fields($result); // Get field information $field = mysqli_fetch_fields($result); $field_set = array(); for ($j = 0; $j < $fields_cnt; $j++) { $field_set[$j] = $field[$j]->name; } $search = array('\\', "'", "", "\n", "\r", ""); $replace = array('\\\\\\\\', "''", '\\0', '\\n', '\\r', '\\Z'); $fields = implode(', ', $field_set); $values = array(); $schema_insert = 'INSERT INTO ' . $table_name . ' (' . $fields . ') VALUES ('; while ($row = mysqli_fetch_row($result)) { for ($j = 0; $j < $fields_cnt; $j++) { if (!isset($row[$j]) || is_null($row[$j])) { $values[$j] = 'NULL'; } else { if ($field[$j]->flags & 32768 && !($field[$j]->flags & 1024)) { $values[$j] = $row[$j]; } else { $values[$j] = "'" . str_replace($search, $replace, $row[$j]) . "'"; } } } $sql_data .= $schema_insert . implode(', ', $values) . ");\n"; if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; $values = array(); } mysqli_free_result($result); } break; case 'mysql4': case 'mysql': $sql = "SELECT * FROM {$table_name}"; $result = mysql_unbuffered_query($sql, $db->db_connect_id); if ($result != false) { $fields_cnt = mysql_num_fields($result); // Get field information $field = array(); for ($i = 0; $i < $fields_cnt; $i++) { $field[$i] = mysql_fetch_field($result, $i); } $field_set = array(); for ($j = 0; $j < $fields_cnt; $j++) { $field_set[$j] = $field[$j]->name; } $search = array('\\', "'", "", "\n", "\r", ""); $replace = array('\\\\\\\\', "''", '\\0', '\\n', '\\r', '\\Z'); $fields = implode(', ', $field_set); $schema_insert = 'INSERT INTO ' . $table_name . ' (' . $fields . ') VALUES ('; while ($row = mysql_fetch_row($result)) { $values = array(); for ($j = 0; $j < $fields_cnt; $j++) { if (!isset($row[$j]) || is_null($row[$j])) { $values[$j] = 'NULL'; } else { if ($field[$j]->numeric && $field[$j]->type !== 'timestamp') { $values[$j] = $row[$j]; } else { $values[$j] = "'" . str_replace($search, $replace, $row[$j]) . "'"; } } } $sql_data .= $schema_insert . implode(', ', $values) . ");\n"; if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; } mysql_free_result($result); } break; case 'sqlite': $col_types = sqlite_fetch_column_types($table_name, $db->db_connect_id); $sql = "SELECT * FROM {$table_name}"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $names = $data = array(); foreach ($row as $row_name => $row_data) { $names[] = $row_name; // Figure out what this data is, escape it properly if (is_null($row_data)) { $row_data = 'NULL'; } else { if ($row_data == '') { $row_data = "''"; } else { if (strpos($col_types[$row_name], 'text') !== false || strpos($col_types[$row_name], 'char') !== false) { $row_data = "'" . $row_data . "'"; } } } $data[] = $row_data; } $sql_data .= 'INSERT INTO ' . $table_name . ' (' . implode(', ', $names) . ') VALUES (' . implode(', ', $data) . ");\n"; if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; } $db->sql_freeresult($result); break; case 'postgres': $ary_type = $ary_name = array(); // Grab all of the data from current table. $sql = "SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM {$table_name}"; $result = $db->sql_query($sql); $i_num_fields = pg_num_fields($result); $seq = ''; for ($i = 0; $i < $i_num_fields; $i++) { $ary_type[$i] = pg_field_type($result, $i); $ary_name[$i] = pg_field_name($result, $i); $sql = "SELECT pg_get_expr(d.adbin, d.adrelid) as rowdefault\n\t\t\t\t\t\t\t\t\t\t\t\tFROM pg_attrdef d, pg_class c\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE (c.relname = '{$table_name}')\n\t\t\t\t\t\t\t\t\t\t\t\t\tAND (c.oid = d.adrelid)\n\t\t\t\t\t\t\t\t\t\t\t\t\tAND d.adnum = " . strval($i + 1); $result2 = $db->sql_query($sql); if ($row = $db->sql_fetchrow($result2)) { // Determine if we must reset the sequences if (strpos($row['rowdefault'], 'nextval(\'') === 0) { $seq .= "SELECT SETVAL('{$table_name}_seq',(select case when max({$ary_name[$i]})>0 then max({$ary_name[$i]})+1 else 1 end from {$table_name}));\n"; } } } while ($row = $db->sql_fetchrow($result)) { $schema_vals = $schema_fields = array(); // Build the SQL statement to recreate the data. for ($i = 0; $i < $i_num_fields; $i++) { $str_val = $row[$ary_name[$i]]; if (preg_match('#char|text|bool#i', $ary_type[$i])) { $str_quote = "'"; $str_empty = ''; $str_val = addslashes($str_val); } else { if (preg_match('#date|timestamp#i', $ary_type[$i])) { if (empty($str_val)) { $str_quote = ''; } else { $str_quote = "'"; } } else { $str_quote = ''; $str_empty = 'NULL'; } } if (empty($str_val) && $str_val !== '0') { $str_val = $str_empty; } $schema_vals[$i] = $str_quote . $str_val . $str_quote; $schema_fields[$i] = $ary_name[$i]; } // Take the ordered fields and their associated data and build it // into a valid sql statement to recreate that field in the data. $sql_data .= "INSERT INTO {$table_name} (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; } $db->sql_freeresult($result); // Write out the sequence statements if ($store == true) { $write($fp, $seq); } if ($download == true) { if (!empty($oper)) { echo $oper($seq); } else { echo $seq; } } $seq = ''; break; case 'mssql_odbc': $ary_type = $ary_name = array(); $ident_set = false; // Grab all of the data from current table. $sql = "SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM {$table_name}"; $result = $db->sql_query($sql); $retrieved_data = odbc_num_rows($result); if ($retrieved_data) { $sql = "SELECT 1 as has_identity\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM INFORMATION_SCHEMA.COLUMNS\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE COLUMNPROPERTY(object_id('{$table_name}'), COLUMN_NAME, 'IsIdentity') = 1"; $result2 = $db->sql_query($sql); $row2 = $db->sql_fetchrow($result2); if (!empty($row2['has_identity'])) { $sql_data .= "\nSET IDENTITY_INSERT {$table_name} ON\nGO\n"; $ident_set = true; } $db->sql_freeresult($result2); } $i_num_fields = odbc_num_fields($result); for ($i = 0; $i < $i_num_fields; $i++) { $ary_type[$i] = odbc_field_type($result, $i); $ary_name[$i] = odbc_field_name($result, $i); } while ($row = $db->sql_fetchrow($result)) { $schema_vals = $schema_fields = array(); // Build the SQL statement to recreate the data. for ($i = 0; $i < $i_num_fields; $i++) { $str_val = $row[$ary_name[$i]]; if (preg_match('#char|text|bool#i', $ary_type[$i])) { $str_quote = "'"; $str_empty = ''; $str_val = addslashes($str_val); } else { if (preg_match('#date|timestamp#i', $ary_type[$i])) { if (empty($str_val)) { $str_quote = ''; } else { $str_quote = "'"; } } else { $str_quote = ''; $str_empty = 'NULL'; } } if (empty($str_val) && $str_val !== '0' && !(is_int($str_val) || is_float($str_val))) { $str_val = $str_empty; } $schema_vals[$i] = $str_quote . $str_val . $str_quote; $schema_fields[$i] = $ary_name[$i]; } // Take the ordered fields and their associated data and build it // into a valid sql statement to recreate that field in the data. $sql_data .= "INSERT INTO {$table_name} (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; } $db->sql_freeresult($result); if ($retrieved_data) { $sql_data = "\nGO\n"; if ($ident_set) { $sql_data .= "\nSET IDENTITY_INSERT {$table_name} OFF\nGO\n"; } } break; case 'mssql': $ary_type = $ary_name = array(); $ident_set = false; // Grab all of the data from current table. $sql = "SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM {$table_name}"; $result = $db->sql_query($sql); $retrieved_data = mssql_num_rows($result); $i_num_fields = mssql_num_fields($result); for ($i = 0; $i < $i_num_fields; $i++) { $ary_type[$i] = mssql_field_type($result, $i); $ary_name[$i] = mssql_field_name($result, $i); } if ($retrieved_data) { $sql = "SELECT 1 as has_identity\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM INFORMATION_SCHEMA.COLUMNS\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE COLUMNPROPERTY(object_id('{$table_name}'), COLUMN_NAME, 'IsIdentity') = 1"; $result2 = $db->sql_query($sql); $row2 = $db->sql_fetchrow($result2); if (!empty($row2['has_identity'])) { $sql_data .= "\nSET IDENTITY_INSERT {$table_name} ON\nGO\n"; $ident_set = true; } $db->sql_freeresult($result2); } while ($row = $db->sql_fetchrow($result)) { $schema_vals = $schema_fields = array(); // Build the SQL statement to recreate the data. for ($i = 0; $i < $i_num_fields; $i++) { $str_val = $row[$ary_name[$i]]; if (preg_match('#char|text|bool#i', $ary_type[$i])) { $str_quote = "'"; $str_empty = ''; $str_val = addslashes($str_val); } else { if (preg_match('#date|timestamp#i', $ary_type[$i])) { if (empty($str_val)) { $str_quote = ''; } else { $str_quote = "'"; } } else { $str_quote = ''; $str_empty = 'NULL'; } } if (empty($str_val) && $str_val !== '0' && !(is_int($str_val) || is_float($str_val))) { $str_val = $str_empty; } $schema_vals[$i] = $str_quote . $str_val . $str_quote; $schema_fields[$i] = $ary_name[$i]; } // Take the ordered fields and their associated data and build it // into a valid sql statement to recreate that field in the data. $sql_data .= "INSERT INTO {$table_name} (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; } $db->sql_freeresult($result); if ($retrieved_data) { $sql_data = "\nGO\n"; if ($ident_set) { $sql_data .= "\nSET IDENTITY_INSERT {$table_name} OFF\nGO\n"; } } break; case 'firebird': $ary_type = $ary_name = array(); // Grab all of the data from current table. $sql = "SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM {$table_name}"; $result = $db->sql_query($sql); $i_num_fields = ibase_num_fields($result); for ($i = 0; $i < $i_num_fields; $i++) { $info = ibase_field_info($result, $i); $ary_type[$i] = $info['type']; $ary_name[$i] = $info['name']; } while ($row = $db->sql_fetchrow($result)) { $schema_vals = $schema_fields = array(); // Build the SQL statement to recreate the data. for ($i = 0; $i < $i_num_fields; $i++) { $str_val = $row[strtolower($ary_name[$i])]; if (preg_match('#char|text|bool#i', $ary_type[$i])) { $str_quote = "'"; $str_empty = ''; $str_val = addslashes($str_val); } else { if (preg_match('#date|timestamp#i', $ary_type[$i])) { if (empty($str_val)) { $str_quote = ''; } else { $str_quote = "'"; } } else { $str_quote = ''; $str_empty = 'NULL'; } } if (empty($str_val) && $str_val !== '0') { $str_val = $str_empty; } $schema_vals[$i] = $str_quote . $str_val . $str_quote; $schema_fields[$i] = "'" . $ary_name[$i] . "'"; } // Take the ordered fields and their associated data and build it // into a valid sql statement to recreate that field in the data. $sql_data .= "INSERT INTO {$table_name} (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; } $db->sql_freeresult($result); break; case 'oracle': $ary_type = $ary_name = array(); // Grab all of the data from current table. $sql = "SELECT *\n\t\t\t\t\t\t\t\t\t\t\tFROM {$table_name}"; $result = $db->sql_query($sql); $i_num_fields = ocinumcols($result); for ($i = 0; $i < $i_num_fields; $i++) { $ary_type[$i] = ocicolumntype($result, $i); $ary_name[$i] = ocicolumnname($result, $i); } while ($row = $db->sql_fetchrow($result)) { $schema_vals = $schema_fields = array(); // Build the SQL statement to recreate the data. for ($i = 0; $i < $i_num_fields; $i++) { $str_val = $row[$ary_name[$i]]; if (preg_match('#char|text|bool#i', $ary_type[$i])) { $str_quote = "'"; $str_empty = ''; $str_val = addslashes($str_val); } else { if (preg_match('#date|timestamp#i', $ary_type[$i])) { if (empty($str_val)) { $str_quote = ''; } else { $str_quote = "'"; } } else { $str_quote = ''; $str_empty = 'NULL'; } } if (empty($str_val) && $str_val !== '0') { $str_val = $str_empty; } $schema_vals[$i] = $str_quote . $str_val . $str_quote; $schema_fields[$i] = '"' . $ary_name[$i] . "'"; } // Take the ordered fields and their associated data and build it // into a valid sql statement to recreate that field in the data. $sql_data .= "INSERT INTO {$table_name} (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; if ($store == true) { $write($fp, $sql_data); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } } $sql_data = ''; } $db->sql_freeresult($result); break; } } } switch (SQL_LAYER) { case 'sqlite': case 'postgres': $sql_data .= "COMMIT;"; break; case 'mssql': case 'mssql_odbc': $sql_data .= "COMMIT\nGO"; break; } if ($store == true) { $write($fp, $sql_data); $close($fp); } if ($download == true) { if (!empty($oper)) { echo $oper($sql_data); } else { echo $sql_data; } exit; } unset($sql_data); add_log('admin', 'LOG_DB_BACKUP'); trigger_error($user->lang['BACKUP_SUCCESS']); break; default: $tables = array(); switch (SQL_LAYER) { case 'sqlite': $sql = "SELECT name\n\t\t\t\t\t\t\t\t\tFROM sqlite_master\n\t\t\t\t\t\t\t\t\tWHERE type='table'\n\t\t\t\t\t\t\t\t\tORDER BY name"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (strpos($row['name'], $table_prefix) === 0) { $tables[] = $row['name']; } } $db->sql_freeresult($result); break; case 'mysqli': case 'mysql4': case 'mysql': $sql = "SHOW TABLES\n\t\t\t\t\t\t\t\t\tLIKE '{$table_prefix}%'"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $tables[] = current($row); } $db->sql_freeresult($result); break; case 'postgres': $sql = "SELECT relname\n\t\t\t\t\t\t\t\t\tFROM pg_stat_user_tables\n\t\t\t\t\t\t\t\t\tORDER BY relname;"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (strpos($row['relname'], $table_prefix) === 0) { $tables[] = $row['relname']; } } $db->sql_freeresult($result); break; case 'mssql': case 'mssql_odbc': $sql = "SELECT TABLE_NAME\n\t\t\t\t\t\t\t\t\tFROM INFORMATION_SCHEMA.TABLES\n\t\t\t\t\t\t\t\t\tWHERE TABLE_TYPE = 'BASE TABLE'\n\t\t\t\t\t\t\t\t\tORDER BY TABLE_NAME"; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (strpos($row['TABLE_NAME'], $table_prefix) === 0) { $tables[] = $row['TABLE_NAME']; } } $db->sql_freeresult($result); break; case 'firebird': $sql = 'SELECT RDB$RELATION_NAME as TABLE_NAME FROM RDB$RELATIONS WHERE RDB$SYSTEM_FLAG=0 AND RDB$VIEW_BLR IS NULL'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (stripos($row['table_name'], $table_prefix) === 0) { $tables[] = $row['table_name']; } } $db->sql_freeresult($result); break; case 'oracle': $sql = 'SELECT TNAME as table_name FROM TAB'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (stripos($row['table_name'], $table_prefix) === 0) { $tables[] = $row['table_name']; } } $db->sql_freeresult($result); break; } foreach ($tables as $table) { $template->assign_block_vars('tables', array('TABLE' => $table)); } $template->assign_vars(array('U_ACTION' => $this->u_action . '&action=download')); $available_methods = array('gzip' => 'zlib', 'bzip2' => 'bz2'); foreach ($available_methods as $type => $module) { if (!@extension_loaded($module)) { continue; } $template->assign_block_vars('methods', array('TYPE' => $type)); } $template->assign_block_vars('methods', array('TYPE' => 'text')); break; } break; case 'restore': switch ($action) { case 'submit': $delete = request_var('delete', ''); $file = request_var('file', ''); preg_match('#^(\\d{10})\\.(sql(?:\\.(?:gz|bz2))?)$#', $file, $matches); $file_name = $phpbb_root_path . 'store/' . $matches[0]; if (!(file_exists($file_name) && is_readable($file_name))) { trigger_error($user->lang['BACKUP_INVALID']); } if ($delete) { unlink($file_name); trigger_error($user->lang['BACKUP_DELETE']); } $data = file_get_contents($file_name); switch ($matches[2]) { case 'sql.bz2': $data = bzdecompress($data); break; case 'sql.gz': $data = gzinflate(substr($data, 10)); break; } $download = request_var('download', ''); if ($download) { $name = $matches[0]; switch ($matches[2]) { case 'sql': $mimetype = 'text/x-sql'; break; case 'sql.bz2': $mimetype = 'application/x-bzip2'; break; case 'sql.gz': $mimetype = 'application/x-gzip'; break; } header('Pragma: no-cache'); header("Content-Type: {$mimetype}; name=\"{$name}\""); header("Content-disposition: attachment; filename={$name}"); echo $data; die; } if (!empty($data)) { // Strip out sql comments... remove_remarks($data); switch (SQL_LAYER) { case 'firebird': $delim = ';;'; break; case 'mysql': case 'mysql4': case 'mysqli': case 'sqlite': case 'postgres': $delim = ';'; break; case 'oracle': $delim = '/'; break; case 'mssql': case 'mssql-odbc': $delim = 'GO'; break; } $pieces = split_sql_file($data, $delim); $sql_count = count($pieces); for ($i = 0; $i < $sql_count; $i++) { $sql = trim($pieces[$i]); if (!empty($sql) && $sql[0] != '#') { $db->sql_query($sql); } } } add_log('admin', 'LOG_DB_RESTORE'); trigger_error($user->lang['RESTORE_SUCCESS']); break; default: $selected = false; $methods = array('sql'); $available_methods = array('sql.gz' => 'zlib', 'sql.bz2' => 'bz2'); foreach ($available_methods as $type => $module) { if (!@extension_loaded($module)) { continue; } $methods[] = $type; } $dir = $phpbb_root_path . 'store/'; $dh = opendir($dir); while (($file = readdir($dh)) !== false) { if (preg_match('#^(\\d{10})\\.(sql(?:\\.(?:gz|bz2))?)$#', $file, $matches)) { $supported = in_array($matches[2], $methods); if ($supported == 'true') { $template->assign_block_vars('files', array('FILE' => $file, 'NAME' => gmdate("d-m-Y H:i:s", $matches[1]), 'SUPPORTED' => $supported)); $selected = true; } } } closedir($dh); if ($selected === true) { $template->assign_var('EXISTS', true); } $template->assign_vars(array('U_ACTION' => $this->u_action . '&action=submit')); break; } break; } }
function online_install() { global $CONFIG, $thisplugin; $superCage = Inspekt::makeSuperCage(); if ($superCage->post->keyExists('duration')) { require 'include/sql_parse.php'; $duration = $superCage->post->getInt('duration'); // create table $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); $sql_query[] = "INSERT IGNORE INTO {$CONFIG['TABLE_CONFIG']} (name, value) VALUES ('mod_updates_duration', '{$duration}')"; foreach ($sql_query as $q) { cpg_db_query($q); } // Add the string "onlinestats" to "the content of the main page" if it doesn't exist if (strpos($CONFIG['main_page_layout'], 'onlinestats') === FALSE) { $contentOfTheMainpage = rtrim($CONFIG['main_page_layout'], '/') . '/onlinestats'; cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = '{$contentOfTheMainpage}' WHERE name = 'main_page_layout'"); } return true; } else { return 1; } }
function uninstall() { global $DFLT, $CF, $DBS, $CONFIG; $fh = fopen($DFLT['cfg_d'] . "/" . $DFLT['cfg_f'], 'r') or $CF->unsafeexit("config_file_error"); fclose($fh); $CONFIG = array(); require $DFLT['cfg_d'] . "/" . $DFLT['cfg_f']; $DBS->initialize(); mysql_connect($DBS->db['host'], $DBS->db['user'], $DBS->db['password']); @mysql_select_db($DBS->db['name']) or $CF->unsafeexit("server_connection_error"); if (($sch_open = fopen($DFLT['sqloff_f'], 'r')) === FALSE) { $CF->unsafeexit("sql_config_error"); } else { $sql_query = fread($sch_open, filesize($DFLT['sql_f'])); } // Update table prefix $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { if (!mysql_query($q)) { $CF->unsafeexit("sql_statement_error"); } } mysql_close(); unlink($DFLT['cfg_d'] . "/" . $DFLT['cfg_f']); unlink($DFLT['cfg_d'] . "/" . $DFLT['ins_f']); $CF->safeexit("success"); }
function create_tables() { global $errors, $DFLT; //$PHP_SELF = $_SERVER['PHP_SELF']; $gallery_dir = strtr(dirname($_SERVER['PHP_SELF']), '\\', '/'); $gallery_url_prefix = 'http://' . $_SERVER['HTTP_HOST'] . $gallery_dir . (substr($gallery_dir, -1) == '/' ? '' : '/'); $db_schema = "{$DFLT['sql_d']}/schema.sql"; $db_basic = "{$DFLT['sql_d']}/basic.sql"; if (($sch_open = fopen($db_schema, 'r')) === FALSE) { $errors .= "<hr /><br />The file '{$db_schema}' could not be found. Check that you have uploaded all Coppermine files to your server<br /><br />"; return; } else { $sql_query = fread($sch_open, filesize($db_schema)); if (($bas_open = fopen($db_basic, 'r')) === FALSE) { $errors .= "<hr /><br />The file '{$db_basic}' could not be found. Check that you have uploaded all Coppermine files to your server<br /><br />"; return; } else { $sql_query .= fread($bas_open, filesize($db_basic)); } } // Insert the admin account $sql_query .= "INSERT INTO CPG_users (user_id, user_group, user_active, user_name, user_password, user_lastvisit, user_regdate, user_group_list, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6, user_actkey ) VALUES (1, 1, 'YES', '{$_POST['admin_username']}', md5('{$_POST['admin_password']}'), NOW(), NOW(), '', '{$_POST['admin_email']}', '', '', '', '', '', '', '');\n"; // Set configuration values for image package $sql_query .= "REPLACE INTO CPG_config VALUES ('thumb_method', '{$_POST['thumb_method']}');\n"; $sql_query .= "REPLACE INTO CPG_config VALUES ('impath', '{$_POST['impath']}');\n"; $sql_query .= "REPLACE INTO CPG_config VALUES ('ecards_more_pic_target', '{$gallery_url_prefix}');\n"; $sql_query .= "REPLACE INTO CPG_config VALUES ('gallery_admin_email', '{$_POST['admin_email']}');\n"; // Enable silly_safe_mode if test has shown that it is not configured properly if (test_silly_safe_mode() == TRUE) { $sql_query .= "REPLACE INTO CPG_config VALUES ('silly_safe_mode', '1');\n"; } // Test write permissions for main dir if (!is_writable('.')) { $sql_query .= "REPLACE INTO CPG_config VALUES ('default_dir_mode', '0777');\n"; $sql_query .= "REPLACE INTO CPG_config VALUES ('default_file_mode', '0666');\n"; } // Update table prefix $sql_query = preg_replace('/CPG_/', $_POST['table_prefix'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { if (!mysql_query($q)) { $errors .= "mySQL Error: " . mysql_error() . " on query '{$q}'<br /><br />"; return; } } }
/** * Removes "/* style" as well as "# style" comments from $input. * * @param string $input Input string * * @return string Input string with comments removed */ function phpbb_remove_comments($input) { if (!function_exists('remove_comments')) { global $phpbb_root_path, $phpEx; require $phpbb_root_path . 'includes/functions_admin.' . $phpEx; } // Remove /* */ comments remove_comments($input); // Remove # style comments remove_remarks($input); return $input; }
function imageflow_install() { global $CONFIG, $thisplugin; require 'include/sql_parse.php'; // create table $db_schema = $thisplugin->fullpath . '/schema.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); echo $sqlquery; foreach ($sql_query as $q) { cpg_db_query($q); } // insert default values $db_schema = $thisplugin->fullpath . '/basic.sql'; $sql_query = fread(fopen($db_schema, 'r'), filesize($db_schema)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $q) { cpg_db_query($q); } return true; }
function createAdmin() { global $config, $language; if (!isset($config['admin_username']) || $config['admin_username'] == '') { $GLOBALS['error'] = $language['no_admin_username']; return false; } if (!isset($config['admin_password']) || $config['admin_password'] == '') { $GLOBALS['error'] = $language['no_admin_password']; return false; } if (!isset($config['admin_email']) || $config['admin_email'] == '') { $GLOBALS['error'] = $language['no_admin_email']; return false; } // Insert the admin account $sql_query = "INSERT INTO {$config['db_prefix']}users " . "(user_group, user_active, user_name, user_password, user_lastvisit, " . " user_regdate, user_group_list, user_email, user_profile1, user_profile2, user_profile3, " . " user_profile4, user_profile5, user_profile6, user_actkey ) " . "VALUES " . "(1, 'YES', '{$config['admin_username']}', " . " md5('{$config['admin_password']}'), NOW(), NOW(), '', " . " '{$config['admin_email']}', '', '', '', '', '', '', '');\n"; // Set gallery admin mail $sql_query .= "REPLACE INTO CPG_config VALUES ('gallery_admin_email', '{$config['admin_email']}');\n"; // Update table prefix $sql_query = preg_replace('/CPG_/', $config['db_prefix'], $sql_query); require_once 'include/sql_parse.php'; $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); // Get a connection with the db. if (!checkSqlConnection()) { return false; } foreach ($sql_query as $q) { if (!mysql_query($q, $GLOBALS['mysql_connection'])) { $GLOBALS['error'] = $language['mysql_error'] . mysql_error($GLOBALS['mysql_connection']) . ' ' . $language['on_q'] . " '{$q}'"; return false; } } return true; }
function codebase_query($title, $sql_file) { global $CONFIG; if (!function_exists('remove_comments')) { include 'include' . DS . 'sql_parse.php'; } $sql_query = fread(fopen($sql_file, 'r'), filesize($sql_file)); $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); echo <<<EOT <table class="maintable" width="100%" border="0" cellspacing="1" cellpadding="0"> <tr><td class="tableh1" colspan="2"><b>{$title}</b></td></tr> EOT; foreach ($sql_query as $q) { echo "<tr><td class='tableb' style='color: black;'>{$q}</td>"; if (mysql_query($q)) { echo "<td class='tableb' style='color: green;'><b>OK</b></td></tr>"; } else { echo "<td class='tableb' style='color: red;'><b>Already Done</b></td></tr>"; } } echo '</table>'; }
function update_tables() { global $errors, $CONFIG; //$PHP_SELF = $_SERVER['PHP_SELF']; $gallery_dir = strtr(dirname($_SERVER['PHP_SELF']), '\\', '/'); $gallery_url_prefix = 'http://' . $_SERVER['HTTP_HOST'] . $gallery_dir . (substr($gallery_dir, -1) == '/' ? '' : '/'); $db_update = 'sql/update.sql'; $sql_query = fread(fopen($db_update, 'r'), filesize($db_update)); // Update table prefix $sql_query = preg_replace('/CPG_/', $CONFIG['TABLE_PREFIX'], $sql_query); $sql_query = remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); ?> <h2>Performing Database Updates<h2> <table class="maintable"> <?php foreach ($sql_query as $q) { echo "<tr><td class='tableb'>{$q}</td>"; if (@mysql_query($q)) { echo "<td class='updatesOK'>OK</td>"; } else { echo "<td class='updatesFail'>Already Done</td>"; } } echo "</table>"; }
/** * Load the contents of the schema into the database and then alter it based on what has been input during the installation */ function load_schema($mode, $sub) { global $db, $lang, $template, $phpbb_root_path, $phpEx; $this->page_title = $lang['STAGE_CREATE_TABLE']; $s_hidden_fields = ''; // Obtain any submitted data $data = $this->get_submitted_data(); if ($data['dbms'] == '') { // Someone's been silly and tried calling this page direct // So we send them back to the start to do it again properly $this->p_master->redirect("index.$phpEx?mode=install"); } // HTTP_HOST is having the correct browser url in most cases... $server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME')); $referer = (!empty($_SERVER['HTTP_REFERER'])) ? strtolower($_SERVER['HTTP_REFERER']) : getenv('HTTP_REFERER'); // HTTP HOST can carry a port number... if (strpos($server_name, ':') !== false) { $server_name = substr($server_name, 0, strpos($server_name, ':')); } $cookie_domain = ($data['server_name'] != '') ? $data['server_name'] : $server_name; // Try to come up with the best solution for cookie domain... if (strpos($cookie_domain, 'www.') === 0) { $cookie_domain = str_replace('www.', '.', $cookie_domain); } // If we get here and the extension isn't loaded it should be safe to just go ahead and load it $available_dbms = get_available_dbms($data['dbms']); if (!isset($available_dbms[$data['dbms']])) { // Someone's been silly and tried providing a non-existant dbms $this->p_master->redirect("index.$phpEx?mode=install"); } $dbms = $available_dbms[$data['dbms']]['DRIVER']; // Load the appropriate database class if not already loaded include($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx); // Instantiate the database $db = new $sql_db(); $db->sql_connect($data['dbhost'], $data['dbuser'], htmlspecialchars_decode($data['dbpasswd']), $data['dbname'], $data['dbport'], false, false); // NOTE: trigger_error does not work here. $db->sql_return_on_error(true); // If mysql is chosen, we need to adjust the schema filename slightly to reflect the correct version. ;) if ($data['dbms'] == 'mysql') { if (version_compare($db->sql_server_info(true), '4.1.3', '>=')) { $available_dbms[$data['dbms']]['SCHEMA'] .= '_41'; } else { $available_dbms[$data['dbms']]['SCHEMA'] .= '_40'; } } // Ok we have the db info go ahead and read in the relevant schema // and work on building the table $dbms_schema = 'schemas/' . $available_dbms[$data['dbms']]['SCHEMA'] . '_schema.sql'; // How should we treat this schema? $remove_remarks = $available_dbms[$data['dbms']]['COMMENTS']; $delimiter = $available_dbms[$data['dbms']]['DELIM']; $sql_query = @file_get_contents($dbms_schema); $sql_query = preg_replace('#phpbb_#i', $data['table_prefix'], $sql_query); $remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, $delimiter); foreach ($sql_query as $sql) { //$sql = trim(str_replace('|', ';', $sql)); if (!$db->sql_query($sql)) { $error = $db->sql_error(); $this->p_master->db_error($error['message'], $sql, __LINE__, __FILE__); } } unset($sql_query); // Ok tables have been built, let's fill in the basic information $sql_query = file_get_contents('schemas/schema_data.sql'); // Deal with any special comments switch ($data['dbms']) { case 'mssql': case 'mssql_odbc': $sql_query = preg_replace('#\# MSSQL IDENTITY (phpbb_[a-z_]+) (ON|OFF) \##s', 'SET IDENTITY_INSERT \1 \2;', $sql_query); break; case 'postgres': $sql_query = preg_replace('#\# POSTGRES (BEGIN|COMMIT) \##s', '\1; ', $sql_query); break; } // Change prefix $sql_query = preg_replace('#phpbb_#i', $data['table_prefix'], $sql_query); // Change language strings... $sql_query = preg_replace_callback('#\{L_([A-Z0-9\-_]*)\}#s', 'adjust_language_keys_callback', $sql_query); // Since there is only one schema file we know the comment style and are able to remove it directly with remove_remarks remove_remarks($sql_query); $sql_query = split_sql_file($sql_query, ';'); foreach ($sql_query as $sql) { //$sql = trim(str_replace('|', ';', $sql)); if (!$db->sql_query($sql)) { $error = $db->sql_error(); $this->p_master->db_error($error['message'], $sql, __LINE__, __FILE__); } } unset($sql_query); $current_time = time(); $user_ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars($_SERVER['REMOTE_ADDR']) : ''; if ($data['script_path'] !== '/') { // Adjust destination path (no trailing slash) if (substr($data['script_path'], -1) == '/') { $data['script_path'] = substr($data['script_path'], 0, -1); } $data['script_path'] = str_replace(array('../', './'), '', $data['script_path']); if ($data['script_path'][0] != '/') { $data['script_path'] = '/' . $data['script_path']; } } // Set default config and post data, this applies to all DB's $sql_ary = array( 'INSERT INTO ' . $data['table_prefix'] . "config (config_name, config_value) VALUES ('board_startdate', '$current_time')", 'INSERT INTO ' . $data['table_prefix'] . "config (config_name, config_value) VALUES ('default_lang', '" . $db->sql_escape($data['default_lang']) . "')", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['img_imagick']) . "' WHERE config_name = 'img_imagick'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['server_name']) . "' WHERE config_name = 'server_name'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['server_port']) . "' WHERE config_name = 'server_port'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['board_email1']) . "' WHERE config_name = 'board_email'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['board_email1']) . "' WHERE config_name = 'board_contact'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($cookie_domain) . "' WHERE config_name = 'cookie_domain'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($lang['default_dateformat']) . "' WHERE config_name = 'default_dateformat'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['email_enable']) . "' WHERE config_name = 'email_enable'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['smtp_delivery']) . "' WHERE config_name = 'smtp_delivery'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['smtp_host']) . "' WHERE config_name = 'smtp_host'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['smtp_auth']) . "' WHERE config_name = 'smtp_auth_method'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['smtp_user']) . "' WHERE config_name = 'smtp_username'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['smtp_pass']) . "' WHERE config_name = 'smtp_password'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['cookie_secure']) . "' WHERE config_name = 'cookie_secure'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['force_server_vars']) . "' WHERE config_name = 'force_server_vars'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['script_path']) . "' WHERE config_name = 'script_path'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['server_protocol']) . "' WHERE config_name = 'server_protocol'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($data['admin_name']) . "' WHERE config_name = 'newest_username'", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . md5(mt_rand()) . "' WHERE config_name = 'avatar_salt'", 'UPDATE ' . $data['table_prefix'] . "users SET username = '******'admin_name']) . "', user_password='******'admin_pass1'])) . "', user_ip = '" . $db->sql_escape($user_ip) . "', user_lang = '" . $db->sql_escape($data['default_lang']) . "', user_email='" . $db->sql_escape($data['board_email1']) . "', user_dateformat='" . $db->sql_escape($lang['default_dateformat']) . "', user_email_hash = " . $db->sql_escape(phpbb_email_hash($data['board_email1'])) . ", username_clean = '" . $db->sql_escape(utf8_clean_string($data['admin_name'])) . "' WHERE username = '******'", 'UPDATE ' . $data['table_prefix'] . "moderator_cache SET username = '******'admin_name']) . "' WHERE username = '******'", 'UPDATE ' . $data['table_prefix'] . "forums SET forum_last_poster_name = '" . $db->sql_escape($data['admin_name']) . "' WHERE forum_last_poster_name = 'Admin'", 'UPDATE ' . $data['table_prefix'] . "topics SET topic_first_poster_name = '" . $db->sql_escape($data['admin_name']) . "', topic_last_poster_name = '" . $db->sql_escape($data['admin_name']) . "' WHERE topic_first_poster_name = 'Admin' OR topic_last_poster_name = 'Admin'", 'UPDATE ' . $data['table_prefix'] . "users SET user_regdate = $current_time", 'UPDATE ' . $data['table_prefix'] . "posts SET post_time = $current_time, poster_ip = '" . $db->sql_escape($user_ip) . "'", 'UPDATE ' . $data['table_prefix'] . "topics SET topic_time = $current_time, topic_last_post_time = $current_time", 'UPDATE ' . $data['table_prefix'] . "forums SET forum_last_post_time = $current_time", 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($db->sql_server_info(true)) . "' WHERE config_name = 'dbms_version'", ); if (@extension_loaded('gd') || can_load_dll('gd')) { $sql_ary[] = 'UPDATE ' . $data['table_prefix'] . "config SET config_value = 'phpbb_captcha_gd' WHERE config_name = 'captcha_plugin'"; $sql_ary[] = 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '1' WHERE config_name = 'captcha_gd'"; } $ref = substr($referer, strpos($referer, '://') + 3); if (!(stripos($ref, $server_name) === 0)) { $sql_ary[] = 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '0' WHERE config_name = 'referer_validation'"; } // We set a (semi-)unique cookie name to bypass login issues related to the cookie name. $cookie_name = 'phpbb3_'; $rand_str = md5(mt_rand()); $rand_str = str_replace('0', 'z', base_convert($rand_str, 16, 35)); $rand_str = substr($rand_str, 0, 5); $cookie_name .= strtolower($rand_str); $sql_ary[] = 'UPDATE ' . $data['table_prefix'] . "config SET config_value = '" . $db->sql_escape($cookie_name) . "' WHERE config_name = 'cookie_name'"; foreach ($sql_ary as $sql) { //$sql = trim(str_replace('|', ';', $sql)); if (!$db->sql_query($sql)) { $error = $db->sql_error(); $this->p_master->db_error($error['message'], $sql, __LINE__, __FILE__); } } $submit = $lang['NEXT_STEP']; $url = $this->p_master->module_url . "?mode=$mode&sub=final"; $template->assign_vars(array( 'BODY' => $lang['STAGE_CREATE_TABLE_EXPLAIN'], 'L_SUBMIT' => $submit, 'S_HIDDEN' => build_hidden_fields($data), 'U_ACTION' => $url, )); }
} } if ($partialFail == TRUE) { print "<div class='error'>"; print _("Errors occurred in populating the database; empty your database, remove ../config.php and try again."); print "</div>"; } else { //Try to install the demo data, report error but don't stop if any issues if ($demoData == "Y") { if (file_exists("../gibbon_demo.sql") == FALSE) { print "<div class='error'>"; print _("../gibbon_demo.sql does not exist, so we will conintue without demo data."); print "</div>"; } else { $query = @fread(@fopen("../gibbon_demo.sql", 'r'), @filesize("../gibbon_demo.sql")) or die('Encountered a problem.'); $query = remove_remarks($query); $query = split_sql_file($query, ';'); $i = 1; $demoFail = FALSE; foreach ($query as $sql) { $i++; try { $connection2->query($sql); } catch (PDOException $e) { $demoFail = TRUE; } } if ($demoFail) { print "<div class='error'>"; print _("There were some issues installing the demo data, but we will conintue anyway."); print "</div>";