';
GS.uploads = '<?php
echo tsl($SITEURL) . getRelPath(GSDATAUPLOADPATH);
?>
';
var uploadSession = '<?php
echo $SESSIONHASH;
?>
';
var uploadPath = '<?php
echo isset($_GET['path']) ? $_GET['path'] : "";
?>
';
var maxFileSize = '<?php
echo toBytesShorthand(getMaxUploadSize(), 'M');
?>
';
<?php
if (isset($_COOKIE['gs_editor_theme'])) {
// $editor_theme = var_out($_COOKIE['gs_editor_theme']);
$editor_theme = var_out($_COOKIE['gs_editor_theme']);
echo "// codemirror editortheme\n";
echo ' var editorTheme = "' . $editor_theme . "\";\n";
}
if (getDef('GSAUTOSAVE', true)) {
echo "\t\t// edit autosave\n";
echo ' var GSAUTOSAVEPERIOD = ' . getDef('GSAUTOSAVE') . ";\n";
} else {
echo " var GSAUTOSAVEPERIOD = false;\n";
public function launch()
{
$filetype = getRequest('filetype', '');
$error = '';
if ($filetype == 'upload') {
if ($_FILES['data']['error'] == UPLOAD_ERR_OK) {
$_SESSION['import_file'] = $_FILES['data']['tmp_name'] . '-mlinvoice-import';
move_uploaded_file($_FILES['data']['tmp_name'], $_SESSION['import_file']);
$this->show_setup_form();
return;
}
$error = $GLOBALS['locErrFileUploadFailed'];
} elseif ($this->allowServerFile && $filetype == 'server_file') {
if (_IMPORT_FILE_ && file_exists(_IMPORT_FILE_)) {
$_SESSION['import_file'] = _IMPORT_FILE_;
$this->show_setup_form();
return;
}
$error = $GLOBALS['locErrImportFileNotFound'];
}
$importMode = getRequest('import', '');
if ($importMode == 'import' || $importMode == 'preview') {
$this->import_file($importMode);
return;
}
unset($_SESSION['import_file']);
$maxUploadSize = getMaxUploadSize();
$maxFileSize = fileSizeToHumanReadable($maxUploadSize);
?>
<div class="form_container">
<?php
if ($error) {
echo "<div class=\"error\">{$error}</div>\n";
}
?>
<h1><?php
echo $GLOBALS['locImportFileSelection'];
?>
</h1>
<span id="imessage" style="display: none"></span>
<span id="spinner" style="visibility: hidden"><img src="images/spinner.gif" alt=""></span>
<form id="form_import" enctype="multipart/form-data" method="POST">
<input type="hidden" name="func" value="<?php
echo htmlentities(getRequest('func', ''));
?>
">
<input type="hidden" name="operation" value="import">
<div class="label" style="clear: both; margin-top: 10px; margin-bottom: 4px">
<input type="radio" id="ft_upload" name="filetype" value="upload" checked="checked"><label for="ft_upload"><?php
printf($GLOBALS['locImportUploadFile'], $maxFileSize);
?>
</label>
</div>
<div class="long"><input name="data" type="file"></div>
<?php
if ($this->allowServerFile) {
?>
<div class="label" style="clear: both; margin-top: 10px">
<input type="radio" id="ft_server" name="filetype" value="server_file"><label for="ft_server"><?php
echo $GLOBALS['locImportUseServerFile'];
?>
</label>
</div>
<?php
}
?>
<div class="form_buttons" style="clear: both">
<input type="submit" value="<?php
echo $GLOBALS['locImportNext'];
?>
">
</div>
</form>
</div>
<?php
}
$messages .= $GLOBALS['locBaseLogoSaved'] . ' (' . fileSizeToHumanReadable($fsize) . ")<br>\n";
}
}
} elseif ($func == 'view') {
$res = mysqli_param_query('SELECT logo_filename, logo_filesize, logo_filetype, logo_filedata FROM {prefix}base WHERE id=?', [$baseId]);
if ($row = mysqli_fetch_assoc($res)) {
if (isset($row['logo_filename']) && isset($row['logo_filesize']) && isset($row['logo_filetype']) && isset($row['logo_filedata'])) {
header('Content-length: ' . $row['logo_filesize']);
header('Content-type: ' . $row['logo_filetype']);
header('Content-Disposition: inline; filename=' . $row['logo_filename']);
echo $row['logo_filedata'];
}
}
exit;
}
$maxUploadSize = getMaxUploadSize();
$row = mysqli_fetch_array(mysqli_query_check('SELECT @@max_allowed_packet'));
$maxPacket = $row[0];
if ($maxPacket < $maxUploadSize) {
$maxFileSize = fileSizeToHumanReadable($maxPacket) . ' ' . $GLOBALS['locBaseLogoSizeDBLimited'];
} else {
$maxFileSize = fileSizeToHumanReadable($maxUploadSize);
}
echo htmlPageStart(_PAGE_TITLE_);
?>
<div class="form">
<div class="message"><?php
echo $messages;
?>
</div>
function backupTool_settings()
{
// set upload limits if server permits //
@ini_set('upload_max_filesize', '100M');
@ini_set('post_max_size', '105M');
@ini_set('memory_limit', '350M');
@ini_set('max_execution_time', '300');
// end of set //
$backupList = array();
// create backup dir if not present
if (!file_exists(getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_BACKUP_DIR)) {
mkdir(getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_BACKUP_DIR, 0755);
}
if (isset($_GET['backup']) && $_GET['backup']) {
$fileName = str_replace(array(',', "'", '"', '?', '/', '*', '(', ')', '@', '!', '&', '=', '<', '>'), '', $_POST['backupname']);
$errorMsg = backupTool_checkName($fileName);
if (!$errorMsg) {
// do backup //
$tempfileArray = array();
getDirectory($tempfileArray, getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_DATASTORE_DIR);
$zipfilename = $fileName . '.zip';
// form is posted, handle it
$zipfile = new zipfile();
// new stuff //
foreach ($tempfileArray as $file) {
$f_tmp = @fopen($file, 'r');
if ($f_tmp) {
$dump_buffer = fread($f_tmp, filesize($file));
$tempFile = explode('../', $file);
$zipfile->addFile($dump_buffer, $tempFile[1]);
fclose($f_tmp);
}
}
// new stuff //
$dump_buffer = $zipfile->file();
// write the file to disk //
if (put2file(RAZOR_BACKUP_DIR . $zipfilename, $dump_buffer, strlen($dump_buffer))) {
MsgBox(lt('Backup created'), 'greenbox');
} else {
MsgBox(lt('Error creating backup'), 'redbox');
}
} else {
MsgBox($errorMsg, 'redbox');
}
}
if (isset($_GET['restore']) && $_GET['restore'] && $_SESSION['adminType'] != 'user') {
set_time_limit(60);
// new - clean datastore first //
$cleanfileArray = array();
getDirectory($cleanfileArray, getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_DATASTORE_DIR);
foreach ($cleanfileArray as $file) {
if ($file != 'razor_data.txt') {
// try using the delete function here so this works with ftp mode too //
unlink($file);
// try using the delete function here so this works with ftp mode too //
}
}
$zip = new SimpleUnzip();
$filename = getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_BACKUP_DIR . $_GET['restore'];
$entries = $zip->ReadFile($filename);
$restoreMess = '';
$restoreOK = 'greenbox';
foreach ($entries as $entry) {
// check dir exists, if not create it //
if ($entry->Path != '' && !file_exists('../' . $entry->Path)) {
$splitPath = array();
$splitPath = explode('/', $entry->Path);
$checkPath = '..';
foreach ($splitPath as $pathBit) {
$checkPath .= '/' . $pathBit;
if (!file_exists($checkPath)) {
mkdir($checkPath, 0755);
}
}
}
// check end //
if (put2file($entry->Path . '/' . $entry->Name, $entry->Data)) {
$restoreMess .= lt('Restoring') . " {$entry->Name} <br />";
} else {
$restoreMess .= lt('error restoring') . " {$entry->Name} <br />";
$restoreOK = 'redbox';
}
}
MsgBox($restoreMess, $restoreOK);
}
if (isset($_GET['delete']) && $_GET['delete']) {
deleteFile(RAZOR_BACKUP_DIR . $_GET['delete']);
}
if (isset($_GET['upload']) && $_GET['upload'] && isset($_POST['upload']) && $_SESSION['adminType'] != 'user') {
$filename = basename($_FILES['file-upload']['name']);
$stripFileName = explode('.', $filename);
if (end($stripFileName) == 'zip') {
$backupDir = getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_BACKUP_DIR;
$backupFiles = readDirContents($backupDir);
$counter = 0;
while (in_array($filename, $backupFiles)) {
$counter++;
$filename = $stripFileName[0] . '(' . $counter . ')' . '.' . $stripFileName[1];
}
$result = uploadFile(RAZOR_BACKUP_DIR . $filename, $_FILES['file-upload']['tmp_name']);
} else {
MsgBox(lt("Wrong file type, only zip files allowed"), 'redbox');
}
}
// setup output //
if (file_exists(getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_BACKUP_DIR)) {
if ($handle = opendir(getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_BACKUP_DIR)) {
while (false !== ($file = readdir($handle))) {
if ($file != "." && $file != "..") {
$fileDate = filemtime(getSystemRoot(RAZOR_ADMIN_FILENAME) . RAZOR_BACKUP_DIR . $file);
$backupList[$file] = $fileDate;
}
}
closedir($handle);
}
}
// end setup //
asort($backupList);
$deleteConfirmMsg = lt("Are you sure you want to delete this backup, remember once you delete you cannot retreive again, proceed") . '?';
$restoreConfirmMsg = lt("Are you sure you want to restore this backup, remember once you restore all old data will be lost, proceed") . '?';
echo "<h1>" . lt('Backup Tool') . "</h1>";
echo '<div class="contentwh">';
echo '<h3>' . lt('Archived Backups') . '</h3>';
echo "<table class='tableViewBackup'>";
echo "<tr class='tableFooter'><th class='twentyFive'>" . lt('Date Created') . "</th><th class='auto'>" . lt('File Name') . "</th><th class='twenty'>" . lt('Options') . "</th></tr>";
$restoreBackup = '';
foreach ($backupList as $bkFile => $bkFileDate) {
if ($_SESSION['adminType'] != 'user') {
$restoreBackup = "<a href='?action=backuptool&restore={$bkFile}' title='" . lt('Restore') . "' onclick='return confirm(\"{$restoreConfirmMsg}\");'><img class='updown' src='theme/images/restore.gif' alt=" . lt('restore') . " /></a> ";
}
$formatDT = date("d-m-Y H:i:s", $bkFileDate);
echo "<tr><td>{$formatDT}</td><td>{$bkFile}</td><td>" . $restoreBackup . "<a href='../datastore/backup/{$bkFile}' title='" . lt('Download') . "'><img class='edit' src='theme/images/download.gif' alt=" . lt('download') . " /></a> <a href='?action=backuptool&delete={$bkFile}' title='" . lt('Delete') . "' onclick='return confirm(\"{$deleteConfirmMsg}\");'><img class='delete' src='theme/images/trash.gif' alt=" . lt('delete') . " /></a></td></tr>";
}
echo "<tr class='tableFooter'><th class='twentyFive'></th><th class='auto'></th><th class='twentyFive'></th></tr></table>";
echo '<h3>' . lt('Create New Backup') . '</h3>';
echo "<form action='?action=backuptool&backup=true' method='post'>";
echo "<table class='tableViewBackup'>";
echo "<tr class='tableFooter'><th class='auto'></th><th class='ten'></th></tr>";
echo "<tr><td><input type='text' name='backupname' value=''>.zip</td><td><input id='button' type='submit' value='" . lt('Submit') . "' class='floatright'></td></tr>";
echo "<tr class='tableFooter'><th class='twentyFive'></th><th class='auto'></th></tr></table></form>";
if ($_SESSION['adminType'] != 'user') {
echo '<h3>' . lt('Upload to Archived Backups') . '</h3>';
echo "<p>" . lt('Upload limit per file') . ' - ' . ini_get('upload_max_filesize') . "</p>";
echo '<p>' . lt('Please upload backups in zip format. Please note that file upload is limited by your server, razorCMS attempts to up this limit to 100mb per file but your server may restrict access. If the limit above is not set to 100mb, please visit the help forum on other ways to increase this limit.') . '</p>';
echo '<form enctype="multipart/form-data" action="?action=backuptool&upload=true" method="POST">';
echo '<input type="hidden" name="MAX_FILE_SIZE" value="' . getMaxUploadSize(ini_get('upload_max_filesize')) . '" />';
echo "<table class='tableViewBackup'>";
echo "<tr class='tableFooter'><th class='auto'></th><th class='ten'></th></tr>";
echo '<tr><td><input name="file-upload" type="file" /></td><td><input id="button" type="submit" value="' . lt('upload file') . '" name="upload"/></td></tr>';
echo "<tr class='tableFooter'><th class='twentyFive'></th><th class='auto'></th></tr></table></form>";
}
echo "</div>";
}
<?php
if (!defined('IN_GS')) {
die('you cannot load this page directly.');
}
/**
* Sidebar Files Template
*
* @package GetSimple
*/
$path = isset($_GET['path']) ? $_GET['path'] : "";
$fileSizeLimitMB = toBytesShorthand(getMaxUploadSize(), 'M', true);
?>
<ul class="snav">
<li id="sb_upload"<?php
if (!isset($_GET['i'])) {
echo 'class="last_sb"';
}
?>
><a href="upload.php" <?php
check_menu('upload');
?>
><?php
i18n('FILE_MANAGEMENT');
?>
</a></li>
<?php
if (isset($_GET['i']) && $_GET['i'] != '') {
?>
<li id="sb_image" class="last_sb"><a href="#" class="current"><?php
<?php
// factor for the real size of the uploaded image
$sizefactor = 3;
// size of the big, preview and thumb container
$bigWidthPrev = 530;
$bigHeightPrev = 530;
// canvas size for the uploaded image
$canvasWidth = $bigWidthPrev * $sizefactor;
$canvasHeight = $bigHeightPrev * $sizefactor;
// file type error
$fileError = 'Filetype not allowed. Please upload again. Only GIF, JPG and PNG files are allowed.';
$sizeError = 'File is too big. Please upload again. Maximum filesize is ' . getMaxUploadSize();
// image upload folders
$imgthumb = 'uploads/ready/';
// folder for the uploads after cropping
$imgtemp = 'uploads/temp/';
// temp-folder before cropping
$imgbig = 'uploads/big/';
// folder with big uploaded images
// max file-size for upload in bytes, default: 3mb
$maxuploadfilesize = 5120000;
// background color of the canvas as rgb, default:white
$canvasbg = array('r' => 255, 'g' => 255, 'b' => 255);
function getMaxUploadSize()
{
$max_upload = ini_get('upload_max_filesize');
$max_post = ini_get('post_max_size');
$memory_limit = ini_get('memory_limit');
$size = min($max_upload, $max_post, $memory_limit);
if (preg_match('/^(\\d+)(.)$/', $size, $matches)) {
