/**
* recursively delete a directory
*
* @param string $directory directory to check
*
* @return null
*/
public static function delete($directory)
{
if (is_dir($directory)) {
$objects = scandir($directory);
foreach ($objects as $object) {
if ($object != '.' && $object != '..') {
if (is_dir($directory . '/' . $object)) {
CoreDirectory::delete($directory . '/' . $object);
} else {
unlink($directory . '/' . $object);
}
}
}
reset($objects);
rmdir($directory);
}
}
* @package None
* @subpackage Form
* @author Kae Verens <*****@*****.**>
* @license GPL Version 2
* @link www.kvweb.me
*/
$session_id = @$_POST['PHPSESSID'];
session_id($session_id);
require '../../../ww.incs/basics.php';
$dir = USERBASE . '/f/.files/forms/';
if (!is_dir($dir)) {
// make forms dir
mkdir($dir);
}
$dir .= $session_id . '/';
if (!is_dir($dir)) {
// make dir named after $session_id
mkdir($dir);
}
// { make sure too many files aren't being uploaded
$size = CoreDirectory::getSize($dir);
if ($size > 52428800) {
// greater than 50mb
CoreDirectory::delete($dir);
Core_quit(__('Deleted'));
}
// }
if (isset($_FILES['file-upload'])) {
move_uploaded_file($_FILES['file-upload']['tmp_name'], $dir . $_FILES['file-upload']['name']);
}
echo __('Upload');
`cd {$ubase} && zip -r {$dir}/files.zip f`;
$theme = $DBVARS['theme'];
`cd {$ubase} && zip -r {$dir}/theme.zip themes-personal/{$theme}`;
$tables = dbAll('show tables');
mkdir($dir . '/db');
foreach ($tables as $table) {
foreach ($table as $k => $v) {
mkdir($dir . '/db/' . $v);
$count = dbOne('select count(*) as cnt from ' . $v, 'cnt');
for ($i = 0; $i < $count; $i += 100) {
$data = dbAll('select * from `' . $v . '` limit ' . $i . ', 100');
file_put_contents($dir . '/db/' . $v . '/' . $i / 100 . '.json', json_encode($data));
}
}
}
require CONFIG_FILE;
unset($DBVARS['username']);
unset($DBVARS['password']);
unset($DBVARS['hostname']);
unset($DBVARS['db_name']);
unset($DBVARS['userbase']);
unset($DBVARS['theme_dir']);
unset($DBVARS['theme_dir_personal']);
file_put_contents($dir . '/config.json', json_encode($DBVARS));
$sname = $_SERVER['HTTP_HOST'] . date('-Y-m-d') . '.zip';
`cd {$tmpdir} && zip -r -P "{$password}" {$sname} site`;
header('Content-type: force/download');
header('Content-Disposition: attachment; filename="' . $sname . '"');
readfile($tmpdir . '/' . $sname);
CoreDirectory::delete($tmpdir);
echo '<tr><th>Banner</th><td><div id="banner_image_html">' . ckeditor('html_' . $fdata['id'], Core_unfixImageResizes($fdata['html']), 0, '', 180) . '</div></td></tr>';
// }
// { show submit button and end form
echo '<tr><td><a href="./plugin.php?_plugin=banner-image&_page=index&dele' . 'te_banner=' . $fdata['id'] . '" onclick="return confirm(\'are you sure yo' . 'u want to remove this banner?\');" title="remove banner">[x]</a></td>' . '<td><input type="submit" name="save_banner" value="Update" /></td></tr>';
// }
echo '</table></form>';
}
// }
$id = 0;
if (isset($_GET['delete_banner']) && (int) $_GET['delete_banner']) {
$id = (int) $_GET['delete_banner'];
dbQuery("delete from banners_images where id={$id}");
dbQuery("delete from banners_pages where bannerid={$id}");
unlink(USERBASE . '/f/skin_files/banner-image/' . $id . '.png');
$n = USERBASE . '/f/skin_files/banner-image/' . $id . '_*';
CoreDirectory::delete($n);
$updated = 'Banner Deleted';
Core_cacheClear('banner-images');
}
if (isset($_POST['save_banner'])) {
$id = (int) $_POST['id'];
$pages = @$_POST['pages_' . $id];
$html = Core_sanitiseHtml($_POST['html_' . $id]);
$sql = 'set html="' . addslashes($html) . '",name="' . addslashes($_POST['name']) . '",pages=' . (count($pages) ? 1 : 0);
if ($id) {
dbQuery("update banners_images {$sql} where id={$id}");
} else {
dbQuery("insert into banners_images {$sql}");
$id = dbOne('select last_insert_id() as id', 'id');
$_REQUEST['id'] = $id;
}
/**
* sends a form, or displays the form instead with errors on top
*
* @param array $page page db row
* @param array $vars page meta data
* @param array $form_fields array of fields
*
* @return HTML of either the result, or the form with errors on top
*/
function Form_send($page, $vars, $form_fields)
{
$c = '';
$plaintext = '';
$values = array();
$email = '';
foreach ($form_fields as $r2) {
$name = preg_replace('/[^a-zA-Z0-9_]/', '', $r2['name']);
$separator = "\n" . str_repeat('-', 80) . "\n";
$val = '';
switch ($r2['type']) {
case 'checkbox':
// {
$val = @$_REQUEST[$name];
$values[$r2['name']] = $val == 'on' ? 'yes' : 'no';
if ($val == 'on') {
$plaintext .= 'selected option: ' . htmlspecialchars($r2['name']) . $separator;
}
break;
// }
// }
case 'date':
case 'ccdate':
// {
$val = Core_dateM2H(@$_REQUEST[$name]);
if ($r2['type'] == 'ccdate') {
$val = preg_replace('#.* ([a-zA-Z]*, [0-9]+)#', "\$1", $val);
}
$values[$r2['name']] = $val;
$plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator;
break;
// }
// }
case 'email':
// {
$val = @$_REQUEST[$name];
$values[$r2['name']] = $val;
$plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator;
$email = $val;
break;
// }
// }
case 'file':
// { build $files array which emulates the $_FILES array
// { first remove old uploads
$dir = USERBASE . '/f/.files/forms/';
if (!is_dir($dir)) {
break;
}
$fs = new DirectoryIterator($dir);
$time = time();
foreach ($fs as $f) {
if ($f->isDot()) {
continue;
}
if ($f->isDir()) {
$diff = $time - $f->getMTime();
if ($diff > 600) {
// file is older than 10 minutes
CoreDirectory::delete($f->getPathname());
}
}
}
// }
$session_id = session_id();
$dir .= $session_id;
if (!is_dir($dir)) {
break;
}
$_FILES = array();
$uploads = new DirectoryIterator($dir);
foreach ($uploads as $upload) {
if ($upload->isDot() || $upload->isDir()) {
continue;
}
array_push($_FILES, array('name' => $upload->getFileName(), 'type' => mime_content_type($upload->getPathname()), 'tmp_name' => $upload->getPathname(), 'error' => 0, 'size' => $upload->getSize()));
}
break;
// }
// }
case 'html-block':
case 'next-page-link':
case 'previous-page-link':
case 'page-break':
// { not inputs - don't add them
break;
// }
// }
default:
// {
$val = @$_REQUEST[$name];
$values[$r2['name']] = $val;
$val = nl2br($val);
$plaintext .= htmlspecialchars($r2['name']) . "\n" . htmlspecialchars($val) . $separator;
// }
}
}
$from_field = preg_replace('/[^a-zA-Z]/', '', $vars['forms_replyto']);
$from = isset($_REQUEST[$from_field]) ? $_REQUEST[$from_field] : '';
if (@$vars['forms_create_user']) {
$id = dbOne('select id from user_accounts where email="' . addslashes($email) . '"', 'id');
if (!$id) {
dbQuery('insert into user_accounts set email="' . addslashes($email) . '",' . 'extras="' . addslashes(json_encode($values)) . '"');
$id = dbLastInsertId();
if (isset($_FILES) && count($_FILES)) {
@mkdir(USERBASE . '/f/user-files');
@mkdir(USERBASE . '/f/user-files/' . $id);
foreach ($_FILES as $file) {
copy($file['tmp_name'], USERBASE . '/f/user-files/' . $id . '/' . $file['name']);
}
}
}
}
if ($vars['forms_send_as_email']) {
$form = Form_readonly($page['id'], $vars, $form_fields);
$to = $vars['forms_recipient'];
$form = str_replace(array('<input type="submit" value="' . __('Submit Form') . '" />', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" ' . 'class="ww_form" enctype="multipart/form-data">', '</form>'), '', $form);
cmsMail($to, $from, $_SERVER['HTTP_HOST'] . ' ' . __FromJson($page['name']), '<html><head></head><body>' . $form . '</body></html>', $_FILES);
if (is_dir(USERBASE . '/f/.files/forms/' . session_id())) {
// remove uploaded files
CoreDirectory::delete(USERBASE . '/f/.files/forms/' . session_id());
}
}
if ($vars['forms_record_in_db']) {
Form_saveValues($page['id'], $form_fields);
}
$c .= '<div id="thankyoumessage">' . $vars['forms_successmsg'] . '</div>';
return $c;
}
echo $table . ' ';
dbQuery('delete from `' . addslashes($table) . '`');
$tmpdir2 = $tmpdir . '/site/db/' . $table . '/';
for ($i = 0; file_exists($tmpdir2 . $i . '.json'); $i++) {
$rows = json_decode(file_get_contents($tmpdir2 . $i . '.json'));
foreach ($rows as $row) {
$parts = array();
foreach ($row as $key => $val) {
$parts[] = '`' . addslashes($key) . '` = "' . addslashes($val) . '" ';
}
$query = 'insert into `' . addslashes($table) . '` set ' . join(',', $parts);
dbQuery($query);
}
}
}
echo '<br/>';
}
echo 'cleaning up.<br />';
CoreDirectory::delete($tmpdir);
echo 'clearing local cache...<br />';
CoreDirectory::delete($udir . '/ww.cache/*');
echo 'done<img style="width:1px;height:1px" src="./" /><p>Import completed.</p>';
dbQuery('update pages set alias=name where alias is null');
Core_cacheClear();
return;
}
}
if (count($errors)) {
echo '<em>' . join('<br />', $errors) . '</em>';
}
echo '<em>NOTE: uploading a backup will OVERWRITE your present website.</em>' . '<p>Please only upload if you are certain you need to!</p>' . '<p>Seriously! Back away now if you are AT ALL unsure of this.</p>' . '<form action="/ww.admin/plugin.php?_plugin=backup&_page=import"' . ' method="post" enctype="multipart/form-data" /><table>' . '<tr><th>Backup file</th><td><input type="file" name="file" /></td></tr>' . '<tr><th>Password</th><td><input name="password" type="password" /></td>' . '</tr>' . '<tr><th colspan="2"><input type="submit" name="action" value="submit" />' . '</td></tr>' . '</table></form>';
$name = @$_POST['theme_name'];
if ($name == '') {
Core_quit();
}
/**
* install theme if selected
*/
if (isset($_POST['install-theme'])) {
$DBVARS['theme'] = $name;
$variant = @$_POST['theme_variant'];
if ($variant != '') {
$DBVARS['theme_variant'] = $variant;
}
Core_configRewrite();
Core_cacheClear('pages');
}
/**
* delete theme if selected
*/
if (isset($_POST['delete-theme'])) {
if ($DBVARS['theme'] == $name) {
header('location: /ww.admin/siteoptions.php?page=themes');
} elseif (is_dir(USERBASE . '/themes-personal/' . $name)) {
CoreDirectory::delete(USERBASE . '/themes-personal/' . $name);
}
}
/**
* redirect to themes personal
*/
echo '<script>document.location="/ww.admin/siteoptions.php?page=themes";</script>';
Core_quit();
