public function index(Request $request) { if ($request->initSession() && $request->isReferer()) { $user = $this->db()->createQuery()->from('user')->where($request->get('id')->toInt())->cacheOn()->toArray()->first('icon'); if ($user) { if (!empty($user['icon']) && is_file(ROOT_PATH . self::$cfg->usericon_folder . $user['icon'])) { $icon = ROOT_PATH . self::$cfg->usericon_folder . $user['icon']; } } if (empty($icon)) { $icon = is_file(ROOT_PATH . 'skin/' . self::$cfg->skin . '/img/noicon.jpg') ? ROOT_PATH . 'skin/' . self::$cfg->skin . '/img/noicon.jpg' : ROOT_PATH . 'skin/img/noicon.jpg'; } // ตรวจสอบรูป $info = getImageSize($icon); if (empty($info['error'])) { $response = new Response(); $response->withHeaders(array('Pragma' => 'public', 'Cache-Control' => 'max-age=86400', 'Expires' => gmdate('D, d M Y H:i:s GMT', time() + 86400), 'Content-type' => $info['mime']))->withContent(file_get_contents($icon))->send(); } } }
/** * export database to file */ public function export() { // referer, session, member if (self::$request->initSession() && self::$request->isReferer() && ($login = Login::isAdmin())) { if ($login['email'] != 'demo' && empty($login['fb'])) { $sqls = array(); $rows = array(); $database = array(); $datas = array(); foreach (self::$request->getParsedBody() as $table => $values) { foreach ($values as $k => $v) { if (isset($datas[$table][$v])) { $datas[$table][$v]++; } else { $datas[$table][$v] = 1; } } } $web_url = str_replace(array('http://', 'https://', 'www.'), '', WEB_URL); $web_url = '/http(s)?:\\/\\/(www\\.)?' . preg_quote($web_url, '/') . '/'; // database $model = new static(); // ชื่อฐานข้อมูล $fname = $model->getSetting('dbname') . '.sql'; // memory limit ini_set('memory_limit', '1024M'); // prefix $prefix = $model->getSetting('prefix'); // ตารางทั้งหมด $tables = $model->db()->customQuery('SHOW TABLE STATUS', true); // ตารางทั้งหมด foreach ($tables as $table) { if (preg_match('/^' . $prefix . '(.*?)$/', $table['Name']) && isset($datas[$table['Name']])) { $fields = $model->db()->customQuery('SHOW FULL FIELDS FROM ' . $table['Name'], true); $primarykey = array(); $rows = array(); foreach ($fields as $field) { if ($field['Key'] == 'PRI') { $primarykey[] = '`' . $field['Field'] . '`'; } $database[$table['Name']]['Field'][] = $field['Field']; $rows[] = '`' . $field['Field'] . '` ' . $field['Type'] . ($field['Collation'] != '' ? ' collate ' . $field['Collation'] : '') . ($field['Null'] == 'NO' ? ' NOT NULL' : '') . ($field['Default'] != '' ? " DEFAULT '" . $field['Default'] . "'" : '') . ($field['Extra'] != '' ? ' ' . $field['Extra'] : ''); } if (sizeof($primarykey) > 0) { $rows[] = 'PRIMARY KEY (' . implode(',', $primarykey) . ')'; } if (isset($datas[$table['Name']]['sturcture'])) { $table_name = $prefix == '' ? $table['Name'] : preg_replace('/^' . $prefix . '/', '{prefix}', $table['Name']); $sqls[] = 'DROP TABLE IF EXISTS `' . $table_name . '`;'; $q = 'CREATE TABLE `' . $table_name . '` (' . implode(',', $rows) . ') ENGINE=' . $table['Engine']; $q .= ' DEFAULT CHARSET=' . preg_replace('/([a-zA-Z0-9]+)_.*?/Uu', '\\1', $table['Collation']) . ' COLLATE=' . $table['Collation']; $q .= ($table['Create_options'] != '' ? ' ' . strtoupper($table['Create_options']) : '') . ';'; $sqls[] = $q; } } } // ข้อมูลในตาราง foreach ($tables as $table) { if (preg_match('/^' . $prefix . '(.*?)$/', $table['Name'], $match)) { if ($match[1] == '_emailtemplate') { if (isset($datas[$table['Name']]['datas'])) { if (($key = array_search('id', $database[$table['Name']]['Field'])) !== false) { unset($database[$table['Name']]['Field'][$key]); } $table_name = $prefix == '' ? $table['Name'] : preg_replace('/^' . $prefix . '/', '{prefix}', $table['Name']); $data = "INSERT INTO `{$table_name}` (`" . implode('`, `', $database[$table['Name']]['Field']) . "`) VALUES ('%s');"; $records = $model->db()->customQuery('SELECT * FROM ' . $table['Name'], true); foreach ($records as $record) { foreach ($record as $field => $value) { if ($field === 'copy_to' || $field === 'from_email') { $record[$field] = $value == $login['email'] ? '{WEBMASTER}' : ''; } elseif ($field == 'id') { unset($record['id']); } else { $record[$field] = addslashes(preg_replace($web_url, '{WEBURL}', $value)); } } $sqls[] = preg_replace(array('/[\\r]/u', '/[\\n]/u'), array('\\r', '\\n'), sprintf($data, implode("','", $record))); } } } elseif (isset($datas[$table['Name']]['datas'])) { $table_name = $prefix == '' ? $table['Name'] : preg_replace('/^' . $prefix . '/', '{prefix}', $table['Name']); $data = "INSERT INTO `{$table_name}` (`" . implode('`, `', $database[$table['Name']]['Field']) . "`) VALUES ('%s');"; $records = $model->db()->customQuery('SELECT * FROM ' . $table['Name'], true); foreach ($records as $record) { foreach ($record as $field => $value) { $record[$field] = addslashes(preg_replace($web_url, '{WEBURL}', $value)); } $sqls[] = preg_replace(array('/[\\r]/u', '/[\\n]/u'), array('\\r', '\\n'), sprintf($data, implode("','", $record))); } } } } // send file $response = new Response(); $response->withHeaders(array('Content-Type' => 'application/force-download', 'Content-Disposition' => 'attachment; filename=' . $fname))->withContent(preg_replace(array('/[\\\\]+/', '/\\\\"/'), array('\\', '"'), implode("\r\n", $sqls)))->send(); exit; } } // ไม่สามารถดาวน์โหลดได้ $response = new Response(404); $response->withContent('File Not Found!')->send(); }