Changeset 3350045
- Timestamp:
- 08/26/2025 05:12:11 AM (7 months ago)
- Location:
- softdiscover-db-file-manager/trunk
- Files:
-
- 4 edited
-
change_log.txt (modified) (1 diff)
-
classes/uiform-form-helper.php (modified) (35 diffs)
-
i18n/languages/backend/wprockf.pot (modified) (2 diffs)
-
modules/filemanager/controllers/backup.php (modified) (38 diffs)
Legend:
- Unmodified
- Added
- Removed
-
softdiscover-db-file-manager/trunk/change_log.txt
r3344985 r3350045 1 version 1.5.0 2 [fix] - secure download backup 1 3 version 1.4.8 2 4 [update] - support wp 6.8.2 -
softdiscover-db-file-manager/trunk/classes/uiform-form-helper.php
r3037022 r3350045 29 29 return sprintf("%.{$decimals}f", $bytes / pow(1024, $factor)) . @$size[$factor]; 30 30 } 31 31 32 32 public static function getroute() 33 33 { … … 51 51 return $return; 52 52 } 53 53 54 54 public static function getHttpRequest($var) 55 55 { … … 65 65 $value = isset($_REQUEST[$var]) ? Flmbkp_Form_Helper::sanitizeInput($_REQUEST[$var]) :''; 66 66 } 67 67 68 68 return $value; 69 69 } 70 71 70 71 72 72 public static function array2xml($array, $xml = null) 73 73 { … … 134 134 return $string; 135 135 } 136 137 /** 138 * Sanitize input 2136 137 /** 138 * Sanitize input, temporal. it will be removed in future 139 139 * 140 140 * @param string $string input … … 151 151 return $string; 152 152 } 153 153 154 154 /** 155 155 * Sanitize input … … 169 169 return $string; 170 170 } 171 172 171 172 173 173 /** 174 174 * Sanitize input … … 189 189 } 190 190 191 191 192 192 /** 193 193 * Sanitize recursive … … 205 205 } 206 206 } 207 207 208 208 /** 209 209 * Sanitize recursive … … 221 221 } 222 222 } 223 223 224 224 225 225 public static function data_encrypt($string, $key) … … 318 318 return $temp; 319 319 } 320 320 321 321 public static function check_field_length($data, $length) 322 322 { 323 323 return (strlen($data) > intval($length))? substr($data, 0, intval($length)):''; 324 324 } 325 325 326 326 public static function sql_quote($value) 327 327 { … … 329 329 $value = stripslashes($value); 330 330 } 331 331 332 332 $value = addslashes($value); 333 333 334 334 return $value; 335 335 } 336 336 337 337 public static function form_store_fonts($font_temp) 338 338 { … … 342 342 } 343 343 } 344 344 345 345 public static function is_flmbkp_page() 346 346 { … … 351 351 $search=Flmbkp_Form_Helper::sanitizeInput($_POST['page']); 352 352 } 353 353 354 354 $allow=array('flmbkp_file_manager','flmbkp_page_backups','flmbkp_page_database','flmbkp_page_settings'); 355 355 356 356 if (in_array($search, $allow)) { 357 357 return true; … … 360 360 } 361 361 } 362 362 363 363 public static function remove_non_tag_space($text) 364 364 { … … 378 378 return $out; 379 379 } 380 380 381 381 public static function assign_alert_container($msg, $type) 382 382 { … … 404 404 return $return_msg; 405 405 } 406 406 407 407 /** 408 408 * Verify if field is checked … … 419 419 } 420 420 } 421 421 422 422 public static function sanitize_output($buffer) 423 423 { … … 439 439 return $buffer; 440 440 } 441 442 441 442 443 443 /** 444 444 * Escape String … … 458 458 return $str; 459 459 } 460 460 461 461 if (!version_compare('5.5', phpversion(), '>=')) { 462 462 $str = addslashes($str); … … 472 472 } 473 473 } 474 475 476 474 475 476 477 477 478 478 return $str; 479 479 } 480 481 480 481 482 482 public static function mysql_version() 483 483 { 484 485 486 487 484 485 486 487 488 488 if (!version_compare('5.5', phpversion(), '>=')) { 489 489 $database_name=DB_NAME; … … 491 491 $datadase_password=DB_PASSWORD; 492 492 $database_host=DB_HOST; 493 493 494 494 $con=mysqli_connect($database_host, $database_user, $datadase_password, $database_name); 495 495 // Check connection … … 505 505 return $str; 506 506 } 507 507 508 508 public static function isValidUrl_structure($url) 509 509 { … … 520 520 return true; 521 521 } 522 522 523 523 public static function json_encode_advanced(array $arr, $sequential_keys = false, $quotes = false, $beautiful_json = false) 524 524 { … … 556 556 return $output; 557 557 } 558 558 559 559 public static function isAssoc(array $arr) 560 560 { … … 564 564 return array_keys($arr) !== range(0, count($arr) - 1); 565 565 } 566 566 567 567 public static function zigaform_user_is_on_admin_page($page_name = 'admin.php') 568 568 { … … 570 570 return ($pagenow == $page_name); 571 571 } 572 572 573 573 public static function get_font_library() 574 574 { 575 575 require_once(FLMBKP_DIR . '/libraries/styles-font-menu/plugin.php'); 576 576 $objsfm = new SFM_Plugin(); 577 577 578 578 return $objsfm; 579 579 } 580 581 582 580 581 582 583 583 /* 584 584 * Create and get backup directoy … … 588 588 589 589 $backup_dir = WP_CONTENT_DIR.'/uploads/softdiscover'; 590 590 591 591 if ((!is_dir($backup_dir) || 592 592 !is_file($backup_dir.'/index.html') || … … 596 596 @mkdir($backup_dir, 0775, true); 597 597 @file_put_contents($backup_dir.'/index.html', "<html><body><a href=\"https://softdiscover.com\" target=\"_blank\">WordPress backups by Softdiscover</a></body></html>"); 598 598 599 599 if (!is_file($backup_dir.'/.htaccess')) { 600 600 @file_put_contents($backup_dir.'/.htaccess', 'deny from all'); 601 601 } 602 602 603 603 if (!is_file($backup_dir.'/web.config')) { 604 604 @file_put_contents($backup_dir.'/web.config', "<configuration>\n<system.webServer>\n<authorization>\n<deny users=\"*\" />\n</authorization>\n</system.webServer>\n</configuration>\n"); … … 608 608 return $backup_dir; 609 609 } 610 610 611 611 public static function get_user_roles() 612 612 { … … 616 616 return $answer; 617 617 } 618 619 618 619 620 620 $user_id = get_current_user_id(); 621 621 622 622 if (empty($user_id)) { 623 623 $answer = array('result'=>'error', 'message'=>esc_html__('Wrong request, valid user ID was missed', 'FRocket_admin')); 624 624 return $answer; 625 625 } 626 626 627 627 $user = get_user_by('id', $user_id); 628 628 if (empty($user)) { … … 630 630 return $answer; 631 631 } 632 632 633 633 $other_roles = array_values($user->roles); 634 634 $primary_role = array_shift($other_roles); 635 635 636 636 global $wp_roles; 637 637 638 638 $roles = $wp_roles->roles; 639 639 $roles_main=array(); … … 641 641 $roles_main[]=$key; 642 642 } 643 643 644 644 $answer = array('result'=>'success', 'primary_role'=>$primary_role, 'other_roles'=>$roles_main); 645 645 646 646 return $answer; 647 647 } 648 648 649 649 /** 650 650 * Check user access … … 657 657 return false; 658 658 } 659 659 660 660 if ( current_user_can('promote_users')) { 661 661 return true; 662 662 } 663 663 664 664 // make sure the user have manage options 665 665 if (!current_user_can('manage_options')) { 666 666 return false; 667 667 } 668 668 669 669 $user = wp_get_current_user(); 670 670 $allowed_roles = get_option('dbflm_fmanager_roles', array()); … … 673 673 return false; 674 674 } 675 675 676 676 /* if( !array_intersect($allowed_roles, $user->roles ) ) { 677 677 return false; 678 678 }*/ 679 680 681 682 683 679 680 681 682 683 684 684 return true; 685 685 } 686 686 687 687 public static function format_size($rawSize) 688 688 { … … 697 697 } 698 698 } 699 700 699 700 701 701 /* 702 702 * Restore files -
softdiscover-db-file-manager/trunk/i18n/languages/backend/wprockf.pot
r3344985 r3350045 1 # Copyright (C) 2025 Managefy 1. 4.92 # This file is distributed under the same license as the Managefy 1. 4.9package.1 # Copyright (C) 2025 Managefy 1.5.0 2 # This file is distributed under the same license as the Managefy 1.5.0 package. 3 3 msgid "" 4 4 msgstr "" 5 "Project-Id-Version: Managefy 1. 4.9\n"5 "Project-Id-Version: Managefy 1.5.0\n" 6 6 "MIME-Version: 1.0\n" 7 7 "Content-Type: text/plain; charset=UTF-8\n" 8 8 "Content-Transfer-Encoding: 8bit\n" 9 "POT-Creation-Date: 2025-08- 15 05:52+0000\n"9 "POT-Creation-Date: 2025-08-26 05:10+0000\n" 10 10 "X-Poedit-Basepath: ..\n" 11 11 "X-Poedit-KeywordsList: __;_e;_ex:1,2c;_n:1,2;_n_noop:1,2;_nx:1,2,4c;_nx_noop:1,2,3c;_x:1,2c;esc_attr__;esc_attr_e;esc_attr_x:1,2c;esc_html__;esc_html_e;esc_html_x:1,2c\n" … … 87 87 msgstr "" 88 88 89 #: modules/filemanager/controllers/backup.php:210 90 msgid "Insufficient permissions." 91 msgstr "" 92 93 #: modules/filemanager/controllers/backup.php:223, modules/filemanager/controllers/backup.php:230, modules/filemanager/controllers/backup.php:241, modules/filemanager/controllers/backup.php:247 94 msgid "Invalid file requested." 95 msgstr "" 96 97 #: modules/filemanager/controllers/backup.php:254 98 msgid "Invalid file name." 99 msgstr "" 100 101 #: modules/filemanager/controllers/backup.php:262 102 msgid "Invalid file type." 103 msgstr "" 104 105 #: modules/filemanager/controllers/backup.php:271 106 msgid "Backup directory unavailable." 107 msgstr "" 108 109 #: modules/filemanager/controllers/backup.php:281 110 msgid "Invalid path." 111 msgstr "" 112 113 #: modules/filemanager/controllers/backup.php:286 114 msgid "File not found." 115 msgstr "" 116 89 117 #: modules/database/views/backend/list_tables.php:27 90 118 msgid "Database manager." -
softdiscover-db-file-manager/trunk/modules/filemanager/controllers/backup.php
r3037022 r3350045 40 40 private $pagination = ""; 41 41 private $model_backup = ""; 42 42 43 43 public $progress; 44 44 public $zip_obj; 45 45 public $last_abort_check; 46 47 46 47 48 48 public $total_targets; 49 49 public $startTime; … … 53 53 public $oFile; 54 54 public $excludes; 55 55 56 56 protected $modules; 57 57 private $per_page = 10; … … 71 71 //create records 72 72 add_action('wp_ajax_flmbkp_backup_createrec', array(&$this, 'ajax_create_records')); 73 73 74 74 //submit header options 75 75 add_action('wp_ajax_flmbkp_backup_sendoptions', array(&$this, 'ajax_submit_options_switch')); … … 77 77 //backup process 78 78 add_action('wp_ajax_flmbkp_backup_watchprogress', array(&$this, 'ajax_watchprogress')); 79 79 80 80 //download file 81 81 add_action('wp_ajax_flmbkp_backup_downloadfile', array(&$this, 'ajax_downloadfile')); 82 82 83 83 //delete record 84 84 add_action('wp_ajax_flmbkp_backup_delete_records', array(&$this, 'ajax_delete_record')); 85 85 86 86 //restore record 87 87 add_action('wp_ajax_flmbkp_backup_restore_records', array(&$this, 'ajax_restore_record')); 88 88 89 89 define('NL', "\r\n"); 90 90 } 91 92 93 94 95 91 92 93 /* 94 * restore record 95 */ 96 96 public function ajax_restore_record() 97 97 { 98 98 99 99 check_ajax_referer('flmbkp_ajax_nonce', 'flmbkp_security'); 100 100 101 101 $bkp_id = (isset($_POST['rec_id']) && $_POST['rec_id']) ? Flmbkp_Form_Helper::sanitizeInput($_POST['rec_id']) : 0; 102 103 102 103 104 104 $log = array(); 105 105 $files_dest = WP_CONTENT_DIR.'/uploads/'; … … 107 107 $rec_info=$this->model_backup->getinfo($bkp_id); 108 108 $backup_directory = Flmbkp_Form_Helper::backup_directory(); 109 109 110 110 //database 111 111 if (file_exists($backup_directory . '/' . $rec_info->bkp_slug .'_database.zip')) { 112 113 112 require_once(FLMBKP_DIR . '/classes/uiform_backup.php'); 113 $objClass = new Flmbkp_Backup($rec_info->bkp_slug, $backup_directory); 114 114 if ($objClass->restoreBackup($log)) { 115 115 $log[] = __('<b>Database backup restored.</b>', 'FRocket_admin'); … … 118 118 } 119 119 } 120 120 121 121 // Plugins 122 122 if (file_exists($backup_directory . '/' . $rec_info->bkp_slug .'_plugins.zip')) { … … 128 128 } 129 129 } 130 130 131 131 // themes 132 132 if (file_exists($backup_directory . '/' . $rec_info->bkp_slug .'_themes.zip')) { … … 148 148 } 149 149 } 150 150 151 151 // Others 152 152 if (file_exists($backup_directory . '/' . $rec_info->bkp_slug .'_others.zip')) { … … 159 159 } 160 160 } 161 161 162 162 $json = array( 163 163 'log' => $log, … … 166 166 'modal_body'=>self::render_template('filemanager/views/backup/restore_message.php', array('log'=>$log)) 167 167 ); 168 168 169 169 header('Content-Type: application/json'); 170 170 echo json_encode($json); 171 171 wp_die(); 172 172 } 173 174 175 176 173 174 /* 175 * Delete record 176 */ 177 177 public function ajax_delete_record() 178 178 { 179 179 180 180 check_ajax_referer('flmbkp_ajax_nonce', 'flmbkp_security'); 181 181 182 182 $bkp_id = (isset($_POST['rec_id']) && $_POST['rec_id']) ? Flmbkp_Form_Helper::sanitizeInput($_POST['rec_id']) : 0; 183 183 184 184 $rec_info=$this->model_backup->getinfo($bkp_id); 185 185 186 186 $backup_directory = Flmbkp_Form_Helper::backup_directory(); 187 187 188 188 @unlink($backup_directory . '/' . $rec_info->bkp_slug .'_plugins.zip'); 189 189 @unlink($backup_directory . '/' . $rec_info->bkp_slug .'_themes.zip'); … … 191 191 @unlink($backup_directory . '/' . $rec_info->bkp_slug .'_others.zip'); 192 192 @unlink($backup_directory . '/' . $rec_info->bkp_slug .'_uploads.zip'); 193 193 194 194 //de;ete recprd 195 195 $this->wpdb->delete($this->model_backup->table, array( 'bkp_id' => $bkp_id)); 196 196 } 197 197 198 198 /* 199 199 * Download file 200 * 201 * FIXED: Prevent path traversal and enforce capability checks. 200 202 */ 201 203 public function ajax_downloadfile() 202 204 { 203 205 check_ajax_referer('flmbkp_ajax_nonce', 'flmbkp_security'); 206 207 // Only privileged users may download backups. 208 if ( ! current_user_can('manage_options') ) { 209 status_header(403); 210 wp_die(__('Insufficient permissions.', 'FRocket_admin')); 211 } 212 204 213 @set_time_limit(900); 205 $flm_file = (isset($_GET['flm_file'])) ? Flmbkp_Form_Helper::sanitizeInput_html($_GET['flm_file']) : ''; 206 207 $backup_directory=Flmbkp_Form_Helper::backup_directory(); 208 $fullpath = $backup_directory.'/'.$flm_file; 209 210 header("Content-Length: ".filesize($fullpath)); 211 header("Content-type: application/octet-stream"); 212 header("Content-Disposition: attachment; filename=\"".basename($fullpath)."\";"); 214 215 // Raw input (no HTML decoding) then minimal normalization 216 $flm_file_raw = isset($_GET['flm_file']) ? wp_unslash($_GET['flm_file']) : ''; 217 // Use your existing helper for generic cleanup, but rely on strict validation below. 218 $flm_file = Flmbkp_Form_Helper::sanitizeInput($flm_file_raw); 219 220 // Basic presence 221 if ( ! is_string($flm_file) || $flm_file === '' ) { 222 status_header(400); 223 wp_die(__('Invalid file requested.', 'FRocket_admin')); 224 } 225 226 // Must be a basename only (no slashes/backslashes) 227 $norm = str_replace('\\', '/', $flm_file); 228 if ( strpos($norm, '/') !== false || basename($norm) !== $norm ) { 229 status_header(400); 230 wp_die(__('Invalid file requested.', 'FRocket_admin')); 231 } 232 233 // No control chars / null bytes / traversal tokens / hidden dotfiles 234 if ( 235 strpos($flm_file, "\0") !== false || 236 preg_match('/[[:cntrl:]]/u', $flm_file) || 237 preg_match('#(^|[\\/])\.{1,2}([\\/]|$)#', $flm_file) || 238 $flm_file[0] === '.' 239 ) { 240 status_header(400); 241 wp_die(__('Invalid file requested.', 'FRocket_admin')); 242 } 243 244 // Reasonable length + strict allowed characters 245 if ( strlen($flm_file) > 200 || ! preg_match('/^[A-Za-z0-9._-]+$/', $flm_file) ) { 246 status_header(400); 247 wp_die(__('Invalid file requested.', 'FRocket_admin')); 248 } 249 250 // (Optional but recommended) enforce expected backup naming pattern 251 // e.g., flmbkp_YYYYMMDDHHIISS_(plugins|themes|uploads|others|database).zip 252 if ( ! preg_match('/^flmbkp_\d{14,}_(plugins|themes|uploads|others|database)\.zip$/', $flm_file) ) { 253 status_header(400); 254 wp_die(__('Invalid file name.', 'FRocket_admin')); 255 } 256 257 // Allow only specific extensions (backups are produced as .zip) 258 $allowed_exts = apply_filters('flmbkp_allowed_download_exts', array('zip')); 259 $ext = strtolower(pathinfo($flm_file, PATHINFO_EXTENSION)); 260 if ( ! in_array($ext, $allowed_exts, true) ) { 261 status_header(400); 262 wp_die(__('Invalid file type.', 'FRocket_admin')); 263 } 264 265 // Resolve paths safely 266 $backup_directory = Flmbkp_Form_Helper::backup_directory(); 267 $backup_directory_real = realpath($backup_directory); 268 269 if ( ! $backup_directory_real || ! is_dir($backup_directory_real) ) { 270 status_header(500); 271 wp_die(__('Backup directory unavailable.', 'FRocket_admin')); 272 } 273 274 // Build candidate path within backup directory and resolve 275 $candidate = $backup_directory_real . DIRECTORY_SEPARATOR . $flm_file; 276 $fullpath = realpath($candidate); 277 278 // Ensure the resolved path is inside the backup directory 279 if ( ! $fullpath || strpos($fullpath, $backup_directory_real . DIRECTORY_SEPARATOR) !== 0 ) { 280 status_header(400); 281 wp_die(__('Invalid path.', 'FRocket_admin')); 282 } 283 284 if ( ! is_file($fullpath) || ! is_readable($fullpath) ) { 285 status_header(404); 286 wp_die(__('File not found.', 'FRocket_admin')); 287 } 288 289 // Stream file to client with safe headers 290 nocache_headers(); 291 header('Content-Type: application/octet-stream'); 292 header('X-Content-Type-Options: nosniff'); 293 header('Content-Disposition: attachment; filename="' . basename($fullpath) . '";'); 294 header('Content-Length: ' . (string) filesize($fullpath)); 295 296 if (ob_get_length()) { 297 @ob_end_clean(); 298 } 299 213 300 readfile($fullpath); 214 exit; 215 } 216 301 exit; // prevent any extra output from corrupting the file 302 } 303 217 304 /** 218 305 * list backups … … 267 354 268 355 check_ajax_referer('flmbkp_ajax_nonce', 'flmbkp_security'); 269 $tmp_nexstep = (isset($_POST['nexstep'])) ? urldecode(Flmbkp_Form_Helper::sanitizeInput_html($_POST['nexstep'])) : ''; 270 356 357 $tmp_data = (isset($_POST['options'])) ? Flmbkp_Form_Helper::sanitizeInput_html($_POST['options']) : ''; 271 358 $data2 = array(); 272 359 foreach (explode('&', $tmp_data) as $value) { … … 274 361 $data2[] = Flmbkp_Form_Helper::sanitizeInput($value1[1]); 275 362 } 276 277 363 364 278 365 $data=array(); 279 366 $data['bkp_slug']='flmbkp_'.date("YmdHis"); … … 287 374 $json['url_redirect']=admin_url('admin.php?page=flmbkp_page_backups'); 288 375 $json['pending']=$data2; 289 376 290 377 header('Content-Type: application/json'); 291 378 echo json_encode($json); 292 379 wp_die(); 293 380 } 294 295 296 /** 297 * receiving header options298 *299 * @mvc Controller300 */381 382 383 /** 384 * receiving header options 385 * 386 * @mvc Controller 387 */ 301 388 public function ajax_submit_options_switch() 302 389 { 303 390 check_ajax_referer('flmbkp_ajax_nonce', 'flmbkp_security'); 304 $tmp_nexstep = (isset($_POST['nexstep'])) ? Flmbkp_Form_Helper::sanitizeInput _html($_POST['nexstep']) : '';305 391 $tmp_nexstep = (isset($_POST['nexstep'])) ? Flmbkp_Form_Helper::sanitizeInput($_POST['nexstep']) : ''; 392 306 393 switch (strval($tmp_nexstep)) { 307 394 case 'plugins': 308 //assigning targets395 //assigning targets 309 396 $tmp_targets=array(ABSPATH.'/wp-content/plugins'); 310 397 311 398 $this->ajax_submit_options($tmp_targets, $tmp_nexstep); 312 399 break; 313 400 case 'themes': 314 //assigning targets401 //assigning targets 315 402 $tmp_targets=array(ABSPATH.'/wp-content/themes'); 316 403 317 404 $this->ajax_submit_options($tmp_targets, $tmp_nexstep); 318 405 break; 319 406 case 'uploads': 320 407 $tmp_targets=array(ABSPATH.'/wp-content/uploads'); 321 408 322 409 $this->ajax_submit_options($tmp_targets, $tmp_nexstep); 323 410 break; … … 325 412 $tmp_targets=array(); 326 413 $tmp_targets=$this->listAndExcludeDIr(ABSPATH.'wp-content', array('uploads','themes','plugins','softdiscover','debug.log')); 327 414 328 415 $this->ajax_submit_options($tmp_targets, $tmp_nexstep); 329 416 break; … … 336 423 } 337 424 } 338 425 339 426 public function mysql_version() 340 427 { 341 428 342 429 if (!version_compare('5.5', phpversion(), '>=')) { 343 430 $database_name=DB_NAME; 344 431 $database_user=DB_USER; 345 432 $datadase_password=DB_PASSWORD; 346 433 $database_host=DB_HOST; 347 348 349 434 435 $con=mysqli_connect($database_host, $database_user, $datadase_password, $database_name); 436 // Check connection 350 437 if (mysqli_connect_errno()) { 351 // echo "Failed to connect to MySQL: " . mysqli_connect_error();352 } 353 354 438 // echo "Failed to connect to MySQL: " . mysqli_connect_error(); 439 } 440 441 $str = mysqli_get_server_info($con); 355 442 }else { 356 443 $str = mysql_get_server_info(); … … 359 446 return $str; 360 447 } 361 448 362 449 /* 363 450 * backup database … … 365 452 public function ajax_submit_backupdb() 366 453 { 367 $tmp_flmbkp_slug = (isset($_POST['flmbkp_slug'])) ? urldecode(Flmbkp_Form_Helper::sanitizeInput _html($_POST['flmbkp_slug'])) : 'flmbkp_err'.date("YmdHis");454 $tmp_flmbkp_slug = (isset($_POST['flmbkp_slug'])) ? urldecode(Flmbkp_Form_Helper::sanitizeInput($_POST['flmbkp_slug'])) : 'flmbkp_err'.date("YmdHis"); 368 455 $this->is_initial_run = !empty($_POST['is_initial_run']); 369 456 require_once FLMBKP_DIR . '/modules/filemanager/helpers/iprogress.php'; 370 457 371 458 $backup_directory = Flmbkp_Form_Helper::backup_directory(); 372 459 373 460 $this->progress = new iProgress('zip', 200); 374 461 $this->oFile = ($this->is_initial_run || !$this->progress->getData('oFile')) ? $backup_directory . '/' . $tmp_flmbkp_slug .'_database.zip' : $this->progress->getData('oFile'); 375 462 $this->progress->setData('oFile', $this->oFile); 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 463 464 $dump = ''; 465 $database = DB_NAME; 466 $server = DB_HOST; 467 $dump .= '-- --------------------------------------------------------------------------------' . NL; 468 $dump .= '-- ' . NL; 469 $dump .= '-- @version: ' . $database . '.sql ' . date('M j, Y') . ' ' . date('H:i') . ' Softdiscover' . NL; 470 $dump .= '-- @package Database & File Manager' . NL; 471 $dump .= '-- @author softdiscover.com.' . NL; 472 $dump .= '-- @copyright 2015' . NL; 473 $dump .= '-- ' . NL; 474 $dump .= '-- --------------------------------------------------------------------------------' . NL; 475 $dump .= '-- Host: ' . $server . NL; 476 $dump .= '-- Database: ' . $database . NL; 477 $dump .= '-- Time: ' . date('M j, Y') . '-' . date('H:i') . NL; 478 $dump .= '-- MySQL version: ' . $this->mysql_version() . NL; 479 $dump .= '-- PHP version: ' . phpversion() . NL; 480 $dump .= '-- --------------------------------------------------------------------------------;' . NL . NL; 481 482 $tables = $this->getTables(); 396 483 if (!empty($tables)) { 397 484 foreach ($tables as $key => $table) { 398 485 $table_dump = $this->dumpTable($table); 399 486 400 487 if (!($table_dump)) { 401 488 return false; … … 404 491 } 405 492 } 406 407 408 409 410 493 494 495 $fname = $backup_directory; 496 $fname .= '/'.$tmp_flmbkp_slug .'_database'; 497 $fname .= '.sql'; 411 498 if (!($f = fopen($fname, 'w'))) { 412 499 return false; 413 500 } 414 415 416 501 fwrite($f, $dump); 502 fclose($f); 503 417 504 $this->zip_obj = new ZipArchive(); 418 505 $this->zip_obj->open($this->oFile, ZipArchive::CREATE); 419 506 $this->zip_obj->addFile($fname, basename($fname)); 420 507 $this->zip_obj->close(); 421 508 422 509 //delete sql file 423 510 unlink($fname); 424 511 425 512 $json = array( 426 513 'error' => false, … … 430 517 'is_finished'=>true 431 518 ); 432 519 433 520 header('Content-Type: application/json'); 434 521 echo json_encode($json); 435 522 wp_die(); 436 523 } 437 524 438 525 public function getTables() 439 526 { … … 444 531 foreach ($result as $mytable) { 445 532 foreach ($mytable as $t) { 446 533 $value[]= $t; 447 534 } 448 535 } … … 450 537 return false; 451 538 } 452 539 453 540 return $value; 454 541 } 455 456 542 543 457 544 public function dumpTable($table) 458 545 { 459 460 461 462 546 547 // $dump = ''; 548 $this->wpdb->query('LOCK TABLES ' . $table . ' WRITE'); 549 463 550 // $tables = $this->wpdb->get_col('SHOW TABLES'); 464 551 $output = ''; 465 //foreach($tables as $table) {552 //foreach($tables as $table) { 466 553 $result = $this->wpdb->get_results("SELECT * FROM {$table}", ARRAY_N); 467 468 469 470 471 554 555 $output .= '-- --------------------------------------------------' . NL; 556 $output .= '-- Table structure for table `' . $table . '`' . NL; 557 $output .= '-- --------------------------------------------------;' . NL; 558 $output .= 'DROP TABLE IF EXISTS `' . $table . '`;' . NL; 472 559 $row2 = $this->wpdb->get_row('SHOW CREATE TABLE '.$table, ARRAY_N); 473 560 $output .= "\n\n".$row2[1].";\n\n"; … … 485 572 } 486 573 $output .= "\n"; 487 //}488 489 490 574 //} 575 576 $this->wpdb->query('UNLOCK TABLES'); 577 return $output; 491 578 } 492 579 /** … … 499 586 500 587 try { 501 $is_initial_run = (isset($_POST['is_initial_run'])) ? Flmbkp_Form_Helper::sanitizeInput _html($_POST['is_initial_run']) : 0;502 $flush_to_disk = (isset($_POST['flush_to_disk'])) ? Flmbkp_Form_Helper::sanitizeInput _html($_POST['flush_to_disk']) : 50;503 $max_execution_time = (isset($_POST['max_execution_time'])) ? Flmbkp_Form_Helper::sanitizeInput _html($_POST['max_execution_time']) : 20;504 $tmp_flmbkp_slug = (isset($_POST['flmbkp_slug'])) ? urldecode(Flmbkp_Form_Helper::sanitizeInput _html($_POST['flmbkp_slug'])) : 'flmbkp_err'.date("YmdHis");588 $is_initial_run = (isset($_POST['is_initial_run'])) ? Flmbkp_Form_Helper::sanitizeInput($_POST['is_initial_run']) : 0; 589 $flush_to_disk = (isset($_POST['flush_to_disk'])) ? Flmbkp_Form_Helper::sanitizeInput($_POST['flush_to_disk']) : 50; 590 $max_execution_time = (isset($_POST['max_execution_time'])) ? Flmbkp_Form_Helper::sanitizeInput($_POST['max_execution_time']) : 20; 591 $tmp_flmbkp_slug = (isset($_POST['flmbkp_slug'])) ? urldecode(Flmbkp_Form_Helper::sanitizeInput($_POST['flmbkp_slug'])) : 'flmbkp_err'.date("YmdHis"); 505 592 506 593 $this->startTime = microtime(true); 507 508 //language594 595 //language 509 596 if (isset($data['flpbkp_opt_files']) && intval($data['flpbkp_opt_files']) === 1) { 510 597 // $this->generate_zip_files(); 511 598 } 512 599 513 600 require_once FLMBKP_DIR . '/modules/filemanager/helpers/iprogress.php'; 514 601 515 602 $this->progress = new iProgress('zip', 200); 516 603 … … 525 612 $use_system_calls = false; 526 613 $last_abort_check = microtime(true); 527 528 529 614 615 616 530 617 $targets = ($this->is_initial_run && !empty($tmp_targets)) ? $tmp_targets : $this->progress->getData('targets'); 531 618 532 619 if (!$targets) { 533 620 $json['error'] = true; … … 547 634 548 635 clearstatcache(true); 549 636 550 637 foreach ($targets as $target) { 551 638 $path = realpath($target); … … 563 650 } 564 651 } 565 652 566 653 if ($this->is_initial_run) { 567 654 $this->progress->addMsg('Found ' . $this->total_targets . ' items for zipping'); … … 570 657 571 658 $backup_directory = Flmbkp_Form_Helper::backup_directory(); 572 659 573 660 $this->oFile = ($this->is_initial_run || !$this->progress->getData('oFile')) ? $backup_directory.'/'. $tmp_flmbkp_slug .'_'.$tmp_nexstep. '.zip' : $this->progress->getData('oFile'); 574 575 576 661 662 663 577 664 $this->progress->setData('oFile', $this->oFile); 578 665 579 666 chdir(sys_get_temp_dir()); // Zip always get's created in current working dir so move to tmp. 580 667 581 668 $this->zip_obj = new ZipArchive(); 582 669 $this->zip_obj->open($this->oFile, ZipArchive::CREATE); 583 670 584 671 $this->iteration_number = 0; 585 672 … … 595 682 $this->stop_iteration(); 596 683 } 597 684 598 685 set_time_limit(60); 599 686 if (is_dir($target)) { … … 608 695 if ($this->iteration_number > $this->progress->getProgress(false)) { 609 696 $this->progress->addMsg('Adding file "' . $target . '"'); 610 697 611 698 if (file_exists($target) && is_file($target)) { 612 699 $this->zip_obj->addFile($target, basename($target)); 613 700 } 614 615 701 702 616 703 $this->progress->iterateWith(1); 617 704 … … 629 716 $file_url = FLMBKP_URL . '/' . basename($this->oFile); 630 717 $json = array( 631 'error' => false,632 'continue' => false,633 'fileURL' => $file_url,634 'is_finished'=>false718 'error' => false, 719 'continue' => false, 720 'fileURL' => $file_url, 721 'is_finished'=>false 635 722 ); 636 723 637 724 header('Content-Type: application/json'); 638 725 echo json_encode($json); … … 659 746 public function listAndExcludeDIr($dir, $exclude = array()) 660 747 { 661 748 662 749 if (!is_dir($dir)) { 663 664 } 665 666 667 668 750 return array(); 751 } 752 753 $acceptedfiles=array(); 754 $entries = scandir($dir); 755 //reads the filenames, one by one 669 756 foreach ($entries as $file) { 670 757 if ($file == '.' || $file == '..') { 671 758 continue; 672 759 } 673 760 674 761 $full_path = $dir.'/'.$file; 675 762 676 763 if (is_dir($full_path) && $file!="." && $file!=".." && !in_array($file, $exclude)) { 677 764 $acceptedfiles[]=$full_path; … … 681 768 } 682 769 } 683 684 770 //closedir($handle); 771 return $acceptedfiles; 685 772 } 686 773 /** … … 702 789 'percent' => $this->progress->getProgressPercent() 703 790 ); 704 791 705 792 header('Content-Type: application/json'); 706 793 echo json_encode($json); … … 755 842 public function flush_zip() 756 843 { 757 //$zip=$this->zip_obj;844 //$zip=$this->zip_obj; 758 845 $this->zip_obj->close(); 759 846 $this->zip_obj->open($this->oFile); 760 //$this->zip_obj=$zip;761 } 762 763 847 //$this->zip_obj=$zip; 848 } 849 850 764 851 public function zip_dir($path, $base = '') 765 852 { 766 853 767 854 $progress = $this->progress; 768 769 855 856 770 857 $entries = scandir($path); 771 858 … … 809 896 } 810 897 } 811 898 812 899 public function stop_iteration() 813 900 { … … 854 941 { 855 942 //global $use_system_calls; 856 943 857 944 $use_system_calls=false; 858 945 859 946 $path = rtrim($path, '/'); 860 947 if ($use_system_calls) { … … 889 976 public function abort_if_requested() 890 977 { 891 978 892 979 $progress = $this->progress; 893 980 $last_abort_check = $this->last_abort_check;
Note: See TracChangeset
for help on using the changeset viewer.