aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/includes/acp
diff options
context:
space:
mode:
authorMarc Alexander <admin@m-a-styles.de>2019-01-06 16:52:47 +0100
committerMarc Alexander <admin@m-a-styles.de>2019-01-06 16:52:47 +0100
commit0af07d14258627449b0e9fd673ef5e437c39b88b (patch)
treebfd3811e0d6334987ba57f792cbb70d21d560604 /phpBB/includes/acp
parent537ff0c567de293763226390ab9d968ab73d77d5 (diff)
downloadforums-0af07d14258627449b0e9fd673ef5e437c39b88b.tar
forums-0af07d14258627449b0e9fd673ef5e437c39b88b.tar.gz
forums-0af07d14258627449b0e9fd673ef5e437c39b88b.tar.bz2
forums-0af07d14258627449b0e9fd673ef5e437c39b88b.tar.xz
forums-0af07d14258627449b0e9fd673ef5e437c39b88b.zip
[ticket/15928] Remove support for downloading backups
PHPBB3-15928
Diffstat (limited to 'phpBB/includes/acp')
-rw-r--r--phpBB/includes/acp/acp_database.php206
1 files changed, 107 insertions, 99 deletions
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php
index 19c4f6e4f1..05f2b98524 100644
--- a/phpBB/includes/acp/acp_database.php
+++ b/phpBB/includes/acp/acp_database.php
@@ -23,6 +23,7 @@ class acp_database
{
var $db_tools;
var $u_action;
+ public $page_title;
function main($id, $mode)
{
@@ -69,18 +70,13 @@ class acp_database
trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
- $store = $download = $structure = $schema_data = false;
+ $store = $structure = $schema_data = false;
- if ($where == 'store_and_download' || $where == 'store')
+ if ($where == 'store')
{
$store = true;
}
- if ($where == 'store_and_download' || $where == 'download')
- {
- $download = true;
- }
-
if ($type == 'full' || $type == 'structure')
{
$structure = true;
@@ -98,8 +94,9 @@ class acp_database
$filename = 'backup_' . $time . '_' . unique_id();
+ /** @var phpbb\db\extractor\extractor_interface $extractor Database extractor */
$extractor = $phpbb_container->get('dbal.extractor');
- $extractor->init_extractor($format, $filename, $time, $download, $store);
+ $extractor->init_extractor($format, $filename, $time, false, $store);
$extractor->write_start($table_prefix);
@@ -145,11 +142,6 @@ class acp_database
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_DB_BACKUP');
- if ($download == true)
- {
- exit;
- }
-
trigger_error($user->lang['BACKUP_SUCCESS'] . adm_back_link($this->u_action));
break;
@@ -201,16 +193,10 @@ class acp_database
case 'submit':
$delete = $request->variable('delete', '');
$file = $request->variable('file', '');
- $download = $request->variable('download', '');
- if (!preg_match('#^backup_\d{10,}_(?:[a-z\d]{16}|[a-z\d]{32})\.(sql(?:\.(?:gz|bz2))?)$#i', $file, $matches))
- {
- trigger_error($user->lang['BACKUP_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
- }
+ $backup_info = $this->get_backup_file($phpbb_root_path . 'store/', $file);
- $file_name = $phpbb_root_path . 'store/' . $matches[0];
-
- if (!file_exists($file_name) || !is_readable($file_name))
+ if (empty($backup_info) || !is_readable($backup_info['file_name']))
{
trigger_error($user->lang['BACKUP_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
}
@@ -219,7 +205,7 @@ class acp_database
{
if (confirm_box(true))
{
- unlink($file_name);
+ unlink($backup_info['file_name']);
$phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_DB_DELETE');
trigger_error($user->lang['BACKUP_DELETE'] . adm_back_link($this->u_action));
}
@@ -228,50 +214,12 @@ class acp_database
confirm_box(false, $user->lang['DELETE_SELECTED_BACKUP'], build_hidden_fields(array('delete' => $delete, 'file' => $file)));
}
}
- else if ($download || confirm_box(true))
+ else if (confirm_box(true))
{
- if ($download)
- {
- $name = $matches[0];
-
- switch ($matches[1])
- {
- case 'sql':
- $mimetype = 'text/x-sql';
- break;
- case 'sql.bz2':
- $mimetype = 'application/x-bzip2';
- break;
- case 'sql.gz':
- $mimetype = 'application/x-gzip';
- break;
- }
-
- header('Cache-Control: private, no-cache');
- header("Content-Type: $mimetype; name=\"$name\"");
- header("Content-disposition: attachment; filename=$name");
-
- @set_time_limit(0);
-
- $fp = @fopen($file_name, 'rb');
-
- if ($fp !== false)
- {
- while (!feof($fp))
- {
- echo fread($fp, 8192);
- }
- fclose($fp);
- }
-
- flush();
- exit;
- }
-
- switch ($matches[1])
+ switch ($backup_info['extensions'])
{
case 'sql':
- $fp = fopen($file_name, 'rb');
+ $fp = fopen($backup_info['file_name'], 'rb');
$read = 'fread';
$seek = 'fseek';
$eof = 'feof';
@@ -280,7 +228,7 @@ class acp_database
break;
case 'sql.bz2':
- $fp = bzopen($file_name, 'r');
+ $fp = bzopen($backup_info['file_name'], 'r');
$read = 'bzread';
$seek = '';
$eof = 'feof';
@@ -289,13 +237,17 @@ class acp_database
break;
case 'sql.gz':
- $fp = gzopen($file_name, 'rb');
+ $fp = gzopen($backup_info['file_name'], 'rb');
$read = 'gzread';
$seek = 'gzseek';
$eof = 'gzeof';
$close = 'gzclose';
$fgetd = 'fgetd';
break;
+
+ default:
+ trigger_error($user->lang['BACKUP_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+ return;
}
switch ($db->get_sql_layer())
@@ -375,43 +327,13 @@ class acp_database
trigger_error($user->lang['RESTORE_SUCCESS'] . adm_back_link($this->u_action));
break;
}
- else if (!$download)
+ else
{
confirm_box(false, $user->lang['RESTORE_SELECTED_BACKUP'], build_hidden_fields(array('file' => $file)));
}
default:
- $methods = array('sql');
- $available_methods = array('sql.gz' => 'zlib', 'sql.bz2' => 'bz2');
-
- foreach ($available_methods as $type => $module)
- {
- if (!@extension_loaded($module))
- {
- continue;
- }
- $methods[] = $type;
- }
-
- $dir = $phpbb_root_path . 'store/';
- $dh = @opendir($dir);
-
- $backup_files = array();
-
- if ($dh)
- {
- while (($file = readdir($dh)) !== false)
- {
- if (preg_match('#^backup_(\d{10,})_(?:[a-z\d]{16}|[a-z\d]{32})\.(sql(?:\.(?:gz|bz2))?)$#i', $file, $matches))
- {
- if (in_array($matches[2], $methods))
- {
- $backup_files[(int) $matches[1]] = $file;
- }
- }
- }
- closedir($dh);
- }
+ $backup_files = $this->get_file_list($phpbb_root_path . 'store/');
if (!empty($backup_files))
{
@@ -420,8 +342,8 @@ class acp_database
foreach ($backup_files as $name => $file)
{
$template->assign_block_vars('files', array(
- 'FILE' => $file,
- 'NAME' => $user->format_date($name, 'd-m-Y H:i:s', true),
+ 'FILE' => sha1($file),
+ 'NAME' => $user->format_date($name, 'd-m-Y H:i', true),
'SUPPORTED' => true,
));
}
@@ -435,6 +357,92 @@ class acp_database
break;
}
}
+
+ /**
+ * Get backup file from file hash
+ *
+ * @param string $directory Relative path to directory
+ * @param string $file_hash Hash of selected file
+ *
+ * @return array Backup file data or empty array if unable to find file
+ */
+ protected function get_backup_file($directory, $file_hash)
+ {
+ $backup_data = [];
+
+ $file_list = $this->get_file_list($directory);
+ $supported_extensions = $this->get_supported_extensions();
+
+ foreach ($file_list as $file)
+ {
+ preg_match('#^backup_(\d{10,})_(?:[a-z\d]{16}|[a-z\d]{32})\.(sql(?:\.(?:gz|bz2))?)$#i', $file, $matches);
+ if (sha1($file) === $file_hash && in_array($matches[2], $supported_extensions))
+ {
+ $backup_data = [
+ 'file_name' => $directory . $file,
+ 'extension' => $matches[2],
+ ];
+ break;
+ }
+ }
+
+ return $backup_data;
+ }
+
+ /**
+ * Get backup file list for directory
+ *
+ * @param string $directory Relative path to backup directory
+ *
+ * @return array List of backup files in specified directory
+ */
+ protected function get_file_list($directory)
+ {
+ $supported_extensions = $this->get_supported_extensions();
+
+ $dh = @opendir($directory);
+
+ $backup_files = [];
+
+ if ($dh)
+ {
+ while (($file = readdir($dh)) !== false)
+ {
+ if (preg_match('#^backup_(\d{10,})_(?:[a-z\d]{16}|[a-z\d]{32})\.(sql(?:\.(?:gz|bz2))?)$#i', $file, $matches))
+ {
+ if (in_array($matches[2], $supported_extensions))
+ {
+ $backup_files[(int) $matches[1]] = $file;
+ }
+ }
+ }
+ closedir($dh);
+ }
+
+ return $backup_files;
+ }
+
+ /**
+ * Get supported extensions for backup
+ *
+ * @return array List of supported extensions
+ */
+ protected function get_supported_extensions()
+ {
+ $extensions = ['sql'];
+ $available_methods = ['sql.gz' => 'zlib', 'sql.bz2' => 'bz2'];
+
+ foreach ($available_methods as $type => $module)
+ {
+ if (!@extension_loaded($module))
+ {
+ continue;
+ }
+ $extensions[] = $type;
+ }
+
+ return $extensions;
+ }
}
// get how much space we allow for a chunk of data, very similar to phpMyAdmin's way of doing things ;-) (hey, we only do this for MySQL anyway :P)
generated by cgit v1.2.1 (git 2.21.0) at 2024-11-12 01:18:36 +0000