diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-08-03 16:24:20 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-08-03 16:24:20 +0000 |
| commit | 07fe228a48dfad552ec954a73974ece4f4b0f7e2 (patch) | |
| tree | 9f7f2b554c94cd79e6da8a5ba387bab7fb92d8d8 | |
| parent | c04d6619600cb3dee07ee834ce6890ea83b324b9 (diff) | |
| download | forums-07fe228a48dfad552ec954a73974ece4f4b0f7e2.tar forums-07fe228a48dfad552ec954a73974ece4f4b0f7e2.tar.gz forums-07fe228a48dfad552ec954a73974ece4f4b0f7e2.tar.bz2 forums-07fe228a48dfad552ec954a73974ece4f4b0f7e2.tar.xz forums-07fe228a48dfad552ec954a73974ece4f4b0f7e2.zip | |
Added gzip decompression for uploaded file
git-svn-id: file:///svn/phpbb/trunk@807 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/admin/admin_db_utilities.php | 57 | ||||
| -rwxr-xr-x | phpBB/language/lang_english.php | 5 |
2 files changed, 52 insertions, 10 deletions
diff --git a/phpBB/admin/admin_db_utilities.php b/phpBB/admin/admin_db_utilities.php index f8ce716673..eb8160bac6 100644 --- a/phpBB/admin/admin_db_utilities.php +++ b/phpBB/admin/admin_db_utilities.php @@ -942,7 +942,7 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) ) "body" => "admin/db_utils_restore_body.tpl") ); - $s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"restore\"><input type=\"hidden\" name=\"perform\" value=\"$perform\">"; + $s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"restore\" /><input type=\"hidden\" name=\"perform\" value=\"$perform\" />"; $template->assign_vars(array( "L_DATABASE_RESTORE" => $lang['Database_Utilities'] . " : " . $lang['Restore'], @@ -964,10 +964,14 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) ) // Handle the file upload .... // If no file was uploaded report an error... // - if($backup_file == "none") + $backup_file_name = (!empty($HTTP_POST_FILES['backup_file']['name'])) ? $HTTP_POST_FILES['backup_file']['name'] : ""; + $backup_file_tmpname = ($HTTP_POST_FILES['backup_file']['tmp_name'] != "none") ? $HTTP_POST_FILES['backup_file']['tmp_name'] : ""; + $backup_file_type = (!empty($HTTP_POST_FILES['backup_file']['type'])) ? $HTTP_POST_FILES['backup_file']['type'] : ""; + + if($backup_file_tmpname == "" || $backup_file_name == "") { include('page_header_admin.'.$phpEx); - message_die(GENERAL_ERROR, "Backup file upload failed"); + message_die(GENERAL_MESSAGE, $lang['Restore_Error_no_file']); } // // If I file was actually uploaded, check to make sure that we @@ -975,18 +979,51 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) ) // a hackers attempt at getting us to process a local system // file. // - if(ereg("^php[0-9A-Za-z_.-]+$", basename($backup_file))) + if( file_exists($backup_file_tmpname) ) { - $sql_query = fread(fopen($backup_file, 'r'), filesize($backup_file)); - // - // Comment this line out to see if this fixes the stuff... - // - //$sql_query = stripslashes($sql_query); + if( preg_match("/^(text\/[a-zA-Z]+)|(application\/(x\-)?gzip\-compressed)$/is", $backup_file_type) ) + { + if( preg_match("/\.gz$/is",$backup_file_name) ) + { + $do_gzip_compress = FALSE; + $phpver = phpversion(); + if($phpver >= "4.0") + { + if(extension_loaded("zlib")) + { + $do_gzip_compress = TRUE; + } + } + + if($do_gzip_compress) + { + $sql_query = gzread(gzopen($backup_file_tmpname, 'rb'), filesize($backup_file_tmpname)); + } + else + { + include('page_header_admin.'.$phpEx); + message_die(GENERAL_ERROR, $lang['Restore_Error_decompress']); + } + } + else + { + $sql_query = fread(fopen($backup_file_tmpname, 'r'), filesize($backup_file_tmpname)); + } + // + // Comment this line out to see if this fixes the stuff... + // + //$sql_query = stripslashes($sql_query); + } + else + { + include('page_header_admin.'.$phpEx); + message_die(GENERAL_ERROR, $lang['Restore_Error_filename']); + } } else { include('page_header_admin.'.$phpEx); - message_die(GENERAL_ERROR, "Trouble Accessing uploaded file"); + message_die(GENERAL_ERROR, $lang['Restore_Error_uploading']); } $sql_query = trim($sql_query); diff --git a/phpBB/language/lang_english.php b/phpBB/language/lang_english.php index 09921689e6..42095b8285 100755 --- a/phpBB/language/lang_english.php +++ b/phpBB/language/lang_english.php @@ -686,6 +686,11 @@ $lang['Restore_success'] = "The Database has been successfully restored.<br /><b $lang['Backup_download'] = "Your download will start shortly please wait till it begins"; $lang['Backups_not_supported'] = "Sorry but database backups are not currently supported for your database system"; +$lang['Restore_Error_uploading'] = "Error in uploading the backup file"; +$lang['Restore_Error_filename'] = "Filename problem, please try an alternative file"; +$lang['Restore_Error_decompress'] = "Cannot decompress a gzip file, please upload a plain text version"; +$lang['Restore_Error_no_file'] = "No file was uploaded"; + // Auth pages $lang['Administrator'] = "Administrator"; $lang['User'] = "User"; |