From 47f7d07e2c11ef348458f24adfa86eaf0ba0a40a Mon Sep 17 00:00:00 2001 From: "Paul S. Owen" Date: Tue, 16 Jul 2002 12:31:21 +0000 Subject: renamed git-svn-id: file:///svn/phpbb/trunk@2687 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/admin/admin_database.php | 1021 ++++++++++++++++++++++++++++++++++++ phpBB/admin/admin_db_utilities.php | 1021 ------------------------------------ phpBB/admin/admin_user_ban.php | 478 ----------------- 3 files changed, 1021 insertions(+), 1499 deletions(-) create mode 100644 phpBB/admin/admin_database.php delete mode 100644 phpBB/admin/admin_db_utilities.php delete mode 100644 phpBB/admin/admin_user_ban.php (limited to 'phpBB/admin') diff --git a/phpBB/admin/admin_database.php b/phpBB/admin/admin_database.php new file mode 100644 index 0000000000..e1599fb272 --- /dev/null +++ b/phpBB/admin/admin_database.php @@ -0,0 +1,1021 @@ +get_acl_admin('general') ) + { + return; + } + + $filename = basename(__FILE__); + $module['DB']['DB_Backup'] = $filename . "?perform=backup"; + + $file_uploads = @ini_get('file_uploads'); + if( ($file_uploads != 0 || empty($file_uploads)) && (strtolower($file_uploads) != 'off') && (@phpversion() != '4.0.4pl1') ) + { + $module['DB']['DB_Restore'] = $filename . "?perform=restore"; + } + + return; +} + +// +// Load default header +// +$no_page_header = TRUE; +$phpbb_root_path = "../"; +require($phpbb_root_path . 'extension.inc'); +require('pagestart.' . $phpEx); +include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); + +if ( !$acl->get_acl_admin('general') ) +{ + message_die(MESSAGE, $lang['No_admin']); +} + +// +// Increase maximum execution time, but don't complain about it if it isn't +// allowed. +// +@set_time_limit(1200); + +// +// Begin program proper +// + +if ( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) ) +{ + $perform = ( isset($HTTP_POST_VARS['perform']) ) ? $HTTP_POST_VARS['perform'] : $HTTP_GET_VARS['perform']; + + switch($perform) + { + case 'backup': + + if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' ) + { + switch ( SQL_LAYER ) + { + case 'oracle': + $db_type = 'Oracle'; + break; + case 'odbc': + $db_type = 'ODBC'; + break; + case 'mssql': + $db_type = 'MSSQL'; + break; + } + + include('page_header_admin.'.$phpEx); + + $template->assign_vars(array( + "MESSAGE_TITLE" => $lang['Information'], + "MESSAGE_TEXT" => $lang['Backups_not_supported']) + ); + + break; + } + + $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words'); + + $additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( ( isset($HTTP_GET_VARS['additional_tables']) ) ? $HTTP_GET_VARS['additional_tables'] : "" ); + + $backup_type = (isset($HTTP_POST_VARS['backup_type'])) ? $HTTP_POST_VARS['backup_type'] : ( ( isset($HTTP_GET_VARS['backup_type']) ) ? $HTTP_GET_VARS['backup_type'] : "" ); + + $gzipcompress = (!empty($HTTP_POST_VARS['gzipcompress'])) ? $HTTP_POST_VARS['gzipcompress'] : ( ( !empty($HTTP_GET_VARS['gzipcompress']) ) ? $HTTP_GET_VARS['gzipcompress'] : 0 ); + + if ( !empty($additional_tables) ) + { + if ( ereg(",", $additional_tables)) + { + $additional_tables = split(",", $additional_tables); + + for($i = 0; $i < count($additional_tables); $i++) + { + $tables[] = trim($additional_tables[$i]); + } + + } + else + { + $tables[] = trim($additional_tables); + } + } + + if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart'])) + { + $s_hidden_fields = ''; + + page_header($lang['DB']); +?> + +

+ +

+ +
"> + + + + + + + + + + + + + + + + + + + + + + + + + + +
 
+ +assign_vars(array( + "META" => "", + + "MESSAGE_TITLE" => $lang['Database_Utilities'] . " : " . $lang['Backup'], + "MESSAGE_TEXT" => $lang['Backup_download']) + ); + + include('page_header_admin.php'); + + include('page_footer_admin.'.$phpEx); + + } + + header("Pragma: no-cache"); + $do_gzip_compress = FALSE; + + if( $gzipcompress ) + { + $phpver = phpversion(); + + if($phpver >= "4.0") + { + if(extension_loaded("zlib")) + { + $do_gzip_compress = TRUE; + } + } + } + if($do_gzip_compress) + { + @ob_start(); + @ob_implicit_flush(0); + header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.sql.gz\""); + header("Content-disposition: attachment; filename=phpbb_db_backup.sql.gz"); + } + else + { + header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.sql\""); + header("Content-disposition: attachment; filename=phpbb_db_backup.sql"); + } + + // + // Build the sql script file... + // + echo "#\n"; + echo "# phpBB Backup Script\n"; + echo "# Dump of tables for $dbname\n"; + echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; + echo "#\n"; + + if(SQL_LAYER == 'postgresql') + { + echo "\n" . pg_get_sequences("\n", $backup_type); + } + for($i = 0; $i < count($tables); $i++) + { + $table_name = $tables[$i]; + if(SQL_LAYER != 'mysql4') + { + $table_def_function = "get_table_def_" . SQL_LAYER; + $table_content_function = "get_table_content_" . SQL_LAYER; + } + else + { + $table_def_function = "get_table_def_mysql"; + $table_content_function = "get_table_content_mysql"; + } + + if($backup_type != 'data') + { + echo "#\n# TABLE: " . $table_prefix . $table_name . "\n#\n"; + echo $table_def_function($table_prefix . $table_name, "\n") . "\n"; + } + + if($backup_type != 'structure') + { + $table_content_function($table_prefix . $table_name, "output_table_content"); + } + } + + if($do_gzip_compress) + { + $Size = ob_get_length(); + $Crc = crc32(ob_get_contents()); + $contents = gzcompress(ob_get_contents()); + ob_end_clean(); + echo "\x1f\x8b\x08\x00\x00\x00\x00\x00".substr($contents, 0, strlen($contents) - 4).gzip_PrintFourChars($Crc).gzip_PrintFourChars($Size); + } + exit; + + break; + + case 'restore': + + if ( !isset($restore_start) ) + { + $s_hidden_fields = ''; + + page_header($lang['DB']); + +?> + +

+ +

+ +
"> + + + + + + +
    
+ += "4.0") + { + if(extension_loaded("zlib")) + { + $do_gzip_compress = TRUE; + } + } + + if($do_gzip_compress) + { + $gz_ptr = gzopen($backup_file_tmpname, 'rb'); + $sql_query = ""; + while( !gzeof($gz_ptr) ) + { + $sql_query .= gzgets($gz_ptr, 100000); + } + } + else + { + include('page_header_admin.'.$phpEx); + message_die(ERROR, $lang['Restore_Error_decompress']); + } + } + else + { + $sql_query = fread(fopen($backup_file_tmpname, 'r'), filesize($backup_file_tmpname)); + } + // + // Comment this line out to see if this fixes the stuff... + // + //$sql_query = stripslashes($sql_query); + } + else + { + include('page_header_admin.'.$phpEx); + message_die(ERROR, $lang['Restore_Error_filename'] ." $backup_file_type $backup_file_name"); + } + } + else + { + include('page_header_admin.'.$phpEx); + message_die(ERROR, $lang['Restore_Error_uploading']); + } + + if($sql_query != "") + { + // Strip out sql comments... + $sql_query = remove_remarks($sql_query); + $pieces = split_sql_file($sql_query, ";"); + + $sql_count = count($pieces); + for($i = 0; $i < $sql_count; $i++) + { + $sql = trim($pieces[$i]); + + if(!empty($sql) and $sql[0] != "#") + { + if(DEBUG == 1) + { + echo "Executing: $sql\n
"; + flush(); + } + + $result = $db->sql_query($sql); + + if(!$result && ( !(SQL_LAYER == 'postgresql' && eregi("drop table", $sql) ) ) ) + { + //include('page_header_admin.'.$phpEx); + // echo "~~$sql~~"; + message_die(ERROR, "Error importing backup file", "", __LINE__, __FILE__, $sql); + } + } + } + } + + include('page_header_admin.'.$phpEx); + + $message = $lang['Restore_success']; + + $template->assign_vars(array( + "MESSAGE_TITLE" => $lang['Database_Utilities'] . " : " . $lang['Restore'], + "MESSAGE_TEXT" => $message) + ); + + break; + } + break; + } +} + +?> + + + + + +sql_query($get_seq_sql); + + if( !$num_seq = $db->sql_numrows($seq) ) + { + + $return_val = "# No Sequences Found $crlf"; + + } + else + { + $return_val = "# Sequences $crlf"; + $i_seq = 0; + + while($i_seq < $num_seq) + { + $row = $db->sql_fetchrow($seq); + $sequence = $row['relname']; + + $get_props_sql = "SELECT * FROM $sequence"; + $seq_props = $db->sql_query($get_props_sql); + + if($db->sql_numrows($seq_props) > 0) + { + $row1 = $db->sql_fetchrow($seq_props); + + if($backup_type == 'structure') + { + $row['last_value'] = 1; + } + + $return_val .= "CREATE SEQUENCE $sequence start " . $row['last_value'] . ' increment ' . $row['increment_by'] . ' maxvalue ' . $row['max_value'] . ' minvalue ' . $row['min_value'] . ' cache ' . $row['cache_value'] . "; $crlf"; + + } // End if numrows > 0 + + if(($row['last_value'] > 1) && ($backup_type != 'structure')) + { + $return_val .= "SELECT NEXTVALE('$sequence'); $crlf"; + unset($row['last_value']); + } + + $i_seq++; + + } // End while.. + + } // End else... + + return $returnval; + +} // End function... + +// +// The following functions will return the "CREATE TABLE syntax for the +// varying DBMS's +// +// This function returns, will return the table def's for postgres... +// +function get_table_def_postgresql($table, $crlf) +{ + global $drop, $db; + + $schema_create = ""; + // + // Get a listing of the fields, with their associated types, etc. + // + + $field_query = "SELECT a.attnum, a.attname AS field, t.typname as type, a.attlen AS length, a.atttypmod as lengthvar, a.attnotnull as notnull + FROM pg_class c, pg_attribute a, pg_type t + WHERE c.relname = '$table' + AND a.attnum > 0 + AND a.attrelid = c.oid + AND a.atttypid = t.oid + ORDER BY a.attnum"; + $result = $db->sql_query($field_query); + + if(!$result) + { + message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query); + } // end if.. + + if ($drop == 1) + { + $schema_create .= "DROP TABLE $table;$crlf"; + } // end if + + // + // Ok now we actually start building the SQL statements to restore the tables + // + + $schema_create .= "CREATE TABLE $table($crlf"; + + while ($row = $db->sql_fetchrow($result)) + { + // + // Get the data from the table + // + $sql_get_default = "SELECT d.adsrc AS rowdefault + FROM pg_attrdef d, pg_class c + WHERE (c.relname = '$table') + AND (c.oid = d.adrelid) + AND d.adnum = " . $row['attnum']; + $def_res = $db->sql_query($sql_get_default); + + if (!$def_res) + { + unset($row['rowdefault']); + } + else + { + $row['rowdefault'] = @pg_result($def_res, 0, 'rowdefault'); + } + + if ($row['type'] == 'bpchar') + { + // Internally stored as bpchar, but isn't accepted in a CREATE TABLE statement. + $row['type'] = 'char'; + } + + $schema_create .= ' ' . $row['field'] . ' ' . $row['type']; + + if (eregi('char', $row['type'])) + { + if ($row['lengthvar'] > 0) + { + $schema_create .= '(' . ($row['lengthvar'] -4) . ')'; + } + } + + if (eregi('numeric', $row['type'])) + { + $schema_create .= '('; + $schema_create .= sprintf("%s,%s", (($row['lengthvar'] >> 16) & 0xffff), (($row['lengthvar'] - 4) & 0xffff)); + $schema_create .= ')'; + } + + if (!empty($row['rowdefault'])) + { + $schema_create .= ' DEFAULT ' . $row['rowdefault']; + } + + if ($row['notnull'] == 't') + { + $schema_create .= ' NOT NULL'; + } + + $schema_create .= ",$crlf"; + + } + // + // Get the listing of primary keys. + // + + $sql_pri_keys = "SELECT ic.relname AS index_name, bc.relname AS tab_name, ta.attname AS column_name, i.indisunique AS unique_key, i.indisprimary AS primary_key + FROM pg_class bc, pg_class ic, pg_index i, pg_attribute ta, pg_attribute ia + WHERE (bc.oid = i.indrelid) + AND (ic.oid = i.indexrelid) + AND (ia.attrelid = i.indexrelid) + AND (ta.attrelid = bc.oid) + AND (bc.relname = '$table') + AND (ta.attrelid = i.indrelid) + AND (ta.attnum = i.indkey[ia.attnum-1]) + ORDER BY index_name, tab_name, column_name "; + $result = $db->sql_query($sql_pri_keys); + + if(!$result) + { + message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_pri_keys); + } + + while ( $row = $db->sql_fetchrow($result)) + { + if ($row['primary_key'] == 't') + { + if (!empty($primary_key)) + { + $primary_key .= ', '; + } + + $primary_key .= $row['column_name']; + $primary_key_name = $row['index_name']; + + } + else + { + // + // We have to store this all this info because it is possible to have a multi-column key... + // we can loop through it again and build the statement + // + $index_rows[$row['index_name']]['table'] = $table; + $index_rows[$row['index_name']]['unique'] = ($row['unique_key'] == 't') ? ' UNIQUE ' : ''; + $index_rows[$row['index_name']]['column_names'] .= $row['column_name'] . ', '; + } + } + + if (!empty($index_rows)) + { + while(list($idx_name, $props) = each($index_rows)) + { + $props['column_names'] = ereg_replace(", $", "" , $props['column_names']); + $index_create .= 'CREATE ' . $props['unique'] . " INDEX $idx_name ON $table (" . $props['column_names'] . ");$crlf"; + } + } + + if (!empty($primary_key)) + { + $schema_create .= " CONSTRAINT $primary_key_name PRIMARY KEY ($primary_key),$crlf"; + } + + // + // Generate constraint clauses for CHECK constraints + // + $sql_checks = "SELECT rcname as index_name, rcsrc + FROM pg_relcheck, pg_class bc + WHERE rcrelid = bc.oid + AND bc.relname = '$table' + AND NOT EXISTS ( + SELECT * + FROM pg_relcheck as c, pg_inherits as i + WHERE i.inhrelid = pg_relcheck.rcrelid + AND c.rcname = pg_relcheck.rcname + AND c.rcsrc = pg_relcheck.rcsrc + AND c.rcrelid = i.inhparent + )"; + $result = $db->sql_query($sql_checks); + + if (!$result) + { + message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_checks); + } + + // + // Add the constraints to the sql file. + // + while ($row = $db->sql_fetchrow($result)) + { + $schema_create .= ' CONSTRAINT ' . $row['index_name'] . ' CHECK ' . $row['rcsrc'] . ",$crlf"; + } + + $schema_create = ereg_replace(',' . $crlf . '$', '', $schema_create); + $index_create = ereg_replace(',' . $crlf . '$', '', $index_create); + + $schema_create .= "$crlf);$crlf"; + + if (!empty($index_create)) + { + $schema_create .= $index_create; + } + + // + // Ok now we've built all the sql return it to the calling function. + // + return (stripslashes($schema_create)); + +} + +// +// This function returns the "CREATE TABLE" syntax for mysql dbms... +// +function get_table_def_mysql($table, $crlf) +{ + global $drop, $db; + + $schema_create = ""; + $field_query = "SHOW FIELDS FROM $table"; + $key_query = "SHOW KEYS FROM $table"; + + // + // If the user has selected to drop existing tables when doing a restore. + // Then we add the statement to drop the tables.... + // + if ($drop == 1) + { + $schema_create .= "DROP TABLE IF EXISTS $table;$crlf"; + } + + $schema_create .= "CREATE TABLE $table($crlf"; + + // + // Ok lets grab the fields... + // + $result = $db->sql_query($field_query); + if(!result) + { + message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query); + } + + while ($row = $db->sql_fetchrow($result)) + { + $schema_create .= ' ' . $row['Field'] . ' ' . $row['Type']; + + if(!empty($row['Default'])) + { + $schema_create .= ' DEFAULT \'' . $row['Default'] . '\''; + } + + if($row['Null'] != "YES") + { + $schema_create .= ' NOT NULL'; + } + + if($row['Extra'] != "") + { + $schema_create .= ' ' . $row['Extra']; + } + + $schema_create .= ",$crlf"; + } + // + // Drop the last ',$crlf' off ;) + // + $schema_create = ereg_replace(',' . $crlf . '$', "", $schema_create); + + // + // Get any Indexed fields from the database... + // + $result = $db->sql_query($key_query); + + while($row = $db->sql_fetchrow($result)) + { + $kname = $row['Key_name']; + + if(($kname != 'PRIMARY') && ($row['Non_unique'] == 0)) + { + $kname = "UNIQUE|$kname"; + } + + if(!is_array($index[$kname])) + { + $index[$kname] = array(); + } + + $index[$kname][] = $row['Column_name']; + } + + while(list($x, $columns) = @each($index)) + { + $schema_create .= ", $crlf"; + + if($x == 'PRIMARY') + { + $schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')'; + } + elseif (substr($x,0,6) == 'UNIQUE') + { + $schema_create .= ' UNIQUE ' . substr($x,7) . ' (' . implode($columns, ', ') . ')'; + } + else + { + $schema_create .= " KEY $x (" . implode($columns, ', ') . ')'; + } + } + + $schema_create .= "$crlf);"; + + if(get_magic_quotes_runtime()) + { + return(stripslashes($schema_create)); + } + else + { + return($schema_create); + } + +} // End get_table_def_mysql + + +// +// This fuction will return a tables create definition to be used as an sql +// statement. +// +// +// The following functions Get the data from the tables and format it as a +// series of INSERT statements, for each different DBMS... +// After every row a custom callback function $handler gets called. +// $handler must accept one parameter ($sql_insert); +// +// +// Here is the function for postgres... +// +function get_table_content_postgresql($table, $handler) +{ + global $db; + + // + // Grab all of the data from current table. + // + + $result = $db->sql_query("SELECT * FROM $table"); + + if (!$result) + { + message_die(GENERAL_ERROR, "Failed in get_table_content (select *)", "", __LINE__, __FILE__, "SELECT * FROM $table"); + } + + $i_num_fields = $db->sql_numfields($result); + + for ($i = 0; $i < $i_num_fields; $i++) + { + $aryType[] = $db->sql_fieldtype($i, $result); + $aryName[] = $db->sql_fieldname($i, $result); + } + + $iRec = 0; + + while($row = $db->sql_fetchrow($result)) + { + unset($schema_vals); + unset($schema_fields); + unset($schema_insert); + // + // Build the SQL statement to recreate the data. + // + for($i = 0; $i < $i_num_fields; $i++) + { + $strVal = $row[$aryName[$i]]; + if (eregi("char|text|bool", $aryType[$i])) + { + $strQuote = "'"; + $strEmpty = ""; + $strVal = addslashes($strVal); + } + elseif (eregi("date|timestamp", $aryType[$i])) + { + if ($empty($strVal)) + { + $strQuote = ""; + } + else + { + $strQuote = "'"; + } + } + else + { + $strQuote = ""; + $strEmpty = "NULL"; + } + + if (empty($strVal) && $strVal != "0") + { + $strVal = $strEmpty; + } + + $schema_vals .= " $strQuote$strVal$strQuote,"; + $schema_fields .= " $aryName[$i],"; + + } + + $schema_vals = ereg_replace(",$", "", $schema_vals); + $schema_vals = ereg_replace("^ ", "", $schema_vals); + $schema_fields = ereg_replace(",$", "", $schema_fields); + $schema_fields = ereg_replace("^ ", "", $schema_fields); + + // + // Take the ordered fields and their associated data and build it + // into a valid sql statement to recreate that field in the data. + // + $schema_insert = "INSERT INTO $table ($schema_fields) VALUES($schema_vals);"; + + $handler(trim($schema_insert)); + } + + return(true); + +}// end function get_table_content_postgres... + +// +// This function is for getting the data from a mysql table. +// + +function get_table_content_mysql($table, $handler) +{ + global $db; + // + // Grab the data from the table. + // + $result = $db->sql_query("SELECT * FROM $table"); + + if (!$result) + { + message_die(GENERAL_ERROR, "Failed in get_table_content (select *)", "", __LINE__, __FILE__, "SELECT * FROM $table"); + } + + if($db->sql_numrows($result) > 0) + { + $schema_insert = "\n#\n# Table Data for $table\n#\n"; + } + else + { + $schema_insert = ""; + } + + $handler($schema_insert); + + // + // Loop through the resulting rows and build the sql statement. + // + + while ($row = $db->sql_fetchrow($result)) + { + $table_list = '('; + $num_fields = $db->sql_numfields($result); + // + // Grab the list of field names. + // + for ($j = 0; $j < $num_fields; $j++) + { + $table_list .= $db->sql_fieldname($j, $result) . ', '; + } + // + // Get rid of the last comma + // + $table_list = ereg_replace(', $', '', $table_list); + $table_list .= ')'; + // + // Start building the SQL statement. + // + $schema_insert = "INSERT INTO $table $table_list VALUES("; + // + // Loop through the rows and fill in data for each column + // + for ($j = 0; $j < $num_fields; $j++) + { + if(!isset($row[$j])) + { + // + // If there is no data for the column set it to null. + // There was a problem here with an extra space causing the + // sql file not to reimport if the last column was null in + // any table. Should be fixed now :) JLH + // + $schema_insert .= ' NULL,'; + } + elseif ($row[$j] != '') + { + $schema_insert .= ' \'' . addslashes($row[$j]) . '\','; + } + else + { + $schema_insert .= '\'\','; + } + } + // + // Get rid of the the last comma. + // + $schema_insert = ereg_replace(',$', '', $schema_insert); + $schema_insert .= ');'; + // + // Go ahead and send the insert statement to the handler function. + // + $handler(trim($schema_insert)); + + } + return(true); +} + +function output_table_content($content) +{ + global $tempfile; + + //fwrite($tempfile, $content . "\n"); + //$backup_sql .= $content . "\n"; + echo $content ."\n"; + return; +} +// +// End Functions +// ------------- + +?> \ No newline at end of file diff --git a/phpBB/admin/admin_db_utilities.php b/phpBB/admin/admin_db_utilities.php deleted file mode 100644 index e1599fb272..0000000000 --- a/phpBB/admin/admin_db_utilities.php +++ /dev/null @@ -1,1021 +0,0 @@ -get_acl_admin('general') ) - { - return; - } - - $filename = basename(__FILE__); - $module['DB']['DB_Backup'] = $filename . "?perform=backup"; - - $file_uploads = @ini_get('file_uploads'); - if( ($file_uploads != 0 || empty($file_uploads)) && (strtolower($file_uploads) != 'off') && (@phpversion() != '4.0.4pl1') ) - { - $module['DB']['DB_Restore'] = $filename . "?perform=restore"; - } - - return; -} - -// -// Load default header -// -$no_page_header = TRUE; -$phpbb_root_path = "../"; -require($phpbb_root_path . 'extension.inc'); -require('pagestart.' . $phpEx); -include($phpbb_root_path . 'includes/functions_admin.'.$phpEx); - -if ( !$acl->get_acl_admin('general') ) -{ - message_die(MESSAGE, $lang['No_admin']); -} - -// -// Increase maximum execution time, but don't complain about it if it isn't -// allowed. -// -@set_time_limit(1200); - -// -// Begin program proper -// - -if ( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) ) -{ - $perform = ( isset($HTTP_POST_VARS['perform']) ) ? $HTTP_POST_VARS['perform'] : $HTTP_GET_VARS['perform']; - - switch($perform) - { - case 'backup': - - if ( SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql' ) - { - switch ( SQL_LAYER ) - { - case 'oracle': - $db_type = 'Oracle'; - break; - case 'odbc': - $db_type = 'ODBC'; - break; - case 'mssql': - $db_type = 'MSSQL'; - break; - } - - include('page_header_admin.'.$phpEx); - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Information'], - "MESSAGE_TEXT" => $lang['Backups_not_supported']) - ); - - break; - } - - $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words'); - - $additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( ( isset($HTTP_GET_VARS['additional_tables']) ) ? $HTTP_GET_VARS['additional_tables'] : "" ); - - $backup_type = (isset($HTTP_POST_VARS['backup_type'])) ? $HTTP_POST_VARS['backup_type'] : ( ( isset($HTTP_GET_VARS['backup_type']) ) ? $HTTP_GET_VARS['backup_type'] : "" ); - - $gzipcompress = (!empty($HTTP_POST_VARS['gzipcompress'])) ? $HTTP_POST_VARS['gzipcompress'] : ( ( !empty($HTTP_GET_VARS['gzipcompress']) ) ? $HTTP_GET_VARS['gzipcompress'] : 0 ); - - if ( !empty($additional_tables) ) - { - if ( ereg(",", $additional_tables)) - { - $additional_tables = split(",", $additional_tables); - - for($i = 0; $i < count($additional_tables); $i++) - { - $tables[] = trim($additional_tables[$i]); - } - - } - else - { - $tables[] = trim($additional_tables); - } - } - - if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart'])) - { - $s_hidden_fields = ''; - - page_header($lang['DB']); -?> - -

- -

- -
"> - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
- -assign_vars(array( - "META" => "", - - "MESSAGE_TITLE" => $lang['Database_Utilities'] . " : " . $lang['Backup'], - "MESSAGE_TEXT" => $lang['Backup_download']) - ); - - include('page_header_admin.php'); - - include('page_footer_admin.'.$phpEx); - - } - - header("Pragma: no-cache"); - $do_gzip_compress = FALSE; - - if( $gzipcompress ) - { - $phpver = phpversion(); - - if($phpver >= "4.0") - { - if(extension_loaded("zlib")) - { - $do_gzip_compress = TRUE; - } - } - } - if($do_gzip_compress) - { - @ob_start(); - @ob_implicit_flush(0); - header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.sql.gz\""); - header("Content-disposition: attachment; filename=phpbb_db_backup.sql.gz"); - } - else - { - header("Content-Type: text/x-delimtext; name=\"phpbb_db_backup.sql\""); - header("Content-disposition: attachment; filename=phpbb_db_backup.sql"); - } - - // - // Build the sql script file... - // - echo "#\n"; - echo "# phpBB Backup Script\n"; - echo "# Dump of tables for $dbname\n"; - echo "#\n# DATE : " . gmdate("d-m-Y H:i:s", time()) . " GMT\n"; - echo "#\n"; - - if(SQL_LAYER == 'postgresql') - { - echo "\n" . pg_get_sequences("\n", $backup_type); - } - for($i = 0; $i < count($tables); $i++) - { - $table_name = $tables[$i]; - if(SQL_LAYER != 'mysql4') - { - $table_def_function = "get_table_def_" . SQL_LAYER; - $table_content_function = "get_table_content_" . SQL_LAYER; - } - else - { - $table_def_function = "get_table_def_mysql"; - $table_content_function = "get_table_content_mysql"; - } - - if($backup_type != 'data') - { - echo "#\n# TABLE: " . $table_prefix . $table_name . "\n#\n"; - echo $table_def_function($table_prefix . $table_name, "\n") . "\n"; - } - - if($backup_type != 'structure') - { - $table_content_function($table_prefix . $table_name, "output_table_content"); - } - } - - if($do_gzip_compress) - { - $Size = ob_get_length(); - $Crc = crc32(ob_get_contents()); - $contents = gzcompress(ob_get_contents()); - ob_end_clean(); - echo "\x1f\x8b\x08\x00\x00\x00\x00\x00".substr($contents, 0, strlen($contents) - 4).gzip_PrintFourChars($Crc).gzip_PrintFourChars($Size); - } - exit; - - break; - - case 'restore': - - if ( !isset($restore_start) ) - { - $s_hidden_fields = ''; - - page_header($lang['DB']); - -?> - -

- -

- -
"> - - - - - - -
    
- -= "4.0") - { - if(extension_loaded("zlib")) - { - $do_gzip_compress = TRUE; - } - } - - if($do_gzip_compress) - { - $gz_ptr = gzopen($backup_file_tmpname, 'rb'); - $sql_query = ""; - while( !gzeof($gz_ptr) ) - { - $sql_query .= gzgets($gz_ptr, 100000); - } - } - else - { - include('page_header_admin.'.$phpEx); - message_die(ERROR, $lang['Restore_Error_decompress']); - } - } - else - { - $sql_query = fread(fopen($backup_file_tmpname, 'r'), filesize($backup_file_tmpname)); - } - // - // Comment this line out to see if this fixes the stuff... - // - //$sql_query = stripslashes($sql_query); - } - else - { - include('page_header_admin.'.$phpEx); - message_die(ERROR, $lang['Restore_Error_filename'] ." $backup_file_type $backup_file_name"); - } - } - else - { - include('page_header_admin.'.$phpEx); - message_die(ERROR, $lang['Restore_Error_uploading']); - } - - if($sql_query != "") - { - // Strip out sql comments... - $sql_query = remove_remarks($sql_query); - $pieces = split_sql_file($sql_query, ";"); - - $sql_count = count($pieces); - for($i = 0; $i < $sql_count; $i++) - { - $sql = trim($pieces[$i]); - - if(!empty($sql) and $sql[0] != "#") - { - if(DEBUG == 1) - { - echo "Executing: $sql\n
"; - flush(); - } - - $result = $db->sql_query($sql); - - if(!$result && ( !(SQL_LAYER == 'postgresql' && eregi("drop table", $sql) ) ) ) - { - //include('page_header_admin.'.$phpEx); - // echo "~~$sql~~"; - message_die(ERROR, "Error importing backup file", "", __LINE__, __FILE__, $sql); - } - } - } - } - - include('page_header_admin.'.$phpEx); - - $message = $lang['Restore_success']; - - $template->assign_vars(array( - "MESSAGE_TITLE" => $lang['Database_Utilities'] . " : " . $lang['Restore'], - "MESSAGE_TEXT" => $message) - ); - - break; - } - break; - } -} - -?> - - - - - -sql_query($get_seq_sql); - - if( !$num_seq = $db->sql_numrows($seq) ) - { - - $return_val = "# No Sequences Found $crlf"; - - } - else - { - $return_val = "# Sequences $crlf"; - $i_seq = 0; - - while($i_seq < $num_seq) - { - $row = $db->sql_fetchrow($seq); - $sequence = $row['relname']; - - $get_props_sql = "SELECT * FROM $sequence"; - $seq_props = $db->sql_query($get_props_sql); - - if($db->sql_numrows($seq_props) > 0) - { - $row1 = $db->sql_fetchrow($seq_props); - - if($backup_type == 'structure') - { - $row['last_value'] = 1; - } - - $return_val .= "CREATE SEQUENCE $sequence start " . $row['last_value'] . ' increment ' . $row['increment_by'] . ' maxvalue ' . $row['max_value'] . ' minvalue ' . $row['min_value'] . ' cache ' . $row['cache_value'] . "; $crlf"; - - } // End if numrows > 0 - - if(($row['last_value'] > 1) && ($backup_type != 'structure')) - { - $return_val .= "SELECT NEXTVALE('$sequence'); $crlf"; - unset($row['last_value']); - } - - $i_seq++; - - } // End while.. - - } // End else... - - return $returnval; - -} // End function... - -// -// The following functions will return the "CREATE TABLE syntax for the -// varying DBMS's -// -// This function returns, will return the table def's for postgres... -// -function get_table_def_postgresql($table, $crlf) -{ - global $drop, $db; - - $schema_create = ""; - // - // Get a listing of the fields, with their associated types, etc. - // - - $field_query = "SELECT a.attnum, a.attname AS field, t.typname as type, a.attlen AS length, a.atttypmod as lengthvar, a.attnotnull as notnull - FROM pg_class c, pg_attribute a, pg_type t - WHERE c.relname = '$table' - AND a.attnum > 0 - AND a.attrelid = c.oid - AND a.atttypid = t.oid - ORDER BY a.attnum"; - $result = $db->sql_query($field_query); - - if(!$result) - { - message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query); - } // end if.. - - if ($drop == 1) - { - $schema_create .= "DROP TABLE $table;$crlf"; - } // end if - - // - // Ok now we actually start building the SQL statements to restore the tables - // - - $schema_create .= "CREATE TABLE $table($crlf"; - - while ($row = $db->sql_fetchrow($result)) - { - // - // Get the data from the table - // - $sql_get_default = "SELECT d.adsrc AS rowdefault - FROM pg_attrdef d, pg_class c - WHERE (c.relname = '$table') - AND (c.oid = d.adrelid) - AND d.adnum = " . $row['attnum']; - $def_res = $db->sql_query($sql_get_default); - - if (!$def_res) - { - unset($row['rowdefault']); - } - else - { - $row['rowdefault'] = @pg_result($def_res, 0, 'rowdefault'); - } - - if ($row['type'] == 'bpchar') - { - // Internally stored as bpchar, but isn't accepted in a CREATE TABLE statement. - $row['type'] = 'char'; - } - - $schema_create .= ' ' . $row['field'] . ' ' . $row['type']; - - if (eregi('char', $row['type'])) - { - if ($row['lengthvar'] > 0) - { - $schema_create .= '(' . ($row['lengthvar'] -4) . ')'; - } - } - - if (eregi('numeric', $row['type'])) - { - $schema_create .= '('; - $schema_create .= sprintf("%s,%s", (($row['lengthvar'] >> 16) & 0xffff), (($row['lengthvar'] - 4) & 0xffff)); - $schema_create .= ')'; - } - - if (!empty($row['rowdefault'])) - { - $schema_create .= ' DEFAULT ' . $row['rowdefault']; - } - - if ($row['notnull'] == 't') - { - $schema_create .= ' NOT NULL'; - } - - $schema_create .= ",$crlf"; - - } - // - // Get the listing of primary keys. - // - - $sql_pri_keys = "SELECT ic.relname AS index_name, bc.relname AS tab_name, ta.attname AS column_name, i.indisunique AS unique_key, i.indisprimary AS primary_key - FROM pg_class bc, pg_class ic, pg_index i, pg_attribute ta, pg_attribute ia - WHERE (bc.oid = i.indrelid) - AND (ic.oid = i.indexrelid) - AND (ia.attrelid = i.indexrelid) - AND (ta.attrelid = bc.oid) - AND (bc.relname = '$table') - AND (ta.attrelid = i.indrelid) - AND (ta.attnum = i.indkey[ia.attnum-1]) - ORDER BY index_name, tab_name, column_name "; - $result = $db->sql_query($sql_pri_keys); - - if(!$result) - { - message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_pri_keys); - } - - while ( $row = $db->sql_fetchrow($result)) - { - if ($row['primary_key'] == 't') - { - if (!empty($primary_key)) - { - $primary_key .= ', '; - } - - $primary_key .= $row['column_name']; - $primary_key_name = $row['index_name']; - - } - else - { - // - // We have to store this all this info because it is possible to have a multi-column key... - // we can loop through it again and build the statement - // - $index_rows[$row['index_name']]['table'] = $table; - $index_rows[$row['index_name']]['unique'] = ($row['unique_key'] == 't') ? ' UNIQUE ' : ''; - $index_rows[$row['index_name']]['column_names'] .= $row['column_name'] . ', '; - } - } - - if (!empty($index_rows)) - { - while(list($idx_name, $props) = each($index_rows)) - { - $props['column_names'] = ereg_replace(", $", "" , $props['column_names']); - $index_create .= 'CREATE ' . $props['unique'] . " INDEX $idx_name ON $table (" . $props['column_names'] . ");$crlf"; - } - } - - if (!empty($primary_key)) - { - $schema_create .= " CONSTRAINT $primary_key_name PRIMARY KEY ($primary_key),$crlf"; - } - - // - // Generate constraint clauses for CHECK constraints - // - $sql_checks = "SELECT rcname as index_name, rcsrc - FROM pg_relcheck, pg_class bc - WHERE rcrelid = bc.oid - AND bc.relname = '$table' - AND NOT EXISTS ( - SELECT * - FROM pg_relcheck as c, pg_inherits as i - WHERE i.inhrelid = pg_relcheck.rcrelid - AND c.rcname = pg_relcheck.rcname - AND c.rcsrc = pg_relcheck.rcsrc - AND c.rcrelid = i.inhparent - )"; - $result = $db->sql_query($sql_checks); - - if (!$result) - { - message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_checks); - } - - // - // Add the constraints to the sql file. - // - while ($row = $db->sql_fetchrow($result)) - { - $schema_create .= ' CONSTRAINT ' . $row['index_name'] . ' CHECK ' . $row['rcsrc'] . ",$crlf"; - } - - $schema_create = ereg_replace(',' . $crlf . '$', '', $schema_create); - $index_create = ereg_replace(',' . $crlf . '$', '', $index_create); - - $schema_create .= "$crlf);$crlf"; - - if (!empty($index_create)) - { - $schema_create .= $index_create; - } - - // - // Ok now we've built all the sql return it to the calling function. - // - return (stripslashes($schema_create)); - -} - -// -// This function returns the "CREATE TABLE" syntax for mysql dbms... -// -function get_table_def_mysql($table, $crlf) -{ - global $drop, $db; - - $schema_create = ""; - $field_query = "SHOW FIELDS FROM $table"; - $key_query = "SHOW KEYS FROM $table"; - - // - // If the user has selected to drop existing tables when doing a restore. - // Then we add the statement to drop the tables.... - // - if ($drop == 1) - { - $schema_create .= "DROP TABLE IF EXISTS $table;$crlf"; - } - - $schema_create .= "CREATE TABLE $table($crlf"; - - // - // Ok lets grab the fields... - // - $result = $db->sql_query($field_query); - if(!result) - { - message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query); - } - - while ($row = $db->sql_fetchrow($result)) - { - $schema_create .= ' ' . $row['Field'] . ' ' . $row['Type']; - - if(!empty($row['Default'])) - { - $schema_create .= ' DEFAULT \'' . $row['Default'] . '\''; - } - - if($row['Null'] != "YES") - { - $schema_create .= ' NOT NULL'; - } - - if($row['Extra'] != "") - { - $schema_create .= ' ' . $row['Extra']; - } - - $schema_create .= ",$crlf"; - } - // - // Drop the last ',$crlf' off ;) - // - $schema_create = ereg_replace(',' . $crlf . '$', "", $schema_create); - - // - // Get any Indexed fields from the database... - // - $result = $db->sql_query($key_query); - - while($row = $db->sql_fetchrow($result)) - { - $kname = $row['Key_name']; - - if(($kname != 'PRIMARY') && ($row['Non_unique'] == 0)) - { - $kname = "UNIQUE|$kname"; - } - - if(!is_array($index[$kname])) - { - $index[$kname] = array(); - } - - $index[$kname][] = $row['Column_name']; - } - - while(list($x, $columns) = @each($index)) - { - $schema_create .= ", $crlf"; - - if($x == 'PRIMARY') - { - $schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')'; - } - elseif (substr($x,0,6) == 'UNIQUE') - { - $schema_create .= ' UNIQUE ' . substr($x,7) . ' (' . implode($columns, ', ') . ')'; - } - else - { - $schema_create .= " KEY $x (" . implode($columns, ', ') . ')'; - } - } - - $schema_create .= "$crlf);"; - - if(get_magic_quotes_runtime()) - { - return(stripslashes($schema_create)); - } - else - { - return($schema_create); - } - -} // End get_table_def_mysql - - -// -// This fuction will return a tables create definition to be used as an sql -// statement. -// -// -// The following functions Get the data from the tables and format it as a -// series of INSERT statements, for each different DBMS... -// After every row a custom callback function $handler gets called. -// $handler must accept one parameter ($sql_insert); -// -// -// Here is the function for postgres... -// -function get_table_content_postgresql($table, $handler) -{ - global $db; - - // - // Grab all of the data from current table. - // - - $result = $db->sql_query("SELECT * FROM $table"); - - if (!$result) - { - message_die(GENERAL_ERROR, "Failed in get_table_content (select *)", "", __LINE__, __FILE__, "SELECT * FROM $table"); - } - - $i_num_fields = $db->sql_numfields($result); - - for ($i = 0; $i < $i_num_fields; $i++) - { - $aryType[] = $db->sql_fieldtype($i, $result); - $aryName[] = $db->sql_fieldname($i, $result); - } - - $iRec = 0; - - while($row = $db->sql_fetchrow($result)) - { - unset($schema_vals); - unset($schema_fields); - unset($schema_insert); - // - // Build the SQL statement to recreate the data. - // - for($i = 0; $i < $i_num_fields; $i++) - { - $strVal = $row[$aryName[$i]]; - if (eregi("char|text|bool", $aryType[$i])) - { - $strQuote = "'"; - $strEmpty = ""; - $strVal = addslashes($strVal); - } - elseif (eregi("date|timestamp", $aryType[$i])) - { - if ($empty($strVal)) - { - $strQuote = ""; - } - else - { - $strQuote = "'"; - } - } - else - { - $strQuote = ""; - $strEmpty = "NULL"; - } - - if (empty($strVal) && $strVal != "0") - { - $strVal = $strEmpty; - } - - $schema_vals .= " $strQuote$strVal$strQuote,"; - $schema_fields .= " $aryName[$i],"; - - } - - $schema_vals = ereg_replace(",$", "", $schema_vals); - $schema_vals = ereg_replace("^ ", "", $schema_vals); - $schema_fields = ereg_replace(",$", "", $schema_fields); - $schema_fields = ereg_replace("^ ", "", $schema_fields); - - // - // Take the ordered fields and their associated data and build it - // into a valid sql statement to recreate that field in the data. - // - $schema_insert = "INSERT INTO $table ($schema_fields) VALUES($schema_vals);"; - - $handler(trim($schema_insert)); - } - - return(true); - -}// end function get_table_content_postgres... - -// -// This function is for getting the data from a mysql table. -// - -function get_table_content_mysql($table, $handler) -{ - global $db; - // - // Grab the data from the table. - // - $result = $db->sql_query("SELECT * FROM $table"); - - if (!$result) - { - message_die(GENERAL_ERROR, "Failed in get_table_content (select *)", "", __LINE__, __FILE__, "SELECT * FROM $table"); - } - - if($db->sql_numrows($result) > 0) - { - $schema_insert = "\n#\n# Table Data for $table\n#\n"; - } - else - { - $schema_insert = ""; - } - - $handler($schema_insert); - - // - // Loop through the resulting rows and build the sql statement. - // - - while ($row = $db->sql_fetchrow($result)) - { - $table_list = '('; - $num_fields = $db->sql_numfields($result); - // - // Grab the list of field names. - // - for ($j = 0; $j < $num_fields; $j++) - { - $table_list .= $db->sql_fieldname($j, $result) . ', '; - } - // - // Get rid of the last comma - // - $table_list = ereg_replace(', $', '', $table_list); - $table_list .= ')'; - // - // Start building the SQL statement. - // - $schema_insert = "INSERT INTO $table $table_list VALUES("; - // - // Loop through the rows and fill in data for each column - // - for ($j = 0; $j < $num_fields; $j++) - { - if(!isset($row[$j])) - { - // - // If there is no data for the column set it to null. - // There was a problem here with an extra space causing the - // sql file not to reimport if the last column was null in - // any table. Should be fixed now :) JLH - // - $schema_insert .= ' NULL,'; - } - elseif ($row[$j] != '') - { - $schema_insert .= ' \'' . addslashes($row[$j]) . '\','; - } - else - { - $schema_insert .= '\'\','; - } - } - // - // Get rid of the the last comma. - // - $schema_insert = ereg_replace(',$', '', $schema_insert); - $schema_insert .= ');'; - // - // Go ahead and send the insert statement to the handler function. - // - $handler(trim($schema_insert)); - - } - return(true); -} - -function output_table_content($content) -{ - global $tempfile; - - //fwrite($tempfile, $content . "\n"); - //$backup_sql .= $content . "\n"; - echo $content ."\n"; - return; -} -// -// End Functions -// ------------- - -?> \ No newline at end of file diff --git a/phpBB/admin/admin_user_ban.php b/phpBB/admin/admin_user_ban.php deleted file mode 100644 index 99f110c01f..0000000000 --- a/phpBB/admin/admin_user_ban.php +++ /dev/null @@ -1,478 +0,0 @@ -sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't obtain banlist information", "", __LINE__, __FILE__, $sql); - } - - $current_banlist = $db->sql_fetchrowset($result); - - $kill_session_sql = ''; - for($i = 0; $i < count($user_list); $i++) - { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) - { - if($user_list[$i] == $current_banlist[$j]['ban_userid']) - { - $in_banlist = true; - } - } - - if(!$in_banlist) - { - $kill_session_sql .= ( ($kill_session_sql != '') ? ' OR ' : '' ) . "session_user_id = " . $user_list[$i]; - - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_userid) - VALUES (" . $user_list[$i] . ")"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_userid info into database", "", __LINE__, __FILE__, $sql); - } - } - } - - for($i = 0; $i < count($ip_list); $i++) - { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) - { - if($ip_list[$i] == $current_banlist[$j]['ban_ip']) - { - $in_banlist = true; - } - } - - if ( !$in_banlist ) - { - $kill_ip_sql = ( preg_match('/256/s') ) ? "session_ip LIKE '" . preg_replace('/(256)/s', '%', $ip_list[$i]) . "'" : "session_ip = '" . $ip_list[$i] . "'"; - - $kill_session_sql .= ( ($kill_session_sql != '') ? ' OR ' : '' ) . $kill_ip_sql; - - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_ip) - VALUES ('" . $ip_list[$i] . "')"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_ip info into database", "", __LINE__, __FILE__, $sql); - } - } - } - - // - // Now we'll delete all entries from the - // session table with any of the banned - // user or IP info just entered into the - // ban table ... this will force a session - // initialisation resulting in an instant - // ban - // - if( $kill_session_sql != "" ) - { - $sql = "DELETE FROM " . SESSIONS_TABLE . " - WHERE $kill_session_sql"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql); - } - } - - for($i = 0; $i < count($email_list); $i++) - { - $in_banlist = false; - for($j = 0; $j < count($current_banlist); $j++) - { - if( $email_list[$i] == $current_banlist[$j]['ban_email'] ) - { - $in_banlist = true; - } - } - - if( !$in_banlist ) - { - $sql = "INSERT INTO " . BANLIST_TABLE . " (ban_email) - VALUES ('" . str_replace("\'", "''", $email_list[$i]) . "')"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't insert ban_email info into database", "", __LINE__, __FILE__, $sql); - } - } - } - - $where_sql = ""; - - if(isset($HTTP_POST_VARS['unban_user'])) - { - $user_list = $HTTP_POST_VARS['unban_user']; - - for($i = 0; $i < count($user_list); $i++) - { - if($user_list[$i] != -1) - { - if($where_sql != "") - { - $where_sql .= ", "; - } - $where_sql .= $user_list[$i]; - } - } - } - - if( isset($HTTP_POST_VARS['unban_ip']) ) - { - $ip_list = $HTTP_POST_VARS['unban_ip']; - - for($i = 0; $i < count($ip_list); $i++) - { - if($ip_list[$i] != -1) - { - if($where_sql != "") - { - $where_sql .= ", "; - } - $where_sql .= $ip_list[$i]; - } - } - } - - if( isset($HTTP_POST_VARS['unban_email']) ) - { - $email_list = $HTTP_POST_VARS['unban_email']; - - for($i = 0; $i < count($email_list); $i++) - { - if($email_list[$i] != -1) - { - if($where_sql != "") - { - $where_sql .= ", "; - } - $where_sql .= $email_list[$i]; - } - } - } - - if( $where_sql != "" ) - { - $sql = "DELETE FROM " . BANLIST_TABLE . " - WHERE ban_id IN ($where_sql)"; - if( !$result = $db->sql_query($sql) ) - { - message_die(GENERAL_ERROR, "Couldn't delete ban info from database", "", __LINE__, __FILE__, $sql); - } - } - - $message = $lang['Ban_update_sucessful'] . "

" . sprintf($lang['Click_return_banadmin'], "", "") . "

" . sprintf($lang['Click_return_admin_index'], "", ""); - - message_die(GENERAL_MESSAGE, $message); - -} -else -{ - $template->set_filenames(array( - 'body' => 'admin/user_ban_body.tpl') - ); - - $template->assign_vars(array( - 'L_BAN_TITLE' => $lang['Ban_control'], - 'L_BAN_EXPLAIN' => $lang['Ban_explain'], - 'L_BAN_EXPLAIN_WARN' => $lang['Ban_explain_warn'], - 'L_IP_OR_HOSTNAME' => $lang['IP_hostname'], - 'L_EMAIL_ADDRESS' => $lang['Email_address'], - 'L_SUBMIT' => $lang['Submit'], - 'L_RESET' => $lang['Reset'], - - 'S_BANLIST_ACTION' => append_sid("admin_user_ban.$phpEx")) - ); - - $userban_count = 0; - - $sql = "SELECT user_id, username - FROM " . USERS_TABLE . " - WHERE user_id <> " . ANONYMOUS . " - ORDER BY username ASC"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql); - } - - $user_list = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); - - $select_userlist = ''; - for($i = 0; $i < count($user_list); $i++) - { - $select_userlist .= ''; - $userban_count++; - } - $select_userlist = ''; - - $template->assign_vars(array( - 'L_BAN_USER' => $lang['Ban_username'], - 'L_BAN_USER_EXPLAIN' => $lang['Ban_username_explain'], - 'L_BAN_IP' => $lang['Ban_IP'], - 'L_BAN_IP_EXPLAIN' => $lang['Ban_IP_explain'], - 'L_BAN_EMAIL' => $lang['Ban_email'], - 'L_BAN_EMAIL_EXPLAIN' => $lang['Ban_email_explain'], - - 'S_BAN_USERLIST_SELECT' => $select_userlist) - ); - - $userban_count = 0; - $ipban_count = 0; - $emailban_count = 0; - - $sql = "SELECT b.ban_id, u.user_id, u.username - FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u - WHERE u.user_id = b.ban_userid - AND b.ban_userid <> 0 - AND u.user_id <> " . ANONYMOUS . " - ORDER BY u.user_id ASC"; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select current user_id ban list', '', __LINE__, __FILE__, $sql); - } - - $user_list = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); - - $select_userlist = ''; - for($i = 0; $i < count($user_list); $i++) - { - $select_userlist .= ''; - $userban_count++; - } - - if( $select_userlist == '' ) - { - $select_userlist = ''; - } - - $select_userlist = ''; - - $sql = "SELECT ban_id, ban_ip, ban_email - FROM " . BANLIST_TABLE; - if ( !($result = $db->sql_query($sql)) ) - { - message_die(GENERAL_ERROR, 'Could not select current ip ban list', '', __LINE__, __FILE__, $sql); - } - - $banlist = $db->sql_fetchrowset($result); - $db->sql_freeresult($result); - - $select_iplist = ''; - $select_emaillist = ''; - - for($i = 0; $i < count($banlist); $i++) - { - $ban_id = $banlist[$i]['ban_id']; - - if ( !empty($banlist[$i]['ban_ip']) ) - { - $ban_ip = str_replace('256', '*', $banlist[$i]['ban_ip']); - $select_iplist .= ''; - $ipban_count++; - } - else if ( !empty($banlist[$i]['ban_email']) ) - { - $ban_email = $banlist[$i]['ban_email']; - $select_emaillist .= ''; - $emailban_count++; - } - } - - if ( $select_iplist == '' ) - { - $select_iplist = ''; - } - - if ( $select_emaillist == '' ) - { - $select_emaillist = ''; - } - - $select_iplist = ''; - $select_emaillist = ''; - - $template->assign_vars(array( - 'L_UNBAN_USER' => $lang['Unban_username'], - 'L_UNBAN_USER_EXPLAIN' => $lang['Unban_username_explain'], - 'L_UNBAN_IP' => $lang['Unban_IP'], - 'L_UNBAN_IP_EXPLAIN' => $lang['Unban_IP_explain'], - 'L_UNBAN_EMAIL' => $lang['Unban_email'], - 'L_UNBAN_EMAIL_EXPLAIN' => $lang['Unban_email_explain'], - - 'S_UNBAN_USERLIST_SELECT' => $select_userlist, - 'S_UNBAN_IPLIST_SELECT' => $select_iplist, - 'S_UNBAN_EMAILLIST_SELECT' => $select_emaillist, - 'S_BAN_ACTION' => append_sid("admin_user_ban.$phpEx")) - ); -} - -$template->pparse('body'); - -include('page_footer_admin.'.$phpEx); - -?> \ No newline at end of file -- cgit v1.2.1