PageRenderTime 46ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/concrete/core/controllers/single_pages/dashboard/system/backup_restore/backup.php

https://bitbucket.org/selfeky/xclusivescardwebsite
PHP | 133 lines | 114 code | 15 blank | 4 comment | 23 complexity | 9e3bd654e09dd3c553eac55619e3b541 MD5 | raw file
    

  1. <?php  
    2. 

  2. defined('C5_EXECUTE') or die("Access Denied.");
    3. 

  3. Loader::library('backup');
    4. 

  4. class Concrete5_Controller_Dashboard_System_BackupRestore_Backup extends DashboardBaseController { 	 
    5. 

  5. 

  6.    public function on_start() {
    7. 

  7.       $this->addHeaderItem(Loader::helper('html')->javascript('jquery.cookie.js'));
    8. 

  8. 	 parent::on_start();
    9. 

  9.    } 
    10. 

  10. 

  11. 

  12. 	public function run_backup() {
    13. 

  13. 	  $encrypt = $this->post('useEncryption');
    14. 

  14. 	  $tp = new TaskPermission();
    15. 

  15.   	  if ($tp->canBackup()) {		
    16. 

  16.           $encrypt = (bool) $encrypt;
    17. 

  17.           try {
    18. 

  18. 	          $backup = Backup::execute($encrypt);   
    19. 

  19.  			} catch(Exception $e) {
    20. 

  20.  				$this->set('error', $e);
    21. 

  21.  			}
    22. 

  22.  			$this->view();
    23. 

  23. 		}
    24. 

  24. 	}
    25. 

  25. 

  26. 	public function view() {
    27. 

  27. 		$tp = new TaskPermission();
    28. 

  28. 		if ($tp->canBackup()) {		
    29. 

  29. 			$fh = Loader::helper('file');
    30. 

  30. 			$arr_bckups = @$fh->getDirectoryContents(DIR_FILES_BACKUPS);
    31. 

  31. 			$arr_backupfileinfo = Array();
    32. 

  32. 			if (count($arr_bckups) > 0) {
    33. 

  33. 			 foreach ($arr_bckups as $bkupfile) {
    34. 

  34. 			 	// This will ignore files that do not match the created backup pattern of including a timestamp in the filename
    35. 

  35. 				if (preg_match("/_([\d]{10,})/", $bkupfile, $timestamp)){
    36. 

  36. 					$arr_backupfileinfo[] = Array("file" => $bkupfile,  "date" =>  date("Y-m-d H:i:s",$timestamp[1]));
    37. 

  37. 				}
    38. 

  38. 			 }
    39. 

  39. 			 $this->set('backups',$arr_backupfileinfo);
    40. 

  40. 			}
    41. 

  41. 		
    42. 

  42. 		}
    43. 

  43. 	}
    44. 

  44. 	
    45. 

  45. 	public function download($file) {
    46. 

  46. 		$tp = new TaskPermission();
    47. 

  47. 		  if (!$tp->canBackup()) {
    48. 

  48. 			return false;
    49. 

  49. 		}
    50. 

  50. 		
    51. 

  51. 		if (file_exists(DIR_FILES_BACKUPS . '/'. $file)) {
    52. 

  52. 			chmod(DIR_FILES_BACKUPS . '/'. $file, 0666);
    53. 

  53. 			if (file_exists(DIR_FILES_BACKUPS . '/' . $file)) {
    54. 

  54. 				$f = Loader::helper('file');
    55. 

  55. 				$f->forceDownload(DIR_FILES_BACKUPS . '/' . $file);
    56. 

  56. 				exit;
    57. 

  57. 			}
    58. 

  58. 			chmod(DIR_FILES_BACKUPS . '/'. $file, 000);
    59. 

  59. 		} else {
    60. 

  60. 			$this->set('error', array(t('Unable to locate file %s', DIR_FILES_BACKUPS . '/' . $file)));
    61. 

  61. 			$this->view();
    62. 

  62. 		}
    63. 

  63. 	}
    64. 

  64. 	
    65. 

  65. 	public function delete_backup() {
    66. 

  66. 		$tp = new TaskPermission();
    67. 

  67. 		  if (!$tp->canBackup()) {
    68. 

  68. 			return false;
    69. 

  69. 		}
    70. 

  70. 		$str_fname = $this->post('backup_file');
    71. 

  71. 	  //For Security reasons...  allow only known characters in the string e.g no / \ so you can't exploit this
    72. 

  72. 	  $int_mResult = preg_match('/[0-9A-Za-z._]+/',$str_fname,$ar_matches);
    73. 

  73. 	  $str_fname = $ar_matches[0];
    74. 

  74. 		if (!is_null($str_fname) && trim($str_fname) != "" && !preg_match('/\.\./',$str_fname)) {
    75. 

  75. 			$fullFilename = DIR_FILES_BACKUPS . "/$str_fname";
    76. 

  76. 			if(is_file($fullFilename)) {
    77. 

  77. 				@chmod($fullFilename, 666);
    78. 

  78. 				@unlink($fullFilename);
    79. 

  79. 				if(is_file($fullFilename)) {
    80. 

  80. 					$this->error->add(t('Error deleting the file %s. Please check the permissions of the folder %s', $str_fname, DIR_FILES_BACKUPS));
    81. 

  81. 				}
    82. 

  82. 			}
    83. 

  83. 		}
    84. 

  84. 		$this->view();
    85. 

  85. 	}
    86. 

  86. 

  87. 	public function restore_backup() {
    88. 

  88. 		set_time_limit(0);
    89. 

  89. 		$tp = new TaskPermission();
    90. 

  90. 		  if (!$tp->canBackup()) {
    91. 

  91. 			return false;
    92. 

  92. 		}
    93. 

  93. 

  94. 		$file = basename(realpath(DIR_FILES_BACKUPS . '/' . $this->post('backup_file')));
    95. 

  95. 		$fh = Loader::helper('file');
    96. 

  96. 		
    97. 

  97. 		$db = Loader::db(); 
    98. 

  98. 		if (!file_exists(DIR_FILES_BACKUPS . '/'. $file)) {
    99. 

  99. 			throw new Exception(t('Invalid backup file specified.'));
    100. 

  100. 		}
    101. 

  101. 		chmod(DIR_FILES_BACKUPS . '/'. $file, 0666);
    102. 

  102. 		$str_restSql = $fh->getContents(DIR_FILES_BACKUPS . '/' . $file);
    103. 

  103. 		//$str_restSql = file_get_contents(DIR_FILES_BACKUPS . '/' . $file);
    104. 

  104. 		if (!$str_restSql) {
    105. 

  105. 			$this->set("error",array("There was an error trying to restore the database. This file was empty."));
    106. 

  106. 			$this->view();
    107. 

  107. 			return false;
    108. 

  108. 		}
    109. 

  109. 		$crypt = Loader::helper('encryption');
    110. 

  110. 		if ( !preg_match('/INSERT/m',$str_restSql) && !preg_match('/CREATE/m',$str_restSql) ) {	
    111. 

  111. 			$str_restSql = $crypt->decrypt($str_restSql);
    112. 

  112. 		}
    113. 

  113. 		$arr_sqlStmts = explode("\n\n",$str_restSql);
    114. 

  114. 

  115. 		foreach ($arr_sqlStmts as $str_stmt) {
    116. 

  116. 			if (trim($str_stmt) != "") { 
    117. 

  117. 				$res_restoration = $db->execute($str_stmt);
    118. 

  118. 				if (!$res_restoration) { 
    119. 

  119. 					$this->set("error",array("There was an error trying to restore the database. In query $str_stmt"));
    120. 

  120. 					return;
    121. 

  121. 				}
    122. 

  122. 			}		
    123. 

  123. 		}
    124. 

  124. 		
    125. 

  125. 		$this->set("message","Restoration Sucessful");
    126. 

  126. 	
    127. 

  127. 		//reset perms for security! 
    128. 

  128. 		chmod(DIR_FILES_BACKUPS . '/'. $file, 000);
    129. 

  129. 		Cache::flush();
    130. 

  130. 		$this->view();
    131. 

  131. 	}
    132. 

  132. 	  
    133. 

  133. }
    134. 

  134.