tools_list.php

Go to the documentation of this file.
00001 <?php
00002 
00009 class Tools_List extends oxAdminList
00010 {
00015     protected $_sThisTemplate = 'tools_list.tpl';
00016 
00022     public function performsql()
00023     {
00024         $oAuthUser = oxUser::getAdminUser();
00025         if ( $oAuthUser->oxuser__oxrights->value != "malladmin" )
00026             return;
00027 
00028         $sUpdateSQL = oxConfig::getParameter("updatesql");
00029         $sUpdateSQLFile = $this->_processFiles();
00030 
00031         if ( $sUpdateSQLFile && strlen( $sUpdateSQLFile)>0) {
00032             if ( isset( $sUpdateSQL) && strlen( $sUpdateSQL))
00033                 $sUpdateSQL .= ";\r\n".$sUpdateSQLFile;
00034             else
00035                 $sUpdateSQL  = $sUpdateSQLFile;
00036         }
00037 
00038         $sUpdateSQL = trim(stripslashes($sUpdateSQL));
00039         $iLen = strlen($sUpdateSQL);
00040         if ( $this->_prepareSQL(trim(stripslashes($sUpdateSQL)), $iLen)) {
00041             $aQueries = $this->aSQLs;
00042             $this->_aViewData["aQueries"] = array();
00043             $aPassedQueries  = array();
00044             $aQAffectedRows  = array();
00045             $aQErrorMessages = array();
00046             $aQErrorNumbers  = array();
00047 
00048             if ( count( $aQueries) > 0) {
00049                 $oDB = oxDb::getDb();
00050                 $iQueriesCounter = 0;
00051                 for ($i=0;$i<count( $aQueries);$i++) {
00052                     $sUpdateSQL = $aQueries[$i];
00053                     $sUpdateSQL = trim( $sUpdateSQL);
00054 
00055                     if ( strlen( $sUpdateSQL)>0) {
00056                         $aPassedQueries[$iQueriesCounter] = nl2br( htmlentities($sUpdateSQL));
00057                         if ( strlen( $aPassedQueries[$iQueriesCounter]) > 200)
00058                             $aPassedQueries[$iQueriesCounter] = substr( $aPassedQueries[$iQueriesCounter], 0, 200)."...";
00059 
00060                         while ( $sUpdateSQL[ strlen( $sUpdateSQL)-1] == ";") {
00061                             $sUpdateSQL = substr( $sUpdateSQL, 0, ( strlen( $sUpdateSQL)-1));
00062                         }
00063 
00064                         $oDB->execute( $sUpdateSQL);
00065 
00066                         $aQAffectedRows [$iQueriesCounter] = null;
00067                         $aQErrorMessages[$iQueriesCounter] = null;
00068                         $aQErrorNumbers [$iQueriesCounter] = null;
00069                         if ( $iAffectedRows = $oDB->affected_Rows() !== false) {
00070                             $aQAffectedRows[$iQueriesCounter] =  $iAffectedRows;
00071                         } else {
00072                             $aQErrorMessages[$iQueriesCounter] = htmlentities($oDB->errorMsg());
00073                             $aQErrorNumbers[$iQueriesCounter]  = htmlentities($oDB->errorNo());
00074                         }
00075                         $iQueriesCounter++;
00076                     }
00077                 }
00078             }
00079             $this->_aViewData["aQueries"]       = $aPassedQueries;
00080             $this->_aViewData["aAffectedRows"]  = $aQAffectedRows;
00081             $this->_aViewData["aErrorMessages"] = $aQErrorMessages;
00082             $this->_aViewData["aErrorNumbers"]  = $aQErrorNumbers;
00083         }
00084         $this->_iDefEdit = 1;
00085     }
00086 
00091     protected function _processFiles()
00092     {
00093         if ( isset( $_FILES['myfile']['name'])) {
00094             // process all files
00095             while (list($key, $value) = each($_FILES['myfile']['name'])) {
00096                 $aSource = $_FILES['myfile']['tmp_name'];
00097                 $sSource = $aSource[$key];
00098                 $aFiletype = explode( "@", $key);
00099                 $key    = $aFiletype[1];
00100                 $sType  = $aFiletype[0];
00101                 $value = strtolower( $value);
00102                 // add type to name
00103                 $aFilename = explode( ".", $value);
00104 
00105                 //hack?
00106 
00107                 $aBadFiles = array("php", "jsp", "cgi", "cmf", "exe");
00108 
00109                 if (in_array($aFilename[1], $aBadFiles))
00110                     die("We don't play this game, go away");
00111 
00112                 //reading SQL dump file
00113                 if ( $sSource) {
00114                     $rHandle   = fopen( $sSource, "r");
00115                     $sContents = fread( $rHandle, filesize ( $sSource));
00116                     fclose( $rHandle);
00117                     //reading only one SQL dump file
00118                     return $sContents;
00119                 }
00120                 return;
00121             }
00122         }
00123         return;
00124     }
00125 
00131     public function doimport()
00132     {
00133         $myConfig = $this->getConfig();
00134         $sFilepath = oxConfig::getParameter( "filepath");
00135         oxSession::setVar( "filepath", $sFilepath);
00136 
00137         $iStart = oxConfig::getParameter( "iStart");
00138         if ( !isset( $iStart))
00139             $iStart = 0;
00140 
00141         $oImex = oxNew( "oximex" );
00142 
00143         if ( !$oImex->import( $iStart, $myConfig->getConfigParam( 'iImportNrofLines' ), $sFilepath)) {
00144             oxSession::deleteVar( "imex_fnc");
00145             oxSession::deleteVar( "rStart");
00146             oxSession::deleteVar( "rparam");
00147             oxSession::deleteVar( "filepath");
00148             oxSession::deleteVar( "atables");
00149             oxSession::setVar( "finished", 2);
00150         } else {
00151              // continue
00152             $iStart += $myConfig->getConfigParam( 'iImportNrofLines' );
00153             oxSession::setVar( "rStart", $iStart);
00154             oxSession::setVar( "imex_fnc", "doimport");
00155         }
00156     }
00157 
00166     protected function _prepareSQL($sSQL, $iSQLlen)
00167     {
00168         $sChar = "";
00169         $sStrStart = "";
00170         $blString  = false;
00171 
00172         //removing "mysqldump" application comments
00173         while ( preg_match("/^\-\-.*\n/", $sSQL))
00174             $sSQL = trim(preg_replace("/^\-\-.*\n/", "", $sSQL));
00175         while ( preg_match("/\n\-\-.*\n/", $sSQL))
00176             $sSQL = trim(preg_replace("/\n\-\-.*\n/", "\n", $sSQL));
00177 
00178         for ( $iPos = 0; $iPos < $iSQLlen; ++$iPos) {
00179             $sChar = $sSQL[$iPos];
00180             if ( $blString) {
00181                 while ( true) {
00182                     $iPos = strpos( $sSQL, $sStrStart, $iPos);
00183                     //we are at the end of string ?
00184                     if (!$iPos) {
00185                         $this->aSQLs[] = $sSQL;
00186                         return true;
00187                     } elseif ( $sStrStart == '`' || $sSQL[$iPos-1] != '\\') { //found some query separators
00188                         $blString  = false;
00189                         $sStrStart = "";
00190                         break;
00191                     } else {
00192                         $iNext = 2;
00193                         $blBackslash = false;
00194                         while ( $iPos-$iNext > 0 && $sSQL[$iPos-$iNext] == '\\') {
00195                             $blBackslash = !$blBackslash;
00196                             $iNext++;
00197                         }
00198                         if ( $blBackslash) {
00199                             $blString  = false;
00200                             $sStrStart = "";
00201                             break;
00202                         } else
00203                             $iPos++;
00204                     }
00205                 }
00206             } elseif ( $sChar == ";") { // delimiter found, appending query array
00207                 $this->aSQLs[] = substr( $sSQL, 0, $iPos);
00208                 $sSQL = ltrim( substr( $sSQL, min( $iPos + 1, $iSQLlen)));
00209                 $iSQLlen = strlen( $sSQL);
00210                 if ( $iSQLlen)
00211                     $iPos      = -1;
00212                 else
00213                     return true;
00214             } elseif ( ( $sChar == '"') || ( $sChar == '\'') || ( $sChar == '`')) {
00215                 $blString  = true;
00216                 $sStrStart = $sChar;
00217             } elseif ( $sChar == "#" || ( $sChar == ' ' && $iPos > 1 && $sSQL[$iPos-2] . $sSQL[$iPos-1] == '--')) {  // removing # commented query code
00218                 $iCommStart = (( $sSQL[$iPos] == "#") ? $iPos : $iPos-2);
00219                 $iCommEnd = (strpos(' ' . $sSQL, "\012", $iPos+2))
00220                            ? strpos(' ' . $sSQL, "\012", $iPos+2)
00221                            : strpos(' ' . $sSQL, "\015", $iPos+2);
00222                 if ( !$iCommEnd) {
00223                     if ( $iCommStart > 0)
00224                         $this->aSQLs[] = trim(substr($sSQL, 0, $iCommStart));
00225                     return true;
00226                 } else {
00227                     $sSQL = substr($sSQL, 0, $iCommStart).ltrim(substr($sSQL, $iCommEnd));
00228                     $iSQLlen = strlen($sSQL);
00229                     $iPos--;
00230                 }
00231             } elseif ( 32358 < 32270 && ($sChar == '!' && $iPos > 1  && $sSQL[$iPos-2] . $sSQL[$iPos-1] == '/*'))  // removing comments like /**/
00232                 $sSQL[$iPos] = ' ';
00233         }
00234 
00235         if (!empty($sSQL) && ereg("[^[:space:]]+", $sSQL)) {
00236             $this->aSQLs[] = $sSQL;
00237         }
00238         return true;
00239     }
00240 }
Generated on Thu Dec 4 12:04:56 2008 for OXID eShop CE by  doxygen 1.5.5