From a4ce03f454658585e44a8bfed997abb9c9bcf1be Mon Sep 17 00:00:00 2001 From: SteveD Date: Fri, 15 Feb 2013 21:15:35 +0000 Subject: [PATCH] Start addressing the changes needed - still need to handle xml default prefs, some of the new directory names..... --- e107_web/utilities/resetcore.php | 746 ++++++++++++++++--------------- 1 file changed, 397 insertions(+), 349 deletions(-) diff --git a/e107_web/utilities/resetcore.php b/e107_web/utilities/resetcore.php index b5082d992..431d59e66 100644 --- a/e107_web/utilities/resetcore.php +++ b/e107_web/utilities/resetcore.php @@ -1,350 +1,398 @@ - - - -e107 resetcore - - - - - -
-Logo e107 Reset Core Utility -
-
-
-
-Currently disabled. To enable please open this file in a text editor and follow the instructions to activate."; - exit; -} - -if (isset($_POST['usubmit'])) { - if (($row = e_verify()) !== FALSE) { - extract($row); - - $result = mysql_query("SELECT * FROM ".$mySQLprefix."core WHERE e107_name='pref_backup' "); - $bu_exist = ($row = mysql_fetch_array($result) ? TRUE : FALSE); - - $admin_directory = "e107_admin"; - -// Manually edit core values
- - echo "Please select which method you want to use, then click the button to proceed ...



- - - - -
-
- Reset core to default values
". ($bu_exist ? " Restore core backup" : "
( There is no backed-up core - unable to offer option to restore backup )")."

- - - - -
-
- "; - - $END = TRUE; - } else { - $message = "Administrator not found in database / incorrect password / insufficient permissions - aborting.
"; - $END = TRUE; - } -} - - -if (isset($_POST['reset_core_sub']) && $_POST['mode'] == 2) -{ - if (($at = e_verify()) === FALSE) { - exit; - } - - $tmpr = substr(str_replace($_SERVER['DOCUMENT_ROOT'], "", $_SERVER['SCRIPT_FILENAME']), 1); - $root = "/".substr($tmpr, 0, strpos($tmpr, "/"))."/"; - $e_HTTP = $root; - $admin_directory = "e107_admin"; - $url_prefix = substr($_SERVER['PHP_SELF'], strlen($e_HTTP), strrpos($_SERVER['PHP_SELF'], "/")+1-strlen($e_HTTP)); - $num_levels = substr_count($url_prefix, "/"); - $link_prefix = ''; - for($i = 1; $i <= $num_levels; $i++) { - $link_prefix .= "../"; - } - - define("e_ADMIN", $e_HTTP.$admin_directory."/"); - define("e_SELF", "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']); - define("e_QUERY", preg_replace("#&|/?PHPSESSID.*#i", "", $_SERVER['QUERY_STRING'])); - define('e_BASE', $link_prefix); - $e_path = (!strpos($_SERVER['SCRIPT_FILENAME'], ".php") ? $_SERVER['PATH_TRANSLATED'] : $_SERVER['SCRIPT_FILENAME']); - define("e_PATH", $e_path); - - - $pref_language = "English"; - include_once("../../".$LANGUAGES_DIRECTORY."English/lan_prefs.php"); - require_once("../../".$FILES_DIRECTORY."def_e107_prefs.php"); - - $PrefOutput = $eArrayStorage->WriteArray($pref); - - mysql_query("DELETE FROM ".$mySQLprefix."core WHERE e107_name='SitePrefs' OR e107_name='SitePrefs_Backup'"); - if (!mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs', '{$PrefOutput}')")) { - $message = "Rebuild failed ..."; - $END = TRUE; - } else { - mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs_Backup', '{$PrefOutput}')"); - $message = "Core reset.

Click here to continue"; - $END = TRUE; - } -} - -function recurse_pref($ppost) { - $search = array("\"", "'", "\\", '\"', "\'", "$", "?"); - $replace = array(""", "'", "\", """, "'", "$", "©"); - foreach ($ppost as $key => $value) { - if(!is_array($value)){ - $ret[$key] = str_replace($search, $replace, $text); - } else { - $ret[$key] = recurse_pref($value); - } - } - return $ret; -} - -if (isset($_POST['coreedit_sub'])) -{ - if (($at = e_verify()) === FALSE) { - exit; - } - - $pref = recurse_pref($_POST); - - $PrefOutput = $eArrayStorage->WriteArray($pref); - - mysql_query("DELETE FROM ".$mySQLprefix."core WHERE e107_name='SitePrefs' OR e107_name='SitePrefs_Backup'"); - mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs', '{$PrefOutput}')"); - mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs_Backup', '{$PrefOutput}')"); - - $message = "Core settings successfully updated.

Click here to continue"; - $END = TRUE; -} - -if (isset($_POST['reset_core_sub']) && $_POST['mode'] == 3) { - if (($at = e_verify()) === FALSE) { - exit; - } - - $result = mysql_query("SELECT * FROM ".$mySQLprefix."core WHERE e107_name='pref_backup'"); - $row = mysql_fetch_array($result); - - $pref = unserialize(base64_decode($row['e107_value'])); - - $PrefOutput = $eArrayStorage->WriteArray($pref); - - mysql_query("DELETE FROM ".$mySQLprefix."core WHERE `e107_name` = 'SitePrefs' OR `e107_name` = 'SitePrefs_Backup'"); - mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs', '{$PrefOutput}')"); - mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs_Backup', '{$PrefOutput}')"); - - $message = "Core backup successfully restored.

Click here to continue"; - $END = TRUE; -} - - -if (isset($_POST['reset_core_sub']) && $_POST['mode'] == 1) -{ - if (($at = e_verify()) === FALSE) { - exit; - } - - $result = @mysql_query("SELECT * FROM ".$mySQLprefix."core WHERE e107_name='SitePrefs'"); - $row = @mysql_fetch_array($result); - - $pref = $eArrayStorage->ReadArray($row['e107_value']); - - echo " - Edit your individual core items and click the button to save - use this script with caution.

-
- \n"; - - while (list($key, $prefr) = each($pref)) { - if (is_array($prefr)) { - foreach ($prefr as $akey => $apref) { - echo " - \n"; - - } - } else { - echo " - \n"; - } - } - echo " - - - -
{$key}[{$akey}]  
{$key}  

- - -
"; - $END = TRUE; -} - -if (isset($message)) { - echo "

{$message}

"; -} - -if (isset($END)) { - echo "
"; - exit; -} - -echo " - This is the e107 resetcore utility. It allows you to completely rebuild your core if it becomes corrupt, or to restore a backup.
It won't affect your actual content (news posts, forum posts, articles etc).
- Only run this utility if your site is failing to load due to a critical core error, or if you need to change a setting and can't log into your admin area.



- - Please enter your main administrator username and password to continue ...

-
- - - - - - - - - - - - -
Main administrator name: - -
Main administrator Password: - -
-
- -
-
- - - "; - -function e_verify() { - global $mySQLprefix; - if (ACTIVE !== TRUE) { - exit; - } - if (MAGIC_QUOTES_GPC == FALSE) { - $a_name = addslashes($_POST['a_name']); - } - else - { - $a_name = $_POST['a_name']; - } - - $a_name = str_replace('/*', '', $a_name); - - $result = mysql_query("SELECT * FROM ".$mySQLprefix."user WHERE user_name='".$a_name."'"); - $row = mysql_fetch_array($result); - - if (($row['user_password'] === md5($_POST['a_password'])) && ($row['user_perms'] === '0') && (ACTIVE === TRUE)) { - clear_cache(); - return $row; - } else { - return FALSE; - } -} - -function clear_cache() { - // $dir = "../cache/"; - $dir = e_CACHE; - $pattern = "*.cache.php"; - $deleted = false; - $pattern = str_replace(array("\*", "\?"), array(".*", "."), preg_quote($pattern)); - if (substr($dir, -1) != "/") { - $dir .= "/"; - } - if (is_dir($dir)) { - $d = opendir($dir); - while ($file = readdir($d)) { - if (is_file($dir.$file) && preg_match("/^{$pattern}$/", $file)) { - if (unlink($dir.$file)) { - $deleted[] = $file; - } - } - } - closedir($d); - return true; - } else { - return false; - } -} - +Currently disabled. To enable please open this file in a text editor and follow the instructions to activate."; + exit; +} + +$register_globals = true; +if(function_exists('ini_get')) +{ + $register_globals = ini_get('register_globals'); +} +if($register_globals == true) +{ + while (list($global) = each($GLOBALS)) + { + if (!preg_match('/^(_POST|_GET|_COOKIE|_SERVER|_FILES|GLOBALS|HTTP.*|_REQUEST|eTimingStart)$/', $global)) + { + unset($$global); + } + } + unset($global); +} + + +// build e_CACHE and other constants from e107_config.php - resetcore.php is a stand alone page +$siteRoot = realpath(dirname(__FILE__).'./../../').'/'; +require_once($siteRoot.'e107_config.php'); +if (!isset($mySQLdefaultdb)) return FALSE; +if (!isset($mySQLprefix)) return FALSE; + +$hash = substr(md5($mySQLdefaultdb.".".$mySQLprefix),0,10); + + +mysql_connect($mySQLserver, $mySQLuser, $mySQLpassword); +mysql_select_db($mySQLdefaultdb); +define("MAGIC_QUOTES_GPC", (ini_get('magic_quotes_gpc') ? TRUE : FALSE)); + +define('e_CACHE', $siteRoot.$SYSTEM_DIRECTORY.$hash.'/cache/'); +define('e_CORE', $siteRoot.'core/'); // @TODO: Allow for override + +define('e107_INIT', TRUE); + + +require_once('../../'.$HANDLERS_DIRECTORY.'arraystorage_class.php'); +$eArrayStorage = new ArrayData(); + +?> + + +e107 resetcore + + + + + +
+Logo e107 Reset Core Utility +
+
+
+
+ Manually edit core values
+ + echo "Please select which method you want to use, then click the button to proceed ...



+ + + + +
+ + Reset core to default values
". ($bu_exist ? " Restore core backup" : "
( There is no backed-up core - unable to offer option to restore backup )")."

+ + + + + +
+ "; + + $END = TRUE; + } else { + $message = "Administrator not found in database / incorrect password / insufficient permissions - aborting.
"; + $END = TRUE; + } +} + + +if (isset($_POST['reset_core_sub']) && $_POST['mode'] == 2) +{ + if (($at = e_verify()) === FALSE) + { + exit; + } + + $tmpr = substr(str_replace($_SERVER['DOCUMENT_ROOT'], "", $_SERVER['SCRIPT_FILENAME']), 1); + $root = "/".substr($tmpr, 0, strpos($tmpr, "/"))."/"; + $e_HTTP = $root; + $admin_directory = "e107_admin"; + $url_prefix = substr($_SERVER['PHP_SELF'], strlen($e_HTTP), strrpos($_SERVER['PHP_SELF'], "/")+1-strlen($e_HTTP)); + $num_levels = substr_count($url_prefix, "/"); + $link_prefix = ''; + for($i = 1; $i <= $num_levels; $i++) { + $link_prefix .= "../"; + } + + define("e_ADMIN", $e_HTTP.$admin_directory."/"); + define("e_SELF", "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']); + define("e_QUERY", preg_replace("#&|/?PHPSESSID.*#i", "", $_SERVER['QUERY_STRING'])); + define('e_BASE', $link_prefix); + $e_path = (!strpos($_SERVER['SCRIPT_FILENAME'], ".php") ? $_SERVER['PATH_TRANSLATED'] : $_SERVER['SCRIPT_FILENAME']); + define("e_PATH", $e_path); + + + $pref_language = "English"; + include_once("../../".$LANGUAGES_DIRECTORY.'English/lan_prefs.php'); + require_once(e_CORE.'def_e107_prefs.php'); + + $PrefOutput = $eArrayStorage->WriteArray($pref); + + mysql_query("DELETE FROM ".$mySQLprefix."core WHERE e107_name='SitePrefs' OR e107_name='SitePrefs_Backup'"); + if (!mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs', '{$PrefOutput}')")) + { + $message = "Rebuild failed ..."; + $END = TRUE; + } + else + { + mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs_Backup', '{$PrefOutput}')"); + $message = "Core reset.

Click here to continue"; + $END = TRUE; + } +} + + + +function recurse_pref($ppost) +{ + $search = array("\"", "'", "\\", '\"', "\'", "$", "?"); + $replace = array(""", "'", "\", """, "'", "$", "©"); + foreach ($ppost as $key => $value) { + if(!is_array($value)){ + $ret[$key] = str_replace($search, $replace, $text); + } else { + $ret[$key] = recurse_pref($value); + } + } + return $ret; +} + +if (isset($_POST['coreedit_sub'])) +{ + if (($at = e_verify()) === FALSE) { + exit; + } + + $pref = recurse_pref($_POST); + + $PrefOutput = $eArrayStorage->WriteArray($pref); + + mysql_query("DELETE FROM ".$mySQLprefix."core WHERE e107_name='SitePrefs' OR e107_name='SitePrefs_Backup'"); + mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs', '{$PrefOutput}')"); + mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs_Backup', '{$PrefOutput}')"); + + $message = "Core settings successfully updated.

Click here to continue"; + $END = TRUE; +} + +if (isset($_POST['reset_core_sub']) && $_POST['mode'] == 3) { + if (($at = e_verify()) === FALSE) { + exit; + } + + $result = mysql_query("SELECT * FROM ".$mySQLprefix."core WHERE e107_name='pref_backup'"); + $row = mysql_fetch_array($result); + + $pref = unserialize(base64_decode($row['e107_value'])); + + $PrefOutput = $eArrayStorage->WriteArray($pref); + + mysql_query("DELETE FROM ".$mySQLprefix."core WHERE `e107_name` = 'SitePrefs' OR `e107_name` = 'SitePrefs_Backup'"); + mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs', '{$PrefOutput}')"); + mysql_query("INSERT INTO ".$mySQLprefix."core VALUES ('SitePrefs_Backup', '{$PrefOutput}')"); + + $message = "Core backup successfully restored.

Click here to continue"; + $END = TRUE; +} + + +if (isset($_POST['reset_core_sub']) && $_POST['mode'] == 1) +{ + if (($at = e_verify()) === FALSE) { + exit; + } + + $result = @mysql_query("SELECT * FROM ".$mySQLprefix."core WHERE e107_name='SitePrefs'"); + $row = @mysql_fetch_array($result); + + $pref = $eArrayStorage->ReadArray($row['e107_value']); + + echo " + Edit your individual core items and click the button to save - use this script with caution.

+
+ \n"; + + while (list($key, $prefr) = each($pref)) { + if (is_array($prefr)) { + foreach ($prefr as $akey => $apref) { + echo " + \n"; + + } + } else { + echo " + \n"; + } + } + echo " + + + +
{$key}[{$akey}]  
{$key}  

+ + +
"; + $END = TRUE; +} + +if (isset($message)) { + echo "

{$message}

"; +} + +if (isset($END)) { + echo "
"; + exit; +} + +echo " + This is the e107 resetcore utility. It allows you to completely rebuild your core if it becomes corrupt, or to restore a backup.
It won't affect your actual content (news posts, forum posts, articles etc).
+ Only run this utility if your site is failing to load due to a critical core error, or if you need to change a setting and can't log into your admin area.



+ + Please enter your main administrator username and password to continue ...

+
+ + + + + + + + + + + + +
Main administrator name: + +
Main administrator Password: + +
+
+ +
+
+ + + "; + + +/** + * Verify main admin data + */ +function e_verify() { + global $mySQLprefix; + if (ACTIVE !== TRUE) + { + exit(); + } + if (MAGIC_QUOTES_GPC == FALSE) + { + $a_name = addslashes($_POST['a_name']); + } + else + { + $a_name = $_POST['a_name']; + } + + $a_name = str_replace('/*', '', $a_name); + + $result = mysql_query("SELECT * FROM ".$mySQLprefix."user WHERE user_name='".$a_name."'"); + $row = mysql_fetch_array($result); + + // @TODO: Will need to handle other password encodings as well + if (($row['user_password'] === md5($_POST['a_password'])) && ($row['user_perms'] === '0') && (ACTIVE === TRUE)) + { + clear_cache(); + return $row; + } + else + { + return FALSE; + } +} + + + + +/** + * Clear all cache files + */ +function clear_cache() +{ + // $dir = "../cache/"; + $dir = e_CACHE; + $pattern = "*.cache.php"; + $deleted = false; + $pattern = str_replace(array("\*", "\?"), array(".*", "."), preg_quote($pattern)); + if (substr($dir, -1) != "/") { + $dir .= "/"; + } + if (is_dir($dir)) { + $d = opendir($dir); + while ($file = readdir($d)) { + if (is_file($dir.$file) && preg_match("/^{$pattern}$/", $file)) { + if (unlink($dir.$file)) { + $deleted[] = $file; + } + } + } + closedir($d); + return true; + } else { + return false; + } +} + ?> \ No newline at end of file