www.gusucode.com > 网猫影视系统NetMao Movie 4.6.6 开源版源码程序 > upload/admin/part6.inc.php
<?php
/*
*######################################
* Netmao Movie 4.x - NetMao Movie System
* Copyright (c) 2007-2008 NetMao.cn
* For further information go to http://www.netmao.cn/
* This copyright notice must stay intact for use.
*######################################
*/
if(!defined('IN_NetMao') || !isset($PHP_SELF) || !preg_match("/[\/\\\\]nmadmin\.php$/", $PHP_SELF)) exit('Access Denied');
switch($action){
case 'database_export':
if(!$exportsubmit){
$sqlcharsets = "<input class=\"radio\" type=\"radio\" name=\"sqlcharset\" value=\"\" checked>".$cplang['default'].
($dbcharset ? " <input class=\"radio\" type=\"radio\" name=\"sqlcharset\" value=\"$dbcharset\"> ".strtoupper($dbcharset) : '').
($db->version() > '4.1' && $dbcharset != 'utf8' ? " <input class=\"radio\" type=\"radio\" name=\"sqlcharset\" value='utf8'> UTF-8</option>" : '');
$tables = $tablelist = '';
$query = $db->query("SHOW TABLE STATUS LIKE '$tablepre%'");
while($tab = $db->fetch_array($query)) {
$tabs[] = $tab[Name];
}
nmcptpl('database');
}else{
if(!$filename || preg_match("/(\.)(exe|jsp|asp|aspx|cgi|fcgi|pl)(\.|$)/i", $filename)) {
nmsg('database_export_filename_invalid','','back');
}
$method = 'multivol';
$time = gmdate("Y-n-j H:i", $timestamp + 8 * 3600);
if($type == 'netmao') {
$query = $db->query("SHOW TABLE STATUS LIKE '$tablepre%'");
while($table = $db->fetch_array($query)) {
$tables[] = $table[Name];
}
} elseif($type == 'custom') {
$tables = array();
if(empty($setup)) {
$query = $db->query("SELECT value FROM {$tablepre}settings WHERE variable='custombackup'");
if($tables = $db->fetch_array($query)) {
$tables = unserialize($tables['value']);
}
} else {
$customtables= empty($customtables) ? array() : $customtables;
$customtablesnew = empty($customtables)? '' : addslashes(serialize($customtables));
$db->query("REPLACE INTO {$tablepre}settings (variable, value) VALUES ('custombackup', '$customtablesnew')");
$tables = & $customtables;
}
if( !is_array($tables) || empty($tables)) {
nmsg('database_export_custom_invalid');
}
}
$volume = intval($volume) + 1;
$idstring = '# Identify: '.base64_encode("$timestamp,$version,$type,$method,$volume")."\n";
$dumpcharset = $sqlcharset ? $sqlcharset : str_replace('-', '', $GLOBALS['charset']);
$setnames = $addsetnames || ($db->version() > '4.1' && (!$sqlcompat || $sqlcompat == 'MYSQL41')) ? "SET NAMES '$dumpcharset';\n\n" : '';
if($db->version() > '4.1') {
if($sqlcharset) {
$db->query("SET NAMES '".$sqlcharset."';\n\n");
}
if($sqlcompat == 'MYSQL40') {
$db->query("SET SQL_MODE='MYSQL40'");
}
}
$sqldump = '';
$tableid = $tableid ? $tableid - 1 : 0;
$startfrom = intval($startfrom);
for($i = $tableid; $i < count($tables) && strlen($sqldump) < $sizelimit * 1000; $i++) {
$sqldump .= sqldumptable($tables[$i], $startfrom, strlen($sqldump));
$startfrom = 0;
}
$tableid = $i;
$dumpfile = substr($filename, 0, strrpos($filename, '.'))."-%s".strrchr($filename, '.');
if(trim($sqldump)) {
$sqldump = "$idstring".
"# NetMao Multi-Volume Data Dump Vol.$volume\n".
"# Version: NetMao Movie $version\n".
"# Time: $time\n".
"# Type: $type\n".
"# Table Prefix: $tablepre\n".
"#\n".
"# NetMao Home: http://www.netmao.cn\n".
"# Please visit our website for newest infomation about NetMao\n".
"# --------------------------------------------------------\n\n\n".
"$setnames".
$sqldump;
@$fp = fopen(sprintf($dumpfile, $volume), 'wb');
@flock($fp, 2);
if(@!fwrite($fp, $sqldump)) {
@fclose($fp);
nmsg('database_export_file_invalid');
} else {
nmsg('database_export_multivol_redirect', "nmadmin.php?action=database_export&type=".rawurlencode($type)."&saveto=".rawurlencode(server)."&filename=".rawurlencode($filename)."&method=multivol&sizelimit=".rawurlencode($sizelimit)."&volume=".rawurlencode($volume)."&tableid=".rawurlencode($tableid)."&startfrom=".rawurlencode($startrow)."&extendins=".rawurlencode($extendins)."&sqlcharset=".rawurlencode($sqlcharset)."&sqlcompat=".rawurlencode($sqlcompat)."&exportsubmit=yes&usehex=$usehex");
}
} else {
$volume--;
$filelist = '<ul>';
for($i = 1; $i <= $volume; $i++) {
$filename = sprintf($dumpfile, $i);
$filelist .= "<li><a href=\"$filename\">$filename\n";
}
nmsg('database_export_multivol_succeed');
}
}
break;
case 'database_import' :
if(!$importsubmit && !$deletesubmit) {
$exportlog = array();
if(is_dir(NetMao_ROOT.'./mdata')) {
$dir = dir(NetMao_ROOT.'./mdata');
while($entry = $dir->read()) {
$entry = "./mdata/$entry";
if(is_file($entry) && preg_match("/\.sql/i", $entry)) {
$filesize = filesize($entry);
$fp = fopen($entry, 'rb');
$identify = explode(',', base64_decode(preg_replace("/^# Identify:\s*(\w+).*/s", "\\1", fgets($fp, 256))));
fclose ($fp);
$exportlog[$identify[0]] = array( 'version' => $identify[1],
'type' => $identify[2],
'method' => $identify[3],
'volume' => $identify[4],
'filename' => $entry,
'size' => $filesize);
}
}
$dir->close();
} else {
cpmsg('database_export_dest_invalid');
}
krsort($exportlog);
reset($exportlog);
$exportinfo = '';
foreach($exportlog as $dateline => $info) {
$info['dateline'] = is_int($dateline) ? gmdate("Y-n-j H:i", $dateline + 8 * 3600) : $cplang[unknown];
switch($info['type']) {
case 'netmao':
$info['type'] = $cplang[database_export_full];
break;
case 'custom':
$info['type'] = $cplang[database_export_custom];
break;
}
$info['size'] = sizecount($info['size']);
$info['volume'] = $info['method'] == 'multivol' ? $info['volume'] : $cplang[unknown];
$info['method'] = $info['method'] == 'multivol' ? $cplang[database_multivol] : $cplang[unknown];
$exportinfo .= "<tr><td class=\"tablerow\"><input type=\"checkbox\" name=\"delete[]\" value=\"$info[filename]\"></td>\n".
"<td class=\"tablerow\"><a href=\"$info[filename]\">".substr(strrchr($info['filename'], "/"), 1)."</td></a>\n".
"<td class=\"tablerow\">$info[version]</td>\n".
"<td class=\"tablerow\">$info[dateline]</td>\n".
"<td class=\"tablerow\">$info[type]</td>\n".
"<td class=\"tablerow\">$info[size]</td>\n".
"<td class=\"tablerow\">$info[method]</td>\n".
"<td class=\"tablerow\">$info[volume]</td>\n".
"<td class=\"tablerow\"><a href=\"nmadmin.php?action=database_import&from=server&datafile_server=$info[filename]&importsubmit=1\"".
($info['version'] != $version ? " onclick=\"return confirm('$cplang[database_import_confirm]');\"" : '').">[$cplang[import]]</a></td>\n"; }
nmcptpl('database');
} elseif($importsubmit) {
$readerror = 0;
if($from == 'server') {
$datafile = addslashes(NetMao_ROOT).'/'.$datafile_server;
}
if(@$fp = fopen($datafile, 'rb')) {
$sqldump = fgets($fp, 256);
$identify = explode(',', base64_decode(preg_replace("/^# Identify:\s*(\w+).*/s", "\\1", $sqldump)));
$dumpinfo = array('method' => $identify[3], 'volume' => intval($identify[4]));
if($dumpinfo['method'] == 'multivol') {
$sqldump .= fread($fp, 8388607);
}
fclose($fp);
} else {
if($autoimport) {
updatecache();
nmsg('database_import_multivol_succeed');
} else {
nmsg('database_import_file_illegal');
}
}
if($dumpinfo['method'] == 'multivol') {
$sqlquery = splitsql($sqldump);
unset($sqldump);
foreach($sqlquery as $sql) {
if(trim($sql) != '') {
$db->query($sql, 'SILENT');
if(($sqlerror = $db->error()) && $db->errno() != 1062) {
$db->halt('MySQL Query Error', $sql);
}
}
}
$datafile_next = preg_replace("/-($dumpinfo[volume])(\..+)$/", "-".($dumpinfo['volume'] + 1)."\\2", $datafile_server);
if($dumpinfo['volume'] == 1) {
nmsg('database_import_multivol_prompt',"nmadmin.php?action=database_import&from=server&datafile_server=$datafile_next&autoimport=yes&importsubmit=yes",'form');
} elseif($autoimport) {
nmsg('database_import_multivol_redirect', "nmadmin.php?action=database_import&from=server&datafile_server=$datafile_next&autoimport=yes&importsubmit=yes");
} else {
nmsg('database_import_multivol_prompt');
}
}
} elseif($deletesubmit) {
if(is_array($delete)) {
foreach($delete as $filename) {
@unlink($filename);
}
nmsg('database_file_operate_succeed');
} else {
nmsg('database_file_delete_invalid','','back');
}
}
break;
case 'database_runquery' :
if(!$sqlsubmit) {
nmcptpl('database');
}else{
$sqlquery = splitsql(str_replace(' nm_', ' '.$tablepre, $queries));
foreach($sqlquery as $sql) {
if(trim($sql) != '') {
$db->query(stripslashes($sql), 'SILENT');
if($sqlerror = $db->error()) {
break;
}
}
}
updatecache();
nmsg($sqlerror ? 'database_run_query_invalid' : 'database_run_query_succeed');
}
break;
case 'database_optimize' :
$optimizetable = '';
$totalsize = 0;
if(!$optimizesubmit) {
$query = $db->query("SHOW TABLE STATUS LIKE '$tablepre%'");
while($tab = $db->fetch_array($query)) {
$tab[checked] = $tab['Type'] == 'MyISAM' || $tab['Engine'] == 'MyISAM' ? 'checked' : 'disabled';
$totalsize += $tab['Data_length'] + $tab['Index_length'];
$tabs[] = $tab;
}
nmcptpl('database');
} else {
$query = $db->query("SHOW TABLE STATUS LIKE '$tablepre%'");
while($tab = $db->fetch_array($query)) {
if(is_array($optimizetables) && in_array($tab['Name'], $optimizetables)) {
$tab[optimized] = $cplang[yes];
$db->query("OPTIMIZE TABLE $tab[Name]");
} else {
$tab[optimized] = '<b>'.$cplang[yes].'</b>';
}
$totalsize += $tab['Data_length'] + $tab['Index_length'];
$optabs[] = $tab;
}
nmcptpl('database');
}
break;
case 'database_getfields' :
$fields = '';
if($tablename){
$query = "SHOW COLUMNS FROM $tablename";
$result = $db->query($query);
while($fil = $db->fetch_array($result)){
$fields.= $fil['Field'].',';
}
$fields = substr($fields,0,-1);
}
echo $fields;
break;
case 'database_replace' :
if(!$rpsubmit) {
$query = $db->query("SHOW TABLE STATUS LIKE '$tablepre%'");
while($tab = $db->fetch_array($query)) {
$tablopt.= "<option value='$tab[Name]'>$tab[Name]</option>";
}
nmcptpl('database');
}else{
$type = isset($type) ? intval($type) : 1;
if($fromtable==''){nmsg('database_replace_table_invalid','','back');}
if($fromfield==''){nmsg('database_replace_field_invalid','','back');}
$rst = $db->query("SHOW COLUMNS FROM $fromtable");
while($p = $db->fetch_array($rst)){
if($p['Key'] == 'PRI'){ $priid = $p['Field']; break;}
}
if(!$priid){nmsg('database_replace_primary_invalid','','back');}
$condition = $condition ? 'where '.stripslashes($condition) : '';
if($type==1){
if($search==''){
nmsg('database_replace_content_invalid','','back');
}
$query = "select $fromfield,$priid from $fromtable $condition ";
$result = $db->query($query);
while($r = $db->fetch_array($result)){
$r[$fromfield] = str_replace($search,$replace,$r[$fromfield]);
$r[$fromfield] = addslashes($r[$fromfield]);
$db->query("update $fromtable set $fromfield='".$r[$fromfield]."' where $priid='".$r[$priid]."'");
}
nmsg('operate_succeed','?action=database_replace');
}elseif($type==2){
if($addstr==''){
nmsg('database_replace_prefix_invalid','','back');
}
$query = "select $fromfield,$priid from $fromtable $condition ";
$result = $db->query($query);
while($r = $db->fetch_array($result)){
$r[$fromfield] = $addstr.$r[$fromfield];
$r[$fromfield] = addslashes($r[$fromfield]);
$db->query("update $fromtable set $fromfield='".$r[$fromfield]."' where $priid='".$r[$priid]."'");
}
nmsg('operate_succeed','?action=database_replace');
}elseif($type==3){
if($addstr==''){
nmsg('database_replace_prefix_invalid','','back');
}
$query = "select $fromfield,$priid from $fromtable $condition ";
$result = $db->query($query);
while($r = $db->fetch_array($result)){
$r[$fromfield] = $r[$fromfield].$addstr;
$r[$fromfield] = addslashes($r[$fromfield]);
$db->query("update $fromtable set $fromfield='".$r[$fromfield]."' where $priid='".$r[$priid]."'");
}
nmsg('operate_succeed','?action=database_replace');
}
}
break;
}
?>