webdesby/dominik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Konstantin
2026-05-30 09:27:58 +03:00
commit de0344d218
2371 changed files with 661486 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
public/admin/controller/tool/backup.php
+160
View File
@@ -0,0 +1,160 @@
<?php
class ControllerToolBackup extends Controller {
public function index() {
$this->load->language('tool/backup');
$this->document->setTitle($this->language->get('heading_title'));
if (isset($this->session->data['error'])) {
$data['error_warning'] = $this->session->data['error'];
unset($this->session->data['error']);
} else {
$data['error_warning'] = '';
}
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
);
$data['breadcrumbs'][] = array(
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('tool/backup', 'user_token=' . $this->session->data['user_token'], true)
);
$data['user_token'] = $this->session->data['user_token'];
$data['export'] = $this->url->link('tool/backup/export', 'user_token=' . $this->session->data['user_token'], true);
$this->load->model('tool/backup');
$data['tables'] = $this->model_tool_backup->getTables();
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('tool/backup', $data));
}
public function import() {
$this->load->language('tool/backup');
$json = array();
if (!$this->user->hasPermission('modify', 'tool/backup')) {
$json['error'] = $this->language->get('error_permission');
}
if (isset($this->request->files['import']['tmp_name']) && is_uploaded_file($this->request->files['import']['tmp_name'])) {
$filename = tempnam(DIR_UPLOAD, 'bac');
move_uploaded_file($this->request->files['import']['tmp_name'], $filename);
} elseif (isset($this->request->get['import'])) {
$filename = DIR_UPLOAD . basename(html_entity_decode($this->request->get['import'], ENT_QUOTES, 'UTF-8'));
} else {
$filename = '';
}
if (!is_file($filename)) {
$json['error'] = $this->language->get('error_file');
}
if (isset($this->request->get['position'])) {
$position = $this->request->get['position'];
} else {
$position = 0;
}
if (!$json) {
// We set $i so we can batch execute the queries rather than do them all at once.
$i = 0;
$start = false;
$handle = fopen($filename, 'r');
fseek($handle, $position, SEEK_SET);
while (!feof($handle) && ($i < 100)) {
$position = ftell($handle);
$line = fgets($handle, 1000000);
if (substr($line, 0, 14) == 'TRUNCATE TABLE' || substr($line, 0, 11) == 'INSERT INTO') {
$sql = '';
$start = true;
}
if ($i > 0 && (substr($line, 0, 24) == 'TRUNCATE TABLE `oc_user`' || substr($line, 0, 30) == 'TRUNCATE TABLE `oc_user_group`')) {
fseek($handle, $position, SEEK_SET);
break;
}
if ($start) {
$sql .= $line;
}
if ($start && substr($line, -2) == ";\n") {
$this->db->query(substr($sql, 0, strlen($sql) -2));
$start = false;
}
$i++;
}
$position = ftell($handle);
$size = filesize($filename);
$json['total'] = round(($position / $size) * 100);
if ($position && !feof($handle)) {
$json['next'] = str_replace('&amp;', '&', $this->url->link('tool/backup/import', 'user_token=' . $this->session->data['user_token'] . '&import=' . $filename . '&position=' . $position, true));
fclose($handle);
} else {
fclose($handle);
unlink($filename);
$json['success'] = $this->language->get('text_success');
$this->cache->delete('*');
}
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
public function export() {
$this->load->language('tool/backup');
if (!isset($this->request->post['backup'])) {
$this->session->data['error'] = $this->language->get('error_export');
$this->response->redirect($this->url->link('tool/backup', 'user_token=' . $this->session->data['user_token'], true));
} elseif (!$this->user->hasPermission('modify', 'tool/backup')) {
$this->session->data['error'] = $this->language->get('error_permission');
$this->response->redirect($this->url->link('tool/backup', 'user_token=' . $this->session->data['user_token'], true));
} else {
$this->response->addheader('Pragma: public');
$this->response->addheader('Expires: 0');
$this->response->addheader('Content-Description: File Transfer');
$this->response->addheader('Content-Type: application/octet-stream');
$this->response->addheader('Content-Disposition: attachment; filename="' . DB_DATABASE . '_' . date('Y-m-d_H-i-s', time()) . '_backup.sql"');
$this->response->addheader('Content-Transfer-Encoding: binary');
$this->load->model('tool/backup');
$this->response->setOutput($this->model_tool_backup->backup($this->request->post['backup']));
}
}
}
public/admin/controller/tool/log.php
+121
View File
@@ -0,0 +1,121 @@
<?php
class ControllerToolLog extends Controller {
private $error = array();
public function index() {
$this->load->language('tool/log');
$this->document->setTitle($this->language->get('heading_title'));
if (isset($this->session->data['error'])) {
$data['error_warning'] = $this->session->data['error'];
unset($this->session->data['error']);
} elseif (isset($this->error['warning'])) {
$data['error_warning'] = $this->error['warning'];
} else {
$data['error_warning'] = '';
}
if (isset($this->session->data['success'])) {
$data['success'] = $this->session->data['success'];
unset($this->session->data['success']);
} else {
$data['success'] = '';
}
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
);
$data['breadcrumbs'][] = array(
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('tool/log', 'user_token=' . $this->session->data['user_token'], true)
);
$data['download'] = $this->url->link('tool/log/download', 'user_token=' . $this->session->data['user_token'], true);
$data['clear'] = $this->url->link('tool/log/clear', 'user_token=' . $this->session->data['user_token'], true);
$data['log'] = '';
$file = DIR_LOGS . $this->config->get('config_error_filename');
if (file_exists($file)) {
$size = filesize($file);
if ($size >= 5242880) {
$suffix = array(
'B',
'KB',
'MB',
'GB',
'TB',
'PB',
'EB',
'ZB',
'YB'
);
$i = 0;
while (($size / 1024) > 1) {
$size = $size / 1024;
$i++;
}
$data['error_warning'] = sprintf($this->language->get('error_warning'), basename($file), round(substr($size, 0, strpos($size, '.') + 4), 2) . $suffix[$i]);
} else {
$data['log'] = file_get_contents($file, FILE_USE_INCLUDE_PATH, null);
}
}
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('tool/log', $data));
}
public function download() {
$this->load->language('tool/log');
$file = DIR_LOGS . $this->config->get('config_error_filename');
if (file_exists($file) && filesize($file) > 0) {
$this->response->addheader('Pragma: public');
$this->response->addheader('Expires: 0');
$this->response->addheader('Content-Description: File Transfer');
$this->response->addheader('Content-Type: application/octet-stream');
$this->response->addheader('Content-Disposition: attachment; filename="' . $this->config->get('config_name') . '_' . date('Y-m-d_H-i-s', time()) . '_error.log"');
$this->response->addheader('Content-Transfer-Encoding: binary');
$this->response->setOutput(file_get_contents($file, FILE_USE_INCLUDE_PATH, null));
} else {
$this->session->data['error'] = sprintf($this->language->get('error_warning'), basename($file), '0B');
$this->response->redirect($this->url->link('tool/log', 'user_token=' . $this->session->data['user_token'], true));
}
}
public function clear() {
$this->load->language('tool/log');
if (!$this->user->hasPermission('modify', 'tool/log')) {
$this->session->data['error'] = $this->language->get('error_permission');
} else {
$file = DIR_LOGS . $this->config->get('config_error_filename');
$handle = fopen($file, 'w+');
fclose($handle);
$this->session->data['success'] = $this->language->get('text_success');
}
$this->response->redirect($this->url->link('tool/log', 'user_token=' . $this->session->data['user_token'], true));
}
}
public/admin/controller/tool/upload.php
+396
View File
@@ -0,0 +1,396 @@
<?php
class ControllerToolUpload extends Controller {
private $error = array();
public function index() {
$this->load->language('tool/upload');
$this->document->setTitle($this->language->get('heading_title'));
$this->load->model('tool/upload');
$this->getList();
}
public function delete() {
$this->load->language('tool/upload');
$this->document->setTitle($this->language->get('heading_title'));
$this->load->model('tool/upload');
if (isset($this->request->post['selected']) && $this->validateDelete()) {
foreach ($this->request->post['selected'] as $upload_id) {
// Remove file before deleting DB record.
$upload_info = $this->model_tool_upload->getUpload($upload_id);
if ($upload_info && is_file(DIR_UPLOAD . $upload_info['filename'])) {
unlink(DIR_UPLOAD . $upload_info['filename']);
}
$this->model_tool_upload->deleteUpload($upload_id);
}
$this->session->data['success'] = $this->language->get('text_success');
$url = '';
if (isset($this->request->get['filter_name'])) {
$url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
}
if (isset($this->request->get['filter_date_added'])) {
$url .= '&filter_date_added=' . $this->request->get['filter_date_added'];
}
if (isset($this->request->get['sort'])) {
$url .= '&sort=' . $this->request->get['sort'];
}
if (isset($this->request->get['order'])) {
$url .= '&order=' . $this->request->get['order'];
}
if (isset($this->request->get['page'])) {
$url .= '&page=' . $this->request->get['page'];
}
$this->response->redirect($this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . $url, true));
}
$this->getList();
}
protected function getList() {
if (isset($this->request->get['filter_name'])) {
$filter_name = $this->request->get['filter_name'];
} else {
$filter_name = '';
}
if (isset($this->request->get['filter_date_added'])) {
$filter_date_added = $this->request->get['filter_date_added'];
} else {
$filter_date_added = '';
}
if (isset($this->request->get['sort'])) {
$sort = $this->request->get['sort'];
} else {
$sort = 'date_added';
}
if (isset($this->request->get['order'])) {
$order = $this->request->get['order'];
} else {
$order = 'DESC';
}
if (isset($this->request->get['page'])) {
$page = (int)$this->request->get['page'];
} else {
$page = 1;
}
$url = '';
if (isset($this->request->get['filter_name'])) {
$url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
}
if (isset($this->request->get['filter_date_added'])) {
$url .= '&filter_date_added=' . $this->request->get['filter_date_added'];
}
if (isset($this->request->get['sort'])) {
$url .= '&sort=' . $this->request->get['sort'];
}
if (isset($this->request->get['order'])) {
$url .= '&order=' . $this->request->get['order'];
}
if (isset($this->request->get['page'])) {
$url .= '&page=' . $this->request->get['page'];
}
$data['breadcrumbs'] = array();
$data['breadcrumbs'][] = array(
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
);
$data['breadcrumbs'][] = array(
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . $url, true)
);
$data['delete'] = $this->url->link('tool/upload/delete', 'user_token=' . $this->session->data['user_token'] . $url, true);
$data['uploads'] = array();
$filter_data = array(
'filter_name' => $filter_name,
'filter_date_added' => $filter_date_added,
'sort' => $sort,
'order' => $order,
'start' => ($page - 1) * $this->config->get('config_limit_admin'),
'limit' => $this->config->get('config_limit_admin')
);
$upload_total = $this->model_tool_upload->getTotalUploads($filter_data);
$results = $this->model_tool_upload->getUploads($filter_data);
foreach ($results as $result) {
$data['uploads'][] = array(
'upload_id' => $result['upload_id'],
'name' => $result['name'],
'filename' => $result['filename'],
'date_added' => date($this->language->get('date_format_short'), strtotime($result['date_added'])),
'download' => $this->url->link('tool/upload/download', 'user_token=' . $this->session->data['user_token'] . '&code=' . $result['code'] . $url, true)
);
}
$data['user_token'] = $this->session->data['user_token'];
if (isset($this->error['warning'])) {
$data['error_warning'] = $this->error['warning'];
} elseif (isset($this->session->data['error'])) {
$data['error_warning'] = $this->session->data['error'];
unset($this->session->data['error']);
} else {
$data['error_warning'] = '';
}
if (isset($this->session->data['success'])) {
$data['success'] = $this->session->data['success'];
unset($this->session->data['success']);
} else {
$data['success'] = '';
}
if (isset($this->request->post['selected'])) {
$data['selected'] = (array)$this->request->post['selected'];
} else {
$data['selected'] = array();
}
$url = '';
if (isset($this->request->get['filter_name'])) {
$url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
}
if (isset($this->request->get['filter_date_added'])) {
$url .= '&filter_date_added=' . $this->request->get['filter_date_added'];
}
if ($order == 'ASC') {
$url .= '&order=DESC';
} else {
$url .= '&order=ASC';
}
if (isset($this->request->get['page'])) {
$url .= '&page=' . $this->request->get['page'];
}
$data['sort_name'] = $this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . '&sort=name' . $url, true);
$data['sort_filename'] = $this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . '&sort=filename' . $url, true);
$data['sort_date_added'] = $this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . '&sort=date_added' . $url, true);
$url = '';
if (isset($this->request->get['filter_name'])) {
$url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
}
if (isset($this->request->get['filter_date_added'])) {
$url .= '&filter_date_added=' . $this->request->get['filter_date_added'];
}
if (isset($this->request->get['sort'])) {
$url .= '&sort=' . $this->request->get['sort'];
}
if (isset($this->request->get['order'])) {
$url .= '&order=' . $this->request->get['order'];
}
$pagination = new Pagination();
$pagination->total = $upload_total;
$pagination->page = $page;
$pagination->limit = $this->config->get('config_limit_admin');
$pagination->url = $this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}', true);
$data['pagination'] = $pagination->render();
$data['results'] = sprintf($this->language->get('text_pagination'), ($upload_total) ? (($page - 1) * $this->config->get('config_limit_admin')) + 1 : 0, ((($page - 1) * $this->config->get('config_limit_admin')) > ($upload_total - $this->config->get('config_limit_admin'))) ? $upload_total : ((($page - 1) * $this->config->get('config_limit_admin')) + $this->config->get('config_limit_admin')), $upload_total, ceil($upload_total / $this->config->get('config_limit_admin')));
$data['filter_name'] = $filter_name;
$data['filter_date_added'] = $filter_date_added;
$data['sort'] = $sort;
$data['order'] = $order;
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('tool/upload', $data));
}
protected function validateDelete() {
if (!$this->user->hasPermission('modify', 'tool/upload')) {
$this->error['warning'] = $this->language->get('error_permission');
}
return !$this->error;
}
public function download() {
$this->load->model('tool/upload');
$this->load->language('tool/upload');
if (isset($this->request->get['code'])) {
$code = $this->request->get['code'];
} else {
$code = 0;
}
$url = '';
if (isset($this->request->get['filter_name'])) {
$url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
}
if (isset($this->request->get['filter_date_added'])) {
$url .= '&filter_date_added=' . $this->request->get['filter_date_added'];
}
if (isset($this->request->get['sort'])) {
$url .= '&sort=' . $this->request->get['sort'];
}
if (isset($this->request->get['order'])) {
$url .= '&order=' . $this->request->get['order'];
}
if (isset($this->request->get['page'])) {
$url .= '&page=' . $this->request->get['page'];
}
$upload_info = $this->model_tool_upload->getUploadByCode($code);
if ($upload_info) {
$file = DIR_UPLOAD . $upload_info['filename'];
$mask = basename($upload_info['name']);
if (file_exists($file) && filesize($file) > 0) {
$this->response->addheader('Pragma: public');
$this->response->addheader('Expires: 0');
$this->response->addheader('Content-Description: File Transfer');
$this->response->addheader('Content-Type: application/octet-stream');
$this->response->addheader('Content-Disposition: attachment; filename="' . ($mask ? $mask : basename($file)) . '"');
$this->response->addheader('Content-Transfer-Encoding: binary');
$this->response->setOutput(file_get_contents($file, FILE_USE_INCLUDE_PATH, null));
} else {
$this->session->data['error'] = $this->language->get('error_file');
$this->response->redirect($this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . $url, true));
}
} else {
$this->session->data['error'] = $this->language->get('error_upload');
$this->response->redirect($this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . $url, true));
}
}
public function upload() {
$this->load->language('sale/order');
$json = array();
// Check user has permission
if (!$this->user->hasPermission('modify', 'tool/upload')) {
$json['error'] = $this->language->get('error_permission');
}
if (!$json) {
if (!empty($this->request->files['file']['name']) && is_file($this->request->files['file']['tmp_name'])) {
// Sanitize the filename
$filename = html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8');
if ((utf8_strlen($filename) < 3) || (utf8_strlen($filename) > 128)) {
$json['error'] = $this->language->get('error_filename');
}
// Allowed file extension types
$allowed = array();
$extension_allowed = preg_replace('~\r?\n~', "\n", $this->config->get('config_file_ext_allowed'));
$filetypes = explode("\n", $extension_allowed);
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array(strtolower(substr(strrchr($filename, '.'), 1)), $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Allowed file mime types
$allowed = array();
$mime_allowed = preg_replace('~\r?\n~', "\n", $this->config->get('config_file_mime_allowed'));
$filetypes = explode("\n", $mime_allowed);
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array($this->request->files['file']['type'], $allowed)) {
$json['error'] = $this->language->get('error_filetype');
}
// Check to see if any PHP files are trying to be uploaded
$content = file_get_contents($this->request->files['file']['tmp_name']);
if (preg_match('/\<\?php/i', $content)) {
$json['error'] = $this->language->get('error_filetype');
}
// Return any upload error
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
$json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
}
} else {
$json['error'] = $this->language->get('error_upload');
}
}
if (!$json) {
$file = $filename . '.' . token(32);
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_UPLOAD . $file);
// Hide the uploaded file name so people can not link to it directly.
$this->load->model('tool/upload');
$json['code'] = $this->model_tool_upload->addUpload($filename, $file);
$json['success'] = $this->language->get('text_upload');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
}