<?php
/*****************************************************************
* Spacemarc News
* Version: 1.2.0
* Author and copyright (C) 2003-2008: Marcello Vitagliano
* Web site: http://www.spacemarc.it
* License: GNU General Public License
*
* This program is free software: you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation, either version 3
* of the License, or (at your option) any later version.
*
* Current file: backup.php
*****************************************************************/
if (session_id() == "") {
session_start();
}
if (!defined('IN_NEWS')) {
die("Internal file");
}
if ($_SESSION['livello_id'] != 1) {
die("Operazione non consentita");
}
//posso fare il backup solo delle tabelle delle news
if (isset($_POST['selected_tbl'])) {
$selected_tbl = $_POST['selected_tbl'];
}
else {
$selected_tbl = 'd';
}
$tab_permesse = @array(
$tab_news,
$tab_utenti,
$tab_config
);
foreach($selected_tbl as $st) {
if (!in_array($st, $tab_permesse)) {
die("Errore nella selezione della tabella");
}
}
$selected_tbl = '\'' . implode("', '", $_POST['selected_tbl']) . '\'';
//invio il file al browser per il download
$date = date("d-m-Y");
if (isset($_POST['compress']) && $_POST['compress'] == 1) {
header("Content-Type: application/x-gzip; name=\"News_$date.sql.gz\"");
header("Content-disposition: attachment; filename=\"News_$date.sql.gz\"");
$asfile = "download";
}
else {
header("Content-Type: text/x-delimtext; name=\"News_$date.sql\"");
header("Content-Disposition: filename=\"News_$date.sql\"");
$asfile = "download";
}
$crlf = "\r\n";
//estraggo i nomi delle tabelle
if (mysql_get_server_info() >= 5) {
$tables = mysql_query("SHOW TABLES FROM $db_name WHERE Tables_in_$db_name IN ($selected_tbl)");
}
else {
$tables = mysql_query("SHOW TABLES FROM $db_name LIKE 'news_%'");
}
$num_tables = mysql_num_rows($tables);
if ($num_tables == 0) {
exit;
}
//commenti nel file di backup
$dump_buffer = "-- Spacemarc News $vers $crlf";
$dump_buffer.= "-- Host: $db_host $crlf";
$dump_buffer.= "-- Database: $db_name$crlf";
$dump_buffer.= "-- Generato il: " . date('d M Y H:i:s') . "$crlf";
$dump_buffer.= "-- Versione MySQL: " . @mysql_get_server_info() . "$crlf";
$dump_buffer.= "-- Versione PHP: " . @phpversion() . "$crlf";
$dump_buffer.= "$crlf";
$i = 0;
while ($i < $num_tables) {
$table = mysql_tablename($tables, $i);
$dump_buffer.= "-- --------------------------------------------------------$crlf";
$dump_buffer.= "$crlf";
$dump_buffer.= "-- $crlf";
$dump_buffer.= "-- Struttura della tabella `$table`$crlf";
$dump_buffer.= "-- $crlf$crlf";
$db = $table;
$dump_buffer.= get_table_def($table, $crlf, $db_name) . ";$crlf$crlf";
$dump_buffer.= "-- $crlf";
$dump_buffer.= "-- Dump dei dati per la tabella `$table`$crlf";
$dump_buffer.= "-- $crlf$crlf";
$tmp_buffer = "";
get_table_content($db_name, $table, 0, 0, 'my_handler', $db_name);
$dump_buffer.= $tmp_buffer;
$i++;
$dump_buffer.= "$crlf";
}
//comprimo o no il risultato del backup
if (isset($_POST['compress']) && $_POST['compress'] == 1) {
echo gzencode($dump_buffer);
$dump_buffer = '';
exit;
}
else {
echo $dump_buffer;
$dump_buffer = '';
exit;
}
//visualizzo la struttura per creare la tabella
function get_table_def($table, $crlf, $db_name) {
if ($table = mysql_query("SHOW CREATE TABLE `$table`")) {
list($table_name, $create_table) = mysql_fetch_row($table);
return $create_table;
}
return False;
}
function get_table_content($db, $table, $limit_from = 0, $limit_to = 0, $handler) {
if ($limit_from > 0) {
$limit_from--;
}
else {
$limit_from = 0;
}
if ($limit_to > 0 && $limit_from >= 0) {
$add_query = " LIMIT $limit_from, $limit_to";
}
else {
$add_query = '';
}
get_table_content_fast($db, $table, $add_query, $handler);
}
function get_table_content_fast($db, $table, $add_query = '', $handler) {
$result = mysql_query('SELECT * FROM ' . $db . '.' . $table . $add_query) or die();
if ($result != false) {
@set_time_limit(1200); //timeout di 20 minuti
//vedo quali campi sono interi
for ($j = 0;$j < mysql_num_fields($result);$j++) {
$field_set[$j] = mysql_field_name($result, $j);
$type = mysql_field_type($result, $j);
if ($type == 'tinyint' || $type == 'smallint' || $type == 'mediumint' || $type == 'int' || $type == 'bigint' || $type == 'timestamp') {
$field_num[$j] = true;
}
else {
$field_num[$j] = false;
}
}
//schema per le INSERT INTO
if (isset($GLOBALS['showcolumns'])) {
$fields = implode(', ', $field_set);
$schema_insert = "INSERT INTO `$table` ($fields) VALUES (";
}
else {
$schema_insert = "INSERT INTO `$table` VALUES (";
}
$field_count = mysql_num_fields($result);
$search = array(
"\x0a",
"\x0d",
"\x1a",
"'"
);
$replace = array(
"\\n",
"\\r",
"\Z",
"''"
);
while ($row = mysql_fetch_row($result)) {
for ($j = 0;$j < $field_count;$j++) {
if (!isset($row[$j])) {
$values[] = 'NULL';
}
else
if (!empty($row[$j])) {
//intero
if ($field_num[$j]) {
$values[] = "'" . $row[$j] . "'";
}
else {
//stringa
$values[] = "'" . str_replace($search, $replace, addslashes($row[$j])) . "'";
}
}
else {
$values[] = "''";
}
}
$insert_line = $schema_insert . implode(',', $values) . ')';
unset($values);
$handler($insert_line);
}
}
return true;
}
function my_handler($sql_insert) {
global $crlf, $asfile, $tmp_buffer;
//uncomment only if you have mysql<=4.1
if (empty($asfile)) $tmp_buffer.= htmlspecialchars("$sql_insert;$crlf");
else $tmp_buffer.= "$sql_insert;$crlf";
}
?>