Menu
▾
▴
[Bobs-cvs] CVS: bobs/winc end_session.php,1.3,1.4 restore.php,1.5,1.6 search.php,1.4,1.5
|
From: Rene R. <ren...@us...> - 2002-10-26 02:01:40
|
Update of /cvsroot/bobs/bobs/winc
In directory usw-pr-cvs1:/tmp/cvs-serv27654/winc
Modified Files:
end_session.php restore.php search.php
Log Message:
Bobs should now run on php version from 4.0.6 to 4.2.x
several security issues were fixed. (debug flags and siteroot)
Minor fix in session management.
Index: end_session.php
===================================================================
RCS file: /cvsroot/bobs/bobs/winc/end_session.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** end_session.php 8 Jul 2002 21:34:43 -0000 1.3
--- end_session.php 26 Oct 2002 02:01:35 -0000 1.4
***************
*** 2,19 ****
// note the /../ becuase we are a subdir to siteroot
! $siteroot = getenv("DOCUMENT_ROOT") . dirname($PHP_SELF) . '/..';
!
! require($siteroot . "/inc/config.php");
! require($siteroot . "/inc/class_backup.php");
session_start();
// end session
! session_unregister('backup');
! session_unregister('config');
! session_unregister('htree');
! session_unregister('files');
session_destroy();
! echo '<a href="' . dirname($PHP_SELF) . '/../' . '"><p>Press here to start a new session</a>';
?>
--- 2,16 ----
// note the /../ becuase we are a subdir to siteroot
! require("../inc/config.php");
! require("../inc/class_backup.php");
session_start();
// end session
! while (list ($key, $val) = each ($_SESSION)) {
! session_unregister($key);
! }
session_destroy();
! echo '<a href="../"><p>Press here to start a new session</a>';
?>
Index: restore.php
===================================================================
RCS file: /cvsroot/bobs/bobs/winc/restore.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** restore.php 25 Oct 2002 14:02:15 -0000 1.5
--- restore.php 26 Oct 2002 02:01:35 -0000 1.6
***************
*** 3,15 ****
// restore files to remote server
! $siteroot = getenv("DOCUMENT_ROOT") . dirname($PHP_SELF);
! require($siteroot . "/inc/config.php");
! require($siteroot . "/inc/class_backup.php");
! require($siteroot . "/inc/class_search.php");
! require($siteroot . "/inc/class_db.php");
! require($siteroot . "/inc/class_restore.php");
! require($siteroot . "/inc/class_rfasttemplate.php");
!
!
session_start();
--- 3,12 ----
// restore files to remote server
! require("inc/config.php");
! require("inc/class_backup.php");
! require("inc/class_search.php");
! require("inc/class_db.php");
! require("inc/class_restore.php");
! require("inc/class_rfasttemplate.php");
session_start();
***************
*** 25,32 ****
<?php
// get config from backup object
$config = $backup->get_config();
! $config["where"] = $where;
$res = new restore($config);
--- 22,31 ----
<?php
+ // reference session objects
+ $backup = &$_SESSION['backup'];
// get config from backup object
$config = $backup->get_config();
! $config["where"] = $_GET['where'];
$res = new restore($config);
***************
*** 64,68 ****
*/
! if ( !isset($check) && !isset($restore) ) {
?>
<center>
--- 63,67 ----
*/
! if ( !isset($_POST['check']) && !isset($_POST['restore']) ) {
?>
<center>
***************
*** 81,85 ****
! if ( $check == "do_check" ) {
// check stuff before restoring files
--- 80,84 ----
! if ( $_POST['check'] == "do_check" ) {
// check stuff before restoring files
***************
*** 101,105 ****
echo "<center>";
! echo $result[html];
if ( !isset($result["error"]) ) {
echo '<form name="confirm" method="post">' . "\n";
--- 100,104 ----
echo "<center>";
! echo $result["html"];
if ( !isset($result["error"]) ) {
echo '<form name="confirm" method="post">' . "\n";
***************
*** 114,118 ****
// restore files if all is good.
! if ( $restore == "do_it" ) {
$result = $res->restore_files();
--- 113,117 ----
// restore files if all is good.
! if ( $_POST['restore'] == "do_it" ) {
$result = $res->restore_files();
Index: search.php
===================================================================
RCS file: /cvsroot/bobs/bobs/winc/search.php,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** search.php 29 Sep 2002 04:59:50 -0000 1.4
--- search.php 26 Oct 2002 02:01:35 -0000 1.5
***************
*** 5,17 ****
// set timeout to more than the default 30 seconds
set_time_limit(600);
! $siteroot = getenv("DOCUMENT_ROOT") . dirname($PHP_SELF);
! require($siteroot . "/inc/config.php");
! require($siteroot . "/inc/class_backup.php");
! require($siteroot . "/inc/class_search.php");
! require($siteroot . "/inc/class_db.php");
session_start();
?>
<html>
--- 5,19 ----
// set timeout to more than the default 30 seconds
+ // FIXME; This is should adjustable from the admin pages
set_time_limit(600);
! require("inc/config.php");
! require("inc/class_backup.php");
! require("inc/class_search.php");
! require("inc/class_db.php");
session_start();
+ $backup = &$_SESSION['backup'];
+
?>
<html>
***************
*** 22,26 ****
<body>
<?php
! if ( !isset($do_search) ) {
?>
--- 24,28 ----
<body>
<?php
! if ( !isset($_POST['do_search']) ) {
?>
***************
*** 35,39 ****
The fields you do not fill out are not used when searching.</big></p>
! <FORM name="searchform">
The text you enter is seperated by spaces. If you want to search for more than one filename then uncheck the "Require all words" checkbox
<p> Search name: <INPUT type="text" name="str_search"> Require all words
--- 37,41 ----
The fields you do not fill out are not used when searching.</big></p>
! <FORM name="searchform" method="post">
The text you enter is seperated by spaces. If you want to search for more than one filename then uncheck the "Require all words" checkbox
<p> Search name: <INPUT type="text" name="str_search"> Require all words
***************
*** 161,183 ****
}
! $string = $str_search; // string to search for
! if ( isset($ss_day) && isset($ss_month) && isset($ss_year) ) {
! $s_date["day"] = $ss_day;
! $s_date["month"] = $ss_month;
! $s_date["year"] = $ss_year;
} else { $s_date = ''; }
! if ( isset($se_day) && isset($se_month) && isset($se_year) ) {
! $e_date["day"] = $se_day;
! $e_date["month"] = $se_month;
! $e_date["year"] = $se_year;
} else { $e_date = ''; }
! $max_size = $smax_size*$smax_sizemult; // maximum size of file
! $min_size = $smin_size*$smin_sizemult; // minimum size of file
// do search
! if(isset($do_search)) {
$config = $backup->get_config();
--- 163,185 ----
}
! $string = $_POST['str_search']; // string to search for
! if ( isset($_POST['ss_day']) && isset($_POST['ss_month']) && isset($_POST['ss_year']) ) {
! $s_date["day"] = $_POST['ss_day'];
! $s_date["month"] = $_POST['ss_month'];
! $s_date["year"] = $_POST['ss_year'];
} else { $s_date = ''; }
! if ( isset($_POST['se_day']) && isset($_POST['se_month']) && isset($_POST['se_year']) ) {
! $e_date["day"] = $_POST['se_day'];
! $e_date["month"] = $_POST['se_month'];
! $e_date["year"] = $_POST['se_year'];
} else { $e_date = ''; }
! $max_size = $_POST['smax_size']*$_POST['smax_sizemult']; // maximum size of file
! $min_size = $_POST['smin_size']*$_POST['smin_sizemult']; // minimum size of file
// do search
! if(isset($_POST['do_search'])) {
$config = $backup->get_config();
***************
*** 185,189 ****
$search = new search($config);
$result = $search->cmd_search($string, $str_require_all, $s_date, $e_date, $max_size, $min_size);
! //echo nl2br($result);
// $backup->command = $result;
// $backup->add_queue_command();
--- 187,191 ----
$search = new search($config);
$result = $search->cmd_search($string, $str_require_all, $s_date, $e_date, $max_size, $min_size);
! echo nl2br($result);
// $backup->command = $result;
// $backup->add_queue_command();
|
