Thread: SF.net SVN: postfixadmin:[406] trunk/backup.php
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
postfixadmin-svn
|
From: <chr...@us...> - 2008-07-18 23:15:45
|
Revision: 406
http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=406&view=rev
Author: christian_boltz
Date: 2008-07-18 23:15:52 +0000 (Fri, 18 Jul 2008)
Log Message:
-----------
backup.php:
- replace table_by_pos with table_by_key - script was totally broken
while table_by_pos was used (only admin table backed up)
- changed Content-Type: header to text/plain - file is still offered
for download, but can be opened in a text editor easier
Modified Paths:
--------------
trunk/backup.php
Modified: trunk/backup.php
===================================================================
--- trunk/backup.php 2008-07-18 23:07:40 UTC (rev 405)
+++ trunk/backup.php 2008-07-18 23:15:52 UTC (rev 406)
@@ -88,7 +88,7 @@
for ($i = 0 ; $i < sizeof ($tables) ; ++$i)
{
- $result = db_query ("SHOW CREATE TABLE ".table_by_pos($i));
+ $result = db_query ("SHOW CREATE TABLE " . table_by_key($tables[$i]));
if ($result['rows'] > 0)
{
while ($row = db_array ($result['result']))
@@ -100,7 +100,7 @@
for ($i = 0 ; $i < sizeof ($tables) ; ++$i)
{
- $result = db_query ("SELECT * FROM ".table_by_pos($i));
+ $result = db_query ("SELECT * FROM " . table_by_key($tables[$i]));
if ($result['rows'] > 0)
{
while ($row = db_assoc ($result['result']))
@@ -118,7 +118,7 @@
}
}
}
- header ("Content-Type: application/octet-stream");
+ header ("Content-Type: text/plain");
header ("Content-Disposition: attachment; filename=\"$filename\"");
header ("Content-Transfer-Encoding: binary");
header ("Content-Length: " . filesize("$backup"));
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <Gin...@us...> - 2009-07-30 07:35:28
|
Revision: 697
http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=697&view=rev
Author: GingerDog
Date: 2009-07-30 07:35:14 +0000 (Thu, 30 Jul 2009)
Log Message:
-----------
backup.php: fix bug 2829452
Modified Paths:
--------------
trunk/backup.php
Modified: trunk/backup.php
===================================================================
--- trunk/backup.php 2009-07-28 23:00:48 UTC (rev 696)
+++ trunk/backup.php 2009-07-30 07:35:14 UTC (rev 697)
@@ -54,9 +54,9 @@
if ($_SERVER['REQUEST_METHOD'] == "GET")
{
umask (077);
- $path = (ini_get('upload_tmp_dir') != '') ? ini_get('upload_tmp_dir') : '/tmp/';
+ $path = (ini_get('upload_tmp_dir') != '') ? ini_get('upload_tmp_dir') : '/tmp';
$filename = "postfixadmin-" . date ("Ymd") . "-" . getmypid() . ".sql";
- $backup = $path . $filename;
+ $backup = $path . DIRECTORY_SEPARATOR . $filename;
$header = "#\n# Postfix Admin $version\n# Date: " . date ("D M j G:i:s T Y") . "\n#\n";
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <Gin...@us...> - 2012-01-10 22:55:15
|
Revision: 1326
http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1326&view=rev
Author: GingerDog
Date: 2012-01-10 22:55:09 +0000 (Tue, 10 Jan 2012)
Log Message:
-----------
sql injection fix - ported back to trunk from branches/2.3 ...
Modified Paths:
--------------
trunk/backup.php
Modified: trunk/backup.php
===================================================================
--- trunk/backup.php 2012-01-10 20:30:15 UTC (rev 1325)
+++ trunk/backup.php 2012-01-10 22:55:09 UTC (rev 1326)
@@ -123,11 +123,9 @@
{
while ($row = db_assoc ($result['result']))
{
- foreach ($row as $key=>$val)
- {
- $fields[] = $key;
- $values[] = $val;
- }
+ $fields = array_keys($row);
+ $values = array_values($row);
+ $values = array_map('escape_string', $values);
fwrite ($fh, "INSERT INTO ". $tables[$i] . " (". implode (',',$fields) . ") VALUES ('" . implode ('\',\'',$values) . "');\n");
$fields = "";
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <chr...@us...> - 2011-04-19 22:59:06
|
Revision: 1049
http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1049&view=rev
Author: christian_boltz
Date: 2011-04-19 22:59:00 +0000 (Tue, 19 Apr 2011)
Log Message:
-----------
backup.php:
- add a warning that backup.php is poorly maintained and might contain bugs
- disable HTML escaping for the message - we feed it with HTML tags...
Modified Paths:
--------------
trunk/backup.php
Modified: trunk/backup.php
===================================================================
--- trunk/backup.php 2011-04-19 22:38:24 UTC (rev 1048)
+++ trunk/backup.php 2011-04-19 22:59:00 UTC (rev 1049)
@@ -28,14 +28,27 @@
(($CONF['backup'] == 'NO') ? header("Location: main.php") && exit : '1');
// TODO: make backup supported for postgres
-if ('pgsql'==$CONF['database_type'])
-{
- $smarty->assign ('tMessage', '<p>Sorry: Backup is currently not supported for your DBMS ('.$CONF['database_type'].').</p>');
+if ('pgsql'==$CONF['database_type']) {
+ $smarty->assign ('tMessage', '<p>Sorry: Backup is currently not supported for your DBMS ('.$CONF['database_type'].').</p>', false);
$smarty->assign ('smarty_template', 'message');
$smarty->display ('index.tpl');
-// print '<p>Sorry: Backup is currently not supported for your DBMS.</p>';
-die;
+ die;
}
+
+if (safeget('download') == "") {
+ $smarty->assign ('tMessage', '
+ <p><span class="error_msg">Warning:</span> The backup module of PostfixAdmin is poorly maintained and might contain bugs.</p>
+ <p>Please use <tt>mysqldump</tt> to get a reliable backup of your database.</p>
+ <p> </p>
+ <p>If you still trust this backup module, you can <a href="backup.php?download=1">download the database dump now</a></p>
+ ', false);
+ $smarty->assign ('smarty_template', 'message');
+ $smarty->display ('index.tpl');
+ die;
+}
+
+# Still here? Then let's create the database dump...
+
/*
SELECT attnum,attname,typname,atttypmod-4,attnotnull,atthasdef,adsrc
AS def FROM pg_attribute,pg_class,pg_type,pg_attrdef
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <chr...@us...> - 2011-07-18 22:05:13
|
Revision: 1079
http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=1079&view=rev
Author: christian_boltz
Date: 2011-07-18 22:05:07 +0000 (Mon, 18 Jul 2011)
Log Message:
-----------
backup.php:
- switch from tMessage to flash_error()
- style download link as button
This commit is part of the huge cleanup patch by Dale Blount (lnxus@SF),
https://sourceforge.net/tracker/?func=detail&atid=937966&aid=3370510&group_id=191583
Modified Paths:
--------------
trunk/backup.php
Modified: trunk/backup.php
===================================================================
--- trunk/backup.php 2011-07-18 21:59:55 UTC (rev 1078)
+++ trunk/backup.php 2011-07-18 22:05:07 UTC (rev 1079)
@@ -29,19 +29,19 @@
// TODO: make backup supported for postgres
if ('pgsql'==$CONF['database_type']) {
- $smarty->assign ('tMessage', '<p>Sorry: Backup is currently not supported for your DBMS ('.$CONF['database_type'].').</p>', false);
+ flash_error('<p>Sorry: Backup is currently not supported for your DBMS ('.$CONF['database_type'].').</p>');
$smarty->assign ('smarty_template', 'message');
$smarty->display ('index.tpl');
die;
}
if (safeget('download') == "") {
- $smarty->assign ('tMessage', '
+ flash_error('
<p><span class="error_msg">Warning:</span> The backup module of PostfixAdmin is poorly maintained and might contain bugs.</p>
<p>Please use <tt>mysqldump</tt> to get a reliable backup of your database.</p>
<p> </p>
- <p>If you still trust this backup module, you can <a href="backup.php?download=1">download the database dump now</a></p>
- ', false);
+ <p>If you still trust this backup module, you can <a href="backup.php?download=1" class="button">download the database dump now</a></p>
+ ');
$smarty->assign ('smarty_template', 'message');
$smarty->display ('index.tpl');
die;
@@ -80,11 +80,9 @@
if (!$fh = fopen ($backup, 'w'))
{
- $tMessage = "<div class=\"error_msg\">Cannot open file ($backup)</div>";
- $smarty->assign ('tMessage', $tMessage);
+ flash_error("<div class=\"error_msg\">Cannot open file ($backup)</div>");
$smarty->assign ('smarty_template', 'message');
$smarty->display ('index.tpl');
-// include ("templates/message.php");
}
else
{
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
Thanks for helping keep SourceForge clean.
X