458 lines
12 KiB
PHP
458 lines
12 KiB
PHP
|
<?php
|
||
|
namespace Opencart\Admin\Controller\Tool;
|
||
|
/**
|
||
|
* Class Backup
|
||
|
*
|
||
|
* @package Opencart\Admin\Controller\Tool
|
||
|
*/
|
||
|
class Backup extends \Opencart\System\Engine\Controller {
|
||
|
/**
|
||
|
* @return void
|
||
|
*/
|
||
|
public function index(): void {
|
||
|
$this->load->language('tool/backup');
|
||
|
|
||
|
$this->document->setTitle($this->language->get('heading_title'));
|
||
|
|
||
|
// Use the ini_get('upload_max_filesize') for the max file size
|
||
|
$data['error_upload_size'] = sprintf($this->language->get('error_upload_size'), ini_get('upload_max_filesize'));
|
||
|
|
||
|
$data['config_file_max_size'] = ((int)preg_filter('/[^0-9]/', '', ini_get('upload_max_filesize')) * 1024 * 1024);
|
||
|
|
||
|
$data['breadcrumbs'] = [];
|
||
|
|
||
|
$data['breadcrumbs'][] = [
|
||
|
'text' => $this->language->get('text_home'),
|
||
|
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
|
||
|
];
|
||
|
|
||
|
$data['breadcrumbs'][] = [
|
||
|
'text' => $this->language->get('heading_title'),
|
||
|
'href' => $this->url->link('tool/backup', 'user_token=' . $this->session->data['user_token'])
|
||
|
];
|
||
|
|
||
|
$data['upload'] = $this->url->link('tool/backup.upload', 'user_token=' . $this->session->data['user_token']);
|
||
|
|
||
|
$this->load->model('tool/backup');
|
||
|
|
||
|
$ignore = [
|
||
|
DB_PREFIX . 'user',
|
||
|
DB_PREFIX . 'user_group'
|
||
|
];
|
||
|
|
||
|
$data['tables'] = [];
|
||
|
|
||
|
$results = $this->model_tool_backup->getTables();
|
||
|
|
||
|
foreach ($results as $result) {
|
||
|
if (!in_array($result, $ignore)) {
|
||
|
$data['tables'][] = $result;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$data['history'] = $this->getHistory();
|
||
|
|
||
|
$data['user_token'] = $this->session->data['user_token'];
|
||
|
|
||
|
$data['header'] = $this->load->controller('common/header');
|
||
|
$data['column_left'] = $this->load->controller('common/column_left');
|
||
|
$data['footer'] = $this->load->controller('common/footer');
|
||
|
|
||
|
$this->response->setOutput($this->load->view('tool/backup', $data));
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @return void
|
||
|
*/
|
||
|
public function history(): void {
|
||
|
$this->load->language('tool/backup');
|
||
|
|
||
|
$this->response->setOutput($this->getHistory());
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @return string
|
||
|
*/
|
||
|
public function getHistory(): string {
|
||
|
$this->load->language('tool/backup');
|
||
|
|
||
|
$data['histories'] = [];
|
||
|
|
||
|
$files = glob(DIR_STORAGE . 'backup/*.sql');
|
||
|
|
||
|
foreach ($files as $file) {
|
||
|
$size = filesize($file);
|
||
|
|
||
|
$i = 0;
|
||
|
|
||
|
$suffix = [
|
||
|
'B',
|
||
|
'KB',
|
||
|
'MB',
|
||
|
'GB',
|
||
|
'TB',
|
||
|
'PB',
|
||
|
'EB',
|
||
|
'ZB',
|
||
|
'YB'
|
||
|
];
|
||
|
|
||
|
while (($size / 1024) > 1) {
|
||
|
$size = $size / 1024;
|
||
|
|
||
|
$i++;
|
||
|
}
|
||
|
|
||
|
$data['histories'][] = [
|
||
|
'filename' => basename($file),
|
||
|
'size' => round(substr($size, 0, strpos($size, '.') + 4), 2) . $suffix[$i],
|
||
|
'date_added' => date($this->language->get('datetime_format'), filemtime($file)),
|
||
|
'download' => $this->url->link('tool/backup.download', 'user_token=' . $this->session->data['user_token'] . '&filename=' . urlencode(basename($file))),
|
||
|
];
|
||
|
}
|
||
|
|
||
|
return $this->load->view('tool/backup_history', $data);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @return void
|
||
|
*/
|
||
|
public function backup(): void {
|
||
|
$this->load->language('tool/backup');
|
||
|
|
||
|
$json = [];
|
||
|
|
||
|
if (isset($this->request->get['filename'])) {
|
||
|
$filename = basename(html_entity_decode($this->request->get['filename'], ENT_QUOTES, 'UTF-8'));
|
||
|
} else {
|
||
|
$filename = date('Y-m-d H.i.s') . '.sql';
|
||
|
}
|
||
|
|
||
|
if (isset($this->request->get['table'])) {
|
||
|
$table = $this->request->get['table'];
|
||
|
} else {
|
||
|
$table = '';
|
||
|
}
|
||
|
|
||
|
if (isset($this->request->post['backup'])) {
|
||
|
$backup = $this->request->post['backup'];
|
||
|
} else {
|
||
|
$backup = [];
|
||
|
}
|
||
|
|
||
|
if (isset($this->request->get['page'])) {
|
||
|
$page = (int)$this->request->get['page'];
|
||
|
} else {
|
||
|
$page = 1;
|
||
|
}
|
||
|
|
||
|
if (!$this->user->hasPermission('modify', 'tool/backup')) {
|
||
|
$json['error'] = $this->language->get('error_permission');
|
||
|
}
|
||
|
|
||
|
$this->load->model('tool/backup');
|
||
|
|
||
|
$allowed = $this->model_tool_backup->getTables();
|
||
|
|
||
|
if (!in_array($table, $allowed)) {
|
||
|
$json['error'] = sprintf($this->language->get('error_table'), $table);
|
||
|
}
|
||
|
|
||
|
if (!$json) {
|
||
|
$output = '';
|
||
|
|
||
|
if ($page == 1) {
|
||
|
$output .= 'TRUNCATE TABLE `' . $this->db->escape($table) . '`;' . "\n\n";
|
||
|
}
|
||
|
|
||
|
$record_total = $this->model_tool_backup->getTotalRecords($table);
|
||
|
|
||
|
$results = $this->model_tool_backup->getRecords($table, ($page - 1) * 200, 200);
|
||
|
|
||
|
foreach ($results as $result) {
|
||
|
$fields = '';
|
||
|
|
||
|
foreach (array_keys($result) as $value) {
|
||
|
$fields .= '`' . $value . '`, ';
|
||
|
}
|
||
|
|
||
|
$values = '';
|
||
|
|
||
|
foreach (array_values($result) as $value) {
|
||
|
if ($value !== null) {
|
||
|
$value = str_replace(["\x00", "\x0a", "\x0d", "\x1a"], ['\0', '\n', '\r', '\Z'], $value);
|
||
|
$value = str_replace(["\n", "\r", "\t"], ['\n', '\r', '\t'], $value);
|
||
|
$value = str_replace('\\', '\\\\', $value);
|
||
|
$value = str_replace('\'', '\\\'', $value);
|
||
|
$value = str_replace('\\\n', '\n', $value);
|
||
|
$value = str_replace('\\\r', '\r', $value);
|
||
|
$value = str_replace('\\\t', '\t', $value);
|
||
|
|
||
|
$values .= '\'' . $value . '\', ';
|
||
|
} else {
|
||
|
$values .= 'NULL, ';
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$output .= 'INSERT INTO `' . $table . '` (' . preg_replace('/, $/', '', $fields) . ') VALUES (' . preg_replace('/, $/', '', $values) . ');' . "\n";
|
||
|
}
|
||
|
|
||
|
$position = array_search($table, $backup);
|
||
|
|
||
|
if (($page * 200) >= $record_total) {
|
||
|
$output .= "\n";
|
||
|
|
||
|
if (isset($backup[$position + 1])) {
|
||
|
$table = $backup[$position + 1];
|
||
|
} else {
|
||
|
$table = '';
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if ($position !== false) {
|
||
|
$json['progress'] = round(($position / count($backup)) * 100);
|
||
|
} else {
|
||
|
$json['progress'] = 0;
|
||
|
}
|
||
|
|
||
|
$handle = fopen(DIR_STORAGE . 'backup/' . $filename, 'a');
|
||
|
|
||
|
fwrite($handle, $output);
|
||
|
|
||
|
fclose($handle);
|
||
|
|
||
|
if (!$table) {
|
||
|
$json['success'] = $this->language->get('text_success');
|
||
|
} elseif (($page * 200) >= $record_total) {
|
||
|
$json['text'] = sprintf($this->language->get('text_backup'), $table, ($page - 1) * 200, $record_total);
|
||
|
|
||
|
$json['next'] = $this->url->link('tool/backup.backup', 'user_token=' . $this->session->data['user_token'] . '&filename=' . urlencode($filename) . '&table=' . $table . '&page=1', true);
|
||
|
} else {
|
||
|
$json['text'] = sprintf($this->language->get('text_backup'), $table, ($page - 1) * 200, $page * 200);
|
||
|
|
||
|
$json['next'] = $this->url->link('tool/backup.backup', 'user_token=' . $this->session->data['user_token'] . '&filename=' . urlencode($filename) . '&table=' . $table . '&page=' . ($page + 1), true);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
$this->response->addHeader('Content-Type: application/json');
|
||
|
$this->response->setOutput(json_encode($json));
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @return void
|
||
|
*/
|
||
|
public function restore(): void {
|
||
|
$this->load->language('tool/backup');
|
||
|
|
||
|
$json = [];
|
||
|
|
||
|
if (isset($this->request->get['filename'])) {
|
||
|
$filename = basename(html_entity_decode($this->request->get['filename'], ENT_QUOTES, 'UTF-8'));
|
||
|
} else {
|
||
|
$filename = '';
|
||
|
}
|
||
|
|
||
|
if (isset($this->request->get['position'])) {
|
||
|
$position = $this->request->get['position'];
|
||
|
} else {
|
||
|
$position = 0;
|
||
|
}
|
||
|
|
||
|
if (!$this->user->hasPermission('modify', 'tool/backup')) {
|
||
|
$json['error'] = $this->language->get('error_permission');
|
||
|
}
|
||
|
|
||
|
$file = DIR_STORAGE . 'backup/' . $filename;
|
||
|
|
||
|
if (!is_file($file)) {
|
||
|
$json['error'] = $this->language->get('error_file');
|
||
|
}
|
||
|
|
||
|
if (!$json) {
|
||
|
// We set $i so we can batch execute the queries rather than do them all at once.
|
||
|
$i = 0;
|
||
|
$start = false;
|
||
|
|
||
|
$handle = fopen($file, 'r');
|
||
|
|
||
|
fseek($handle, $position, SEEK_SET);
|
||
|
|
||
|
while (!feof($handle) && ($i < 100)) {
|
||
|
$position = ftell($handle);
|
||
|
|
||
|
$line = fgets($handle, 1000000);
|
||
|
|
||
|
if (substr($line, 0, 14) == 'TRUNCATE TABLE' || substr($line, 0, 11) == 'INSERT INTO') {
|
||
|
$sql = '';
|
||
|
|
||
|
$start = true;
|
||
|
}
|
||
|
|
||
|
if ($i > 0 && (substr($line, 0, strlen('TRUNCATE TABLE `' . DB_PREFIX . 'user`')) == 'TRUNCATE TABLE `' . DB_PREFIX . 'user`' || substr($line, 0, strlen('TRUNCATE TABLE `' . DB_PREFIX . 'user_group`')) == 'TRUNCATE TABLE `' . DB_PREFIX . 'user_group`')) {
|
||
|
fseek($handle, $position, SEEK_SET);
|
||
|
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
if ($start) {
|
||
|
$sql .= $line;
|
||
|
}
|
||
|
|
||
|
if ($start && substr($line, -2) == ";\n") {
|
||
|
$this->db->query(substr($sql, 0, strlen($sql) -2));
|
||
|
|
||
|
$start = false;
|
||
|
}
|
||
|
|
||
|
$i++;
|
||
|
}
|
||
|
|
||
|
$position = ftell($handle);
|
||
|
|
||
|
$size = filesize($file);
|
||
|
|
||
|
if ($position) {
|
||
|
$json['progress'] = round(($position / $size) * 100);
|
||
|
} else {
|
||
|
$json['progress'] = 0;
|
||
|
}
|
||
|
|
||
|
if ($position && !feof($handle)) {
|
||
|
$json['text'] = sprintf($this->language->get('text_restore'), $position, $size);
|
||
|
|
||
|
$json['next'] = $this->url->link('tool/backup.restore', 'user_token=' . $this->session->data['user_token'] . '&filename=' . urlencode($filename) . '&position=' . $position, true);
|
||
|
} else {
|
||
|
$json['success'] = $this->language->get('text_success');
|
||
|
|
||
|
$this->cache->delete('*');
|
||
|
}
|
||
|
|
||
|
fclose($handle);
|
||
|
}
|
||
|
|
||
|
$this->response->addHeader('Content-Type: application/json');
|
||
|
$this->response->setOutput(json_encode($json));
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @return void
|
||
|
*/
|
||
|
public function upload(): void {
|
||
|
$this->load->language('tool/backup');
|
||
|
|
||
|
$json = [];
|
||
|
|
||
|
// Check user has permission
|
||
|
if (!$this->user->hasPermission('modify', 'tool/backup')) {
|
||
|
$json['error'] = $this->language->get('error_permission');
|
||
|
}
|
||
|
|
||
|
if (empty($this->request->files['upload']['name']) || !is_file($this->request->files['upload']['tmp_name'])) {
|
||
|
$json['error'] = $this->language->get('error_upload');
|
||
|
}
|
||
|
|
||
|
if (!$json) {
|
||
|
// Sanitize the filename
|
||
|
$filename = basename(html_entity_decode($this->request->files['upload']['name'], ENT_QUOTES, 'UTF-8'));
|
||
|
|
||
|
if ((oc_strlen($filename) < 3) || (oc_strlen($filename) > 128)) {
|
||
|
$json['error'] = $this->language->get('error_filename');
|
||
|
}
|
||
|
|
||
|
// Allowed file extension types
|
||
|
if (strtolower(substr(strrchr($filename, '.'), 1)) != 'sql') {
|
||
|
$json['error'] = $this->language->get('error_file_type');
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if (!$json) {
|
||
|
move_uploaded_file($this->request->files['upload']['tmp_name'], DIR_STORAGE . 'backup/' . $filename);
|
||
|
|
||
|
$json['success'] = $this->language->get('text_success');
|
||
|
}
|
||
|
|
||
|
$this->response->addHeader('Content-Type: application/json');
|
||
|
$this->response->setOutput(json_encode($json));
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @return void
|
||
|
*/
|
||
|
public function download(): void {
|
||
|
$this->load->language('tool/backup');
|
||
|
|
||
|
$json = [];
|
||
|
|
||
|
if (isset($this->request->get['filename'])) {
|
||
|
$filename = basename(html_entity_decode($this->request->get['filename'], ENT_QUOTES, 'UTF-8'));
|
||
|
} else {
|
||
|
$filename = '';
|
||
|
}
|
||
|
|
||
|
// Check user has permission
|
||
|
if (!$this->user->hasPermission('modify', 'tool/backup')) {
|
||
|
$this->response->redirect($this->url->link('error/permission', 'user_token=' . $this->session->data['user_token'], true));
|
||
|
}
|
||
|
|
||
|
$file = DIR_STORAGE . 'backup/' . $filename;
|
||
|
|
||
|
if (!is_file($file)) {
|
||
|
$this->response->redirect($this->url->link('error/not_found', 'user_token=' . $this->session->data['user_token'], true));
|
||
|
}
|
||
|
|
||
|
if (!headers_sent()) {
|
||
|
header('Content-Type: application/octet-stream');
|
||
|
header('Content-Disposition: attachment; filename="' . $filename . '"');
|
||
|
header('Expires: 0');
|
||
|
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
||
|
header('Pragma: public');
|
||
|
header('Content-Length: ' . filesize($file));
|
||
|
|
||
|
if (ob_get_level()) {
|
||
|
ob_end_clean();
|
||
|
}
|
||
|
|
||
|
readfile($file, 'rb');
|
||
|
|
||
|
exit();
|
||
|
} else {
|
||
|
exit($this->language->get('error_headers_sent'));
|
||
|
}
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* @return void
|
||
|
*/
|
||
|
public function delete(): void {
|
||
|
$this->load->language('tool/backup');
|
||
|
|
||
|
$json = [];
|
||
|
|
||
|
if (isset($this->request->get['filename'])) {
|
||
|
$filename = basename(html_entity_decode($this->request->get['filename'], ENT_QUOTES, 'UTF-8'));
|
||
|
} else {
|
||
|
$filename = '';
|
||
|
}
|
||
|
|
||
|
// Check user has permission
|
||
|
if (!$this->user->hasPermission('modify', 'tool/backup')) {
|
||
|
$json['error'] = $this->language->get('error_permission');
|
||
|
}
|
||
|
|
||
|
$file = DIR_STORAGE . 'backup/' . $filename;
|
||
|
|
||
|
if (!is_file($file)) {
|
||
|
$json['error'] = $this->language->get('error_file');
|
||
|
}
|
||
|
|
||
|
if (!$json) {
|
||
|
unlink($file);
|
||
|
|
||
|
$json['success'] = $this->language->get('text_success');
|
||
|
}
|
||
|
|
||
|
$this->response->addHeader('Content-Type: application/json');
|
||
|
$this->response->setOutput(json_encode($json));
|
||
|
}
|
||
|
}
|