Sujan/Ekdant-Online-Store
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
sujan
2024-08-06 18:06:00 +05:45
commit a2fa49071a
2745 changed files with 391199 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

457
admininistrator/controller/tool/backup.php Normal file
View File

@ -0,0 +1,457 @@
<?php
namespace Opencart\Admin\Controller\Tool;
/**
* Class Backup
*
* @package Opencart\Admin\Controller\Tool
*/
class Backup extends \Opencart\System\Engine\Controller {
/**
* @return void
*/
public function index(): void {
$this->load->language('tool/backup');
$this->document->setTitle($this->language->get('heading_title'));
// Use the ini_get('upload_max_filesize') for the max file size
$data['error_upload_size'] = sprintf($this->language->get('error_upload_size'), ini_get('upload_max_filesize'));
$data['config_file_max_size'] = ((int)preg_filter('/[^0-9]/', '', ini_get('upload_max_filesize')) * 1024 * 1024);
$data['breadcrumbs'] = [];
$data['breadcrumbs'][] = [
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
];
$data['breadcrumbs'][] = [
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('tool/backup', 'user_token=' . $this->session->data['user_token'])
];
$data['upload'] = $this->url->link('tool/backup.upload', 'user_token=' . $this->session->data['user_token']);
$this->load->model('tool/backup');
$ignore = [
DB_PREFIX . 'user',
DB_PREFIX . 'user_group'
];
$data['tables'] = [];
$results = $this->model_tool_backup->getTables();
foreach ($results as $result) {
if (!in_array($result, $ignore)) {
$data['tables'][] = $result;
}
}
$data['history'] = $this->getHistory();
$data['user_token'] = $this->session->data['user_token'];
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('tool/backup', $data));
}
/**
* @return void
*/
public function history(): void {
$this->load->language('tool/backup');
$this->response->setOutput($this->getHistory());
}
/**
* @return string
*/
public function getHistory(): string {
$this->load->language('tool/backup');
$data['histories'] = [];
$files = glob(DIR_STORAGE . 'backup/*.sql');
foreach ($files as $file) {
$size = filesize($file);
$i = 0;
$suffix = [
'B',
'KB',
'MB',
'GB',
'TB',
'PB',
'EB',
'ZB',
'YB'
];
while (($size / 1024) > 1) {
$size = $size / 1024;
$i++;
}
$data['histories'][] = [
'filename' => basename($file),
'size' => round(substr($size, 0, strpos($size, '.') + 4), 2) . $suffix[$i],
'date_added' => date($this->language->get('datetime_format'), filemtime($file)),
'download' => $this->url->link('tool/backup.download', 'user_token=' . $this->session->data['user_token'] . '&filename=' . urlencode(basename($file))),
];
}
return $this->load->view('tool/backup_history', $data);
}
/**
* @return void
*/
public function backup(): void {
$this->load->language('tool/backup');
$json = [];
if (isset($this->request->get['filename'])) {
$filename = basename(html_entity_decode($this->request->get['filename'], ENT_QUOTES, 'UTF-8'));
} else {
$filename = date('Y-m-d H.i.s') . '.sql';
}
if (isset($this->request->get['table'])) {
$table = $this->request->get['table'];
} else {
$table = '';
}
if (isset($this->request->post['backup'])) {
$backup = $this->request->post['backup'];
} else {
$backup = [];
}
if (isset($this->request->get['page'])) {
$page = (int)$this->request->get['page'];
} else {
$page = 1;
}
if (!$this->user->hasPermission('modify', 'tool/backup')) {
$json['error'] = $this->language->get('error_permission');
}
$this->load->model('tool/backup');
$allowed = $this->model_tool_backup->getTables();
if (!in_array($table, $allowed)) {
$json['error'] = sprintf($this->language->get('error_table'), $table);
}
if (!$json) {
$output = '';
if ($page == 1) {
$output .= 'TRUNCATE TABLE `' . $this->db->escape($table) . '`;' . "\n\n";
}
$record_total = $this->model_tool_backup->getTotalRecords($table);
$results = $this->model_tool_backup->getRecords($table, ($page - 1) * 200, 200);
foreach ($results as $result) {
$fields = '';
foreach (array_keys($result) as $value) {
$fields .= '`' . $value . '`, ';
}
$values = '';
foreach (array_values($result) as $value) {
if ($value !== null) {
$value = str_replace(["\x00", "\x0a", "\x0d", "\x1a"], ['\0', '\n', '\r', '\Z'], $value);
$value = str_replace(["\n", "\r", "\t"], ['\n', '\r', '\t'], $value);
$value = str_replace('\\', '\\\\', $value);
$value = str_replace('\'', '\\\'', $value);
$value = str_replace('\\\n', '\n', $value);
$value = str_replace('\\\r', '\r', $value);
$value = str_replace('\\\t', '\t', $value);
$values .= '\'' . $value . '\', ';
} else {
$values .= 'NULL, ';
}
}
$output .= 'INSERT INTO `' . $table . '` (' . preg_replace('/, $/', '', $fields) . ') VALUES (' . preg_replace('/, $/', '', $values) . ');' . "\n";
}
$position = array_search($table, $backup);
if (($page * 200) >= $record_total) {
$output .= "\n";
if (isset($backup[$position + 1])) {
$table = $backup[$position + 1];
} else {
$table = '';
}
}
if ($position !== false) {
$json['progress'] = round(($position / count($backup)) * 100);
} else {
$json['progress'] = 0;
}
$handle = fopen(DIR_STORAGE . 'backup/' . $filename, 'a');
fwrite($handle, $output);
fclose($handle);
if (!$table) {
$json['success'] = $this->language->get('text_success');
} elseif (($page * 200) >= $record_total) {
$json['text'] = sprintf($this->language->get('text_backup'), $table, ($page - 1) * 200, $record_total);
$json['next'] = $this->url->link('tool/backup.backup', 'user_token=' . $this->session->data['user_token'] . '&filename=' . urlencode($filename) . '&table=' . $table . '&page=1', true);
} else {
$json['text'] = sprintf($this->language->get('text_backup'), $table, ($page - 1) * 200, $page * 200);
$json['next'] = $this->url->link('tool/backup.backup', 'user_token=' . $this->session->data['user_token'] . '&filename=' . urlencode($filename) . '&table=' . $table . '&page=' . ($page + 1), true);
}
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
/**
* @return void
*/
public function restore(): void {
$this->load->language('tool/backup');
$json = [];
if (isset($this->request->get['filename'])) {
$filename = basename(html_entity_decode($this->request->get['filename'], ENT_QUOTES, 'UTF-8'));
} else {
$filename = '';
}
if (isset($this->request->get['position'])) {
$position = $this->request->get['position'];
} else {
$position = 0;
}
if (!$this->user->hasPermission('modify', 'tool/backup')) {
$json['error'] = $this->language->get('error_permission');
}
$file = DIR_STORAGE . 'backup/' . $filename;
if (!is_file($file)) {
$json['error'] = $this->language->get('error_file');
}
if (!$json) {
// We set $i so we can batch execute the queries rather than do them all at once.
$i = 0;
$start = false;
$handle = fopen($file, 'r');
fseek($handle, $position, SEEK_SET);
while (!feof($handle) && ($i < 100)) {
$position = ftell($handle);
$line = fgets($handle, 1000000);
if (substr($line, 0, 14) == 'TRUNCATE TABLE' || substr($line, 0, 11) == 'INSERT INTO') {
$sql = '';
$start = true;
}
if ($i > 0 && (substr($line, 0, strlen('TRUNCATE TABLE `' . DB_PREFIX . 'user`')) == 'TRUNCATE TABLE `' . DB_PREFIX . 'user`' || substr($line, 0, strlen('TRUNCATE TABLE `' . DB_PREFIX . 'user_group`')) == 'TRUNCATE TABLE `' . DB_PREFIX . 'user_group`')) {
fseek($handle, $position, SEEK_SET);
break;
}
if ($start) {
$sql .= $line;
}
if ($start && substr($line, -2) == ";\n") {
$this->db->query(substr($sql, 0, strlen($sql) -2));
$start = false;
}
$i++;
}
$position = ftell($handle);
$size = filesize($file);
if ($position) {
$json['progress'] = round(($position / $size) * 100);
} else {
$json['progress'] = 0;
}
if ($position && !feof($handle)) {
$json['text'] = sprintf($this->language->get('text_restore'), $position, $size);
$json['next'] = $this->url->link('tool/backup.restore', 'user_token=' . $this->session->data['user_token'] . '&filename=' . urlencode($filename) . '&position=' . $position, true);
} else {
$json['success'] = $this->language->get('text_success');
$this->cache->delete('*');
}
fclose($handle);
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
/**
* @return void
*/
public function upload(): void {
$this->load->language('tool/backup');
$json = [];
// Check user has permission
if (!$this->user->hasPermission('modify', 'tool/backup')) {
$json['error'] = $this->language->get('error_permission');
}
if (empty($this->request->files['upload']['name']) || !is_file($this->request->files['upload']['tmp_name'])) {
$json['error'] = $this->language->get('error_upload');
}
if (!$json) {
// Sanitize the filename
$filename = basename(html_entity_decode($this->request->files['upload']['name'], ENT_QUOTES, 'UTF-8'));
if ((oc_strlen($filename) < 3) || (oc_strlen($filename) > 128)) {
$json['error'] = $this->language->get('error_filename');
}
// Allowed file extension types
if (strtolower(substr(strrchr($filename, '.'), 1)) != 'sql') {
$json['error'] = $this->language->get('error_file_type');
}
}
if (!$json) {
move_uploaded_file($this->request->files['upload']['tmp_name'], DIR_STORAGE . 'backup/' . $filename);
$json['success'] = $this->language->get('text_success');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
/**
* @return void
*/
public function download(): void {
$this->load->language('tool/backup');
$json = [];
if (isset($this->request->get['filename'])) {
$filename = basename(html_entity_decode($this->request->get['filename'], ENT_QUOTES, 'UTF-8'));
} else {
$filename = '';
}
// Check user has permission
if (!$this->user->hasPermission('modify', 'tool/backup')) {
$this->response->redirect($this->url->link('error/permission', 'user_token=' . $this->session->data['user_token'], true));
}
$file = DIR_STORAGE . 'backup/' . $filename;
if (!is_file($file)) {
$this->response->redirect($this->url->link('error/not_found', 'user_token=' . $this->session->data['user_token'], true));
}
if (!headers_sent()) {
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $filename . '"');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
if (ob_get_level()) {
ob_end_clean();
}
readfile($file, 'rb');
exit();
} else {
exit($this->language->get('error_headers_sent'));
}
}
/**
* @return void
*/
public function delete(): void {
$this->load->language('tool/backup');
$json = [];
if (isset($this->request->get['filename'])) {
$filename = basename(html_entity_decode($this->request->get['filename'], ENT_QUOTES, 'UTF-8'));
} else {
$filename = '';
}
// Check user has permission
if (!$this->user->hasPermission('modify', 'tool/backup')) {
$json['error'] = $this->language->get('error_permission');
}
$file = DIR_STORAGE . 'backup/' . $filename;
if (!is_file($file)) {
$json['error'] = $this->language->get('error_file');
}
if (!$json) {
unlink($file);
$json['success'] = $this->language->get('text_success');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
}

171
admininistrator/controller/tool/log.php Normal file
View File

@ -0,0 +1,171 @@
<?php
namespace Opencart\Admin\Controller\Tool;
/**
* Class Log
*
* @package Opencart\Admin\Controller\Tool
*/
class Log extends \Opencart\System\Engine\Controller {
/**
* @return void
*/
public function index(): void {
$this->load->language('tool/log');
$this->document->setTitle($this->language->get('heading_title'));
$data['breadcrumbs'] = [];
$data['breadcrumbs'][] = [
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
];
$data['breadcrumbs'][] = [
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('tool/log', 'user_token=' . $this->session->data['user_token'])
];
if (isset($this->session->data['error'])) {
$data['error_warning'] = $this->session->data['error'];
unset($this->session->data['error']);
} else {
$data['error_warning'] = '';
}
$file = DIR_LOGS . $this->config->get('config_error_filename');
if (!is_file($file)) {
file_put_contents($file, '', FILE_APPEND);
}
$data['log'] = [];
$files = glob(DIR_LOGS . '*.log');
foreach ($files as $file) {
$error = '';
$filename = basename($file);
$size = filesize($file);
if ($size >= 3145728) {
$suffix = [
'B',
'KB',
'MB',
'GB',
'TB',
'PB',
'EB',
'ZB',
'YB'
];
$i = 0;
while (($size / 1024) > 1) {
$size = $size / 1024;
$i++;
}
$error = sprintf($this->language->get('error_size'), $filename, round(substr($size, 0, strpos($size, '.') + 4), 2) . $suffix[$i]);
}
$handle = fopen($file, 'r+');
$data['logs'][] = [
'name' => $filename,
'output' => fread($handle, 3145728),
'download' => $this->url->link('tool/log.download', 'user_token=' . $this->session->data['user_token'] . '&filename=' . $filename),
'clear' => $this->url->link('tool/log.clear', 'user_token=' . $this->session->data['user_token'] . '&filename=' . $filename),
'error' => $error
];
fclose($handle);
}
$data['user_token'] = $this->session->data['user_token'];
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('tool/log', $data));
}
/**
* @return void
*/
public function download(): void {
$this->load->language('tool/log');
if (isset($this->request->get['filename'])) {
$filename = (string)basename($this->request->get['filename']);
} else {
$filename = '';
}
$file = DIR_LOGS . $filename;
if (!is_file($file)) {
$this->session->data['error'] = sprintf($this->language->get('error_file'), $filename);
$this->response->redirect($this->url->link('tool/log', 'user_token=' . $this->session->data['user_token'], true));
}
if (!filesize($file)) {
$this->session->data['error'] = sprintf($this->language->get('error_empty'), $filename);
$this->response->redirect($this->url->link('tool/log', 'user_token=' . $this->session->data['user_token'], true));
}
$this->response->addheader('Pragma: public');
$this->response->addheader('Expires: 0');
$this->response->addheader('Content-Description: File Transfer');
$this->response->addheader('Content-Type: application/octet-stream');
$this->response->addheader('Content-Disposition: attachment; filename="' . $this->config->get('config_name') . '_' . date('Y-m-d_H-i-s', time()) . '_error.log"');
$this->response->addheader('Content-Transfer-Encoding: binary');
$this->response->setOutput(file_get_contents($file, FILE_USE_INCLUDE_PATH, null));
}
/**
* @return void
*/
public function clear(): void {
$this->load->language('tool/log');
if (isset($this->request->get['filename'])) {
$filename = (string)$this->request->get['filename'];
} else {
$filename = '';
}
$json = [];
if (!$this->user->hasPermission('modify', 'tool/log')) {
$json['error'] = $this->language->get('error_permission');
}
$file = DIR_LOGS . $filename;
if (!is_file($file)) {
$json['error'] = sprintf($this->language->get('error_file'), $filename);
}
if (!$json) {
$handle = fopen($file, 'w+');
fclose($handle);
$json['success'] = $this->language->get('text_success');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
}

178
admininistrator/controller/tool/notification.php Normal file
View File

@ -0,0 +1,178 @@
<?php
namespace Opencart\Admin\Controller\Tool;
/**
* Class Notification
*
* @package Opencart\Admin\Controller\Tool
*/
class Notification extends \Opencart\System\Engine\Controller {
/**
* @return void
*/
public function index(): void {
$this->load->language('tool/notification');
$this->document->setTitle($this->language->get('heading_title'));
$data['breadcrumbs'] = [];
$data['breadcrumbs'][] = [
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
];
$data['breadcrumbs'][] = [
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('tool/notification', 'user_token=' . $this->session->data['user_token'])
];
$data['list'] = $this->getList();
$data['user_token'] = $this->session->data['user_token'];
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('tool/notification', $data));
}
/**
* @return void
*/
public function list(): void {
$this->load->language('tool/notification');
$this->response->setOutput($this->getList());
}
/**
* @return string
*/
public function getList(): string {
if (isset($this->request->get['page'])) {
$page = (int)$this->request->get['page'];
} else {
$page = 1;
}
$url = '';
if (isset($this->request->get['page'])) {
$url .= '&page=' . $this->request->get['page'];
}
$data['notifications'] = [];
$this->load->model('tool/notification');
$notification_total = $this->model_tool_notification->getTotalNotifications();
$filter_data = [
'start' => ($page - 1) * $this->config->get('config_pagination_admin'),
'limit' => $this->config->get('config_pagination_admin')
];
$results = $this->model_tool_notification->getNotifications($filter_data);
foreach ($results as $result) {
$second = time() - strtotime($result['date_added']);
$ranges = [
'second' => $second,
'minute' => floor($second / 60),
'hour' => floor($second / 3600),
'day' => floor($second / 86400),
'week' => floor($second / 604800),
'month' => floor($second / 2629743),
'year' => floor($second / 31556926)
];
foreach ($ranges as $range => $value) {
if ($value) {
$date_added = $value;
$code = $range . ($value > 1) ? 's' : '';
}
}
$data['notifications'][] = [
'notification_id' => $result['notification_id'],
'title' => $result['title'],
'status' => $result['status'],
'date_added' => sprintf($this->language->get('text_' . $code . '_ago'), $date_added),
'view' => $this->url->link('tool/notification.info', 'user_token=' . $this->session->data['user_token'] . '&notification_id=' . $result['notification_id'] . $url),
'delete' => $this->url->link('tool/notification.delete', 'user_token=' . $this->session->data['user_token'] . '&notification_id=' . $result['notification_id'] . $url)
];
}
$data['pagination'] = $this->load->controller('common/pagination', [
'total' => $notification_total,
'page' => $page,
'limit' => $this->config->get('config_pagination_admin'),
'url' => $this->url->link('tool/notification.list', 'user_token=' . $this->session->data['user_token'] . '&page={page}')
]);
$data['results'] = sprintf($this->language->get('text_pagination'), ($notification_total) ? (($page - 1) * $this->config->get('config_pagination_admin')) + 1 : 0, ((($page - 1) * $this->config->get('config_pagination_admin')) > ($notification_total - $this->config->get('config_pagination_admin'))) ? $notification_total : ((($page - 1) * $this->config->get('config_pagination_admin')) + $this->config->get('config_pagination_admin')), $notification_total, ceil($notification_total / $this->config->get('config_pagination_admin')));
return $this->load->view('tool/notification_list', $data);
}
/**
* @return void
*/
public function info(): void {
if (isset($this->request->get['notification_id'])) {
$notification_id = $this->request->get['notification_id'];
} else {
$notification_id = 0;
}
$this->load->model('tool/notification');
$notification_info = $this->model_tool_notification->getNotification($notification_id);
if ($notification_info) {
$this->load->language('tool/notification');
$data['title'] = $notification_info['title'];
$data['text'] = oc_bbcode_decode($notification_info['text']);
$this->model_tool_notification->editStatus($notification_id, 1);
$this->response->setOutput($this->load->view('tool/notification_info', $data));
}
}
/**
* @return void
*/
public function delete(): void {
$this->load->language('tool/notification');
$json = [];
if (isset($this->request->post['selected'])) {
$selected = $this->request->post['selected'];
} else {
$selected = [];
}
if (!$this->user->hasPermission('modify', 'tool/notification')) {
$json['error'] = $this->language->get('error_permission');
}
if (!$json) {
$this->load->model('tool/notification');
foreach ($selected as $notification_id) {
$this->model_tool_notification->deleteNotification($notification_id);
}
$json['success'] = $this->language->get('text_success');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
}

226
admininistrator/controller/tool/upgrade.php Normal file
View File

@ -0,0 +1,226 @@
<?php
/*
Upgrade Process
1. Check for latest version
2. Download a copy of the latest version
3. Add and replace the files with the ones from latest version
4. Redirect to upgrade page
*/
namespace Opencart\Admin\Controller\Tool;
/**
* Class Upgrade
*
* @package Opencart\Admin\Controller\Tool
*/
class Upgrade extends \Opencart\System\Engine\Controller {
/**
* @return void
*/
public function index(): void {
$this->load->language('tool/upgrade');
$this->document->setTitle($this->language->get('heading_title'));
$data['breadcrumbs'] = [];
$data['breadcrumbs'][] = [
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
];
$data['breadcrumbs'][] = [
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('tool/upgrade', 'user_token=' . $this->session->data['user_token'])
];
$data['current_version'] = VERSION;
$data['upgrade'] = false;
$curl = curl_init(OPENCART_SERVER . 'index.php?route=api/upgrade');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FORBID_REUSE, 1);
curl_setopt($curl, CURLOPT_FRESH_CONNECT, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
$response = curl_exec($curl);
curl_close($curl);
$response_info = json_decode($response, true);
if ($response_info) {
$data['latest_version'] = $response_info['version'];
$data['date_added'] = date($this->language->get('date_format_short'), strtotime($response_info['date_added']));
$data['log'] = nl2br($response_info['log']);
if (!version_compare(VERSION, $response_info['version'], '>=')) {
$data['upgrade'] = true;
}
} else {
$data['latest_version'] = '';
$data['date_added'] = '';
$data['log'] = '';
}
// For testing
//$data['latest_version'] = 'master';
$data['user_token'] = $this->session->data['user_token'];
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('tool/upgrade', $data));
}
/**
* @return void
*/
public function download(): void {
$this->load->language('tool/upgrade');
$json = [];
if (isset($this->request->get['version'])) {
$version = $this->request->get['version'];
} else {
$version = '';
}
if (!$this->user->hasPermission('modify', 'tool/upgrade')) {
$json['error'] = $this->language->get('error_permission');
}
if (version_compare($version, VERSION, '<')) {
$json['error'] = $this->language->get('error_version');
}
$file = DIR_DOWNLOAD . 'opencart-' . $version . '.zip';
$handle = fopen($file, 'w');
set_time_limit(0);
$curl = curl_init('https://github.com/opencart/opencart/archive/' . $version . '.zip');
curl_setopt($curl, CURLOPT_USERAGENT, 'OpenCart ' . VERSION);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_FORBID_REUSE, 1);
curl_setopt($curl, CURLOPT_FRESH_CONNECT, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 300);
curl_setopt($curl, CURLOPT_FILE, $handle);
curl_exec($curl);
fclose($handle);
$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);
if ($status != 200) {
$json['error'] = $this->language->get('error_download');
}
curl_close($curl);
if (!$json) {
$json['text'] = $this->language->get('text_install');
$json['next'] = $this->url->link('tool/upgrade.install', 'user_token=' . $this->session->data['user_token'] . '&version=' . $version, true);
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
/**
* @return void
*/
public function install(): void {
$this->load->language('tool/upgrade');
$json = [];
if (isset($this->request->get['version'])) {
$version = $this->request->get['version'];
} else {
$version = '';
}
if (!$this->user->hasPermission('modify', 'tool/upgrade')) {
$json['error'] = $this->language->get('error_permission');
}
$file = DIR_DOWNLOAD . 'opencart-' . $version . '.zip';
if (!is_file($file)) {
$json['error'] = $this->language->get('error_file');
}
if (!$json) {
// Unzip the files
$zip = new \ZipArchive();
if ($zip->open($file, \ZipArchive::RDONLY)) {
$remove = 'opencart-' . $version . '/upload/';
// Check if any of the files already exist.
for ($i = 0; $i < $zip->numFiles; $i++) {
$source = $zip->getNameIndex($i);
if (substr($source, 0, strlen($remove)) == $remove) {
// Only extract the contents of the upload folder
$destination = str_replace('\\', '/', substr($source, strlen($remove)));
if (substr($destination, 0, 8) == 'install/') {
// Default copy location
$path = '';
// Must not have a path before files and directories can be moved
$directories = explode('/', dirname($destination));
foreach ($directories as $directory) {
if (!$path) {
$path = $directory;
} else {
$path = $path . '/' . $directory;
}
if (!is_dir(DIR_OPENCART . $path) && !@mkdir(DIR_OPENCART . $path, 0777)) {
$json['error'] = sprintf($this->language->get('error_directory'), $path);
}
}
// Check if the path is not directory and check there is no existing file
if (substr($destination, -1) != '/') {
if (is_file(DIR_OPENCART . $destination)) {
unlink(DIR_OPENCART . $destination);
}
if (!copy('zip://' . $file . '#' . $source, DIR_OPENCART . $destination)) {
$json['error'] = sprintf($this->language->get('error_copy'), $source, $destination);
}
}
}
}
}
$zip->close();
$json['text'] = $this->language->get('text_patch');
$json['next'] = HTTP_CATALOG . 'install/index.php?route=upgrade/upgrade_1&version=' . $version . '&admin=' . rtrim(substr(DIR_APPLICATION, strlen(DIR_OPENCART), -1));
} else {
$json['error'] = $this->language->get('error_unzip');
}
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
}

412
admininistrator/controller/tool/upload.php Normal file
View File

@ -0,0 +1,412 @@
<?php
namespace Opencart\Admin\Controller\Tool;
/**
* Class Upload
*
* @package Opencart\Admin\Controller\Tool
*/
class Upload extends \Opencart\System\Engine\Controller {
/**
* @return void
*/
public function index(): void {
$this->load->language('tool/upload');
$this->document->setTitle($this->language->get('heading_title'));
$url = '';
if (isset($this->request->get['sort'])) {
$url .= '&sort=' . $this->request->get['sort'];
}
if (isset($this->request->get['order'])) {
$url .= '&order=' . $this->request->get['order'];
}
if (isset($this->request->get['page'])) {
$url .= '&page=' . $this->request->get['page'];
}
$data['breadcrumbs'] = [];
$data['breadcrumbs'][] = [
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
];
$data['breadcrumbs'][] = [
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('tool/upload', 'user_token=' . $this->session->data['user_token'] . $url)
];
$data['add'] = $this->url->link('tool/upload.form', 'user_token=' . $this->session->data['user_token'] . $url);
$data['delete'] = $this->url->link('tool/upload.delete', 'user_token=' . $this->session->data['user_token']);
$data['list'] = $this->getList();
$data['user_token'] = $this->session->data['user_token'];
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('tool/upload', $data));
}
/**
* @return void
*/
public function list(): void {
$this->load->language('tool/upload');
$this->response->setOutput($this->getList());
}
/**
* @return string
*/
protected function getList(): string {
if (isset($this->request->get['filter_name'])) {
$filter_name = $this->request->get['filter_name'];
} else {
$filter_name = '';
}
if (isset($this->request->get['filter_date_from'])) {
$filter_date_from = $this->request->get['filter_date_from'];
} else {
$filter_date_from = '';
}
if (isset($this->request->get['filter_date_to'])) {
$filter_date_to = $this->request->get['filter_date_to'];
} else {
$filter_date_to = '';
}
if (isset($this->request->get['sort'])) {
$sort = (string)$this->request->get['sort'];
} else {
$sort = 'date_added';
}
if (isset($this->request->get['order'])) {
$order = (string)$this->request->get['order'];
} else {
$order = 'DESC';
}
if (isset($this->request->get['page'])) {
$page = (int)$this->request->get['page'];
} else {
$page = 1;
}
$url = '';
if (isset($this->request->get['filter_name'])) {
$url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
}
if (isset($this->request->get['filter_date_from'])) {
$url .= '&filter_date_from=' . $this->request->get['filter_date_from'];
}
if (isset($this->request->get['filter_date_to'])) {
$url .= '&filter_date_to=' . $this->request->get['filter_date_to'];
}
if (isset($this->request->get['sort'])) {
$url .= '&sort=' . $this->request->get['sort'];
}
if (isset($this->request->get['order'])) {
$url .= '&order=' . $this->request->get['order'];
}
if (isset($this->request->get['page'])) {
$url .= '&page=' . $this->request->get['page'];
}
$data['action'] = $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . $url);
$data['uploads'] = [];
$filter_data = [
'filter_name' => $filter_name,
'filter_date_from' => $filter_date_from,
'filter_date_to' => $filter_date_to,
'sort' => $sort,
'order' => $order,
'start' => ($page - 1) * $this->config->get('config_pagination_admin'),
'limit' => $this->config->get('config_pagination_admin')
];
$this->load->model('tool/upload');
$upload_total = $this->model_tool_upload->getTotalUploads($filter_data);
$results = $this->model_tool_upload->getUploads($filter_data);
foreach ($results as $result) {
$data['uploads'][] = [
'upload_id' => $result['upload_id'],
'name' => $result['name'],
'code' => $result['code'],
'date_added' => date($this->language->get('date_format_short'), strtotime($result['date_added'])),
'download' => $this->url->link('tool/upload.download', 'user_token=' . $this->session->data['user_token'] . '&code=' . $result['code'] . $url)
];
}
$url = '';
if (isset($this->request->get['filter_name'])) {
$url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
}
if (isset($this->request->get['filter_date_from'])) {
$url .= '&filter_date_from=' . $this->request->get['filter_date_from'];
}
if (isset($this->request->get['filter_date_to'])) {
$url .= '&filter_date_to=' . $this->request->get['filter_date_to'];
}
if ($order == 'ASC') {
$url .= '&order=DESC';
} else {
$url .= '&order=ASC';
}
if (isset($this->request->get['page'])) {
$url .= '&page=' . $this->request->get['page'];
}
$data['sort_name'] = $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . '&sort=name' . $url);
$data['sort_code'] = $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . '&sort=code' . $url);
$data['sort_date_added'] = $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . '&sort=date_added' . $url);
$url = '';
if (isset($this->request->get['filter_name'])) {
$url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8'));
}
if (isset($this->request->get['filter_date_from'])) {
$url .= '&filter_date_from=' . $this->request->get['filter_date_from'];
}
if (isset($this->request->get['filter_date_to'])) {
$url .= '&filter_date_to=' . $this->request->get['filter_date_to'];
}
if (isset($this->request->get['sort'])) {
$url .= '&sort=' . $this->request->get['sort'];
}
if (isset($this->request->get['order'])) {
$url .= '&order=' . $this->request->get['order'];
}
$data['pagination'] = $this->load->controller('common/pagination', [
'total' => $upload_total,
'page' => $page,
'limit' => $this->config->get('config_pagination_admin'),
'url' => $this->url->link('tool/upload.list', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}')
]);
$data['results'] = sprintf($this->language->get('text_pagination'), ($upload_total) ? (($page - 1) * $this->config->get('config_pagination_admin')) + 1 : 0, ((($page - 1) * $this->config->get('config_pagination_admin')) > ($upload_total - $this->config->get('config_pagination_admin'))) ? $upload_total : ((($page - 1) * $this->config->get('config_pagination_admin')) + $this->config->get('config_pagination_admin')), $upload_total, ceil($upload_total / $this->config->get('config_pagination_admin')));
$data['filter_name'] = $filter_name;
$data['filter_date_from'] = $filter_date_from;
$data['filter_date_to'] = $filter_date_to;
$data['sort'] = $sort;
$data['order'] = $order;
return $this->load->view('tool/upload_list', $data);
}
/**
* @return void
*/
public function delete(): void {
$this->load->language('tool/upload');
$json = [];
if (isset($this->request->post['selected'])) {
$selected = $this->request->post['selected'];
} else {
$selected = [];
}
if (!$this->user->hasPermission('modify', 'tool/upload')) {
$json['error'] = $this->language->get('error_permission');
}
if (!$json) {
$this->load->model('tool/upload');
foreach ($selected as $upload_id) {
// Remove file before deleting DB record.
$upload_info = $this->model_tool_upload->getUpload($upload_id);
if ($upload_info && is_file(DIR_UPLOAD . $upload_info['filename'])) {
unlink(DIR_UPLOAD . $upload_info['filename']);
}
$this->model_tool_upload->deleteUpload($upload_id);
}
$json['success'] = $this->language->get('text_success');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
/**
* @return void
*/
public function download(): void {
$this->load->language('tool/upload');
if (isset($this->request->get['code'])) {
$code = $this->request->get['code'];
} else {
$code = '';
}
$this->load->model('tool/upload');
$upload_info = $this->model_tool_upload->getUploadByCode($code);
if ($upload_info) {
$file = DIR_UPLOAD . $upload_info['filename'];
$mask = basename($upload_info['name']);
if (!headers_sent()) {
if (is_file($file)) {
header('Content-Type: application/octet-stream');
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename="' . ($mask ? $mask : basename($file)) . '"');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file, 'rb');
exit;
} else {
exit(sprintf($this->language->get('error_not_found'), basename($file)));
}
} else {
exit($this->language->get('error_headers_sent'));
}
} else {
$this->load->language('error/not_found');
$this->document->setTitle($this->language->get('heading_title'));
$data['breadcrumbs'] = [];
$data['breadcrumbs'][] = [
'text' => $this->language->get('text_home'),
'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'])
];
$data['breadcrumbs'][] = [
'text' => $this->language->get('heading_title'),
'href' => $this->url->link('error/not_found', 'user_token=' . $this->session->data['user_token'])
];
$data['header'] = $this->load->controller('common/header');
$data['column_left'] = $this->load->controller('common/column_left');
$data['footer'] = $this->load->controller('common/footer');
$this->response->setOutput($this->load->view('error/not_found', $data));
}
}
/**
* @return void
*/
public function upload(): void {
$this->load->language('tool/upload');
$json = [];
// Check user has permission
if (!$this->user->hasPermission('modify', 'tool/upload')) {
$json['error'] = $this->language->get('error_permission');
}
if (empty($this->request->files['file']['name']) || !is_file($this->request->files['file']['tmp_name'])) {
$json['error'] = $this->language->get('error_upload');
}
if (!$json) {
// Sanitize the filename
$filename = basename(html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8'));
// Validate the filename length
if ((oc_strlen($filename) < 3) || (oc_strlen($filename) > 128)) {
$json['error'] = $this->language->get('error_filename');
}
// Allowed file extension types
$allowed = [];
$extension_allowed = preg_replace('~\r?\n~', "\n", $this->config->get('config_file_ext_allowed'));
$filetypes = explode("\n", $extension_allowed);
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array(strtolower(substr(strrchr($filename, '.'), 1)), $allowed)) {
$json['error'] = $this->language->get('error_file_type');
}
// Allowed file mime types
$allowed = [];
$mime_allowed = preg_replace('~\r?\n~', "\n", $this->config->get('config_file_mime_allowed'));
$filetypes = explode("\n", $mime_allowed);
foreach ($filetypes as $filetype) {
$allowed[] = trim($filetype);
}
if (!in_array($this->request->files['file']['type'], $allowed)) {
$json['error'] = $this->language->get('error_file_type');
}
// Return any upload error
if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) {
$json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']);
}
}
if (!$json) {
$file = $filename . '.' . oc_token(32);
move_uploaded_file($this->request->files['file']['tmp_name'], DIR_UPLOAD . $file);
// Hide the uploaded file name so people cannot link to it directly.
$this->load->model('tool/upload');
$json['code'] = $this->model_tool_upload->addUpload($filename, $file);
$json['success'] = $this->language->get('text_success');
}
$this->response->addHeader('Content-Type: application/json');
$this->response->setOutput(json_encode($json));
}
}