2008-09-24 21:56:11 +00:00
< ?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website : http :// www . sfiab . ca
Copyright ( C ) 2008 James Grant < james @ lightbox . org >
This program is free software ; you can redistribute it and / or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation , version 2.
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the GNU
General Public License for more details .
You should have received a copy of the GNU General Public License
along with this program ; see the file COPYING . If not , write to
the Free Software Foundation , Inc . , 59 Temple Place - Suite 330 ,
Boston , MA 02111 - 1307 , USA .
*/
?>
< ?
require ( " ../common.inc.php " );
require_once ( " ../user.inc.php " );
user_auth_required ( 'committee' , 'config' );
//make sure backup/restore folder exists, and htaccess it to deny access
if ( ! file_exists ( " ../data/backuprestore " ))
mkdir ( " ../data/backuprestore " );
if ( ! file_exists ( " ../data/backuprestore/.htaccess " ))
file_put_contents ( " ../data/backuprestore/.htaccess " , " Order Deny,Allow \r \n Deny From All \r \n " );
2024-12-17 01:34:35 -05:00
if ( get_value_from_array ( $_GET , 'action' , " backup " )) {
2008-09-24 21:56:11 +00:00
$ts = time ();
$dump = " #SFIAB SQL BACKUP: " . date ( " r " , $ts ) . " \n " ;
$dump .= " #SFIAB VERSION: " . $config [ 'version' ] . " \n " ;
$dump .= " #SFIAB DB VERSION: " . $config [ 'DBVERSION' ] . " \n " ;
$dump .= " #SFIAB FAIR NAME: " . $config [ 'fairname' ] . " \n " ;
$dump .= " #------------------------------------------------- \n " ;
2024-12-10 19:40:23 -05:00
$tableq = $pdo -> prepare ( " SHOW TABLES FROM ` $DBNAME ` " );
$tableq -> execute ();
while ( $tr = $tableq -> fetch ( PDO :: FETCH_NUM )) {
2008-09-24 21:56:11 +00:00
$table = $tr [ 0 ];
$dump .= " #TABLE: $table\n " ;
2024-12-10 19:40:23 -05:00
$columnq = $pdo -> prepare ( " SHOW COLUMNS FROM ` $table ` " );
$columnq -> execute ();
2008-09-24 21:56:11 +00:00
$str = " INSERT INTO ` $table ` ( " ;
unset ( $fields );
$fields = array ();
2024-12-17 01:34:35 -05:00
while ( $cr = $columnq -> fetch ( PDO :: FETCH_OBJ )) {
2008-09-24 21:56:11 +00:00
$str .= " ` " . $cr -> Field . " `, " ;
$fields [] = $cr -> Field ;
}
$str = substr ( $str , 0 , - 1 );
$str .= " ) VALUES ( " ;
2024-12-10 19:40:23 -05:00
$dataq = $pdo -> prepare ( " SELECT * FROM ` $table ` ORDER BY ` { $fields [ 0 ] } ` " );
$dataq -> execute ();
while ( $data = $dataq -> fetch ( PDO :: FETCH_OBJ )) {
2008-09-24 21:56:11 +00:00
$insertstr = $str ;
foreach ( $fields AS $field ) {
if ( is_null ( $data -> $field ))
$insertstr .= " NULL, " ;
else
{
$escaped = str_replace ( " \\ " , " \\ \\ " , $data -> $field );
$escaped = str_replace ( " ' " , " '' " , $escaped );
$escaped = str_replace ( " \n " , " \\ n " , $escaped );
$escaped = str_replace ( " \r " , " \\ r " , $escaped );
$insertstr .= " ' " . $escaped . " ', " ;
}
}
$insertstr = substr ( $insertstr , 0 , - 1 );
$insertstr .= " ); " ;
$dump .= $insertstr . " \n " ;
}
}
header ( " Content-Type: text/sql " );
header ( " Content-Disposition: attachment; filename=sfiab_backup_ " . date ( " Y-m-d-H-i-s " , $ts ) . " .sql " );
header ( " Content-Length: " . strlen ( $dump ));
2009-09-09 00:26:12 +00:00
//Make IE with SSL work
header ( " Pragma: public " );
2008-09-24 21:56:11 +00:00
echo $dump ;
}
2015-05-06 16:55:46 +00:00
2008-09-24 21:56:11 +00:00
else if ( $_POST [ 'action' ] == " restore " ) {
echo send_header ( " Database Backup/Restore " ,
array ( 'Committee Main' => 'committee_main.php' ,
'SFIAB Configuration' => 'config/index.php' )
, " backup_restore "
);
echo i18n ( " Processing file: %1 " , array ( $_FILES [ 'restore' ][ 'name' ])) . " <br /> \n " ;
echo " <br /> \n " ;
do {
//hmm just some random filename
$tmpfilename = md5 ( rand () . time () . $_FILES [ 'restore' ][ 'name' ]);
} while ( file_exists ( " ../data/backuprestore/ $tmpfilename " ));
move_uploaded_file ( $_FILES [ 'restore' ][ 'tmp_name' ], " ../data/backuprestore/ $tmpfilename " );
$fp = fopen ( " ../data/backuprestore/ $tmpfilename " , " r " );
for ( $x = 0 ; $x < 4 ; $x ++ ) {
$line = fgets ( $fp , 1024 );
$hdr [ $x ] = split ( " : " , trim ( $line ), 2 );
}
fclose ( $fp );
if ( trim ( $hdr [ 0 ][ 0 ]) == " #SFIAB SQL BACKUP " ) {
echo " <table class= \" tableview \" > \n " ;
$now = date ( " r " );
echo " <tr><th> " . i18n ( " Information " ) . " </th><th> " . i18n ( " Restore File " ) . " </th><th> " . i18n ( " Live System " ) . " </th></tr> \n " ;
if ( trim ( $hdr [ 0 ][ 1 ]) < trim ( $now )) $cl = " happy " ; else { $cl = " error " ; $err = true ; }
echo " <tr class= \" $cl\ " >< td > " .i18n( " Date / Time " ). " </ td >< td > " . $hdr[0] [1]. " </ td >< td > $now </ td ></ tr > \n " ;
if ( version_compare ( trim ( $hdr [ 1 ][ 1 ]), $config [ 'version' ]) == 0 ) $cl = " happy " ; else { $cl = " error " ; $err = true ; }
echo " <tr class= \" $cl\ " >< td > " .i18n( " SFIAB Version " ). " </ td >< td > " . $hdr[1] [1]. " </ td >< td > " . $config['version'] . " </ td ></ tr > \n " ;
if ( version_compare ( trim ( $hdr [ 2 ][ 1 ]), $config [ 'DBVERSION' ]) == 0 ) $cl = " happy " ; else { $cl = " error " ; $err = true ; }
echo " <tr class= \" $cl\ " >< td > " .i18n( " Database Version " ). " </ td >< td > " . $hdr[2] [1]. " </ td >< td > " . $config['DBVERSION'] . " </ td ></ tr > \n " ;
if ( trim ( $hdr [ 3 ][ 1 ]) == $config [ 'fairname' ]) $cl = " happy " ; else { $cl = " error " ; $err = true ; }
echo " <tr class= \" $cl\ " >< td > " .i18n( " Fair Name " ). " </ td >< td > " . $hdr[3] [1]. " </ td >< td > " . $config['fairname'] . " </ td ></ tr > \n " ;
echo " </table> \n " ;
echo " <br /> \n " ;
if ( $err ) {
echo error ( i18n ( " Warning, there are discrepencies between the restore file and your current live system. Proceed at your own risk! " ));
}
echo " <form method= \" post \" action= \" backuprestore.php \" > \n " ;
echo " <input type= \" hidden \" name= \" action \" value= \" restoreproceed \" > \n " ;
echo " <input type= \" hidden \" name= \" filename \" value= \" " . $_FILES [ 'restore' ][ 'name' ] . " \" > \n " ;
echo " <input type= \" hidden \" name= \" realfilename \" value= \" $tmpfilename\ " > \n " ;
echo " <input type= \" submit \" value= \" " . i18n ( " Proceed with Database Restore " ) . " \" > " ;
echo " </form> \n " ;
echo " <br /> \n " ;
echo " <a href= \" backuprestore.php \" > " ;
echo i18n ( " If you are not going to proceed, please click here to clean up the temporary files which may contain confidential information! " );
echo " </a> \n " ;
}
else
{
echo error ( i18n ( " This file is NOT a SFIAB SQL BACKUP file " ));
echo i18n ( " Only backups created with the SFIAB Backup Creator can be used to restore from. " );
echo " <br /> \n " ;
}
send_footer ();
}
else if ( $_POST [ 'action' ] == " restoreproceed " ) {
echo send_header ( " Database Backup/Restore " ,
array ( 'Committee Main' => 'committee_main.php' ,
'SFIAB Configuration' => 'config/index.php' )
, " backup_restore "
);
//make sure the filename's good before we used it
2024-11-25 18:06:33 -05:00
if ( mb_ereg ( " ^[a-z0-9] { 32} $ " , $_POST [ 'realfilename' ]) && file_exists ( " ../data/backuprestore/ " . $_POST [ 'realfilename' ])) {
2008-09-24 21:56:11 +00:00
$filename = $_POST [ 'realfilename' ];
echo i18n ( " Proceeding with database restore from %1 " , array ( $_POST [ 'filename' ])) . " ... " ;
$lines = file ( " ../data/backuprestore/ $filename " );
$err = false ;
echo " <pre> " ;
foreach ( $lines AS $line ) {
$line = trim ( $line );
2024-11-25 18:06:33 -05:00
if ( mb_ereg ( " ^#TABLE: (.*) " , $line , $args )) {
2008-09-24 21:56:11 +00:00
//empty out the table
$sql = " TRUNCATE TABLE ` " . $args [ 1 ] . " ` " ;
// echo $sql."\n";
2024-12-10 19:40:23 -05:00
$stmt = $pdo -> prepare ( $sql );
$stmt -> execute ();
}
2024-11-25 18:06:33 -05:00
else if ( mb_ereg ( " ^# " , $line )) {
2008-09-24 21:56:11 +00:00
//just skip it
}
else
{
//insert the new data
2024-12-10 19:40:23 -05:00
$stmt = $pdo -> prepare ( $line );
$stmt -> execute ();
if ( $pdo -> errorInfo ()) {
2008-09-24 21:56:11 +00:00
echo $line . " \n " ;
2024-12-10 19:40:23 -05:00
echo $pdo -> errorInfo () . " \n " ;
2008-09-24 21:56:11 +00:00
$err = true ;
}
}
}
echo " </pre> " ;
if ( $err ) {
echo error ( i18n ( " An error occured while importing the restore database " ));
}
else
echo happy ( i18n ( " Database successfully restored " ));
unlink ( " ../data/backuprestore/ $filename " );
}
else
echo error ( i18n ( " Invalid filename " ));
send_footer ();
}
2015-05-06 16:55:46 +00:00
else if ( $_POST [ 'action' ] == 'clean_judges' ) {
//select all judges
2024-12-10 19:40:23 -05:00
$query = $pdo -> prepare ( 'SELECT * FROM users WHERE types LIKE "judge"' );
$query -> execute ();
echo $pdo -> errorInfo ();
2015-05-06 16:55:46 +00:00
// Go through each judge and test:
2024-12-10 19:40:23 -05:00
while ( $judge = $query -> fetch ( PDO :: FETCH_ASSOC )){
2015-05-06 16:55:46 +00:00
//if they are deleted
if ( $judge [ 'deleted' ] == 'yes' ) {
// Make types an array if it isn't already. Allows user_purge function to work properly
if ( ! is_array ( $judge [ 'types' ])){
$judge [ 'types' ] = array ( $judge [ 'types' ]);
}
user_purge ( $judge , 'judge' );
}
else {
// Find max year of judge
2024-12-10 19:40:23 -05:00
$max_year_query = $pdo -> prepare ( 'SELECT year FROM users WHERE uid = ' . $judge [ 'uid' ] . ' ORDER BY year DESC limit 1' );
$max_year_query -> execute ();
$judge_max_year = $max_year_query -> fetch ( PDO :: FETCH_ASSOC );
2015-05-06 16:55:46 +00:00
// Grab old judge info.
// Old judge info consists of all entries in the database that are not the most recent for the specific judge
2024-12-10 19:40:23 -05:00
$deletable = $pdo -> prepare ( 'SELECT * FROM users WHERE uid =' . $judge [ 'uid' ] . ' AND year NOT LIKE ' . $judge_max_year [ 'year' ]);
$deletable -> execute ();
2015-05-06 16:55:46 +00:00
// and if they have old data from previous fair years
2024-12-10 19:40:23 -05:00
if ( $deletable -> rowCount () > 0 ){
2015-05-06 16:55:46 +00:00
// delete old data one by one
2024-12-10 19:40:23 -05:00
while ( $old_judge_data = $deletable -> fetch ( PDO :: FETCH_ASSOC )){
2015-05-06 16:55:46 +00:00
if ( ! is_array ( $old_judge_data [ 'type' ])){
$old_judge_data [ 'types' ] = array ( $old_judge_data [ 'types' ]);
}
user_purge ( $old_judge_data , 'judge' );
}
}
}
}
echo send_header ( " Database Backup/Restore " ,
array ( 'Committee Main' => 'committee_main.php' ,
'SFIAB Configuration' => 'config/index.php' )
, " backup_restore "
);
2024-12-10 19:40:23 -05:00
$stmt = $pdo -> prepare ( " OPTIMIZE TABLE users, users_judge " );
$stmt -> execute ();
2015-05-06 16:55:46 +00:00
2024-12-10 19:40:23 -05:00
$str = $pdo -> errorInfo ();
2015-05-06 16:55:46 +00:00
echo $str ;
if ( $str == '' )
echo happy ( i18n ( " Old judge data purged. " ));
else {
error ( i18n ( $str ));}
}
else if ( $_POST [ 'action' ] == 'clean_parents' ) {
2024-12-10 19:40:23 -05:00
$query_parents = $pdo -> prepare ( 'SELECT * FROM users WHERE types LIKE "parent" AND year !=' . $config [ 'FAIRYEAR' ]);
$query_parents -> execute ();
while ( $parent = $query_parents -> fetch ( PDO :: FETCH_ASSOC )){
2015-05-06 16:55:46 +00:00
if ( ! is_array ( $parent [ 'types' ])){
$parent [ 'types' ] = array ( $parent [ 'types' ]);
}
user_purge ( $parent , 'parent' );
}
echo send_header ( " Database Backup/Restore " ,
array ( 'Committee Main' => 'committee_main.php' ,
'SFIAB Configuration' => 'config/index.php' )
, " backup_restore "
);
2024-12-10 19:40:23 -05:00
$stmt = $pdo -> prepare ( " OPTIMIZE TABLE users, users_parent " );
$stmt -> execute ();
2015-05-06 16:55:46 +00:00
2024-12-10 19:40:23 -05:00
$str = $pdo -> errorInfo ();
2015-05-06 16:55:46 +00:00
echo $str ;
if ( $str == '' )
echo happy ( i18n ( " Old parent data purged. " ));
else {
error ( i18n ( $str ));}
}
2008-09-24 21:56:11 +00:00
else
{
echo send_header ( " Database Backup/Restore " ,
array ( 'Committee Main' => 'committee_main.php' ,
'SFIAB Configuration' => 'config/index.php' )
, " backup_restore "
);
//we try to remove temp files every time we load this page, who knows, maybe they navigated away
//last time instead of clicking the link to come back here
$dh = opendir ( " ../data/backuprestore " );
$removed = false ;
while ( $fn = readdir ( $dh )) {
2024-11-25 18:06:33 -05:00
if ( mb_ereg ( " [a-z0-9] { 32} " , $fn )) {
2008-09-24 21:56:11 +00:00
unlink ( " ../data/backuprestore/ $fn " );
$removed = true ;
}
}
closedir ( $dh );
if ( $removed ) {
echo happy ( i18n ( " Temporary files successfully removed " ));
}
echo " <h3> " . i18n ( " Backup Database " ) . " </h3> \n " ;
echo " <a href= \" backuprestore.php?action=backup \" > " . i18n ( " Create Database Backup File " ) . " </a><br /> \n " ;
echo " <br /><br /> \n " ;
echo " <hr /> \n " ;
echo " <h3> " . i18n ( " Restore Database " ) . " </h3> \n " ;
2008-10-06 19:09:00 +00:00
echo error ( i18n ( " WARNING: Importing a backup will completely DESTROY all data currently in the database and replace it with what is in the backup file " ));
2008-09-24 21:56:11 +00:00
echo " <form method= \" post \" action= \" backuprestore.php \" enctype= \" multipart/form-data \" > \n " ;
echo " <input type= \" hidden \" name= \" action \" value= \" restore \" > \n " ;
echo " <input type= \" file \" name= \" restore \" > \n " ;
2008-10-06 19:09:00 +00:00
echo " <input type= \" submit \" value= \" " . i18n ( " Upload Restore File " ) . " \" > \n " ;
2008-09-24 21:56:11 +00:00
echo " </form> \n " ;
2015-05-06 16:55:46 +00:00
echo " <br> " ;
echo " <h3> " . i18n ( " Clean Database " ) . " </h3> \n " ;
echo error ( i18n ( " WARNING: Cleaning the database COMPLETELY DELETES old data on users " ));
echo " <font size = 4 color= \" red \" > RECOMMENDED: Backup database before using the below buttons</font><br><br> " ;
echo " <font color= \" red \" > Remove Old Judge Data <ul> <li> All information about who has judged in past fairs will be lost
< li > All deleted judges will be purged from the system </ ul ></ font > " ;
echo " <br><font color= \" red \" > Remove Old Emergency Contact / Parent Data<ul> <li> All parent information or other emergency contact information from all previous fair years will be purged from the system
< li > It will no longer be possible to email any emergency contacts from previous fair years once the button is clicked </ ul ></ font >< br > " ;
echo " <table> " ;
echo " <tr><td style = \" width: 46% \" > " ;
echo " <form method= \" post \" action= \" backuprestore.php \" enctype= \" multipart/form-data \" > \n " ;
echo " <input type= \" hidden \" name= \" action \" value= \" clean_judges \" > \n " ;
echo " <input type= \" submit \" onClick= \" return confirmClick('Are you sure you wish to purge old judge data?') \" value= \" " . i18n ( " Remove Old Judge Data " ) . " \" > \n " ;
echo " </form> " ;
echo " </td><td> " ;
echo " <form method= \" post \" action= \" backuprestore.php \" enctype= \" multipart/form-data \" > \n " ;
echo " <input type= \" hidden \" name= \" action \" value= \" clean_parents \" > \n " ;
echo " <input type= \" submit \" onClick= \" return confirmClick('Are you sure you wish to purge old parent data?') \" value= \" " . i18n ( " Remove Old Emergency Contact / Parent Data " ) . " \" > \n " ;
echo " </form> " ;
2008-09-24 21:56:11 +00:00
send_footer ();
}
?>