HOR-2917
This commit is contained in:
Roly Rudy Gutierrez Pinto
@@ -399,32 +399,88 @@ class DataBaseMaintenance
|
|||||||
*/
|
*/
|
||||||
function backupDataBase ($outfile)
|
function backupDataBase ($outfile)
|
||||||
{
|
{
|
||||||
|
$password = escapeshellarg($this->passwd);
|
||||||
|
|
||||||
|
//On Windows, escapeshellarg() instead replaces percent signs, exclamation
|
||||||
|
//marks (delayed variable substitution) and double quotes with spaces and
|
||||||
|
//adds double quotes around the string.
|
||||||
|
//See: http://php.net/manual/en/function.escapeshellarg.php
|
||||||
|
if (PATH_SEP !== "/") {
|
||||||
|
$password = $this->escapeshellargCustom($this->passwd);
|
||||||
|
}
|
||||||
$aHost = explode(':', $this->host);
|
$aHost = explode(':', $this->host);
|
||||||
$dbHost = $aHost[0];
|
$dbHost = $aHost[0];
|
||||||
if (isset($aHost[1])) {
|
if (isset($aHost[1])) {
|
||||||
$dbPort = $aHost[1];
|
$dbPort = $aHost[1];
|
||||||
$command = 'mysqldump'
|
$command = 'mysqldump'
|
||||||
. ' --user=' . $this->user
|
. ' --user=' . $this->user
|
||||||
. ' --password=' . escapeshellarg($this->passwd)
|
. ' --password=' . $password
|
||||||
. ' --host=' . $dbHost
|
. ' --host=' . $dbHost
|
||||||
. ' --port=' . $dbPort
|
. ' --port=' . $dbPort
|
||||||
. ' --opt'
|
. ' --opt'
|
||||||
. ' --skip-comments'
|
. ' --skip-comments'
|
||||||
. ' ' . $this->dbName
|
. ' ' . $this->dbName
|
||||||
. ' > ' . $outfile;
|
. ' > ' . $outfile;
|
||||||
} else {
|
} else {
|
||||||
$command = 'mysqldump'
|
$command = 'mysqldump'
|
||||||
. ' --host=' . $dbHost
|
. ' --host=' . $dbHost
|
||||||
. ' --user=' . $this->user
|
. ' --user=' . $this->user
|
||||||
. ' --opt'
|
. ' --opt'
|
||||||
. ' --skip-comments'
|
. ' --skip-comments'
|
||||||
. ' --password=' . escapeshellarg($this->passwd)
|
. ' --password=' . $password
|
||||||
. ' ' . $this->dbName
|
. ' ' . $this->dbName
|
||||||
. ' > ' . $outfile;
|
. ' > ' . $outfile;
|
||||||
}
|
}
|
||||||
shell_exec($command);
|
shell_exec($command);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* string escapeshellargCustom ( string $arg , character $quotes)
|
||||||
|
*
|
||||||
|
* escapeshellarg() adds single quotes around a string and quotes/escapes any
|
||||||
|
* existing single quotes allowing you to pass a string directly to a shell
|
||||||
|
* function and having it be treated as a single safe argument. This function
|
||||||
|
* should be used to escape individual arguments to shell functions coming
|
||||||
|
* from user input. The shell functions include exec(), system() and the
|
||||||
|
* backtick operator.
|
||||||
|
*
|
||||||
|
* On Windows, escapeshellarg() instead replaces percent signs, exclamation
|
||||||
|
* marks (delayed variable substitution) and double quotes with spaces and
|
||||||
|
* adds double quotes around the string.
|
||||||
|
*/
|
||||||
|
private function escapeshellargCustom($string, $quotes = "")
|
||||||
|
{
|
||||||
|
if ($quotes === "") {
|
||||||
|
$quotes = PHP_OS == "WINNT" ? "\"" : "'";
|
||||||
|
}
|
||||||
|
$n = strlen($string);
|
||||||
|
$especial = ["!", "%", "\""];
|
||||||
|
$substring = "";
|
||||||
|
$result1 = [];
|
||||||
|
$result2 = [];
|
||||||
|
for ($i = 0; $i < $n; $i++) {
|
||||||
|
if (in_array($string[$i], $especial, true)) {
|
||||||
|
$result2[] = $string[$i];
|
||||||
|
$result1[] = $substring;
|
||||||
|
$substring = "";
|
||||||
|
} else {
|
||||||
|
$substring = $substring . $string[$i];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$result1[] = $substring;
|
||||||
|
//Rebuild the password string
|
||||||
|
$n = count($result1);
|
||||||
|
for ($i = 0; $i < $n; $i++) {
|
||||||
|
$result1[$i] = trim(escapeshellarg($result1[$i]), $quotes);
|
||||||
|
if (isset($result2[$i])) {
|
||||||
|
$result1[$i] = $result1[$i] . $result2[$i];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
//add simple quotes, see escapeshellarg function
|
||||||
|
$newString = $quotes . implode("", $result1) . $quotes;
|
||||||
|
return $newString;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* restoreFromSql
|
* restoreFromSql
|
||||||
*
|
*
|
||||||
|
|||||||
@@ -26,27 +26,19 @@ class p11835 extends patch
|
|||||||
*/
|
*/
|
||||||
static public function isApplicable()
|
static public function isApplicable()
|
||||||
{
|
{
|
||||||
if (!class_exists('System')) {
|
if (! class_exists('System')) {
|
||||||
G::LoadClass("System");
|
G::LoadClass("System");
|
||||||
}
|
}
|
||||||
|
|
||||||
patch::$isPathchable = false;
|
patch::$isPathchable = false;
|
||||||
$con = Propel::getConnection("workflow");
|
$con = Propel::getConnection("workflow");
|
||||||
$stmt = $con->prepareStatement("SHOW TABLES LIKE 'TASK'");
|
$stmt = $con->prepareStatement("describe TASK;");
|
||||||
$rs = $stmt->executeQuery();
|
$rs = $stmt->executeQuery();
|
||||||
$rs->next();
|
$rs->next();
|
||||||
$row = $rs->getRow();
|
while($row = $rs->getRow()) {
|
||||||
if (empty($row) === true) {
|
|
||||||
return patch::$isPathchable;
|
|
||||||
}
|
|
||||||
|
|
||||||
$stmt = $con->prepareStatement("DESCRIBE TASK");
|
|
||||||
$rs = $stmt->executeQuery();
|
|
||||||
$rs->next();
|
|
||||||
while ($row = $rs->getRow()) {
|
|
||||||
if ($row ['Field'] == "TAS_GROUP_VARIABLE") {
|
if ($row ['Field'] == "TAS_GROUP_VARIABLE") {
|
||||||
$version = System::getVersion();
|
$version = System::getVersion ();
|
||||||
$version = explode('-', $version);
|
$version = explode('-',$version);
|
||||||
if ($version[0] == '2.5.1') {
|
if ($version[0] == '2.5.1') {
|
||||||
echo "Version " . $version[0] . " Patch\n";
|
echo "Version " . $version[0] . " Patch\n";
|
||||||
patch::$isPathchable = true;
|
patch::$isPathchable = true;
|
||||||
|
|||||||
Reference in New Issue
Block a user