fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG-12676 Workspace Restore action from ./processmaker is not working with strange characters.

Browse Source 
Descripcion: The action "./processmaker workspace-restore -o workspace" is not working because the data has strange characters, and not permits to restore in other servers.

Solucion: Para evitar el uso de la manipulacion del contenido del archivo sql, se tiene como primera opcion de restauracion el uso del intérprete de comandos ejecutando el comando "mysql" junto a los parametros necesarios.
En que caso que el modo seguro del servidor este activado se optara por la opcion de obtener las lineas de cada sentencia sql dentro del archivo realizando un explode teniendo como parametro ";\n" y el contenido del archivo.
This commit is contained in:
Omar Suca
2013-08-15 13:27:29 -04:00
parent 6ce905a5b4
commit 5c9bf1fcc6
1 changed files with 52 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
workflow/engine/classes/class.wsTools.php
View File

@@ -1057,39 +1057,60 @@ class workspaceTools
* @param string $filename the script filename * @param string $filename the script filename
* @param string $database the database to execute this script into * @param string $database the database to execute this script into
*/ */
private function executeSQLScript($database, $filename) private function executeSQLScript($database, $filename, $parameters)
{ {
mysql_query("CREATE DATABASE IF NOT EXISTS " . mysql_real_escape_string($database)); mysql_query("CREATE DATABASE IF NOT EXISTS " . mysql_real_escape_string($database));
mysql_select_db($database); // Check for safe mode
$script = file_get_contents($filename); if ( !ini_get('safe_mode') ) {
$lines = explode("\n", $script); $command = 'mysql'
$previous = null; . ' --host=' . $parameters['dbHost']
foreach ($lines as $j => $line) { . ' --user=' . $parameters['dbUser']
// Remove comments from the script . ' --password=' . $parameters['dbPass']
$line = trim($line); . ' --database=' . mysql_real_escape_string($database)
if (strpos($line, "--") === 0) { . ' --execute="SOURCE '.$filename.'"';
$line = substr($line, 0, strpos($line, "--")); shell_exec($command);
}
if (empty($line)) { } else {
continue; //If the safe mode of the server is actived
} try {
// Concatenate the previous line, if any, with the current mysql_select_db($database);
if ($previous) { $script = file_get_contents($filename);
$line = $previous . " " . $line;
} $lines = explode(";\n", $script);
$previous = null; $previous = null;
// If the current line doesnt end with ; then put this line together foreach ($lines as $j => $line) {
// with the next one, thus supporting multi-line statements. // Remove comments from the script
if (strrpos($line, ";") != strlen($line) - 1) { $line = trim($line);
$previous = $line; if (strpos($line, "--") === 0) {
continue; $line = substr($line, 0, strpos($line, "--"));
} }
$line = substr($line, 0, strrpos($line, ";")); if (empty($line)) {
$result = mysql_query($line); continue;
if ($result === false) { }
throw new Exception("Error when running script '$filename', line $j, query '$line': " . mysql_error()); // Concatenate the previous line, if any, with the current
if ($previous) {
$line = $previous . " " . $line;
}
$previous = null;
// If the current line doesnt end with ; then put this line together
// with the next one, thus supporting multi-line statements.
if (strrpos($line, ";") != strlen($line) - 1) {
$previous = $line;
continue;
}
$line = substr($line, 0, strrpos($line, ";"));
$result = mysql_query($line);
if ($result === false) {
throw new Exception("Error when running script '$filename', line $j, query '$line': " . mysql_error());
}
}
} catch (Exception $e) {
CLI::logging(CLI::error("Error:" . "There are problems running script '$filename': " . $e));
} }
} }
} }
static public function restoreLegacy($directory) static public function restoreLegacy($directory)
@@ -1254,7 +1275,7 @@ class workspaceTools
CLI::logging(CLI::error("Could not get the shared folder permissions, not changing workspace permissions") . "\n"); CLI::logging(CLI::error("Could not get the shared folder permissions, not changing workspace permissions") . "\n");
} }
list ($dbHost, $dbUser, $dbPass) = @explode(SYSTEM_HASH, G::decrypt(HASH_INSTALLATION, SYSTEM_HASH)); list ($dbHost, $dbUser, $dbPass) = @explode(SYSTEM_HASH, G::decrypt(HASH_INSTALLATION, SYSTEM_HASH));
$aParameters = array('dbHost'=>$dbHost,'dbUser'=>$dbUser,'dbPass'=>$dbPass);
CLI::logging("> Connecting to system database in '$dbHost'\n"); CLI::logging("> Connecting to system database in '$dbHost'\n");
$link = mysql_connect($dbHost, $dbUser, $dbPass); $link = mysql_connect($dbHost, $dbUser, $dbPass);
@mysql_query("SET NAMES 'utf8';"); @mysql_query("SET NAMES 'utf8';");
@@ -1268,7 +1289,7 @@ class workspaceTools
foreach ($metadata->databases as $db) { foreach ($metadata->databases as $db) {
$dbName = $newDBNames[$db->name]; $dbName = $newDBNames[$db->name];
CLI::logging("+> Restoring database {$db->name} to $dbName\n"); CLI::logging("+> Restoring database {$db->name} to $dbName\n");
$workspace->executeSQLScript($dbName, "$tempDirectory/{$db->name}.sql"); $workspace->executeSQLScript($dbName, "$tempDirectory/{$db->name}.sql",$aParameters);
$workspace->createDBUser($dbName, $db->pass, "localhost", $dbName); $workspace->createDBUser($dbName, $db->pass, "localhost", $dbName);
$workspace->createDBUser($dbName, $db->pass, "%", $dbName); $workspace->createDBUser($dbName, $db->pass, "%", $dbName);
} }