fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-2689

Browse Source
This commit is contained in:
Paula Quispe
2017-08-02 16:06:56 -04:00
committed by davidcallizaya
parent 8359e30998
commit 9eb7d6cac2
2289 changed files with 204853 additions and 80064 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
gulliver/system/class.dbMaintenance.php
View File

@@ -49,7 +49,6 @@ class DataBaseMaintenance
protected $tmpDir;
protected $outfile;
protected $infile;
protected $isWindows;
/**
* __construct
@@ -65,7 +64,7 @@ class DataBaseMaintenance
$this->tmpDir = './';
$this->link = null;
$this->dbName = null;
$this->isWindows = strtoupper(substr(PHP_OS, 0, 3)) === 'WIN';
if (isset( $host ) && isset( $user ) && isset( $passwd )) {
$this->host = $host;
$this->user = $user;
@@ -400,88 +399,32 @@ class DataBaseMaintenance
*/
function backupDataBase ($outfile)
{
$password = escapeshellarg($this->passwd);
//On Windows, escapeshellarg() instead replaces percent signs, exclamation
//marks (delayed variable substitution) and double quotes with spaces and
//adds double quotes around the string.
//See: http://php.net/manual/en/function.escapeshellarg.php
if ($this->isWindows) {
$password = $this->escapeshellargCustom($this->passwd);
}
$aHost = explode(':', $this->host);
$dbHost = $aHost[0];
if (isset($aHost[1])) {
$dbPort = $aHost[1];
$command = 'mysqldump'
. ' --user=' . $this->user
. ' --password=' . $password
. ' --host=' . $dbHost
. ' --port=' . $dbPort
. ' --opt'
. ' --skip-comments'
. ' ' . $this->dbName
. ' > ' . $outfile;
. ' --user=' . $this->user
. ' --password=' . escapeshellarg($this->passwd)
. ' --host=' . $dbHost
. ' --port=' . $dbPort
. ' --opt'
. ' --skip-comments'
. ' ' . $this->dbName
. ' > ' . $outfile;
} else {
$command = 'mysqldump'
. ' --host=' . $dbHost
. ' --user=' . $this->user
. ' --opt'
. ' --skip-comments'
. ' --password=' . $password
. ' ' . $this->dbName
. ' > ' . $outfile;
. ' --host=' . $dbHost
. ' --user=' . $this->user
. ' --opt'
. ' --skip-comments'
. ' --password=' . escapeshellarg($this->passwd)
. ' ' . $this->dbName
. ' > ' . $outfile;
}
shell_exec($command);
}
/**
* string escapeshellargCustom ( string $arg , character $quotes)
*
* escapeshellarg() adds single quotes around a string and quotes/escapes any
* existing single quotes allowing you to pass a string directly to a shell
* function and having it be treated as a single safe argument. This function
* should be used to escape individual arguments to shell functions coming
* from user input. The shell functions include exec(), system() and the
* backtick operator.
*
* On Windows, escapeshellarg() instead replaces percent signs, exclamation
* marks (delayed variable substitution) and double quotes with spaces and
* adds double quotes around the string.
*/
private function escapeshellargCustom($string, $quotes = "")
{
if ($quotes === "") {
$quotes = $this->isWindows ? "\"" : "'";
}
$n = strlen($string);
$special = ["!", "%", "\""];
$substring = "";
$result1 = [];
$result2 = [];
for ($i = 0; $i < $n; $i++) {
if (in_array($string[$i], $special, true)) {
$result2[] = $string[$i];
$result1[] = $substring;
$substring = "";
} else {
$substring = $substring . $string[$i];
}
}
$result1[] = $substring;
//Rebuild the password string
$n = count($result1);
for ($i = 0; $i < $n; $i++) {
$result1[$i] = trim(escapeshellarg($result1[$i]), $quotes);
if (isset($result2[$i])) {
$result1[$i] = $result1[$i] . $result2[$i];
}
}
//add simple quotes, see escapeshellarg function
$newString = $quotes . implode("", $result1) . $quotes;
return $newString;
}
/**
* restoreFromSql
*