Issues in bkmanager.static.php (develop) - Issues in develop - evolution-cms/evolution - Measure and Improve Code Quality continuously with Scrutinizer

Issues (3885)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

manager/actions/bkmanager.static.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
if( ! defined('IN_MANAGER_MODE') || IN_MANAGER_MODE !== true) {
    die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
}
if (!$modx->hasPermission('bk_manager')) {
    $modx->webAlertAndQuit($_lang["error_no_privileges"]);
}

$dbase = $modx->getDatabase()->getConfig('database');

if (!$modx->getConfig('snapshot_path')) {
    if (is_dir(MODX_BASE_PATH . 'temp/backup/')) {
        $modx->setConfig('snapshot_path', MODX_BASE_PATH . 'temp/backup/');
    } else {
        $modx->setConfig('snapshot_path', MODX_BASE_PATH . 'assets/backup/');
    }
}

// Backup Manager by Raymond:

$mode = isset($_POST['mode']) ? $_POST['mode'] : '';

if ($mode == 'restore1') {
    if (isset($_POST['textarea']) && !empty($_POST['textarea'])) {
        $source = trim($_POST['textarea']);
        $_SESSION['textarea'] = $source . "\n";
    } else {
        $source = file_get_contents($_FILES['sqlfile']['tmp_name']);
    }
    import_sql($source);
    header('Location: index.php?r=9&a=93');
    exit;
} elseif ($mode == 'restore2') {
    $path = $modx->getConfig('snapshot_path') . $_POST['filename'];
    if (file_exists($path)) {
        $source = file_get_contents($path);
        import_sql($source);
        if (headers_sent()) {
            echo "<script>document.location.href='index.php?r=9&a=93';</script>\n";
        } else {
            header("Location: index.php?r=9&a=93");
        }
    }
    exit;
} elseif ($mode == 'backup') {
    $tables = isset($_POST['chk']) ? $_POST['chk'] : '';
    if (!is_array($tables)) {
        $modx->webAlertAndQuit("Please select a valid table from the list below.");
    }

    /*
     * Code taken from Ralph A. Dahlgren MySQLdumper Snippet - Etomite 0.6 - 2004-09-27
     * Modified by Raymond 3-Jan-2005
     * Perform MySQLdumper data dump
     */
    @set_time_limit(120); // set timeout limit to 2 minutes
    $dumper = new EvolutionCMS\Support\MysqlDumper($dbase);
    $dumper->setDBtables($tables);
    $dumper->setDroptables((isset($_POST['droptables']) ? true : false));
    $dumpfinished = $dumper->createDump('dumpSql');
    if ($dumpfinished) {
        exit;
    } else {
        $modx->webAlertAndQuit('Unable to Backup Database');
    }

    // MySQLdumper class can be found below
} elseif ($mode == 'snapshot') {
    if (!is_dir(rtrim($modx->getConfig(snapshot_path), '/'))) {
        mkdir(rtrim($modx->getConfig(snapshot_path), '/'));
        @chmod(rtrim($modx->getConfig(snapshot_path), '/'), 0777);
    }
    if (!is_file("{$modx->getConfig(snapshot_path)}.htaccess")) {
        $htaccess = "order deny,allow\ndeny from all\n";
        file_put_contents("{$modx->getConfig(snapshot_path)}.htaccess", $htaccess);
    }
    if (!is_writable(rtrim($modx->getConfig(snapshot_path), '/'))) {
        $modx->webAlertAndQuit(parsePlaceholder($_lang["bkmgr_alert_mkdir"], array('snapshot_path' => $modx->getConfig(snapshot_path))));
    }
    $sql = "SHOW TABLE STATUS FROM `{$dbase}` LIKE '" . $modx->getDatabase()->escape($modx->getDatabase()->getConfig('prefix')) . "%'";
    $rs = $modx->getDatabase()->query($sql);
    $tables = $modx->getDatabase()->getColumn('Name', $rs);
    $today = date('Y-m-d_H-i-s');
    global $path;
function myFunction($a, $b) {
    // Do something
}
    $path = "{$modx->getConfig(snapshot_path)}{$today}.sql";

    @set_time_limit(120); // set timeout limit to 2 minutes
    $dumper = new EvolutionCMS\Support\MysqlDumper($dbase);
    $dumper->setDBtables($tables);
    $dumper->setDroptables(true);
    $dumpfinished = $dumper->createDump('snapshot');

    $pattern = "{$modx->getConfig(snapshot_path)}*.sql";
    $files = glob($pattern, GLOB_NOCHECK);
    $total = ($files[0] !== $pattern) ? count($files) : 0;
    arsort($files);
    while (10 < $total && $limit < 50) {
        $del_file = array_pop($files);
        unlink($del_file);
        $total = count($files);
        $limit++;
    }

    if ($dumpfinished) {
        $_SESSION['result_msg'] = 'snapshot_ok';
        header("Location: index.php?a=93");
        exit;
    } else {
        $modx->webAlertAndQuit('Unable to Backup Database');
    }
} else {
    include_once MODX_MANAGER_PATH . "includes/header.inc.php";  // start normal header
}

if (isset($_SESSION['result_msg']) && $_SESSION['result_msg'] != '') {
    switch ($_SESSION['result_msg']) {
        case 'import_ok':
            $ph['result_msg_import'] = '<div class="alert alert-success">' . $_lang["bkmgr_import_ok"] . '</div>';
            $ph['result_msg_snapshot'] = '<div class="alert alert-success">' . $_lang["bkmgr_import_ok"] . '</div>';
            break;
        case 'snapshot_ok':
            $ph['result_msg_import'] = '';
            $ph['result_msg_snapshot'] = '<div class="alert alert-success">' . $_lang["bkmgr_snapshot_ok"] . '</div>';
            break;
    }
    $_SESSION['result_msg'] = '';
} else {
    $ph['result_msg_import'] = '';
    $ph['result_msg_snapshot'] = '';
}

?>

    <script language="javascript">
        var actions = {
            cancel: function() {
                documentDirty = false;
                document.location.href = 'index.php?a=2';
            },
        };

        function selectAll()
        {
            var f = document.forms['frmdb'];
            var c = f.elements['chk[]'];
            for (var i = 0; i < c.length; i++) {
                c[i].checked = f.chkselall.checked;
            }
        }

        function backup()
        {
            var f = document.forms['frmdb'];
            f.mode.value = 'backup';
            f.target = 'fileDownloader';
            f.submit();
            return false;
        }

        function confirmRevert(filename)
        {
            var m = '<?= $_lang["bkmgr_restore_confirm"] ?>';
            m = m.replace('[+filename+]', filename);
            if (confirm(m) === true) {
                document.restore2.filename.value = filename;
                document.restore2.save.click();
            }
        }

        function showhide(a)
        {
            var f = document.getElementById('sqlfile');
            var t = document.getElementById('textarea');
            if (a == 'file') {
                f.style.display = 'block';
                t.style.display = 'none';
            } else {
                t.style.display = 'block';
                f.style.display = 'none';
            }
        }
        <?= (isset($_REQUEST['r']) ? " doRefresh(" . $_REQUEST['r'] . ");" : "") ?>

    </script>

    <h1>
        <i class="fa fa-database"></i><?= $_lang['bk_manager'] ?>
    </h1>

<?= ManagerTheme::getStyle('actionbuttons.static.cancel') ?>

    <div class="tab-pane" id="dbmPane">
        <script type="text/javascript">
            tpDBM = new WebFXTabPane(document.getElementById('dbmPane'));
        </script>

        <div class="tab-page" id="tabBackup">
            <h2 class="tab"><?= $_lang['backup'] ?></h2>
            <script type="text/javascript">tpDBM.addTabPage(document.getElementById('tabBackup'));</script>

            <div class="container container-body">
                <form name="frmdb" method="post">
                    <input type="hidden" name="mode" value="" />
                    <p>
                        <a href="javascript:;" class="btn btn-primary" onclick="backup();return false;"> <i class="<?= $_style['actions_save'] ?>"></i> <?= $_lang['database_table_clickbackup'] ?></a>
                        <label><input type="checkbox" name="droptables" checked="checked" /><?= $_lang['database_table_droptablestatements'] ?></label>
                    </p>
                    <div class="row">
                        <div class="table-responsive">
                            <table class="table data nowrap">
                                <thead>
                                <tr>
                                    <td><label class="form-check-label"><input type="checkbox" name="chkselall" class="form-check-input" onclick="selectAll();" title="Select All Tables" /> <?= $_lang['database_table_tablename'] ?></label></td>
                                    <td width="1%"></td>
                                    <td class="text-xs-center"><?= $_lang['database_table_records'] ?></td>
                                    <td class="text-xs-center"><?= $_lang['database_collation'] ?></td>
                                    <td class="text-xs-center"><?= $_lang['database_table_datasize'] ?></td>
                                    <td class="text-xs-center"><?= $_lang['database_table_overhead'] ?></td>
                                    <td class="text-xs-center"><?= $_lang['database_table_effectivesize'] ?></td>
                                    <td class="text-xs-center"><?= $_lang['database_table_indexsize'] ?></td>
                                    <td class="text-xs-center"><?= $_lang['database_table_totalsize'] ?></td>
                                </tr>
                                </thead>
                                <tbody>
                                <?php
                                $sql = "SHOW TABLE STATUS FROM `{$dbase}` LIKE '" . $modx->getDatabase()->escape($modx->getDatabase()->getConfig('prefix')) . "%'";
                                $rs = $modx->getDatabase()->query($sql);
                                $i = 0;
                                $total = 0;
                                $totaloverhead = 0;
                                while ($db_status = $modx->getDatabase()->getRow($rs)) {
                                    if (isset($tables)) {
                                        $table_string = implode(',', $table);
                                    } else {
                                        $table_string = '';
                                    }

                                    echo '<tr>' . "\n" . '<td><label class="form-check form-check-label"><input type="checkbox" name="chk[]" class="form-check-input" value="' . $db_status['Name'] . '"' . (strstr($table_string, $db_status['Name']) === false ? '' : ' checked="checked"') . ' /><b class="text-primary">' . $db_status['Name'] . '</b></label></td>' . "\n";
                                    echo '<td class="text-xs-center">' . (!empty($db_status['Comment']) ? '<i class="' . $_style['actions_help'] . '" data-tooltip="' . $db_status['Comment'] . '"></i>' : '') . '</td>' . "\n";
                                    echo '<td class="text-xs-right">' . $db_status['Rows'] . '</td>' . "\n";
                                    echo '<td class="text-xs-right">' . $db_status['Collation'] . '</td>' . "\n";

                                    // Enable record deletion for certain tables (TRUNCATE TABLE) if they're not already empty
                                    $truncateable = array(
                                        $modx->getDatabase()->getConfig('prefix') . 'event_log',
                                        $modx->getDatabase()->getConfig('prefix') . 'manager_log',
                                    );
                                    if ($modx->hasPermission('settings') && in_array($db_status['Name'], $truncateable) && $db_status['Rows'] > 0) {
                                        echo '<td class="text-xs-right"><a class="text-danger" href="index.php?a=54&mode=' . $action . '&u=' . $db_status['Name'] . '" title="' . $_lang['truncate_table'] . '">' . nicesize($db_status['Data_length'] + $db_status['Data_free']) . '</a>' . '</td>' . "\n";
                                    } else {
                                        echo '<td class="text-xs-right">' . nicesize($db_status['Data_length'] + $db_status['Data_free']) . '</td>' . "\n";
                                    }

                                    if ($modx->hasPermission('settings')) {
                                        echo '<td class="text-xs-right">' . ($db_status['Data_free'] > 0 ? '<a class="text-danger" href="index.php?a=54&mode=' . $action . '&t=' . $db_status['Name'] . '" title="' . $_lang['optimize_table'] . '">' . nicesize($db_status['Data_free']) . '</a>' : '-') . '</td>' . "\n";
                                    } else {
                                        echo '<td class="text-xs-right">' . ($db_status['Data_free'] > 0 ? nicesize($db_status['Data_free']) : '-') . '</td>' . "\n";
                                    }

                                    echo '<td class="text-xs-right">' . nicesize($db_status['Data_length'] - $db_status['Data_free']) . '</td>' . "\n" . '<td class="text-xs-right">' . $modx->nicesize($db_status['Index_length']) . '</td>' . "\n" . '<td class="text-xs-right">' . $modx->nicesize($db_status['Index_length'] + $db_status['Data_length'] + $db_status['Data_free']) . '</td>' . "\n" . "</tr>";

                                    $total += $db_status['Index_length'] + $db_status['Data_length'];
                                    $totaloverhead += $db_status['Data_free'];
                                }
                                ?>
                                </tbody>
                                <tfoot>
                                <tr>
                                    <td class="text-xs-right"><?= $_lang['database_table_totals'] ?></td>
                                    <td colspan="4">&nbsp;</td>
                                    <td class="text-xs-right"><?= $totaloverhead > 0 ? '<b class="text-danger">' . nicesize($totaloverhead) . '</b><br />(' . number_format($totaloverhead) . ' B)' : '-' ?></td>
                                    <td colspan="2">&nbsp;</td>
                                    <td class="text-xs-right"><?= "<b>" . nicesize($total) . "</b><br />(" . number_format($total) . " B)" ?></td>
                                </tr>
                                </tfoot>
                            </table>
                        </div>
                    </div>
                    <?php if ($totaloverhead > 0) { ?>
                        <br>
                        <p class="alert alert-danger"><?= $_lang['database_overhead'] ?></p>
                    <?php } ?>
                </form>
            </div>
        </div>
        <!-- This iframe is used when downloading file backup file -->
        <iframe name="fileDownloader" width="1" height="1" style="display:none; width:1px; height:1px;"></iframe>
        <div class="tab-page" id="tabRestore">
            <h2 class="tab"><?= $_lang["bkmgr_restore_title"] ?></h2>
            <script type="text/javascript">tpDBM.addTabPage(document.getElementById('tabRestore'));</script>

            <div class="container container-body">
                <?= $ph['result_msg_import'] ?>
                <div class="element-edit-message-tab alert alert-warning">
                    <?= $_lang["bkmgr_restore_msg"] ?>
                </div>
                <form method="post" name="mutate" enctype="multipart/form-data" action="index.php">
                    <input type="hidden" name="a" value="93" />
                    <input type="hidden" name="mode" value="restore1" />
                    <?php
                    if (isset($_SESSION['textarea']) && !empty($_SESSION['textarea'])) {
                        $value = $_SESSION['textarea'];
                        unset($_SESSION['textarea']);
                        $_SESSION['console_mode'] = 'text';
                        $f_display = 'none';
                        $t_display = 'block';
                    } else {
                        $value = '';
                        $_SESSION['console_mode'] = 'file';
                        $f_display = 'block';
                        $t_display = 'none';
                    }

                    if (isset($_SESSION['last_result']) || !empty($_SESSION['last_result'])) {
                        $last_result = $_SESSION['last_result'];
                        unset($_SESSION['last_result']);
                        if (count($last_result) < 1) {
                            $result = '';
                        } else {
                            $last_result = array_merge(array(), array_diff($last_result, array('')));
                            foreach ($last_result['0'] as $k => $v) {
                                $title[] = $k;
                            }
                            $result = '<thead><tr><th>' . implode('</th><th>', $title) . '</th></tr></thead>';
                            $result .= '<tbody>';
                            foreach ($last_result as $row) {
                                $result_value = array();
                                if ($row) {
                                    foreach ($row as $k => $v) {
                                        $result_value[] = $v;
                                    }
                                    $result .= '<tr><td>' . implode('</td><td>', $result_value) . '</td></tr>';
                                }
                            }
                            $result .= '</tbody>';
                            $result = '<table class="table data">' . $result . '</table>';
                        }
                    }

                    function checked($cond)
                    {
                        if ($cond) {
                            return ' checked';
                        }
                    }

                    ?>
                    <p>
                        <label><input type="radio" name="sel" onclick="showhide('file');" <?= checked(!isset($_SESSION['console_mode']) || $_SESSION['console_mode'] !== 'text') ?> /> <?= $_lang["bkmgr_run_sql_file_label"] ?></label>
                        <label><input type="radio" name="sel" onclick="showhide('textarea');" <?= checked(isset($_SESSION['console_mode']) && $_SESSION['console_mode'] === 'text') ?> /> <?= $_lang["bkmgr_run_sql_direct_label"] ?></label>
                    </p>
                    <div class="form-group"><input type="file" name="sqlfile" id="sqlfile" style="display:<?= $f_display ?>;" /></div>
                    <div id="textarea" style="display:<?= $t_display ?>;">
                        <textarea name="textarea" rows="10"><?= $value ?></textarea>
                    </div>
                    <a href="javascript:;" class="btn btn-primary" onclick="document.mutate.save.click();"> <i class="<?= $_style['actions_save'] ?>"></i> <?= $_lang["bkmgr_run_sql_submit"] ?></a>
                    <input type="submit" name="save" style="display:none;" />
                </form>
                <?php if (isset($result)): ?>
                    <b><?= $_lang["bkmgr_run_sql_result"] ?></b>
                    <div class="row">
                        <div class="table-responsive"><?= $result ?></div>
                    </div>
                <?php endif; ?>
            </div>
        </div>

        <div class="tab-page" id="tabSnapshot">
            <h2 class="tab"><?= $_lang["bkmgr_snapshot_title"] ?></h2>
            <script type="text/javascript">tpDBM.addTabPage(document.getElementById('tabSnapshot'));</script>

            <div class="container container-body">
                <?= $ph['result_msg_snapshot'] ?>
                <div class="element-edit-message-tab alert alert-warning">
                    <?= parsePlaceholder($_lang["bkmgr_snapshot_msg"], array('snapshot_path' => "snapshot_path={$modx->getConfig(snapshot_path)}")) ?>
                </div>
                <form method="post" name="snapshot" action="index.php">
                    <input type="hidden" name="a" value="93" />
                    <input type="hidden" name="mode" value="snapshot" />
                    <?= $_lang["description"] ?>
                    <div class="form-group input-group">
                        <input type="text" name="backup_title" class="form-control" maxlength="350" />
                        <div class="input-group-btn">
                            <a href="javascript:;" class="btn btn-success" onclick="document.snapshot.save.click();"> <i class="<?= $_style['actions_save'] ?>"></i> <?= $_lang["bkmgr_snapshot_submit"] ?></a>
                        </div>
                    </div>
                    <input type="submit" name="save" style="display:none;" />
                </form>
                <div>
                    <b><?= $_lang["bkmgr_snapshot_list_title"] ?></b>
                </div>
                <form method="post" name="restore2" action="index.php">
                    <input type="hidden" name="a" value="93" />
                    <input type="hidden" name="mode" value="restore2" />
                    <input type="hidden" name="filename" value="" />
                    <?php
                    $pattern = "{$modx->getConfig(snapshot_path)}*.sql";
                    $files = glob($pattern, GLOB_NOCHECK);
                    $total = ($files[0] !== $pattern) ? count($files) : 0;
                    $detailFields = array(
                        'MODX Version',
                        'Host',
                        'Generation Time',
                        'Server version',
                        'PHP Version',
                        'Database',
                        'Description'
                    );
                    if (is_array($files) && 0 < $total) {
                        ?>
                        <div class="row">
                            <div class="table-responsive">
                                <table class="table data nowrap">
                                    <thead>
                                    <tr>
                                        <th><?= $_lang["files_filename"] ?></th>
                                        <th width="1%"></th>
                                        <th><?= $_lang["files_filesize"] ?></th>
                                        <th><?= $_lang["description"] ?></th>
                                        <th><?= $_lang["modx_version"] ?></th>
                                        <th><?= $_lang["database_name"] ?></th>
                                        <th width="1%"><?= $_lang["onlineusers_action"] ?></th>
                                    </tr>
                                    </thead>
                                    <tbody>
                                    <?php
                                    arsort($files);
                                    while ($file = array_shift($files)) {
                                        $filename = substr($file, strrpos($file, '/') + 1);
                                        $filesize = nicesize(filesize($file));

                                        $file = fopen($file, "r");
                                        $count = 0;
                                        $details = array();
                                        while ($count < 11) {
                                            $line = fgets($file);
                                            foreach ($detailFields as $label) {
                                                $fileLabel = '# ' . $label;
                                                if (strpos($line, $fileLabel) !== false) {
                                                    $details[$label] = htmlentities(trim(str_replace(array(
                                                        $fileLabel,
                                                        ':',
                                                        '`'
                                                    ), '', $line)), ENT_QUOTES, ManagerTheme::getCharset());
                                                }
                                            }
                                            $count++;
                                        };
                                        fclose($file);

                                        $tooltip = "Generation Time: " . $details["Generation Time"] . "\n";
                                        $tooltip .= "Server version: " . $details["Server version"] . "\n";
                                        $tooltip .= "PHP Version: " . $details["PHP Version"] . "\n";
                                        $tooltip .= "Host: " . $details["Host"] . "\n";
                                        ?>
                                        <tr>
                                            <td><?= $filename ?></td>
                                            <td><i class="fa fa-question-circle" data-tooltip="<?= $tooltip ?>"></i></td>
                                            <td><?= $filesize ?></td>
                                            <td><?= $details['Description'] ?></td>
                                            <td><?= $details['MODX Version'] ?></td>
                                            <td><?= $details['Database'] ?></td>
                                            <td><a href="javascript:;" onclick="confirmRevert('<?= $filename ?>');" title="<?= $tooltip ?>"><?= $_lang["bkmgr_restore_submit"] ?></a></td>
                                        </tr>
                                        <?php
                                    }
                                    ?>
                                    </tbody>
                                </table>
                            </div>
                        </div>
                        <?php
                    } else {
                        echo $_lang["bkmgr_snapshot_nothing"];
                    }
                    ?>
                    <input type="submit" name="save" style="display:none;" />
                </form>
            </div>
        </div>

    </div>
<?php

if (is_numeric($_GET['tab'])) {
    echo '<script type="text/javascript">tpDBM.setSelectedIndex( ' . $_GET['tab'] . ' );</script>';
}

include_once MODX_MANAGER_PATH . "includes/footer.inc.php"; // send footer
?>

<?php
/**
 * @deprecated use EvolutionCMS\Support\MysqlDumper
 */
class Mysqldumper extends EvolutionCMS\Support\MysqlDumper{}
namespace YourVendor;

class YourClass { }


Issues (3885)

Security Analysis not enabled

manager/actions/bkmanager.static.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1. Pass all data via parameters

2. Create a class that maintains your state

1		<?php
2		if( ! defined('IN_MANAGER_MODE') \|\| IN_MANAGER_MODE !== true) {
3		die("<b>INCLUDE_ORDERING_ERROR</b><br /><br />Please use the EVO Content Manager instead of accessing this file directly.");
4		}
5		if (!$modx->hasPermission('bk_manager')) {
6		$modx->webAlertAndQuit($_lang["error_no_privileges"]);
7		}
8
9		$dbase = $modx->getDatabase()->getConfig('database');
10
11		if (!$modx->getConfig('snapshot_path')) {
12		if (is_dir(MODX_BASE_PATH . 'temp/backup/')) {
13		$modx->setConfig('snapshot_path', MODX_BASE_PATH . 'temp/backup/');
14		} else {
15		$modx->setConfig('snapshot_path', MODX_BASE_PATH . 'assets/backup/');
16		}
17		}
18
19		// Backup Manager by Raymond:
20
21		$mode = isset($_POST['mode']) ? $_POST['mode'] : '';
22
23		if ($mode == 'restore1') {
24		if (isset($_POST['textarea']) && !empty($_POST['textarea'])) {
25		$source = trim($_POST['textarea']);
26		$_SESSION['textarea'] = $source . "\n";
27		} else {
28		$source = file_get_contents($_FILES['sqlfile']['tmp_name']);
29		}
30		import_sql($source);
31		header('Location: index.php?r=9&a=93');
32		exit;
33		} elseif ($mode == 'restore2') {
34		$path = $modx->getConfig('snapshot_path') . $_POST['filename'];
35		if (file_exists($path)) {
36		$source = file_get_contents($path);
37		import_sql($source);
38		if (headers_sent()) {
39		echo "<script>document.location.href='index.php?r=9&a=93';</script>\n";
40		} else {
41		header("Location: index.php?r=9&a=93");
42		}
43		}
44		exit;
45		} elseif ($mode == 'backup') {
46		$tables = isset($_POST['chk']) ? $_POST['chk'] : '';
47		if (!is_array($tables)) {
48		$modx->webAlertAndQuit("Please select a valid table from the list below.");
49		}
50
51		/*
52		* Code taken from Ralph A. Dahlgren MySQLdumper Snippet - Etomite 0.6 - 2004-09-27
53		* Modified by Raymond 3-Jan-2005
54		* Perform MySQLdumper data dump
55		*/
56		@set_time_limit(120); // set timeout limit to 2 minutes
57		$dumper = new EvolutionCMS\Support\MysqlDumper($dbase);
58		$dumper->setDBtables($tables);
59		$dumper->setDroptables((isset($_POST['droptables']) ? true : false));
60		$dumpfinished = $dumper->createDump('dumpSql');
61		if ($dumpfinished) {
62		exit;
63		} else {
64		$modx->webAlertAndQuit('Unable to Backup Database');
65		}
66
67		// MySQLdumper class can be found below
68		} elseif ($mode == 'snapshot') {
69		if (!is_dir(rtrim($modx->getConfig(snapshot_path), '/'))) {
70		mkdir(rtrim($modx->getConfig(snapshot_path), '/'));
71		@chmod(rtrim($modx->getConfig(snapshot_path), '/'), 0777);
72		}
73		if (!is_file("{$modx->getConfig(snapshot_path)}.htaccess")) {
74		$htaccess = "order deny,allow\ndeny from all\n";
75		file_put_contents("{$modx->getConfig(snapshot_path)}.htaccess", $htaccess);
76		}
77		if (!is_writable(rtrim($modx->getConfig(snapshot_path), '/'))) {
78		$modx->webAlertAndQuit(parsePlaceholder($_lang["bkmgr_alert_mkdir"], array('snapshot_path' => $modx->getConfig(snapshot_path))));
79		}
80		$sql = "SHOW TABLE STATUS FROM `{$dbase}` LIKE '" . $modx->getDatabase()->escape($modx->getDatabase()->getConfig('prefix')) . "%'";
81		$rs = $modx->getDatabase()->query($sql);
82		$tables = $modx->getDatabase()->getColumn('Name', $rs);
83		$today = date('Y-m-d_H-i-s');
84		global $path;
		0 ignored issues – show Compatibility Best Practice introduced 2018-02-21 15:53 UTC by Report Bug Copy Issue Report Show Similar Issues like this Use of `global` functionality is not recommended; it makes your code harder to test, and less reusable. Instead of relying on `global` state, we recommend one of these alternatives: 1. Pass all data via parameters function myFunction($a, $b) { // Do something } 2. Create a class that maintains your state class MyClass { private $a; private $b; public function __construct($a, $b) { $this->a = $a; $this->b = $b; } public function myFunction() { // Do something } } Loading history...
85		$path = "{$modx->getConfig(snapshot_path)}{$today}.sql";
86
87		@set_time_limit(120); // set timeout limit to 2 minutes
88		$dumper = new EvolutionCMS\Support\MysqlDumper($dbase);
89		$dumper->setDBtables($tables);
90		$dumper->setDroptables(true);
91		$dumpfinished = $dumper->createDump('snapshot');
92
93		$pattern = "{$modx->getConfig(snapshot_path)}*.sql";
94		$files = glob($pattern, GLOB_NOCHECK);
95		$total = ($files[0] !== $pattern) ? count($files) : 0;
96		arsort($files);
97		while (10 < $total && $limit < 50) {
98		$del_file = array_pop($files);
99		unlink($del_file);
100		$total = count($files);
101		$limit++;
102		}
103
104		if ($dumpfinished) {
105		$_SESSION['result_msg'] = 'snapshot_ok';
106		header("Location: index.php?a=93");
107		exit;
108		} else {
109		$modx->webAlertAndQuit('Unable to Backup Database');
110		}
111		} else {
112		include_once MODX_MANAGER_PATH . "includes/header.inc.php"; // start normal header
113		}
114
115		if (isset($_SESSION['result_msg']) && $_SESSION['result_msg'] != '') {
116		switch ($_SESSION['result_msg']) {
117		case 'import_ok':
118		$ph['result_msg_import'] = '<div class="alert alert-success">' . $_lang["bkmgr_import_ok"] . '</div>';
119		$ph['result_msg_snapshot'] = '<div class="alert alert-success">' . $_lang["bkmgr_import_ok"] . '</div>';
120		break;
121		case 'snapshot_ok':
122		$ph['result_msg_import'] = '';
123		$ph['result_msg_snapshot'] = '<div class="alert alert-success">' . $_lang["bkmgr_snapshot_ok"] . '</div>';
124		break;
125		}
126		$_SESSION['result_msg'] = '';
127		} else {
128		$ph['result_msg_import'] = '';
129		$ph['result_msg_snapshot'] = '';
130		}
131
132		?>
133
134		<script language="javascript">
135		var actions = {
136		cancel: function() {
137		documentDirty = false;
138		document.location.href = 'index.php?a=2';
139		},
140		};
141
142		function selectAll()
143		{
144		var f = document.forms['frmdb'];
145		var c = f.elements['chk[]'];
146		for (var i = 0; i < c.length; i++) {
147		c[i].checked = f.chkselall.checked;
148		}
149		}
150
151		function backup()
152		{
153		var f = document.forms['frmdb'];
154		f.mode.value = 'backup';
155		f.target = 'fileDownloader';
156		f.submit();
157		return false;
158		}
159
160		function confirmRevert(filename)
161		{
162		var m = '<?= $_lang["bkmgr_restore_confirm"] ?>';
163		m = m.replace('[+filename+]', filename);
164		if (confirm(m) === true) {
165		document.restore2.filename.value = filename;
166		document.restore2.save.click();
167		}
168		}
169
170		function showhide(a)
171		{
172		var f = document.getElementById('sqlfile');
173		var t = document.getElementById('textarea');
174		if (a == 'file') {
175		f.style.display = 'block';
176		t.style.display = 'none';
177		} else {
178		t.style.display = 'block';
179		f.style.display = 'none';
180		}
181		}
182		<?= (isset($_REQUEST['r']) ? " doRefresh(" . $_REQUEST['r'] . ");" : "") ?>
183
184		</script>
185
186		<h1>
187		<i class="fa fa-database"></i><?= $_lang['bk_manager'] ?>
188		</h1>
189
190		<?= ManagerTheme::getStyle('actionbuttons.static.cancel') ?>
191
192		<div class="tab-pane" id="dbmPane">
193		<script type="text/javascript">
194		tpDBM = new WebFXTabPane(document.getElementById('dbmPane'));
195		</script>
196
197		<div class="tab-page" id="tabBackup">
198		<h2 class="tab"><?= $_lang['backup'] ?></h2>
199		<script type="text/javascript">tpDBM.addTabPage(document.getElementById('tabBackup'));</script>
200
201		<div class="container container-body">
202		<form name="frmdb" method="post">
203		<input type="hidden" name="mode" value="" />
204		<p>
205		<a href="javascript:;" class="btn btn-primary" onclick="backup();return false;"> <i class="<?= $_style['actions_save'] ?>"></i> <?= $_lang['database_table_clickbackup'] ?></a>
206		<label><input type="checkbox" name="droptables" checked="checked" /><?= $_lang['database_table_droptablestatements'] ?></label>
207		</p>
208		<div class="row">
209		<div class="table-responsive">
210		<table class="table data nowrap">
211		<thead>
212		<tr>
213		<td><label class="form-check-label"><input type="checkbox" name="chkselall" class="form-check-input" onclick="selectAll();" title="Select All Tables" /> <?= $_lang['database_table_tablename'] ?></label></td>
214		<td width="1%"></td>
215		<td class="text-xs-center"><?= $_lang['database_table_records'] ?></td>
216		<td class="text-xs-center"><?= $_lang['database_collation'] ?></td>
217		<td class="text-xs-center"><?= $_lang['database_table_datasize'] ?></td>
218		<td class="text-xs-center"><?= $_lang['database_table_overhead'] ?></td>
219		<td class="text-xs-center"><?= $_lang['database_table_effectivesize'] ?></td>
220		<td class="text-xs-center"><?= $_lang['database_table_indexsize'] ?></td>
221		<td class="text-xs-center"><?= $_lang['database_table_totalsize'] ?></td>
222		</tr>
223		</thead>
224		<tbody>
225		<?php
226		$sql = "SHOW TABLE STATUS FROM `{$dbase}` LIKE '" . $modx->getDatabase()->escape($modx->getDatabase()->getConfig('prefix')) . "%'";
227		$rs = $modx->getDatabase()->query($sql);
228		$i = 0;
229		$total = 0;
230		$totaloverhead = 0;
231		while ($db_status = $modx->getDatabase()->getRow($rs)) {
232		if (isset($tables)) {
233		$table_string = implode(',', $table);
234		} else {
235		$table_string = '';
236		}
237
238		echo '<tr>' . "\n" . '<td><label class="form-check form-check-label"><input type="checkbox" name="chk[]" class="form-check-input" value="' . $db_status['Name'] . '"' . (strstr($table_string, $db_status['Name']) === false ? '' : ' checked="checked"') . ' /><b class="text-primary">' . $db_status['Name'] . '</b></label></td>' . "\n";
239		echo '<td class="text-xs-center">' . (!empty($db_status['Comment']) ? '<i class="' . $_style['actions_help'] . '" data-tooltip="' . $db_status['Comment'] . '"></i>' : '') . '</td>' . "\n";
240		echo '<td class="text-xs-right">' . $db_status['Rows'] . '</td>' . "\n";
241		echo '<td class="text-xs-right">' . $db_status['Collation'] . '</td>' . "\n";
242
243		// Enable record deletion for certain tables (TRUNCATE TABLE) if they're not already empty
244		$truncateable = array(
245		$modx->getDatabase()->getConfig('prefix') . 'event_log',
246		$modx->getDatabase()->getConfig('prefix') . 'manager_log',
247		);
248		if ($modx->hasPermission('settings') && in_array($db_status['Name'], $truncateable) && $db_status['Rows'] > 0) {
249		echo '<td class="text-xs-right"><a class="text-danger" href="index.php?a=54&mode=' . $action . '&u=' . $db_status['Name'] . '" title="' . $_lang['truncate_table'] . '">' . nicesize($db_status['Data_length'] + $db_status['Data_free']) . '</a>' . '</td>' . "\n";
250	View Code Duplication	} else {
251		echo '<td class="text-xs-right">' . nicesize($db_status['Data_length'] + $db_status['Data_free']) . '</td>' . "\n";
252		}
253
254		if ($modx->hasPermission('settings')) {
255		echo '<td class="text-xs-right">' . ($db_status['Data_free'] > 0 ? '<a class="text-danger" href="index.php?a=54&mode=' . $action . '&t=' . $db_status['Name'] . '" title="' . $_lang['optimize_table'] . '">' . nicesize($db_status['Data_free']) . '</a>' : '-') . '</td>' . "\n";
256	View Code Duplication	} else {
257		echo '<td class="text-xs-right">' . ($db_status['Data_free'] > 0 ? nicesize($db_status['Data_free']) : '-') . '</td>' . "\n";
258		}
259
260		echo '<td class="text-xs-right">' . nicesize($db_status['Data_length'] - $db_status['Data_free']) . '</td>' . "\n" . '<td class="text-xs-right">' . $modx->nicesize($db_status['Index_length']) . '</td>' . "\n" . '<td class="text-xs-right">' . $modx->nicesize($db_status['Index_length'] + $db_status['Data_length'] + $db_status['Data_free']) . '</td>' . "\n" . "</tr>";
261
262		$total += $db_status['Index_length'] + $db_status['Data_length'];
263		$totaloverhead += $db_status['Data_free'];
264		}
265		?>
266		</tbody>
267		<tfoot>
268		<tr>
269		<td class="text-xs-right"><?= $_lang['database_table_totals'] ?></td>
270		<td colspan="4"> </td>
271		<td class="text-xs-right"><?= $totaloverhead > 0 ? '<b class="text-danger">' . nicesize($totaloverhead) . '</b><br />(' . number_format($totaloverhead) . ' B)' : '-' ?></td>
272		<td colspan="2"> </td>
273		<td class="text-xs-right"><?= "<b>" . nicesize($total) . "</b><br />(" . number_format($total) . " B)" ?></td>
274		</tr>
275		</tfoot>
276		</table>
277		</div>
278		</div>
279		<?php if ($totaloverhead > 0) { ?>
280		<br>
281		<p class="alert alert-danger"><?= $_lang['database_overhead'] ?></p>
282		<?php } ?>
283		</form>
284		</div>
285		</div>
286		<!-- This iframe is used when downloading file backup file -->
287		<iframe name="fileDownloader" width="1" height="1" style="display:none; width:1px; height:1px;"></iframe>
288		<div class="tab-page" id="tabRestore">
289		<h2 class="tab"><?= $_lang["bkmgr_restore_title"] ?></h2>
290		<script type="text/javascript">tpDBM.addTabPage(document.getElementById('tabRestore'));</script>
291
292		<div class="container container-body">
293		<?= $ph['result_msg_import'] ?>
294		<div class="element-edit-message-tab alert alert-warning">
295		<?= $_lang["bkmgr_restore_msg"] ?>
296		</div>
297		<form method="post" name="mutate" enctype="multipart/form-data" action="index.php">
298		<input type="hidden" name="a" value="93" />
299		<input type="hidden" name="mode" value="restore1" />
300		<?php
301		if (isset($_SESSION['textarea']) && !empty($_SESSION['textarea'])) {
302		$value = $_SESSION['textarea'];
303		unset($_SESSION['textarea']);
304		$_SESSION['console_mode'] = 'text';
305		$f_display = 'none';
306		$t_display = 'block';
307		} else {
308		$value = '';
309		$_SESSION['console_mode'] = 'file';
310		$f_display = 'block';
311		$t_display = 'none';
312		}
313
314		if (isset($_SESSION['last_result']) \|\| !empty($_SESSION['last_result'])) {
315		$last_result = $_SESSION['last_result'];
316		unset($_SESSION['last_result']);
317		if (count($last_result) < 1) {
318		$result = '';
319		} else {
320		$last_result = array_merge(array(), array_diff($last_result, array('')));
321		foreach ($last_result['0'] as $k => $v) {
322		$title[] = $k;
323		}
324		$result = '<thead><tr><th>' . implode('</th><th>', $title) . '</th></tr></thead>';
325		$result .= '<tbody>';
326		foreach ($last_result as $row) {
327		$result_value = array();
328		if ($row) {
329		foreach ($row as $k => $v) {
330		$result_value[] = $v;
331		}
332		$result .= '<tr><td>' . implode('</td><td>', $result_value) . '</td></tr>';
333		}
334		}
335		$result .= '</tbody>';
336		$result = '<table class="table data">' . $result . '</table>';
337		}
338		}
339
340		function checked($cond)
341		{
342		if ($cond) {
343		return ' checked';
344		}
345		}
346
347		?>
348		<p>
349		<label><input type="radio" name="sel" onclick="showhide('file');" <?= checked(!isset($_SESSION['console_mode']) \|\| $_SESSION['console_mode'] !== 'text') ?> /> <?= $_lang["bkmgr_run_sql_file_label"] ?></label>
350		<label><input type="radio" name="sel" onclick="showhide('textarea');" <?= checked(isset($_SESSION['console_mode']) && $_SESSION['console_mode'] === 'text') ?> /> <?= $_lang["bkmgr_run_sql_direct_label"] ?></label>
351		</p>
352		<div class="form-group"><input type="file" name="sqlfile" id="sqlfile" style="display:<?= $f_display ?>;" /></div>
353		<div id="textarea" style="display:<?= $t_display ?>;">
354		<textarea name="textarea" rows="10"><?= $value ?></textarea>
355		</div>
356		<a href="javascript:;" class="btn btn-primary" onclick="document.mutate.save.click();"> <i class="<?= $_style['actions_save'] ?>"></i> <?= $_lang["bkmgr_run_sql_submit"] ?></a>
357		<input type="submit" name="save" style="display:none;" />
358		</form>
359		<?php if (isset($result)): ?>
360		<b><?= $_lang["bkmgr_run_sql_result"] ?></b>
361		<div class="row">
362		<div class="table-responsive"><?= $result ?></div>
363		</div>
364		<?php endif; ?>
365		</div>
366		</div>
367
368		<div class="tab-page" id="tabSnapshot">
369		<h2 class="tab"><?= $_lang["bkmgr_snapshot_title"] ?></h2>
370		<script type="text/javascript">tpDBM.addTabPage(document.getElementById('tabSnapshot'));</script>
371
372		<div class="container container-body">
373		<?= $ph['result_msg_snapshot'] ?>
374		<div class="element-edit-message-tab alert alert-warning">
375		<?= parsePlaceholder($_lang["bkmgr_snapshot_msg"], array('snapshot_path' => "snapshot_path={$modx->getConfig(snapshot_path)}")) ?>
376		</div>
377		<form method="post" name="snapshot" action="index.php">
378		<input type="hidden" name="a" value="93" />
379		<input type="hidden" name="mode" value="snapshot" />
380		<?= $_lang["description"] ?>
381		<div class="form-group input-group">
382		<input type="text" name="backup_title" class="form-control" maxlength="350" />
383		<div class="input-group-btn">
384		<a href="javascript:;" class="btn btn-success" onclick="document.snapshot.save.click();"> <i class="<?= $_style['actions_save'] ?>"></i> <?= $_lang["bkmgr_snapshot_submit"] ?></a>
385		</div>
386		</div>
387		<input type="submit" name="save" style="display:none;" />
388		</form>
389		<div>
390		<b><?= $_lang["bkmgr_snapshot_list_title"] ?></b>
391		</div>
392		<form method="post" name="restore2" action="index.php">
393		<input type="hidden" name="a" value="93" />
394		<input type="hidden" name="mode" value="restore2" />
395		<input type="hidden" name="filename" value="" />
396		<?php
397		$pattern = "{$modx->getConfig(snapshot_path)}*.sql";
398		$files = glob($pattern, GLOB_NOCHECK);
399		$total = ($files[0] !== $pattern) ? count($files) : 0;
400		$detailFields = array(
401		'MODX Version',
402		'Host',
403		'Generation Time',
404		'Server version',
405		'PHP Version',
406		'Database',
407		'Description'
408		);
409		if (is_array($files) && 0 < $total) {
410		?>
411		<div class="row">
412		<div class="table-responsive">
413		<table class="table data nowrap">
414		<thead>
415		<tr>
416		<th><?= $_lang["files_filename"] ?></th>
417		<th width="1%"></th>
418		<th><?= $_lang["files_filesize"] ?></th>
419		<th><?= $_lang["description"] ?></th>
420		<th><?= $_lang["modx_version"] ?></th>
421		<th><?= $_lang["database_name"] ?></th>
422		<th width="1%"><?= $_lang["onlineusers_action"] ?></th>
423		</tr>
424		</thead>
425		<tbody>
426		<?php
427		arsort($files);
428		while ($file = array_shift($files)) {
429		$filename = substr($file, strrpos($file, '/') + 1);
430		$filesize = nicesize(filesize($file));
431
432		$file = fopen($file, "r");
433		$count = 0;
434		$details = array();
435		while ($count < 11) {
436		$line = fgets($file);
437		foreach ($detailFields as $label) {
438		$fileLabel = '# ' . $label;
439		if (strpos($line, $fileLabel) !== false) {
440		$details[$label] = htmlentities(trim(str_replace(array(
441		$fileLabel,
442		':',
443		'`'
444		), '', $line)), ENT_QUOTES, ManagerTheme::getCharset());
445		}
446		}
447		$count++;
448		};
449		fclose($file);
450
451		$tooltip = "Generation Time: " . $details["Generation Time"] . "\n";
452		$tooltip .= "Server version: " . $details["Server version"] . "\n";
453		$tooltip .= "PHP Version: " . $details["PHP Version"] . "\n";
454		$tooltip .= "Host: " . $details["Host"] . "\n";
455		?>
456		<tr>
457		<td><?= $filename ?></td>
458		<td><i class="fa fa-question-circle" data-tooltip="<?= $tooltip ?>"></i></td>
459		<td><?= $filesize ?></td>
460		<td><?= $details['Description'] ?></td>
461		<td><?= $details['MODX Version'] ?></td>
462		<td><?= $details['Database'] ?></td>
463		<td><a href="javascript:;" onclick="confirmRevert('<?= $filename ?>');" title="<?= $tooltip ?>"><?= $_lang["bkmgr_restore_submit"] ?></a></td>
464		</tr>
465		<?php
466		}
467		?>
468		</tbody>
469		</table>
470		</div>
471		</div>
472		<?php
473		} else {
474		echo $_lang["bkmgr_snapshot_nothing"];
475		}
476		?>
477		<input type="submit" name="save" style="display:none;" />
478		</form>
479		</div>
480		</div>
481
482		</div>
483		<?php
484
485		if (is_numeric($_GET['tab'])) {
486		echo '<script type="text/javascript">tpDBM.setSelectedIndex( ' . $_GET['tab'] . ' );</script>';
487		}
488
489		include_once MODX_MANAGER_PATH . "includes/footer.inc.php"; // send footer
490		?>
491
492		<?php
493		/**
494		* @deprecated use EvolutionCMS\Support\MysqlDumper
495		*/
496		class Mysqldumper extends EvolutionCMS\Support\MysqlDumper{}
		0 ignored issues – show Coding Style Compatibility introduced 2018-06-07 17:11 UTC by Report Bug Copy Issue Report Show Similar Issues like this PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions. You can fix this by adding a namespace to your class: namespace YourVendor; class YourClass { } When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries. Loading history...
497

evolution-cms / evolution

Issues (3885)

Security Analysis not enabled

manager/actions/bkmanager.static.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1. Pass all data via parameters

2. Create a class that maintains your state

Duplication Side-by-Side

Filter issues like