From 4d2edaf6091e250312ec71ecd83693c032565eb7 Mon Sep 17 00:00:00 2001
From: Cerdic <cedric@yterium.com>
Date: Sun, 8 Oct 2006 09:51:01 +0000
Subject: [PATCH] =?UTF-8?q?sauvegarde=20sans=20authentification=20FTP=20no?=
=?UTF-8?q?mmage=20dat=C3=A9=20et=20incremental=20des=20noms=20de=20sauveg?=
=?UTF-8?q?arde=20dump=5F20061008=5F000.xml.gz=20pour=20echapper=20a=20un?=
=?UTF-8?q?=20ecrasement=20malveillant=20liste=20radio=20des=20dumps=20dis?=
=?UTF-8?q?ponibles=20pour=20la=20restauration?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
ecrire/exec/admin_tech.php | 22 +++++++++++++++++-----
ecrire/exec/export_all.php | 26 +++++++++++++-------------
ecrire/exec/import_all.php | 4 ++--
ecrire/inc/utils.php | 2 +-
4 files changed, 33 insertions(+), 21 deletions(-)
diff --git a/ecrire/exec/admin_tech.php b/ecrire/exec/admin_tech.php
index 6557625dc3..35fbb16efc 100644
--- a/ecrire/exec/admin_tech.php
+++ b/ecrire/exec/admin_tech.php
@@ -42,8 +42,9 @@ function exec_admin_tech_dist()
debut_gauche();
$dir_dump = _DIR_TRANSFERT . $connect_login . '/';
}
- $file = joli_repertoire($dir_dump . _SPIP_DUMP);
- $zfile = joli_repertoire($dir_dump . _SPIP_DUMP . '.gz');
+ include_spip('exec/export_all');
+ $file = joli_repertoire($dir_dump . export_nom_fichier_dump($dir_dump,false));
+ $zfile = joli_repertoire($dir_dump . export_nom_fichier_dump($dir_dump,true));
$dir_dump = joli_repertoire($dir_dump);
debut_droite();
@@ -96,11 +97,20 @@ echo "</TABLE>";
//
if ($connect_toutes_rubriques) {
+ $liste_dump = preg_files(_DIR_DUMP,str_replace("@stamp@","(_[0-9]{6,8}_[0-9]{1,3})?",_SPIP_DUMP)."(.gz)?",50,false);
+ $selected = end($liste_dump);
+ $liste_choix = "<p><ul>";
+ foreach($liste_dump as $key=>$fichier){
+ $affiche_fichier = substr($fichier,strlen(_DIR_DUMP));
+ $liste_choix.="<li><input type='radio' name='archive' value='$affiche_fichier' id='dump_$key' ".
+ (($fichier==$selected)?"checked='checked' ":"")."/><label for='dump_$key'>$affiche_fichier</label></li>\n";
+ }
+
if ($flag_gz) {
- $fichier_defaut = _SPIP_DUMP . '.gz';
+ $fichier_defaut = str_replace("@stamp@","",_SPIP_DUMP) . '.gz';
$texte_compresse = _T('texte_compresse_ou_non')." ";
} else {
- $fichier_defaut = _SPIP_DUMP;
+ $fichier_defaut = str_replace("@stamp@","",_SPIP_DUMP);
$texte_compresse = _T('texte_non_compresse')." ";
}
@@ -114,7 +124,9 @@ echo "</TABLE>";
_T('texte_restaurer_sauvegarde', array('dossier' => '<i>'.$dir_dump.'</i>')),
"\n<p>",
_T('entree_nom_fichier', array('texte_compresse' => $texte_compresse)),
- "\n<p><FONT SIZE=3><ul><INPUT TYPE='text' NAME='archive' VALUE='$fichier_defaut' SIZE='30'></ul></FONT>",
+ $liste_choix,
+ "<li><input type='radio' name='archive' value='' />",
+ "\n<FONT SIZE=3><INPUT TYPE='text' NAME='archive_perso' VALUE='$fichier_defaut' SIZE='30'></FONT></li></ul>",
"\n<p><DIV align='right'><INPUT CLASS='fondo' TYPE='submit' VALUE='"._T('bouton_restaurer_base')."'></DIV></FORM>",
"\n</td></tr>",
"</TABLE>";
diff --git a/ecrire/exec/export_all.php b/ecrire/exec/export_all.php
index 0a1b6a5b51..df713e6790 100644
--- a/ecrire/exec/export_all.php
+++ b/ecrire/exec/export_all.php
@@ -15,8 +15,6 @@ if (!defined("_ECRIRE_INC_VERSION")) return;
$GLOBALS['version_archive'] = '1.3';
-#include_spip('exec/export'); // celui dans le meme repertoire, pas celui de ecrire
-include_spip('inc/admin');
include_spip('base/serial');
include_spip('base/auxiliaires');
include_spip('inc/indexation'); // pour la fonction primary_index_table
@@ -58,6 +56,16 @@ if (!isset($EXPORT_tables_noexport)){
}
$GLOBALS['flag_ob_flush'] = function_exists('ob_flush');
+function export_nom_fichier_dump($dir,$gz=true){
+ $archive = _SPIP_DUMP;
+ if ($gz) $archive .= '.gz';
+ $cpt=0;
+ $stamp = date('Ymd');
+ while ((file_exists($dir.($nom = str_replace('@stamp@',"_{$stamp}_".substr("00$cpt",-3),$archive))))&&($cpt<999))
+ $cpt++;
+ return $nom;
+}
+
// http://doc.spip.org/@exec_export_all_dist
function exec_export_all_dist()
{
@@ -69,10 +77,9 @@ function exec_export_all_dist()
$dir = _DIR_TRANSFERT . $connect_login . '/';
}
- if (!$archive) {
- if ($gz) $archive = _SPIP_DUMP . '.gz';
- else $archive = _SPIP_DUMP;
- }
+ if (!$archive)
+ $archive = export_nom_fichier_dump($dir,$gz);
+
// utiliser une version fraiche des metas (ie pas le cache)
include_spip('inc/meta');
@@ -89,13 +96,6 @@ function exec_export_all_dist()
else
$start = ($status_dump[2]==0)&&($status_dump[3]==0);
}
- if ($start){
- // phase admin en debut de dump
- // apres, on continue sans verif :
- // sur la duree du dump cela genere de demandes recurrentes d'authent
- debut_admin(generer_url_post_ecrire("export_all","archive=$archive&gz=$gz"), $action);
- fin_admin($action);
- }
install_debut_html(_T('info_sauvegarde'));
diff --git a/ecrire/exec/import_all.php b/ecrire/exec/import_all.php
index a53c96e3a1..1d9b6f836f 100644
--- a/ecrire/exec/import_all.php
+++ b/ecrire/exec/import_all.php
@@ -80,12 +80,12 @@ function import_charge_version($version_archive)
// http://doc.spip.org/@exec_import_all_dist
function exec_import_all_dist()
{
- global $archive;
-
// si l'appel est explicite,
// passer par l'authentification ftp et attendre d'etre rappele
if (!$GLOBALS['meta']["debut_restauration"]) {
// cas de l'appel apres demande de confirmation
+ $archive=_request('archive');
+ if (!strlen($archive)) $archive=_request('archive_perso');
if ($archive) {
$action = _T('info_restauration_sauvegarde', array('archive' => $archive));
$commentaire = verifier_version_sauvegarde ($archive);
diff --git a/ecrire/inc/utils.php b/ecrire/inc/utils.php
index 7a8eb4a6a2..74689eca68 100644
--- a/ecrire/inc/utils.php
+++ b/ecrire/inc/utils.php
@@ -969,7 +969,7 @@ function spip_initialisation() {
// qq chaines standard
define('_ACCESS_FILE_NAME', '.htaccess');
define('_AUTH_USER_FILE', '.htpasswd');
- define('_SPIP_DUMP', 'dump.xml');
+ define('_SPIP_DUMP', 'dump@stamp@.xml');
define('_DOCTYPE_ECRIRE', "<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN' 'http://www.w3.org/TR/html4/loose.dtd'>\n");
--
GitLab