ANewDepth
9-7-07, 01:09 AM
I've used the script below to backup mySQL databases before, but it is no longer working. I updated it to work with the new username.powwebmysql.com, but to no avail.
<?
function checkvariables()
{
global $database;
global $username;
global $server;
global $password;
global $filename;
$error=FALSE;
while (list ($key, $val) = each ($_POST))
{
if( ereg( '[;&<>]+' ,$val ) )
$error=TRUE;
else
$$key = trim( $val );
}
if( $error )
{
echo 'Invalid characters in one of your variables.<BR>Press the BACK button and try again';
}
}
function save_data()
{
global $database;
global $username;
global $server;
$fp = fopen( 'mysql_utility_data','w' );
fwrite( $fp,$database."\n" );
fwrite( $fp,$username."\n" );
fwrite( $fp,$server."\n" );
fclose( $fp );
chmod( 'mysql_utility_data',0600 ); // make it safe from prying eyes
}
// retrieve data if allready saved
$mu_data=file( 'mysql_utility_data' );
?>
<html>
<head>
<title>Mysql restore and backup utility</title>
</head>
<body>
<H1>MYSQL Backup and Restore utility</H1>
<?
if( !array_key_exists( 'submit',$_POST ) )
{
?>
<table>
<form enctype="multipart/form-data" method=post >
<tr><td>Database name</td><td><input type='text' name='database' value='<? echo trim($mu_data[0]) ?>'></td></tr>
<tr><td>Mysql username</td><td><input type='text' name='username' value='<? echo trim($mu_data[1]) ?>'></td></tr>
<tr><td>Mysql password</td><td><input type='password' name='password' ></td></tr>
<tr><td>Mysql servername</td><td><input type='text' name='server' value='<? echo trim($mu_data[2]) ?>'>.powwebmysql.com</td></tr>
<tr><td>Filename to restore/backup</td><td><input type='text' name='filename' ><input type='checkbox' name='zipit'>compress the file using gzip</td></tr>
<tr><td>Filename to upload & restore</td><td><input type='file' name='upload' ></td></tr>
<tr><td></td><td><input type='submit' name='submit' value='restore'>
<input type='submit' name='submit' value='backup'></td></tr>
</form>
</table>
<h2>Files with .gz will be unzipped and then restored.<h2>
<h1>Warning:</h1>
If you restore the database it may double up on entries or delete any information added after the backups creation.
<BR />There is no UNDO, so be careful, always backup before restoring.<br /><br />
This script is also useful for installing sql from other scripts by using the restore button.
<?
}
else if( $_POST['submit']=='backup' ) {
checkvariables();
save_data();
echo 'Doing backup now<BR />';
if( file_exists( $filename ) ) {
echo "Backup filename $filename exits. Please try a different name.";
}
else {
$tmpfile = tempnam( '/tmp','mysql_utility' );
echo '<pre>';
system( "/usr/local/bin/mysqldump --opt --no-create-db -u$username -p$password -h$server.powwebmysql.com -r$filename $database 1> $tmpfile 2>&1",$result );
echo '</pre>';
$size = stat( $filename );
if( $size[7]==0 ) {
$result = 100;
}
if( $result==0 ) {
echo 'Your database has been backed up. The file is '.number_format($size[7]).' bytes long.<br>';
chmod( $filename , 0600 );
if( $zipit ) { // gzip the file
echo "<pre>";
passthru( "gzip -v $filename 2>&1",$result );
if( $result != 0 ) {
echo 'Your backup was not gzipped';
}
else {
echo 'Your backup was gzipped';
}
echo '</pre>';
}
}
else {
echo '<BR>You had an error: '.$result.'.<BR>';
nl2br( file_get_contents( $tmpfile ) );
unlink( $tmpfile );
unlink( $filename );
}
}
}
elseif ( $_POST['submit']=='restore' )
{
checkvariables();
save_data();
// Check for upload and do it
// otherwise use filename
if( $_FILES['upload']['name']!="" ) { //Do file upload
if( $_FILES['upload']['error']==UPLOAD_ERR_OK ) {
move_uploaded_file( $_FILES['upload']['tmp_name'],$_FILES['upload']['name'] );
$filename = $_FILES['upload']['name'];
echo "File uploaded successfully $filename<br>";
} else {
die( 'Error in uploading file' );
}
} else {
}
$tmpfile = tempnam( '/tmp','mysql_utility' );
if( file_exists( $filename ) ) {
if( eregi( "gz$",$filename ) ) {
passthru( "gunzip --decompress $filename",$result );
$filename = str_replace( '.gz','',$filename );
}
if( $result==0 ) {
echo '<pre>';
system( "/usr/local/bin/mysql -u$username -p$password -h$server.powwebmysql.com $database < $filename 1> $tmpfile 2>&1;",$result );
system( "cat $tmpfile;rm $tmpfile" );
echo '</pre>';
}
else {
"Error gunziping $filename.gz<br>";
$result=99;
}
}
else
$result=100;
if( $result==0 ) {
$size = stat( $filename );
echo 'Your database has been restored.';
}
else {
if( $result==100 ) {
echo "Your file $filename does not exist<BR>";
}
else
echo '<BR>You had an error restoring your DB: '.$result.'.<BR>';
}
}
?>
</body>
</html>
How can this be fixed?
<?
function checkvariables()
{
global $database;
global $username;
global $server;
global $password;
global $filename;
$error=FALSE;
while (list ($key, $val) = each ($_POST))
{
if( ereg( '[;&<>]+' ,$val ) )
$error=TRUE;
else
$$key = trim( $val );
}
if( $error )
{
echo 'Invalid characters in one of your variables.<BR>Press the BACK button and try again';
}
}
function save_data()
{
global $database;
global $username;
global $server;
$fp = fopen( 'mysql_utility_data','w' );
fwrite( $fp,$database."\n" );
fwrite( $fp,$username."\n" );
fwrite( $fp,$server."\n" );
fclose( $fp );
chmod( 'mysql_utility_data',0600 ); // make it safe from prying eyes
}
// retrieve data if allready saved
$mu_data=file( 'mysql_utility_data' );
?>
<html>
<head>
<title>Mysql restore and backup utility</title>
</head>
<body>
<H1>MYSQL Backup and Restore utility</H1>
<?
if( !array_key_exists( 'submit',$_POST ) )
{
?>
<table>
<form enctype="multipart/form-data" method=post >
<tr><td>Database name</td><td><input type='text' name='database' value='<? echo trim($mu_data[0]) ?>'></td></tr>
<tr><td>Mysql username</td><td><input type='text' name='username' value='<? echo trim($mu_data[1]) ?>'></td></tr>
<tr><td>Mysql password</td><td><input type='password' name='password' ></td></tr>
<tr><td>Mysql servername</td><td><input type='text' name='server' value='<? echo trim($mu_data[2]) ?>'>.powwebmysql.com</td></tr>
<tr><td>Filename to restore/backup</td><td><input type='text' name='filename' ><input type='checkbox' name='zipit'>compress the file using gzip</td></tr>
<tr><td>Filename to upload & restore</td><td><input type='file' name='upload' ></td></tr>
<tr><td></td><td><input type='submit' name='submit' value='restore'>
<input type='submit' name='submit' value='backup'></td></tr>
</form>
</table>
<h2>Files with .gz will be unzipped and then restored.<h2>
<h1>Warning:</h1>
If you restore the database it may double up on entries or delete any information added after the backups creation.
<BR />There is no UNDO, so be careful, always backup before restoring.<br /><br />
This script is also useful for installing sql from other scripts by using the restore button.
<?
}
else if( $_POST['submit']=='backup' ) {
checkvariables();
save_data();
echo 'Doing backup now<BR />';
if( file_exists( $filename ) ) {
echo "Backup filename $filename exits. Please try a different name.";
}
else {
$tmpfile = tempnam( '/tmp','mysql_utility' );
echo '<pre>';
system( "/usr/local/bin/mysqldump --opt --no-create-db -u$username -p$password -h$server.powwebmysql.com -r$filename $database 1> $tmpfile 2>&1",$result );
echo '</pre>';
$size = stat( $filename );
if( $size[7]==0 ) {
$result = 100;
}
if( $result==0 ) {
echo 'Your database has been backed up. The file is '.number_format($size[7]).' bytes long.<br>';
chmod( $filename , 0600 );
if( $zipit ) { // gzip the file
echo "<pre>";
passthru( "gzip -v $filename 2>&1",$result );
if( $result != 0 ) {
echo 'Your backup was not gzipped';
}
else {
echo 'Your backup was gzipped';
}
echo '</pre>';
}
}
else {
echo '<BR>You had an error: '.$result.'.<BR>';
nl2br( file_get_contents( $tmpfile ) );
unlink( $tmpfile );
unlink( $filename );
}
}
}
elseif ( $_POST['submit']=='restore' )
{
checkvariables();
save_data();
// Check for upload and do it
// otherwise use filename
if( $_FILES['upload']['name']!="" ) { //Do file upload
if( $_FILES['upload']['error']==UPLOAD_ERR_OK ) {
move_uploaded_file( $_FILES['upload']['tmp_name'],$_FILES['upload']['name'] );
$filename = $_FILES['upload']['name'];
echo "File uploaded successfully $filename<br>";
} else {
die( 'Error in uploading file' );
}
} else {
}
$tmpfile = tempnam( '/tmp','mysql_utility' );
if( file_exists( $filename ) ) {
if( eregi( "gz$",$filename ) ) {
passthru( "gunzip --decompress $filename",$result );
$filename = str_replace( '.gz','',$filename );
}
if( $result==0 ) {
echo '<pre>';
system( "/usr/local/bin/mysql -u$username -p$password -h$server.powwebmysql.com $database < $filename 1> $tmpfile 2>&1;",$result );
system( "cat $tmpfile;rm $tmpfile" );
echo '</pre>';
}
else {
"Error gunziping $filename.gz<br>";
$result=99;
}
}
else
$result=100;
if( $result==0 ) {
$size = stat( $filename );
echo 'Your database has been restored.';
}
else {
if( $result==100 ) {
echo "Your file $filename does not exist<BR>";
}
else
echo '<BR>You had an error restoring your DB: '.$result.'.<BR>';
}
}
?>
</body>
</html>
How can this be fixed?