php mysql/file backend, thanks to Kabal458

--HG--
extra : convert_revision : svn%3Ab267cdba-c1da-11dd-874b-8bacd04a0a74/trunk%4048

1 files changed, 115 insertions, 0 deletions

diff --git a/backend/php-mysql+file/index.php b/backend/php-mysql+file/index.php
new file mode 100644
index 0000000..4528c22
--- /dev/null
+++ b/backend/php-mysql+file/index.php
@@ -0,0 +1,115 @@
+<?php
+	/**
+	 * This file contains the plugin to allow importing from a MySQL database
+	 * but instead of saving data to that database it will write it instead to
+	 * a static XML file.  The load function will echo out the contents of the
+	 * file.
+	 * 
+	 * When saving/loading the script will only accept alphanumeric w/ underscore
+	 * filenames between 1 and 100 characters (yes, its arbitrary, change it if
+	 * you don't like it :p).
+	 * 
+	 * No validation is performed on the XML data saved to file.  A malicious user
+	 * could potentially upload a HUGE file so be aware of this when you configure
+	 * your server.  No user authentication is included.
+	 * 
+	 * Please note that this is not all my work.  Large portions of it have been
+	 * copied from the php-mysql and php-file plugins.
+	 * 
+	 * @author 'Kabal458'	<Kabal458@gmail.com>
+	 * @since  10-July-2009
+	 */
+
+	// Define these constants for importing from your MySQL database. MySQL 
+	// usually stores your metadata inside the `information_schema` database
+	// on the `TABLES` table
+	define('HOST',	'localhost');
+	define('USER',	'root');
+	define('PASS',	'password');
+	define('DB',	'information_schema');
+	
+	// This constant is the regular expression used to validate the filename
+	define('FILENAME_REGEX',   '^[A-Za-z0-9_]{1,100}$');
+	
+	// Pull the action variable from the GET and validate it
+	$action = isset($_GET['action']) ? $_GET['action'] : '';
+	
+	if(!in_array($action, array('list','save','load','import'))) {
+		header('HTTP/1.0 501 Not Implemented');
+		exit;
+	}
+	
+	// Save and Load actions must have the 'keyword' GET variable to work,  
+	// I've used a regular expression to keep filenames simple and valid 
+	// so that they don't do anything unintended.
+	if($action == 'save' || $action == 'load') {
+		if(!isset($_GET['keyword']) || !ereg(FILENAME_REGEX, $_GET['keyword'])) {
+			header('HTTP/1.0 400 Bad Request');
+			exit;
+		}
+	}
+	
+	// The import action requires the database variable to be set
+	if($action == 'import' && !isset($_GET['database'])) {
+		header('HTTP/1.0 400 Bad Request');
+		exit;	
+	}
+	
+	// Based on the action variable return appropriate data
+	switch($action) {
+		case 'list':
+			// List all files in the data directory
+			foreach (glob('data/*') as $file)
+				echo basename($file)."\n";
+			break;
+			
+		case 'save':
+			// Open the file for writing
+			$f = fopen('data/'.$_GET['keyword'], 'w');
+			
+			// Read in the contents of the XML file from input
+			$data = file_get_contents('php://input');
+			if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) {
+			   $data = stripslashes($data);
+			}
+			
+			// Write the data to the file and close the file
+			fwrite($f, $data);
+			fclose($f);
+			
+			// Write the response HTTP code
+			header('HTTP/1.0 201 Created');
+			break;
+			
+		case 'load':
+			$keyword = 'data/' . $_GET['keyword'];
+			if (!file_exists($keyword)) {
+				header('HTTP/1.0 404 Not Found');
+			} else {
+				header('Content-type: text/xml');
+				echo file_get_contents($keyword);
+			}
+			break;
+			
+		case 'import':
+			// The import command may take some time, so make sure that PHP won't timeout
+			set_time_limit(0);
+			
+			// I've included the mysql_import function from the php_mysql plugin as its
+			// own file for future compatibility and to take so much code out of this one
+			// file.
+			require_once 'mysql_import.php';
+			
+			// Connect to the MySQL Database, short circuiting ensures that this code will 
+			// execute without error
+			if (!mysql_connect(HOST,USER,PASS) || !mysql_select_db(DB)) {
+				header("HTTP/1.0 503 Service Unavailable");
+				exit;
+			}
+			
+			header("Content-type: text/xml");
+			echo import();
+			
+			break;
+	}	
+?>