2010-04-06, 07:24 PM
Hi there,
Now firstly I would like to state this is just a hypothetical
scene.
Let's for a moment, say I had a daughter. Let's also, for a moment
say I had a FTP program open, and I left my chair for a moment
to go get a drink and something to eat. Now let's also say when I came
back, everything in my FTP was deleted and I was locked out of my
FTP/Cpanel/Forum accounts.
Now , based on this. Let's for a moment. Say that an SQL Database backup
still existed. But I don't know the name of the back.
Could, I still access this database download, if I could determine the name?.
------
So basically. Lets say my forums were royally screwed, I was locked out of
all my accounts, and the only way to restore it was to gain access to the
Databse download and set up a new server, and just upload the most
recent download of my DB.
------
I went through the code here::
And I notice this line here::
And I was wondering. ..."wtf....".
So I had a few questions.
1) Why are you MD5'ing the user ID with the current time of backup,
and then adding 10 numbers to the random string of 54 numbers. (Unless
that's wrong).
2) Is there a way to determine the name, of a database back up I have
if I knew only 2 or 3 of the variables? (I know the date and time made.;
the user id, and where it's located.)
3) I know where the back ups are; they are here: ./backups/backup_**.sql.gz.
4) I also know that the SQL backup has the extension ".sql.gz"; I also know
that I can download it, if I knew the path name. (i tested this months ago).
So, like my question states. Is there a way to determine the backup name?
so I could download it, and then go to a new server upload the db, input
my domain name, and then report the other one?
----
Finally, what does this code here do: (I can't figure it out);;
-Viral.
Now firstly I would like to state this is just a hypothetical
scene.
Let's for a moment, say I had a daughter. Let's also, for a moment
say I had a FTP program open, and I left my chair for a moment
to go get a drink and something to eat. Now let's also say when I came
back, everything in my FTP was deleted and I was locked out of my
FTP/Cpanel/Forum accounts.
Now , based on this. Let's for a moment. Say that an SQL Database backup
still existed. But I don't know the name of the back.
Could, I still access this database download, if I could determine the name?.
------
So basically. Lets say my forums were royally screwed, I was locked out of
all my accounts, and the only way to restore it was to gain access to the
Databse download and set up a new server, and just upload the most
recent download of my DB.
------
I went through the code here::
@set_time_limit(0);
if($mybb->input['method'] == 'disk')
{
$file = MYBB_ADMIN_DIR.'backups/backup_'.substr(md5($mybb->user['uid'].TIME_NOW), 0, 10).random_str(54);
if($mybb->input['filetype'] == 'gzip')
{
if(!function_exists('gzopen')) // check zlib-ness
{
flash_message($lang->error_no_zlib, 'error');
admin_redirect("index.php?module=tools/backupdb&action=backup");
}
$fp = gzopen($file.'.sql.gz', 'w9');
}
else
{
$fp = fopen($file.'.sql', 'w');
}
}
else
{
$file = 'backup_'.substr(md5($mybb->user['uid'].TIME_NOW), 0, 10).random_str(54);
if($mybb->input['filetype'] == 'gzip')
{
if(!function_exists('gzopen')) // check zlib-ness
{
flash_message($lang->error_no_zlib, 'error');
admin_redirect("index.php?module=tools/backupdb&action=backup");
}
And I notice this line here::
$file = 'backup_'.substr(md5($mybb->user['uid'].TIME_NOW), 0, 10).random_str(54);
And I was wondering. ..."wtf....".
So I had a few questions.
1) Why are you MD5'ing the user ID with the current time of backup,
and then adding 10 numbers to the random string of 54 numbers. (Unless
that's wrong).
2) Is there a way to determine the name, of a database back up I have
if I knew only 2 or 3 of the variables? (I know the date and time made.;
the user id, and where it's located.)
3) I know where the back ups are; they are here: ./backups/backup_**.sql.gz.
4) I also know that the SQL backup has the extension ".sql.gz"; I also know
that I can download it, if I knew the path name. (i tested this months ago).
So, like my question states. Is there a way to determine the backup name?
so I could download it, and then go to a new server upload the db, input
my domain name, and then report the other one?
----
Finally, what does this code here do: (I can't figure it out);;
$fp = gzopen($file.'.sql.gz', 'w9');
}
else
{
$fp = fopen($file.'.sql', 'w');
}
-Viral.