Integration

Sypex Dumper 2 can be integrated into third-party products. This is achieved due to the new authentication system, which allows the use of custom (user) authentication.

Working scheme of authentication.

Dumper features the following scheme:

  1. The user enters the main page. By default, he does not have access, the variable $auth=0.
  2. Dumper loads file ‘cfg.php’ with basic settings.
  3. Dumper sequentially enumerates authentication options mentioned in the "authentication chain".
  4. If after the execution of the next variant of the authentication the variable $auth becomes TRUE, that means that the user is logged in, a session is established, and the config file is copied into it. And from this point on, user works with this virtual config file.
  5. If after the review of all authenticating options the user has not been authorized, then the dumper shows the login page.

Virtual config file

Virtual config file is designed to ensure that during the authentication the dumper’s settings can be flexibly changed. This allows for use of one copy of the dumper by multiple users. The simplest example is the change of the directory for storing backup files, depending on the user name.

File authentication phpBB 3

Let us consider authentication file with the example of forum phpBB 3.

File name consists of the prefix ‘auth_’, the name of the authentication (consisting of English letters, numbers and underscores) and the extension ‘php’.

Authentication file must contain a set of instructions, which, in the case of positive authentication of the user, must set the variable $auth to TRUE (or 1). Also, in the authentication file you can change any properties of the config file (after that they will be taken to the virtual config). Access to the properties of the config file is done through the array $this->CFG.

<?php
// Sypex Dumper 2 authorization file for phpBB 3
if(!empty($_GET['sid']) && preg_match('/^[da-f]{32}$/', $_GET['sid'])){
    $path = '../forum/config.php'; // Path to phpbb3 config
    include($path);
    $this->CFG['my_db'] = $dbname;
    $sid = $_GET['sid'];
    if($this->connect($dbhost, $dbport, $dbuser, $dbpasswd)){
        // Check user
        mysql_selectdb($dbname);
        if($r = mysql_query("SELECT session_user_id FROM {$table_prefix}sessions WHERE session_id = '{$sid}' AND session_admin = 1")){
            $u = mysql_fetch_assoc($r);
            if(!empty($u['session_user_id'])) $auth = 1;
        }
    }
}
?>

So, in the example shown above, in line 3 we check whether the dumper has received the phpbb 3 user’s sid. It’s not necessary to receive sid via GET, it is possible to do it via Cookie or in any other way.

If the sid with correct format has been received, then checking begins. In line 4, the address of forum‘s config file. In line 5, it is being connected, then in line 6, we assign a name of the database which contains the forum, to the property ‘my_db’ (due to this, by entering the dumper from the forum, the user will have access only to the base of the forum).

In line 8, we establish a connect to MySQL using the method $this->connect(); this method checks the ability to connect to MySQL, and if successful, saves settings to the virtual config file.

Next in line 10, desired database is selected, and in line 11, we get the user from the sessions table of phpBB3. If the user is found, and he is logged in to the administrative part, then the variable $auth becomes equal to 1.

And that's all. User enters the dumper even without entering a username and password.

Another example

As another example, let’s write a modified mysql authentication, the difference would be that each user will have his own directory for backup, and also when you click exit, the dumper will redirect you to the home page.

Name the file, for example, ‘auth_multi.php’. The dumper passes variables from the form of authentication to the authentication file: $user, $pass, $host, $port. In this example we use them. And also to configure the exit button, we use property  $this->CFG ['exitURL'].

<?php
// Sypex Dumper 2 authorization file for Example
if(!empty($user) && isset($pass) && $this->connect($host, $port, $user, $pass)){
    $auth = 1;
    $this->CFG['backup_path'] = '/home/' . $user. '/backup/';
    $this->CFG['exitURL'] = '/';
}
?>

In line 3, we check if the user has access to MySQL, and if so, the line 4 we indicate that the user is logged in. In line 5 we specify the directory to store user backups in (the directory must exist, the dumper does not create it), and in line 6, the exit path is set, in this case it’s the site root.

Then it will be needed only to copy the file to the dumper directory, and to add the name of the file authentication ‘multi’ to the beginning of authentication chain. Please note that variants of the authentication are checked by their order in the chain.

Integration interface

Now, after creating the authentication file, you need to embed the dumper to the administrative part of the script. Given that dumper has constant height and width of the window, the easiest way to integrate the dumper to the third-party interface scripts is to use iframe. Just insert the line:

<iframe src="/sxd/" width="586" height="462" frameborder="0" style="margin:0;"></iframe>

where in ‘src’ you add the URL- address of the dumper.

If you have any questions on the integration dumper, you can ask them on the forum or use the contact page.

Sypex Dumper


Sypex Geo


News

2024.03.01
New version of Sypex Dumper Pro 2.4 has been released
2020.11.11

2020.05.01

2018.12.20


Statistics

Downloads:503 773
ßíäåêñ.Ìåòðèêà