110
If anyone is interested in renaming their XOOPS prefix to help protect them from SQL injection attacks, this script from GIJOE's forum should do it;
1) Make backup of mainfile.php AND your XOOPS database
2) Copy script to file and name it something like change_pre.php
3) Upload it to your XOOPS root directory
4) Change permissions on your mainfile.php so the server can write to it
5) Access file by going to <Xoops_URL>/change_pre.php and set new table prefix
6) Delete change_pre.php (important! If you don't do this, people will be able to alter you table prefix!)
7) Set permissions back on your mainfile.php so the server can't write to it.
<?php
include 'mainfile.php';
if ( !is_writable(XOOPS_ROOT_PATH.'/mainfile.php') ) {
exit('mainfile.php is not writable');
}
if ( empty($_POST['submit']) ) {
include XOOPS_ROOT_PATH.'/class/xoopsformloader.php';
$sform = new XoopsThemeForm("Changing XOOPS_DB_PREFIX", "prefixform", xoops_getenv('PHP_SELF'));
$sform->addElement(new XoopsFormText("PREFIX", 'prefix', 50, 80, XOOPS_DB_PREFIX), true);
$sform->addElement(new XoopsFormHidden("oldname", XOOPS_DB_PREFIX));
$sform->addElement(new XoopsFormButton('', 'submit', 'change', 'submit'));
$shtml = $sform->render();
} else {
$shtml = '<h4 style="text-align:left">Changing XOOPS_DB_PREFIX '.XOOPS_DB_NAME.'</h4>';
$shtml.= '<table class="outer" width="100%" cellpadding="4" cellspacing="1">';
$shtml.= '<tr align="center"><th>From</th><th>To</th></tr>';
// changes
$local_query = 'SHOW TABLE STATUS FROM `'.XOOPS_DB_NAME.'`';
$result = $xoopsDB->queryF($local_query);
$count = 0;
if ( $xoopsDB->getRowsNum($result) ) {
while( $row = $xoopsDB->fetchArray($result) ){
if ($count % 2 == 0) { $class = 'even'; } else { $class = 'odd'; }
$count++;
$newtable = str_replace(XOOPS_DB_PREFIX.'_',$_POST['prefix'].'_',$row['Name']);
$sql = "RENAME TABLE ".$row['Name']." TO ".$newtable;
$ret = $xoopsDB->queryF($sql);
if ( $ret ) {
$shtml.= '<tr class="'.$class.'"><td>'.$row['Name'].'</td><td>'.$newtable.'</td></tr>';
} else {
$shtml.= '<tr class="'.$class.'"><td>'.$row['Name'].'</td><td>Failed. sorry...</td></tr>';
}
}
}
$shtml.= '</table>';
$shtml.= '<div><a href="'.XOOPS_URL.'/">return to Top</a></div>';
// modifying mainfile.php
$main = file(XOOPS_ROOT_PATH.'/mainfile.php');
foreach ( $main as $val ) {
if ( strpos($val,'XOOPS_DB_PREFIX')!==false ) {
$buf[] = str_replace($_POST['oldname'],$_POST['prefix'],$val);
} else {
$buf[] = $val;
}
}
if (!$fp = fopen(XOOPS_ROOT_PATH.'/mainfile.php', "wb") ) {
echo "writing mainfile.php failed. please edit manually";
} else {
fputs($fp, join("", $buf));
fclose($fp);
}
}
include XOOPS_ROOT_PATH.'/header.php';
echo $shtml;
include XOOPS_ROOT_PATH.'/footer.php';
?>