forked from hestiacp/hestiacp
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.php
More file actions
44 lines (39 loc) · 1.25 KB
/
index.php
File metadata and controls
44 lines (39 loc) · 1.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<?php
use function Hestiacp\quoteshellarg\quoteshellarg;
ob_start();
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
// Check token
verify_csrf($_GET);
$backup = $_GET["backup"];
if (!file_exists("/backup/" . $backup)) {
$backup = quoteshellarg($_GET["backup"]);
exec(
HESTIA_CMD . "v-schedule-user-backup-download " . $user . " " . $backup,
$output,
$return_var,
);
if ($return_var == 0) {
$_SESSION["error_msg"] = _("Download of remote backup file has been scheduled.");
} else {
$_SESSION["error_msg"] = implode("<br>", $output);
if (empty($_SESSION["error_msg"])) {
$_SESSION["error_msg"] = _("Error: Hestia did not return any output.");
}
}
unset($output);
header("Location: /list/backup/");
exit();
} else {
if ($_SESSION["userContext"] === "admin") {
header("Content-type: application/gzip");
header("Content-Disposition: attachment; filename=\"" . $backup . "\";");
header("X-Accel-Redirect: /backup/" . $backup);
}
if (!empty($_SESSION["user"]) && $_SESSION["userContext"] != "admin") {
if (strpos($backup, $_SESSION["user"] . ".") === 0) {
header("Content-type: application/gzip");
header("Content-Disposition: attachment; filename=\"" . $backup . "\";");
header("X-Accel-Redirect: /backup/" . $backup);
}
}
}