summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@gmail.com>2011-09-25 23:17:17 -0400
committerScott Ullrich <sullrich@gmail.com>2011-09-25 23:17:17 -0400
commit110603e4e2b03456e303779cc3b69cbc3208a7c8 (patch)
tree4c4134df35b25b1d9a89426d6e1454d63448c24f
parent9249074503d88b1dd2d6d606d2f71257a1ad6419 (diff)
downloadpfsense-110603e4e2b03456e303779cc3b69cbc3208a7c8.zip
pfsense-110603e4e2b03456e303779cc3b69cbc3208a7c8.tar.gz
Disable download and revisit tomorrow
Diffstat
-rwxr-xr-xusr/local/www/system_firmware_restorefullbackup.php36
1 files changed, 19 insertions, 17 deletions
diff --git a/usr/local/www/system_firmware_restorefullbackup.php b/usr/local/www/system_firmware_restorefullbackup.php
index 6d39829..96e488d 100755
--- a/usr/local/www/system_firmware_restorefullbackup.php
+++ b/usr/local/www/system_firmware_restorefullbackup.php
@@ -63,21 +63,23 @@ if($_GET['backupnow'])
if($_GET['downloadbackup']) {
$filename = $_GET['downloadbackup'];
- session_cache_limiter('public');
- $fd = fopen($filename, "rb");
- header("Content-Type: application/octet-stream");
- header("Content-Length: " . filesize("/root/" . escapeshellcmd($filename)));
- header("Content-Disposition: attachment; filename=\"" .
- trim(htmlentities(basename("/root/" . escapeshellcmd($filename)))) . "\"");
- if (isset($_SERVER['HTTPS'])) {
- header('Pragma: ');
- header('Cache-Control: ');
- } else {
- header("Pragma: private");
- header("Cache-Control: private, must-revalidate");
+ if(file_exists("/root/{$filename}")) {
+ session_cache_limiter('public');
+ $fd = fopen("/root/" . $filename, "rb");
+ header("Content-Type: application/octet-stream");
+ header("Content-Length: " . filesize("/root/" . $filename));
+ header("Content-Disposition: attachment; filename=\"" .
+ trim(htmlentities(basename($filename))) . "\"");
+ if (isset($_SERVER['HTTPS'])) {
+ header('Pragma: ');
+ header('Cache-Control: ');
+ } else {
+ header("Pragma: private");
+ header("Cache-Control: private, must-revalidate");
+ }
+ fpassthru($fd);
+ exit;
}
- fpassthru($fd);
- exit;
}
if ($_GET['deletefile']) {
@@ -156,9 +158,9 @@ include("head.inc");
echo "<a onclick=\"return confirm('" . gettext("Do you really want to delete this backup?") . "')\" href='system_firmware_restorefullbackup.php?deletefile=" . htmlspecialchars($arf) . "'>";
echo gettext("Delete");
echo "</a> | ";
- echo "<a href='system_firmware_restorefullbackup.php?downloadbackup=" . htmlspecialchars($arf) . "'>";
- echo gettext("Download");
- echo "</a>";
+ //echo "<a href='system_firmware_restorefullbackup.php?downloadbackup=" . htmlspecialchars($arf) . "'>";
+ //echo gettext("Download");
+ //echo "</a>";
echo "</td>";
echo "</tr>";
}
OpenPOWER on IntegriCloud