summaryrefslogtreecommitdiffstats
path: root/usr/local
diff options
context:
space:
mode:
Diffstat (limited to 'usr/local')
-rwxr-xr-xusr/local/www/system_firmware_restorefullbackup.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/usr/local/www/system_firmware_restorefullbackup.php b/usr/local/www/system_firmware_restorefullbackup.php
index d671fc2..6fa7041 100755
--- a/usr/local/www/system_firmware_restorefullbackup.php
+++ b/usr/local/www/system_firmware_restorefullbackup.php
@@ -59,9 +59,9 @@ if($_GET['backupnow'])
mwexec_bg("/etc/rc.create_full_backup");
if($_GET['downloadbackup']) {
- $filename = $_GET['downloadbackup'];
+ $filename = basename($_GET['downloadbackup']);
$path = "/root/{$filename}";
- if(file_exists("/root/{$filename}")) {
+ if(file_exists($path)) {
session_write_close();
ob_end_clean();
session_cache_limiter('public');
OpenPOWER on IntegriCloud