Révision 62480a44
Ajouté par Renato Botelho il y a presque 10 ans
| usr/local/www/system_firmware_restorefullbackup.php | ||
|---|---|---|
| 59 | 59 |
mwexec_bg("/etc/rc.create_full_backup");
|
| 60 | 60 |
|
| 61 | 61 |
if($_GET['downloadbackup']) {
|
| 62 |
$filename = $_GET['downloadbackup'];
|
|
| 62 |
$filename = basename($_GET['downloadbackup']);
|
|
| 63 | 63 |
$path = "/root/{$filename}";
|
| 64 |
if(file_exists("/root/{$filename}")) {
|
|
| 64 |
if(file_exists($path)) {
|
|
| 65 | 65 |
session_write_close(); |
| 66 | 66 |
ob_end_clean(); |
| 67 | 67 |
session_cache_limiter('public');
|
Formats disponibles : Unified diff
Avoid directory traversal on restorefullbackup