diff options
| author | David M <davidmj@users.sourceforge.net> | 2006-05-06 20:35:30 +0000 |
|---|---|---|
| committer | David M <davidmj@users.sourceforge.net> | 2006-05-06 20:35:30 +0000 |
| commit | 6d3a8bd107bbd40d7afa3cc7adc5d5f46a3de63d (patch) | |
| tree | d3f928edf10e7a9685b5908f0e151d7c356f083e /phpBB/includes | |
| parent | 830f1fdab7b1a216ed1d00df1ae98ed31286291e (diff) | |
| download | forums-6d3a8bd107bbd40d7afa3cc7adc5d5f46a3de63d.tar forums-6d3a8bd107bbd40d7afa3cc7adc5d5f46a3de63d.tar.gz forums-6d3a8bd107bbd40d7afa3cc7adc5d5f46a3de63d.tar.bz2 forums-6d3a8bd107bbd40d7afa3cc7adc5d5f46a3de63d.tar.xz forums-6d3a8bd107bbd40d7afa3cc7adc5d5f46a3de63d.zip | |
- Make it impossible to open/delete/download files that don't exist :P
git-svn-id: file:///svn/phpbb/trunk@5891 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/acp/acp_database.php | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 587f3d0851..4afbea026d 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -1023,11 +1023,7 @@ class acp_database { continue; } - $methods[] = $type; - } - foreach ($methods as $type) - { $template->assign_block_vars('methods', array( 'TYPE' => $type )); @@ -1041,16 +1037,19 @@ class acp_database { case 'submit': $delete = request_var('delete', ''); + $file = request_var('file', ''); + + if (!(file_exists($file) && is_readable($file))) + { + trigger_error($lang['BACKUP_INVALID']); + } if ($delete) { - $file = request_var('file', ''); unlink($phpbb_root_path . 'store/' . $file); trigger_error($user->lang['BACKUP_SUCCESS']); } - $file = request_var('file', ''); - preg_match('#^(\d{10})\.(sql(?:\.(?:gz|bz2))?)$#', $file, $matches); $data = file_get_contents($phpbb_root_path . 'store/' . $matches[0]); @@ -1113,7 +1112,7 @@ class acp_database break; default: - $selected = $stop = false; + $selected = false; $methods = array('sql'); $available_methods = array('sql.gz' => 'zlib', 'sql.bz2' => 'bz2'); @@ -1141,11 +1140,17 @@ class acp_database 'NAME' => gmdate("d-m-Y H:i:s", $matches[1]), 'SUPPORTED' => $supported )); + $selected = true; } } } closedir($dh); + if ($selected === true) + { + $template->assign_var('EXISTS', true); + } + $template->assign_vars(array( 'U_ACTION' => $this->u_action . '&action=submit' )); |