diff options
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/acp/acp_database.php | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/phpBB/includes/acp/acp_database.php b/phpBB/includes/acp/acp_database.php index 56235d8e88..cb7b43fb27 100644 --- a/phpBB/includes/acp/acp_database.php +++ b/phpBB/includes/acp/acp_database.php @@ -209,10 +209,14 @@ class acp_database $delete = request_var('delete', ''); $file = request_var('file', ''); - preg_match('#^backup_\d{10,}_[a-z\d]{16}\.(sql(?:\.(?:gz|bz2))?)$#', $file, $matches); + if (!preg_match('#^backup_\d{10,}_[a-z\d]{16}\.(sql(?:\.(?:gz|bz2))?)$#', $file, $matches)) + { + trigger_error($user->lang['BACKUP_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); + } + $file_name = $phpbb_root_path . 'store/' . $matches[0]; - if (!(file_exists($file_name) && is_readable($file_name))) + if (!file_exists($file_name) || !is_readable($file_name))) { trigger_error($user->lang['BACKUP_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); } |