1<?php 2/** 3 * Copyright since 2007 PrestaShop SA and Contributors 4 * PrestaShop is an International Registered Trademark & Property of PrestaShop SA 5 * 6 * NOTICE OF LICENSE 7 * 8 * This source file is subject to the Open Software License (OSL 3.0) 9 * that is bundled with this package in the file LICENSE.md. 10 * It is also available through the world-wide-web at this URL: 11 * https://opensource.org/licenses/OSL-3.0 12 * If you did not receive a copy of the license and are unable to 13 * obtain it through the world-wide-web, please send an email 14 * to license@prestashop.com so we can send you a copy immediately. 15 * 16 * DISCLAIMER 17 * 18 * Do not edit or add to this file if you wish to upgrade PrestaShop to newer 19 * versions in the future. If you wish to customize PrestaShop for your 20 * needs please refer to https://devdocs.prestashop.com/ for more information. 21 * 22 * @author PrestaShop SA and Contributors <contact@prestashop.com> 23 * @copyright Since 2007 PrestaShop SA and Contributors 24 * @license https://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0) 25 */ 26@trigger_error('Using '.__FILE__.' to make an ajax call is deprecated since 1.7.6.0 and will be removed in the next major version. Use a controller instead.', E_USER_DEPRECATED); 27 28/** 29 * @deprecated 30 * Opens a backup file for download 31 * 32 * -> Duplicated in Symfony (route: admin_backup_download) 33 */ 34 35if (!defined('_PS_ADMIN_DIR_')) { 36 define('_PS_ADMIN_DIR_', __DIR__); 37} 38include _PS_ADMIN_DIR_.'/../config/config.inc.php'; 39 40if (!Context::getContext()->employee->isLoggedBack()) { 41 Tools::redirectAdmin(Context::getContext()->link->getAdminLink('AdminLogin')); 42} 43 44$tabAccess = Profile::getProfileAccess( 45 Context::getContext()->employee->id_profile, 46 Tab::getIdFromClassName('AdminBackup') 47); 48 49if ($tabAccess['view'] !== '1') { 50 die(Context::getContext()->getTranslator()->trans( 51 'You do not have permission to view this.', 52 array(), 53 'Admin.Advparameters.Notification' 54 )); 55} 56 57$backupdir = realpath(PrestaShopBackup::getBackupPath()); 58 59if ($backupdir === false) { 60 die(Context::getContext()->getTranslator()->trans( 61 'There is no "/backup" directory.', 62 array(), 63 'Admin.Advparameters.Notification' 64 )); 65} 66 67if (!$backupfile = Tools::getValue('filename')) { 68 die(Context::getContext()->getTranslator()->trans( 69 'No file has been specified.', 70 array(), 71 'Admin.Advparameters.Notification' 72 )); 73} 74 75// Check the realpath so we can validate the backup file is under the backup directory 76$backupfile = realpath($backupdir.DIRECTORY_SEPARATOR.$backupfile); 77 78if ($backupfile === false || strncmp($backupdir, $backupfile, strlen($backupdir)) != 0) { 79 die(Tools::dieOrLog('The backup file does not exist.')); 80} 81 82if (substr($backupfile, -4) == '.bz2') { 83 $contentType = 'application/x-bzip2'; 84} elseif (substr($backupfile, -3) == '.gz') { 85 $contentType = 'application/x-gzip'; 86} else { 87 $contentType = 'text/x-sql'; 88} 89$fp = @fopen($backupfile, 'rb'); 90 91if ($fp === false) { 92 die(Context::getContext()->getTranslator()->trans( 93 'Unable to open backup file(s).', 94 array(), 95 'Admin.Advparameters.Notification' 96 ).' "'.addslashes($backupfile).'"' 97 ); 98} 99 100// Add the correct headers, this forces the file is saved 101header('Content-Type: '.$contentType); 102header('Content-Disposition: attachment; filename="'.Tools::getValue('filename'). '"'); 103 104if (ob_get_level() && ob_get_length() > 0) { 105 ob_clean(); 106} 107$ret = @fpassthru($fp); 108 109fclose($fp); 110 111if ($ret === false) { 112 die(Context::getContext()->getTranslator()->trans( 113 'Unable to display backup file(s).', 114 array(), 115 'Admin.Advparameters.Notification' 116 ).' "'.addslashes($backupfile).'"' 117 ); 118} 119