$action = $provided;
} elseif (isset($_GET[$provided])) {
$action = $provided;
}
}
$content = '';
switch ($action) {
case 'backup':
if (SEC_checkToken()) {
if ($_VARS['lglib_dbback_mysqldump']) {
$display .= DBADMIN_backup();
} else {
USES_lglib_class_dbbackup();
$backup = new dbBackup();
$backup->perform_backup();
$backup->Purge();
$view = 'list';
}
} else {
COM_accessLog("User {$_USER['username']} tried to illegally backup the database and failed CSRF checks.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
}
break;
case 'download':
$file = '';
if (isset($_GET['file'])) {
$file = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', COM_applyFilter($_GET['file']));
$file = str_replace('..', '', $file);
if (!file_exists($_CONF['backup_path'] . $file)) {
$file = '';
}
/**
* Perform database backup
*
* @return string HTML success or error message
*
*/
function DBADMIN_backup()
{
global $_CONF, $LANG08, $LANG_DB_BACKUP, $MESSAGE, $_IMAGE_TYPE, $_DB_host, $_DB_name, $_DB_user, $_DB_pass;
$retval = '';
$backup = new dbBackup();
$backup->perform_backup();
$backup->Purge();
$retval .= DBADMIN_list();
return $retval;
}