public function executeFile(sfWebRequest $request)
{
$file = $request->getParameter('filename');
$type = $request->getParameter('type');
switch ($type) {
case 'backup':
$apl = new Appliance();
$base_dir = $apl->get_archive_base_dir();
break;
default:
break;
}
if (!$base_dir) {
return sfView::NONE;
}
$path = realpath($base_dir . '/' . $file);
// if base_dir isn't at the front 0==strpos, most likely hacking attempt
if (strpos($path, $base_dir)) {
die('Invalid Path');
} elseif (file_exists($path)) {
$this->prepareDownload($file);
readfile($path);
} else {
die('Invalid Path');
}
return sfView::NONE;
}
