ffdc9e7705
WordFilters.Create now returns the ID. Add the WordFilters.Get method. Reduce the boilerplate in the backup page and page store. Sanitise the names and titles in the Page Manager. Add page_unknown phrase. Add setting_unknown phrase. Add panel_logs_administration_action_page_create phrase. Add panel_logs_administration_action_page_delete phrase. Add panel_logs_administration_action_page_edit phrase. Add panel_logs_administration_action_setting_edit phrase. Add panel_logs_administration_action_word_filter_create phrase. Add panel_logs_administration_action_word_filter_delete phrase. Add panel_logs_administration_action_word_filter_edit phrase. Add panel_logs_administration_action_backup_download phrase.
67 lines
2.3 KiB
Go
67 lines
2.3 KiB
Go
package panel
|
|
|
|
import (
|
|
"io/ioutil"
|
|
"net/http"
|
|
"os"
|
|
"path/filepath"
|
|
"strconv"
|
|
|
|
c "github.com/Azareal/Gosora/common"
|
|
)
|
|
|
|
func Backups(w http.ResponseWriter, r *http.Request, user c.User, backupURL string) c.RouteError {
|
|
basePage, ferr := buildBasePage(w, r, &user, "backups", "backups")
|
|
if ferr != nil {
|
|
return ferr
|
|
}
|
|
|
|
if backupURL != "" {
|
|
// We don't want them trying to break out of this directory, it shouldn't hurt since it's a super admin, but it's always good to practice good security hygiene, especially if this is one of many instances on a managed server not controlled by the superadmin/s
|
|
backupURL = c.Stripslashes(backupURL)
|
|
|
|
ext := filepath.Ext("./backups/" + backupURL)
|
|
if ext != ".sql" && ext != ".zip" {
|
|
return c.NotFound(w, r, basePage.Header)
|
|
}
|
|
info, err := os.Stat("./backups/" + backupURL)
|
|
if err != nil {
|
|
return c.NotFound(w, r, basePage.Header)
|
|
}
|
|
|
|
h := w.Header()
|
|
h.Set("Content-Length", strconv.FormatInt(info.Size(), 10))
|
|
if ext == ".sql" {
|
|
// TODO: Change the served filename to gosora_backup_%timestamp%.sql, the time the file was generated, not when it was modified aka what the name of it should be
|
|
h.Set("Content-Disposition", "attachment; filename=gosora_backup.sql")
|
|
h.Set("Content-Type", "application/sql")
|
|
} else {
|
|
// TODO: Change the served filename to gosora_backup_%timestamp%.zip, the time the file was generated, not when it was modified aka what the name of it should be
|
|
h.Set("Content-Disposition", "attachment; filename=gosora_backup.zip")
|
|
h.Set("Content-Type", "application/zip")
|
|
}
|
|
// TODO: Fix the problem where non-existent files aren't greeted with custom 404s on ServeFile()'s side
|
|
http.ServeFile(w, r, "./backups/"+backupURL)
|
|
err = c.AdminLogs.Create("download", 0, "backup", user.LastIP, user.ID)
|
|
if err != nil {
|
|
return c.InternalError(err, w, r)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
var backupList []c.BackupItem
|
|
backupFiles, err := ioutil.ReadDir("./backups")
|
|
if err != nil {
|
|
return c.InternalError(err, w, r)
|
|
}
|
|
for _, backupFile := range backupFiles {
|
|
ext := filepath.Ext(backupFile.Name())
|
|
if ext != ".sql" {
|
|
continue
|
|
}
|
|
backupList = append(backupList, c.BackupItem{backupFile.Name(), backupFile.ModTime()})
|
|
}
|
|
|
|
return renderTemplate("panel", w, r, basePage.Header, c.Panel{basePage, "", "", "panel_backups", c.PanelBackupPage{basePage, backupList}})
|
|
}
|