1
0
www.mikescher.com/www/pages/api_backupupload.php

31 lines
1020 B
PHP
Raw Normal View History

2018-03-03 16:12:44 +01:00
<?php
global $OPTIONS;
require_once (__DIR__ . '/../internals/base.php');
require_once (__DIR__ . '/../internals/database.php');
$folder = $OPTIONS['folder'];
2018-12-22 21:20:12 +01:00
$filename = $OPTIONS['filename'];
$secret = $OPTIONS['secret'];
$uri = $OPTIONS['uri'];
2018-03-03 16:12:44 +01:00
2018-12-22 21:20:12 +01:00
$reltarget = "Backup/$folder/$filename";
2018-03-03 16:12:44 +01:00
if ($secret !== $CONFIG['upload_secret']) die('Unauthorized.');
$putdata = fopen("php://input", "r");
2018-12-22 21:20:12 +01:00
$fp = tmpfile();
$tmppath = stream_get_meta_data($fp)['uri'];
2018-03-03 16:12:44 +01:00
while ($data = fread($putdata, 1024)) fwrite($fp, $data);
fclose($fp);
fclose($putdata);
2018-12-22 21:20:12 +01:00
$std = shell_exec("sudo ncc_upload " . '"' . $tmppath . '" "' . $reltarget . '"'); // ncc_upload is allowed for all in /etc/sudoers
2018-03-03 16:12:44 +01:00
2018-12-22 21:20:12 +01:00
$content = "REQUEST: " . $uri . "\r\n\r\n" .
2018-03-03 16:12:44 +01:00
"IP: " . get_client_ip() . "\r\n\r\n" .
2018-12-22 21:20:12 +01:00
"TARGET: " . $reltarget . "\r\n\r\n" .
"OUTPUT: " . $std . "\r\n\r\n";
2018-03-03 16:12:44 +01:00
sendMail("Fileupload to '$folder' triggered", $content, 'virtualadmin@mikescher.de', 'webserver-error@mikescher.com');