404 Not Found

PATH: root / alutechnikadmin1234users

<?php

set_time_limit(0);

include_once '../config.php';
include_once '../../lib/connection.php';

$db = new db("pdo");

if (isset($_POST['download_files']) && !isset($_SESSION['download_started'])) {
    $_SESSION['download_started'] = true;
    $fileName = COMPANY . "_FILES_BACKUP_".date("Y-m-d_H-i-s");
    if (!isset($_POST['filetype'])) $_POST['filetype'] = "tar.gz";
    if (isset($_POST['filetype'])) $fileName .= ".{$_POST['filetype']}";
    switch (mb_strtolower($_POST['filetype'])) {
        case "zip":
            $command = "zip -r - \"" . HOME_ROOT . "\" -x \"" . HOME_ROOT . "/" . COMPANY . "_SQL_BACKUP*\" -x \"" . HOME_ROOT . "/" . COMPANY . "_FILES_BACKUP*\"";
            break;
        case "tar":
            $command = "tar --exclude=\"" . HOME_ROOT . "/" . COMPANY . "_SQL_BACKUP*\" --exclude=\"" . HOME_ROOT . "/" . COMPANY . "_FILES_BACKUP*\" -cvf - \"" . HOME_ROOT . "\"";
            break;
        case "tar.bzip2":
        case "tarbzip2":
            $command = "tar --exclude=\"" . HOME_ROOT . "/" . COMPANY . "_SQL_BACKUP*\" --exclude=\"" . HOME_ROOT . "/" . COMPANY . "_FILES_BACKUP*\" -jcvf - \"" . HOME_ROOT . "\"";
            break;
        case "tar.gz":
        case "targz":
        default:
            $command = "tar --exclude=\"" . HOME_ROOT . "/" . COMPANY . "_SQL_BACKUP*\" --exclude=\"" . HOME_ROOT . "/" . COMPANY . "_FILES_BACKUP*\" -zcvf - \"" . HOME_ROOT . "\"";
            break;
    }
    @ob_start();
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Pragma: public');
    header('Content-Disposition: attachment; filename=' . $fileName);
    // header('Content-Length: ' . strlen($output));
    @ob_clean();
    passthru("{$command}");
    unset($_SESSION['download_started']);
    // header('Location: content.php?k=99');
    exit();
}
if (isset($_POST['download_database']) && !isset($_SESSION['download_started'])) {
    $_SESSION['download_started'] = true;
    $fileName = COMPANY . "_SQL_BACKUP_".date("Y-m-d_H-i-s");
    if (!isset($_POST['filetype'])) $_POST['filetype'] = "sql";
    if (isset($_POST['filetype'])) $fileName .= ".{$_POST['filetype']}";
    switch (mb_strtolower($_POST['filetype'])) {
        case "sql":
        case "mysql":
        default:
            $command = $db->exportFullCmd();
            break;
    }
    @ob_start();
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Transfer-Encoding: binary');
    header('Expires: 0');
    header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
    header('Pragma: public');
    header('Content-Disposition: attachment; filename=' . $fileName);
    // header('Content-Length: ' . strlen($output));
    @ob_clean();
    passthru("{$command}");
    unset($_SESSION['download_started']);
    // header('Location: content.php?k=99');
    exit();
}

[+] ..
[-] export.php [edit]
[-] index.php [edit]