HEX
Server: Apache
System: Linux hz.vslconceptsdomains.com 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: dkfounda (3233)
PHP: 8.1.34
Disabled: exec,passthru,shell_exec,system
$ pwd: /usr/src/installd-accountdnscheck/web/
Upload Files
File: //usr/src/installd-accountdnscheck/web/downloadreport.php
<?php

if(isset($_REQUEST['report'])) {
	if(preg_match('/^[a-zA-Z0-9\-_\.]*$/', $_REQUEST['report'])) {
		if(is_file('/var/cpanel/addons/accountdnscheck/reports/' . $_REQUEST['report'])) {
			// CSV download
			if(preg_match('/\.csv$/', $_REQUEST['report'])) {
				header('Content-type: text/csv');
				header("Pragma: public");
				header("Expires: 0");
				header('Cache-Control: must-revalidate');
				header('Content-Description: File Transfer');
				header('Content-Disposition: attachment; filename=' . $_REQUEST['report']);
				header('Content-Length: ' . filesize('/var/cpanel/addons/accountdnscheck/reports/' . $_REQUEST['report']));
				ob_clean();
				flush();
				readfile('/var/cpanel/addons/accountdnscheck/reports/' . $_REQUEST['report']);
			}
		}
	}
}
@ Telegram