newInstanceWithoutConstructor(); foreach ([ 'username' => $username, 'prefix' => $username . '_', 'userConf' => [], 'packageConf' => [], 'settings' => $settings, ] as $property => $value) { $prop = $class->getProperty($property); $prop->setAccessible(true); $prop->setValue($user, $value); } return $user; } $settings = load_settings(''); $daUser = make_da_user($settings, 'demo'); $queue = new BackupQueueService($settings, $daUser); // A path outside every recognized DirectAdmin/system temp directory must be // rejected, even if it exists and is readable - it must not be treated as a // legitimate upload reference just because the caller supplied it verbatim. $secretDir = sys_get_temp_dir() . '/altmysql-secret-' . bin2hex(random_bytes(4)); mkdir($secretDir, 0700, true); $secretFile = $secretDir . '/secret_credentials.sql'; file_put_contents($secretFile, 'SECRET CONTENT THAT MUST NEVER BE COPIED'); $threw = false; try { $queue->stageRestoreUploadFromDirectAdminTemp($secretFile, 'harmless.sql'); } catch (Throwable $e) { $threw = true; } assert_true($threw, 'a path outside the known DirectAdmin/system temp directories must be rejected, not staged'); // A legitimate reference - a file that DirectAdmin actually placed directly // inside a recognized temp directory - must still work. $legitFile = sys_get_temp_dir() . '/altmysql-da-upload-' . bin2hex(random_bytes(4)) . '.sql'; file_put_contents($legitFile, 'SELECT 1;'); $stagedPath = $queue->stageRestoreUploadFromDirectAdminTemp($legitFile, 'legit.sql'); assert_true(is_file($stagedPath), 'a file directly inside a recognized temp directory must still be staged'); assert_true( trim((string)file_get_contents($stagedPath)) === 'SELECT 1;', 'the staged file must contain the legitimate source content' ); // cleanup @unlink($secretFile); @rmdir($secretDir); @unlink($legitFile); @unlink($stagedPath); exec('rm -rf ' . escapeshellarg($pluginTempRoot)); echo "backup_restore_upload_path_test: OK\n";