From 5301065d0572d06615c1e52fce66163f63b1b9c7 Mon Sep 17 00:00:00 2001
From: DiscuzX <153619335@qq.com>
Date: Thu, 1 Jul 2021 17:03:23 +0000
Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E6=95=B0=E6=8D=AE=E5=BA=93?=
 =?UTF-8?q?=E6=81=A2=E5=A4=8D=E6=96=87=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 utility/restore.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/utility/restore.php b/utility/restore.php
index 3bb9bc52b..246dd2a3e 100644
--- a/utility/restore.php
+++ b/utility/restore.php
@@ -142,9 +142,10 @@ if($operation == 'import') {
 			list($dbhost, $dbport) = explode(':', $dbhost);
 			$query = $db->query("SHOW VARIABLES LIKE 'basedir'");
 			list(, $mysql_base) = $db->fetch_array($query, $db->drivertype == 'mysqli' ? MYSQLI_NUM : MYSQL_NUM);
-			$datafile = addslashes(dirname(dirname(__FILE__))).str_replace('..', '', $datafile) ;
+			$datafile = addslashes(dirname(dirname(__FILE__))).str_replace('..', '', $datafile);
+			$datafile = escapeshellarg($datafile);
 			$mysqlbin = $mysql_base == '/' ? '' : addslashes(rtrim($mysql_base, '/\\')).'/bin/';
-			@shell_exec($mysqlbin.'mysql -h"'.$dbhost.'"'.($dbport ? (is_numeric($dbport) ? ' -P'.$dbport : ' -S"'.$dbport.'"') : '').' -u"'.$dbuser.'" -p"'.$dbpw.'" "'.$dbname.'" < '.$datafile);
+			@shell_exec($mysqlbin.'mysql --host="'.$dbhost.'"'.($dbport ? (is_numeric($dbport) ? ' --port='.$dbport : ' --socket="'.$dbport.'"') : '').' --user="'.$dbuser.'" --password="'.$dbpw.'" "'.$dbname.'" < '.$datafile);
 			if($delunzip) {
 				@unlink($datafile);
 			}
-- 
Gitee