From 86c46bbb9713384500095aacd41a3d419ba15fdf Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 11 Oct 2020 13:18:16 +0200
Subject: [PATCH] Fix backup - Exclude existing backup when path is uppercase.

---
 htdocs/admin/tools/dolibarr_export.php |  9 +++++++--
 htdocs/admin/tools/export.php          |  4 ++--
 htdocs/admin/tools/export_files.php    |  2 +-
 htdocs/main.inc.php                    | 14 +++++++-------
 4 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/htdocs/admin/tools/dolibarr_export.php b/htdocs/admin/tools/dolibarr_export.php
index 5f3f5c7ea54..5e990709d19 100644
--- a/htdocs/admin/tools/dolibarr_export.php
+++ b/htdocs/admin/tools/dolibarr_export.php
@@ -65,6 +65,7 @@ if ($action == 'delete')
 	$action = '';
 }
 
+
 /*
  * View
  */
@@ -119,7 +120,9 @@ if (in_array($type, array('pgsql'))) {
 print "});\n";
 print "</script>\n";
 
-print load_fiche_titre($langs->trans("Backup"), '', 'title_setup');
+$title = $langs->trans("Backup");
+
+print load_fiche_titre($title, '', 'title_setup');
 //print_barre_liste($langs->trans("Backup"), '', '', '', '', '', $langs->trans("BackupDesc",DOL_DATA_ROOT), 0, 0, 'title_setup');
 
 print '<div class="center opacitymedium">';
@@ -139,7 +142,9 @@ print '<br>';
 
 print '<div id="backupdatabaseleft" class="fichehalfleft" >';
 
-print load_fiche_titre($title ? $title : $langs->trans("BackupDumpWizard"));
+$title = $langs->trans("BackupDumpWizard");
+
+print load_fiche_titre($title);
 
 print '<table width="100%" class="'.($useinecm ? 'nobordernopadding' : 'liste').' nohover">';
 print '<tr class="liste_titre">';
diff --git a/htdocs/admin/tools/export.php b/htdocs/admin/tools/export.php
index cbe25f0ff75..7ab26f6f6e0 100644
--- a/htdocs/admin/tools/export.php
+++ b/htdocs/admin/tools/export.php
@@ -122,7 +122,7 @@ $utils = new Utils($db);
 // MYSQL
 if ($what == 'mysql')
 {
-    $cmddump = GETPOST("mysqldump"); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg
+    $cmddump = GETPOST("mysqldump", 'none'); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg
     $cmddump = dol_sanitizePathName($cmddump);
 
     if (!empty($dolibarr_main_restrict_os_commands))
@@ -163,7 +163,7 @@ if ($what == 'mysqlnobin')
 // POSTGRESQL
 if ($what == 'postgresql')
 {
-    $cmddump = GETPOST("postgresqldump"); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg
+    $cmddump = GETPOST("postgresqldump", 'none'); // Do not sanitize here with 'alpha', will be sanitize later by dol_sanitizePathName and escapeshellarg
     $cmddump = dol_sanitizePathName($cmddump);
 
     /* Not required, the command is output on screen but not ran for pgsql
diff --git a/htdocs/admin/tools/export_files.php b/htdocs/admin/tools/export_files.php
index 485df8c318b..50866534b5b 100644
--- a/htdocs/admin/tools/export_files.php
+++ b/htdocs/admin/tools/export_files.php
@@ -113,7 +113,7 @@ $utils = new Utils($db);
 if ($compression == 'zip')
 {
 	$file .= '.zip';
-    $ret = dol_compress_dir(DOL_DATA_ROOT, $outputdir."/".$file, $compression, '/(\.log|\/temp\/|documents\/admin\/documents\/)/');
+    $ret = dol_compress_dir(DOL_DATA_ROOT, $outputdir."/".$file, $compression, '/(\.log|\/temp\/|documents\/admin\/documents\/)/i');
     if ($ret < 0)
     {
     	if ($ret == -2) {
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 61856b73f49..e2c4b605dcc 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -221,25 +221,25 @@ if (!empty($_POST["DOL_AUTOSET_COOKIE"]))
 }
 
 
-// Init session. Name of session is specific to Dolibarr instance.
-// Note: the function dol_getprefix may have been redefined to return a different key to manage another area to protect.
-$prefix = dol_getprefix('');
+// Init the 5 global objects, this include will make the 'new Xxx()' and set properties for: $conf, $db, $langs, $user, $mysoc
+require_once 'master.inc.php';
 
+// Init session. Name of session is specific to Dolibarr instance.
+// Must be done after the include of master.inc.php so $conf file is loaded and vars like $dolibarr_main_force_https are set.
+// Note: the function dol_getprefix may have been redefined to return a different key to manage another area to protect.
+$prefix = dol_getprefix('');		// This uses the $conf file
 $sessionname = 'DOLSESSID_'.$prefix;
 $sessiontimeout = 'DOLSESSTIMEOUT_'.$prefix;
 if (!empty($_COOKIE[$sessiontimeout])) ini_set('session.gc_maxlifetime', $_COOKIE[$sessiontimeout]);
 session_set_cookie_params(0, '/', null, (empty($dolibarr_main_force_https) ? false : true), true); // Add tag secure and httponly on session cookie (same as setting session.cookie_httponly into php.ini). Must be called before the session_start.
 session_name($sessionname);
-// This create lock, released when session_write_close() or end of page.
+// This create lock, released by session_write_close() or end of page.
 // We need this lock as long as we read/write $_SESSION ['vars']. We can remove lock when finished.
 if (!defined('NOSESSION'))
 {
 	session_start();
 }
 
-// Init the 5 global objects, this include will make the 'new Xxx()' and set properties for: $conf, $db, $langs, $user, $mysoc
-require_once 'master.inc.php';
-
 // Activate end of page function
 register_shutdown_function('dol_shutdown');