Podcast-server/admin/restore_handler.php

<?php
require_once '../includes/db.php';
require_once '../includes/functions.php';
requireAdmin();

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $tempDir = "temp_restore_" . time() . "/";
    mkdir($tempDir, 0755, true);

    try {
        // 1. Restore Audio
        if (isset($_FILES['backup_audio']) && $_FILES['backup_audio']['error'] === 0) {
            $dest = realpath("../assets/uploads/audio/");
            shell_exec("tar -xzf " . escapeshellarg($_FILES['backup_audio']['tmp_name']) . " -C " . escapeshellarg($dest));
        }

        // 2. Restore Database
        if (isset($_FILES['backup_db']) && $_FILES['backup_db']['error'] === 0) {
            shell_exec("tar -xzf " . escapeshellarg($_FILES['backup_db']['tmp_name']) . " -C " . escapeshellarg($tempDir));
            
            // The file inside might be backup_db_...sql or database.sql depending on how it was tarred.
            // My backup_handler tarred the specific .sql file relative to the backupDir.
            $sqlFiles = glob($tempDir . "*.sql");
            if (!empty($sqlFiles)) {
                $sqlFile = $sqlFiles[0];
                $sql = file_get_contents($sqlFile);
                // Split by ; and execute
                $queries = explode(";\n", $sql);
                foreach ($queries as $query) {
                    if (trim($query)) {
                        $pdo->exec($query);
                    }
                }
            }
        }

        // 3. Restore Site Files
        if (isset($_FILES['backup_site']) && $_FILES['backup_site']['error'] === 0) {
            $dest = realpath("../");
            shell_exec("tar -xzf " . escapeshellarg($_FILES['backup_site']['tmp_name']) . " -C " . escapeshellarg($dest));
        }

        // Cleanup
        function delTree($dir) {
            $files = array_diff(scandir($dir), array('.','..'));
            foreach ($files as $file) {
                (is_dir("$dir/$file")) ? delTree("$dir/$file") : unlink("$dir/$file");
            }
            return rmdir($dir);
        }
        delTree($tempDir);

        logActivity($_SESSION['admin_id'], 'SYSTEM_RESTORE', "Performed a full system restoration from uploaded backups.");
        header("Location: system.php?restore=success");
        exit;

    } catch (Exception $e) {
        die("Restoration failed: " . $e->getMessage());
    }
}
?>