<?php
// /public_html/admin/download_backup.php
session_start();
require '../config/db_connect.php';

// 1. Admin Auth
if (!isset($_SESSION['user_id'])) { die("Access Denied"); }
$check = $conn->query("SELECT role FROM users WHERE id = {$_SESSION['user_id']}")->fetch_assoc();
if (($check['role'] ?? '') !== 'admin') { die("Access Denied"); }

if (isset($_GET['file'])) {
    $filename = basename($_GET['file']);
    $filepath = '../backups/' . $filename;

    if (file_exists($filepath)) {
        header('Content-Description: File Transfer');
        header('Content-Type: application/octet-stream');
        header('Content-Disposition: attachment; filename="'.basename($filepath).'"');
        header('Expires: 0');
        header('Cache-Control: must-revalidate');
        header('Pragma: public');
        header('Content-Length: ' . filesize($filepath));
        readfile($filepath);
        exit;
    } else {
        echo "File not found.";
    }
}
?>