I have a customer who insists on using Front Page, but wants protection
against intruders on all his web pages. I envisioned a solution where he
works in Front Page, then all his files are ftp'd to a directory on the
server, opened and re-written as .php files with all links changed from
"something.htm" to "something.php" and then copied to a directory on the
same level called "test". So far so good, and this allows a php-one-liner
to provide the necessary security.
Now I'm stuck, because I have to copy these files from test to the location
of the web page itself. And I've not been able to do it, and I can't do
it, as far as I can see without giving world-writeable permission to the
web directory. Here's the skeletal directory structure ...
.../www.website.com
/admin
/upload
/test
The script (php page) I'm using to do this is stored in /admin and I want
to copy everything in /test (and any subdir's it may have) to www.website.com.
On the server, logged in as root, I can execute a shell script named
newpub-web, located in www.website.com, which consists of:
rm -f *.php
rm -f ./graphics/*
cp -fR ./admin/test/* .
I've tried executing newpub-web from a php script, which changes to the the
working directory to www.website.com, as:
exec( "newpub-web"), or system( "newpub-web" ) or passthru(
"newpub-web"). None have worked.
I've also tried executing the commands directly using system(), all without
effect, no errors, nothing.
Do I have to change the group of www.website.com to nobody? That seems to
be an awful security hole.
Stymied in Nova Scotia - Miles Thompson
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
