On Tuesday, July 2, 2002, at 01:00 PM, Henry wrote:
> Only one concern. Are there any security issues. > And I suppose more > importantly, if there are; is there a way to get the php-script to > ensure > that is is being invoked by my cron deamon. Should I put the page in a > directory and use .htaccess to control security. Or can I check the > referrer > to ensure that it is not being invoked via a browser!! There are always security issues. I have no idea about the details of your system, your needs, or anything else, so I can't tell you anything except to think logically about what you are doing. Does taking the wget path mean that anybody can use links/lynx/wget/telnet/Internet Explorer/Mozilla to execute your script? Most definitely. Be sure that you take this into account when you design it (you may wish to check things like the User-agent, IP address, and other HTTP variables to make sure that it is being executed "properly"). > I'm going to go down the wget path at the moment. Thanks in advance. Good idea -- seems like your only option according to what you've told us. Personally I would probably write a Perl script (most hosts have Perl) to do whatever it is that needs to be done and have cron execute that, this saves you from a whole window of exploit (the web server). But if you don't have Perl or don't know Perl, that's a problem. Good luck, Erik ---- Erik Price Web Developer Temp Media Lab, H.H. Brown [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
