At 02:18 AM 1/4/2006, Jon Westcot wrote:
Hi all:
I'm really new at PHP and will probably embarrass myself many times
over asking questions that have been asked gazillions of times before, so
let this serve as a blanket apology.
Now, to my question. Here's what I'm trying to do. I have a simple
database on my website that I wish to populate with information from
various directories on my local computer. The website is running Linux;
my computer is running Windows XP. Once the data are stored, I want to
be able to update the information as things change on my local computer
(not in real time, mind you, but at my request).
I can set up the database access easily enough, and I know how to
both populate and query it. What I don't know is how to obtain the
information from my local computer via the website. Initially, I'd like
to be able to specify the folder on my local computer to access and
whether or not to process any subfolders that are found. After the data
have been added, I'd like the web application to be able to access the
individual folders without having to specify them again (although I'd
still be able to identify new folders to include in subsequent updates).
I'm not really asking for anyone to write the code for me, but I am
looking for suggestions for PHP functions to use to accomplish the
inspection of my local computer's folders. I'd also need to know what
additional information I'd need to store in the database so that
subsequent updates can be automated (i.e., do I need to somehow store my
IP address?).
Any help you can send my way will be greatly appreciated! Thanks in
advance.
Sincerely,
Jon
Jon,
I don't know how to do this, but it's a bad idea. Can it be done? Probably,
but it is still a bad idea.
Why do you want to:
Expose the contents of your machine to the world?
Make your machine vulnerable to attack via your web application?
Enable a path into the file system on your computer?
I would suggest approaching it the other way - if it's something the world
should see, upload it to the web server. PHP has lots of tools for reading
and traversing directories.
If the uploading task becomes onerous, write a script to run on your local
machine, using whatever language you are comfortable with, to upload all of
the desired content to the web server.
Read some articles on cross site scripting to discover why your original
approach is not a good idea. Here's one:
http://www.cgisecurity.com/articles/xss-faq.shtml
and see the links at the end.
Regards - Miles Thompson
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date: 1/3/2006
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
