Nick,
I thank you help! But unfortunalety I didn't find way to do this. I'll
continue trying. If you have any other idea, I'll appreciate to hear!
Best regards,
Petrus Bastos.
On Feb 17, 2008 4:57 PM, Nick Stinemates <nick@xxxxxxxxxxxxxx> wrote:
> Petrus Bastos wrote:
> > Hi Nick,
> >
> > Sorry, but I forgot to tell you that I can't use this exec neither
> > system commands because they are disabled for security precautions. So,
> Do
> > you have any other ideas on how can I do that?
> >
> > Thanks for your help,
> > Petrus Bastos.
> >
> > On Feb 17, 2008 5:15 AM, Nick Stinemates <nick@xxxxxxxxxxxxxx> wrote:
> >
> >
> >> Petrus Bastos wrote:
> >>
> >>> Hey folks,
> >>>
> >>> Do you know how can I create a protected zip file with password?
> Is
> >>> there anyway? I've search on the internet, but without success.
> >>>
> >>> Thank's in advance,
> >>> Petrus Bastos.
> >>>
> >>>
> >>>
> >> The easiest way to accomplish this would be to write a wrapper function
> >> using the zip tool provided by (almost every) Linux distribution.
> >>
> >> <?php
> >>
> >> function zip($directory, $password, $saveAs) {
> >> return exec("zip -r $saveAs -P $password $directory";
> >> }
> >>
> >> print zip("/home/nick", "mypass", "/tmp/homebackup.zip");
> >>
> >> ?>
> >>
> >> Please note: the -P flag can be monitored on the local system so it is
> >> considered insecure.
> >> If you're going to be accepting input, you should also wrap your
> >> variables in escapeshellarg()
> >>
> >> http://us3.php.net/zip
> >> http://us.php.net/manual/en/function.exec.php
> >>
> >> from the zip manual entry
> >>
> >> THIS IS INSECURE! Many multi-user operating sys-tems
> >> provide ways for any user to see the current command line of any other
> >> user; even on stand-alone
> >> systems there is always the threat of over-the-shoulder peeking.
> >> Storing the plaintext password as
> >> part of a command line in an automated script is even worse. Whenever
> >> possible, use the non-echoing,
> >> interactive prompt to enter passwords. (And where security is truly
> >> important, use strong encryption
> >> such as Pretty Good Privacy instead of the relatively weak
> encryption
> >> provided by standard zipfile
> >> utilities.)
> >>
> >> ==================
> >> Nick Stinemates (nick@xxxxxxxxxxxxxx)
> >> http://nick.stinemates.org
> >>
> >> AIM: Nick Stinemates
> >> MSN: nickstinemates@xxxxxxxxxxx
> >> Yahoo: nickstinemates@xxxxxxxxx
> >> ==================
> >>
> >>
> >
> >
> Unfortunately I don't have any other ideas. Since PHP's implementation
> of ZIP does not have password features you're left with the following
> options:
>
> * Write your own implementation based on RFC
> * Write an interface to another app which can zip the file for you
> * Something else I can't think of ;x
>
> Sorry I don't have any other ideas.
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
