Jump to content
xisto Community
Sign in to follow this  
eskimmer

Security Issue Writing Files Security issue writing files

Recommended Posts

Hi, first, sorry about my english. i am a beginner with php and i have some question about writing files using php in a shared hosting. is a risk?, use database to store data is a better way? i just want make an interface (in php) that write the data in a .html extension file to show to everybody the html page and just the php interface is to the content manager. thanks in advance

Share this post


Link to post
Share on other sites

Well for what you describe, eg writing info to a HTM page for display to a user, it think it would be easier to use variables and ECHO. EG set up a GET variable which is in the URL called PAGE or something eg https://www.salesforce.com/products/platform/overview/

Now in your script simply get this variable back and check it using an IF statement:

if($page == "one"){	echo "this is page one!";} ELSE {	echo "this is page two";}

But if you wee dead set on using FWRITE and such then its not really a security risk in itself, the danger is that you have to set full permissions, at least i do anyway, to 777 which means that the file or folder which has those permissions is slightly less secure, its not really a massive issue and ive never had any issues from it.

I would usually use a database to store information rather than a file as files can be seen by users whereas a database is usually hidden and secured quite well.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.