|
|
Posted by Miles Thompson on 10/01/96 11:36
At 02:18 AM 1/4/2006, Jon Westcot wrote:
>Hi all:
>
> I'm really new at PHP and will probably embarrass myself many times
> over asking questions that have been asked gazillions of times before, so
> let this serve as a blanket apology.
>
> Now, to my question. Here's what I'm trying to do. I have a simple
> database on my website that I wish to populate with information from
> various directories on my local computer. The website is running Linux;
> my computer is running Windows XP. Once the data are stored, I want to
> be able to update the information as things change on my local computer
> (not in real time, mind you, but at my request).
>
> I can set up the database access easily enough, and I know how to
> both populate and query it. What I don't know is how to obtain the
> information from my local computer via the website. Initially, I'd like
> to be able to specify the folder on my local computer to access and
> whether or not to process any subfolders that are found. After the data
> have been added, I'd like the web application to be able to access the
> individual folders without having to specify them again (although I'd
> still be able to identify new folders to include in subsequent updates).
>
> I'm not really asking for anyone to write the code for me, but I am
> looking for suggestions for PHP functions to use to accomplish the
> inspection of my local computer's folders. I'd also need to know what
> additional information I'd need to store in the database so that
> subsequent updates can be automated (i.e., do I need to somehow store my
> IP address?).
>
> Any help you can send my way will be greatly appreciated! Thanks in
> advance.
>
> Sincerely,
>
> Jon
Jon,
I don't know how to do this, but it's a bad idea. Can it be done? Probably,
but it is still a bad idea.
Why do you want to:
Expose the contents of your machine to the world?
Make your machine vulnerable to attack via your web application?
Enable a path into the file system on your computer?
I would suggest approaching it the other way - if it's something the world
should see, upload it to the web server. PHP has lots of tools for reading
and traversing directories.
If the uploading task becomes onerous, write a script to run on your local
machine, using whatever language you are comfortable with, to upload all of
the desired content to the web server.
Read some articles on cross site scripting to discover why your original
approach is not a good idea. Here's one:
http://www.cgisecurity.com/articles/xss-faq.shtml
and see the links at the end.
Regards - Miles Thompson
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.371 / Virus Database: 267.14.12/220 - Release Date: 1/3/2006
Navigation:
[Reply to this message]
|