|
|
Posted by Chris Morris on 05/20/06 18:58
"Dave (from the UK)" <see-my-signature@southminster-branch-line.org.uk> writes:
> I want to create a temporary file using php on a UNIX computer running
> Apache. I have at the minute something like this below.
>
> $inputfile="/tmp/foo";
> $handle = fopen($inputfile, 'w');
> fwrite($handle, $cmd);
>
> But if two people access the web page, they both create the file
> /tmp/foo and so one will corrupt the other as data is written into it.
Even worse, what happens if /tmp/foo is a symlink to something else?
> Can a create a unique temp file, then remove it when finished with it?
If you need it to persist across multiple pages, use PHP's sessions
(flawed as they are, it's still an improvement, and doesn't take too
much effort). Though, if two people access the page in the same ~1ms
[1] you get the same effect. This may not be a problem for you, and it
doesn't give corrupted data in the same way even then.
If you don't, then just store it in memory unless it's incredibly large.
Or do you need a physical temporary file for some reason? If so, why?
Inserting database rows is another possibility - have a table that's
approximately (... int ... auto_increment, data blob) and store the
user data there. Using an auto_increment int has its own security
implementations if you need to pass it between pages later, so you
might want to use md5($remote_ip.microtime().$secret) for an ID instead.
[1] It depends on OS. In theory it's 1 microsecond, but in practice
it's less good - I get 0.1ms on Linux.
--
Chris
Navigation:
[Reply to this message]
|