Reply to Re: I want to create web page acting as text Editor???

Your name:

Reply:


Posted by shimmyshack on 12/27/07 00:06

On Dec 26, 5:43 pm, NC <n...@iname.com> wrote:
> On Dec 24, 11:55 pm, shror <shahi...@gmail.com> wrote:
>
> > On Dec 24, 7:48 pm, NC <n...@iname.com> wrote:
>
> > > You want to execute arbitrary PHP code on your server, so there
> > > is no way of "avoiding danger or hacking"...  The only half-safe
> > > solution I can think of is that the PHP server on which the user-
> > > supplied code runs is virtual (so whatever damage the hackers do will
> > > disappear when the server is restarted) and separate from the server
> > > on which the application is hosted.
>
> > so now for doing this system what about having a free hosting account
> > that support the php do you think they could allow me host these
> > dangerous pages on their servers or they will close my account after
> > being attacked by any small danger.
>
> On a properly configured server, other customers will not be in
> danger.  Only you will have the risk of having your site defaced by
> your students.  So the hosting company probably wouldn't mind, unless
> your students start using your site to send out substantial amounts of
> spam.
>
> > also what is the w3schools doing in order to avoid the danger they
> > face, does any body know.
>
> 3schools is not allowing arbitrary server-side code to run; they have
> pages that allow you to test some JavaScript, whose code is executed
> client-side (i.e., in browser).
>
> Cheers,
> NC

yeah set it all up to run from some frames which use php pages on a
free site, great, but parse the output of these scripts so that you
dont get javascript being pushed back into your site (if you use
logins this allows one user to get at anothers data)
so you could have an array of allowed functions, together will strict
typing of inputs that are passed to those functions, and allow the
user to write some basic php, which is then line by line pregmatched
and then youre pretty safe, then paste the url here so we can have a
play, sounds like fun. I am surprised nothings out there already
though.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация