Reply to Re: Key-passing from PHP to TCL CGI script - how is it done (web security issue)?

Your name:

Reply:


Posted by comp.lang.tcl on 11/28/04 11:28

It would function, yes, but I don't see how that would offer any form
of protection as the hacker would still have access to the TCL CGI
script with his/her original HTML cached page. I guess I am unclear as
to how this would tighten things up.

Thanx
Phil

Steve wrote:
> > I couldn't run the script as a standalone command-line script because
> > the scripts are hosted on a remote site and I do not have privileges
> > outside of my account which resides within the framework of the
> > document root. It is a single back-end batch processing script that
> > must exist within CGI because CGI, as well as the user, are within the
> > group that has the privilege to access a group-accessible XML file
> > (this cannot be altered as it is set up by the hosting provider across
> > the board for all users on his hosting service).
>
>
> Would this work?
>
> <?php
>
> header( "Content-type:text/plain" );
>
> exec( "/path/to/mytclscript.tcl arg1 arg2 arg3", $res );
>
> print "results:\n\n";
>
> for( $i=0; $i < count($res); $i++ )
> {
> print $res[$i] . "\n";
> }
>
> ?>
>
> ---
> Steve

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация