Mathias: So what's wrong with either naming each file with a unique name or placing each file in a unique folder? If it's unique, then how can they overwrite it?
I must not be understanding what you want. tedd ---- At 7:24 AM +0200 6/9/06, Mathias Bundgaard Svesson wrote: >Wouldn't they still be able to overwrite each other? >I don't think I expressed myself clearly. The point of the protection is >to keep the scripts from overwriting each other on purpose. It was a >protection that would make it posible to upload scripts, even if you >were not completly sure they were safe. > >tor, 08 06 2006 kl. 17:30 -0400, skrev tedd: >> At 10:37 PM +0200 6/8/06, Mathias Bundgaard Svesson wrote: >> >Restrict them not to overwrite other modules or overwrite the CMS >> >itself. Each module should have it's own directory, and it shouldn't be >> >allowed to change anything outside it. >> > >> >tor, 08 06 2006 kl. 21:49 +1000, skrev chris smith: >> >> On 6/8/06, Mathias Bundgaard Svesson <[EMAIL PROTECTED]> wrote: >> >> > Hi! >> >> > I'm trying to create a CMS where it should be posible to upload script >> >> > modules. Those modules should mostly be made by myself, but it is >> >> > posible for others to create scripts too. My question is, is it posible >> >> > to restrict the modules to their own directory so they don't overwrite >> > > > some of the other modules or the CMS itself? >> >> Mathias: >> >> Well then, how about this? >> >> You can create a "uniquely" named id by using: >> >> $unique_id = md5(uniqid(microtime(), true)); >> >> and then use that name as a folder for each person submitting scripts OR use >> the unique id as a suffix for their cms file. Either way, it should stop >> persons from overwriting cms files. >> >> I would also suggest that you keep track of these id's in a dB. If you are >> still concerned about two people having the same unique, then you could >> search the dB to see if the recently created id exist. If it does, then >> generate another one. >> >> I use a similar method for making sure that the images I upload have unique >> names. >> >> hth's >> >> tedd >> >> >> -- ------------------------------------------------------------------------------------ http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
