Petrus Bastos wrote:
> Hey folks,
>
> Do you know how can I create a protected zip file with password? Is
> there anyway? I've search on the internet, but without success.
>
> Thank's in advance,
> Petrus Bastos.
>
>
The easiest way to accomplish this would be to write a wrapper function
using the zip tool provided by (almost every) Linux distribution.
<?php
function zip($directory, $password, $saveAs) {
return exec("zip -r $saveAs -P $password $directory";
}
print zip("/home/nick", "mypass", "/tmp/homebackup.zip");
?>
Please note: the -P flag can be monitored on the local system so it is
considered insecure.
If you're going to be accepting input, you should also wrap your
variables in escapeshellarg()
http://us3.php.net/zip
http://us.php.net/manual/en/function.exec.php
from the zip manual entry
THIS IS INSECURE! Many multi-user operating sys-tems
provide ways for any user to see the current command line of any other
user; even on stand-alone
systems there is always the threat of over-the-shoulder peeking.
Storing the plaintext password as
part of a command line in an automated script is even worse. Whenever
possible, use the non-echoing,
interactive prompt to enter passwords. (And where security is truly
important, use strong encryption
such as Pretty Good Privacy instead of the relatively weak encryption
provided by standard zipfile
utilities.)
==================
Nick Stinemates ([EMAIL PROTECTED])
http://nick.stinemates.org
AIM: Nick Stinemates
MSN: [EMAIL PROTECTED]
Yahoo: [EMAIL PROTECTED]
==================
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
