On Fri, Mar 30, 2012 at 7:05 AM, David OBrien dgobr...@gmail.com wrote:
Find a way to do it using PHP's imagemagick extensions
http://php.net/manual/en/book.imagick.php
On Fri, Mar 30, 2012 at 5:56 AM, rene7705 rene7...@gmail.com wrote:
Hi.
I have a script that uses imagemagick's convert
On Sat, Mar 31, 2012 at 1:37 AM, rene7705 rene7...@gmail.com wrote:
escapeshellcmd() seems simplest.
It might be if all you care about are shell meta characters, and
admittedly it will save you from someone entering rm -rf / in
your input field. But dealing with generic user input, even
Hi.
I have a script that uses imagemagick's convert command on the commandline
to get it's work done.
These calls to exec('convert [params]') take params from the end-user via a
html form, so is very unsecure.
The intention is that the end-user only runs this script on localhost, from
localhost.
Bastien Koert
On 2012-03-30, at 5:56 AM, rene7705 rene7...@gmail.com wrote:
Hi.
I have a script that uses imagemagick's convert command on the commandline
to get it's work done.
These calls to exec('convert [params]') take params from the end-user via a
html form, so is very unsecure.
Find a way to do it using PHP's imagemagick extensions
http://php.net/manual/en/book.imagick.php
On Fri, Mar 30, 2012 at 5:56 AM, rene7705 rene7...@gmail.com wrote:
Hi.
I have a script that uses imagemagick's convert command on the commandline
to get it's work done.
These calls to
On Fri, Mar 30, 2012 at 11:56:41AM +0200, rene7705 wrote:
...
But unfortunately, $_SERVER['REMOTE_ADDR'] is my external IP, and
$_SERVER['SERVER_ADDR'] is my internal IP.
How would I best fix this?
Simply log on your box via ssh (if its a unix system) and run your script from
console or
Sender: dgobr...@gmail.com
Subject: Re: [PHP] securing a script that exec()s
Message-Id: CAF=yD_3efQkA_kz169ooYQ2z7g=g75sjghadnvw+irjzp8q...@mail.gmail.com
Recipient: adam.nicho...@hl.co.uk
__
This email has been scanned
On Fri, Mar 30, 2012 at 3:16 PM, Peter Bauer p...@archivum.info wrote:
On Fri, Mar 30, 2012 at 11:56:41AM +0200, rene7705 wrote:
...
But unfortunately, $_SERVER['REMOTE_ADDR'] is my external IP, and
$_SERVER['SERVER_ADDR'] is my internal IP.
How would I best fix this?
Simply log on
On Mar 30, 2012, at 9:25 AM, rene7705 wrote:
On Fri, Mar 30, 2012 at 3:16 PM, Peter Bauer p...@archivum.info wrote:
On Fri, Mar 30, 2012 at 11:56:41AM +0200, rene7705 wrote:
...
But unfortunately, $_SERVER['REMOTE_ADDR'] is my external IP, and
$_SERVER['SERVER_ADDR'] is my internal IP.
9 matches
Mail list logo