On Sun, 2014-03-23 at 21:39 -0300, Cristian Rodríguez wrote:
El 23/03/14 19:20, lynn escribió:
On Sun, 2014-03-23 at 18:47 -0300, Cristian Rodríguez wrote:
El 23/03/14 17:26, lynn escribió:
13.1 Hi We've a php script which writes to the users public_html folders, so wwwrun needs w. I used setfacl to grant the write. The alternative is to stick it in the db. I'd prefer the former. Any problems with that? Thanks
what kind of data is it and in what format is stored in the case of using a database ?
e.g. php: shell_exec('sh h.sh'); $list= file_get_contents('s.txt'); echo nl2br($list);
h.sh: #!/bin/bash ls -l > s.txt
don't want to do: ... $query = "INSERT INTO testing (results) VALUES('$list')"; ...
Hoping that is not the actual code of the application.. place the writeable part in a subdirectory in public_html.. not in public_html itself.
Assuming this app can be modified, it is better to store data in a directory that is not accessible for the public.
Hi No, I'm not a coder. That's what I did to reproduce the error. I was told that a script wasn't working which I traced to the wwwrun permissions.
ps: execution of programs using shell_exec or other functions in PHP apart from being crazy, slow and almost always insecure, unless extreme care is taken, will probably not work correctly in a number of scenarios when PHP is running an as apache module, it has been broken for a quite a while (aprox since 2009) and no one is going to fix it.
Oh. The call to the shell seems to be working ok in 13.1
I strongly recommend you to use PHP FPM instead of the apache module.
OK. I'm secretly hoping this doesn't get out beyond the intranet. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org