At 10:37 PM +0200 6/8/06, Mathias Bundgaard Svesson wrote: >Restrict them not to overwrite other modules or overwrite the CMS >itself. Each module should have it's own directory, and it shouldn't be >allowed to change anything outside it. > >tor, 08 06 2006 kl. 21:49 +1000, skrev chris smith: >> On 6/8/06, Mathias Bundgaard Svesson <[EMAIL PROTECTED]> wrote: >> > Hi! >> > I'm trying to create a CMS where it should be posible to upload script >> > modules. Those modules should mostly be made by myself, but it is >> > posible for others to create scripts too. My question is, is it posible >> > to restrict the modules to their own directory so they don't overwrite > > > some of the other modules or the CMS itself?
Mathias: Well then, how about this? You can create a "uniquely" named id by using: $unique_id = md5(uniqid(microtime(), true)); and then use that name as a folder for each person submitting scripts OR use the unique id as a suffix for their cms file. Either way, it should stop persons from overwriting cms files. I would also suggest that you keep track of these id's in a dB. If you are still concerned about two people having the same unique, then you could search the dB to see if the recently created id exist. If it does, then generate another one. I use a similar method for making sure that the images I upload have unique names. hth's tedd -- ------------------------------------------------------------------------------------ http://sperling.com http://ancientstones.com http://earthstones.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
