[PHP] Re: Weird problem with is_file()
Hello Jan G.B., Am 2010-04-26 11:52:02, hacktest Du folgendes herunter: I would recommend not to let any user input to your shell. This piece of code is very insecure as any client may manipulate the shell command at will. It is ony a simplified example... The original shell_exec() is more comlicate and I have no absolute pathes (they are mostly all dynamic). You don't want people to take over your server that easily. :-) See http://www.php.net/escapeshellcmd and alike. I know Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator -- # Debian GNU/Linux Consultant ## Development of Intranet and Embedded Systems with Debian GNU/Linux itsyst...@tdnet France itsyst...@tdnet UG (haftungsbeschränkt) Gesch. Michelle Konzack Gesch. Michelle Konzack Apt. 917 (homeoffice) 50, rue de Soultz Kinzigstraße 17 67100 Strasbourg/France 77694 Kehl/Germany Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil Tel: +33-9-52705884 fix http://www.itsystems.tamay-dogan.net/ http://www.flexray4linux.org/ http://www.debian.tamay-dogan.net/ http://www.can4linux.org/ Jabber linux4miche...@jabber.ccc.de ICQ#328449886 Linux-User #280138 with the Linux Counter, http://counter.li.org/ signature.pgp Description: Digital signature
[PHP] Re: Weird problem with is_file()
Hello Peter, Am 2010-04-26 09:28:28, hacktest Du folgendes herunter: var_dump($isfile); Don't make assumptions of what the value is, just check it. Yes and grmpf! The filename has a space at the end but it can not removed even using var_dump(str_replace(' ', '', $isfile); if I put a '1' as search parameter all '1' are removed, but WHY can I not remove a space at the end? Even if a do a mv the_file_not_recognized the_file_not_recognized\space it is not detected... even if the var_dump() show me something like string(29) /tmp/the_file_not_recognized Simple to test exec(touch /tmp/the_file_not_recognized); $FILE=shell_exec(ls /tmp/the_file_not_* |head -n1); var_dump($FILE); echo br; var_dump(str_replace(' ', '', $FILE); Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator -- # Debian GNU/Linux Consultant ## Development of Intranet and Embedded Systems with Debian GNU/Linux itsyst...@tdnet France itsyst...@tdnet UG (haftungsbeschränkt) Gesch. Michelle Konzack Gesch. Michelle Konzack Apt. 917 (homeoffice) 50, rue de Soultz Kinzigstraße 17 67100 Strasbourg/France 77694 Kehl/Germany Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil Tel: +33-9-52705884 fix http://www.itsystems.tamay-dogan.net/ http://www.flexray4linux.org/ http://www.debian.tamay-dogan.net/ http://www.can4linux.org/ Jabber linux4miche...@jabber.ccc.de ICQ#328449886 Linux-User #280138 with the Linux Counter, http://counter.li.org/ signature.pgp Description: Digital signature
[PHP] Re: Weird problem with is_file()
On 26/04/10 16:56, Michelle Konzack wrote: Hello Peter, Am 2010-04-26 09:28:28, hacktest Du folgendes herunter: var_dump($isfile); Don't make assumptions of what the value is, just check it. Yes and grmpf! The filename has a space at the end but it can not removed even using var_dump(str_replace(' ', '', $isfile); if I put a '1' as search parameter all '1' are removed, but WHY can I not remove a space at the end? Even if a do a mv the_file_not_recognized the_file_not_recognized\space it is not detected... even if the var_dump() show me something like string(29) /tmp/the_file_not_recognized Simple to test exec(touch /tmp/the_file_not_recognized); $FILE=shell_exec(ls /tmp/the_file_not_* |head -n1); var_dump($FILE); echo br; var_dump(str_replace(' ', '', $FILE); Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator Is it possible that the space is a new-line (or a carriage-return) ? What happens if you replace str_replace(' ', '', $FILE) with preg_replace('/\s+$/','',$FILE); ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Re: Weird problem with is_file()
On Mon, 2010-04-26 at 17:56 +0200, Michelle Konzack wrote: Hello Peter, Am 2010-04-26 09:28:28, hacktest Du folgendes herunter: var_dump($isfile); Don't make assumptions of what the value is, just check it. Yes and grmpf! The filename has a space at the end but it can not removed even using var_dump(str_replace(' ', '', $isfile); if I put a '1' as search parameter all '1' are removed, but WHY can I not remove a space at the end? Even if a do a mv the_file_not_recognized the_file_not_recognized\space it is not detected... even if the var_dump() show me something like string(29) /tmp/the_file_not_recognized Simple to test exec(touch /tmp/the_file_not_recognized); $FILE=shell_exec(ls /tmp/the_file_not_* |head -n1); var_dump($FILE); echo br; var_dump(str_replace(' ', '', $FILE); Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator It's probably not a space but some other non-displayed character. Check the ascii value of that actual character. A space is 32, anything else can be replaced using str_replace(chr(x), '', $FILE) if you can't type it with your keyboard. Thanks, Ash http://www.ashleysheridan.co.uk
[PHP] Re: Weird problem with is_file()
Hello Pete, Am 2010-04-26 17:04:32, hacktest Du folgendes herunter: Is it possible that the space is a new-line (or a carriage-return) ? grmpf! -- That it was... preg_replace('/\s+$/','',$FILE); Works now! Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator -- # Debian GNU/Linux Consultant ## Development of Intranet and Embedded Systems with Debian GNU/Linux itsyst...@tdnet France itsyst...@tdnet UG (haftungsbeschränkt) Gesch. Michelle Konzack Gesch. Michelle Konzack Apt. 917 (homeoffice) 50, rue de Soultz Kinzigstraße 17 67100 Strasbourg/France 77694 Kehl/Germany Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil Tel: +33-9-52705884 fix http://www.itsystems.tamay-dogan.net/ http://www.flexray4linux.org/ http://www.debian.tamay-dogan.net/ http://www.can4linux.org/ Jabber linux4miche...@jabber.ccc.de ICQ#328449886 Linux-User #280138 with the Linux Counter, http://counter.li.org/ signature.pgp Description: Digital signature