[nycphp-talk] server-writable php files (was: using PHP to create a php file)

Ken Robinson kenrbnsn at
Fri Jun 9 17:01:18 EDT 2006

At 04:51 PM 6/9/2006, Allen Shaw wrote:
>1. Create the file
>2. store md5 checksum of in database
>3. compare stored checksum and actual file checksum anytime before
>running the file later.

That might be fine for files you create, but what is going to stop a 
malicious person who finds the directory, put his own scripts into 
it, and causes havoc to your server or the web and you won't even 
know he's there until too late.


More information about the talk mailing list