Editing XML via PHP safely.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
jrucifer
Forum Commoner
Posts: 32
Joined: Fri May 13, 2005 2:36 pm
Location: phoenix

Editing XML via PHP safely.

Post by jrucifer »

Hello all,

I recently decided to design and develop a photo gallery that can be easily managed by the user without relying on a database. I decided to use XML as my data storage and source, but quickly realized a potential flaw. The write permissions must be set to global in order to write over the existing one with updated data via PHP.

My question is, how risky is this? Could somebody easily manipulate the file from a remote server? Is there any way I can write to the file from my server without leaving the permissions wide open?

Thanks in advance
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Editing XML via PHP safely.

Post by requinix »

While there is always a risk the file permissions are much less of a concern than the security of the PHP application itself. Focus on that before you wonder about shell users accessing your stuff.
Post Reply