No '..' components allowed in path
Moderator: General Moderators
No '..' components allowed in path
Hello I get this errormessage:
Warning: No '..' components allowed in path in D:\Inetpub\Hotel\kinnanc136qnke\dok2000kopia\pdf_d
irekta\golv&tak\pdf.php on line 9
when running this code:
<?PHP
ini_set("display_errors", "1");
function myspawn($pdf, $bild, $nypdf)
{
$command="..\\..\\exe\\pdf.exe $pdf ..\\..\\af_bilder\\$bild $nypdf";
exec($command);
exec("exit(0)");
}
?>
<html>
<head>
<title>New Page 1</title>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_goToURL() { //v3.0
var i, args=MM_goToURL.arguments; document.MM_returnValue = false;
for (i=0; i<(args.length-1); i+=2) eval(args+".location='"+args[i+1]+"'");
}
//-->
</script>
</head>
<body onLoad="MM_goToURL('parent','pdf.pdf');return document.MM_returnValue">
Skapar pdf..
<? myspawn($_GET['pdf'], $_GET['bild'], $_GET['nypdf']);?>
</body>
</html>
It execute an .exe that switch some bytes in a pdf-file and then saves it to a new location..
When safe_mode = Off everything works just fine..
But it will be hosted on a webhotel that wont allow safe_mode = Off so I have to get it to work with safe_mode = On
Anyone know whats the problem?
Thanks!
Warning: No '..' components allowed in path in D:\Inetpub\Hotel\kinnanc136qnke\dok2000kopia\pdf_d
irekta\golv&tak\pdf.php on line 9
when running this code:
<?PHP
ini_set("display_errors", "1");
function myspawn($pdf, $bild, $nypdf)
{
$command="..\\..\\exe\\pdf.exe $pdf ..\\..\\af_bilder\\$bild $nypdf";
exec($command);
exec("exit(0)");
}
?>
<html>
<head>
<title>New Page 1</title>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_goToURL() { //v3.0
var i, args=MM_goToURL.arguments; document.MM_returnValue = false;
for (i=0; i<(args.length-1); i+=2) eval(args+".location='"+args[i+1]+"'");
}
//-->
</script>
</head>
<body onLoad="MM_goToURL('parent','pdf.pdf');return document.MM_returnValue">
Skapar pdf..
<? myspawn($_GET['pdf'], $_GET['bild'], $_GET['nypdf']);?>
</body>
</html>
It execute an .exe that switch some bytes in a pdf-file and then saves it to a new location..
When safe_mode = Off everything works just fine..
But it will be hosted on a webhotel that wont allow safe_mode = Off so I have to get it to work with safe_mode = On
Anyone know whats the problem?
Thanks!
Instead of using relative paths, try using the full server path.
which can be found in the variable
Mark
which can be found in the variable
Code: Select all
_SERVER["DOCUMENT_ROOT"]
Last edited by JayBird on Thu Nov 06, 2003 8:21 am, edited 1 time in total.
found this in the manual
The only syntax I found to work for the command portion of an an exec() call on a Win2K devel platform is:
where 'path-to-exe' has escaped double quotes, args are in the standard format, and 'file-name' has any backslashes escaped.
Example:
Note that the backslashes are escaped in the uploaded_file name, but not in the path to call the Winzip executable. Go figure!
Mark
The only syntax I found to work for the command portion of an an exec() call on a Win2K devel platform is:
Code: Select all
$command = ""path-to-exe" args file-name";Example:
Code: Select all
$command = ""C:\program files\winzip\wzunzip.exe" -c C:\\temp\\uploaded_file.zip";
exec($command,$output,$rv);Mark
yes, they provide win-php, take a look: http://malibu.bluerange.se/kinna/p.php
no, no errormessages if i try to use absolute paths, just:
Warning: exec(): No '..' components allowed in path in c:\inetpub\wwwroot\kinnan\dok2000kopia\pdf_direkta\golv&tak\pdf.php on line 9
if i run the code as above..
im a supern00b at php so if there is something i shall write to get errormessages, tell me
Warning: exec(): No '..' components allowed in path in c:\inetpub\wwwroot\kinnan\dok2000kopia\pdf_direkta\golv&tak\pdf.php on line 9
if i run the code as above..
im a supern00b at php so if there is something i shall write to get errormessages, tell me
on more thing that might help you..
on the host's page it says something about move_uploaded_file..
"To save an uploaded file i the website you have to use move_uploaded_file. The temporary file can not be opened in some other way due to securityreasons"
we i use my .exe that changes some bytes in one pdf and then saves it in in another place with another name, do you think I should use this move_uploaded_file? dont have a clue what it is..
on the host's page it says something about move_uploaded_file..
"To save an uploaded file i the website you have to use move_uploaded_file. The temporary file can not be opened in some other way due to securityreasons"
we i use my .exe that changes some bytes in one pdf and then saves it in in another place with another name, do you think I should use this move_uploaded_file? dont have a clue what it is..