forum.coppermine-gallery.net
No Support => General discussion (no support!) => Topic started by: trippinsweet on June 22, 2006, 06:17:19 am
-
Just a query... I'm new to the idea of developing tools for everyones use rather than just my own personal use.
So would it be considered bad form to have a coppermine function execute a shell script?
Currently, I implemented zip downloads of albums by calling the zip function through exec() in php. Is this a bad idea?
I'm wondering what kind of problems I might encounter using it.
Oh and I have code of the zipdownloads function which I'll be happy to release... if its safe to.
-
hmm.. I don't think it's bad in itself, but not a lot of people will be able to use it since not everybody has shell access. So if your goal is for everyone to use your tools, you'll have to find a way that doesn't require exec. :)
-
The shell will be safe if the web server setup has been done correctly (i.e. user permissions and other such things). Also the command which is executed should be validated and well sanitized. If these guidelines are followed then it is safe to execute shell commands.
-
Great. Then I'll release my mod soon.
Granted not everyone (especially people on shared hosting) will be able to use it, but if you're on your own dedicated box you should have no problem installing the linux zip binaries.
I personally think that a function that allows you to download whole albums is very useful.