Re: Using system call + wrapper?

I think you've got a lot of good suggestions on how to tackle this
specific issue. One thing regarding overall design that was briefly
touched on... You might want to consider having uploading be put into a
staging area that makes no assumptions regarding content, then have a
cron job transfer data over to your productive environment (or
productive directory)... (this was suggested by one of the posts, but
I'm just elaborating on it a bit). This cron job will add a layer of
abstraction that will provide you with a good bit of flexibility if your
app grows or needs to change at all. The cron job can then be easily
modified to do certain checks: is the file valid? Is it in some way
unreasonable? Is there space for it in the productive area? Does the
file already exist? If so, should it be overwritte? If I were building
this app, I'd make special effort to seperate content into at least two
camps in the production environment: content you've written, that's
verified, and content that's in
some way dependant on the user uploading or whatever. Generally, try to
keep these two as seperate as possible -- even a new directory tree
using symbolic links would be good -- make a /home/usersubmissions or
something to keep this second type of content in, then your /apache tree
is a lot cleaner. Also, putting your usersubmissions on another
partition (if you've got /usr/local on its own) will prevent /usr/local,
or on Red Hat /var/www from running out of space... if /home runs out of
space, not as big a deal than if some other directories do.

Steve

On Mon, 26
Feb 2001, Richie wrote:

> Hi
>
> I am trying to allow people to save images from their file system to a
> directory on my machine called images, for example the path that I want to
> save to is /usr/local/apache/htdocs/project/images/.
>
> Obviously from above I am using an Apache web server, PHP and PostgreSQL.
> My problem is that you need sudo access to save anything to this
> directory so I get a "Permission denied..." error on the browser. I want
> to save the image to the images directory and save the path to a table in
> my database, however I can do neither in the current situation.
>
> It was suggested to me to use a wrapper that invokes a system call such as
> system('sudo upload.php -p password') that will run the program in sudo
> but I really don't know where to start with this??
>
> Can anyone please help me?
>
> =========================================================
> Richie Duggan
> Computer Science IV
> University College Cork
> Eamil : dugganr(at)student(dot)cs(dot)ucc(dot)ie richie_dug(at)yahoo(dot)com
> Homepage : http://student.cs.ucc.ie/01/dugganr/index.html
>