3 replies to this topic

[bbqroast]

Yes I under stand that i would have to check a million times for stuff like injection but would it be possible to do this:

1. User types in name of his site ($sitename)
2. Checks user is authorized as admin and if the site is already made.
--- This is where i'm not sure ---
4. PHP creates a folder called ($sitename).
3. PHP edits the virtual host file and creates another virtual host and points it to that folder.

Now the main point of this is: Can php edit files (text files) out of the htdocs directory??
Seeing as its SSI i can't see why not.

------------

[Alexander]

PHP is a scripting interpreter running on a local drive, therefor as long as you have permission to read/write to the directory above htdocs, then you can do what you wish with it. Note that Apache generally runs under a limited user account, therefor it may not unless you explicitly allow it (which I do not recommend)

[bbqroast]

Yes but i am running in a devolpment enviroment (my router wouldn't let my server go WWW without setting up a DMZ). An my prospective hosts seem to give the user lots of control over the htconfig files.

[Calgon]

Perhaps you could use: PHP: Execution Operators - Manual

For example:

echo `sudo scp file tofile`; // Or a more sufficient command for the operation.

Or whatever the correct syntax is. Edit it with the PHP file functions, then try to use the 'mv' command to move it back, like so:

echo `sudo mv locationtocurrentfile locationtoapachedirectory`;

The code ^ was designed for Linux, I'm clueless when it comes to Windows Command-line. Though I'm skeptical that will work properly, you could give it a try and tweak it?

Then again... If you're on shared hosting, there's a 1 in a million chance that will work.