View Single Post
Old 6th February 2006, 10:54
danf.1979 danf.1979 is offline
Senior Member
Join Date: Dec 2005
Location: Chile
Posts: 247
Thanks: 4
Thanked 3 Times in 2 Posts
Send a message via MSN to danf.1979

Hi again. I just staring at the code right now and got a little scared with the function that deletes directories from a cms created installation.
PHP Code:
    function _do_delete() {
        if ( 
is_array($this->do_delete) ) {    
            foreach (
$this->do_delete as $value) {
system("rm -rf ".$this->path_to_create."/".$value);
do_delete is an array of directories to delete: $cms_install->do_delete = array("dir1/", "dir2/");
How can I be absolutely secure that I will *never* delete my entire disc?
I do define do_delete only in the script and there is no $_POST var involved, but this could not be the case in the future.
For example, could I force that all directories to eventually delete *must* be inside, for example, in /var/www/web[ID]/web/ ? (I know it can be other document root too) but just for simplicity

Last edited by danf.1979; 6th February 2006 at 11:03.
Reply With Quote