Jump to content

How secure is this?


ryanfilard

Recommended Posts

I wrote an update script, how secure do you think it is?

By the way, this is an include. The page it is included on stop attacks by making sure the user is logged in.

function update_file($url, $file)
{
        //Get URL content
		$ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
            $data = curl_exec($ch);
            curl_close($ch);
            $new_content = $data;

		//Replace with content from URL
		file_put_contents($file, $new_content);
		echo $new_content;
}

function get_url($file)
{

$domain = 'http://www.mysite.com/';
$folder = 'update/'; 
$ver = '2.0.1';	
$full_url = ''.$domain.''.$folder.'/'.$ver.'/';
$fileu = array
(
"functions/update.php" => "".$full_url."functions/update.txt"
);

return $fileu[$file];
}

$files = array
(
'functions/update.php'
);

foreach($files as $file)
{
update_file(get_url($file),$file);
}

Link to comment
https://forums.phpfreaks.com/topic/258940-how-secure-is-this/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.