August 2003
Intermediate to advanced
1104 pages
19h 27m
English
Content preview from Core PHP Programming, Third Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
28.17. Avoid Using exec, Backticks, and system If Possible
A common mistake that many PHP programmers make is overusing external processes for tasks that can be performed using PHP's built-in native functions. For instance, exec("/bin/ls –a $dirname", $files), which uses the external /bin/ls program, can be replaced by code in Listing 28.11.
Listing 28.11. Avoiding executing an external process
<?php
$dir = opendir($dirname);
while($entry = readdir($dir))
{
$files[] = $entry;
}
?>
|
Even though it's a few more lines of code, Listing 28.11 is much faster and is also much less prone to security hazards. The exec version requires you to make sure that dirname contains no malicious switches or code that may end up doing something other than you ...