lanceseidman
commented
11 years ago Only issue besides it being deprecated in PHP5 is if you look, we're throwing actual full BASH commands as the grabber binary grabs exactly what it sees and executes it (for now).
We will have outrageous commands shortly that I am just scared might get blocked when trying to store. Right now its all simple but when we start popping in pipes and odd file paths + spaces, even if we use PDO a chance it could accidently strip it.
But sure we could say well look for
As for type, no doubt that's a good idea. Current reason I am not using that at this specific second as I am looking to see what has a value (technically only 1 column can) grab it and once grabbed remove it so we don't have multiple commands and/or re-launch (assuming the user changes the grab interval lower). But again with type we can of course go if type ==
I have an update almost done, before I upload it I will re-make the database and update everything according to the type method.
It would be better to change the database to have a type field and a data field.
That way you can add unlimited features without adding extra database fields.
Also, you should really look at the vulnerabilities of mysql injections. Even though this is supposed to be hosted on a private network, it's still better to always use some way of sanitizing the input. You could use mysql_real_escape_string to prevent data from creating mysql errors, which in itself could be a good idea because because single quotes are valid url characters, which would cause problems with your current code.