Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexander Muxalich2015-03-10 13:17:30
PHP
Alexander Muxalich, 2015-03-10 13:17:30

How to protect a file with serialize content?

Hello, I have a product export method implemented on my site, serialize data from the database is simply written to the file. Then it is restored using the same data. The question is how can you protect the file from external interference? To be sure that the file is not 'chemized'?
There is an idea to encrypt the contents of the file. But am I looking in the right direction?
I forgot to add, the file contains base64 - a photo of the product, in general, I'm afraid that they will cheat with the file representation, for example, they will replace it with a malicious php file.
More: export of goods - any user can save their goods to their computer as a file. What does the file mean? serialize(base64( product photo) + product data). Then, after saving, these goods can be imported back, by reverse transformations. This is done in case of emergency, since people have several thousand different goods, and in the event of an emergency, the user himself can restore them from a file without waiting for a response from the administration.
Thanks to those who advised the CPU, I will dig into this one, tell me if there are ready-made implementations of the CPU? Preferably under ZF 1.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
N
Nikolai Korabelnikov, 2015-03-10
@muxalich

Most likely, you should be interested in the signature of the file, and not encryption.
The signature will ensure integrity. If the signature is not correct, then the content was changed.

Report
F
FanatPHP, 2015-03-10
@FanatPHP

All answers are not worth one comment from Armenian Radio
Before receiving an answer to which no answer should be written.
One of the things that separates a monkey from a specialist is experience. And developed intuition for govnokod. If a person asks how to attach square wheels to a bicycle, and separately stipulates that the color of the bicycle is red, this clearly indicates that he has a vinaigrette in his head, and he initially does something wrong. therefore, you must first ask him - WHY he needs a bicycle with square wheels.
And then explain how to do it right.

Report
6
65536, 2015-03-10
@65536

external interference from where? if by http, then put in a folder next to it .htaccess with the contents of Deny From All

Report
V
Vasily, 2015-03-10
@Applez

You would not do an export, but write the saved goods into a separate database table (such as a pre-order table, which you can then load and delete if you don’t need it already), then you would know for sure that they would not be spoiled.

Similar questions
B
bio2015-03-31 04:08:43
How to make a soap xml parser? 2Reply
W
WebforSelf2021-03-23 23:45:26
How to start server after centos 7 backup, vestacp? 3Reply
I
Isaac Clark2017-04-05 13:43:42
HTML5 GAME: Is it better to use Canvas or DIV for sprite animation? 5Reply
N
nethole7412019-10-02 20:40:14
Sending to modx revo via ajaxform not working? 2Reply
E
Evgeny Yakushov2019-10-09 19:41:27
How to download a dynamically generated file and make the location of this page? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question