|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2015-10-20 20:26 UTC] furun at arcor dot de
Description: ------------ --- From manual page: http://www.php.net/ziparchive.setpassword --- If a file is de-packed with ZipArchive::setPassword, and the password is wrong, it leafs a file with 0 length. In case a file exist already with the same name like the unpacked one, this file will be overwritten with 0 length content. This behavior is unclean. In case a password is wrong, no files should be created or changed. For Example: If ZipArchive is used to update content in a secure way, a wrong password would destroy the existing files. Exactly what the password protection of the updater file should avoid. And, There is no way to check a password before using it (... i guess) PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Oct 27 12:00:02 2025 UTC |
Thanks for the reply. Sorry for the missing test code. For testing: 1. Create a ZIP file like "C:\Temp\Test.zip", with a file inside like "Test.txt", with a password encrypted like "pass". 2. Run the test-code Zip_Test(). 3. The password is wrong, and you should have a file named "Test.txt" with the length 0 in "C:\Temp\". 4. It create the 'ERROR: extractTo' Error. 5. If "C:\Temp\Test.txt" already exists and has content, it will be overwritten. tested on xampp, PHP Version 5.6.3, on windows 7 <?php Zip_Test(); function Zip_Test () { $filePath = 'C:\\Temp\\Test.zip'; $destinationDirectory = 'C:\\Temp\\'; $password = 'pass_wrong'; $zip = new ZipArchive; if ($zip->open($filePath) !== true) { print ('ERROR: open'); return; } if ($zip->setPassword($password) !== true) { print ('ERROR: setPassword'); return; } if ($zip->extractTo($destinationDirectory) !== true) { print ('ERROR: extractTo'); return; } $zip->close(); }