Zip it good

So something I have been putting off I managed to hack together yesterday, but it works. That is the ability to download code from the bildeCode. On any project module or session of code you can just hit the download button, and download a zip file of all the code in the proper files. This may sound like something rather simple, and it may be to some. But the interesting thing is that there are no real files on bildrCode, so how do you zip them. When you click the download button, the server grabs everyting needed out of the database and creates actual files and folders out of them (in a random named secret file for security (see below)), then zips it all together, deletes the files and folders and downloads the zip to your computer. To the user it is just like they clicked on a link to a zip file.

The security thing is like this. I was thinking how dangerous this could be . You can write any code you want on bildrCode, and pressing this button makes them actual files. That means a user could write malicious code, press download to make it real, navigate to the file, therefore executing them live on the server, and hacking us in 2 seconds flat. Im hoping that by doing all of this in a randomly named temp folder, and deleting it as soon as the zip is done will take care of this. But I think I have a lot more security to work on.

Anyways, I have been looking at letter pressing a lot lately, and I have been working on a latter pressed look in photoshop for some icons etc. I was making this nice one for the download button, but didn’t use it. I think it came out great, so I tried (to some success) to make a few others. But I offer them to you for use in what ever you want. You don’t even have to give credit.

Comments are closed.