I'm working on a php script, where I want to delete some files from a given folder using wildcard (*).
I've found some working examples like this one, where unlink() and glob() function are used.
Now, i was wondering, would it also be ok to delete the files using the exec function and a command like rm -f /path/to/folder/_prefix_* ?
Are there any security risks taken using this?
And if it is ok, would it be better in terms of performance?
EDIT:
So, from the first answers i can see that indeed, using exec could be an acceptable solution.
What about performance issues? Is there any chance the exec option could be better (faster/less demanding) over the glob/unlink technique?
Thank you in advance
Because there is no chance for user-supplied data to be injected, there is no security issue in using exec over glob/unlink. However, using glob/unlink allows you to define exceptions:
foreach(glob("delete/*") as $f) {
if( $f == "delete/notme.txt") continue;
unlink($f);
}
And exec is often disabled on shared servers so glob/unlink is more portable. If you have a dedicated setup and don't intend on giving it up, you don't need to worry about that.