[RESOLVED] cron

slimjim

I have a directory and in that directory I have a page that cron needs to run once a day.
But I dont want other people to run it thru browser.
What would be the command line if I password protect that directory so that the job can be ran using cron.

wilku

Move this php script outside your web server root directory. Then in the cron run php parser giving full path to this file. Cron job is a system command being run every now and then, so it will not be bound by your web root. And outsiders won't be able to call it.

slimjim

Thank you but I dont have access to root, but I do have access to cron.
Thats why I asked about a password directory, which should be safe too.

wilku

if you have acces to like /home/your_account/public_html or similar, you just need to put it outside public_html. Anyway folder protection in web server won't affect running your script with php client:

0 22 * * * /full/path/to/php /full/path/to/script.php

in crontab will run every day at 22:00

slimjim

I cant get above public_html is what I am saying.
I have to put in a directory in public_html and that is why I need to know what the command line to use if script is in a password protected dir.

I know there is a way to do this but cant figure it out
It is something like user:xxxpass: or something.

wilku

To run a script with a cron job you don't need any user:pass as long as this file is readable by user that runs cron. You just need to call php (literally write full path to php at command prompt) followed by full path to your script (locally, that means from server root ). If you don't know what is the path to your script or php interpreter use [man]phpinfo[/man]. The paths should be somewhere there (even if you don't have access to root). I have written in the post above what should be in the crontab.

suntra

Make some tests, but I'm pretty sure the IP will be 127.0.0.1 when CRON is doing its job...

So simply add a statement like this...

if($_SERVER['REMOTE_ADDR'] <> '127.0.0.1') {
    exit('You ain\'t Cron !');
}

slimjim

suntra can you explaine why that works to prevent people from running it thru browser and why are you sure ip address will be that ?

Horizon88

Slimjim - it would stop people from running it because the REMOTE_ADDR variable is pulled from the visitor - it's their unique IP address. 127.0.0.1 is a special IP address for the local machine - it's just like typing localhost. So, if the IP address doesn't equal 127.0.0.1, then the user trying to access the page is NOT cron, since the cron job would access it locally - what Suntra was saying, though, is that Cron may not register an IP address when it calls the script, so you'll have to check - you could also hook wget through cron to make it use HTTP and pass an IP that way, I suppose.

slimjim

well that doesnt work for me, I tried but it just doesnt run the cron job.

Horizon88

Are you sure you have cron job access? what are you doing to set it up?

slimjim

I have cron access.
Cron runs fine if I dont use the cron ip check, if I do use it, it wont work.
I cant believe I have to put cron jobs above html directory.
Must be a way to have cron run jobs with some form of protection against people running it thru browser.

Horizon88

Try hooking it with wget. Use the IP address script to check for localhost and tell cron to do a wget yoursite.com/file.php instead of the absolute file path to it.

slimjim

It looks like crons ip address is using my servers ip address instead of the one mentioned above.

slimjim

Ok this works

If cron file that is in protected directory needs to be ran
wget http://user:pass@www.yoursite.com/protecteddirectory/yourfileyourwantran.php

Just replace user and pass with htaccess user and pass

Horizon88

Cool. I was going to suggest .htaccess but I wasn't sure if wget/cron could handle it. Apparently it can. 😉 Don't forget to mark this resolved, please.