I have a php script which generates a report. The end user of this report wants it uploaded to a server where they can access it. I have an account with SFTP access to upload files to their server.
One way to do this would be to call
system("lftp -e ... -u user,password sftp://host");
I know that it is usually unsafe to provide a password on the command line, since other users can see command lines with programs like w and ps.
Since this is done from the php process, is this any different or just as unsafe?
Obviously using CURL or another library to do the SFTP connection would be safest and the "right way" to do it. This question is for my education on this particular issue, so I don't need anyone to tell me to use curl instead. The ftp example is just an example.