Issues Calling EXE from within VB6 DLL

I have a DLL that searches a database for user input. However, our users can't spell, and this seriously messes up the search results. We need a spellchecker to suggest better search terms.


Option 1: Roll My Own
This really isn't an option. Writing a spellchecker is the biggest example of re-inventing the wheel that I can think of, and it's a highly non-trivial task.
No way, Jose.


Option 2: MS Word
There are a lot of sites that say that you can use Winword to spellcheck stuff from within an ASP or DLL application.
The problem is, you have to jump through a bunch of hoops to get it to work, and even when it DOES work, it's very delicate and easy to crash. If you're not lucky and super-careful, you end up with 100 instances of WINWORD.EXE taking up all of your server's resources.
Scratch that.


Option 3: Commandline External EXE
I found ASpell.exe, which really seems to be the ticket. It's a command-line utility that can take piped input and output the spell-checked data to a txt file. See http://aspell.sourceforge.net/ for more information.

The format of the command is this:

This works fine when running interpretively (of course ), and it also works on a Windows 2000 test server running compiled. However, when running on our live server, this happens:
1. The spelling check runs, and doesn't seem to have any errors, but the output never goes to the txt file.
2. Once this has been done even once, the server fails on the next call to read data from the database, with this error:
3. Requests for other pages start taking enormously long amounts of time to complete.

Here's the basics of how I'm calling the EXE in my DLL:
1. Created a batch file that contains this:
2. In MyClass.SpellCheck(strQ), do this:Any ideas?

Ok, did some more research, and here's the problem:

"ASpell -a" allows you to use the program in "pipe" mode. That means, if you pipe your output into aspell.exe with the -a switch, then it'll spit back the results. You can then pipe the results of THAT program into a txt file, with the > command-line operator.

However, if you do "echo "sum badlee speeled werds" | aspell -a > output.txt", then you're REALLY calling CMD.exe! So, that means that you need to give your IUSR_MachineName execute access to cmd.exe.

This strikes me as really really really Super-Insecure, since all we're really needing to do is spit out a few words onto the console. Is there a better way to put something onto the console? Perhaps is there an "echo.exe" program, that functions just like the DOS Echo command? I would happily give IUSR_MachineName access to that rather than allow it to touch CMD.exe, potentially allowing someone to "CMD /C format C:" or something equally devastating.

My guess is there is a COM spelling checker out there somewhere so you don't need to mess with cmd.exe permissions.

You might take a look at using the wscript object which lets you run command line programs. Also it can be a problem capturing console output text from code.