line you listed above gives root access to the whole machine to the user http and your shell_exec function, and thus it could potentially zap the root crontab instead of the adverts crontab as well as is a general risk.
What you probably want would be something more like this:
http ALL=(adverts:adverts) NOPASSWD: /usr/bin/crontab
You might skim through the manual page for sudoers
to see if you can interpret that line or if you spot anything useful. But it should allow the following with PHP
shell_exec("/usr/bin/sudo -u adverts /usr/bin/crontab -r")
If you pass any variables to the shell, be sure that they are 'sanitized' so you avoid bad surprises.
Anyway, "sudo" is very, very useful and very, very powerful. I'd recommend the book "Sudo Mastery" by Michael W Lucas to get the proper background information about how to safely use it. The manual page for "sudoers
" will make a lot more sense after reading the book.