Prevent access to files outside a certain directory in PHP
Posted
by James L
on Stack Overflow
See other posts from Stack Overflow
or by James L
Published on 2010-05-22T02:31:22Z
Indexed on
2010/05/22
2:40 UTC
Read the original article
Hit count: 223
I've found out the hard way that my website can be hacked by passing a query string parameter that has many ../s to access files outside of the website directory, and then screw with the website.
Is there a way, perhaps through the php.ini, to not allow file includes outside of a certain root directory?
© Stack Overflow or respective owner