Sanitize file_get_contents

Posted by Luis on Stack Overflow See other posts from Stack Overflow or by Luis
Published on 2010-06-02T11:03:00Z Indexed on 2010/06/02 11:03 UTC
Read the original article Hit count: 217

Filed under:
|
|

I want to use file_get_contents to implement a proxy so I can do ajax cross domain requests. Querystring will be used to supply the URL to file_get_contents. Now the problem is people can muck around with the qurystring in order to read local files on the server. I dont wnat this. Can someone get me a function to sinitize the querystring in order only to accept urls and not local files: ie:

?url=http://google.com.au - OK

?url=./passwords.txt - Not OK

© Stack Overflow or respective owner

Related posts about php

Related posts about proxy