6 Filesystem Access: Accessing the Filesystem for Fun and Profit

Sometimes you just can’t avoid dealing directly with the filesystem. Files have to be opened, created, modified, and deleted. In this chapter, we discuss how to go about these tasks without opening up your application to every script kiddie with a couple of hours to kill.

Opening Files

There are two types of files an application can open in PHP:

• Local files

• Remote files

Both carry some risk, but opening local files is generally safer, so we’ll start there. Opening a local file is just like any other system call; as long as you’re careful to verify what you’re opening and don’t allow access to anything but what you intend, you’ll be all right. ...

Get Securing PHP Web Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Securing PHP Web Applications by Tricia Ballad, William Ballad

6 Filesystem Access: Accessing the Filesystem for Fun and Profit

Opening Files

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly