PHP Accessing Directories on the server?

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
toasty2
Forum Contributor
Posts: 361
Joined: Wed Aug 03, 2005 10:28 am
Location: Arkansas, USA

PHP Accessing Directories on the server?

Post by toasty2 »

I'm sure you came to this topic telling me how bad this is (to open up access to the hard drive), but for my friend's webserver, I am needing to do this. How can I access various folders on the server's harddrive through php? I plan on using fopen and various related functions. Is this possible by default? My friend is wanting me to make a script that reads configuration files for his game server.
Last edited by toasty2 on Fri Mar 30, 2007 3:27 pm, edited 1 time in total.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

PHP on one server accessing files on another? Are the files publicly viewable in some fashion? If not, it's not often simple. If so, HTTP requests can often take care of it.
User avatar
Christopher
Site Administrator
Posts: 13596
Joined: Wed Aug 25, 2004 7:54 pm
Location: New York, NY, US

Post by Christopher »

(#10850)
toasty2
Forum Contributor
Posts: 361
Joined: Wed Aug 03, 2005 10:28 am
Location: Arkansas, USA

Post by toasty2 »

feyd, this script will be hosted on the same server as the game server. I'm sorry if I didn't make that clear.

All I really needed to know was if php is able to access places outside of the normal webserver directories by default, and if not what do you change to make it able to.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

The restrictions you are referring to is based entirely on permissions more often than not. PHP has the open_base_dir directive, but that isn't on by default in most instances I am aware of.
Post Reply