Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
I'm sure you came to this topic telling me how bad this is (to open up access to the hard drive), but for my friend's webserver, I am needing to do this. How can I access various folders on the server's harddrive through php? I plan on using fopen and various related functions. Is this possible by default? My friend is wanting me to make a script that reads configuration files for his game server.
Last edited by toasty2 on Fri Mar 30, 2007 3:27 pm, edited 1 time in total.
PHP on one server accessing files on another? Are the files publicly viewable in some fashion? If not, it's not often simple. If so, HTTP requests can often take care of it.
feyd, this script will be hosted on the same server as the game server. I'm sorry if I didn't make that clear.
All I really needed to know was if php is able to access places outside of the normal webserver directories by default, and if not what do you change to make it able to.
The restrictions you are referring to is based entirely on permissions more often than not. PHP has the open_base_dir directive, but that isn't on by default in most instances I am aware of.