Sanitize file path in PHP

Question

Greetings, I\'m hoping to make my tiny program secure so that potential malicious users cannot view sensitive files on the server.

    $path = \"/home/gsmcm         


        

Answer 1

realpath() will let you convert any path that may contain relative information into an absolute path...you can then ensure that path is under a certain subdirectory that you want to allow downloads from.