Sanitize file path in PHP

Question

Greetings, I\'m hoping to make my tiny program secure so that potential malicious users cannot view sensitive files on the server.

    $path = \"/home/gsmcm         


        

Answer 1

If you can, use a whitelist like an array of allowed files and check the input against that: if the file asked by the user isn't present in that list, deny the request.