Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trialKnowledgeWoods Consulting
5,607 PointsSecurity issue in using PHP unlink() function
Suppose i provided a sub directory on my webserver to one of my new team mate so that he can access it via FTP. Although he just got access to that particular directory but he can delete every file on my server using the same script. unlink('/var/www/site.com/*'); Is there any way to overcome this security threat????
1 Answer
Sean T. Unwin
28,690 PointsThere is this Stackoverflow discussion which may be useful. The key points, from my understanding in reading, is to be sure to authenticate the user and also to ensure the absolute path is being used, as opposed to relative.
Interesting, yet potentially scary topic.