ansaurus

Question

PHP: File exists and is in a certain sub-directory

Answer 1

+1 A:

You should be aware of hard links and symbolic links. If you're going to change the file, do a stat to check if it's a regular file and its node count is 1.

$subdirToCheck = "/home/mysubdir/";
$file = "relativepath/userfile";
$absfile = realpath($file);
if ($absfile !== FALSE && file_exists($absfile) &&
        substr($absfile, 0, strlen($subdirToCheck)) == $subdirToCheck) {
    $ls = lstat($absfile);
    if (is_link($ls) || $ls["nlink"] > 1) {
        //abort
    }
    else {
        //do stuff
    }
}

Artefacto 2010-06-11 15:39:11

Nice. Seems like you can skip the file_exists though: *realpath() returns FALSE on failure, e.g. if the file does not exist.*

Svish 2010-06-11 16:09:46

Also not sure that link checking is necessary in my case, since they would have to be created in that directory first?

Svish 2010-06-11 16:12:39

@Svish Yes, but see the changelog. As to your other point, if you can guarantee that the directory and its subdirectories do not contain symlinks, you can obviously skip the check.

Artefacto 2010-06-11 16:16:29

ansaurus

tags:

views:

answers:

PHP: File exists and is in a certain sub-directory

related questions