I want to create a file with a name containing backslash(/), e.g. 2013/2014.txt .
However, I found that php will regard it as a directory and create directory 2013 and put the content into a file 2014.txt.
How to escape the following situation?
The example you use is a forwardslash.
/ - forward
\ - back
Both of these are not valid in any system as file names because they are used for addresses of directories.
I suggest you use a hypen. Eg. 2013-2014.txt or underscore 2013_2014.txt
Related
Every example I find for file_get_contents and FILE_USE_INCLUDE_PATH show the file name as a text string inside quotes. I see that the dot concatenation is used (I'm presuming to concatenate the PATH and the actual file name) and when I follow that method, my code works. However, I need to create a variable for the file name and when I do PHP stops.
I have set_include_path( PATH ); and I see the desired folder WITHOUT a forward slash (/).
I have tried both with and without a forward slash in front of the file name when I assign it to the variable ($var_ame = "file.dat";) and ($var_ame = "/file.dat";) with no difference.
This works: $expected_var = file_get_contents('./file.dat', FILE_USE_INCLUDE_PATH);
This DOES NOT: $expected_var = file_get_contents($var_name, FILE_USE_INCLUDE_PATH);
I have tried a dot in front of the variable knowing that I need to concatenate somehow but that stops PHP as well.
What am I missing here?
The dot in file_get_contents('./file.dat', FILE_USE_INCLUDE_PATH); is not a string concatenation operator, it's an actual dot inside the string. If you want that same string in a variable, you want to include that dot: $filename = './file.dat';
Meanwhile, the fact that the dot is there means that FILE_USE_INCLUDE_PATH is irrelevant, because . is the special name for "the current directory", so './file.date' means "a file called 'file.dat' in the current directory", and won't search any other directory.
What "the current directory" means in a running PHP script is not always obvious, so as a general good practice, I would suggest not relying on it, or on the configured path, and always using an absolute path. The magic constant __DIR__ expands to whatever directory the current PHP file is placed in, which can be useful for constructing such a path.
under CXS (ConfigServer eXploit Scanner) I can add directories to ignore during a virus scan on a cpanel server.
my problem is that when a user has more than 1 website in his cpanel account the dir look like this:
/home/username/domain1.com/public_html/dir1/dir2
/home/username/domain2.com/public_html/dir1/dir2
could you please tell me the correct regex code to include any directory name where /domain1.com/ could be any directory name.
I tried /home/username/*/public_html/dir1/dir2 but it's not working.
thanks
You need to backslash all the forward slashes and exclude the possibility that a directory has a / or a NULL (0x00) char in its name:
\/home\/username\/[^\/\x00]+\/public_html\/dir1\/dir2
You can try this:
/home/username/[^/]+/public_html/dir1/dir2
Note that character set: [^/] allows the directory name to consist of anything except a forward-slash.
So you may want to lock that down to a more specific character set, and be less permissive.
I need to pass filenames via the url, e.g.:
http://example.com/images/niceplace.jpg
The problem I'm having is when the file name contains a blank character, e.g.:
http://example.com/images/nice place.jpg
or
http://example.com/images/nice%20place.jpg
For these two URLs, codeigniter complains about the blank char: "The URI you submitted has disallowed characters."
How should I go about fixing this?
I know I can add the blank character to the permitted_uri_chars in config.php but I'm looking for a better solution as there might be other disallowed characters in a filename.
I figured out a solution.
The URL is generated using rawurlencode().
Then, within the images controller, the filename is decoded using rawurldecode(html_entity_decode($filename)).
I successfully tested this solution with a few special characters I can think of and with UTF-8 characters.
You can use this method:
http://php.net/urlencode
Actually, you will run into another issues, when a filename would contain & character, and a few others. urlencode would get rid of all the possible issues.
This configuration option is created to avoid some characters being passed in URI and you want to walkaround it in some cases. I think most appropriate solutions are:
Pass file name as a parameter - http://domain.com/images/?image=test.jpg
Remove all non alfanumeric characters and may be some other (dash, underscore, etc) from file name when you save it. In my opinion, it is better, because you can face other problems with some character in other cases.
One of the better way to work with url's for specified condition is to encode/encrypt your url parameters using encryption/security class in order to maintain URL security:
$encrypt=$this->encrypt->encode($param1) & $this->encrypt->decode($encrypt)
Alternatively if you want special chars to be allowed in the URL then change your config settings in config.php file.
File Location: application/config/config.php
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-';
Add all characters in right side that you want to be allowed with your application.
I have PHP script from here http://css-tricks.com/snippets/php/display-styled-directory-contents/ , everything works fine except when I have file or folder with #,",' sign it can't be display in web browsers. So I must rename that file or folder to get it works. How to fix this?
You have to escape those characters, with a backslash \. I don't know why you would have folders with special characters in the name anyways.
For example if you have a folder named #Folder you would need to escape the # but doing \#Folder.
I accidentally have created some folders on server with a function and instead of using "/" I used this "\". Now the folders are like this : "folder\MartonMihaiBusinessCard" .
I cannot delete them anymore. What can I do about this ?
Because you used PHP to create them, they're likely owned by some funky user like "nobody" or "apache". So, you'll have to use PHP to delete them, too.
This doesn't work out of the box with filenames containing backslashes, as you've found. This is because the backslash is treated as an "escape" character in PHP. Something like "my\new\file" will actually contain a linebreak and a carriage feed.
However, if you escape the backslash-- with another backslash!-- you'll be able to point PHP at the file.
rmdir("/path/to/the/folder\\MartonMihaiBusinessCard");
(or unlink() if it's actually a file, I wasn't clear on that) should do what you seek.