I'm writing a plugin for a CMS that will manipulate images (resize them). How can I ensure that only certain directories are ok?

Question

I want the user to be able to define what directory they want the script to look in (and find all images).

I know I could ask for $_POST['sub_directory_to_look_in'] and glob('galleries/' . $_POST['sub_directory_to_look_in'] . '/*.jpg'); and ensure that $_POST['sub_directory_to_look_in'] doesn't have '../', but are there any security issues with doing this?

I've looked into basedir function but not sure if that will help

What do you do with the found files? – Gumbo Apr 23 '13 at 18:52 — Gumbo, Apr 23 '13 at 18:52
resize, crop etc for images, and for zips : unzip – Apr 23 '13 at 22:21 — , Apr 23 '13 at 22:21

score 0 · Answer 1 · edited May 23 '17 at 11:57

To be safe, do the mapping between a user and its content using an uniquely identifying key (such as a salted hash of a user id) related somehow to the destination directory.

This way your query parameters shall not even contain information about your infrastructure but only information about the data to be transferred including the kind of target destination (not where it should be located, but where it should be relatively located for instance).

P.S. : You could use realpath to resolve symbolic links of a given valid path if browsable by the system user http://www.php.net/manual/en/function.realpath.php

This question might be related to Sanitize file path in PHP

I'm writing a plugin for a CMS that will manipulate images (resize them). How can I ensure that only certain directories are ok?

1 Answers1