PHP Salt


A little dash of PHP... my collection of php functions

Version: 2.14.1
Last Build: March 10, 2017 13:28pm (PST)

psSanitizePath()
Sanitize a string used for file/paths names


Description:

This removes all chrs that can be used by a hacker to obtain a file
from your server by providing a bad parameter in a file request in a url parameter

Note: this always pulls off leading "/"


Usage:

$str = psSanitizePath($strPath,{$pre});
set $pre to true allow starting with /


Example:


$str = psStrNumOnly("../../../../etc/passwd"); // returns "etc/passwd"




Code:

function psSanitizePath($str,$pre=false)
{
$str = str_replace("\"","",$str);
$str = str_replace("`","",$str);
$str = str_replace("..","",$str);
$str = str_replace("./","",$str);
$str = str_replace(":","",$str);
if (substr($str,0,1) == "/" && $pre == false) { $str = substr($str,1); }
return $str;
}

Changlelog:

03/09/2016 Allow use of preceeding '/' by passing $pre = true

See Also

And a shot out to:

LinuxSimple - www.linuxsimple.com
PHP - php.net
Fedora Server - getfedora.com
Shameless ads to pay for site