Hello Community,
I was wondering if there is a way to restrict sub directories from accessing the parent directory (the main directory where all my website file are stored) and from having any interaction with the previous folders (so once there in the child folder they can't leave it eg. using ../)

Is there a way doing this using PHP or .htaccess?

Please help...

Member Avatar


Is there a way doing this using PHP or .htaccess?

It's better to used .htaccess

Hmz. Please clarify the logic that you would want to implement. I have a feeling it will only be possible when using sessions or cookies, and both can be disabled.

What i want it so a user can't leave the directory i place them.
That also means they can't use ../ to go back a directory.

You just repeated what you said the first time. What exactly are you trying to prevent? Access to pages? Images? Provide some more background information (how/where does a user start etc.), so we can determine the best course of action.

What i want is for each users to get there own directory for them to store there files and for them to also run there files; but if they wanted to make a (eg. php) file they could use ../ to get out of there directory which means they would go into the directory that contains my website files and if they wanted to they could delete my files. What i want is for them to be restricted from them leaving there directory using there files (a php file using ../).

Now If you still don't under stand what i mean, you never will because i don't know how else i can explain it any better.

This makes more sense, thank you. Have a look at the open_basedir directive in the PHP.INI file. It is possible to set this at run-time as of PHP5.3 I think. If your webhost allows PHP.INI overrides, then you could use a PHP.INI file in each folder, restricting access to only that folder.