Hi have this code to manage my main page.
Everything works fine on my local server at home,i'm using easyphp.
But on my webhosting server i got this error:

Warning: scandir(D:\Hosting\12067690\html/,D:\Hosting\12067690\html/) [function.scandir]: Access is denied. (code: 5) in D:\Hosting\12067690\html\index_menu.php on line 65

Any ideas?
thank you in advance.

          $dir = $_SERVER['DOCUMENT_ROOT'].stripslashes(dirname($_SERVER['PHP_SELF'])).'/';


                $pages = scandir($dir, 0);
                unset($pages[0], $pages[1]);

                $p = $_GET['p'];

                if (in_array($p.'.htm', $pages)){
                echo 'Sorry, page introuvable';                     

Recommended Answers

All 7 Replies

Sounds like a permissions issue.You don't have the rights to access the file. You can check this with the is_readable('/location/') function.

Thank you. i would like to know how i'm suppose to do that proprely in my code. how i can give access to my folder to read those files. localy i don't have to do that.

You could make it simpler by using file_exists instead of using all the scandir stuff:

$p = $_GET['p']; // WARNING: sanitize this before using it in production app

if (file_exists($dir.'/'.$p.'.htm')){
} else {
    echo 'Sorry, page introuvable';

And sanitize user input (such as limiting it to certain path, whitelisting etc).

thanks! how i can sanitize user input?

sanitizing your code:

$p = $_GET['p'];
$new_p = filter_var($p, FILTER_SANITIZE_STRING);

for example

this is input of the user that has html codes
$p = <h1>Hello</h1>

this is the one sanitized it will remove all unwanted characters
$new_p = Hello

thanks a lot! Everthing works fine now!

Cool. Please mark the tread solved. Happy coding :-)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.