Delete directory tree function Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?Recursive hashing functionRecursive search to delete n'th child in treeGlob-Like Search in VBAWalk a directory tree recursivelyRecursive file copy functionSanitizing functionRecursively delete empty folders in LuaSecurely Delete All Drive DataReading Files in a File Manager Plugin for WYSIWYG EditorsWordPress plugin that accepts a zip file, moves it to a specific folder, then unzips it
Inverse square law not accurate for non-point masses?
Why does BitLocker not use RSA?
Calculation of line of sight system gain
How do you write "wild blueberries flavored"?
Why are two-digit numbers in Jonathan Swift's "Gulliver's Travels" (1726) written in "German style"?
How to make triangles with rounded sides and corners? (squircle with 3 sides)
Did pre-Columbian Americans know the spherical shape of the Earth?
How can I list files in reverse time order by a command and pass them as arguments to another command?
Why do C and C++ allow the expression (int) + 4*5;
Is there a spell that can create a permanent fire?
Is this Kuo-toa homebrew race balanced?
Twin's vs. Twins'
Is it OK to use the testing sample to compare algorithms?
Understanding piped commands in GNU/Linux
Why not use the yoke to control yaw, as well as pitch and roll?
How could a hydrazine and N2O4 cloud (or it's reactants) show up in weather radar?
Does a random sequence of vectors span a Hilbert space?
Did John Wesley plagiarize Matthew Henry...?
Why did Bronn offer to be Tyrion Lannister's champion in trial by combat?
Diophantine equation 3^a+1=3^b+5^c
The Nth Gryphon Number
3D Masyu - A Die
What does 丫 mean? 丫是什么意思?
By what mechanism was the 2017 UK General Election called?
Delete directory tree function
Planned maintenance scheduled April 23, 2019 at 23:30 UTC (7:30pm US/Eastern)
Announcing the arrival of Valued Associate #679: Cesar Manara
Unicorn Meta Zoo #1: Why another podcast?Recursive hashing functionRecursive search to delete n'th child in treeGlob-Like Search in VBAWalk a directory tree recursivelyRecursive file copy functionSanitizing functionRecursively delete empty folders in LuaSecurely Delete All Drive DataReading Files in a File Manager Plugin for WYSIWYG EditorsWordPress plugin that accepts a zip file, moves it to a specific folder, then unzips it
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
$begingroup$
I made this function to delete a directory with all its contents recursively, will it work as expected in a production environment ? is it safe ? I don't want to wake up one day with /home
contents is gone :D
public static function delTree($dir)
if(!is_dir($dir))return false;;
$files = scandir($dir);if(!$files)return false;
$files = array_diff($files, array('.','..'));
foreach ($files as $file)
(is_dir("$dir/$file")) ? SELF::delTree("$dir/$file") : unlink("$dir/$file");
return rmdir($dir);
Note: I use this function internally, meaning there are no client parameters like directory names is taken from the client before I call it, so there is no chance for traversal attacks, and I check the base path with another function before I call it, for example to delete a client folder I do something like this
$clientsFolderPath = $_SERVER['DOCUMENT_ROOT'] . "/../clients"
$clientFolderPath = "$clientsFolderPath/$clientId";
$realBase = realpath($clientsFolderPath);
$realClientDir = realpath($clientFolderPath);
if ( $realBase || !$realClientDir || strpos($realClientDir, $realBase) !== 0 )
//error, log , and exit;
else
ExtendedSystemModel::delTree($clientFolderPath);
php recursion security file-system
$endgroup$
add a comment |
$begingroup$
I made this function to delete a directory with all its contents recursively, will it work as expected in a production environment ? is it safe ? I don't want to wake up one day with /home
contents is gone :D
public static function delTree($dir)
if(!is_dir($dir))return false;;
$files = scandir($dir);if(!$files)return false;
$files = array_diff($files, array('.','..'));
foreach ($files as $file)
(is_dir("$dir/$file")) ? SELF::delTree("$dir/$file") : unlink("$dir/$file");
return rmdir($dir);
Note: I use this function internally, meaning there are no client parameters like directory names is taken from the client before I call it, so there is no chance for traversal attacks, and I check the base path with another function before I call it, for example to delete a client folder I do something like this
$clientsFolderPath = $_SERVER['DOCUMENT_ROOT'] . "/../clients"
$clientFolderPath = "$clientsFolderPath/$clientId";
$realBase = realpath($clientsFolderPath);
$realClientDir = realpath($clientFolderPath);
if ( $realBase || !$realClientDir || strpos($realClientDir, $realBase) !== 0 )
//error, log , and exit;
else
ExtendedSystemModel::delTree($clientFolderPath);
php recursion security file-system
$endgroup$
add a comment |
$begingroup$
I made this function to delete a directory with all its contents recursively, will it work as expected in a production environment ? is it safe ? I don't want to wake up one day with /home
contents is gone :D
public static function delTree($dir)
if(!is_dir($dir))return false;;
$files = scandir($dir);if(!$files)return false;
$files = array_diff($files, array('.','..'));
foreach ($files as $file)
(is_dir("$dir/$file")) ? SELF::delTree("$dir/$file") : unlink("$dir/$file");
return rmdir($dir);
Note: I use this function internally, meaning there are no client parameters like directory names is taken from the client before I call it, so there is no chance for traversal attacks, and I check the base path with another function before I call it, for example to delete a client folder I do something like this
$clientsFolderPath = $_SERVER['DOCUMENT_ROOT'] . "/../clients"
$clientFolderPath = "$clientsFolderPath/$clientId";
$realBase = realpath($clientsFolderPath);
$realClientDir = realpath($clientFolderPath);
if ( $realBase || !$realClientDir || strpos($realClientDir, $realBase) !== 0 )
//error, log , and exit;
else
ExtendedSystemModel::delTree($clientFolderPath);
php recursion security file-system
$endgroup$
I made this function to delete a directory with all its contents recursively, will it work as expected in a production environment ? is it safe ? I don't want to wake up one day with /home
contents is gone :D
public static function delTree($dir)
if(!is_dir($dir))return false;;
$files = scandir($dir);if(!$files)return false;
$files = array_diff($files, array('.','..'));
foreach ($files as $file)
(is_dir("$dir/$file")) ? SELF::delTree("$dir/$file") : unlink("$dir/$file");
return rmdir($dir);
Note: I use this function internally, meaning there are no client parameters like directory names is taken from the client before I call it, so there is no chance for traversal attacks, and I check the base path with another function before I call it, for example to delete a client folder I do something like this
$clientsFolderPath = $_SERVER['DOCUMENT_ROOT'] . "/../clients"
$clientFolderPath = "$clientsFolderPath/$clientId";
$realBase = realpath($clientsFolderPath);
$realClientDir = realpath($clientFolderPath);
if ( $realBase || !$realClientDir || strpos($realClientDir, $realBase) !== 0 )
//error, log , and exit;
else
ExtendedSystemModel::delTree($clientFolderPath);
php recursion security file-system
php recursion security file-system
edited 4 mins ago
mdfst13
17.9k62257
17.9k62257
asked 44 mins ago
Accountant مAccountant م
214111
214111
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "196"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f217863%2fdelete-directory-tree-function%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Code Review Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcodereview.stackexchange.com%2fquestions%2f217863%2fdelete-directory-tree-function%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown