0 
<?php
if (isset($_POST['filename']) && isset($_POST['editorpassword']) && isset($_POST['roomname'])) {
$dir = $_POST['filename']; // This must match the "name" of your input
$path = "evo/" . $dir;
if (!file_exists($path)) {
    mkdir($path, 0755, true);
}
}
?>

I have this script where I'm trying to create a new folder. The script itself is ran inside of a folder called /evo and by using this code, it creates the folder in there. Where it needs to go is ../../creative however even if I try and use 

$path = "./rooms/creative/" . $dir;

or something to that effect it creates it with the base folder as evo so it appears at:

../evo/rooms/creative (creating the folders that don't exist there with it as it should)

I'm just unsure what to write in for the path on where I need it created to find the right location.

Improve this question
4
  • 1
    This is EXTREMELY dangerous! DO NOT TRUST USER INPUT when messing around with your host machine's filesystem! $_POST ["filename"] = "../../../../../../../../../../../../../../../etc/passwd" Commented Dec 17, 2015 at 9:29
  • noted, though its not for users, it will be used by a couple of admins. Commented Dec 17, 2015 at 9:32
  • 1
    Maybe so but a) you shouldn't allow yourself to get into bad habits just because it's "not for public use" and b) you can't assume that anybody who shouldn't have access won't gain access somehow. Also c) there's always the possibility that someone screws something up by mistake rather than by malice. Commented Dec 17, 2015 at 9:34
  • I agree Gordon thank you Commented Dec 17, 2015 at 9:37

1 Answer 1

Reset to default
1

Simplest solution is to remove the "evo" in $path = "evo/" . $dir;

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

which creates it in the current directory, I wanted it done in another directory but I resolved it by moving the php file to the area I want to create the folders to cut down on confusion. Thank you.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.