Home/ Questions/Q 7709983
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-01T00:59:55+00:00

For example I have in a conf.php file: $GLOBALS[no_access] = ‘^forbidden|restricted|xampp|apache\_pb’; blocking these files/folders

  • 0

For example I have in a conf.php file:

$GLOBALS["no_access"] = '^forbidden|restricted|xampp|apache\_pb';

blocking these files/folders from view and would like to restrict these strings (folders/files) a limited number of times. This is because this is an intranet project and there might be a folder I don’t want accessed with the same name of a file or folder I do want available. Also, is it possible to select first instance, but not later?

This is for altering a component of Joomla, called eXtplorer, a file manager.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It will work either way but a whitelist would be safes instead of a blacklist (so you can only access directories starting with x).

    What you want is a regex you can use to check if the start of a string starts with a particular pattern that can match a folder.

    $regex = '/^(?:forbidden|restricted|xampp|apache_pb)/i';

    In php that could look like this:

    function startIsRestricted($string) {
    return preg_match('/^(?:forbidden|restricted|xampp|apache_pb)/i', $string);
}

    Edit

    Reading that discussion it sounds more like you want to restrict access to folders. In that case you may want to look into protecting directories with htaccess and htpasswd documentation on this you can find on the apache website or this website, going in to the whole of it a bit more

    Doing the restriction in PHP would be unsafe…

    Edit 2

    Code is sorta tested; at least I do an implode now arround the array map (duh) and fixed obvious misspellings.

    But it should at least give a good idea of how you can do this check recursively for each directory in a string…

    /**
 * Function to check an entire string recursively to see if dissalowed directories are present
 * Assuming the string seperator will be a forwardslash
 *
 * @param string $string String to be evaluated against the dissalowed directory list given or else default
 * @param array $dissallow array of strings which are forbidden to be at the start of any of the directories
 * @param string $sep The seperator for the directory levels
 * 
 * @return string
 */
function test_directory ($string, array $dissallow = array('forbidden', 'restricted', 'xampp', 'apache_pb'), $sep = '/') {
    $regex  = '/^(?:' . implode('|', array_map ('preg_quote', $dissallow)) . ')/i';
    $dirs   = explode($sep, $string);

    foreach($dirs as $dir) {
        // true will mean a match is found and thus present in the beginning of a directory in $string
        if(preg_match($regex, $dir))
            return true;
    }
    return false;
}

    Now I should note that regexes in these kind of cases can slow things down and it should be used too much, if a direct match with any string in the dissalow array is fine to you should do it checking each $dir in $dirs against each entry of $dissallow.

    • 0