i want to make users to be able to upload PHP files and download

Question

0

Asked: June 12, 20262026-06-12T18:18:22+00:00 2026-06-12T18:18:22+00:00

i want to make users to be able to upload PHP files and download

0

i want to make users to be able to upload PHP files and download them without executing them,
i need to turn off PHP for a specific directory so it behaves as plain text.

i tried this but is it a proper solution ?

RemoveHandler .php .phtml .php3
RemoveType .php .phtml .php3
php_flag engine off

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-12T18:18:23+00:00

You can use a Proxy Script to handle this.

In your .htaccess file, you can redirect all the requests in the folder to change to this way:

http://example.com/uploads/myfilewithadminaccess.php

To

http://example.com/uploads/index.php?file=myfilewithadminaccess.php

Source of `.htaccess`

RewriteEngine On
RewriteRule ^([^/]*)$ ./index.php?file=$1 [L]

And in the index.php just parse the file and give the output.

Source of `index.php`:

<?php
    header("Content-type: text/html");
    $filename = (file_exists("uploads/" . $_GET["file"])) ? "uploads/" . $_GET["file"] : "error.txt";
    $filecont = file_get_contents($filename);
    echo htmlspecialchars($filecont);
?>

Fiddle: http://codepad.viper-7.com/68FSIU

Note: You need to sanitize the inputs before you allow URLs to pass. So, people might inject ../, etc. those should be taken care.

Hope this helps and it is perfectly fine.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

i want to make users to be able to upload PHP files and download

Leave an answerCancel reply

1 Answer

You can use a Proxy Script to handle this.

Source of .htaccess

Source of index.php:

Fiddle: http://codepad.viper-7.com/68FSIU

Leave an answer
Cancel reply

Source of `.htaccess`

Source of `index.php`: