PHPUnit and namespaces
2011-03-01Just some quick notes about unexpected interactions I found when unit testing namespaced PHP code with PHPUnit.
My Switch To A Standing Desk, or "Sitting considered harmful"
2011-02-27In mid-October I decided to make the switch to a standing desk, after reading several [articles][#sources] on the health benefits of standing and the risks and drawbacks of prolonged periods of sitting.
User-based Directory Validation
2011-01-19Restricting file paths
Disclaimer: This can be worked around, especially if a user has access to your PHP code and can override your validation method (the class this method originated in was being given to users). I mostly wrote it because it was a fun way to use some of the more obscure PHP functions. Moving on.
/**
* This uses some file system trickery to try and ensure that any
* directories the user tries to use are inside their own home directory.
* It's not real security since this method can be changed, but it might
* help stop someone from doing something stupid accidentally.
*
* @param string $dir File path to check
* @return boolean
*/
protected function isValidDir($dir)
{
//get array of info about current file owner
$homeDir = posix_getpwuid(fileowner('.'));
//get their home directory
$homeDir = $homeDir['dir'];
//make sure $dir's absolute path starts in their home dir
if (0 === strpos(realpath($dir), $homeDir['dir'])) {
return true;
} else {
return false;
}
}