Error exporting PHP string into a file [closed]

Question

Closed. This question needs to be more focused. It is not currently accepting answers.

---

Want to improve this question? Update the question so it focuses on one problem only by editing this post.

Closed 8 years ago.

Improve this question

I have a website, where the user can write PHP/HTML code and save it to his computer. Everything is fine until the user types a slash (/).

The file saves into the client computer, but instead of saving the client code, it exports an PHP error (the file in the computer has a PHP code of an error). The file-saving code is the following:

$content = $_REQUEST['code'];   //Get the code

$file = "file.php";
file_put_contents($file, $content); //Writes the content into a file

header('Content-type: text/plain');
header('Content-Disposition: attachment; filename=$file');
readfile(dirname(dirname($con)) . '/'.$file);

The error only happens when the client uses slashes. Any idea on why is this happening? )-:

EDIT:

This is one of those errors:

The code that i tried to export was the following:

/:

The thing that worries me, is that if I type exactly the same characters in different order (:/) then they export to my computer with no errors.

Answer 1

I see only one error - problem with readfile(\/105.2.php) in line 24 - so I tested it.

$file = 'file.php';
$con = '/:';
readfile(dirname(dirname($con)) . '/'.$file);

It gives me incorrect path \/file.php as in error message.

If I use $con=':/' it gives me correct path ./file.php

I only don't know what $con is. Maybe you have dirname(dirname($content)) in your oryginal code and $content = $_REQUEST['code']; => dirname(dirname($_REQUEST['code'])) => dirname(dirname("/:")) => "\"