$allowed_files = array(
$filename = trim($_SERVER['REQUEST_URI'], "/");
$filename .= ".txt";
//Success, so they may view the file
$handle = fopen($filename, "a+");
//Failure, they may not
will be helpful for those in need You make a form on www.example.com/form.php. A year from now, you forget the URL is just grabbing whatever URL the page is loaded on. At some point let's say you've added a 'delete everything' global option in your framework as part of a completely different (slightly odd) request.
What is the difference between $_SERVER['REQUEST_URI'] and "$_SERVER['REQUEST_URI']" (note double quotes)?
I wish this helpful for you The else if tests are only performed if the if test fails. If the user is logged in, the if block will be executed, so it will never perform either of the else if tests. You need to nest the $host tests inside that block.