troubleshooting Question

Create PDF from JSON File - Security Issue

Avatar of F Grace
F Grace asked on
PDFJSONSecurityPHP
3 Comments2 Solutions182 ViewsLast Modified:
Hi

I have completed a php form when once submitted it writes a json file to the "files/" folder, and the user can create a PDF file by clicking on the link (see code below)
I am concerned about security as the JSON files saved in the "files/" folder will contain sensitive information on the server.

Can anyone advise the best practice to manage/improve this situation?
Hope this makes sense :)

 <!-- Print Receipt to PDF, Write Form Values to JSON file and Create PDf on the Fly when link is clicked -->
<?php
$arr = ['pfn' => $pfirstname, 'pln' => $plastname, 'pa1' => $paddress1, 'pa2' => $paddress2, 'ptv' => $ptownvillage, 'pec' => $postcode, 'amo' => $amount];
$temp_name = uniqid(rand(), true) . '.json';
file_put_contents('/var/www/MyWebsite/files/' . $temp_name, json_encode($arr));        
?>        
<?php echo '<a href="https://mywebsite/pdf.php?q=files/' . $temp_name . '" target="_blank">Download PDF</a>'; ?>
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 3 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros