Create PDF from JSON File - Security Issue

F Grace
F Grace used Ask the Experts™
on
Hi

I have completed a php form when once submitted it writes a json file to the "files/" folder, and the user can create a PDF file by clicking on the link (see code below)
I am concerned about security as the JSON files saved in the "files/" folder will contain sensitive information on the server.

Can anyone advise the best practice to manage/improve this situation?
Hope this makes sense :)

 <!-- Print Receipt to PDF, Write Form Values to JSON file and Create PDf on the Fly when link is clicked -->
<?php
$arr = ['pfn' => $pfirstname, 'pln' => $plastname, 'pa1' => $paddress1, 'pa2' => $paddress2, 'ptv' => $ptownvillage, 'pec' => $postcode, 'amo' => $amount];
$temp_name = uniqid(rand(), true) . '.json';
file_put_contents('/var/www/MyWebsite/files/' . $temp_name, json_encode($arr));        
?>        
<?php echo '<a href="https://mywebsite/pdf.php?q=files/' . $temp_name . '" target="_blank">Download PDF</a>'; ?>

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
You can protect your "files" folder using .htaccess

http://www.htaccess-guide.com/password-protection/
Most Valuable Expert 2011
Top Expert 2016
Commented:
Just a thought for going forward... You can add multiple topic areas to your questions.  Since this is at least partially a PHP question, you can add the PHP topic area.  You will get more eyes on the question if you have more topic areas (assuming they are relevant topic areas).  There is also a "related question" feature hidden somewhere in this site -- you might ask E-E customer support how to find that.  As I understand it, the related questions will be somehow linked so that askers and answerers can follow a chain of ideas from question to question.

In the instant case (sensitive information) there are a couple of common design patterns.  First, there is client authentication and authorization. This article teaches the basics.  If you're handling sensitive information your clients will usually accept the modest inconvenience of being asked to register and log in.  The article shows how to "remember" their login with HTTP cookies, so the inconvenience is minimized.
https://www.experts-exchange.com/articles/2391/PHP-Client-Registration-Login-Logout-and-Easy-Access-Control.html

If you want an extra layer of security, you can put the files with sensitive data into a directory that is outside of the WWW root directory tree.  The strategy here is to make the files unavailable to a browser that visits the site.  In order to read the files, your client must go through a PHP script that is password protected.

You can add other layers of security (it's an endless subject) but these two steps will probably suffice.
Most Valuable Expert 2011
Top Expert 2016

Commented:
stale question

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial