English
English
In daily PHP development, parsing file paths is one of the common requirements. The realpath() function is a powerful tool for getting normalized absolute paths to files, but its behavior can be confusing when dealing with symlinks. This article will systematically explain the working principle of realpath() and share practical tips on how to use it correctly in actual projects to handle symbolic links.
realpath() returns a normalized absolute path of a path. This means it will parse elements such as . , .. and symbolic links.
Sample code:
$path = realpath('./myfolder/../link-to-file.txt');
echo $path;
In this example, the... in the path will be parsed, and if the symbolic link exists, it will be parsed into the real path.
When you use realpath() for a symbolic link, it returns the real path the link points to, not the location of the link itself. This may not be what you want in some cases.
For example:
// Assumptions link.txt is a symbolic link,Orientation /data/files/realfile.txt
$resolvedPath = realpath('/var/www/html/link.txt');
echo $resolvedPath;
If /var/www/html/link.txt is a symlink, realpath() outputs /data/files/realfile.txt instead of /var/www/html/link.txt .
realpath() depends on the existence of the target path. If any level in the path does not exist, it will return false . This means it cannot be used for file paths that have not been created yet .
Example:
$nonExistent = realpath('/path/to/nonexistent/file.txt');
var_dump($nonExistent); // Output bool(false)
Before calling realpath() , make sure the path exists:
$path = '/var/www/html/link.txt';
if (file_exists($path)) {
echo realpath($path);
} else {
echo "The path does not exist";
}
If you want to get the path to the symbolic link itself instead of the target it points to, you can use readlink() :
$link = '/var/www/html/link.txt';
if (is_link($link)) {
echo readlink($link); // Return to the link target
}
To get the absolute path to the symbolic link itself , you can combine dirname() and readlink() :
$link = '/var/www/html/link.txt';
if (is_link($link)) {
$target = readlink($link);
$realTarget = realpath(dirname($link) . '/' . $target);
echo $realTarget;
}
If you want to "parse" the path that symbolic links when the path does not exist, you can customize the resolution:
function custom_realpath($path) {
$parts = explode('/', $path);
$absolutes = [];
foreach ($parts as $part) {
if ($part === '' || $part === '.') continue;
if ($part === '..') {
array_pop($absolutes);
} else {
$absolutes[] = $part;
}
}
return '/' . implode('/', $absolutes);
}
$resolved = custom_realpath('/var/www/html/../html/link.txt');
echo $resolved;
Note that this method will not parse symbolic links, but will only normalize the . and . in the path.
Suppose you are developing a web file browser and want the path uploaded by the user to be limited to the /var/www/data directory. You need to make sure that the parsed path is still in that directory:
$base = realpath('/var/www/data');
$userPath = $_GET['path']; // for example:link/to/file.txt
$fullPath = realpath($base . '/' . $userPath);
if ($fullPath && strpos($fullPath, $base) === 0) {
echo "Allow access:$fullPath";
} else {
echo "Illegal path";
}
If link/to/file.txt is a symlink, realpath resolves its target location. You need to confirm that the parsed target is still within $base to prevent directory traversal attacks.
| function | Function description |
|---|---|
| realpath() | Returns the absolute path, parsing symlink and path components |
| __DIR__ | The directory where the current file is located, the compile time decision |
| getcwd() | Current working directory, runtime decision |
When using paths, selecting the right function helps avoid path confusion, especially when a CLI and web environment is mixed.
realpath() is an indispensable tool in PHP file path management, but you need to be careful when handling symbolic links. It can be used safer by combining is_link() , readlink() and path verification techniques. Only by understanding its limitations can we write robust code under complex file system structures.
For more examples of using PHP file paths and symbolic links, please refer to: https://gitbox.net/articles/php-symlink-realpath
