I am making a hosting script where users can upload files to it. It would automatically create a directory when you create an account for the user.

Now my question is, since the directory will be able to upload all kinds of files, is there some way in htaccess to make it so that php cant access outside that directory. (i know readfile() can view files outside their directory).

Is there any way to prevent the users from getting access outside their directories so that they cant mess up other users files.

Thanks for your time.