After having read this and this (and a million others) I am confused!
I wonder if its possible to make a php script (or javascript) that will run once a user loads a page (on chrome or firefox) and that will create/write a file and send it in the users machine (i.e. client) but without requiring any user input and without the user noticing it!
Note: Im not doing anything illegal here I just need to do a security assessment of the sandboxing and whether it allows such a thing or not!
Thanks -- Michael
This is not possible
Edit for some more background:
If you think PHP has access to the browser, or can do stuff there, it means you have a fundamental lack of understanding how PHP/HTML/JS and browsers & servers interact.
So first try to understand why a browser does not understand PHP, and doesn't even know PHP runs on a server. This is very important if you want to understand anything of web development.
Javascript is simpler to explain.. Javascript works with various functions, objects and API's that allow you to do 'stuff' in the browser. There is simply no API in javascript to access the filesystem (and for good reason).
Now go and buy a PHP book!