<?php
$userPath = "../../../../";
$storagePath = "/var/www/mysite/uploads";
$path = $storagePath . $userPath;
$path = realpath($path);
if(strpos($path, $storagePath) === 0){
//Path is okay
echo "Okay";
}
else {
//User wants to gain access into a forbidden area.
echo "Danger";
}