LOL ! I'll try some more stuff later m8
Martin. -----Original Message----- From: Rick Root [mailto:[EMAIL PROTECTED] Sent: 08 December 2004 13:04 To: CF-Talk Subject: Re: CFFM almost finished Martin Parry wrote: > Hey dude - modified the banner page for you.. Heh, thanks Martin! There was a bug in my regular expression code that checked for such a security breach. Here is my new regex... <cfif ReFind("^\.+[\\\/]",checkValue) gt 0 OR ReFind("[\\\/]\.+$",checkValue) gt 0 OR ReFind("[\\\/]\.+[\\\/]",checkValue) gt 0 OR ReFind("\.+",checkValue) gt 0> <cfreturn arguments.defaultValue> <cfelse> <cfreturn arguments.checkValue> </cfif> It's intended to block the following: ../(something) ./(something) (something)/.. (something)/. (something)/../(something) (something)/./(something) . .. - Rick ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Special thanks to the CF Community Suite Silver Sponsor - New Atlanta http://www.newatlanta.com Message: http://www.houseoffusion.com/lists.cfm/link=i:4:186622 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
