Hai Cerebrus Thank you for your valuable information.
2008/12/21 Cerebrus <[email protected]> > > This very problem is commonly referred to in IT Security parlance as a > "Canonicalization" problem. The problem arises from the fact that the > path to a file or directory can be represented in a large number of > ways and if your validations are limited to string comparison, you are > almost certainly bound to fail when validating malicious input. For > instance, the path to the Program files directory can be expressed > (atleast) as "c:\program files" and "c;\progra~1". > > The best practice to avoid this problem is usually to allow the OS to > canonicalize the absolute path to the file or directory before > applying any validation of your own. In your case, you should use the > System.IO.Path.GetFullPath() method to obtain a path string that will > be the same (except for case) irrespective of the input you receive in > your textbox. For example : > > --- > using System.IO; > .. > .. > > string p1 = Path.GetFullPath(txtPath1.Text); > string p2 = Path.GetFullPath(txtPath2.Text); > > if(string.Equals(p1, p2, StringComparison.OrdinalIgnoreCase)) > MessageBox.Show("Same"); > else > MessageBox.Show("Different"); > --- > > > > On Dec 21, 12:56 pm, Aidan Whitehall <[email protected]> > wrote: > > A C# WinForm application has two text boxes, each of which allows the > > user to specify a directory. Both directories must differ. > > > > How can you detect when user has put in txtA "C:\temp" and "C:\temp\" > > in txtB? > > > > Directory.Exists() on both returns true and comparison of txtA.Text > > and txtB.Text says they differ. > > > > I really don't want to get into string manipulation if at all possible > > (have got in a mess in the past treating date/times as strings) and > > have looked through the Directory, DirectoryInfo and Path classes to > > see if there is any way of doing something along the lines of: > > > > Compare( Directory.GetReference( txtA ), Directory.GetReference > > ( txtB ) ) > > > > Thanks for any pointers. > > > > Aidan > -- Regards ******************* *C.Arun Kumar * *******************
