I thing that there is an implicit joke in the previous post...
"..././..././..././..././"
how can't you love funsec?
path = str_replace('../', '', path);
Becomes "../../../../" again...
GF
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
