hi i am creating a webbased filemanager for uploading files to the database,
to determin which dir i upload to i have the directory in the query string
ie ?dir=blah , i have found a security flaw where if you type
dir=../../../../ it will show you the root dir of the server , how can i
lock into a directory when using opendir ? please let me know thanks

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to