Ivo F.A.C. Fokkema wrote:
Ah, thanks. Misunderstood the question, then. Thought just checking if
it's a file in that directory was what's needed.
You were right. :)
I did not plan on looking-in anything other than one or two hard-coded
folder locations. But, it is good to know the details. ;)
On Mon, 28 Aug 2006 19:39:49 -0400, Robert Cummings wrote:
> On Mon, 2006-08-28 at 16:50 +0200, Ivo F.A.C. Fokkema wrote:
>> On Mon, 28 Aug 2006 09:47:02 +0100, Stut wrote:
>> > Micky Hulse wrote:
>> >> I am looking for the most secure/efficient way to compare these two
>> >> strings:
>> >>
>> >>
Robert Cummings wrote:
Readfile works great, it's the same as file_get_contents() and then
Ah, good to hear. :D
issuing an echo. You may want to also stored content generated by web
users outside of the web tree. There may not be any issue with how you
[...]
with PHP tags and accesses it dir
On Mon, 2006-08-28 at 17:07 -0700, Micky Hulse wrote:
> Hi Robert,
>
> Robert Cummings wrote:
> > How are these saved files then imported into the content? Are they
> > included or do you retrieve the contents using something like file(),
> > file_get_contents(), or fread() and then echo it? If yo
Hi Robert,
Robert Cummings wrote:
How are these saved files then imported into the content? Are they
included or do you retrieve the contents using something like file(),
file_get_contents(), or fread() and then echo it? If you are using
Currently I am using readfile() (plus some other securit
On Mon, 2006-08-28 at 16:28 -0700, Micky Hulse wrote:
> Wow, thanks for all the great information folks (Stut, Ivo, Rob, and David.)
>
> I really appreciate all of the top-notch advice and expert information. :D
>
> Looks like I have a lot to think about...
>
> Currently, I hard-code the paths t
On Mon, 2006-08-28 at 16:50 +0200, Ivo F.A.C. Fokkema wrote:
> On Mon, 28 Aug 2006 09:47:02 +0100, Stut wrote:
>
> > Micky Hulse wrote:
> >> I am looking for the most secure/efficient way to compare these two
> >> strings:
> >>
> >> /folder1/folder2/folder3/folder4/
> >> /folder1/folder2/folder3/
Wow, thanks for all the great information folks (Stut, Ivo, Rob, and David.)
I really appreciate all of the top-notch advice and expert information. :D
Looks like I have a lot to think about...
Currently, I hard-code the paths to the folders that house the files I
want my CMS to edit (via a co
On Mon, 2006-08-28 at 09:47 +0100, Stut wrote:
> Micky Hulse wrote:
> > I am looking for the most secure/efficient way to compare these two
> > strings:
> >
> > /folder1/folder2/folder3/folder4/
> > /folder1/folder2/folder3/folder4/file.php
> >
> > Basically I am trying to setup as many security
On Mon, 28 Aug 2006 09:47:02 +0100, Stut wrote:
> Micky Hulse wrote:
>> I am looking for the most secure/efficient way to compare these two
>> strings:
>>
>> /folder1/folder2/folder3/folder4/
>> /folder1/folder2/folder3/folder4/file.php
>>
>> Basically I am trying to setup as many security featu
Micky Hulse wrote:
> Hi,
>
> I am looking for the most secure/efficient way to compare these two
> strings:
>
> /folder1/folder2/folder3/folder4/
> /folder1/folder2/folder3/folder4/file.php
>
> Basically I am trying to setup as many security features as possible for
> a simplistic (home-grown/ha
Stut wrote:
First of all make sure you are sending both strings through realpath
(http://php.net/realpath) to remove any symbolic links and relative
references. Then you can compare the two strings. The way you're doing
it will work but it's probably not very efficient. This is what I use...
$va
Micky Hulse wrote:
> I am looking for the most secure/efficient way to compare these two
> strings:
>
> /folder1/folder2/folder3/folder4/
> /folder1/folder2/folder3/folder4/file.php
>
> Basically I am trying to setup as many security features as possible for
> a simplistic (home-grown/hand-coded)
Hi,
I am looking for the most secure/efficient way to compare these two strings:
/folder1/folder2/folder3/folder4/
/folder1/folder2/folder3/folder4/file.php
Basically I am trying to setup as many security features as possible for
a simplistic (home-grown/hand-coded) CMS...
This appears to wo
14 matches
Mail list logo