On Thu, May 23, 2002 at 11:23:42AM -0400, Analysis Solutions wrote:
On Thu, May 23, 2002 at 11:22:28PM +1000, daniel wrote:
dir=../../../../ it will show you the root dir of the server , how can i
Before passing the $Dir variable to the file functions, clean it up...
$Dir =
On Mon, Jun 03, 2002 at 08:41:37PM +0100, Stuart Dallas wrote:
Surely a regular expression is overkill for this? It would be more efficient to
use str_replace()...
$dir = str_replace('..', '', $dir);
Sure. But you'd need to do two replaces. First for '../' then for '..'
Not a big deal.
unfortunatly it still happens
Analysis Solutions [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
On Thu, May 23, 2002 at 11:22:28PM +1000, daniel wrote:
dir=../../../../ it will show you the root dir of the server , how can i
Before passing the $Dir variable
scuse my ignorance i had it after opendir, thanks for that
Daniel [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
unfortunatly it still happens
Analysis Solutions [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
On Thu, May 23,
On Thu, May 23, 2002 at 11:22:28PM +1000, daniel wrote:
dir=../../../../ it will show you the root dir of the server , how can i
Before passing the $Dir variable to the file functions, clean it up...
$Dir = preg_replace('/..\//', '', $Dir);
--Dan
--
PHP classes that make
Use: http://us2.php.net/manual/en/configuration.php#ini.open-basedir
It's also a good idea to always validate the data that comes from the user, especially
when dealing with file related functions.
Randy
-Original Message-
From: daniel [mailto:[EMAIL PROTECTED]]
Sent: Thursday, May
6 matches
Mail list logo
