[nycphp-talk] Bullet proofing "rmdir" command

Analysis & Solutions danielc at
Tue Aug 12 11:39:23 EDT 2003

Hey Jeff:

On Tue, Aug 12, 2003 at 11:30:17AM -0400, Jeff wrote:

> At no time does the user touch the subdir name (that is not
> editable).


So, when you're allowing users to delete directories, what is the input
they're providing?  The name of a subdirectory of under the hash named
dir, which is itself a subdirectory of your graphics directory?  If so, 
great.  Then, as mentioned before, all you need to do is check the user 
input contains only letters and numbers.



... snip ...

     FREE scripts that make web and database programming easier
 T H E   A N A L Y S I S   A N D   S O L U T I O N S   C O M P A N Y
 4015 7th Ave #4AJ, Brooklyn NY    v: 718-854-0335   f: 718-854-0409

More information about the talk mailing list