[nycphp-talk] Bullet proofing "rmdir" command
Analysis & Solutions
danielc at analysisandsolutions.com
Tue Aug 12 11:39:23 EDT 2003
On Tue, Aug 12, 2003 at 11:30:17AM -0400, Jeff wrote:
> At no time does the user touch the subdir name (that is...it is not
So, when you're allowing users to delete directories, what is the input
they're providing? The name of a subdirectory of under the hash named
dir, which is itself a subdirectory of your graphics directory? If so,
great. Then, as mentioned before, all you need to do is check the user
input contains only letters and numbers.
... snip ...
FREE scripts that make web and database programming easier
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
More information about the talk