My method is:
1. check if id starts with /
if(ereg("^\/", $id))
goaway;
2. check if there is .. in it
if(ereg("\.\.", $id))
goaway;
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
- [PHP] /etc/passwd Mantas Kriauciunas
- Re: [PHP] /etc/passwd Marek Kilimajer
- Re[2]: [PHP] /etc/passwd Mantas Kriauciunas
- Re: [PHP] /etc/passwd Marek Kilimajer
- Re: [PHP] /etc/passwd Jason Wong
- Re: [PHP] /etc/passwd Wendell Brown
- Re[2]: [PHP] /etc/passwd Mantas Kriauciunas
- Re: [PHP] /etc/passwd Fejes Jozsef
- Re: [PHP] /etc/passwd Marek Kilimajer
- Re: [PHP] /etc/passwd Chris Hayes
- Re: [PHP] /etc/passwd Andreas Mendyk
- RE: [PHP] /etc/passwd Ford, Mike [LSS]
