Re: [PHP] /etc/passwd

Thu, 10 Jul 2003 04:44:32 -0700

Add a check for php files, or any other files you don't want anybody to include:
if(ereg('php[0-9]$', $id))
goaway;

Fejes Jozsef wrote:

My method is:
1. check if id starts with /
if(ereg("^\/", $id))
  goaway;

2. check if there is .. in it
if(ereg("\.\.", $id))
  goaway;





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to