On 12/09/12 19:51, Krzysztof wrote:
Hi,
Exists any multiplatform function which check if string contains not
allowed characters (like< > / \ on windows) for filename?
Regards
___
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://lists.f
Like i said earlier, i dont know why he needs to check the filename.
Let me explain :
There are two situations you are describing here :
1 - When the user invokes an application that executes a task on user
behalf, using data suplied by the same user.
This first situation is correctly treated b
Il 15/09/2012 23:48, Jorge Aldo G. de F. Junior ha scritto:
This is a security risk, because, if the function isnt almost perfect,
someone could end up reading the passwords file (security.sam on
windows ? whatever im not a windows programmer) or rewriting criticial
files on a system.
IOW you mea
Am 2012-09-15 23:48, schrieb Jorge Aldo G. de F. Junior:
This is a security risk, because, if the function isnt almost perfect,
someone could end up reading the passwords file (security.sam on
windows ? whatever im not a windows programmer) or rewriting criticial
files on a system.
You mean all
Jorge Aldo G. de F. Junior wrote:
I believe that you already know that, but thats why i asked if others
are considering the security risk involved in filenames.
For evidence sake look at this old IIS bug :
http://www.hackingspirits.com/eth-hac/papers/iis_uni.html
Morale : Filenames can be nas
Vinzent, i dont know why you need to check the filename - would
fileexists() be enough ? - but i suspect that you already know about
that function, so, if you need something more complex, i *feel* that
it is something related to security.
Supose you wrote a webserver (or whatever thing similar for
On 15.09.2012 21:18, Graeme Geldenhuys wrote:
On 15/09/12 10:54, Sven Barth wrote:
Right... but 255 characters for a filename is already rather much as
well when I compare this with the amount of text I can squash into a
SMS ;)
Now I can't remember exactly, is that 255 characters, or 255 byte
In our previous episode, Graeme Geldenhuys said:
> > Right... but 255 characters for a filename is already rather much as
> > well when I compare this with the amount of text I can squash into a SMS ;)
> Now I can't remember exactly, is that 255 characters, or 255 bytes?
> Because if it is the lat
On 15/09/12 10:54, Sven Barth wrote:
Right... but 255 characters for a filename is already rather much as
well when I compare this with the amount of text I can squash into a SMS ;)
Now I can't remember exactly, is that 255 characters, or 255 bytes?
Because if it is the latter, then the Unico
On 15.09.2012 11:34, Vinzent Höfler wrote:
On Sat, 15 Sep 2012 11:20:53 +0200, Sven Barth
wrote:
On 14.09.2012 17:44, Graeme Geldenhuys wrote:
On 14/09/12 13:48, Krzysztof wrote:
I just quicky googled not allowed characters and wrote this simple
function:
Also in Windows (as far as I know)
On Sat, 15 Sep 2012 11:20:53 +0200, Sven Barth
wrote:
On 14.09.2012 17:44, Graeme Geldenhuys wrote:
On 14/09/12 13:48, Krzysztof wrote:
I just quicky googled not allowed characters and wrote this simple
function:
Also in Windows (as far as I know), file names my not be longer than 255
cha
On 14.09.2012 17:44, Graeme Geldenhuys wrote:
On 14/09/12 13:48, Krzysztof wrote:
I just quicky googled not allowed characters and wrote this simple
function:
Also in Windows (as far as I know), file names my not be longer than 255
characters. So you will have to check the length of AFilename
On Fri, 14 Sep 2012 18:53:53 +0200, Krzysztof wrote:
I need only basic checking, it not need to be 100% compability with OS
specification. My program asking user for playlist name and I'm saving
it in local folder with my own extension.
Then for von Neumanns sake simply try to save it where t
On Fri, 14 Sep 2012 18:42:55 +0200, Jorge Aldo G. de F. Junior
wrote:
am i the only one seeing a security risk here ?
Now it dawns. You're thinking environment variables ("%")?
Vinzent.
--
The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where
I need only basic checking, it not need to be 100% compability with OS
specification. My program asking user for playlist name and I'm saving
it in local folder with my own extension.
___
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://list
In our previous episode, Graeme Geldenhuys said:
> > As is so often the case, a truly cross-platform solution requires a good...
>
> Under linux such a check is easy. Everything is accepted, expect for the
> NUL character. :-)
Which paths are you talking about? Paths passed to the shell or to t
On Fri, 14 Sep 2012 18:42:55 +0200, Jorge Aldo G. de F. Junior
wrote:
am i the only one seeing a security risk here ?
*scratching head* Which part? Care to elaborate?
I'd presume, you mean another than that I'm using Windows? ;)
I don't see how manually restricting the character set of an
am i the only one seeing a security risk here ?
2012/9/14 Vinzent Höfler :
> On Fri, 14 Sep 2012 14:48:08 +0200, Krzysztof wrote:
>
>> I just quicky googled not allowed characters and wrote this simple
>> function:
>
>
> Seems, you found one of the many (I'd suspect) wrong search results.
>
>
>>
On Fri, 14 Sep 2012 14:48:08 +0200, Krzysztof wrote:
I just quicky googled not allowed characters and wrote this simple
function:
Seems, you found one of the many (I'd suspect) wrong search results.
function IsValidFilename(const AFilename: String): Boolean;
var
c: set of Char = ['<','>'
So I for sure check if file exists after creating it. Thanks for that tips.
___
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/mailman/listinfo/fpc-pascal
On 14/09/12 16:50, Jonas Maebe wrote:
And the "/".
Ah yes, you are correct.
Regards,
- Graeme -
___
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/mailman/listinfo/fpc-pascal
On 14 Sep 2012, at 17:47, Graeme Geldenhuys wrote:
> On 14/09/12 15:02, Howard Page-Clark wrote:
>>
>> As is so often the case, a truly cross-platform solution requires a good...
>
> Under linux such a check is easy. Everything is accepted, expect for the NUL
> character. :-)
And the "/".
On 14/09/12 15:02, Howard Page-Clark wrote:
As is so often the case, a truly cross-platform solution requires a good...
Under linux such a check is easy. Everything is accepted, expect for the
NUL character. :-)
Regards,
- Graeme -
___
fpc-pa
On 14/09/12 13:48, Krzysztof wrote:
I just quicky googled not allowed characters and wrote this simple function:
Also in Windows (as far as I know), file names my not be longer than 255
characters. So you will have to check the length of AFilename parameter too.
Regards,
- Graeme -
_
Am 2012-09-12 20:51, schrieb Krzysztof:
Exists any multiplatform function which check if string contains not
allowed characters (like < > / \ on windows) for filename?
The question is: Do you realy need it?
I came to the conclusion that it's very hard to determine what exactly is a
valid fil
On 14/9/12 2:43, Mattias Gaertner wrote:
> > c: set of Char = ['<','>',':','"','/','\','|','?','*', '%', '.'];
> But several of those are fine in filenames- just inadvisable since they
> need special quoting/escaping to get past the shell. As does ' ' which
> isn't in your list :-)
And i
Mark Morgan Lloyd hat am 14. September 2012
um 15:18 geschrieben:
> Krzysztof wrote:
> > I just quicky googled not allowed characters and wrote this simple function:
> >
> > function IsValidFilename(const AFilename: String): Boolean;
> > var
> > c: set of Char = ['<','>',':','"','/','\','|','?','
Krzysztof wrote:
I just quicky googled not allowed characters and wrote this simple function:
function IsValidFilename(const AFilename: String): Boolean;
var
c: set of Char = ['<','>',':','"','/','\','|','?','*', '%', '.'];
i: Integer;
begin
Result := True;
for i:=1 to Length(AFilename)
I just quicky googled not allowed characters and wrote this simple function:
function IsValidFilename(const AFilename: String): Boolean;
var
c: set of Char = ['<','>',':','"','/','\','|','?','*', '%', '.'];
i: Integer;
begin
Result := True;
for i:=1 to Length(AFilename) do
if AFilename
On 12/09/12 19:51, Krzysztof wrote:
Hi,
Exists any multiplatform function which check if string contains not
allowed characters (like < > / \ on windows) for filename?
Nothing in FPC as far as I know, but once again tiOPF does provide that.
Have a look at the tiUtils.pas unit in tiOPF v2. ti
Hi,
Exists any multiplatform function which check if string contains not
allowed characters (like < > / \ on windows) for filename?
Regards
___
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/mailman/listinfo/fpc-pasc
31 matches
Mail list logo
