On Mon, 28 Aug 2006 19:39:49 -0400, Robert Cummings wrote:
On Mon, 2006-08-28 at 16:50 +0200, Ivo F.A.C. Fokkema wrote:
On Mon, 28 Aug 2006 09:47:02 +0100, Stut wrote:
Micky Hulse wrote:
I am looking for the most secure/efficient way to compare these two
strings:
Ivo F.A.C. Fokkema wrote:
Ah, thanks. Misunderstood the question, then. Thought just checking if
it's a file in that directory was what's needed.
You were right. :)
I did not plan on looking-in anything other than one or two hard-coded
folder locations. But, it is good to know the details.
Micky Hulse wrote:
I am looking for the most secure/efficient way to compare these two
strings:
/folder1/folder2/folder3/folder4/
/folder1/folder2/folder3/folder4/file.php
Basically I am trying to setup as many security features as possible for
a simplistic (home-grown/hand-coded) CMS...
Stut wrote:
First of all make sure you are sending both strings through realpath
(http://php.net/realpath) to remove any symbolic links and relative
references. Then you can compare the two strings. The way you're doing
it will work but it's probably not very efficient. This is what I use...
Micky Hulse wrote:
Hi,
I am looking for the most secure/efficient way to compare these two
strings:
/folder1/folder2/folder3/folder4/
/folder1/folder2/folder3/folder4/file.php
Basically I am trying to setup as many security features as possible for
a simplistic (home-grown/hand-coded)
On Mon, 28 Aug 2006 09:47:02 +0100, Stut wrote:
Micky Hulse wrote:
I am looking for the most secure/efficient way to compare these two
strings:
/folder1/folder2/folder3/folder4/
/folder1/folder2/folder3/folder4/file.php
Basically I am trying to setup as many security features as
On Mon, 2006-08-28 at 09:47 +0100, Stut wrote:
Micky Hulse wrote:
I am looking for the most secure/efficient way to compare these two
strings:
/folder1/folder2/folder3/folder4/
/folder1/folder2/folder3/folder4/file.php
Basically I am trying to setup as many security features as
Wow, thanks for all the great information folks (Stut, Ivo, Rob, and David.)
I really appreciate all of the top-notch advice and expert information. :D
Looks like I have a lot to think about...
Currently, I hard-code the paths to the folders that house the files I
want my CMS to edit (via a
On Mon, 2006-08-28 at 16:50 +0200, Ivo F.A.C. Fokkema wrote:
On Mon, 28 Aug 2006 09:47:02 +0100, Stut wrote:
Micky Hulse wrote:
I am looking for the most secure/efficient way to compare these two
strings:
/folder1/folder2/folder3/folder4/
/folder1/folder2/folder3/folder4/file.php
On Mon, 2006-08-28 at 16:28 -0700, Micky Hulse wrote:
Wow, thanks for all the great information folks (Stut, Ivo, Rob, and David.)
I really appreciate all of the top-notch advice and expert information. :D
Looks like I have a lot to think about...
Currently, I hard-code the paths to the
Hi Robert,
Robert Cummings wrote:
How are these saved files then imported into the content? Are they
included or do you retrieve the contents using something like file(),
file_get_contents(), or fread() and then echo it? If you are using
Currently I am using readfile() (plus some other
On Mon, 2006-08-28 at 17:07 -0700, Micky Hulse wrote:
Hi Robert,
Robert Cummings wrote:
How are these saved files then imported into the content? Are they
included or do you retrieve the contents using something like file(),
file_get_contents(), or fread() and then echo it? If you are
Robert Cummings wrote:
Readfile works great, it's the same as file_get_contents() and then
Ah, good to hear. :D
issuing an echo. You may want to also stored content generated by web
users outside of the web tree. There may not be any issue with how you
[...]
with PHP tags and accesses it
Hi,
I am looking for the most secure/efficient way to compare these two strings:
/folder1/folder2/folder3/folder4/
/folder1/folder2/folder3/folder4/file.php
Basically I am trying to setup as many security features as possible for
a simplistic (home-grown/hand-coded) CMS...
This appears to
14 matches
Mail list logo
