go ahead... be a heretic | |
PerlMonks |
Re: Controlling Inputted Paths in a CGI Scriptby monkfish (Pilgrim) |
on Oct 31, 2001 at 18:50 UTC ( [id://122348]=note: print w/replies, xml ) | Need Help?? |
If you want to accept all valid paths and file names and avoid anything unsafe you'd need to do something more complicated like split on the / and check each element individually.
However if you are willing to say, "I don't care about all legal file names", my files will be limited to alphanumeric, underscore, space, dash, slash and dot. (Which seems reasonable). Then remove everything else and eliminate multiple dots.
-monkfish (The Fishy Monk)
In Section
Seekers of Perl Wisdom
|
|