laziness, impatience, and hubris | |
PerlMonks |
Re: Controlling Inputted Paths in a CGI Scriptby dmmiller2k (Chaplain) |
on Oct 31, 2001 at 21:00 UTC ( [id://122372]=note: print w/replies, xml ) | Need Help?? |
I've done the obvious of obliterating any "..", but I know that there are many more ways to bypass this. You could:
From that point, you may have to brute-force search the resulting pathname (e.g., split() on '/', examine each component, etc.) Perhaps not that helpful ... sorry. dmm You can give a man a fish and feed him for a day ... Or, you can teach him to fish and feed him for a lifetime
In Section
Seekers of Perl Wisdom
|
|