[nycphp-talk] Bullet proofing "rmdir" command
Analysis & Solutions
danielc at analysisandsolutions.com
Tue Aug 12 11:39:23 EDT 2003
Hey Jeff:
On Tue, Aug 12, 2003 at 11:30:17AM -0400, Jeff wrote:
> At no time does the user touch the subdir name (that is...it is not
> editable).
Good.
So, when you're allowing users to delete directories, what is the input
they're providing? The name of a subdirectory of under the hash named
dir, which is itself a subdirectory of your graphics directory? If so,
great. Then, as mentioned before, all you need to do is check the user
input contains only letters and numbers.
Enjoy,
--Dan
... snip ...
--
FREE scripts that make web and database programming easier
http://www.analysisandsolutions.com/software/
T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
4015 7th Ave #4AJ, Brooklyn NY v: 718-854-0335 f: 718-854-0409
More information about the talk
mailing list