Longhorn PHP 2019 Schedule


Please answer this simple SPAM challenge: two plus zero?
(Example: nine)

The Note You're Voting On

Latchezar Tzvetkoff
9 years ago
A basic filename/directory/symlink checking may be done (and I personally do) via realpath() ...


if (isset($_GET['file'])) {
$base = '/home/polizei/public_html/'// it seems this one is good to be realpath too.. meaning not a symlinked path..
if (strpos($file = realpath($base.$_GET['file']), $base) === 0 && is_file($file)) {
    } else {

<< Back to user notes page

To Top