Hi,
I just realised that
Example 34-2. Validating file uploads
Is still showing a bullshit example. It constructs a destination path for move_uploaded_file() that consists of user input. There is no sanity check on it like removing / and .. sequences.
Can one of the DOC guys finally fix this code?
Stefan Esser
-- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
