> >> No, you've missed the point. $expecteddir is a fixed variable that you, > >> the script author, specify. It does not contain anything coming from > >> external veriables. You then compare the full path you build from the > >> external variables to $expecteddir to verify that the file is in the > >> right directory. > >> > >> I suggest you read the code I posted again. > >> > >> -Stut > > > > I meant if $page evaluates to > > "/home/stut/phpstuff/inc/../../../../../../../../../../../../home/evil-user-home-dir/evil-payload.php" > > which it does not. > > > > However I don't think your if (substr($page, 0, strlen($expecteddir)) != > > $expecteddir) > > ever evaluates to TRUE. So you'll never get Access denied. > > > > So how you set $page saved your ass. Good job. > > You clearly don't know what the realpath function does. Look it up. > > -Stut
No I didn't. And I looked it up for the previous reply. And I said that's the only thing saving your ass. Your IF never evaluates to true. But it works to keep out the hacker. So I said "Good job". _________________________________________________________________ Help yourself to FREE treats served up daily at the Messenger Café. Stop by today. http://www.cafemessenger.com/info/info_sweetstuff2.html?ocid=TXT_TAGLM_OctWLtagline
