hi i am creating a webbased filemanager for uploading files to the database, to determin which dir i upload to i have the directory in the query string ie ?dir=blah , i have found a security flaw where if you type dir=../../../../ it will show you the root dir of the server , how can i lock into a directory when using opendir ? please let me know thanks
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
