most definitely... I was assuming $id would be a number which would be looked up in a DB somewhere... in any event the realpath() function is your friend here :)
On Thu, 13 Jun 2002, Stuart Dallas wrote: > On Thursday, June 13, 2002 at 10:39:51 PM, you wrote: > > if /path/to/image/cache/$id exists then > > just spit that file back to the browser and exit > > If you're gonna do this, be sure to check that $id doesn't contain something > dangerous such as '../../../../../../../../../../../../../../../etc/passwd'. > > -- > Stuart > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
