> I just realised that
>
> Example 34-2. Validating file uploads
>
> Is still showing a bullshit example. It constructs a destination path
> for move_uploaded_file() that consists of user input. There is no sanity
> check on it like removing / and .. sequences.
>
> Can one of the DOC guys fina
[EMAIL PROTECTED] is the right list for stuff like this btw ...
--
Hartmut Holzgraefe <[EMAIL PROTECTED]>
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
Stefan Esser wrote:
Example 34-2. Validating file uploads
Is still showing a bullshit example. It constructs a destination path
for move_uploaded_file() that consists of user input. There is no sanity
check on it like removing / and .. sequences.
Would you agree that aplying basename() would be o
