[TYPO3-core] RFC: allow .. in names -> check for ../ (#3364)

Franz Holzinger franz at fholzinger.com
Fri Apr 28 21:47:31 CEST 2006


Hello Martin,

this would lead to errors where someone has used '..' as a pathname
without a trailing '/' in the call of

t3lib_div::validPathStr().

Is it a must that a pathname has a trailing '/' ?

Greets,

Franz


>Hi!
>
>Branches: HEAD / TYPO3_4-0
>
>Problem:
>It seems that t3lib_div::validPathStr() is to eager in denying paths. While it's possible to add a file with two dots in it, deleting (probably among other things) fails.
>
>Solution:
>Check for ../ instead of ..
>
>Masi 
>  
>




More information about the TYPO3-team-core mailing list