[TYPO3-core] RFC: allow .. in names -> check for ../ (#3364)
Franz Holzinger
franz at fholzinger.com
Fri Apr 28 21:47:31 CEST 2006
Hello Martin,
this would lead to errors where someone has used '..' as a pathname
without a trailing '/' in the call of
t3lib_div::validPathStr().
Is it a must that a pathname has a trailing '/' ?
Greets,
Franz
>Hi!
>
>Branches: HEAD / TYPO3_4-0
>
>Problem:
>It seems that t3lib_div::validPathStr() is to eager in denying paths. While it's possible to add a file with two dots in it, deleting (probably among other things) fails.
>
>Solution:
>Check for ../ instead of ..
>
>Masi
>
>
More information about the TYPO3-team-core
mailing list