[TYPO3-core] RFC: allow .. in names -> check for ../ (#3364)

Martin Kutschker Martin.Kutschker at blackbox.net
Wed May 3 16:13:28 CEST 2006


Karsten Dambekalns <karsten at typo3.org> writes on 
Wed, 03 May 2006 16:07:03 +0200 (METDST):

> Hi.
> 
> On Saturday 29 April 2006 20:22, Martin Kutschker wrote:
> 
> > I mean the check currently denies any .. within the path.
> >
> > So "foo..bar" is invalid without any real reason. What should be
> > forbidden is "../foo/bar" or "fo/../bar":
> >
> > preg_match('|(?:^\.\.|/\.\./|',$path)
> 
> Fine with me if that check is used. But just to educate me: what is
> the ?: needed for?


If you use a bracket you capture a reference (for $1 etc). If you don't need or want it you can disable this with the option "?". Perl docs said it's faster to capture only when needed.

Masi 



More information about the TYPO3-team-core mailing list