Regulary Expression for filtering redundant directory notations
Posted on 2003-11-24
i am coding a little script that navigates through a standard file system. As I submit the path of the new directory I need a security mechanism to make sure that nobody can fake the url indexing a directory that is higher than the directory set as base directory for the script.
I need a regulary expression that filters any ../ - style notation from directory path. so that redundant directory notations are impossible!
I tried the following Perl Regulary Expression: (it's php code but should be no problem to understand for Perl coders ;-)
preg_replace( "|/(.*)/../|U", "/", $cur_dir );
The problem is that the expression fails notations that have more than one /.. e.g: testbasedir/../../..