[Pmwiki-users] more thoughts on .htaccess
Patrick R. Michaud
pmichaud
Tue Dec 7 14:31:44 CST 2004
On Tue, Dec 07, 2004 at 09:25:20PM +0100, Joachim Durchholz wrote:
>
> This got me thinking - the upload code should make sure that no file
> named .htaccess is ever uploaded. Actually it's probably best to avoid
> filenames that start with a dot in the first place.
It already does this -- the saved filenames are processed to exclude any
characters that aren't alphanumeric, hyphens, spaces, or dots, and
leading/trailing non-alphanumeric characters are stripped. Thus the
resulting filename always begins and ends with an alphanumeric character,
or else is an invalid filename.
Pm
More information about the pmwiki-users
mailing list