Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Load view from url, dangerous ?
Load view from url, dangerous ?
  • El Forum
    Unregistered
  •  
#4
12-19-2009, 01:41 PM

[eluser]Craig A Rodway[/eluser]
[quote author="Too Pixel" date="1261268460"]Another possibility I can see here is adding into a config array the list of allowed pages name, then check it with a conditional if in_array(). Any better solution?[/quote]

That's definitely a better solution.

Other options include running a regular expression check over your $page variable to only allow letters and numbers, and to do a is_file() check on the resulting path. If any of these fail, then either show an error or redirect to the home page.


Messages In This Thread
Load view from url, dangerous ? - by El Forum - 12-19-2009, 11:11 AM
Load view from url, dangerous ? - by El Forum - 12-19-2009, 12:13 PM
Load view from url, dangerous ? - by El Forum - 12-19-2009, 12:21 PM
Load view from url, dangerous ? - by El Forum - 12-19-2009, 01:41 PM
Load view from url, dangerous ? - by El Forum - 12-19-2009, 01:57 PM
Load view from url, dangerous ? - by El Forum - 12-20-2009, 10:35 PM
Load view from url, dangerous ? - by El Forum - 12-21-2009, 03:33 AM
Load view from url, dangerous ? - by El Forum - 12-21-2009, 03:40 AM



Theme © iAndrew 2016 - Forum software by © MyBB