private function Archive_Tar::_maliciousFilename
private Archive_Tar::_maliciousFilename($file)
Detect and report a malicious file name
Parameters
string $file:
Return value
bool
File
- modules/system/system.tar.inc, line 1806
Class
Code
private function _maliciousFilename($file) { if (strpos($file, '/../') !== false) { return true; } if (strpos($file, '../') === 0) { return true; } return false; }
© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/modules!system!system.tar.inc/function/Archive_Tar::_maliciousFilename/7.x