Casey wrote: > I think file_exists returns false for remote files ;) Even if it did (it doesn't: http://uk3.php.net/manual/en/wrappers.ftp.php), I'd still rather not let someone steal my /etc/passwd or /etc/shadow etc. files..... As I said before. Some form of regexp or similar restriction is 100% necessary before trusting untrustworthy data. Col -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
