Howdy. glob() is a potentially dangerous function with respects to file enumeration and the like so I suggest that it be replaced with something like the following:
function pseudo_glob($dir,$str='',$only_dir=0)
{
$list=array();
if(strlen($str)>1)
{
// first grab current
if(is_dir($dir))
{
if ($dh = opendir($dir))
{
while (($file = readdir($dh)) !== false)
{
if(fnmatch($str,$file))
{
if($only_dir)
{
if(is_dir($dir.'/'.$file))
{
array_push($list,$dir.'/'.$file);
}
}
else
{
array_push($list,$dir.'/'.$file);
}
}
}
closedir($dh);
}
}
}
return $list;
}
The calls in the code to glob would then be changed to pass the start directory separate from the search string. Some hosts will not allow the use of glob() so the above code lets you work around that.
Cheers
posted by moron on 31 Mar 06 at 5:13 PM