[fpc-pascal] Function for checking correct file name

Jorge Aldo G. de F. Junior jagfj80 at gmail.com
Fri Sep 14 18:42:55 CEST 2012


am i the only one seeing a security risk here ?

2012/9/14 Vinzent Höfler <JeLlyFish.software at gmx.net>:
> On Fri, 14 Sep 2012 14:48:08 +0200, Krzysztof <dibo20 at wp.pl> wrote:
>
>> I just quicky googled not allowed characters and wrote this simple
>> function:
>
>
> Seems, you found one of the many (I'd suspect) wrong search results.
>
>
>> function IsValidFilename(const AFilename: String): Boolean;
>> var
>>   c: set of Char = ['<','>',':','"','/','\','|','?','*', '%', '.'];
>
>
> Really?
>
> |>copy con "a.b.c.%def"
> |test
> |^Z
> |        1 Datei(en) kopiert.
> |
> |>type "a.b.c.%def"
> |test
> |
> |>dir a.*
> |[...]
> |
> |14.09.2012  18:08                 6 a.b.c.%def
>
> And, actually, disallowing the '.' in a filename is really stup^Wshort-
> sighted. Most files out there in the wild contain at least one.
>
>
> Vinzent.
>
> --
> The most likely way for the world to be destroyed, most experts agree,
> is by accident. That's where we come in; we're computer professionals.
> We cause accidents.
>     -- Nathaniel Borenstein
>
> _______________________________________________
> fpc-pascal maillist  -  fpc-pascal at lists.freepascal.org
> http://lists.freepascal.org/mailman/listinfo/fpc-pascal



More information about the fpc-pascal mailing list