Hello everybody ;)
I have written a kind of css (pre)-processor in PHP, and it uses the GET-method to acces to the file:
... <link rel="stylesheet" href="css.php?file=style.css" /> ...
My problem is now, if a user types something like "css.php?file=../index.php", he gets the source codes of every file on my server...
How can I prevent this? Is there a function that checks if a path has directory jumps or have i to use regular expressions?