Re: [PHP] is_prefix() - checking wheather $A is prefix for $B

2007. 12. 29, szombat keltezéssel 15.36-kor AmirBehzad Eslami ezt írta:
In case you haven't realized it, I have already written two functions
to check
for a prefix !! The question is: Which function is better?
(is_prefix1() or is_prefix2())

ehh, sorry I did not read your mail carefully before replying... must be
because it's saturday but I have to work ;)

your function is_prefix2() is almost the same as what I've written. I
think that would be better, but that's just personal taste, actually I
don't think there would be significant difference in performance between
the two functions.

greets
Zoltán Németh


On 12/29/07, Zoltán Németh <znemeth@xxxxxxxxxxxxxx> wrote:
2007. 12. 29, szombat keltezéssel 13.39-kor AmirBehzad Eslami
ezt írta:
> I want to write a function to check
> whether string $A is a prefix for string $B or not.

if (strpos($B, $A) === 0) {
echo '$B begins with $A';
} else {
echo '$B does not begin with $A';
}

greets
Zoltán Németh

>
> I writing this function in order to prevent directory
traversal
> during a download request. (e.g.,
download.php?file=..\index.php)
>
> I want to make sure that the realpath() of the requested
file is
> within the realpath() of the download-directory. Trying to
make
> sure that the the $download_dir is a prefix for $filepath.
>
> @see: http://en.wikipedia.org/wiki/Directory_traversal
> **
> *TWO FUNCTIONS:*
>
> function is_prefix1($prefix, $str) {
> return (0 == strncasecmp($prefix, $str,
strlen($prefix)));
> }
>
> function is_prefix2($prefix, $str) {
> return (0 === stripos($str, $prefix));
> }
> *USAGE:*
> if (is_prefix1('a', 'abcdef'))
> echo 'prefix1 returned True!', '<br />';
>
> if (is_prefix2('a', 'abcdef'))
> echo 'prefix2 returned True!', '<br />';
>
> ------------------------
> Do these functions do the same job?
> Which one provides better performance?
>
> -behzad


.

Relevant Pages

  • Re: [PHP] is_prefix() - checking wheather $A is prefix for $B
    ... whether string $A is a prefix for string $B or not. ... during a download request. ... I want to make sure that the realpath() of the requested file is ... function is_prefix1($prefix, $str) { ...
    (php.general)
  • Re: file compare script
    ... with a given prefix "prefix", assuming no newlines in the file names: ... echo "Oh no, it's a disaster..." ... echo "Only found one file to process, skipping" ... lines that only appear in the "$oldest" file, but you'd said you wanted to find those that only appear in "$newest" so I switched them around in the awk script above to match what you said rather than what you coded. ...
    (comp.unix.shell)
  • Re: [PHP] is_prefix() - checking wheather $A is prefix for $B
    ... whether string $A is a prefix for string $B or not. ... echo '$B does not begin with $A'; ... sure that the the $download_dir is a prefix for $filepath. ... function is_prefix1($prefix, $str) { ...
    (php.general)
  • Re: file compare script
    ... with a given prefix "prefix", assuming no newlines in the file names: ... echo "Oh no, it's a disaster..." ... that was the breakthrough I was looking for! ...
    (comp.unix.shell)
  • Re: A (mild-mannered) defense of RosAsm
    ... also shows how obsolete DOS programming is. ... If you prefix it with an org 0x100 and append the external ... ExitProcess: dc.l exit ... echo 0DxFP,0Xx.t0P,=XtGsB4o@$?PIyU WwX0GwUY Wv;ovBX2Gv0ExGIuht6>>_.com ...
    (alt.lang.asm)