# kandyor (20.02.2014 / 20:06)$bads = array('closed', 'files', $home, 'public_html', 'etc', 'bin', $str.'../', '../', '../../', '../../../', '../files');
сделал так пока : [php]$bads = array('closed', 'files', $home, 'public_html', 'etc', 'bin', $str.'../', '../', '../../', '../../../', '../files');
if (!empty($_GET['dir'])){
$dir = $_GET['dir'];
f
if (!empty($_GET['dir'])){
$dir = $_GET['dir'];
if (in_array($dir, $bads)) {
header('Location: index.php?act=manager&dir=../files/closed');
}
}else{
$dir = '../files/closed';
}