Change Details

I noticed that there is no validation for a Domain name created by an administrator. I think this is not an actual problem because I see that the path name is validated before every usage but... anyway It should be better to apply some validations even if the operator is the sysadmin. Isn't it? I think about PHP's `FILTER_VALIDATE_DOMAIN` and/or your function `require_safe_dirname` that I see defined in `include/functions.php`

I noticed that there is no validation for a Domain name created by an administrator. I think this is not an actual problem because the system administrator is trusted and I see that the path name is validated before every usage but... anyway It should be better to apply some validations. Isn't it? I think about PHP's `FILTER_VALIDATE_DOMAIN` and/or your function `require_safe_dirname` that I see defined in `include/functions.php`

I noticed that there is no validation for a Domain name created by an administrator. I think this is not an actual problem because the system administrator is trusted and I see that the path name is validated before every usage but... anyway It should be better to apply some validations even if the operator is the sysadmin. Isn't it? I think about PHP's `FILTER_VALIDATE_DOMAIN` and/or your function `require_safe_dirname` that I see defined in `include/functions.php`