patching 3

i know the function to use stl*s and where and i know that im trying to stop some form of directory traversal attack but for the life of me i cant get the exploit type right any help would be greatly appreciated i've been at this challenge for ages

mm, i suppose it is a form of directory transversal. you're going to want to name it right though.

remember, you want to patch it as soon as you can in the code. what's the earliest possible point you can validate the input?

$page = $_GET['page']; - at least thats what i've been working with

Think of that page in browser,how would u use that exploit and there it is. It doesn't have to be only directory transversal.

think about what the exploits does you can include files? help at all…..if thats too much let me know