It would be better if you have the CGI pass valid 'keywords', and use an internal hash that points those keywords to the right directories, such that you aren't passing a tainted variable to opendir.
Dr. Michael K. Neylon - mneylon-pm@masemware.com
||
"You've left the lens cap of your mind on again, Pinky" - The Brain