Por 9.99€ al mes tendrás acceso completo a todos los cursos. Sin matrícula ni permanencia.
exec
passthru
popen
proc_open
shell_exec
`
system
<?php
$user_input = "echo 'hello'";
procesa_user_input();
$user_input = escapeshellarg($user_input);
procesa_user_input();
$user_input = "echo 'hello'; echo 'bye!'";
procesa_user_input();
$user_input = "echo 'hello'; head -n 2 /etc/passwd;";
procesa_user_input();
$user_input = escapeshellarg($user_input);
procesa_user_input();
function procesa_user_input(){
global $user_input;
echo "Command: ".$user_input."<br/>";
$result = exec($user_input);
echo "Result: ".$result."<br/><br/>";
}
?>
sanitize_file_name
function sanitize_file_name($filename) {
// Remove characters that could alter file path.
// I disallowed spaces because they cause other headaches.
// "." is allowed (e.g. "photo.jpg") but ".." is not.
$filename = preg_replace("/([^A-Za-z0-9_\-\.]|[\.]{2})/", "", $filename);
// basename() ensures a file name and not a path
$filename = basename($filename);
return $filename;
}