Hi all,
I have to execute an external command, with an argument (filename or
directory name) given by user input (via a form), ie something like this:
exec('ls $_POST[...]')
what do you think about using escapeshellarg() function in this case ?
can I rely on it to have a secure solution ? or is there a risk ? ...
thank you.
--
---
--Mohamed CHAARI (mailto : [EMAIL PROTECTED])
STMicroelectronics - Tunis - HPC/STS Division
Phone: (+216) 70 10 52 09 - TINA: 157 5209
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
