Reputation: 4942
Filter malicious PHP code function
I've created a CMS system that grabs website source code from FTP addresses and uploads it to the current server. The issue with this is I don't want to be uploading dangerous code that can control my server.
Is there any tried and tested functions that already exist to filter PHP code for malicious code?
Thanks in advance.
Upvotes: 1
Views: 431
Answers (1)
Reputation: 449425
The issue with this is I don't want to be uploading dangerous code that can control my server.
Then don't do this. There is no 100% reliable way to exclude the possibility that code is malicious in some way.
That said, there is a list of exploitable PHP functions here on SO. But in your case, I'd still say - if you can't trust the code you are uploading, don't upload it. Find another way to do what you need to do.
Upvotes: 2
Related Questions
- XSS filtering function in PHP
- PHP: How To Disable Dangerous Functions
- creating a sanitizing function
- Malicious code and PHP
- PHP filter and security risks
- PHP security function
- php security function to filter our malicious code is stripping out legit characters
- Exploitable PHP functions
- Dangerous php functions
- people are hacking my filter