0

Hi,

I am currently creating a CMS which will allow PHP code to be used but I need to make sure that certain functions are not used that can ruin the CMS.

Basically, I need a way to stop certain functions (like fopen) to be executed. The only problem I have with using str_replace to replace the text is that it also replaces any only occurrence which is not a function.

Example (replacing fopen to void):

$file = fopen("/index.php", "w");
echo "I used fopen!";

Output (PHP):

$file = void("/index.php", "w");
echo "I used void!";

Is there any way of solving this problem??

4
Contributors
4
Replies
5
Views
6 Years
Discussion Span
Last Post by Kieran Y5
0

umm... are you using classes? if so, you can always set functions to private or protected. ex

class a(
     public function foo(){
         //this can be used outside this class/object
     }

     private function bar(){
         //this cannot  
     }
)
0

Hi,

I am currently creating a CMS which will allow PHP code to be used but I need to make sure that certain functions are not used that can ruin the CMS.

...
Is there any way of solving this problem??

Are you using the eval() function to execute php code?

0

Are you using the eval() function to execute php code?

Yes, I am using eval() to execute the code.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.