No matter what I enter, I get:
syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING so I'd say it's secure enough... ;)
You should disable
system() and similar functions. At the moment I can list root of the server. Also consider to run this into a jail root.
Ok, I see now it's fixed, disable also
dir() function: http://www.php.net/manual/en/function.dir.php
Same goes for include, require, error_log (this gives the ability to send emails).
RecursiveDirectoryIterator and include / include_once / require / require_once should be blocked too.
Sorry for the update, but finally I remembered the name of the library, consider to move the app to runkit:
You can create a sandbox and so you can limit most of the problems.
I want to use sandbox for my site's security. below is the link of method which i want to use http://php.net/manual/en/runkit.sandbox.php .
but when i am run the code of that page it says sandbox class not defined. so anyone can guide me through this step by step. Please help me my site has down due to hacking. i want to use for this site http://web.guru99.com/demo-editor-php/