Escaping User Input with the escapeshellcmd() Function
<html>
<head>
<title>Escaping user input with the escapeshellcmd() function</title>
</head>
<body>
<div>
<form action="<?php print $PHP_SELF ?>" method="post">
<p>
<input type="text" value="<?php print $_REQUEST['manpage'] ?>" name="manpage" />
</p>
</form>
<pre>
<?php
if ( isset( $_REQUEST['manpage'] ) ) {
$manpage = escapeshellcmd( $_REQUEST['manpage'] );
system( "man $manpage | col -b" );
}
?>
</pre>
</div>
</body>
</html>
Related examples in the same category