Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Some people disable the http wrapper for the include function. I need to use a query string when including a file, so I can’t include it as a local file. Is it possible for me to override this setting? Can hosting companies make it impossible to override?
As long as I sanitise the input, I should be ok right?
no, you are never OK running the code you’ve got from a remote server. There are way too many ways to trick you into running something you don’t expect. You’d better avoid it. If you are into adventures then you can try it with curl extension which is usually enabled on shared hosting. First get your text via curl
http://php.net/manual/en/function.curl-init.php
then eval it
http://php.net/manual/en/function.eval.php