Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers Parser with very basic support for if-statements
Parser with very basic support for if-statements
  • El Forum
    Guest
  •  
#5
10-29-2009, 10:00 AM

[eluser]Phil Sturgeon[/eluser]
I was hoping this would be handy for me as I am creating a parser that supports helper function calls. However, this surely would allow template editors to put in ANY PHP they want.

Quote:{if file_put_contents('uploads/evilfile.php', '<?php include('../application/config/database.php'); mysql_connect('etc etc etc') == true}

Not a problem for you guys, but we have client/user generated content running through the parser. :-)


Messages In This Thread
Parser with very basic support for if-statements - by El Forum - 07-31-2009, 07:45 AM
Parser with very basic support for if-statements - by El Forum - 07-31-2009, 07:45 AM
Parser with very basic support for if-statements - by El Forum - 08-21-2009, 05:45 AM
Parser with very basic support for if-statements - by El Forum - 08-21-2009, 06:32 AM
Parser with very basic support for if-statements - by El Forum - 10-29-2009, 10:00 AM
Parser with very basic support for if-statements - by El Forum - 10-29-2009, 11:03 AM
Parser with very basic support for if-statements - by El Forum - 05-08-2012, 05:40 PM



Theme © iAndrew 2016 - Forum software by © MyBB