Re: [PHP] run PHP script in clean memory space
On Tue, Oct 21, 2003 at 02:48:09AM +0200, Honza Malik wrote: : : I want to give administrators of our CMS the possibility to use PHP commands : in HTML templates. Templates are parsed by our PHP script. : : The problem is, that I don't want administrators to be able to list our : $GLOBALS (where is database password) or call our functions. Is there the : possibility to run administrator's PHP code (from our PHP) in clean : environment? Other solution? PHP doesn't really have the concept of a "safe interpreter". The next best thing is to take a look at PHP's safe mode stuff and see what you can tweek: http://www.php.net/manual/en/features.safe-mode.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] run PHP script in clean memory space
The only way I can see is exec('php ...');
Honza Malik wrote:
Hi,
I want to give administrators of our CMS the possibility to use PHP commands
in HTML templates. Templates are parsed by our PHP script.
The problem is, that I don't want administrators to be able to list our
$GLOBALS (where is database password) or call our functions. Is there the
possibility to run administrator's PHP code (from our PHP) in clean
environment? Other solution?
Thanks,
Honza
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] run PHP script in clean memory space
Hi, I want to give administrators of our CMS the possibility to use PHP commands in HTML templates. Templates are parsed by our PHP script. The problem is, that I don't want administrators to be able to list our $GLOBALS (where is database password) or call our functions. Is there the possibility to run administrator's PHP code (from our PHP) in clean environment? Other solution? Thanks, Honza -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
