crimsontwo Posted November 27, 2007 Share Posted November 27, 2007 Hi, I have the following in php.ini: safe_mode = 1 safe_mode_exec_dir = "D://TEST" This way I can execute files located in TEST. However, running the following code bypasses that directory and runs stuff from other locations: $runCommand = "C:\\WINDOWS\\system32\\shutdown.exe -t:30"; $WshShell = new COM("WScript.Shell"); $output = $WshShell->Exec($runCommand)->StdOut->ReadAll; How do I prevent people from executing ANYTHING unless it is located in safe_mode_exec_dir? Thanks in advance. Link to comment https://forums.phpfreaks.com/topic/79039-safe_mode-and-executing-files-using-php-on-windows/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.