PHP – Injection

php injection

PHP – Injection

PHP – injection is one of the ways to hack the website that runs on PHP by performing of third-party code on the server side. The hazardous functions are:

  • eval();
  • preg_replace() (with «e» modificator);
  • require_once();
  • include_once();
  • include();
  • require();
  • create_function().

The PHP-injection is successful when the value parameters adopted and are used without validation.