PHP – Injection
PHP – injection is one of the ways to hack the website that runs on PHP by performing of third-party code on the server side. The hazardous functions are:
- eval();
- preg_replace() (with «e» modificator);
- require_once();
- include_once();
- include();
- require();
- create_function().
The PHP-injection is successful when the value parameters adopted and are used without validation.