PHP – Injection

PHP - Injection

PHP – Injection

PHP – injection is one of the ways to hack the website that runs on PHP by performing of third-party code on the server side. The hazardous functions are:

    • eval();

 

    • preg_replace() (with «e» modificator);

 

    • require_once();

 

    • include_once();

 

    • include();

 

    • require();

 

    • create_function().

 

The PHP-injection is successful when the value parameters adopted and are used without validation.