All geek questions in one place

How to safely execute custom PHP code

Possible duplicate:
PHP sandbox / sanitize code passed to create_function

I apologize for a very generalized question, but I need to be guided. What is the most ideal way to execute user submitted PHP code? Think about JSFiddle for PHP. I know that there are sites that do this, for example http://writecodeonline.com/php/ , but I think that PHP4 does not work with half the code that I try to run on it. I also know that I can just turn off all the "risky" functions, but thatโ€™s not fun :)

I know that it would be very convenient to have PHPFiddle.com, which we could refer to StackOverflow in the same way we used to rely on JSfiddle or JSbin.

I think itโ€™s something like creating a virtual host on my mailbox, so any file system features that the user is trying to use will be limited to this sandbox. I am not sure how to do this, or if this leads to the fact that my server will work with several of them.

Ideas?

+4
source share
2 answers

I always wondered how good it would be to have a cloud-based IDE, where I could host all my PHP files, test them, share them, etc., basically, he should be able to do everything that I do on my Computer. and until recently, I came across a very nice Cloud IDE called Kodingen . itโ€™s such a useful cloud application and itโ€™s so convenient from time to time. however, below is a list of some services that offer you to run PHP code.

+1
source

Take a look at Runkit_Sandbox: http://php.net/manual/en/runkit.sandbox.php

Creating an instance of the Runkit_Sandbox class creates a new thread with its own scope and program stack. Using a set of parameters passed to the constructor, this environment can be limited to a subset of what the primary interpreter can do, and provide a more secure environment for executing user-provided code.

+1
source

Source: https://habr.com/ru/post/1369537/

More articles:


All Articles