Safe sample input : use exec to execute the script /tmp/tainted.php and store the output in $tainted SANITIZE : use str_replace to escape special chars - construction : use of sprintf via a %s with simple quote
Have any comments on this test case? Please, send us an email.
