Safe sample input : execute a ls command using the function system, and put the last result in $tainted SANITIZE : use str_replace to escape special chars - construction : use of sprintf via a %s with simple quote
Have any comments on this test case? Please, send us an email.
