Geek Answers Handbook

Escapeshellarg () is disabled for security reasons.

When I want to load something in any form, I see a warning message : escapeshellarg () is disabled for security reasons on my site. What can I do to fix this?

My framework is the final version of codeigniter.

Here is the complete warning:

A PHP Error was encountered Severity: Warning Message: escapeshellarg() has been disabled for security reasons Filename: libraries/Upload.php
+7
source share
4 answers

Try

 $cmd = 'file --brief --mime ' . @escapeshellarg($file['tmp_name']) . ' 2>&1';

Open the Upload.php file from the systems / libraries folder and put @ before escapeshellarg($file['tmp_name']) on line 1066 and, secondly, load this file into the application / library folder, which will be better and the other without problems, you can replace the Upload.php system file.

+6
source

"@" will close any php errors that the function may cause. never use it

solutions:

1- Delete the escapeshellarg line from the disable_functions file in the php.ini file

2- Ask your host provider to delete the Delete escapeshellarg line from the disable_functions file in the php.ini file if you do not have access to the php.ini file

3 - make your own escapeshellarg. The function only escapes any single quotes in a given string, and then adds single quotes around it.

 function my_escapeshellarg($input) { $input = str_replace('\'', '\\\'', $input); return '\''.$input.'\''; }

and follow these steps:

 //$cmd = 'file --brief --mime ' . escapeshellarg($file['tmp_name']) . ' 2>&1'; $cmd = 'file --brief --mime ' . $this->my_escapeshellarg($file['tmp_name']) . ' 2>&1';

But it’s best to expand the Upload.php library and redirect the _file_mime_type function instead of changing it in the CodeIgniter core so that you don’t lose it if you want to update CodeIgniter

+6
source

Another easy way to solve this problem is to simply move the application from development to production :

Open index.php in the root of the application and change

 define('ENVIRONMENT', 'development');

to

 define('ENVIRONMENT', 'production');
+2
source

  • Remove the escapeshellarg line from disable_functions file in php.ini *

  • Ask your hosting provider to delete the line above if you do not have access to the php.ini file *

  • Change the hosting provider that allows you to run the escapeshellarg function.

from this site: http://www.2by2host.com/articles/php-errors-faq/disabled_escapeshellarg/

+1
source

More articles:


All Articles