PHP Injection

PHP-injection is one of the ways of hacking websites, using PHP, which consists in the implementation of foreign code on the server side. Potentially dangerous functions are:

• Eval (),
• preg_replace () (with the modifier “e”),
• require_once (),
• include_once (),
• include (),
• require * (),
• create_function ().

PHP-injection becomes possible if the input parameters are taken and used without verification.