Categories

See More
Popular Forum

MBA (4887) B.Tech (1769) Engineering (1486) Class 12 (1030) Study Abroad (1004) Computer Science and Engineering (988) Business Management Studies (865) BBA (846) Diploma (746) CAT (651) B.Com (648) B.Sc (643) JEE Mains (618) Mechanical Engineering (574) Exam (525) India (462) Career (452) All Time Q&A (439) Mass Communication (427) BCA (417) Science (384) Computers & IT (Non-Engg) (383) Medicine & Health Sciences (381) Hotel Management (373) Civil Engineering (353) MCA (349) Tuteehub Top Questions (348) Distance (340) Colleges in India (334)
See More

calling latex from php: security issues

General Tech Bugs & Fixes
Max. 2000 characters
Replies

usr_profile.png
Karlie Kloss

User

( 7 months ago )

I am trying to program a web interface for automated generation of calculus tests. The idea is to take some input from user, say number of problems and name of instructor, and then by means of php generate the latex file, process it with pdflatex and let user download it.

The procedure seems to be quite straightforward. But what if somebody enters for instructor name something like "Mr. Mackey \input{/etc/hosts}" ?

looks like one can retrieve any file accessible to web server.

How to prevent this? May be there are natural php ways? I am very new to php, and would appreciate any advice.

what's your interest


forum_ban8_5d8c5fd7cf6f7.gif