PHP:Seguretat
De WikiMar
Avoid injection on file names like / \ $( etc.
//SAFETY CHECK:
$file_name= preg_replace('[^a-zA-Z0-9 .&<>~()_[\]\-]', , $file_name);
O mes estricte:
$file_name = preg_replace('[^a-zA-Z0-9]', , $file_name);
Mes info: http://stackoverflow.com/questions/38875/best-way-to-avoid-code-injection-in-php
