0

Possible Duplicate:
escapeshellarg() has been disabled for security reasons

I've created an image upload system with PHP and it all works but I still get a warning:

A PHP Error was encountered

Severity: Warning

Message: escapeshellarg() has been disabled for security reasons

Filename: libraries/Upload.php

Line Number: 1066

Does anyone know how to get rid of this without contacting Hosting provider?

Community
  • 1
  • 1
Tom
  • 253
  • 1
  • 3
  • 10

2 Answers2

1

You can't. You will have to contact your sys admin to enable that function for you, or use something else (that does not involve executing shell commands) for what you are trying to accomplish.

Jan Hančič
  • 53,269
  • 16
  • 95
  • 99
0

Try replacing escapeshellarg with @escapeshellarg.

Because, then you'd be suppressing any warning that function call gives.

Since

it all works

Doing that shouldn't be a problem to your working code.

Note: using @ to suppress warnings or errors is not recommended.

Prasanth
  • 5,230
  • 2
  • 29
  • 61
  • not quite true - with CodeIgniter's exceptions handling system, this will still generate an error... but as an idea, it's most likely safe to remove the escapeshellarg() function from there completely, since hosting is taking care of shell functions (by disallowing them) – Zathrus Writer Sep 10 '12 at 10:21
  • Using @ is not recommended, simply because it can make debugging a nightmare. – Wayne Whitty Sep 10 '12 at 10:23
  • @ZathrusWriter No, you are wrong. I just tried to call `dummy()` from my view, and like expected it generated fatal error. But when i called `@dummy()` I didn't get any **errors**. And, yes it is a bad practice but the OP specifically asked for it["_get rid_"]. – Prasanth Sep 10 '12 at 10:36
  • @goldenparrot if you disable errors displaying via ini_set('display_errors', false) and set exception to E_ALL, this still shows an error for me - is this different for your tests? what CI version you're using? – Zathrus Writer Sep 10 '12 at 10:44
  • @ZathrusWriter you probably meant that comment @ me. I am using the latest CI version from the site without **any** changes to it. – Prasanth Sep 10 '12 at 10:46
  • 1
    @goldenparrot yes, sorry... I'll double check on this, since this is an active bug report in their issue tracker and since it's not yet closed as invalid, I'd say it is a valid point... – Zathrus Writer Sep 10 '12 at 10:48
  • @goldenparrot ok, this would be my mistake - the bug [I described](http://stackoverflow.com/questions/12349608/php-escapeshellarg-issue-with-codeigniter/12349679#comment16582293_12349679) stands, however when you use @ sign, PHP obviously suppresses error handlers completely and just continues... good to know :) – Zathrus Writer Sep 10 '12 at 10:56
  • Thank you all for the help, it seems the @ works. Thanks! – Tom Sep 10 '12 at 13:47