Is there any way to rewrite codeigniter's Upload.php library because I keep facing
escapeshellarg() has been disabled for security reasons
I've tried solution in this thread with putting @ in front of escapeshellarg but still cannont upload my images, thats just ignore the warning.
I've tried to contact the administrator of my hosting provide but for security reason they cannot enable it.
Is there I can do to trick this so i can upload images?
You can make your own escapeshellarg, it is a very simple function that only escapes any single quotes in the given string and then adds single quotes around it.
function my_escapeshellarg($input)
{
$input = str_replace('\'', '\\\'', $input);
return '\''.$input.'\'';
}
If your provider has however disabled other functions that Upload.php requires, you may be out of luck after all.
You can look up what functions are disabled by creating a simple .php file with the call phpinfo() in it. (search for disable_functions in the generated output)
Try replacing escapeshellarg with @escapeshellarg in system/libraries/Upload.php file.
This does not have anything to do with CI. The function has been disabled in the php.ini file. It is quite common to disable various insecure functions (seen from the perspective of a server administrator).
If you are using shared hosting then there is probably not much you can do about it. Try asking your provider.
If you can edit php.ini then open it, find the disable_functions field, and remove escapeshellarg from the list. Then restart the server. That should enable the function.
If you still have problems then ask your provider if it is at all possible to upload stuff. I mean, if your provider has intentionally removed all upload functionality then you would be wasting your time looking for a way to do it.
Go to system/libraries/Upload.php
Replacing
escapeshellarg with @escapeshellarg
if (DIRECTORY_SEPARATOR !== '\\')
{ $cmd = 'file --brief --mime ' . @escapeshellarg ($file['tmp_name']) . ' 2>&1';
