I'm trying to create a private clone of a popular website which gives the possibility to "write php code online" as a personal exercise.
- I write some code in a text area
- code is executed some way server side
- output is returned
I want the output to be exactly as it would be if served by an apache instance, with all the errors and warning my code generated.
There's an existing framework which serves the site webpages (a front controller, an orm and so on) so I CANT USE DISABLE FUNCTIONS IN PHP INI. Or everything wouldn't be usable at all.
I tried to save the input in a file and then run it with an exec like the following:
exec("php -c mycustomphpinifile input.php 2>&1 > output.txt");
But the errors outputted won't be the same as the apache ones.
The final solution I'm trying to adopt is to use the php_value or php_admin_value within the httpd.conf or the .htaccess in order to disable a whole list (as you can imagine) of dangerous functions.
However...
php_value disable_functions "my,functions,comma,separated"
doesn't work with such a big list as it seems. I have to disable something like 2k functions: is there any buffer size trouble with the php_value within the htaccess? Anyone can guess a solution to this problem?