I have a script that calls a bash script that does some processing, but the script calls the bash script using user inputed data.
I am wondering if there is a way to make sure the person (it's a file upload) doesn't append like ;cd /;rm -rf *
to the end of the file. Or anything else like that. Would a normal MYSQL Injection methods work? Is there a better alternative?