PHP Sandbox: Execute external PHP scripts in a separate process

Recommend this page to a friend!

Download .zip

Info

View files (12)

Download .zip

Reputation

Support forum

Blog

Links

Last Updated		Ratings				Unique User Downloads		Download Rankings
2011-08-01 (5 years ago)		Not enough user ratings				Total: 765 This week: 1		All time: 4,231 This week: 1,047

Version		License		PHP version		Categories
`php-sandbox` 1		GNU Lesser Genera...		5.2		PHP 5, Language

Description Author

This class can execute external PHP scripts in a separate process.

It uses PHP CLI version to execute a given external scripts as a separate process, so if it fails the calling script does not fail too.

The class provides options to change the root file system path before executing, pass GET, POST, COOKIE and SESSION variables, as well other PHP options like display_errors, memory_limit, max_execution_time, disable_functions, etc..

Innovation Award

July 2011
Number 2

Prize: One subscription to the PDF edition of the PHP Architect magazine

Sometimes you may need to execute PHP scripts from third parties that you may not be able to trust, as such scripts can do something harmful.

This class provides a clever solution to execute untrusted PHP scripts by running them with the PHP cli program as a separate process.

It passes a separate set of values to request variables and changes the root of the file system, so the untrusted scripts do not have access to privileged information.

Clever approach to execute untrusted PHP scripts securely.

Manuel Lemos

Paul Fryer

Name:	Paul Fryer `<contact>`
Classes:	1 package by Paul Fryer
Country:	United Kingdom

Innovation award

Nominee: 1x

Details

PHPSandbox

A way to run external scripts from your core PHP files.
Allows for running non-trusted PHP from with in your main PHP application.
Allows the main script to continue should a fatal error occour in your incuded code.
Supports:
	Function restrictions
	Enviroment obscurification
	Sessions
	Passing GET and POST param's
	INI settings protection
	Run's as a seperate process to protect the parent PHP script from crashs
	Prevent's interaction with the parent PHP
	
	
Requirements:
PHP 5.2+ (Only tested in PHP 5.3 currently)
PHP CLI

Notes:
Only currently tested under Linux and OSX

Files

File	Role	Description
`samples` (6 files)
`COPYING`	Lic.	Copyright Information LGPL
`COPYING.LESSER`	Lic.	LGPL
`example.php`	Example	Example usage files
`phpsandbox-prepend.php`	Aux.	An auto prepend file to configure the enviroment
`phpsandbox.php`	Class	The main class
`README`	Doc.	README file

Files

samples

File	Role	Description
`invalid.php`	Data	Invalid PHP file to fail lint test
`malicious.php`	Data	A sample malicious PHP file
`recon.php`	Data	An enviroment based PHP reconisence script
`slow.php`	Data	A sample script that runs longer than the time limit
`trusted.php`	Data	A trusted PHP script
`valid.php`	Data	A sample valid PHP file

	php-sandbox-2011-08-01.zip 25KB
	php-sandbox-2011-08-01.tar.gz 21KB
	Install with Composer

Version Control

Unique User Downloads

Download Rankings

Total:	765
This week:	1

All time:	4,231
This week:	1,047

Applications that use this package

No pages of applications that use this class were specified.

If you know an application of this package, send a message to the author to add a link here.

Advertise on this site

For more information send a message to info at phpclasses dot org.