<html> <head> <title>Fonction escapeshellcmd()</title> </head> <body> <div> <form action="<?php print $PHP_SELF ?>" method="post"> <p> <input type="text" value="<?php print $_REQUEST['fichier'] ?>" name="fichier" /> </p> </form> <pre> <?php if ( isset( $_REQUEST['fichier'] ) ) { $e = escapeshellcmd($_REQUEST['fichier'] ); system("echo $e"); $f = escapeshellcmd($nom_fichier); system("touch "/tmp/$f"; ls -l "/tmp/$f""); } ?> </pre> </div> </body> </html>