<?php$bad_arg = '-al; rm -rf /';$ok_arg = escapeshellarg($bad_arg);// list all files, then delete everything!system("ls $bad_arg");// is there a file called "-al; rm -rf /"?system("ls $ok_arg");?>
