Questions and postings pertaining to the usage of ImageMagick regardless of the interface. This includes the command-line utilities, as well as the C and C++ APIs. Usage questions are like "How do I use ImageMagick to create drop shadows?".
This is the example script i got from imagemagick website.
How safe is this script?
If i run this script from php using exec("convert dragon.gif -gravity South -background Plum -splice 0x18 -annotate +0+2 'Faerie Dragon' anno_splice.gif"); from getting user input for text. Can they run any malicious text?
Your PHP command will allow a user to execute any command on your machine. I am no PHP expert but I think you need to use the following function: http://us3.php.net/manual/en/function.e ... ellarg.php to prevent the user from doing that.
The users on this forum are here for Imagemagick information and use a variety of different codes.
As the exec( ) problem you are asking about can be used in any php code not just Imagemagick I was recommending you went to a forum where there will be experts in php who can answer your question more fully.
I am not trying to force you away; I just think you will get a more information elsewhere.
You need to post your code; I assume you are using single quotes around your text; try normal quotes instead.
escapeshellarg() adds single quotes around a string and quotes/escapes any existing single quotes allowing you to pass a string directly to a shell function and having it be treated as a single safe argument. This function should be used to escape individual arguments to shell functions coming from user input.
