Passthru in PHP
PHP has more than 1000 built-in functions that you can use to perform common programming tasks. Whether you're working with arrays, iterating through an object, performing mathematical operations, or working with strings, you can use a function to get the job done.
The passthru() function allows you to run an external program that generates its own output, but sends it directly back to the output stream that PHP works with. This is useful for situations where you need to send binary data to the browser, such as images. But this function can be dangerous, if you don't take the necessary precautions to protect your system.
When you use the passthru() function, you must escape any user input that is passed to it, by using either the escapeshellarg() or the escapeshellcmd() function. This will ensure that users cannot trick your script into executing arbitrary commands. If you don't, it is possible that the program started by this function will hang until its execution ends, which can cause your site to be down.
If you want to pass a variable by reference, you must prefix its argument with an ampersand (&). This will make sure that the value of the variable changes within the function but does not change outside the function. To separate multiple parameters, you can also use a comma (,). However, since PHP 5.4, this is deprecated. In addition, a comma in the parameter list will cause the function to return an error, rather than a valid value.