Hi Chirag,
I am pretty new to posting to this list, but I am not sure that your message belongs on this particular group, since I don't see its relevance to win32 kernel programming. I also haven't written PHP before, but I do see some problems.
Post by chirag sharmaI have created an online PHP code executor at http://web.guru99.com
Though I have checked all security aspects ... do you experts see any major flaw that I need to care of?
Did you sandbox the php readfile?
<?php
readfile("../../../../../../etc/passwd");
?>
Did you ensure that PATH does not contain executables you would like to run, and also chroot the process so it cannot explicitly specify the path for a system command?
<?php
system("whoami");
?>
Your page allows cross-site scripting (XSS).
<?php
print "<script>alert('XSS')</script>";
?>
Anyway, I hope this helps. You may wish to try running some of the PHP security scanners to find other problems than my ad-hoc testing.