Hi @moisesmcardona, I am starting a project and am trying to figure out the best way to integrate Steem python within a web app securely. Were you ever able to look into the security concern expressed by @jamzed. We're you able to confirm that it affects your code or have you figured out a fix? Appreciate any help. You got my witness vote. :)

I will take a look!  Have you checked out utopian.io?  This type of open source development is rewarded through an alternative steem condensor!

Hey!

I'm not PHP expert, but I think steemapi-php API has a huge security breach...

example code: https://github.com/moisesmcardona/steemapi-php-python/blob/master/steemapi-php/getFollowingCount/index.php

```
<?php
header("Content-Type: text/plain");
$account = $_GET['a'];
setlocale(LC_ALL, 'en_US.utf8');
putenv('LC_ALL=en_US.utf8');
echo(exec("python3 ../../steemapi-python/getFollowingCount.py $account"));
?>
```
&nbsp;
Using exec calls is terrible idea when Steemit's API is available thru RPC/JSON calls and what is much much more dangerous, the above example code allows to inject any Bash command to run...  

```
index.php?a=jamzed;rm -rf/
```
&nbsp;
Please consider switching to Curl instead of running Python script and also please escape all input from users :)

You can find a lot of information how to make your code more secure on [Owasp Top 10](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project) page.