只要您是定义要向写入哪个文件的人(而不是从URL确定) ，应该不会有太大的风险:从用户那里得到的唯一东西就是您要写入文件的内容，如果您不执行该文件而只是阅读它，则应该是:很好.

As long as you are the one defining which file you are writing to (and not determining that from the URL), there should not be much risk : the only thing you'll get from the user is the content you'll write to file, and if you don't execute that file, but just read it, it should be quite OK.

以这种方式记录404错误的想法并不新鲜:我已经看过很多次了，并且从未遇到过任何重大问题(我看到的最大问题是文件变得相当大快速，因为存在太多错误^^)

The idea of logging 404 errors this way is not new : I've seen it done quite a few times, and have never faced any major problem with it (biggest problem I saw was a file that became big quite fast, because there were far too many errors ^^ )

例如，Drupal做到了这一点:记录了404错误-但是记录到了数据库中，因此使用Web界面分析它们更加容易.

For instance, Drupal does a bit of this : 404 errors are logged -- but to a database, so it's easier to analyse them using the web-interface.