I did some digging and I found the solution to this problem.
Those who know this problem but can not solve it please goto this url.
http://mgeisler.net/php-shell/
PLEASE TURN YOUR SERVER IN SAFE MODE (safe_mode = on) in php.ini.
Also have a look
http://mgeisler.net/downloads/phpshell/SECURITY
Note:
As they note in the PHP manual, Safe Mode is an inherently wrong way to secure
PHP, but is nevertheless used in many installations. Turning Safe Mode on in
PHP basically tries to restrict the language and its functions to make it
"safe".
This involves a strict check on file ownership so that PHP wont operate on
files and directories which are not owned by the owner of the current script.
Other restrictions in Safe Mode include limits on which files can be executed
and includes (thus making a primitive form of chroot or jail around the PHP
script).
I hope this will help prevent such hacking.