Escaping shell commands in PHP

From: Behdad Esfahbod <behdad cs toronto edu>
To: gnome-infrastructure gnome org
Subject: Escaping shell commands in PHP
Date: Sun, 11 Dec 2005 05:30:31 -0500 (EST)

Hi,

Skimming through docs on sysadmin.g.o, in PHP Guidelines under
Quoting, I think the third bullet "Don't try to quote shell
command lines. ... here is no PHP builtin that does the right
thing." is not adequate.  The following two PHP builtin functions
do exactly this:

  http://php.net/escapeshellarg
  http://php.net/escapeshellcmd


Or am I missing something?

--behdad
http://behdad.org/

"Commandment Three says Do Not Kill, Amendment Two says Blood Will Spill"
	-- Dan Bern, "New American Language"

Follow-Ups:
- Re: Escaping shell commands in PHP
  - From: Olav Vitters

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]