escapeshellarg

(PHP 4 >= 4.0.3, PHP 5, PHP 7)
Escape a string to be used as a shell argument
string escapeshellarg ( string $arg )

escapeshellarg() adds single quotes around a string and quotes/escapes any existing single quotes allowing you to pass a string directly to a shell function and having it be treated as a single safe argument. This function should be used to escape individual arguments to shell functions coming from user input. The shell functions include exec(), system() and the backtick operator.

On Windows, escapeshellarg() instead removes percent signs, replaces double quotes with spaces and adds double quotes around the string.

Parameters:
arg

The argument that will be escaped.

Returns:

The escaped string.

Examples:
escapeshellarg() example
<?php
system('lsĀ '.escapeshellarg($dir));
?>

See also:

escapeshellcmd() -

exec() -

popen() -

system() -

backtick operator -

doc_php
2016-02-24 16:05:20
Comments
Leave a Comment

Please login to continue.