
	downloads \| documentation \| faq \| getting help \| mailing lists \| reporting bugs \| php.net sites \| links \| my php.net

search for in the

escapeshellarg	exec

	Last updated: Mon, 16 Jul 2012

escapeshellcmd

(PHP 3, PHP 4, PHP 5)

escapeshellcmd -- Escape shell metacharacters

说明

string escapeshellcmd ( string command )

escapeshellcmd() escapes any characters in a string that might be used to trick a shell command into executing arbitrary commands. This function should be used to make sure that any data coming from user input is escaped before this data is passed to the exec() or system() functions, or to the backtick operator.

参数

command: The command that will be escaped.

返回值

The escaped string.

例

例子 1. escapeshellcmd() example

<?php $e = escapeshellcmd($userinput); // here we don't care if $e has spaces system("echo $e"); $f = escapeshellcmd($filename); // and here we do, so we use quotes system("touch \"/tmp/$f\"; ls -l \"/tmp/$f\""); ?>

参见

escapeshellarg()

exec()

popen()

system()

backtick operator

escapeshellarg	exec

	Last updated: Mon, 16 Jul 2012

This unofficial mirror is operated at: http://manual.phpv.net/
Last updated: Thu Jul 7 19:13:47 2005 CST