Gold Vision Communications / USA
 GOLDVISION.COM
 Serving the Multimedia Community since 1989.
 German Site | Spanish Site 

 Web Hosting

 Virtual Dedicated Servers

 Domaincheck

 Order

 Order Status

 Support

 Contact us

 Download

 Network

 Network Status

 Webdesign / Templates

 Make Payment

 Terms & Conditions

 Imprint

 Legal Notices

 Privacy Statement
  PHP / escapeshellcmd
escapeshellcmd
PHP Manual
PrevNext

escapeshellcmd

(PHP 3, PHP 4 >= 4.0.0)

escapeshellcmd -- escape shell metacharacters

Description

string escapeshellcmd ( string command)

escapeshellcmd() escapes any characters in a string that might be used to trick a shell command into executing arbitrary commands. This function should be used to make sure that any data coming from user input is escaped before this data is passed to the exec() or system() functions, or to the backtick operator. A standard use would be:

$e = escapeshellcmd($userinput);
system("echo $e"); // here we don't care if $e has spaces
$f = escapeshellcmd($filename);
system("touch \"/tmp/$f\"; ls -l \"/tmp/$f\""); // and here we do, so we use quotes

See also escapeshellarg(), exec(), popen(), system(), and the backtick operator.

PrevHomeNext
escapeshellargUpexec
© 1998-2007 Gold Vision Communications All Rights Reserved.