Russian Ukraine English
Catalog RSS


(PHP 4 >= 4.0.3)

escapeshellarg -- escape a string to be used as a shell argument


string escapeshellarg (string arg)

EscapeShellArg() adds single quotes around a string and quotes/escapes any existing single quotes allowing you to pass a string directly to a shell function and having it be treated as a single safe argument. This function should be used to escape individual arguments to shell functions coming from user input. The shell functions include exec(), system() and the backtick operator. A standard use would be:

system("ls ".EscapeShellArg($dir))       

See also exec(), popen(), system(), and the backtick operator.