HostingTrade :: Powerful Hosting Solutions
Home Hosting Domains Support About
Satisfied Customers - that's our brand...
Client Login
Support
FAQ
Forums
HelpDesk (NEW!)

Documentation
Statistics
Network
Goodies
Free Trial
HostingTrade.com Web Hosting
Status Verified by
Web Hosting Stuff

Monitored by
UptimeAgent

DNameTrade.com :: Low Cost Domain Names
.: Useful Links :.

Confused with
tech-lingo?
NetLingo.com
Documentation

PHP Manual
PrevNext

escapeshellcmd

(PHP 3, PHP 4 )

escapeshellcmd -- escape shell metacharacters

Description

string escapeshellcmd ( string command)

escapeshellcmd() escapes any characters in a string that might be used to trick a shell command into executing arbitrary commands. This function should be used to make sure that any data coming from user input is escaped before this data is passed to the exec() or system() functions, or to the backtick operator. A standard use would be:

<?php
$e = escapeshellcmd($userinput);

// here we don't care if $e has spaces
system("echo $e");
$f = escapeshellcmd($filename);

// and here we do, so we use quotes
system("touch \"/tmp/$f\"; ls -l \"/tmp/$f\"");
?>

See also escapeshellarg(), exec(), popen(), system(), and the backtick operator.

PrevHomeNext
escapeshellargUpexec
 
© 2003-2009 . Service Line, Inc.
2Checkout.com, Inc. is an authorized retailer of HostingTrade.com