escapeshellcmd
string escapeshellcmd(string cmd) Escapes all of the shell metacharacters and control operators within a string.
Returns:
String with all metacharacters and control operators escaped by backslashes
Description:
escapeshellcmd() reduces the risks involved in allowing user input to be passed to the shell, by escaping all metacharacters and control operators with backslashes. PHP considers the following characters to be metacharacters and/or control operators.
| ASCII Code | Character |
|---|---|
| 10 | [newline] |
| 34 | " |
| 35 | # |
| 36 | $ |
| 38 | & |
| 39 | ' |
| 40 | ( |
| 41 | ) |
| 42 | * |
| 59 | ; |
| 60 | < |
| 62 | > |
| 63 | ? |
| 91 | [ |
| 92 | \ |
| 93 | ] |
| 94 | ^ |
| 96 | ` |
| 123 | { |
| 124 | | |
| 125 | } |
| 126 | ∼ |
| 255 | varies by character set |
For more information on metacharacters, control operators, and using shells with strings, consult the ...
Get PHP Functions Essential Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
