|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2014-10-03 06:08 UTC] petrhudecek2010 at gmail dot com
Description:
------------
On Windows, the function escapeshellarg quotes the string in double quotes but instead of escaping existing double quotes, it removes them instead.
Test script:
---------------
<?php
echo escapeshellarg('"');
Expected result:
----------------
"\""
Actual result:
--------------
" "
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Wed Jan 08 19:01:29 2025 UTC |
I'm using this code (simplified from what I actually need, but shows the principle): <?php $arg = escapeshellarg('echo "hello";'); echo `php -r $arg`; I wanted it to print hello, instead it says that hello is not a defined constant because it strips the double quotes.Yeah, that were pretty valid with bash. For cmd.exe you'd do like <?php $arg = escapeshellarg('echo \'hello\';'); echo `php -r $arg`; or i do it with $arg = escapeshellarg("echo 'hello';"); system(PHP_BINARY . " -r $arg"); The behavior is though correct - on Windows escaping seems to be not the shell task, but the one of a program you're working with. Some programs can "eat" it with "" (escape with another double quote) or ^". The common thing is however to have an argument enclosed with double quotes or even without them. So a normal inline code is like php.exe -r "echo 'hello';" on Linux you would replace double quotes with single quotes and vice versa, as double quotes could be possible extrapolated with a Linux shell like bash/dash/etc. Thanks.