reference/exec/functions/escapeshellcmd.xml
1ea4e4f5769f1a173303f95074a91e8537f65133
...
...
@@ -27,8 +27,9 @@
27
27
Following characters are preceded by a backslash:
28
28
<literal>&amp;#;`|*?~&lt;&gt;^()[]{}$\</literal>, <literal>\x0A</literal>
29
29
and <literal>\xFF</literal>. <literal>'</literal> and <literal>"</literal>
30
-
are escaped only if they are not paired. In Windows, all these characters
31
-
plus <literal>%</literal> and <literal>!</literal> are replaced by a space instead.
30
+
are escaped only if they are not paired. On Windows, all these characters
31
+
plus <literal>%</literal> and <literal>!</literal> are preceded by a caret
32
+
(<literal>^</literal>).
32
33
</para>
33
34
</refsect1>
34
35

...
...
@@ -85,30 +86,20 @@ system($escaped_command);
85
86
<function>escapeshellarg</function> should be used instead.
86
87
</para>
87
88
</warning>
88
-
</refsect1>
89
-

90
-
<refsect1 role="changelog">
91
-
&reftitle.changelog;
92
-
<para>
93
-
<informaltable>
94
-
<tgroup cols="2">
95
-
<thead>
96
-
<row>
97
-
<entry>&Version;</entry>
98
-
<entry>&Description;</entry>
99
-
</row>
100
-
</thead>
101
-
<tbody>
102
-
<row>
103
-
<entry>5.4.43, 5.5.27, 5.6.11</entry>
104
-
<entry>
105
-
Exclamation marks are replaced by spaces.
106
-
</entry>
107
-
</row>
108
-
</tbody>
109
-
</tgroup>
110
-
</informaltable>
111
-
</para>
89
+
<warning xmlns="http://docbook.org/ns/docbook">
90
+
<para>
91
+
Spaces will not be escaped by <function>escapeshellcmd</function>
92
+
which can be problematic on Windows with paths like:
93
+
<literal>C:\Program Files\ProgramName\program.exe</literal>.
94
+
This can be mitigated using the following code snippet:
95
+
<programlisting role="php">
96
+
<![CDATA[
97
+
<?php
98
+
$cmd = preg_replace('`(?<!^) `', '^ ', escapeshellcmd($cmd));
99
+
]]>
100
+
</programlisting>
101
+
</para>
102
+
</warning>
112
103
</refsect1>
113
104

114
105
<refsect1 role="seealso">
115
106