From: Rasmus Lerdorf <rasmus@php.net>
Date: Tue, 5 Sep 2000 16:55:32 +0000 (+0000)
Subject: Add EscapeShellArg() function which turns a b into 'a b' and
X-Git-Tag: php-4.0.3RC1~298
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4a22d2e8323465ed7bb5e671da1262886ed30a61;p=php

Add EscapeShellArg() function which turns a b into 'a b' and
a'b into 'a'\''b'
@Add EscapeShellArg() function (Rasmus)
---

diff --git a/ext/standard/basic_functions.c b/ext/standard/basic_functions.c
index 4a0ae534e3..859f15a55c 100644
--- a/ext/standard/basic_functions.c
+++ b/ext/standard/basic_functions.c
@@ -212,6 +212,7 @@ function_entry basic_functions[] = {
 	PHP_FE(exec, 									second_and_third_args_force_ref)
 	PHP_FE(system, 									second_arg_force_ref)
 	PHP_FE(escapeshellcmd, 							NULL)
+	PHP_FE(escapeshellarg, 							NULL)
 	PHP_FE(passthru, 								second_arg_force_ref)
 	PHP_FE(shell_exec, 								NULL)
 
diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index 9884f68656..088f856d18 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -314,7 +314,7 @@ char * php_escape_shell_cmd(char *str) {
 	cmd = emalloc(2 * l + 1);
 	strcpy(cmd, str);
 	for (x = 0; cmd[x]; x++) {
-		if (php_get_index("&;`'\"|*?~<>^()[]{}$\\\x0A\xFF", cmd[x]) != -1) {
+		if (php_get_index("#&;`'\"|*?~<>^()[]{}$\\\x0A\xFF", cmd[x]) != -1) {
 			for (y = l + 1; y > x; y--)
 				cmd[y] = cmd[y - 1];
 			l++;				/* length has been increased */
@@ -325,6 +325,32 @@ char * php_escape_shell_cmd(char *str) {
 	return cmd;
 }
 
+char * php_escape_shell_arg(char *str) {
+	register int x, y, l;
+	char *cmd;
+
+	l = strlen(str);
+	cmd = emalloc(4 * l + 3);
+	cmd[0] = '\'';
+	strcpy(cmd+1, str);
+	l++;
+
+	for (x = 1; cmd[x]; x++) {
+		if (cmd[x] == '\'') {
+			for (y = l + 3; y > x+1; y--) {
+				cmd[y] = cmd[y - 3];
+			}
+			cmd[++x] = '\\';
+			cmd[++x] = '\'';
+			cmd[++x] = '\'';
+			l+=3;				/* length was increased by 3 */
+		}
+	}
+	cmd[l++] = '\'';
+	cmd[l] = '\0';
+	return cmd;
+}
+
 /* {{{ proto string escapeshellcmd(string command)
    Escape shell metacharacters */
 PHP_FUNCTION(escapeshellcmd)
@@ -345,6 +371,26 @@ PHP_FUNCTION(escapeshellcmd)
 }
 /* }}} */
 
+/* {{{ proto string escapeshellarg(string arg)
+   Quote and escape an argument for use in a shell command */
+PHP_FUNCTION(escapeshellarg)
+{
+	pval **arg1;
+	char *cmd = NULL;
+
+	if (zend_get_parameters_ex(1, &arg1) == FAILURE) {
+		WRONG_PARAM_COUNT;
+	}
+	
+	convert_to_string_ex(arg1);
+	if ((*arg1)->value.str.len) {
+		cmd = php_escape_shell_arg((*arg1)->value.str.val);
+		RETVAL_STRING(cmd, 1);
+		efree(cmd);
+	}
+}
+/* }}} */
+
 /* {{{ proto string shell_exec(string cmd)
    Use pclose() for FILE* that has been opened via popen() */
 PHP_FUNCTION(shell_exec)
diff --git a/ext/standard/exec.h b/ext/standard/exec.h
index d96a4d81ce..dff1df8100 100644
--- a/ext/standard/exec.h
+++ b/ext/standard/exec.h
@@ -24,6 +24,7 @@
 PHP_FUNCTION(system);
 PHP_FUNCTION(exec);
 PHP_FUNCTION(escapeshellcmd);
+PHP_FUNCTION(escapeshellarg);
 PHP_FUNCTION(passthru);
 PHP_FUNCTION(shell_exec);