uce/site/doc/pages/shell_escape.txt

20 lines
488 B
Plaintext

:sig
String shell_escape(String raw)
:params
raw : string that should be escaped
return value : escaped version of 'raw'
:see
>sys
:content
Escapes a parameter so it can be used more safely with `shell_exec()`.
This is the helper to reach for when building shell command lines from dynamic input.
Related:
- PHP: `escapeshellarg()` and `escapeshellcmd()`
- JavaScript / Node.js: there is no direct built-in equivalent; prefer `spawn()` argument arrays and avoid shell interpolation