Brian Candler
4/11/2007 2:52:00 PM
On Wed, Apr 11, 2007 at 09:20:05PM +0900, hawe wrote:
> Is there something like PHP's escapeshellcmd() function which removes
> special signs for system calls? Or do I have to do it myself and escape
> |;>"? What else?
You can use system("/usr/bin/foo","bar","baz"). This runs command
"/usr/bin/foo" and passes it arguments "bar" and "baz", without going
through a shell at all - so shell escaping isn't required.
irb(main):002:0> system("/bin/echo","hello","2>/dev/null","world")
hello 2>/dev/null world
=> true