PHP/Utility Function/escapeshellcmd

Материал из Web эксперт
Перейти к: навигация, поиск

Escaping shell metacharacters

   <source lang="html4strict">

<?php system("ls -al ".escapeshellarg($directory)); system(escapeshellcmd($ls_program)." -al"); ?> 

 </source>


Escaping User Input with the escapeshellcmd() Function

   <source lang="html4strict">

<html> <head> <title>Escaping user input with the escapeshellcmd() function</title> </head> <body>

<form action="<?php print $PHP_SELF ?>" method="post">

<input type="text" value="<?php print $_REQUEST["manpage"] ?>" name="manpage" />

</form> 

<?php
if ( isset( $_REQUEST["manpage"] ) ) {
  $manpage = escapeshellcmd( $_REQUEST["manpage"] );
  system( "man $manpage | col -b" );
}
?>

</body> </html> 

 </source>


Executing df and displaying the results

   <source lang="html4strict">

<?php exec(escapeshellcmd("df"),$output_lines,$return_value); echo ("Command returned a value of $return_value."); echo "</pre>"; foreach ($output_lines as $output) { 

   echo "$o";

} echo "</pre>"; ?> 

 </source>


string escapeshellcmd ( string command ) escapes special characters in shell commands

   <source lang="html4strict">

$_GET["search"] = escapeshellcmd($_GET["search"]); 

   passthru("grep {$_GET["search"] /var/www/meetinglogs/*");
 
 </source>
Источник — «http://wbex.ru/index.php?title=PHP/Utility_Function/escapeshellcmd&oldid=1559»