 PHP3 手冊
|
||
|---|---|---|
| Prev | Next | |
string escapeshellcmd
(string command);
EscapeShellCmd() 忽略任何在 string 里可能對系統造成危險的指令字元. 這個函式是用來確保 傳給 exec( ) 或 system( ) 的參數是安全的. 標準的用法為 : escapes any characters in a string that might be used to trick a shell command into executing arbitrary commands. This function should be used to make sure that any data coming from user input is escaped before this data is passed to the exec() or system() functions. A standard use would be:
system(EscapeShellCmd($cmd))