I need to use single quotes twice - how to escape?

Question

I want to run this in php but it doesn't work because of quotes....

    $cmd="sudo -u postgres sh -c 'psql -c \"alter user edumate with encrypted password \'BLAH_BLAH\';\" template1 2>&1' ";
    $shellOutput = exec($cmd, $output);

psql -c "alter user edumate with encrypted password 'BLAH_BLAH';" template1 2>&1 is executed ok when running as postgres user.

I tried but it doesn't work for me.

sudo -u postgres sh -c 'psql -c \"alter user edumate with encrypted password \'BLAH_BLAH\';\" template1 2>&1'
sudo -u postgres sh -c 'psql -c "alter user edumate with encrypted password \'BLAH_BLAH\';" template1 2>&1'

How can I escape $cmd so I can execute it?

update I

    $subcommand="alter user edumate with encrypted password 'BLAH_BLAH';";
    $sub = escapeshellarg($subcommand);
    $cmd="sudo -u postgres sh -c 'psql -c \"".$sub."\" template1 2>&1'";
    $shellOutput = exec($cmd, $output);
    echo "<pre>Output = " . print_r($output,1) . "</pre>";

returns

Output = Array
(
)

update II

Thanks to @Hawili for working code. I would like to know how to run if with sh -c 'command' which he omitted.

$shellOutput=`sudo -u postgres psql -c "alter user edumate with encrypted password 'BLAH_BLAH';" template1 2>&1`;

Answer 1

You can use back quote ` which is used by php to execute command directly into shell

ex:

$output = `ls -l`;

in your case it can be something like this:

$shellOutput=`sudo -u postgres psql -c "alter user edumate with encrypted password 'BLAH_BLAH';" template1 2>&1`;

Answer 2

You could look into this function:

http://php.net/manual/en/function.escapeshellcmd.php