Tom Iv
Reputation: 449
How to Escape characters while passing system command in PHP
I have a Linux web server running a PHP/HTML page.
for loop
{
$instruction= "I'm constructing the instruction here";
}
$instruction = "lspci | grep -i vga | awk '{print $1}' & lspci | grep -i RAID | awk '{print $1}'";
$result = exec($instruction); `
I'm unable to get the exact output as below,
echo $result
08:03.0 07:00.0
Seems like some of the characters have to be escaped in order for exec() to work. How and what characters do I need to escape?
Note:
07:00.0 RAID bus controller: LSI Logic / Symbios Logic LSI MegaSAS 9260 (rev 05)
08:03.0 VGA compatible controller: Matrox Graphics, Inc. MGA G200eW WPCM450 (rev 0a)
Upvotes: 1
Views: 1584
Answers (1)
Shankar Narayana Damodaran
Reputation: 68536
Make use of escapeshellcmd() in PHP
Something like..
$escaped_command = escapeshellcmd($command);
exec($escaped_command);
Alternatively, you could make use of escapeshellarg()
<?php
echo shell_exec('ls '.escapeshellarg($userdata));
Upvotes: 2
Related Questions
- Escaping PHP string
- How to escape a shell command to run it from php
- PHP Echo with System Command
- PHP escape in String
- Escape PHP in String
- Escaping spaces in variable while passing as a command line argument in php
- How to escape special characters of a shell argument
- How can I escape quotes on a PHP system call?
- How to escape input in PHP?
- Escaping Shell echos