string escapeshellcmd(string command)
The escapeshellcmd function adds a backslash before any characters that may cause
trouble in a shell command. This function should be used to filter user input before it is
used in exec or system. Table 9.4 lists characters escaped by escapeshellcmd.
Figure 9-7. escapeshellcmd.Table 9.4. Characters Escaped by escapeshellcmd
Character Description
& Ampersand
; Semicolon
' Left Tick
' Single Quote
" Double Quote
| Vertical Bar
- Asterisk
? Question Mark
~ Tilde
< Left Angle Bracket
Right Angle Bracket