Sophie

Sophie

distrib > Mandriva > 2008.1 > x86_64 > by-pkgid > 05cd670d8a02b2b4a0ffb1756f2e8308 > files > 900

php-manual-zh-5.2.4-1mdv2008.1.noarch.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>escapeshellcmd</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REL="HOME"
TITLE="PHP 手册"
HREF="index.html"><LINK
REL="UP"
TITLE="Program Execution Functions"
HREF="ref.exec.html"><LINK
REL="PREVIOUS"
TITLE="escapeshellarg"
HREF="function.escapeshellarg.html"><LINK
REL="NEXT"
TITLE="exec"
HREF="function.exec.html"><META
HTTP-EQUIV="Content-type"
CONTENT="text/html; charset=UTF-8"></HEAD
><BODY
CLASS="refentry"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>PHP 手册</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="function.escapeshellarg.html"
ACCESSKEY="P"
>上一页</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
></TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="function.exec.html"
ACCESSKEY="N"
>下一页</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><H1
><A
NAME="function.escapeshellcmd"
></A
>escapeshellcmd</H1
><DIV
CLASS="refnamediv"
><A
NAME="AEN188808"
></A
><P
>    (PHP 3, PHP 4, PHP 5)</P
>escapeshellcmd&nbsp;--&nbsp;Escape shell metacharacters</DIV
><DIV
CLASS="refsect1"
><A
NAME="AEN188811"
></A
><H2
>说明</H2
>string <B
CLASS="methodname"
>escapeshellcmd</B
> ( string command )<BR
></BR
><P
>&#13;   <B
CLASS="function"
>escapeshellcmd()</B
> escapes any characters in a
   string that might be used to trick a shell command into executing
   arbitrary commands.  This function should be used to make sure
   that any data coming from user input is escaped before this data
   is passed to the <A
HREF="function.exec.html"
><B
CLASS="function"
>exec()</B
></A
> or
   <A
HREF="function.system.html"
><B
CLASS="function"
>system()</B
></A
> functions, or to the <A
HREF="language.operators.execution.html"
>backtick
   operator</A
>.
  </P
><P
>&#13;   Following characters are preceded by a backslash:
   <TT
CLASS="literal"
>#&#38;;`|*?~&#60;&#62;^()[]{}$\</TT
>, <TT
CLASS="literal"
>\x0A</TT
>
   and <TT
CLASS="literal"
>\xFF</TT
>. <TT
CLASS="literal"
>'</TT
> and <TT
CLASS="literal"
>"</TT
>
   are escaped only if they are not paired. In Windows, all these characters
   plus <TT
CLASS="literal"
>%</TT
> are replaced by a space instead.
  </P
></DIV
><DIV
CLASS="refsect1"
><A
NAME="AEN188831"
></A
><H2
>参数</H2
><P
>&#13;   <P
></P
><DIV
CLASS="variablelist"
><DL
><DT
><CODE
CLASS="parameter"
>command</CODE
></DT
><DD
><P
>&#13;       The command that will be escaped.
      </P
></DD
></DL
></DIV
>
  </P
></DIV
><DIV
CLASS="refsect1"
><A
NAME="AEN188840"
></A
><H2
>返回值</H2
><P
>&#13;   The escaped string.
  </P
></DIV
><DIV
CLASS="refsect1"
><A
NAME="AEN188843"
></A
><H2
>范例</H2
><P
>&#13;   <TABLE
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
CLASS="EXAMPLE"
><TR
><TD
><DIV
CLASS="example"
><A
NAME="AEN188846"
></A
><P
><B
>例 1. <B
CLASS="function"
>escapeshellcmd()</B
> example</B
></P
><TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
CELLPADDING="5"
><TR
><TD
><code><font color="#000000">
<font color="#0000BB">&lt;?php<br />$e </font><font color="#007700">= </font><font color="#0000BB">escapeshellcmd</font><font color="#007700">(</font><font color="#0000BB">$userinput</font><font color="#007700">);<br /> <br /></font><font color="#FF8000">// here we don't care if $e has spaces<br /></font><font color="#0000BB">system</font><font color="#007700">(</font><font color="#DD0000">"echo $e"</font><font color="#007700">);<br /></font><font color="#0000BB">$f </font><font color="#007700">= </font><font color="#0000BB">escapeshellcmd</font><font color="#007700">(</font><font color="#0000BB">$filename</font><font color="#007700">);<br /> <br /></font><font color="#FF8000">// and here we do, so we use quotes<br /></font><font color="#0000BB">system</font><font color="#007700">(</font><font color="#DD0000">"touch </font><font color="#007700">\"</font><font color="#DD0000">/tmp/$f</font><font color="#007700">\"</font><font color="#DD0000">; ls -l </font><font color="#007700">\"</font><font color="#DD0000">/tmp/$f</font><font color="#007700">\"</font><font color="#DD0000">"</font><font color="#007700">);<br /></font><font color="#0000BB">?&gt;</font>
</font>
</code></TD
></TR
></TABLE
></DIV
></TD
></TR
></TABLE
>
  </P
></DIV
><DIV
CLASS="refsect1"
><A
NAME="AEN188850"
></A
><H2
>参见</H2
><P
>&#13;   <P
></P
><TABLE
BORDER="0"
><TBODY
><TR
><TD
><A
HREF="function.escapeshellarg.html"
><B
CLASS="function"
>escapeshellarg()</B
></A
></TD
></TR
><TR
><TD
><A
HREF="function.exec.html"
><B
CLASS="function"
>exec()</B
></A
></TD
></TR
><TR
><TD
><A
HREF="function.popen.html"
><B
CLASS="function"
>popen()</B
></A
></TD
></TR
><TR
><TD
><A
HREF="function.system.html"
><B
CLASS="function"
>system()</B
></A
></TD
></TR
><TR
><TD
><A
HREF="language.operators.execution.html"
>backtick operator</A
></TD
></TR
></TBODY
></TABLE
><P
></P
>
  </P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="function.escapeshellarg.html"
ACCESSKEY="P"
>上一页</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>起始页</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="function.exec.html"
ACCESSKEY="N"
>下一页</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>escapeshellarg</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="ref.exec.html"
ACCESSKEY="U"
>上一级</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>exec</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional