Hi, I was looking at Bug #40928 - escapeshellarg() does not quote percent (%) correctly for cmd.exe. This bug seems to be because escapeshellarg() in Windows replaces '%' and '"' with spaces, while assuming there isn't a real escaping method for command line in Windows. Therefore I'm guessing no one really use escapeshellarg() or escapeshellcmd() on Windows. And in order to change this I suggest to use the command line escaping that does exists (although looking a bit ugly), as you can see for example here: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs /en-us/ntcmds_shelloverview.mspx?mfr=true , quoting: "You can use most characters as variable values, including white space. If you use the special characters <, >, |, &, or ^, you must precede them with the escape character (^) or quotation marks." - So all special characters will be replaced with "^<char>". So this is the diff file that I suggest to use- it for sure fix the above bug and may improve windows escapeshellcmd():
cvs diff -- exec.c (in directory C:\php-src\ext\standard\) Index: exec.c =================================================================== RCS file: /repository/php-src/ext/standard/exec.c,v retrieving revision 1.113.2.3.2.1 diff -r1.113.2.3.2.1 exec.c 275d274 < case '\'': 276a276,277 > case '\'': > #endif 281a283 > #ifndef PHP_WIN32 282a285,289 > #else > cmd[y++] = '"'; > cmd[y++] = '^'; > cmd[y++] = str[x]; > #endif 286,287d292 < #endif < case '#': /* This is character-set independent */ 289,290d293 < case ';': < case '`': 292,294d294 < case '*': < case '?': < case '~': 299a300,313 > #ifdef PHP_WIN32 > case '%': > cmd[y++] = '"'; > cmd[y++] = '^'; > cmd[y++] = str[x]; > cmd[y++] = '"'; > break; > #endif > case '#': /* This is character-set independent */ > case ';': > case '`': > case '*': > case '?': > case '~': 305d318 < case '\\': 309,310c322 < /* since Windows does not allow us to escape these chars, just remove them */ < case '%': --- > /* since Windows does not allow us to escape these chars, just remove them */ 313a326 > case '\\': 347d359 < case '%': Comments will be greatly appreciated. All the best, Tzachi Tager. -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
