From: [EMAIL PROTECTED] Operating system: Unix PHP version: 4.0.6 PHP Bug Type: Program Execution Bug description: Command line arguments escaped magically and out of control
4.0.6 (safe mode), Apache 1.3.20, running as server module, under Solaris 8/Sparc When passing arguments to an executable with either exec(), system() or passthru(), special shell characters are escaped automatically, and I have no control over it. As a result, I am unable to pass to the executable a paramter containing white space (such as a file name with spaces), because I cannot surround it with quotes or backslash the spaces (the automatic escaping protects the quotes or backslash from the shell). Another consequence is that I cannot use shell redirection symbols (e.g. 2>&1): they get escaped, too, and the executable receives the string "2>&1" as one of its parameters. If I use escapeshellarg() for each argument (as I should), the single quotes, put arround the argument by that function, are passed over as part of the argument. For example: $arg = escapeshellarg("/var/www/data/foo bar.txt"); passthru( "/var/www/bin/myprog $arg" ); Produces the following output from myprog: '/var/www/data/foo: No such file or directory bar.txt': No such file or directory I suspect that this bug may be specific to Solaris, since I could not reproduce the same behaviour under identical configuration under FreeBSD. Hoping for a fix in the upcoming release, -- Arcady Genkin -- Edit bug report at: http://bugs.php.net/?id=13843&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]