Edit report at https://bugs.php.net/bug.php?id=43261&edit=1
ID: 43261 Comment by: microsoftsux at gmx dot de Reported by: RQuadling at GMail dot com Summary: Use ^ as escape char for windows escapeshellcmd Status: Closed Type: Bug Package: Program Execution Operating System: Windows XP SP2 PHP Version: 5.3CVS-2007-11-12 (snap) Assigned To: scottmac Block user comment: N Private report: N New Comment: I can confirm this issue is not fixed as "d dot kreuer at ibrams dot com" stated. The problem is, that windows does not require escaping characters if the path or argument is quoted. Since paths that contain whitespaces NEED TO BE quoted, they on the other hand MAY NOT be escaped. So the solution would be to NOT escape the path/argument, if it contains whitespaces on windows within escapeshellcmd. Additionally quoting the argument however, would be a breaking change - though correct implementation wise - because most applications up to now do this themself and double quoting is also not permitted. Test cases: C:\>C:\Dev\test(1)\test.bat Der Befehl "C:\Dev\test" ist entweder falsch geschrieben oder konnte nicht gefunden werden. C:\>C:\Dev\test^(1^)\test.bat 'OK' C:\>"C:\Dev\test^(1^)\test.bat" Das System kann den angegebenen Pfad nicht finden. C:\>"C:\Dev\test(1)\test.bat" 'OK' C:\>C:\Dev\test (2)\test.bat Der Befehl "C:\Dev\test" ist entweder falsch geschrieben oder konnte nicht gefunden werden. C:\>C:\Dev\test ^(2^)\test.bat Der Befehl "C:\Dev\test" ist entweder falsch geschrieben oder konnte nicht gefunden werden. C:\>"C:\Dev\test ^(2^)\test.bat" Das System kann den angegebenen Pfad nicht finden. C:\>"C:\Dev\test (2)\test.bat" 'OK' Previous Comments: ------------------------------------------------------------------------ [2011-12-14 15:35:53] d dot kreuer at ibrams dot com This issue is not fixed. It happened that I tried to use PHPUnit which escapes the command to invoke PHP. In my installation the php.exe can be found under the following path: C:\Program Files (x86)\PHP\v5.3\php.exe This is the default path for a PHP installation in combination with Windows and IIS (+ Platform Installer). This path is currently escaped in the following way: C:^\Program Files ^(x86^)^\PHP^\v5.3^\php.exe Called from the commandline (which I assume is the same as called via exec()) the following happens: C:\>C:^\Program Files ^(x86^)^\PHP^\v5.3^\php.exe The command "C:\Program" is invalid or could not be found. Even escaping the spaces does not work: C:\>C:^\Program^ Files^ ^(x86^)^\PHP^\v5.3^\php.exe Could not open input file: Files Additionally surrounding the command with quotation marks which normally does not fail (because the spaces are threated as part of the command) does not work: C:\>"C:^\Program Files ^(x86^)^\PHP^\v5.3^\php.exe" The system cannot find the path specified. If I run the command not escaped via escapeshellcmd() and only surrounded with quotes, it works. C:\>"C:\Program Files (x86)\PHP\v5.3\php.exe" -v PHP 5.3.8 (cli) (built: Aug 23 2011 12:14:39) Used PHP Version is 5.3.8 (NTS) and OS is Windows 7. ------------------------------------------------------------------------ [2008-07-22 16:22:07] scott...@php.net This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Test added for this now. ------------------------------------------------------------------------ [2008-06-10 12:10:08] paj...@php.net Assigned to Scott, needs more tests cases and explanation (as it may break a lot of scripts). ------------------------------------------------------------------------ [2008-06-10 10:20:14] ka...@php.net Actually Scott fixed this without marking it as fixed =) ------------------------------------------------------------------------ [2008-06-10 10:12:54] ka...@php.net Well if nobody else wanna apply it, then Ill take it =) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=43261 -- Edit this bug report at https://bugs.php.net/bug.php?id=43261&edit=1
