Security issues with using PHP's escapeshellarg

Using user supplied data on the command line is traditionally a security disaster waiting to happen.
Using user supplied data on the command line is traditionally a security disaster waiting to happen. In an infinite universe there are however times when you might need to do just that. You will be glad to know that PHP provides two functions to aid you with security in those situations:escapeshellcmd and escapeshellarg.
 
 
top
Eldar Marcussen, Cyber Security Consultant 13 November 2013