On Wed, 4 Jul 2001, Zak Greant wrote:
> Derick wrote:
>
> > Hello Zak,
> >
> > regarding this problem with the mail() function, I have a fix here where
> > the 5th parameter will be shell escaped (with php_shell_escape_cmd()). I
> > didn't commit it yet (because of ISP troubles), but if nobody thinks this
> > is a bad idea, I'll commit it tomorrow.
>
> Hey Derick,
>
> Excellent! :)
>
> Should we be using php_escape_shell_arg() instead of
> php_escape_shell_cmd()?
As far as I can see does shell_arg only escape the ' and shell_cmd the
following characters: #&;`'\"|*?~<>^()[]{}$\\\x0A\xFF so I think
_shell_cmd would be the best choice.
Derick
---------------------------------------------------------------------
PHP: Scripting the Web - www.php.net - [EMAIL PROTECTED]
SRM: Site Resource Manager - www.vl-srm.net
---------------------------------------------------------------------
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]