On Thu, Jul 05, 2001 at 09:10:10AM +0200, [EMAIL PROTECTED] wrote:
> On Wed, 4 Jul 2001, Zak Greant wrote:
>
> > Derick wrote:
> >
> > > Hello Zak,
> > >
> > > regarding this problem with the mail() function, I have a fix here where
> > > the 5th parameter will be shell escaped (with php_shell_escape_cmd()). I
> > > didn't commit it yet (because of ISP troubles), but if nobody thinks this
> > > is a bad idea, I'll commit it tomorrow.
> >
> > Hey Derick,
> >
> > Excellent! :)
> >
> > Should we be using php_escape_shell_arg() instead of
> > php_escape_shell_cmd()?
>
> As far as I can see does shell_arg only escape the ' and shell_cmd the
> following characters: #&;`'\"|*?~<>^()[]{}$\\\x0A\xFF so I think
> _shell_cmd would be the best choice.
BTW, shouldn't \x0A-\xFF be escapeable only if they aren't characters
according current locale?
--
Sincerely yours, Alexander Bokovoy
The Midgard Project | ALT Linux Team | Minsk Linux Users Group
www.midgard-project.org | www.altlinux.ru | www.minsk-lug.net
-- You won't skid if you stay in a rut.
-- Frank Hubbard
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
