On Thu, 5 Jul 2001, Zak Greant wrote:

>     _shell_arg single quotes a string, and converts any existing
>     single quotes (') in the value are to '\''. This sequence
>     temporarily ends the single-quoted string, inserts a literal
>     single quote, and then resumes the string.
>     Shells don't interpret *anything* inside of a single quoted
>     string, making this a very safe strategy (IMUO)

Ah you're right about that. I just saw the escaping of ' in the string,
but not the quoting. I've a fix ready now. Will commit after I tested it a
little more.

Derick Rethans

        PHP: Scripting the Web - www.php.net - [EMAIL PROTECTED]
             SRM: Site Resource Manager - www.vl-srm.net

PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to