I'm finding that escapeshellarg() doesn't "protect" against malicious strings used against Windows' shell, cmd.exe. Is there a function in PHP for escaping strings according to the Windows shell's rules?
For example, the command separator in cmd.exe is &&. -- Jeff S. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
