I like the idea of a php.ini setting for the comspec (although this might
create OS specific ini files), and I do not like 'magick' stuff happening
to command parameters in any of the exec functions.
According to Windows cmd specifications the quotes are needed if one of
the special characters is present in the command line.
The special characters that require quotes are:
<space>
&()[]{}^=;!'+,`~
The user should know when to use quotes when calling any of the exec
functions.
- Frank
> Wez Furlong wrote:
> > Is it possible that switching /S on will break existing scripts?
> > If so, it's probably better to make the comspec setting a PHP .ini
> > option that only the admin can change and allow /S to be set there.
> >
> > --Wez.
>
> Well, the patch doesn't just use /S, it also automatically encloses the
argument in double-quotes.
> It will break workarounds where people have put those double quotes in
manually. This was the
> workaround suggested on bug 34671. It's also the workaround we'll be
using in MediaWiki until this
> patch is applied, and then after it's applied we'll have to put a
version switch in. I'm interested
> in seeing this patch applied in the hopes that years from now,
programmers will be able to use
> shell_exec() on Windows without going through the same tortuous route I
went through to determine
> why it doesn't work and how to make it work. Reading 50 screenfuls of
manual comments didn't help.
>
> Speaking of which, it would be great if the manual could be amended to
precisely document the
> pre-patch (or compatibility-mode) and post-patch behaviour of the
program execution functions.
>
> A comspec setting would be nice for people wanting to use, say, cygwin
bash as a command
> interpreter. But to switch automatic quoting and /S on and off, I think
you would need a
> compatibility mode flag. One that's zero to indicate compatibility, so
that you can pull a trick
> like this to get version-independent code:
>
> if (ini_get('windows_shell_quoting')) {
> $result = shell_exec($cmd);
> } else {
> $result = shell_exec(ugly_hack($cmd));
> }
>
> The same php.ini option could put escapeshellarg() into a
windows-compatible mode. Maybe I should
> submit that patch too, for completeness.
>
> -- Tim Starling
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
