To escape the string to be used as shell argument we use the function escapeshellarg() in PHP. Does Perl have an equivalent function ?
views:
66answers:
2
+10
A:
String::ShellQuote, but most of the time this is not needed. You simply can avoid invoking the shell by careful programming. For example, system takes a list of arguments instead of a string.
Best practice:
use IPC::System::Simple qw(systemx);
systemx($command, @arguments);
require IPC::System::Simple;
use autodie qw(:all);
system([@allowed_exit_values], $command, @arguments);
daxim
2010-07-09 11:32:09
Yes, just avoid the shell entirely if at all possible.
Chris Johnsen
2010-07-09 11:49:44
Good job answering an [XY question](http://www.perlmonks.org/index.pl?node_id=542341) with the proper solution. :)
Ether
2010-07-09 15:07:08
A:
Perl can match the following stated function:
adds single quotes around a string and quotes/escapes any existing single quotes
http://php.net/manual/en/function.escapeshellarg.php#function.escapeshellarg
like this:
sub php_escapeshellarg {
my $str = @_ ? shift : $_;
$str =~ s/((?:^|[^\\])(?:\\\\)*)'/$1\\'/g;
return "'$str'";
}
Axeman
2010-07-09 13:57:55