README

A PHP function to escape command-line arguments, which replaces escapeshellarg with more robust methods for both Windows and non-Windows platforms. Install from Packagist and use it like this

$escaped = Winbox\Args::escape($argument);

Alternatively, you can just copy the code into your own project (but please keep the license attribution and documentation link).

Windows平台上的功能

The following transformations are made

• Double-quotes are escaped with a backslash, with any preceeding backslashes doubled up.
• The argument is only enclosed in double-quotes if it contains whitespace or is empty.
• Trailing backslashes are doubled up if the argument is enclosed in double-quotes.

See How Windows parses the command-line if you would like to know why.

By default, cmd.exe meta characters are also escaped

• by caret-escaping the transformed argument (if it contains internal double-quotes or %...% syntax).
• or by enclosing the argument in double-quotes.

There are some limitations

1. If cmd is started with DelayedExpansion enabled, !...! syntax could expand environment variables.
2. If the program name requires caret-escaping and contains whitespace, cmd will not recognize it.
3. If an argument contain a newline \n character, this will not be escaped.

See How cmd.exe parses a command and Implementing a solution for more information.

非Windows平台上的功能

The argument is enclosed is single-quotes, with internal single-quotes escaped.

就是这样吗？

是的。一个仅包含一个微小的函数的整个仓库。然而，它需要相当多的解释，因为

• Windows中的命令行解析规则并不明显。
• PHP通常使用cmd.exe来执行程序，这应用了一套不同的规则。
• 没有简单的解决方案。

有关不同解析规则、潜在问题和局限性的完整说明可以在Wiki中找到。

许可

Winbox-Args遵循MIT许可协议 - 有关详细信息，请参阅LICENSE文件。