[TYPO3-core] RFC #16656 : bug : ImageMagick does not work with quotes in exec() path on Windows
Helmut Hummel
helmut.hummel at typo3.org
Sun Jan 2 23:05:43 CET 2011
Hi,
On 02.01.11 21:44, Jigal van Hemert wrote:
>
>
> The PHP documentation says that escapeshellcmd will replace a lot of
> characters with a space, but in reality it does not.
>
> Check with:
[snipp]
Thanks, usefull script!
> And you'll see exactly which characters are modified. Maybe the function
> behaves differently in safe_mode?
Well, in my (Windows XP) environment "&" is escaped as "^&", in fact all
character mentioned in the documentation are escaped with "^" on my
Windows system and with "\" on my OSX, both php 5.2.x and no matter if
safe_mode is on or off.
This is not the case on your system(s)?
Kind regards,
Helmut
--
Helmut Hummel
TYPO3 Security Team Leader
TYPO3 .... inspiring people to share!
Get involved: typo3.org
More information about the TYPO3-team-core
mailing list