Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use
escapeshellarg()
on the query string passed to shell_exec()
, …
…to make sure its treated safely as a single argument.
- Loading branch information
947a06e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good call, but doesn't escapeshellarg add the single-quotes? So you should get rid of those when you add it.