3v4l.org

run code in 300+ PHP versions simultaneously
<?php $str="æøå\x01"; var_dump(["str"=>$str,"escapeshellarg"=>escapeshellarg($str), "quoteshellarg"=>quoteshellarg($str)]); /** * quotes shell arguments * (doing a better job than escapeshellarg) * * @param string $arg * @throws UnexpectedValueException if $arg contains null bytes * @return string */ function quoteshellarg(string $arg): string { if (PHP_OS_FAMILY === 'Linux') { // PHP's built-in escapeshellarg() for linux is garbage, corrupting-or-stripping UTF-8 unicode characters like "æøå" // and stripping non-printable characters like \x01 // while single-quoted shell arguments in Linux are binary safe execpt for 2 bytes: \x00 and \x27 // to prevent corruption of UTF-8 characters, we implement our own shell argument quoting for Linux. if (false !== strpos($arg, "\x00")) { throw new UnexpectedValueException('linux shell arguments cannot contain null bytes!'); } return "'" . strtr($arg, array("'" => "'\\''")) . "'"; } // fallback to the php built-in function return escapeshellarg($arg); }
Output for 7.4.0 - 7.4.33, 8.0.1 - 8.0.30, 8.1.0 - 8.1.28, 8.2.0 - 8.2.19, 8.3.0 - 8.3.7
array(3) { ["str"]=> string(7) "æøå" ["escapeshellarg"]=> string(3) "''" ["quoteshellarg"]=> string(9) "'æøå'" }
preferences:
163.44 ms | 402 KiB | 123 Q