Forum: Ruby escapeshellcmd() for Ruby

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
79ba2393f214ecd2ece4a4cecb8fd4ec?d=identicon&s=25 hawe (Guest)
on 2007-04-11 14:20
Hi!

Is there something like PHP's escapeshellcmd() function which removes
special signs for system calls? Or do I have to do it myself and escape
|;>"? What else?

Thanks a lot,
hawe
4299e35bacef054df40583da2d51edea?d=identicon&s=25 James Gray (bbazzarrakk)
on 2007-04-11 14:33
(Received via mailing list)
On Apr 11, 2007, at 7:20 AM, hawe wrote:

> Is there something like PHP's escapeshellcmd() function which removes
> special signs for system calls? Or do I have to do it myself and
> escape
> |;>"? What else?

I'm not aware of anything, but TextMate uses to following code for
shell escaping:

# escape text to make it useable in a shell script as one
“word” (string)
def e_sh(str)
  str.to_s.gsub(/(?=[^a-zA-Z0-9_.\/\-\x7F-\xFF\n])/, '\\').gsub(/\n/,
"'\n'").sub(/^$/, "''")
end

Not sure how portable that is, but hopefully it will get you started.

James Edward Gray II
753dcb78b3a3651127665da4bed3c782?d=identicon&s=25 Brian Candler (Guest)
on 2007-04-11 16:53
(Received via mailing list)
On Wed, Apr 11, 2007 at 09:20:05PM +0900, hawe wrote:
> Is there something like PHP's escapeshellcmd() function which removes
> special signs for system calls? Or do I have to do it myself and escape
> |;>"? What else?

You can use system("/usr/bin/foo","bar","baz"). This runs command
"/usr/bin/foo" and passes it arguments "bar" and "baz", without going
through a shell at all - so shell escaping isn't required.

irb(main):002:0> system("/bin/echo","hello","2>/dev/null","world")
hello 2>/dev/null world
=> true
This topic is locked and can not be replied to.