Possible Duplicate:
Safe executing shell scripts; escaping vars before execution
I want to pass $_SERVER data through php exec() function to run another script for background process.
to pass a simple parameter I do it like this:
exec("/usr/bin/php -f bg.php parameter1 > /dev/null &");
But I think it is impossible to directly pass an array to this function. So I tried serialize($_SERVER) . but now there’s a bigger problem. Characters like quotations, semicolons and many others break down the shell command and it doesn’t work properly.
So what’s the solution to solve this problem?
Maybe what you are looking for is: http://php.net/manual/en/function.escapeshellarg.php