<?php
$str = "Hello world. (can you hear me?)";
echo quotemeta($str);
?>
The output of the code above will be:
Hello world\. \(can you hear me\?\)
PHP - Manual: quotemeta
2024-11-14
(PHP 4, PHP 5, PHP 7, PHP 8)
quotemeta — 转义元字符集
$string
): string
返回 在下面这些特殊字符前加 反斜线(\
) 转义后的字符串。
这些特殊字符包含:
string
输入字符串
返回 元字符集被转义后的 字符串,如果输入字符串string
为空,
则返回 false
。
注意: 此函数可安全用于二进制对象。
<?php
$str = "Hello world. (can you hear me?)";
echo quotemeta($str);
?>
The output of the code above will be:
Hello world\. \(can you hear me\?\)
Took me a while to realize this was NOT the command I wanted for escaping potentially harmful characters in a string that would be used as part of a system command. Instead, I needed either escapeshellarg() (http://www.php.net/manual/en/function.escapeshellarg.php) or escapeshellcmd() (http://www.php.net/manual/en/function.escapeshellcmd.php)
This function escapes characters that have special meaning in regular expressions. preg_quote() <http://php.net/manual/en/function.preg-quote.php> has similar functionality, but is more powerful since it escapes more characters (including one user-specified character).