You are here

public function ImagemagickExecManager::escapeShellArg in ImageMagick 8.3

Same name and namespace in other branches
  1. 8.2 src/ImagemagickExecManager.php \Drupal\imagemagick\ImagemagickExecManager::escapeShellArg()

Escapes a string.

PHP escapeshellarg() drops non-ascii characters, this is a replacement.

Stop-gap replacement until core issue #1561214 has been solved. Solution proposed in #1502924-8.

PHP escapeshellarg() on Windows also drops % (percentage sign) characters. We prevent this by replacing it with a pattern that should be highly unlikely to appear in the string itself and does not contain any "dangerous" character at all (very wide definition of dangerous). After escaping we replace that pattern back with a % character.

Parameters

string $arg: The string to escape.

Return value

string An escaped string for use in the ::execute method.

1 call to ImagemagickExecManager::escapeShellArg()
ImagemagickExecManager::execute in src/ImagemagickExecManager.php
Executes the convert executable as shell command.

File

src/ImagemagickExecManager.php, line 463

Class

ImagemagickExecManager
Manage execution of ImageMagick/GraphicsMagick commands.

Namespace

Drupal\imagemagick

Code

public function escapeShellArg(string $arg) : string {

  // Put the configured locale in a static to avoid multiple config get calls
  // in the same request.
  static $config_locale;
  $current_locale = setlocale(LC_CTYPE, 0);
  if (!isset($config_locale)) {
    $config_locales = explode(' ', $this->configFactory
      ->get('imagemagick.settings')
      ->get('locale'));
    $temp_locale = !empty($config_locales) ? setlocale(LC_CTYPE, $config_locales) : FALSE;
    $config_locale = $temp_locale ?: $current_locale;
  }
  if ($this->isWindows) {

    // Temporarily replace % characters.
    $arg = str_replace('%', static::PERCENTAGE_REPLACE, $arg);
  }
  if ($current_locale !== $config_locale) {

    // Temporarily swap the current locale with the configured one.
    setlocale(LC_CTYPE, $config_locale);
  }
  $arg_escaped = escapeshellarg($arg);
  if ($current_locale !== $config_locale) {

    // Restore the current locale.
    setlocale(LC_CTYPE, $current_locale);
  }

  // Get our % characters back.
  if ($this->isWindows) {
    $arg_escaped = str_replace(static::PERCENTAGE_REPLACE, '%', $arg_escaped);
  }
  return $arg_escaped;
}