escape binary php path

[ElRochito]

This PR allows to fix php executable path when path like this : /Users/xxxx/Application Support/Herd/bin/php82

Without escaping, binary was not executable because it stop to /Users/xxx/Application

[jrfnl]

Oh - and I realize this might not be straight-forward, but did you try to add a test for this ?

[ElRochito]

For me escapeshellarg is the right function which is used . I've added a condition for window users

[jrfnl]

For me escapeshellarg is the right function which is used . I've added a condition for window users

I'm not sure you understood my question - why do you think escapeshellarg() is the correct function ? and why should something different be used for Windows vs other OSes ?

[ElRochito]

Oh sorry! escapeshellarg because I need to add quotes around path to prevent error of whitespace in it

[jrfnl]

Oh sorry! escapeshellarg because I need to add quotes around path to prevent error of whitespace in it

Clearly my questions didn't have the intended effect,..

escapeshellarg() is intended to escape arguments passed to a shell command, while escapeshellcmd() is intended to escape the command. As the PHP executable is the command which will be executed, you are using the wrong function for the escaping. Please fix this up to use the correct function.

[jrfnl]

Oh and another thing I'm wondering about is whether this is the right place to do the escaping. Shouldn't the escaping be done at the point when the input is actually used (not just stored and passed around).

[ElRochito]

Indeed, it should fixed before

Sorry