<?php
$str = "Hello world. (can you hear me?)";
echo quotemeta($str);
?>
The output of the code above will be:
Hello world\. \(can you hear me\?\)
(PHP 4, PHP 5, PHP 7, PHP 8)
quotemeta — Quote meta characters
Returns a version of str with a backslash character (\
)
before every character that is among these:
string
The input string.
Returns the string with meta characters quoted, or false
if an empty
string is given as string
.
Example #1 quotemeta() example
<?php
var_dump(quotemeta('PHP is a popular scripting language. Fast, flexible, and pragmatic.'));
?>
The above example will output:
string(69) "PHP is a popular scripting language\. Fast, flexible, and pragmatic\."
Note: This function is binary-safe.
<?php
$str = "Hello world. (can you hear me?)";
echo quotemeta($str);
?>
The output of the code above will be:
Hello world\. \(can you hear me\?\)
Took me a while to realize this was NOT the command I wanted for escaping potentially harmful characters in a string that would be used as part of a system command. Instead, I needed either escapeshellarg() (http://www.php.net/manual/en/function.escapeshellarg.php) or escapeshellcmd() (http://www.php.net/manual/en/function.escapeshellcmd.php)
This function escapes characters that have special meaning in regular expressions. preg_quote() <http://php.net/manual/en/function.preg-quote.php> has similar functionality, but is more powerful since it escapes more characters (including one user-specified character).