- [DOC] improve fix for #43261 for % and "

ext/standard/exec.c

@@ -272,9 +272,9 @@ PHPAPI char *php_escape_shell_cmd(char *str)
 		}
 
 		switch (str[x]) {
+#ifndef PHP_WIN32
 			case '"':
 			case '\'':
-#ifndef PHP_WIN32
 				if (!p && (p = memchr(str + x + 1, str[x], l - x - 1))) {
 					/* noop */
 				} else if (p && *p == str[x]) {
@@ -285,7 +285,9 @@ PHPAPI char *php_escape_shell_cmd(char *str)
 				cmd[y++] = str[x];
 				break;
 #else
-			/* This is Windows specific for enviromental variables */
+			/* % is Windows specific for enviromental variables, ^%PATH% will 
+				output PATH whil ^%PATH^% not. escapeshellcmd will escape all %.
+			*/
 			case '%':
 				cmd[y++] = ' ';
 				break;

ext/standard/tests/general_functions/escapeshellcmd-win32.phpt

@@ -16,7 +16,8 @@ $data = array(
 	'()[]{}$',
 	'%^',
 	'#&;`|*?',
-	'~<>\\'
+	'~<>\\',
+	'%NOENV%'
 );
 
 $count = 1;
@@ -38,9 +39,11 @@ string(6) "^?^<^>"
 -- Test 4 --
 string(14) "^(^)^[^]^{^}^$"
 -- Test 5 --
-string(2) "^^"
+string(4) "^%^^"
 -- Test 6 --
 string(14) "^#^&^;^`^|^*^?"
 -- Test 7 --
 string(8) "^~^<^>^\"
+-- Test 8 --
+string(9) "^%NOENV^%"
 Done