symfony
diff --git a/‎src/Symfony/Component/Process/ProcessUtils.php‎
Lines changed: 22 additions & 39 deletions b/‎src/Symfony/Component/Process/ProcessUtils.php‎
Lines changed: 22 additions & 39 deletions
@@ -17,8 +17,6 @@
  * ProcessUtils is a bunch of utility methods.
  *
  * This class contains static methods only and is not meant to be instantiated.
- *
- * @author Martin Hasoň <martin.hason@gmail.com>
  */
 class ProcessUtils
 {
@@ -32,46 +30,36 @@ private function __construct()
     /**
      * Escapes a string to be used as a shell argument.
      *
-     * @param string $argument The argument that will be escaped
+     * Provides a more robust method on Windows than escapeshellarg.
+     *
+     * Feel free to copy this function, but please keep the following notice:
+     * MIT Licensed (c) John Stevenson <john-stevenson@blueyonder.co.uk>
+     * See https://github.com/johnstevenson/winbox-args for more information.
+     *
+     * @param string $arg The argument to be escaped
      *
      * @return string The escaped argument
      */
-    public static function escapeArgument($argument)
+    public static function escapeArgument($arg)
     {
-        //Fix for PHP bug #43784 escapeshellarg removes % from given string
-        //Fix for PHP bug #49446 escapeshellarg doesn't work on Windows
-        //@see https://bugs.php.net/bug.php?id=43784
-        //@see https://bugs.php.net/bug.php?id=49446
-        if ('\\' === DIRECTORY_SEPARATOR) {
-            if ('' === $argument) {
-                return escapeshellarg($argument);
-            }
+        if ('\\' !== DIRECTORY_SEPARATOR) {
+            return escapeshellarg($arg);
+        }
 
-            $escapedArgument = '';
-            $quote = false;
-            foreach (preg_split('/(")/', $argument, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE) as $part) {
-                if ('"' === $part) {
-                    $escapedArgument .= '\\"';
-                } elseif (self::isSurroundedBy($part, '%')) {
-                    // Avoid environment variable expansion
-                    $escapedArgument .= '^%"'.substr($part, 1, -1).'"^%';
-                } else {
-                    // escape trailing backslash
-                    if ('\\' === substr($part, -1)) {
-                        $part .= '\\';
-                    }
-                    $quote = true;
-                    $escapedArgument .= $part;
-                }
-            }
-            if ($quote) {
-                $escapedArgument = '"'.$escapedArgument.'"';
-            }
+        $arg = (string) $arg;
+        $quote = '' === $arg || false !== strpbrk($arg, " \t");
+        $arg = preg_replace('/(\\\\*)"/', '$1$1\\"', $arg, -1, $dquotes);
+
+        if (!$quote && !$dquotes && !preg_match('/%[^%]++%/', $arg)) {
+            $quote = false !== strpbrk($arg, '^&|<>()');
+        }
 
-            return $escapedArgument;
+        if ($quote) {
+            $arg = preg_replace('/(\\\\*)$/', '$1$1', $arg);
+            $arg = '"'.$arg.'"';
         }
 
-        return escapeshellarg($argument);
+        return preg_replace('/(["^&|<>()%])/', '^$1', $arg);
     }
 
     /**
@@ -110,9 +98,4 @@ public static function validateInput($caller, $input)
 
         return $input;
     }
-
-    private static function isSurroundedBy($arg, $char)
-    {
-        return 2 < strlen($arg) && $char === $arg[0] && $char === $arg[strlen($arg) - 1];
-    }
 }