escapeshellarg() adds single
quotes around a string and quotes/escapes any existing single
quotes allowing you to pass a string directly to a shell
function and having it be treated as a single safe argument.
This function should be used to escape individual arguments
to shell functions coming from user input. The shell
functions include exec(), system() and the backtick operator. A
standard use would be:
See also exec(), popen(), system(),
and the backtick
operator.