Disable globbing in PHP exec()

I have a PHP script which calls another script in order to add IP addresses to a whitelist. I sometimes want to whitelist all addresses, in which case I have it call

exec("otherscript *.*.*.*", output, retval);
开发者_运维问答

This worked fine, adding the string "*.*.*.*" to the whitelist until I happened to have another file in the directory of the php script that matched that pattern ("foo.1.tar.gz"), at which point the wildcards were expanded, and I ended up with the filename in my whitelist. Is there some way to disable globbing in php's exec? It isn't mentioned in the PHP docs as far as I can tell.

escapeshellarg will make sure your string is safe for using as a shell argument. Globbing is probably not mentioned in the manual because it's up to the shell, and also differs between different shells.

$address = escapeshellarg('*.*.*.*');
exec("otherscript $address", $output, $retval);

Quoting the parameter should help:

exec("otherscript '*.*.*.*'", output, retval);