How can the use of escapeshellcmd help prevent security vulnerabilities when using the exec function in PHP?

When using the exec function in PHP, it is important to sanitize user input to prevent security vulnerabilities such as command injection attacks. One way to do this is by using the escapeshellcmd function, which escapes any potentially dangerous characters in the input before passing it to the exec function. This helps to ensure that only safe and expected commands are executed.

$user_input = $_POST['input']; // User input that needs to be sanitized
$sanitized_input = escapeshellcmd($user_input); // Sanitize user input using escapeshellcmd
exec("command $sanitized_input"); // Execute the command with the sanitized input