- $cmd = 'mysql -u' . wfEscapeShellArg( $wgDBuser ) .
- ' -h' . wfEscapeShellArg( $wgDBserver ) .
- ' -p' . wfEscapeShellArg( $wgDBpassword, $wgDBname );
+ $cmd = 'mysql -u' . Shell::escape( $wgDBuser ) .
+ ' -h' . Shell::escape( $wgDBserver ) .
+ ' -p' . Shell::escape( $wgDBpassword, $wgDBname );