escapeshellcmd and escapeshellarg are two commands that are used to escape the defect causing characters that are present in the system command or the arguments that get passed to it respectively. Before passing the commands to the system or exec, the strings get escaped using these commands.
Sample program to demonstrate the usage:
<?php
// shell command
$mycmd = "ls -al";
$returncmd = escapeshellcmd($mycmd);
system($returncmd);
// shell arguments
$myshellargs = "al";
system("ls -".escapeshellargs($myshellargs);
?>
