In Windows, exec() issues an internal call to "cmd /c your_command". This implies that your command must follow the rules imposed by cmd.exe which includes an extra set of quotes around the full command:
- http://ss64.com/nt/cmd.html
Current PHP versions take this into account and add the quotes automatically, but old versions didn't.
Apparently, the change was made in PHP/5.3.0 yet not backported to 5.2.x because it's a backwards incompatible change. To sum up:
- In PHP/5.2 and older you have to surround the full command plus arguments in double quotes
- In PHP/5.3 and greater you don't have to (if you do, your script will break)
If you are interested in the internals, this is the source code:
sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command);
It can be found at http://svn.php.net/viewvc/ (please find php/php-src/trunk/TSRM/tsrm_win32.c, the comment system doesn't allow the direct link).