public function escapeToken($token) { return preg_match('{^[\\w-]+$}', $token) ? $token : escapeshellarg($token); }