For security reasons, it's recommended to specify the password in a configuration file and not in the command (a user can execute a ps aux | grep mysqldump
and see the password).
//create a temporary file
$file = tempnam(sys_get_temp_dir(), 'mysqldump');
//store the configuration options
file_put_contents($file, "[mysqldump]
user={$user}
password=\"{$password}\"");
//execute the command and output the result
passthru("mysqldump --defaults-file=$file {$dbname}");
//delete the temporary file
unlink($file);