|
PHP - Shell_exec() Doesn't Work After Unserialize()
Debian 5
PHP 5.2.6-1 This script works: <? $output = shell_exec('ls -lart'); echo "<pre>$output</pre>"; ?> This script doesn't work: <? $vars=unserialize(file_get_contents("file.txt")); $output = shell_exec('ls -lart'); echo "<pre>$output</pre>"; ?> I get error: Quote Warning: shell_exec(): Unable to execute 'ls -lart' or Warning: system(): Unable to fork [ls -lart] If file.txt has size 500k, the script works without errors. But my file file.txt has size 30M. Help. Similar TutorialsHello, I have a call tu function unserialize() in a script that receives a string and has to return an array. In my localhost it works properly but in the server it returns a 1 dimension array with empty value. I'm testing with the string a:1:{s:1:"0";s:8:"value_eq";} The php.ini configuration for magic_quotes is (in both, server and localhost): magic_quotes_gpc Off magic_quotes_runtime Off Other configurations is difficult to compare, as php info is long and very different in local and server. Any ideas where the problem might be? Thank you
if(isset($_POST['clearflags'])){
$output = shell_exec('php clearflags.php');
}
The above works fine on my local development server running Debian 10, PHP 7.4 and Apache 2.4.25. clearflags.php is a script that clears various fields in a MySQL database so it's easy to determine if it properly ran or not. On my hosted server however (Bluehost), clearflags.php is never executed. My hosting service swears that SAFE MODE is not on in PHP (which is also Version 7.4). If I call from the command line (php clearflags.php), it runs fine. $output on the hosted server is "Content-type: text/html; charset=UTF-8 " but nothing on my local server where the script is called and runs OK. No entry appears in the error log about this I've also tried using exec() with the same failed result Running phpinfo() on the hosted server shows that disabled_functions are "no value" Thoughts? Edited October 11, 2020 by KenHorse
if ($count==1){
header("Location:store.php");
}
very simple I have issolated it and it doesn't redirect maybe u can see where my mistake is
$Row[2] doesn't work but if I use $Row["linkcat"] than it works fine. Is there somewhere to activate in the php.ini file ? Code: [Select] // I got 9 fields to in the table tbl_link ! $Row[2] should give me a number. $Verbinding = mysql_connect($db_host, $db_user, $db_passw); mysql_select_db($db_name); $sql = "Select * from tbl_link where userid=1"; $ResultShow = mysql_query($sql); while ($Row = mysql_fetch_assoc($ResultShow)){ echo $Row[2]; } I've joined querys because I'm making my own forums. However, when it gets to the echoin out part, it shows the category and only ONE of the sub categorys. Code: [Select] <div id="forumContainer"> <?php $lastboard = ''; $forumQ = mysql_query("SELECT f1.cat_name as catName, f1.cat_id as catID, f2.cat_id as subCatID, f2.sub_id as subID, f2.sub_name as subName, f2.sub_desc as subDesc FROM `forum_cats` as f1 LEFT JOIN `forum_sub` as f2 ON f1.cat_id = f2.cat_id GROUP BY f2.cat_id "); while($forumF = mysql_fetch_assoc($forumQ)) { if($forumF['catName'] != $lastboard) { echo '<div class="forumCat">'.$forumF['catName'].'</div>'; $lastboard = $forumF['catName']; } echo '<div class="forumSub">'.$forumF['subName'].'</div>'; } ?> </div> Hi everybody! I'm creating a site and none of my php-code works. I tried to do a simple php-code to test it but it doesn't work either. The simple php-code: <?php echo "hello"; ?> Hey, $todo_upgrades_sql = "SELECT * FROM todo_upgrades WHERE time_completion >= $time"; $todo_upgrades_res = mysql_query($todo_upgrades_sql) or die (mysql_error()); results: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 I'm trying to implement an email activation method for my registration script. For that I need the last inserted id straight off the query. This is how the part of my script looks like: // write into database $query = sprintf("INSERT INTO user (user_id, firstname, lastname, nickname, password, email, dob, doj, random, activated) VALUES (' ', '%s', '%s', '%s', '%s', '%s', '%s', now(), '$random', '0')", mysqli_real_escape_string($dbc, $firstname), mysqli_real_escape_string($dbc, $lastname), mysqli_real_escape_string($dbc, $nickname), mysqli_real_escape_string($dbc, $password), mysqli_real_escape_string($dbc, $user_email), $dob); echo $lastid = mysqli_insert_id($dbc) or die (mysqli_error($dbc)); The query itself WORKS, the data gets inserted correctly, the scripts dies right at the die of mysqli_insert_id. When I take away the "or die", then I always get printed out a 0 when trying to register, THOUGH the data entered into the registration page gets inserted correctly into the database as said. I've read on w3schools.com, that the connection ($dbc) is OPTIONAL in mysqli_insert_id($dbc), because it automatically takes the last active connection, but when I leave it empty I get an error saying that it needs at least one parameter. I must be doing something wrong, if you need more of the script let me know. Since the scripts dies at the die, I didn't post anything below, and everything above is just if statements to check the entered data. I've written a script where it counts the page impressions on my website. When a visitor lands on the page, it counts their impression and then sets a $_SESSION so that if they reload or return to the page it doesn't count it again. But the problem is it sometimes does. Does this mean that the $_SESSION isn't being set probably? That's what it seems to be. And if so, what would be the reason for that? Here's my basic code: Code: [Select] if(isset($_SESSION['userid'])){ $userid = $_SESSION['userid']; } else{ $userid = rand(1000, 10000000); $_SESSION['userid'] = $userid; } $date = date('Y-m-d'); $counters = mysql_query("SELECT * FROM counters WHERE userid='$userid' AND impressions='1' AND date='$date'") or die(mysql_error()); if(!mysql_num_rows($counters)){ mysql_query("INSERT INTO counters (userid, impressions, date) VALUES('$userid', '1', current_date)") or die(mysql_error()); } Hello all, I'm trying to clean up some user input for my database but the mysql_real_escape_string function doesn't seem to work, and neither does addslashes(). I've browsed the net and made sure I'm connected to the database before the function is called. I can't figure out what I'm doing wrong. Here's the relevant part of the code: Code: [Select] <?php mysql_connect("localhost","adminname","adminpassword") or die (mysql_error()); mysql_select_db("databasename") or die (mysql_error()); $comment=mysql_real_escape_string($_POST['commentbox']); ?> ...and then the result is put into the database along with some other data. The database entry is correct, except, when I check the database or echo the result I get the same thing that was entered into 'commentbox'. For instance, if I enter "I am very 'confused' by this" into the box, the same string will be found in the database table. No slashes, just quotes. Anyone have an idea what's wrong with this? Because it all seems simple and correct but doesn't work. Hi, I am trying to get the previous id for the table xdocument, but browser outputs this warning: Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given for this code: Code: [Select] <?php //HELPER FCN used by FCN: writeXMLtoDBviaDOM function mysql_next_id($table) { $result = mysql_query('SHOW TABLE STATUS LIKE "'.$table.'"'); $rows = mysql_fetch_assoc($result); return $rows['Auto_increment']; } //TEST RUN: $_filePath="C:\dir\email.xml"; $node=basename($_filePath); $dom=new DOMDocument(); $dom->load($node); $labelPath=array(); mysql_connect("localhost","root"); mysql_select_db("dummydpev"); $isXdocExist=mysql_query("SELECT (file_Path,file_Name) FROM xdocument WHERE file_Path='$_filePath' AND file_Name='$node'"); $docId=0; if(mysql_num_rows($isXdocExist)==0) { mysql_query("INSERT INTO xdocument (file_Path,file_Name) VALUES ('$_filePath','$node')"); $docId=mysql_next_id("xdocument")-1; } else $docId=mysql_next_id("xdocument")-1; writeXMLtoDBViaDOM($dom->documentElement,$labelPath,$docId,$_filePath); ?> So I think my problem is with the multiple WHERE clause conditions, can I do it like what I have above? Any help much appreciated! Hi, when I output this, it's same order, I want it to be: email/message/to/toLastName please see code: $testArray=array("toLastName","to","message","email"); $reversedTestArray=rsort($testArray);//rsort returns TRUE on success //$strTestArrayReversed=implode(",",$testArray); print_r($testArray); Any idea what I am doingwrong, it looks fairly straightforward. Any help much appreciated! I just started with php and made an image. But when I try to open it in my browser, it shows a broken image icon. I have put the font in the same folder as the .php file, but it doesn't work. Can somebody help me solve this problem? Here is the code: Code: [Select] <?php $font_path = "nakedchick.TTF"; $font_size = 30; $img_number = imagecreate(300,50); $backcolor = imagecolorallocate($img_number,0,162,255); $textcolor = imagecolorallocate($img_number,255,255,255); imagefill($img_number,0,0,$backcolor); $number = " So your ip is $_SERVER[REMOTE_ADDR]? "; ImageTTFText($img_number, $font_size,10,5,5,$number,$font_path,$textcolor); header("Content-type: image/png"); imagepng($img_number); ?> And also the files: (.php in attachment) http://falcogerritsjans.nl/u/signature2.php http://falcogerritsjans.nl/u/nakedchick.ttf Hey, I have made a audio button in dreamweaver and copied the code into my php panel: <script language="JavaScript" src="http://www.MYWEBSITE.com/myname/audio/audio-player.js"></script> <object type="application/x-shockwave-flash" data="http://www.MYWEBSITE.com/media_folder/audio/player.swf" id="audioplayer1" height="24" width="290"> <param name="movie" value="http://www.MYWEBSITE.com/media_folder/audio/player.swf"> <param name="FlashVars" value="playerID=audioplayer1&soundFile=http://www.MYWEBSITE.com/media_folder/audio/Reconstructed Ancient Egyptian Melody.mp3"> <param name="quality" value="high"> <param name="menu" value="false"> <param name="wmode" value="transparent"> </object> However once I press save, all that is saved is: <script language="JavaScript" src="http://www.MYWEBSITE.com/myname/audio/audio-player.js"></script> <object type="application/x-shockwave-flash" data="http://www.MYWEBSITE.com/media_folder/audio/player.swf" id="audioplayer1" height="24" width="290"> <param name="movie" value="http://www.MYWEBSITE.com/media_folder/audio/player.swf"> The audio button works however because the code which includes the mp3 file never saves, it can never find the audio file. Can anyone tell me why the audio file part of the code doesn't save? Thanks. I have something like below Code: [Select] $j = explode("-", $ROW['options']); if(array_search("src_str", $j) == false) echo '_no'; // This doesn't work Also i tried Code: [Select] $j = explode("-", $ROW['options']); if(!in_array("src_str", $j)) echo '_no'; // This also doesn't work Is this bug or am i doing something wrong? Hi guys, me again. I have been using mail to send emails ( With your great help ) successfully in about three websites. For some reason, my email doesn't want to work with the site I am busy with now. This is my code : Code: [Select] <html> <head> <title>Practice</title> </head> <body> <table border="1"> <tr> <td> <?php $emailto="hannes@ncc-cla.com"; $emailsubject="confirmation"; $emailfrom="footloose.sa@gmail.com; if(!empty($_POST['uname'])){ $yourname=$_POST['uname']; $yoursurname=$_POST['usurname']; echo "hello </td> <td>" ." " . "$yourname" . " " . "$yoursurname </td> </tr>"; $emailbody="hello </td> <td>" ." " . "$yourname" . " " . "$yoursurname </td> </tr>"; } else{ echo"<tr> <td> enter your name </td> </tr>"; $emailbody .="<tr> <td> enter your name </td> </tr>"; } if(isset($_POST['gender'])){ /*isset is what it is set to can be used */ $gender=$_POST['gender']; echo "<tr> <td> You are a </td> <td> " . " " . "$gender </td> </tr>"; $emailbody .="<tr> <td> You are a </td> <td> " . " " . "$gender </td> </tr>"; } else{ echo "<tr> <td> Select Gender </td> </tr>"; $emailbody .="<tr> <td> Select Gender </td> </tr>"; } if(isset($_POST['plang'])){ $plang=$_POST['plang']; echo "<tr> <td> You are interested in </td> <td> " . " " . "$plang </td> </tr>"; $emailbody .="<tr> <td> You are interested in </td> <td> " . " " . "$plang </td> </tr>"; } else{ echo "<tr> <td> Select Programming language </td> </tr>"; $emailbody .="<tr> <td> Select Programming language </td> </tr>"; } print "<tr> <td> Your qualification is </td> <td>"; $emailbody .= "<tr> <td> Your qualification is </td> <td>"; foreach ($_POST['qlevel'] as $level){ print "$level<BR>"; $emailbody .="$level<BR>"; } $headers='From:'. $emailfrom; mail($emailto,$emailsubject,$emailbody,$headers); ?> </td> </tr> </table> </body> </html> All the tables are correct and it's making the connect to the database fine it's just not working, did I write it wrong? Code: [Select] function newPm($to, $from, $title, $text){ $q = $db->query("SELECT * FROM ibf_message_topics ORDER BY mt_id DESC"); $lastMsg = $db->fetch_assoc($q); $mid = $lastMsg['mt_id'] + 1; $msgId = $lastMsg['mt_msg_id'] + 1; $db->query("INSERT INTO ibf_message_topics SET mt_id=$mid, mt_msg_id=$msgId, mt_date=". time(). ", mt_title='$title', mt_from_id=$from, mt_to_id=". $to. ", mt_vid_folder='in', mt_read=0, mt_owner_id=$to, mt_user_read=0") or die(mysql_error()); $db->query("INSERT INTO ibf_message_text SET msg_id=$msgId, msg_date=". time() .", msg_post='$text', msg_sent_to_count=1, msg_author_id=$from") or die(mysql_error()); $userq = $db->query("SELECT new_msg FROM ibf_members WHERE id = $to"); $userData = $db->fetch_assoc($userq); $msgCount = $userData['new_msg'] + 1; $db->query("UPDATE ibf_members SET new_msg=$msgCount, show_popup=1 WHERE id = $to") or die(mysql_error()); } Here's how that function is being called in the beginning of the page: Code: [Select] if($action =="banUser"){ $expire = time() + (3600000 * 24 * $_GET['duration']); $q = $db->query("SELECT * FROM ibf_message_topics ORDER BY mt_id DESC"); $lastMsg = $db->fetch_assoc($q); $mid = $lastMsg['mt_id'] + 1; $msgId = $lastMsg['mt_msg_id'] + 1; $title = "Notification"; $duration = $_GET['duration'] ." days"; if($_GET['duration'] == "1"){ $duration = "1 day"; } if($_GET['duration'] == "Forever"){ $duration = "forever"; } $temp = 0; if($expire > time()){ $temp = 1; } $body = "This automated message has been sent to notify you that your account has been banned $duration. To appeal this ban, click on Irc from the menu on the homepage and ask to speak to a moderator. If this ban is temporary, your account will be reinstated automatically at the appropriate time"; newPm($id, 3017, $title, $body); $msgCount = $_GET['msg'] + 1; $db->query("UPDATE ibf_members SET ban_level = $level, tempbanned = $temp, banned = 1, ban_expire='$expire', ban_reason='". $_GET['reason']."', ban_by='". $name."' WHERE id=$id") or die(mysql_error()); ?> <center><b>User banned!</b> (<a href="index.php?code=plyrmgmt">Back to Player Management</a>)</center> Hello, I've been working on some stuff, and get the information parsed like this: Code: [Select] Value1,Value2,Value3 0.68,4377.54,11069.02So I'm trying to explode it and insert the latest numbers into the database. I'm using: $value = explode(",", $variable); $secondsplit = explode(" ", $value[2]); mysql_query("INSERT INTO table(row) VALUES('".mysql_real_escape_string($secondsplit[1])."')"); The problem is that it has something like an enter in the database, or a space. But I can't figure out how to get rid of that problem. Does anyone know what's wrong? Regards, NLCJ Im using func_get_args, but it gives an error?: Too few arguments?, when its correct (as the number of %s = the number of values within $args) <?php function sprintify() { global $urls; $args = func_get_args(); $input = $args[0]; unset($args[0]); return sprintf($urls[$input], implode(', ', $args)); } echo sprintify('default', 46, 464, 46); /* For your information: $urls['default'] = '%s/%s/%s'; */ ?> |
|||||||