|
PHP - Executing Shell Script Using Exec()?
In my php web program I'm trying to execute a bash shell script on the web server passing to it some parameters gathered within the program. Ideally I wouldl ike to run this script as another user. However, I get only a return code of "1" and no other error messages that I can see.
I tried using system and passthru as well and I'm sure the script is executable by anyone. I've also tried the sticky bit on the target shell script. Can someone/anyone please provide some gotcha pointers about doing this? As can be expected, after playing with this for a week now I'm extremely frustrated and nearly exhausted my resources (except for this forum). Ideas/suggestions please? Thanks Similar TutorialsI am a bit desperate about this problem that I have been trying to solve for several days now. I'm trying to run a Python script from the exec() function in php. The script is called but the print job is never executed. This process has been running for several years and for no clear reason it suddenly stopped working. On my home computer, it works without any problem. In my virtual machine, nothing happens. The print() functions present in the script are well displayed by the return value received by php but the printing is not executed. The virtual machine is a test environment, in production it is also an physical machine. PHP
<?php
exec("py C:\xampp\htdocs\test\test.py", $out, $res);
echo "<pre>";
print_r($out);
echo "</pre>";
echo "<pre>";
print_r($res);
echo "</pre>";
?>
if __name__ == "__main__":
try:
filename = "C:/xampp/htdocs/test/test.pdf"
win32api.ShellExecute(0, "print", filename, None, ".", 0)
except Exception as e:
print(f "An error occured during print_pdf : {e}")
The two environments are approximately the same: I'd like to point out that running the script directly from the CLI works on both machines. On the problematic machine, exec() only returns the result of print(..) I already opened a thread a few months ago about this problem but received no response.
Thank you in advance. Hey guys! My current employer contracted someone to create a script for him. (The script itself is to create a serial number for a piece of software) It's just a PHP script that executes a file and retrieves its output. Now I've never worked with exec() in PHP, and I don't have a reliable environment to test it in. I compiled apache2 and php 5.0.4 and set them to run on a Macintosh (10.3.9) in the office, but I'm sure I've missed some crucial setup stage (mainly, I'm missing php.ini. I did a php -i | grep php.ini to find it, and it says it is in /etc/, but when I look in my PHP/etc folder, only pear.conf is there!). PHP and apache both appear to be working fine, though. When I try and run the PHP script that executes the .ELF file, I get a blank page. Is this because I'm running it in OS X? should I be running it in Linux? Also, I don't know how to Enable exec() on my server, or to see if it's enabled. Basically, I just need someone to walk me through the basics of this. The script and executable SHOULD work fine because the contractor got it working fine. Below is the script, and attached is the executable. Thanks! :3 <?php /* inUID = 456890 inSerialNumUID = 123456 inMachineID_s = &6dA-8P@K-Xsq */ $p1 = "456890"; $p2 = "123456"; $p3 = "\&6dA-8P@K-Xsq"; exec("./create_activation_code.elf $p1 $p2 $p3", $output); foreach ($output as $output_str) { echo $output_str."<br>"; } ?> I've written some code to move a bunch of mp3's from one folder on a network server, rename them...based on the day of the week and date of the month...and then put them on another folder on the original server. Here's the code Code: [Select] #!/usr/bin/php <?php $today = date('m.d.y'); $week = date('W'); $weekplus = $week + 1; $daynumber = date('w'); //$dayofweek = date('D'); if (date('D') == "Mon") { $dayofweek = "mon"; } elseif (date('D') == "Tue") { $dayofweek = "tue"; } elseif (date('D') == "Wed") { $dayofweek = "wed"; } elseif (date('D') == "Thu") { $dayofweek = "thu"; } elseif (date('D') == "Fri") { $dayofweek = "fri"; } //original filenames are in this format 10361MRS-H01T01.mp3 $file1 = "10" . "$weekplus" . "$daynumber" . "MRS-H01T01.mp3"; $file2 = "10" . "$weekplus" . "$daynumber" . "MRS-H01T02.mp3"; $file3 = "10" . "$weekplus" . "$daynumber" . "MRS-H01T03.mp3"; $file4 = "10" . "$weekplus" . "$daynumber" . "MRS-H01S01.mp3"; $file5 = "10" . "$weekplus" . "$daynumber" . "MRS-H01S02.mp3"; $file6 = "10" . "$weekplus" . "$daynumber" . "MRS-H01S03.mp3"; $file7 = "10" . "$weekplus" . "$daynumber" . "MRS-H02T01.mp3"; $file8 = "10" . "$weekplus" . "$daynumber" . "MRS-H02T02.mp3"; $file9 = "10" . "$weekplus" . "$daynumber" . "MRS-H02T03.mp3"; $file10 = "10" . "$weekplus" . "$daynumber" . "MRS-H02S01.mp3"; $file11 = "10" . "$weekplus" . "$daynumber" . "MRS-H02S02.mp3"; $file12 = "10" . "$weekplus" . "$daynumber" . "MRS-H02S03.mp3"; $file13 = "10" . "$weekplus" . "$daynumber" . "MRS-H03T01.mp3"; $file14 = "10" . "$weekplus" . "$daynumber" . "MRS-H03T02.mp3"; $file15 = "10" . "$weekplus" . "$daynumber" . "MRS-H03T03.mp3"; $file16 = "10" . "$weekplus" . "$daynumber" . "MRS-H03S01.mp3"; $file17 = "10" . "$weekplus" . "$daynumber" . "MRS-H03S02.mp3"; $file18 = "10" . "$weekplus" . "$daynumber" . "MRS-H03S03.mp3"; $file19 = "10" . "$weekplus" . "$daynumber" . "MRS-H04T01.mp3"; $file20 = "10" . "$weekplus" . "$daynumber" . "MRS-H04T02.mp3"; $file21 = "10" . "$weekplus" . "$daynumber" . "MRS-H04T03.mp3"; $file22 = "10" . "$weekplus" . "$daynumber" . "MRS-H04S01.mp3"; $file23 = "10" . "$weekplus" . "$daynumber" . "MRS-H04S02.mp3"; $file24 = "10" . "$weekplus" . "$daynumber" . "MRS-H04S03.mp3"; $deletepath = "/var/www/showdownloads/mrshow/"; exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file1' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file2' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file3' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file4' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file5' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file6' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file7' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file8' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file9' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file10' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file11' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file12' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file13' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file14' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file15' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file16' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file17' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file18' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file19' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file20' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file21' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file22' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file23' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file24' /var/www/showdownloads/mrshow/"); rename("$deletepath/$file1", "$deletepath/mr_$dayofweek-2-1.mp3"); rename("$deletepath/$file2", "$deletepath/mr_$dayofweek-2-3.mp3"); rename("$deletepath/$file3", "$deletepath/mr_$dayofweek-2-5.mp3"); rename("$deletepath/$file4", "$deletepath/mr_$dayofweek-2-2.mp3"); rename("$deletepath/$file5", "$deletepath/mr_$dayofweek-2-4.mp3"); rename("$deletepath/$file6", "$deletepath/mr_$dayofweek-2-6.mp3"); rename("$deletepath/$file7", "$deletepath/mr_$dayofweek-3-1.mp3"); rename("$deletepath/$file8", "$deletepath/mr_$dayofweek-3-3.mp3"); rename("$deletepath/$file9", "$deletepath/mr_$dayofweek-3-5.mp3"); rename("$deletepath/$file10", "$deletepath/mr_$dayofweek-3-2.mp3"); rename("$deletepath/$file11", "$deletepath/mr_$dayofweek-3-4.mp3"); rename("$deletepath/$file12", "$deletepath/mr_$dayofweek-3-6.mp3"); rename("$deletepath/$file13", "$deletepath/mr_$dayofweek-4-1.mp3"); rename("$deletepath/$file14", "$deletepath/mr_$dayofweek-4-3.mp3"); rename("$deletepath/$file15", "$deletepath/mr_$dayofweek-4-5.mp3"); rename("$deletepath/$file16", "$deletepath/mr_$dayofweek-4-2.mp3"); rename("$deletepath/$file17", "$deletepath/mr_$dayofweek-4-4.mp3"); rename("$deletepath/$file18", "$deletepath/mr_$dayofweek-4-6.mp3"); rename("$deletepath/$file19", "$deletepath/mr_$dayofweek-5-1.mp3"); rename("$deletepath/$file20", "$deletepath/mr_$dayofweek-5-3.mp3"); rename("$deletepath/$file21", "$deletepath/mr_$dayofweek-5-5.mp3"); rename("$deletepath/$file22", "$deletepath/mr_$dayofweek-5-2.mp3"); rename("$deletepath/$file23", "$deletepath/mr_$dayofweek-5-4.mp3"); rename("$deletepath/$file24", "$deletepath/mr_$dayofweek-5-6.mp3"); exec("scp '/$deletepath/mr_$dayofweek-2-1.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-1.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-2.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-2.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-3.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-3.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-4.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-4.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-5.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-5.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-6.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-6.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-1.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-1.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-2.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-2.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-3.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-3.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-4.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-4.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-5.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-5.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-6.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-6.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-1.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-1.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-2.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-2.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-3.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-3.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-4.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-4.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-5.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-5.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-6.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-6.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-1.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-1.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-2.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-2.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-3.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-3.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-4.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-4.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-5.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-5.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-6.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-6.mp3'"); ?> The problem is, this is the only way I can get this to work. I actually want to name the files in this format Quote mr_mon_2-1.mp3 Instead of the format now Quote mr_mon-2-1.mp3 The difference being that after the three letter version of the date, I have to have a dash...I want an underscore there. If I try to rename the file to use an underscore...it doesn't use the day of the week...so it turns out to be mr_2-1.mp3 Any ideas what I'm doing wrong? Thanks. Hi all I have this problem on a server using php5, unix based, safe_mode is On globally, i have turned it off locally through php.ini. Ok, this is testing example script i used: $cmd = ( "php -v" ); $out = shell_exec( $cmd ); print $out; On my own server this returns php version. On this mentioned server i'm using (commercial) this causes complete server breakdown, when logged in with SSH, i can't even issue "ls" command after that, nor find and kill the process. What could be so wrong with it? I don't think calling php-cli would make any difference. Hi guys, I am new here, and I am a bit stuck with doing something unusual. I want to create a script that can turn on a program (dynamips and dynagen). So far, I have tried 'exec' and 'shell_exec'. Soon I realized that apache runs the commands as 'www-data' user (apache2 in ubuntu) and it's very limited on what you can execute. Is there any way to do that at all? What would be the best practice? I am not concerned about security as this is not a production environment... Thanks hello dear php-experts and freaks how to view photos and to rapidly change the major categories i have several hundred images (photographs) taht i want to view on opensuse linux version 13.1 i want to view the images - and of while doing so i want to turn the colored images into b/w Question; which is the best - ie. the quickest way to do so. note; i have installed the following thigns on my opensuse 13.1: - gimp the great grahical tool - digicam - the great tool to view images and pictures - Gwenview Version 4.11.4 on KDE 4.11.5 so again here the question: which tool allowes to view the color(ed) image and to turn it - on the fly - in to black and white? BTW: can i tell linux to swith the colors - in general - to black and white? is this doable... looks like we could write a small shell script, utilizing imagemagick. maybe like this: Code: for i in *jpg ; do mogrify -colorspace Gray "$i" ; done this is just a quick hack. i have tried. See more bleow: Also, it's not interactive and simply changes all jpg's to grayscale, even if they already are grayscale. please note that we need to have some more things about imagemagick. well see the results: martin@linux-70ce:~/Bilder> martin@linux-70ce:~/Bilder> for i in *jpg ; do mogrify -colorspace Gray "$i" ; done mogrify: unable to open image `*jpg': Datei oder Verzeichnis nicht gefunden @ error/blob.c/OpenBlob/2643. mogrify: no decode delegate for this image format `*jpg' @ error/constitute.c/ReadImage/552. martin@linux-70ce:~/Bilder> Hey there, I recently started working on a PHP calculator, I tryed testing it out and the script is not executing... *NOTE* I found the error, I forgot to assign values to the options, all is good now Code: [Select] <?php /* Script Created by: Far Cry Started: August 20th, 2010 10:51 PM PST Completed */ $title = "Calculator"; $form = "<form action='calculator.php' method='POST'> <table> <tr> <td><input name='firstnumber' type='text'></td> </tr> <tr> <td><input name='secondnumber' type='text'></td> </tr> <tr> <td><select name='operation'> <option name='multiply'>*</option> </select></td> </tr> <tr> <td><input name='submitbtn' type='submit' value='Calculate!'></td> </tr> </table> </form>"; if ($_POST['submitbtn']){ $first = ($_POST['firstnumber']); $last = ($_POST['secondnumber']); $operation = ($_POST['operation']); } if ($operation == 'multiply'){ echo"The answer is " . $first * $last . $form; } echo $form; ?> Thanks in advance. Hello, PowerShell script stored locally can never be executed after I click on button:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Testing PowerShell</title>
</head>
<body>
<?php
// If there was no submit variable passed to the script (i.e. user has visited the page without clicking submit), display the form:
if(!isset($_POST["submit"]))
{
?>
<form name="testForm" id="testForm" action="get-process.php" method="post" />
Your name: <input type="text" name="username" id="username" maxlength="20" /><br />
<input type="submit" name="submit" id="submit" value="Do stuff NowNew" />
</form>
<?php
}
// Else if submit was pressed, check if all of the required variables have a value:
elseif((isset($_POST["submit"])) && (!empty($_POST["username"])))
{
// Display the alert box
echo '<script>alert("Welcome to Geeks for Geeks")</script>';
// Get the variables submitted by POST in order to pass them to the PowerShell script:
$username = $_POST["username"];
// Best practice tip: We run out POST data through a custom regex function to clean any unwanted characters, e.g.:
// $username = cleanData($_POST["username"]);
$psPath = "C:\\Windows\\SysWOW64\WindowsPowerShell\\v1.0\\powershell.exe";
$psDIR = "C:\\TestNew\\";
$psScript = "pscripta.ps1";
$runScript = $psDIR. $psScript;
$runCMD = $psPath." ".$runScript." 2>&1";
echo "\$psPath $psPath <br>";
echo "\$psDIR $psDIR <br>";
echo "\$psScript $psScript <br>";
echo "\$runScript $runScript <br>";
echo "\$runCMD $runCMD <br>";
exec( $runCMD,$out,$ret);
echo "<pre>";
print_r($out);
print_r($ret);
echo "</pre>";
}
// Else the user hit submit without all required fields being filled out:
else
{
echo "Sorry, you did not complete all required fields. Please go back and try again.";
}
?>
</body>
</html>
Thank you for your help! Is there a way or function that stops the execution of a required script but continues to execute the parent script, for example: if this is a.php <?php echo "<br>Good morning"; // function to stop execution of only this script to appear here echo "<br>Good Afternoon"; ?> and then this is b.php <?php require("a.php'); echo "<br>Good Evening"; ?> So if the file b.php is called it is supposed to display: Good morning Good evening So it has to skip "Good afternoon" because of the anonymous function which I need Please tell me how to call, getimagesize() in exec command. http://www.example.com/images!/logos/ps_logo2.png I am using the linux enviroment. If the uRL has "!" symbol, it prints event not found. Please tell me how to avoid this. Hello, I am developing an account manager for our local network and I want people to be able to login to my website and change their UNIX & Mailbox password. These people have SSH access so that is why the UNIX passwd should also be changed. So what I want to do is get the values $username, $currentpwd , $newpwd and $newpwdcnfrm from the HTML form and execute the following shell commands : Quote su -l $username passwd Enter current UNIX Passwd : $currentpwd Enter new UNIX Passwd : $newpwd Confirm UNIX Passwd : $newpwdcnfrm The problem here is, passwd takes old and new passwords as input, not as command parameters. So I cant just do shell_exec("passwd $currentpwd $newpwd $newpwdcnfrm") ; Do you guys know how to give input to the command? thanks. Btw : Please do not argue about the security issues. I am aware of everything and I am perfectly sure that the script will run securely. It was suggested that I add a ‘report’ parameter to the code, after revising with the ‘scale2ref’ code which appears to prevent the video from uploading/proceeding: $ffmpegCommand =''.$ffmpeg_b.' -y -i '.$video_file_full_path.' -i '.$watermark_image_full_path.' -filter_complex "[0]scale=426:-2[vid];[1][vid]scale2ref='oh*mdar':'ih/10'[wm][vid];[vid][wm]overlay=5:5:format=rgb,format=yuv420p" -vcodec libx264 -preset '.$pt->config->convert_speed.' -crf 26 -report'.$video_output_full_path_240.' 2>&1'; $shell = shell_exec($ffmpegCommand); I couldn’t see where the -report parameter was supposed to output (error.log has a filesize of 0). So I was asked to “run command from the shell and check”? But, I’m not sure what command and where/how to do that. I tried adding this to the php code, and attempted to upload again, same result
echo shell_exec("/usr/local/bin/ffmpeg -report log.txt 2>&1");
any additional help is appreciated
Hello dear friends, i've very simple php script for my website and it has feature that visitor can register and upload image for own profile. somone has uploaded PHP Shell as image and succeed to control on my website using that shell. so the problem is in uploading image can pass any file so can someone please help me how how to prevent it and here are the codes of image upload form and function. * Image upload form code Code: [Select] <form action="profile.php" method="post" enctype="multipart/form-data" name="form" id="form"> My Picture : <input name="userpic" type="file" id="userpic"/> <input type="submit" name="Submit" value="Update"/> * Profile.php code (it rename the image by add time to its name then put the image in path /users/ then insert the new name of the image into the database table) $ImageName = $_FILES[userpic][name]; // Get the image $t = time(); // Get Time $NewImageName = "$t$ImageName"; // New name copy($_FILES[userpic][tmp_name], "users/$NewImageName"); $sql= "update users SET userpic='$NewImageName'"; How then i can stop they upload shell thanks Hello, If we have large amount of data we always use SCP to copy data from remote server. scp -P 100 user@192.168.2.3: /home/user/folder /home/user1/folder/. But if DSL (Internet) of local computer disconnects I observed failure of transfer many times and this whole process becomes irritating. Is there any alternative way to use scp or rsync with php so that we can execute it with script ? Something like this ? <?php // Having shell access but its not working 4 me... $conn = ssh2_connect('ftp.server.com', 100); ssh2_auth_password($conn 'user', 'pass'); ssh2_scp_send($conn, '/local/filename', '/remote/filename', 0644); ?> Another question is there any way we can run such code with the help of shell_exec() or is this implementation is secure? Thanks in Advance! Hi, I recently updraded PHP to 5.3.3 and Apache to 2.2.17 on a Linux Centos 5.4 Box using yum. Since then the Web pages running under Apache cannot connect to the database using mysql. If I run a manual PHP script, I am able to. When I run phpinfo() on PHP under Apache I get this (note: --without-mysql): './configure' '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--cache-file=../config.cache' '--with-libdir=lib64' '--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d' '--disable-debug' '--with-pic' '--disable-rpath' '--without-pear' '--with-bz2' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-xpm-dir=/usr' '--enable-gd-native-ttf' '--without-gdbm' '--with-gettext' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-pcre-regex=/usr' '--with-zlib' '--with-layout=GNU' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-sysvsem' '--enable-sysvshm' '--enable-sysvmsg' '--with-kerberos' '--enable-ucd-snmp-hack' '--enable-shmop' '--enable-calendar' '--without-mime-magic' '--without-sqlite' '--with-libxml-dir=/usr' '--enable-xml' '--with-system-tzdata' '--with-apxs2=/usr/sbin/apxs' '--without-mysql' '--without-gd' '--disable-dom' '--disable-dba' '--without-unixODBC' '--disable-pdo' '--disable-xmlreader' '--disable-xmlwriter' '--without-sqlite3' '--disable-phar' '--disable-fileinfo' '--disable-json' '--without-pspell' '--disable-wddx' '--without-curl' '--disable-posix' '--disable-sysvmsg' '--disable-sysvshm' '--disable-sysvsem' When I run phpinfo() on PHP that I run manually from the shell: ('--with-mysql=shared,/usr' '--with-mysqli=shared,/usr/bin/mysql_config') './configure' '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--cache-file=../config.cache' '--with-libdir=lib64' '--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d' '--disable-debug' '--with-pic' '--disable-rpath' '--without-pear' '--with-bz2' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-xpm-dir=/usr' '--enable-gd-native-ttf' '--without-gdbm' '--with-gettext' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-pcre-regex=/usr' '--with-zlib' '--with-layout=GNU' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-sysvsem' '--enable-sysvshm' '--enable-sysvmsg' '--with-kerberos' '--enable-ucd-snmp-hack' '--enable-shmop' '--enable-calendar' '--without-mime-magic' '--without-sqlite' '--without-sqlite3' '--with-libxml-dir=/usr' '--enable-xml' '--with-system-tzdata' '--enable-force-cgi-redirect' '--enable-pcntl' '--with-imap=shared' '--with-imap-ssl' '--enable-mbstring=shared' '--enable-mbregex' '--with-gd=shared' '--enable-bcmath=shared' '--enable-dba=shared' '--with-db4=/usr' '--with-xmlrpc=shared' '--with-ldap=shared' '--with-ldap-sasl' '--with-mysql=shared,/usr' '--with-mysqli=shared,/usr/bin/mysql_config' '--enable-dom=shared' '--with-pgsql=shared' '--enable-wddx=shared' '--with-snmp=shared,/usr' '--enable-soap=shared' '--with-xsl=shared,/usr' '--enable-xmlreader=shared' '--enable-xmlwriter=shared' '--with-curl=shared,/usr' '--enable-fastcgi' '--enable-pdo=shared' '--with-pdo-odbc=shared,unixODBC,/usr' '--with-pdo-mysql=shared,/usr' '--with-pdo-pgsql=shared,/usr' '--with-pdo-sqlite=shared,/usr' '--with-pdo-dblib=shared,/usr' '--enable-json=shared' '--enable-zip=shared' '--with-readline' '--with-pspell=shared' '--enable-phar=shared' '--with-mcrypt=shared,/usr' '--with-tidy=shared,/usr' '--with-mssql=shared,/usr' '--enable-sysvmsg=shared' '--enable-sysvshm=shared' '--enable-sysvsem=shared' '--enable-posix=shared' '--with-unixODBC=shared,/usr' '--enable-fileinfo=shared' '--enable-intl=shared' '--with-icu-dir=/usr' '--with-recode=shared,/usr' Both phpinfo() show PHP 5.3.3 how can I configure PHP under Apache? Do I need to rebuild / reintall Apache manually? Thanks very much! Frank I'm experimenting with the shell_exec function to gain shell capability on a Linux host that doesn't provide it otherwise. I've found that I can see what is in different directories by entering a command line like: Code: [Select] cd ..; ls but if I enter two consecutive command lines: Code: [Select] cd .. ls The cd command has no effect. Apparently shell_exec is using a new shell every time I call it. Is there a way to start a shell in a PHP script and keep it active while I pass it multiple commands, so that this won't happen? I want to get a simple true/false to check if my ffmpeg is still converting a video. You can check out the shell command I executed below. convertToFlv( $input, $output ); function convertToFlv( $input, $output ) { echo "Converting $input to $output"; $command = "ffmpeg -y -i $input -acodec libfaac -ar 44100 -ab 96k -vcodec libx264 -level 41 -crf 20 -bufsize 20000k -maxrate 25000k -g 250 -r 20 -s 640x480 -coder 1 -flags +loop -cmp +chroma -partitions +parti4x4+partp8x8+partb8x8 -flags2 +brdo+dct8x8+bpyramid -me umh -subq 7 -me_range 16 -keyint_min 25 -sc_threshold 40 -i_qfactor 0.71 -rc_eq 'blurCplx^(1-qComp)' -bf 16 -b_strategy 1 -bidir_refine 1 -refs 6 -deblockalpha 0 -deblockbeta 0 $output"; shell_exec( $command ); } Can someone provide me some code that will help me check if ffmpeg is still doing the conversion? For those not knowing about this, is a new security hole found in all linux/unix based operating systems that should be patched.
http://arstechnica.c...with-nix-in-it/
I'm trying to get a php script working to download the latest CNN news podcast each hour. CNN names the file based on the year, month, day, and time. Here's what I'm trying: Code: [Select] <?php $year = date('Y'); $month = date('m'); $day = date('d'); $now = date('Y-m-d-h'); $hour = date('gA'); $hourplus1 = ($hour + 1); $hourminus1 = ($hour - 1); $ampm = date('A'); $url = "http://podcasts.cnn.net/cnn/services/podcasting/newscast/" . "audio/" . "$year" . "/" . "$month" . "/" . "$day" . "/CNN-News-" . "$month" . "-" . "$day" . "-" . "$year" . "-" . "$hourplus1" . "$ampm" . ".mp3"; echo $url; echo system('wget "$url"'); ?> When running from the shell, I get an "http://: invalid hostname" error. The echo of $url looks right...but it won't run from shell. Any ideas? Hey guys. I'll be doing a frontend for some router testing scripts and I'll need to launch some shell scripts in php. The user will be allowed to check some checkboxes - choose which tests to run and run them using a button. I want to show them some kind of "Testing in progress" string and then show them the result when it's done. What do you think is the best solution ? I was thinking the shell script should create the whole output in some sensible form and then I would just parse it. Should I use a database for storing the error strings, or do you think they should be a part of the script ? Also, I would like to do it with AJAX (I never did it before and I could use some experience). So I need some advice on this. I want the form to disappear after the button was pressed, replace it with the "testing in progress" string (or maybe a temporary popup window would be better) and then if the script is done, display the result. I guess I need to use the Code: [Select] shell_exec command. What would you suggest ? btw I guess there is no way to run a script on a different server than one which runs the webpage, is there ? |
|||||||