|
PHP - Bash Shell Security Hole
For those not knowing about this, is a new security hole found in all linux/unix based operating systems that should be patched.
http://arstechnica.c...with-nix-in-it/
Similar TutorialsI have an old db class that I created a while ago, and might switch to PDO. I just don't want to recode the whole site. The class was working really well to protect my db but they (spammers) have found a way around all my security and are posting links to porn, pills and russian. What I have is in the db class, there is a query function. Every query is sent to this function where it is sanitized and checks a table of blocked ips. I belive they are somehow bipassing this and going directly to the data base, becasue I am getting attacks from the same IP that should be blocked. The function looks something like this: Code: [Select] function query($sql) { if ($this->checkIp($_SERVER['REMOTE_ADDR'])) { $sql = $this->sanitize($sql); $result = mysql_query($sql); return $result; } else { die("<h1>You are banned for abuse!</h1>"); } } Does anybody have any suggestions? I have a web site that sells products. I have just added a table (mysql) that keeps track of searches. So when a user comes to the site from a search engine the search term(s) they used to find my site are stored along with their IP as an identifier and the landing page populates with products accordingly. Also when a user uses the local search feature it updates to add the new search term(s) to the table. The page displays the search box with whatever the last search term(s) were so at a later time all someone has to do is click search to repeat it. OK, so far so good. Then I got on my iphone to test it out and when the page loaded the search terms used on my laptop were there. Duh... same IP from the network. So this is my security hole that I am trying to plug. My site doesn't set any cookies and I was trying to keep it that way, but I am thinking I may have to stray from that in order to do this. I don't suppose there is a way in php to get a users mac address is there? I was hoping that someone could offer me some tidbits of wisdom to guide me in these dark times Hello, I'm a beginner programmer, and for my first "php-script" im trying to deal myself two holecards. It's easy to get dealt the first card, but when the second card arrives I have to remove the first card from the array. How to do that? Or I could do like i have tried he if ($y != $x) { echo $y; }. Problem is when holecard number one = holecard number two it wont echo anything. So i need to say if holecard one = holecard two { do a new random }. But how do i do that? <?php function poker() { $cards = array("Ah", "Ac", "Ad", "As", "2h", "2c", "2d", "2s", "3h", "3c", "3d", "3s", "4h", "4c", "4d", "4s", "5h", "5c", "5d", "5s", "6h", "6c", "6d", "6s", "7h", "7c", "7d", "7s", "8h", "8c", "8d", "8s", "9h", "9c", "9d", "9s", "Th", "Tc", "Td", "Ts", "Jh", "Jc", "Jd", "Js", "Qh", "Qc", "Qd", "Qs", "Kh", "Kc", "Kd", "Ks"); $x = $cards[rand(0,51)]; echo "$x "; $y = $cards[rand(0,51)]; if ($y != $x) { echo $y; } } echo poker() . "<br>"; ?> Thanks!
First off I want to thank everyone that is involved here in passing on the knowledge. After all that is what its all about. Okay so I want to do a campaign on password awareness and try to capitalize a little off of it. I came across the Breached_Compilation which is 1.4 billion email and plain text passwords. It has bash scripting in it to search and parse out the info from plain text documents which are in folders then prints the results in terminal. The other thing is that it posts the passwords in clear text. How would I obfuscate a portion of the clear text passwords? What would be the best way to integrate this to PHP? I am new to coding in PHP so any help is very much appreciated. Thanks an advance. Here is the Bash script.
#!/bin/bash
dir=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )
if [ "$1" != "" ]; then
letter1=$(echo ${1,,}|cut -b1)
if [[ $letter1 == [a-zA-Z0-9] ]]; then
if [ -f "$dir/data/$letter1" ]; then
grep -ai "^$1" "$dir/data/$letter1"
else
letter2=$(echo ${1,,}|cut -b2)
if [[ $letter2 == [a-zA-Z0-9] ]]; then
if [ -f "$dir/data/$letter1/$letter2" ]; then
grep -ai "^$1" "$dir/data/$letter1/$letter2"
else
letter3=$(echo ${1,,}|cut -b3)
if [[ $letter3 == [a-zA-Z0-9] ]]; then
if [ -f "$dir/data/$letter1/$letter2/$letter3" ]; then
grep -ai "^$1" "$dir/data/$letter1/$letter2/$letter3"
fi
else
if [ -f "$dir/data/$letter1/$letter2/symbols" ]; then
grep -ai "^$1" "$dir/data/$letter1/$letter2/symbols"
fi
fi
fi
else
if [ -f "$dir/data/$letter1/symbols" ]; then
grep -ai "^$1" "$dir/data/$letter1/symbols"
fi
fi
fi
else
if [ -f "$dir/data/symbols" ]; then
grep -ai "^$1" "$dir/data/symbols"
fi
fi
else
echo "[*] Example: ./query name@domain.com"
fi
I would like PHP to kick off the following command: Code: [Select] arp -a|sed 's/ /,/g'>arp.csv I also have an executable makeArpFile.sh: Code: [Select] #!/bin/bash arp -a|sed 's/ /,/g'>arp.csv And I have tried executing it in php with the following: $arp = exec("bash makeArpFile.sh", $output, $exit_code); echo("Last line: " . $arp . "\n"); echo("Output: " . $output . "\n"); echo("Exit Code: " . $exit_code . "\n"); /*returns: Last line: Output: Exit Code: 127 */ I also tried just plain old: $arp = exec("makeArpFile.sh", $output, $exit_code); echo("Last line: " . $arp . "\n"); echo("Output: " . $output . "\n"); echo("Exit Code: " . $exit_code . "\n"); /*returns: Last line: Output: Exit Code: 127 */ I can run plain old arp>arp.txt but I really need it formatted in BSD style (arp -a>arp.txt) in order to be able to parse it properly later. Any thoughts? EDIT: for fun I made a useBash.sh script that executed "bash makeArpFile.sh" still no luck. This is a simple permutation function that i was converting from php:
string_gen(){
declare -a chars=('a' 'b')
max=4
let length=${#chars[@]}-1
n=0
combination=" "
for i in `seq 0 $max`;
do
let n=($n*($length))+($length)
done
remainder=0
for i in `seq 0 $n`;
do
current=$i
combination=" "
while [[ $current > 0 ]]
do
remainder=($current%$length)
echo remainder
if [ $remainder -eq 0 ]; then
combination="$combination"${chars[$length]}
else
combination="$combination"${chars[$remainder]}
current = $current/$length
fi
done
done
echo $combination
}
What is wrong with the syntax?
Link to PHP version: http://stackoverflow...o-certain-lengt
Hello, I am mounting google drive to my raspberry pi with this command from command line; sudo gdfs -o allow_other /var/www/html/gdfs.creds /media/pi/gdrives İt is working from command line, but it is not work when i execute it from web browser. Here php content;
shell_exec("sudo gdfs -o allow_other /var/www/html/gdfs.creds /media/pi/gdrives");
and i changed my sudoers file giving permission www-data. here is my sudoers file content # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults mail_badpass Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL:ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL www-data ALL=NOPASSWD: ALL # See sudoers(5) for more information on "#include" directives: #includedir /etc/sudoers.d Can anyone tell me what i am doing wrong ? I'm trying to make colourized output of bash script in php. So far I have this:
<?php
$cmd = '/home/thebalk/FiveM/manage.sh restart';
while (@ ob_end_flush()); // end all output buffers if any
$proc = popen($cmd, 'r');
echo '<pre>';
while (!feof($proc))
{
echo fread($proc, 4096);
@ flush();
}
echo '</pre>';
//
// Converts Bashoutput to colored HTML
//
function convertBash($cmd) {
$dictionary = array(
'[1;30m' => '<span style="color:black">',
'[1;31m' => '<span style="color:red">',
'[1;32m' => '<span style="color:green">',
'[1;33m' => '<span style="color:yellow">',
'[1;34m' => '<span style="color:blue">',
'[1;35m' => '<span style="color:purple">',
'[1;36m' => '<span style="color:cyan">',
'[1;37m' => '<span style="color:white">',
'[m' => '</span>'
);
$htmlString = str_replace(array_keys($dictionary), $dictionary, $cmd);
return $htmlString;
}
?>
and my output looks like this: [1;36m BOT:[0;39m THE [1;32m TheBalkanRP-SRV01-test SERVER [0;39m WAS RUNNING [1;36m BOT:[0;39m STOPPING THE [1;32m TheBalkanRP-SRV01-test SERVER [1;36m BOT:[0;39m GTA V SERVER HAS STOPPED [1;36m BOT:[0;39m REMOVING CACHE FOLDER [1;36m BOT:[1;31m CACHE FOLDER HAS BEEN REMOVED [0;39m [1;36m BOT:[0;39m STARTING THE [1;32m TheBalkanRP-SRV01-test [0;39m SERVER [1;36m BOT:[1;32m SERVER HAS STARTED [0;39m I know my function is not connected with the code above but what is the right way to do it? Thank you! Does anyone already fix the bug. I found something interesting in the error_log file this morning
x.x.x.x - - [25/Sep/2014:01:12:34 -0500] "GET /cgi-bin/defaul_p.cgi HTTP/1.0" 404 312 "-" "() { :;}; /bin/ping -c 5 "209.126.230.74"
Hey y'all. Probably a dumb question here but I'm at a loss. I've got a PHP service script that has an include, written as so:
$config = new Config('config/config.json');
The config directory is next to the PHP script and does contain the config.json file, so when I run this from the CLI everything works great. However, I've got about 17 PHP services I need to start and really don't feel like typing them all out, so I've written a shell script that does this: #!bin/bash cd /path/to/my/script /usr/local/bin/php ./my-script.php This does start the service, but it bombs out because it can't find the config.json file. If I change the PHP to
$config = new Config('./config/config.json');
it works as expected from the shell script. Updating the files is technically possible, but fraught right now for reasons I can't really get into (sorry). Anybody know what the difference is, or have any ideas on how to get around this? Edited September 5, 2020 by maxxdHi everyone, i'm trying to get it so when i visit my webpage called start.php it executes the command (/bigbrotherbot start) in the terminal which then should start the process on my linux machine. I'm currently using this code Code: [Select] <?php shell_exec('sudo /bigbrotherbot start'); ?> This script doesn't appear to do anything though. I'm very new to php and would really appreciate the help. P.S the file bigbrotherbot is the bash script which works if i actually go to the terminal myself and type /bigbrotherbot start yet when i try to make the php do it it doesnt do anything. any ideas? I have a PHP file in /var/www/html/ called foobar.php with the following content: Quote
<?php
I set the permissions of the foobar.php file to different settings. I set the owner and group of foobar.php and /tmp/output to different values. I tried modifying the httpd.conf file. When I placed this stanza in the httpd.conf file QuoteLoadModule php7_module /usr/lib64/httpd/modules/libphp7.so I could not restart the httpd service. I tried using just QuoteLoadModule php7_module modules/libphp7.so But this failed too. I thought PHP would interpret the file regardless of how I access it (e.g., via a web page and with the php command from a Linux terminal). How do I get PHP to invoke a Bash command when someone visits a .php web page? I've written some code to move a bunch of mp3's from one folder on a network server, rename them...based on the day of the week and date of the month...and then put them on another folder on the original server. Here's the code Code: [Select] #!/usr/bin/php <?php $today = date('m.d.y'); $week = date('W'); $weekplus = $week + 1; $daynumber = date('w'); //$dayofweek = date('D'); if (date('D') == "Mon") { $dayofweek = "mon"; } elseif (date('D') == "Tue") { $dayofweek = "tue"; } elseif (date('D') == "Wed") { $dayofweek = "wed"; } elseif (date('D') == "Thu") { $dayofweek = "thu"; } elseif (date('D') == "Fri") { $dayofweek = "fri"; } //original filenames are in this format 10361MRS-H01T01.mp3 $file1 = "10" . "$weekplus" . "$daynumber" . "MRS-H01T01.mp3"; $file2 = "10" . "$weekplus" . "$daynumber" . "MRS-H01T02.mp3"; $file3 = "10" . "$weekplus" . "$daynumber" . "MRS-H01T03.mp3"; $file4 = "10" . "$weekplus" . "$daynumber" . "MRS-H01S01.mp3"; $file5 = "10" . "$weekplus" . "$daynumber" . "MRS-H01S02.mp3"; $file6 = "10" . "$weekplus" . "$daynumber" . "MRS-H01S03.mp3"; $file7 = "10" . "$weekplus" . "$daynumber" . "MRS-H02T01.mp3"; $file8 = "10" . "$weekplus" . "$daynumber" . "MRS-H02T02.mp3"; $file9 = "10" . "$weekplus" . "$daynumber" . "MRS-H02T03.mp3"; $file10 = "10" . "$weekplus" . "$daynumber" . "MRS-H02S01.mp3"; $file11 = "10" . "$weekplus" . "$daynumber" . "MRS-H02S02.mp3"; $file12 = "10" . "$weekplus" . "$daynumber" . "MRS-H02S03.mp3"; $file13 = "10" . "$weekplus" . "$daynumber" . "MRS-H03T01.mp3"; $file14 = "10" . "$weekplus" . "$daynumber" . "MRS-H03T02.mp3"; $file15 = "10" . "$weekplus" . "$daynumber" . "MRS-H03T03.mp3"; $file16 = "10" . "$weekplus" . "$daynumber" . "MRS-H03S01.mp3"; $file17 = "10" . "$weekplus" . "$daynumber" . "MRS-H03S02.mp3"; $file18 = "10" . "$weekplus" . "$daynumber" . "MRS-H03S03.mp3"; $file19 = "10" . "$weekplus" . "$daynumber" . "MRS-H04T01.mp3"; $file20 = "10" . "$weekplus" . "$daynumber" . "MRS-H04T02.mp3"; $file21 = "10" . "$weekplus" . "$daynumber" . "MRS-H04T03.mp3"; $file22 = "10" . "$weekplus" . "$daynumber" . "MRS-H04S01.mp3"; $file23 = "10" . "$weekplus" . "$daynumber" . "MRS-H04S02.mp3"; $file24 = "10" . "$weekplus" . "$daynumber" . "MRS-H04S03.mp3"; $deletepath = "/var/www/showdownloads/mrshow/"; exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file1' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file2' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file3' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file4' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file5' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file6' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file7' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file8' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file9' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file10' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file11' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file12' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file13' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file14' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file15' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file16' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file17' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file18' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file19' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file20' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file21' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file22' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file23' /var/www/showdownloads/mrshow/"); exec("scp 'root@192.168.2.245:/Volumes/Big\ Disk/Media\ Shooter\ downloads/Matt\ and\ Ramona\ Content\ $today/$file24' /var/www/showdownloads/mrshow/"); rename("$deletepath/$file1", "$deletepath/mr_$dayofweek-2-1.mp3"); rename("$deletepath/$file2", "$deletepath/mr_$dayofweek-2-3.mp3"); rename("$deletepath/$file3", "$deletepath/mr_$dayofweek-2-5.mp3"); rename("$deletepath/$file4", "$deletepath/mr_$dayofweek-2-2.mp3"); rename("$deletepath/$file5", "$deletepath/mr_$dayofweek-2-4.mp3"); rename("$deletepath/$file6", "$deletepath/mr_$dayofweek-2-6.mp3"); rename("$deletepath/$file7", "$deletepath/mr_$dayofweek-3-1.mp3"); rename("$deletepath/$file8", "$deletepath/mr_$dayofweek-3-3.mp3"); rename("$deletepath/$file9", "$deletepath/mr_$dayofweek-3-5.mp3"); rename("$deletepath/$file10", "$deletepath/mr_$dayofweek-3-2.mp3"); rename("$deletepath/$file11", "$deletepath/mr_$dayofweek-3-4.mp3"); rename("$deletepath/$file12", "$deletepath/mr_$dayofweek-3-6.mp3"); rename("$deletepath/$file13", "$deletepath/mr_$dayofweek-4-1.mp3"); rename("$deletepath/$file14", "$deletepath/mr_$dayofweek-4-3.mp3"); rename("$deletepath/$file15", "$deletepath/mr_$dayofweek-4-5.mp3"); rename("$deletepath/$file16", "$deletepath/mr_$dayofweek-4-2.mp3"); rename("$deletepath/$file17", "$deletepath/mr_$dayofweek-4-4.mp3"); rename("$deletepath/$file18", "$deletepath/mr_$dayofweek-4-6.mp3"); rename("$deletepath/$file19", "$deletepath/mr_$dayofweek-5-1.mp3"); rename("$deletepath/$file20", "$deletepath/mr_$dayofweek-5-3.mp3"); rename("$deletepath/$file21", "$deletepath/mr_$dayofweek-5-5.mp3"); rename("$deletepath/$file22", "$deletepath/mr_$dayofweek-5-2.mp3"); rename("$deletepath/$file23", "$deletepath/mr_$dayofweek-5-4.mp3"); rename("$deletepath/$file24", "$deletepath/mr_$dayofweek-5-6.mp3"); exec("scp '/$deletepath/mr_$dayofweek-2-1.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-1.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-2.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-2.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-3.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-3.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-4.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-4.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-5.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-5.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-2-6.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-2-6.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-1.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-1.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-2.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-2.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-3.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-3.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-4.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-4.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-5.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-5.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-3-6.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-3-6.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-1.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-1.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-2.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-2.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-3.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-3.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-4.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-4.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-5.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-5.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-4-6.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-4-6.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-1.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-1.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-2.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-2.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-3.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-3.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-4.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-4.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-5.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-5.mp3'"); exec("scp '/$deletepath/mr_$dayofweek-5-6.mp3' 'root@192.168.2.245:/Volumes/Big\ Disk/Show\ Downloads/mrshow/mr_$dayofweek-5-6.mp3'"); ?> The problem is, this is the only way I can get this to work. I actually want to name the files in this format Quote mr_mon_2-1.mp3 Instead of the format now Quote mr_mon-2-1.mp3 The difference being that after the three letter version of the date, I have to have a dash...I want an underscore there. If I try to rename the file to use an underscore...it doesn't use the day of the week...so it turns out to be mr_2-1.mp3 Any ideas what I'm doing wrong? Thanks. Hello, I am developing an account manager for our local network and I want people to be able to login to my website and change their UNIX & Mailbox password. These people have SSH access so that is why the UNIX passwd should also be changed. So what I want to do is get the values $username, $currentpwd , $newpwd and $newpwdcnfrm from the HTML form and execute the following shell commands : Quote su -l $username passwd Enter current UNIX Passwd : $currentpwd Enter new UNIX Passwd : $newpwd Confirm UNIX Passwd : $newpwdcnfrm The problem here is, passwd takes old and new passwords as input, not as command parameters. So I cant just do shell_exec("passwd $currentpwd $newpwd $newpwdcnfrm") ; Do you guys know how to give input to the command? thanks. Btw : Please do not argue about the security issues. I am aware of everything and I am perfectly sure that the script will run securely. It was suggested that I add a ‘report’ parameter to the code, after revising with the ‘scale2ref’ code which appears to prevent the video from uploading/proceeding: $ffmpegCommand =''.$ffmpeg_b.' -y -i '.$video_file_full_path.' -i '.$watermark_image_full_path.' -filter_complex "[0]scale=426:-2[vid];[1][vid]scale2ref='oh*mdar':'ih/10'[wm][vid];[vid][wm]overlay=5:5:format=rgb,format=yuv420p" -vcodec libx264 -preset '.$pt->config->convert_speed.' -crf 26 -report'.$video_output_full_path_240.' 2>&1'; $shell = shell_exec($ffmpegCommand); I couldn’t see where the -report parameter was supposed to output (error.log has a filesize of 0). So I was asked to “run command from the shell and check”? But, I’m not sure what command and where/how to do that. I tried adding this to the php code, and attempted to upload again, same result
echo shell_exec("/usr/local/bin/ffmpeg -report log.txt 2>&1");
any additional help is appreciated
Please tell me how to call, getimagesize() in exec command. http://www.example.com/images!/logos/ps_logo2.png I am using the linux enviroment. If the uRL has "!" symbol, it prints event not found. Please tell me how to avoid this. I'm experimenting with the shell_exec function to gain shell capability on a Linux host that doesn't provide it otherwise. I've found that I can see what is in different directories by entering a command line like: Code: [Select] cd ..; ls but if I enter two consecutive command lines: Code: [Select] cd .. ls The cd command has no effect. Apparently shell_exec is using a new shell every time I call it. Is there a way to start a shell in a PHP script and keep it active while I pass it multiple commands, so that this won't happen? Hi, I recently updraded PHP to 5.3.3 and Apache to 2.2.17 on a Linux Centos 5.4 Box using yum. Since then the Web pages running under Apache cannot connect to the database using mysql. If I run a manual PHP script, I am able to. When I run phpinfo() on PHP under Apache I get this (note: --without-mysql): './configure' '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--cache-file=../config.cache' '--with-libdir=lib64' '--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d' '--disable-debug' '--with-pic' '--disable-rpath' '--without-pear' '--with-bz2' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-xpm-dir=/usr' '--enable-gd-native-ttf' '--without-gdbm' '--with-gettext' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-pcre-regex=/usr' '--with-zlib' '--with-layout=GNU' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-sysvsem' '--enable-sysvshm' '--enable-sysvmsg' '--with-kerberos' '--enable-ucd-snmp-hack' '--enable-shmop' '--enable-calendar' '--without-mime-magic' '--without-sqlite' '--with-libxml-dir=/usr' '--enable-xml' '--with-system-tzdata' '--with-apxs2=/usr/sbin/apxs' '--without-mysql' '--without-gd' '--disable-dom' '--disable-dba' '--without-unixODBC' '--disable-pdo' '--disable-xmlreader' '--disable-xmlwriter' '--without-sqlite3' '--disable-phar' '--disable-fileinfo' '--disable-json' '--without-pspell' '--disable-wddx' '--without-curl' '--disable-posix' '--disable-sysvmsg' '--disable-sysvshm' '--disable-sysvsem' When I run phpinfo() on PHP that I run manually from the shell: ('--with-mysql=shared,/usr' '--with-mysqli=shared,/usr/bin/mysql_config') './configure' '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--target=x86_64-redhat-linux-gnu' '--program-prefix=' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/usr/com' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--cache-file=../config.cache' '--with-libdir=lib64' '--with-config-file-path=/etc' '--with-config-file-scan-dir=/etc/php.d' '--disable-debug' '--with-pic' '--disable-rpath' '--without-pear' '--with-bz2' '--with-exec-dir=/usr/bin' '--with-freetype-dir=/usr' '--with-png-dir=/usr' '--with-xpm-dir=/usr' '--enable-gd-native-ttf' '--without-gdbm' '--with-gettext' '--with-gmp' '--with-iconv' '--with-jpeg-dir=/usr' '--with-openssl' '--with-pcre-regex=/usr' '--with-zlib' '--with-layout=GNU' '--enable-exif' '--enable-ftp' '--enable-magic-quotes' '--enable-sockets' '--enable-sysvsem' '--enable-sysvshm' '--enable-sysvmsg' '--with-kerberos' '--enable-ucd-snmp-hack' '--enable-shmop' '--enable-calendar' '--without-mime-magic' '--without-sqlite' '--without-sqlite3' '--with-libxml-dir=/usr' '--enable-xml' '--with-system-tzdata' '--enable-force-cgi-redirect' '--enable-pcntl' '--with-imap=shared' '--with-imap-ssl' '--enable-mbstring=shared' '--enable-mbregex' '--with-gd=shared' '--enable-bcmath=shared' '--enable-dba=shared' '--with-db4=/usr' '--with-xmlrpc=shared' '--with-ldap=shared' '--with-ldap-sasl' '--with-mysql=shared,/usr' '--with-mysqli=shared,/usr/bin/mysql_config' '--enable-dom=shared' '--with-pgsql=shared' '--enable-wddx=shared' '--with-snmp=shared,/usr' '--enable-soap=shared' '--with-xsl=shared,/usr' '--enable-xmlreader=shared' '--enable-xmlwriter=shared' '--with-curl=shared,/usr' '--enable-fastcgi' '--enable-pdo=shared' '--with-pdo-odbc=shared,unixODBC,/usr' '--with-pdo-mysql=shared,/usr' '--with-pdo-pgsql=shared,/usr' '--with-pdo-sqlite=shared,/usr' '--with-pdo-dblib=shared,/usr' '--enable-json=shared' '--enable-zip=shared' '--with-readline' '--with-pspell=shared' '--enable-phar=shared' '--with-mcrypt=shared,/usr' '--with-tidy=shared,/usr' '--with-mssql=shared,/usr' '--enable-sysvmsg=shared' '--enable-sysvshm=shared' '--enable-sysvsem=shared' '--enable-posix=shared' '--with-unixODBC=shared,/usr' '--enable-fileinfo=shared' '--enable-intl=shared' '--with-icu-dir=/usr' '--with-recode=shared,/usr' Both phpinfo() show PHP 5.3.3 how can I configure PHP under Apache? Do I need to rebuild / reintall Apache manually? Thanks very much! Frank Hello, If we have large amount of data we always use SCP to copy data from remote server. scp -P 100 user@192.168.2.3: /home/user/folder /home/user1/folder/. But if DSL (Internet) of local computer disconnects I observed failure of transfer many times and this whole process becomes irritating. Is there any alternative way to use scp or rsync with php so that we can execute it with script ? Something like this ? <?php // Having shell access but its not working 4 me... $conn = ssh2_connect('ftp.server.com', 100); ssh2_auth_password($conn 'user', 'pass'); ssh2_scp_send($conn, '/local/filename', '/remote/filename', 0644); ?> Another question is there any way we can run such code with the help of shell_exec() or is this implementation is secure? Thanks in Advance! |
|||||||