I've just started checking out PHP and to sort of work it out I thought that I would make a form that adds a user to the system with PHP. I tried to run the command with exec(), but that yielded no results(I made sure that www-data is a sudoer), so I tried it with system() to get some output that might tell me what the problem was, but both of my outputs just returned a vague 1 and 6 in that order. Here is my code:
<?php $username = $_POST["username"];
$password = $_POST["password"];
?>
<html>
<body>
Welcome <?php echo $username; ?><br>
Your password will be set to: <?php echo $password; ?>
<?php system("sudo useradd -m $username", $output1);
system("sudo usermod -g user $username", $output2);
?>
<br>
<?php echo $output1;?>
<br>
<?php echo $output2;?>
</body>
</html>
It correctly prints out the username and password variables, but seems to be unable to run the sudo useradd and sudo usermod commands, although I'm not entirely sure.Is there anything here that might give an Idea as to what I am doing wrong?
Have you try with proc_open?
Something like this...
$cmd = "echo 1";
$descriptorspec = array(
0 => array('pipe', 'r'), // stdin is a pipe that the child will read from
1 => array('file', '/var/www/html/proc-output.txt', 'a'), // stdout is a pipe that the child will write to
2 => array('file', '/var/www/html/error-output.txt', 'a') // stderr is a file to write to
);
$pipes = [];
$process = proc_open($cmd, $descriptorspec, $pipes);
$return_value = is_resource($process) ? proc_close($process) : die('this does not work');
How you input the www-data password?
Related
I should enter confirmation code after my function execute. My command wait an answer but I can't reply.
$cmd = 'cd/ && cd .... && ....';
echo shell_exec($cmd);
I tried:
shell_exec($confirmation_code);
I must enter confirmation code after get permission for some access.
Try this
$cmd = 'echo "Yes"| cd/ && cd .... && ....';
echo shell_exec($cmd);
Replace "Yes" by what you want
Symphony Process command can do this for you:
https://symfony.com/doc/current/components/process.html#streaming-to-the-standard-input-of-a-process
I am trying to login and push Docker images from a PHP script as part of our CICD process. Here is the code:
<?php
include '../php/database.php';
$duser = 'username';
$dpass = 'password';
$dmail = 'email';
$tag = 'from system';
function tagImage($tag) {
$getImageID = "SELECT `imageID` FROM `docker_images` WHERE `tag` = :tag ";
$params = array(':tag' => $tag);
$results = dataQuery($getImageID, $params);
if(!empty($results)) {
$image = $results[0]['imageID'];
global $repo = $results[0]['repo']; // I know this is a bad idea, will change it when all else is working
$last = system("sudo docker tag -f $image $repo 2>&1", $retval);
}
return $retval;
}
$tagStatus = tagImage($tag);
if(0 == $tagStatus) {
echo '<pre>';
$login = system("sudo docker login --username=$duser", $retval);
var_dump($login);
var_dump($retval);
// push it real good
$last = system("sudo docker push $repo 2>&1", $retval1);
var_dump($last);
var_dump($retval1);
}
?>
This returns the following:
string(0) ""
int(1)
The push refers to a repository [app/ap-name] (len: 1)
21d623eb89a9: Image push failed
Please login prior to push:
Username: EOF
string(13) "Username: EOF"
int(1)
The push is failing because the login is not working from the PHP script, however, when I login from the command line the login is successful.
What am I doing wrong? Can I login to Docker Hub with PHP like this? Or should the technique be different?
EDIT: The PHP script will be called via AJAX, effectively making it run as if it were being run from the browser. I am running it from the browser for testing purposes.
The login requires all of the credentials including password and email address associated with the Docker hub repo:
$login = system("sudo docker login --username $duser --password $dpass --email $dmail 2>&1", $retval);
var_dump($login);
var_dump($retval);
Using this syntax returns the following (expected):
WARNING: login credentials saved in /root/.dockercfg.
Login Succeeded
string(15) "Login Succeeded"
int(0)
Past that point the push works properly and returns no errors.
When running
ls | php script.php
fgets(STDIN) is not waiting for user input:
<?php
$pipe = stream_get_contents(STDIN);
echo "Enter something";
$line = fgets(STDIN);
But if I run
php script2.php
With script2.php :
<?php
echo "Enter something";
$line = fgets(STDIN);
The script pauses waiting for my input.
How can I get pipe & wait for user input?
Instead use readline function of php, it will work fine,
$string=readline("Enter value: ");
echo $string;
I'm trying to exec file from .php file via website
First am trying :
<?php
exec('bash create_user.sh '.$_POST['password'].' '.$_POST['username']);
exec('bash create_user.sh 123456 user');
?>
And nothing done!
Secound am trying :
<?php
shell_exec('bash create_user.sh '.$_POST['password'].' '.$_POST['username']);
shell_exec('bash create_user.sh 123456 user');
?>
And nothing done!
how can I do this. thnx.
in your sh add as first line
#!/bin/sh
then call in php like this
if(isset($_POST['password']) && isset($_POST['username'])) {
shell_exec('./create_user.sh '. $_POST['password'] . ' ' . $_POST['username']);
} else {
echo 'You must send user and pass';
}
And give to the web server user write/execute permissions.
I am using exec function to run my php file in background from another like below
<?php
$username = 'Test';
exec(PHP_BINDIR."/php /opt/lampp/htdocs/myscript/test.php >/dev/null &" );
?>
i want to send a value to the file which runs in background.
i tried below code
<?php
$username = 'Test';
exec(PHP_BINDIR."/php /opt/lampp/htdocs/myscript/test.php?user=".$username." >/dev/null &" );
?>
Test.php
<?php
var_dump($_REQUEST);
?>
but i got null as the value. can any one help me. how i can pass a value to a file which is running in background.
Pass it as command line argument:
$command = sprintf('%s/php /opt/lampp/htdocs/myscript/test.php %s >/dev/null &',
PHP_BINDIR,
escapeshellarg($username));
exec($command);
In the file:
$username = $argv[1];
You can't use URL-style query parameters because you're not using a URL, you're calling an executable.