The user supplies two variables via a HTML form called username and name.
They are used to execute a shell command which is currently unsafe.
I have the following PHP code:
(exec("cat /opt/application/userdata/$username/following | grep -w $name"))
I am trying to implement escapeshellarg, but can't get it working by following the official PHP documentation, i have tried:
(exec("cat /opt/application/userdata/ .escapeshellarg($username)/following | grep -w .escapeshellarg($name)"))
But this is not working and i think its a syntax error.
How do i format this properly?
What's happening is that you are currently trying to run a function inside of a string. This is possible with extra steps, but is not desirable.
What you want to do is concatenate the string with the output of the function.
You can inline that in this manner:
exec('cat /opt/application/userdata/' . escapeshellarg($username) . '/following | grep -w ' . escapeshellarg($name))
(noticed I used single quotes ['], as no expansion is happening within the string, this is somewhat faster and keeps it separate)
Or you can perform the operation earlier, and simply include ("expand") the variables in the string, like your first example hints at:
$username = escapeshellarg($username);
$name = escapeshellarg($name);
exec("cat /opt/application/userdata/$username/following | grep -w $name")
(noticed I used double quotes ["] as there is expansion happening within the string)
The escapeshellarg() function is a PHP built-in, but you're attempting to execute it as a shell function. You can fix it by simply pulling the function out of the string scope and concatenating the results:
exec("cat /opt/application/userdata/" . escapeshellarg($username) . "/following | grep -w " . escapeshellarg($name));
Related
I'm trying to run a cat command using the shell_exec function, to be more precise something like this:
cat <(echo "foo") bar.xml > foo-bar.xml
But I'm getting a syntax error like the following one:
sh: 1: Syntax error: "(" unexpected
I'm completely lost since this works fine locally and when the command is executed manually in the server, but when running the php script it returns the syntax error. Any clues?
Original code being used:
$shell_cmd = "cat <(echo \"{$this->xmlHeader}\") ";
$shell_cmd .= '\'' . $path . $filename . '\'' . " ";
$shell_cmd .= " > " . '\'' . $path . "hfb/" . strtolower(str_replace($this->replace_values, '', $hfbName)) . ".xml" . '\'';
shell_exec($shell_cmd);
The problem here is likely to be which shell is used. It's not really documented, but I believe shell_exec will use /bin/sh, which will often be a minimal Posix-compliant shell (or a more complex shell emulating that compliance). That's very useful, because it means system scripts will always work the same way, regardless of what other shells are installed or configured for particular users.
When you log in directly, however, you're probably using bash, which has extra features such as the <(...) syntax for getting a named file descriptor from a command.
The best approach in this case is to make your command use only standardised facilities, which will be available in /bin/sh.
In particular, you are using cat to glue together a literal string from echo and a file:
cat <(echo "foo") bar.xml
That can be expressed instead by first echoing the string, and then outputting the file:
echo "foo"; cat bar.xml
To gather both into one output, place them in braces:
{ echo "foo"; cat bar.xml; } > foo-bar.xml
Alternatively, you can give cat an argument of - to concatenate standard input with one or more other files, so you could pipe the value from echo into it:
echo "foo" | cat - bar.xml > foo-bar.xml
I need to run this command from php within a shell exec but it doesn't work
Im runing a node rtsp monitoring aplication from php so i need to get the pid of the node process every time it runs so when i close the window i can close the process so the cpu doesn't exceed it's limits.
I tried
Get-Process | Where-Object ProcessName -eq "node" | ForEach-Object Id
and
Get-Process | Where-Object { $_.ProcessName -eq "node" } | ForEach-Object { $_.Id }
both works in powershell but not in php
this is what i need to run
$cmd = "Get-Process | Where-Object ProcessName -eq 'node' | ForEach-Object Id";
var_dump(shell_exec("powershell.exe -Command " . $cmd));
debugging returns null
var_dump(shell_exec('powershell.exe ' . $cmd));
PHP's shell_exec() function, as the name suggests, uses the host platform's native shell, which on Windows means that the given command line is passed to cmd.exe.
Therefore, if you want to pass metacharacters such as | through to PowerShell, you must quote them, so that cmd.exe doesn't interpret them: You typically do that by enclosing arguments in double quotes ("...") or, less commonly, by quoting (escaping) individual characters with ^.
The best approach in your case is to double-quote the entire PowerShell command using embedded double quotes in the command-line string passed (adapting the technique from your own comment on the question):
$cmd = "Get-Process | Where-Object ProcessName -eq 'node' | ForEach-Object Id";
var_dump(
shell_exec("powershell.exe -Command " . '"' . str_replace('"', '\"', $cmd) . '"')
);
Note the str_replace() call, which ensures that any " chars. embedded in $cmd are properly escaped as \", even though that's not strictly necessary with the specific command in question.
Note that you can greatly streamline your code, in which case you could even get away without double-quoting.
$cmd = "(Get-Process -ErrorAction Ignore -Name node).Id";
var_dump(shell_exec("powershell.exe -Command " . $cmd));
I wonder how is it possible to pass an output from PHP to scanf of a c program? The normal way of inputing in this C program is to use an echo -ne "\x0a etc..........." | ./program on terminal. The thing is that I cannot apply it on PHP. could someone help me? Lets say I want to output the variable $var from PHP to the C program.
Use popen() inside the script to run a command with input from the script. To get hex characters, put them inside a double-quoted string, and concatenate them to the variables.
$pipe = popen($program, "w");
$vartmp = $passwordHEX . "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00x00" . $PasswordHash;
fwrite($pipe, $vartmp);
pclose($pipe);
when i try parsing a file by executing this command from within php using shell_exec():
$shellCommand = "cat $filelocn | awk 'BEGIN{RS="<br>"}{$1=$1}1' |sed '/CURRENT/d' ";
echo $shellCommand ;
An error is displayed:
PHP Parse error: syntax error, unexpected '>' in filename.php
i also tried adding \ before ' ie: "cat $filelocn | awk \'BEGIN{RS=\"<br>\"}{$1=$1}1'";
but it again throws error.
How do i resolve this issue ?
Unless you're trying to interpolate variables in your PHP code into your string, you need to escape the dollar signs too:
$shellCommand = "cat \$filelocn | awk 'BEGIN{RS=\"<br>\"}{\$1=\$1}1' |sed '/CURRENT/d' ";
echo $shellCommand;
Specifically, the $1s are causing your parse error. If $filelocn is a PHP variable, you don't need to escape it.
I would like to execute a shell command through php and display it in a browser. Is there anyway to do so?
here is my php code : [test.php]
<?php
$number=$_GET["num"];
$date=$_GET["date"];
$output = shell_exec('egrep -w '2012-09-01|974' /home/myquery_test/log/push.log');
echo "<pre>$output</pre>";
?>
When I run this(test.php) file from browser nothing shows up. But when i change the
$output = shell_exec('ls')
its working fine!! Why isn't the egrep/grep command not working??
The egrep command isn't working, because you're using single quotes as a string constant delimiter: 'egreep -w' <==> 2012-09-01|974' <==> /home/myquery_test/log/push.log' <==Just use double quotes in the string, or as string delimiters OR escape the quotes.
shell_exec('egrep -w \'2012-09-01|974\' /home/myquery_test/log/push.log');
shell_exec('egrep -w "2012-09-01|974" /home/myquery_test/log/push.log');
shell_exec("egrep -w '2012-09-01|974' /home/myquery_test/log/push.log");
And, to avoid not getting the warnings and errors that would have brought this issue to light when testing, set your ini to E_STRICT|E_ALL, and fix the warnings, rather then ignoring them. [teasingly: after you're done with that, you might want to consider accepting some answers]I see you've accepted a lot while I was typing this post up :)
Using variables in your command:
$output = shell_exec("tail -f | egrep '$number.*$date' /var/www/myquery_test/log/push.log");
$output = shell_exec('tail -f | egrep "'.$number.'.*'.$date.'" /var/www/myquery_test/log/push.log');
$output = shell_exec("tail -f | egrep \"$number.*$date\" /var/www/myquery_test/log/push.log");