PHP: shell_exec is neither Defined nor disabled - php

Well, I know there are already lots of related questions but non of them address my issue.
In my case, I want to use the shell_exec function but, I see that the shell_exec function is not defined and not even mentioned in the disable_functions list in php.ini.
here is the php.ini snippet
; This directive allows you to disable certain functions for security reasons.
; It receives a comma-delimited list of function names.
; http://php.net/disable-functions
disable_functions =
; This directive allows you to disable certain classes for security reasons.
; It receives a comma-delimited list of class names.
; http://php.net/disable-classes
disable_classes =
and here is how I'm using the function
if(!function_exists('shell_exec')) {
die("shell_exec is not found");
}
NOTE: I'm using Linux version CentOS release 6.9 (Final) and php -v outputs as follow
ea-php-cli Copyright 2017 cPanel, Inc.
PHP 7.0.28 (cli) (built: Mar 6 2018 09:27:52) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.28, Copyright (c) 1999-2017, by Zend Technologies
Your help is highly appreciated.

Ok, I was using PHP-FPM that added the following line to the configuration of each domain at /opt/cpanel/ea-php70/root/etc/php-fpm.d/
php_admin_value[disable_functions] = exec,passthru,shell_exec,system
So, this is what I did to make the shell_exec function available to use
mkdir /var/cpanel/ApachePHPFPM
echo "php_admin_value_disable_functions : exec,passthru,system">/var/cpanel/ApachePHPFPM/system_pool_defaults.yaml
/scripts/php_fpm_config --rebuild
and at the end restarted the PHP-FPM from WHM, and that's it.

Related

PHP file_get_contents not working correctly

I asked a question on here yesterday and was given the following code.
<?php
function usd_rate(){
$json = file_get_contents("https://bitpay.com/api/rates");
$obj = json_decode($json);
if($obj->code == 'USD') return $o->rate;
}
echo usd_rate()
?>
It worked fine at first, but I left my shared hosting and moved to a dedicated server host.
I have checked the PHP.ini to ensure the below
; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
; http://php.net/allow-url-fopen
allow_url_fopen = On
; Whether to allow include/require to open URLs (like http:// or ftp://) as fil$
; http://php.net/allow-url-include
allow_url_include = On
but it still doesnt show any of the values. I have been stuck on this for about 2 hours now so I thought it might be a wise idea to ask for help.
Thanks for any you can provide me.
Also
Output of php --version
PHP 5.5.9-1ubuntu4.4 (cli) (built: Sep 4 2014 06:56:34)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies
with Zend OPcache v7.0.3, Copyright (c) 1999-2014, by Zend Technologies
Not sure what my last host was running
there is error in code u have given try this code
function usd_rate(){
$json = file_get_contents("https://bitpay.com/api/rates");
$obj = json_decode($json);
foreach($obj as $o)
if($o->code == 'USD') return $o->rate;
}
echo usd_rate();

Call to a member function getAction() on a non-object

Hi there i followed these instructions (http://pietervogelaar.nl/php-xdebug-netbeans-vagrant/) to get XDebug up and running with vagrant and NetBeans.
It now works .... almost.
Anytime i run a code that fire a breakpoints, NetBeans works fine allowing me to do my debug thing with no problems.
The thing is at the end of the request Laravel will always return that error :
Call to a member function getAction() on a non-object, specifying a code location that looks weird : xdebug:/­/­debug-eval:1.
Even stranger, my page is rendered and the html is here, but the standard laravel error page is rendered also, at the end of my own page ......
Of course if i disable my breakpoint, everything runs just fine.
My versions right now :
Apache :
Server version: Apache/2.2.22 (Ubuntu)
Server built: Apr 17 2014 21:49:25
PHP :
PHP 5.4.28-1+deb.sury.org~precise+1 (cli) (built: May 5 2014 09:32:44)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
with Xdebug v2.2.3, Copyright (c) 2002-2013, by Derick Rethans
Ok i finally found it.
Problem doesn't come from XDebug or Php or Laravel.
Problem comes from Netbeans.
I had an expression in my watch list i wasn't using anymore.
Deleting every custom entries in the watch list just solves the issues.
Hope at some point it helps someone else ....

Is there a PHP setting that sets whether you can index the result of a function?

I have two servers. They are both running php 5.3.3. This code works on one server and returns a syntax error on the other. Is there a php ini setting that affects this behaviour? I can't find anything related in the PHP documentation, but I may be looking in the wrong place.
Server 1
> php -v
PHP 5.3.3 (cli) (built: Sep 23 2010 14:15:16)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with Xdebug v2.0.3, Copyright (c) 2002-2007, by Derick Rethans
php > echo explode(" ", " foo ")[1];
foo
Server 2
> php -v
PHP 5.3.3 (cli) (built: Jan 31 2011 15:57:29)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
php > echo explode(" ", " foo ")[1];
Parse error: syntax error, unexpected '[', expecting ',' or ';' in php shell code on line 1
Another idea: PHP on both servers is custom-compiled, so it could also be a different compile flag.
No.
PHP doesn't support this syntax. It's on the trunk, but not yet released (as of PHP 5.3.3).
I have no idea how it's working on your first server, but perhaps this "Xdebug" is making a difference?
Aha! I figured it out.
We installed Facebook's XHP to profile our development server. This syntax (which is quite elegant) was added in in the PHP module. Here's a diff of the php.ini file between server 1 and 2:
> ; XHP https://github.com/facebook/xhp/wiki/Building-XHP
> extension=xhp.so
> ; adds support for the [] operator on the return value of a function
> xhp.idx_expr = 1
> ; Tracking errors in XHP applications is very difficult without annotations.
> xhp.include_debug = 1
I like this syntax, so I'll probably install XHP on the other server. Thanks for the help Michas for suggesting I diff the ini files.

Segmentation Fault error in PHP, using SOAP to connect to SalesForce

I'm integrating my software (PHP) with SalesForce, using the SalesForce PHP Toolkit.
So far, everything's worked great, but when I started writing the code to call convertLead(), I got a "Segmentation Fault" error.
This is the code I'm running:
require_once('../salesforce/SforceEnterpriseClient.php');
ini_set('soap.wsdl_cache_enabled', 0);
$SForce = new SforceEnterpriseClient();
$result = $SForce->createConnection('../salesforce/enterprise.wsdl.xml');
$result = $SForce->login('user', 'pass+token');
echo "Logged In!";
$data = array(
'convertedStatus' => 'Converted',
'leadId' => '00QC000000mDcmJMAS'
);
$result = $SForce->convertLead(array($data));
That's it. And i'm getting a Segmentation Fault. I tried using StdClass instead of a keyed array, same thing. The convertLead method in the SF toolkit is really simple, it just calls the same method into a SoapClient instance...
NOTE: I'm running this script from the CLI, not through Apache.
UPDATE: Just tried running "strace" with my script. The last lines of it are:
close(4) = 0
write(1, "Logged IN!", 10Logged IN!) = 10
open("error_log", O_WRONLY|O_CREAT|O_APPEND, 0644) = 4
--- SIGSEGV (Segmentation fault) # 0 (0) ---
+++ killed by SIGSEGV +++
Also, in case it's relevant:
php --version
PHP 5.2.13 (cli) (built: Jul 17 2010 22:01:13)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
with eAccelerator v0.9.6.1, Copyright (c) 2004-2010 eAccelerator, by eAccelerator
with the ionCube PHP Loader v3.3.20, Copyright (c) 2002-2010, by ionCube Ltd., and
with Zend Optimizer v3.3.9, Copyright (c) 1998-2009, by Zend Technologies
This also happens in my dev machine (Windows), so I doubt it's the Accelerators or anything like that:
php --version
PHP 5.2.13 (cli) (built: Feb 24 2010 14:37:44)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2010 Zend Technologies
This may or may not be specific to SalesForce. Probably not, seems like a bug in the SOAP PHP library. Maybe the request/response are broken, but I can't see those because they're HTTPS.
Any ideas how I can go about diagnosing (or more importantly, working around) this issue?
Thank!
Daniel
There is a bug (still after 4 years) in the PHP soap extension. It has to do with how it handles WSDL caching. Disabling caching with ini_set() does not work. You also need to turn off caching for your particular client instance.
return new SforceEnterpriseClient('../salesforce/enterprise.wsdl.xml', array(
'cache_wsdl' => WSDL_CACHE_NONE
));
This is true even when using the native PHP SoapClient class.
Ok, this doesn't solve the underlying issue, but, in case someone got this same problem with SalesForce and PHP...
Despite what the documentation implies, fields SendNotificationEmail and OverwriteLeadSource ARE MANDATORY, you MUST specify them in the call.
Not doing so should give you a nice error, not a SegFault, but still, that solves it.

strange behaviour of php session

im using php a server, that uses ubuntu 8.04 :
PHP 5.2.4-2ubuntu5.12 with Suhosin-Patch 0.9.6.2 (cli) (built: Sep 20 2010 13:33:05)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
i found a strange behaviour:
<?php
session_name('session');
session_start();
$_SESSION['username']='realName';
$username='otherName';
?>
this leads to, that php saves in the session variable 'otherName' (instead of 'realName'). why is php saving the $username into the session variables? How can i disable this?
thanks in advance for any help... :)
It looks like you have register_globals = on in your php.ini. This option has been deprecated as of PHP 5.3 and you should turn it off. More information can be found here: http://www.php.net/manual/en/security.globals.php

Categories