My goal is essentially to run executable(say .sh or .py) with with php code, where executable would potentially create some new files in the directory.
For example, an obvious first try (shell_exec):
<?php
$output = shell_exec('sh shell.sh');
echo $output;
?>
Where the shell file is:
#!/bin/bash
# My first script
whoami
mkdir "NewDir"
Does not fully work if executed by visiting a page. whoami command returns "daemon" (not my account name) and folder "NewDir" is not being created.
I think this is permissions problem, even though my htdocs folder has permissions 777. (What I am trying to do works on Windows).
I think if I could make this simple script create a directory then my original would be resolved.
Any suggestions?
Well actually this is quite simple. Get the .py or the .sh file and use:
<?php
Include_once 'filename';
?>
Thank you for your time
Try using the full path in your bash script
#!/bin/bash
# My first script
whoami
mkdir /tmp/testFolder
Make it executable and set permissions to Folder:
chmod +x bashscript.sh
chmod 777 /tmp/testFolder
Test to start it:
./bashscript
Then everything should woring
Related
i am ubuntu user.. i have a command in php that exec a python file.. the python file is set to executable.. so, my php command is:-
shell_exec("try.py");
the python file is located at desktop.. but the php file is located in www folder..
/var/www/try.php
in the try.py, i have a code to rename a file on the desktop as follow:-
print "enter"
os.rename("a.txt", "b.txt")
print "exit"
so, the try.py and a.txt are in desktop..
my problem is, when i execute the php file, it shows the "enter" only but not with the "exit".. so i guess it cannot execute the os.rename maybe because of the root privilege or anything that i dont know.. i have tried some solutions to disable password for sudo but still i didnt show the "exit".
but, if i execute the try.py directly by double click it on the desktop and execute it, the command can be done and the output shows:-
enter
exit
so, anyone knows how to execute it using php?
You can directly rename files in php using the rename function.
rename($oldname, $newname);
The problem is when you are doing os.rename("a.txt", "b.txt") it is looking for a.txt in the directory from where the application is running (so it is looking for a.txt in /var/www/.
You should give both a.txt and b.txt the full path:
os.rename('/home/user/Desktop/a.txt', '/home/user/Desktop/b.txt')
You will also have to make sure that www-data (or whatever user is running Apache) can write to the Desktop directory; however from a security perspective this is a very bad idea - any script running on the server can read the contents of your desktop (and even delete the files).
finally, i got the solution..
to be able to rename the file in desktop using os.rename, we need to edit some of the configurations in sudoers..
it involved some steps in visudo and also the php script..
in visudo (using command "sudo visudo" in terminal:)-
#user privilege specification
root All=(ALL:ALL) ALL
www-data ALL=(ALL:ALL) ALL
#includedir /etc/sudoers.d
ubuntu ALL=(ALL) NOPASSWD: ALL //use your username.. mine is ubuntu
www-data ALL=(ALL) NOPASSWD: ALL //the place where i put the php file
in php file:-
<?php
$output = exec("sudo python /home/ubuntu/Desktop/[filename.py]");
?>
for python file is just the same..
os.rename("a.txt", "b.txt")
ok.. that is the solution.. now i can run the python script which it will change the name of a file in desktop from php..
Thank you for all the comments and suggestion for the solutions.. =))
You need something like:
my_dir = os.path.dirname(os.path.realpath(sys.argv[0]))
That will equate to the directory try.py is actually in.
Then you can execute:
os.rename(os.path.join(my_dir, 'a.txt'), os.path.join(my_dir, 'b.txt'))
As mentioned above, this isn't necessarily a great idea from a security PoV though, since you have to grant write permissions to the php script.
I also usually put the my_dir code in an if sys.argv[0]: so that I can still debug from python REPL:
if sys.argv[0]:
# running as executable
my_dir = os.path.dirname(os.path.realpath(sys.argv[0]))
else:
# imported into interpreter
my_dir = '.'
That way I can still import the module into REPL to debug it, as long as I'm in the same directory as the file in question.
I've recently set up my Apache2 Server on my Linux machine. Now I've wanted to execute a PHP script (index.php), which runs a shell script (foo.sh), which creates a folder in my home directory, but the directory was not created.
These are the original two files:
foo.sh:
#!bin/bash
mkdir /home/lorenzo/testDir
index.php:
<?php
exec('sh test.sh');
?>
So, I thought maybe the problem occurs because of privileges or something, and indeed after I changed the files to that:
foo.sh:
#!bin/bash
echo "Hello world"
index.php:
<?php
$temp=exec('sh test.sh');
echo $temp;
?>
I saw the output Hello World on my website.
So the PHP script is executed and it runs the shell script. But why can't the shell script execute the mkdir command?
This indeed is most likely a permission issue.
You first have to figure out which user apache runs at. This is usually www-data (on Debian-ish Linuxes, such as Ubuntu) or apache (on RedHat-ish Linuxes) or something along the lines. A ps -eF | grep apache will reveal the user.
After you figured that out, make sure that the apache user has the appropriate rights in your home directory. You can either add it to your user group (using usermod -a -G ... and then chmod g+w ~) or allow writing for all users (chmod o+w ~).
But, both of this is a bad idea. Your php script (or anything else running as the apache user) can be broken into and cracked, leaving you home directory open for malicious attackers to modify and rm -rf.
In addition, if you’re running a RedHat-ish Linux, you will run into SELinux which by defaut prevents apache from accessing user directories at all. In that case, you also have to set setsebool -P httpd_enable_homedirs on.
Instead, I would recommend that you use a different directory and give your user full access to that. Something along the lines of /var/www/testDir with the apache as owner and group, and adding yourself to the apache user group is probably a sane idea.
It looks like a permission issue. Make sure that Apache has write permission to that directory
You may have permission issues on the server. Try to use chmod -R 775 <dirname>(or 777) in your ssh command line. You can do this in php code with chmod() too but I don't suggest you because it would run it everytime the php code runs and changing it more times is pointless. It can output to the screen but I bet the directory the script wants to make file has permission 755. Try to check it.
I am trying to call a bash script from my php file of click of a button that simple creates a directory. However, when i run from the web it would not do anything when i run from the terminal it works fine.
Not sure what the problem is ?
test.php
header('Content-Type: application/json');
$result =shell_exec('sh /var/www/shellscriptphp/test.sh ');
exit();
test.sh
mkdir testfolder
Just to close the question, your code works as long as your uid has permissions on the server's filesystem.
You can change permissions in the filesystem using chmod (see man chmod for details).
I am trying to run a .sh file from php.
I tried doing it with shell_exec(). but its not working
I refered many questions related to this in stack overflow but could not solve
my php code is(web.php)
<?php
echo shell_exec('/var/www/project/xxe.sh');
echo "done";
?>
only done is printed. but it is working from terminal(php /var/www/project/web.php)
In xxe.sh I am calling a python file
python vin.py
I have also changed the file permission to 777 for both .sh n .py files
please help
If you say it works on the terminal and not on apache then apache's php.ini file may be disabling the use of shell_exec().
See http://www.php.net/manual/en/ini.core.php#ini.disable-functions
Your apache's php.ini file may look something like
disable_functions=exec,passthru,shell_exec,system,proc_open,popen
Remove shell_exec from this list and restart the web server, although this is a security risk and I don't recommend it.
shell_exec might not know what directory to look in for your executable's location directory. What solved it for me was this before the shell_exec:
putenv('PATH=/usr/local/bin');
Then the terminal can find the executable. Also check permissions on every part of the command to make sure apache user has read and execute permissions.
If it works well in shell, I think apache is chrooted. So php can't find /var/...
Or user of httpd user does not have permission to enter /var/...
If you are good at PHP. Open dir /var/... And readdir() and check dir exists and check file exists.
This question might help you. scanning /home/ with opendir()
The problem is usually that when you exec code from within php it is run as the webservers user www-data in alot of linux distros. Normaly this user does not have an enviroment set up, and because of that no PATH. By using full paths in your files you can usually overcome this.
xxe.sh
/usr/bin/python /path/to/script/vin.py
While trying to run a script triggered by github post-receive webhook.
Here is where my project directory is located(cloned git repo):
/var/www/html/my-repo
I create a script inside the above directory called webhook.php:
<?php
#webhook.php
$cmd = shell_exec("git pull 2>&1");
#for debugging
echo $cmd;
?>
Execute the following command inside /var/www/html
sudo chown www-data:www-data -R my-repo/
Test it by going to http://www.myserver.com/my-repo/webhook.php
Add the path to your script to github webhooks.
I have been stuck in this problem for several hours.
I have thought about a solution.
1. move your script to a python file "script.py" and place this file to your server root.
2. shell_exec("python script.py");
Any way, it works for me.
On my host I had to give a different path for my php file to be executed from shell_exec().
This didn't work shell_exec('/usr/bin/php backgroundtask.php');.
While this did shell_exec('/opt/php/php-5.5.0/bin/php backgroundtask.php');.
You can visit this Reference.
I had the same issue because PHP backslashes.
PHP escapes the backslashes, so the command that reaches the shell
'COPY E:path1\path2\file.prn /B \127.0.0.1\"PRINTER NAME"'
so I gave command like this
'COPY E:\\path1\\path2\\file.prn /B \\\\127.0.0.1\"PRINTER NAME"'.
You have to double-escape the backslashes: once for PHP and once for the shell.
HI there!
I've run into some problem while learning to combine .sh files and PHP. I've create a file test.sh and in that file I call a PHP file called test.php.
If I double click on the .sh file then it runs perfectly but when I try to run it from the terminal I get "command not found". I'm in the exact folder as my .sh file but it wont work. Here's my test.sh:
#!/bin/bash
LIB=${0/%cli/}
exec php -q ${LIB}test.php one two three
exit;
When I doubleclick on the test.sh file then it returns the argv array like it suppost to. But why can't I run it from terminal?
use ./filename.sh
no matter if your are in the same folder or not, without giving ./ the system is searching the path variable. (/bin/, /usr/bin and so on)
Is execute bit enabled?
chmod +x test.sh
Your $PATH variable may not include '.' - so the shell may not be able to find the command to run.
As others have said, sh ./file.sh will work...
It is possible that your environment is different when launching from the Terminal and when launching via a double-click. Try executing which php and echo $PATH from the Terminal to see what the deal is.
EDIT 1
As others have noted, if your "command not found" is referring to the shell script and not php, then you probably forgot to include the "./" before the name of the script (i.e. ./test.sh). Also, don't forget to make it executable by invoking chmod a+x test.sh. The reason for this is that PATH does not include the current directory (i.e. "."), because doing so would be a security risk (e.g. folders with a ton of files in them including a fake "ssh" which could then intercept your password or the like).
EDIT 2
Also, I don't know about you, but ${0/%cli/} is evaluating to -bash from within my Terminal. Are you sure that's what you wanted it to expand to? Perhaps you should specify the exact filename.
Another option is to run it with sh (or bash, if sh on your machine isn't bash and the script uses bashims)
sh filename.sh
bash filename.sh
This will work whether or not the file is executable or in $PATH