I understand this has been answered before, however there's a weird bug in the code.
Here is the bash code which gets the $title variable from the PHP script:
#!/bin/bash
url=$1
type=$2
bitrate=$3
vidid=$4
title=$TITLE
TMP_FILE="youtube-mp3-$RANDOM.tmp"
youtube-dl --get-title --get-url --get-filename "$url" > $TMP_FILE 2> "/tmp/$TMP_FILE.err"
exec 42< $TMP_FILE
while read video_title <&42 ; do
read video_url <&42
read video_filename <&42
if [ "$type" = "vorbis" ]; then
#youtube-dl -x --prefer-ffmpeg --audio-format vorbis --audio-quality "$bitrate" "$url"
echo "$title" > title-test
else
#youtube-dl -x --prefer-ffmpeg --audio-format "$type" --audio-quality "$bitrate" "$url"
echo "$title" > title-test
fi
done
exec 42<&-
rm -f $TMP_FILE
And here is the PHP code that sends the variable to bash:
$link = $cmd;
$video_id = explode("?v=", $link);
$video_id = $video_id[1];
$yturl = "http://www.youtube.com/watch?v=".$video_id;
$page = file_get_contents($yturl);
$doc = new DOMDocument();
$doc->loadHTML($page);
$title_div = $doc->getElementById('eow-title');
$title = $title_div->nodeValue;
putenv("TITLE=$title");
It does correctly echo the YouTube video title to "title-test", however when it does it sends it like:
{enter}{space}{space}{space}{space}$title
So there's blank spaces before the video title, which doesn't correctly work when I attempt to mv, rm or cp the $title variable in bash, and I don't know why this is happening.
Let's look at an example: The element having id="eow-title" in the document at https://www.youtube.com/watch?v=FTXN5nOstRs looks like this:
<span id="eow-title" class="watch-title " dir="ltr" title="Richard Dawkins exploding at bullshit in the Bible">
Richard Dawkins exploding at bullshit in the Bible
</span>
And since there's nothing telling libxml that leading/trailing whitespaces are irrelevant, the node value of that element is "{enter}{space}{space}{space}{space}Richard Dawkins...".
You might get rid of the whitespaces e.g. via trim().
Related
If I execute an R program through macOS Terminal it works fine, but if I execute that program through PHP exec() I get an error which says "Rscript not found".
submit.php:
<?php
// print "hello";
$a = $_POST['a'];
$b = $_POST['b'];
// echo shell_exec("calc");
$output = exec("Rscript /xampp/htdocs/demo/1.R ".$a." ".$b);
print $output
?>
1.R:
setwd("C:/xampp/htdocs/demo")
print("hello")
args=commandArgs(trailingOnly = TRUE)
a = args[1]
b = args[2]
c = as.numeric(a)+as.numeric(b)
cat(c)
You need to tell the command interpreter where Rscript is located. In a normal login, you'd have a long PATH variable to search through, but when running from PHP you have a much more limited path. To figure out where the executable is located, type which Rscript from Terminal. Use the resulting path in your PHP script.
Also note that dumping raw user input into shell commands is a very bad idea. You should always use escapeshellarg() to make sure the input is sanitized. I would also suggest capturing the full output in the event that R outputs more than one line.
<?php
$a = escapeshellarg($_POST["a"]);
$b = escapeshellarg($_POST["b"]);
$r = "/xampp/htdocs/demo/1.R";
$lastline = exec("/usr/local/bin/Rscript $r $a $b", $output, $return);
// you could check the value of $return for non-zero values as well
// full output is returned as an array
echo implode("\n", $output);
Finally, you'll want to check your setwd() command in the R script. Might have some trouble with C: on a Mac! ;)
I'm using the PHP exec() function to execute the Canu assembler programs, and I want to get its process ID within the same script.
The problem is exec() not returning any PID, even the process is running successfully.
The processes are started like this:
$gnuplot_path = '/usr/bin/gnuplot';
$command = 'nohup canu -d . -p E.coli gnuplot='.$gnuplot_path.' genomeSize=4.8m useGrid=false maxThreads=30 -pacbio-raw /path/to/p6.25x.fastq > /path/to/process.err 2>&1 &';
Currently, I try to determine if the process is still running by:
$pid = exec($command, $output);
var_dump($pid);
and also this:
exec($command, $pid, $return_var);
print_r($pid);
echo "$return_var\n";
However, I got output of string(0) "" and Array ( ) 0 respectively.
Please let me know how to solve this. Thanks much.
This one is tricky. What I would do:
$gnuplot_path = '/usr/bin/gnuplot';
$command = 'nohup canu -d . -p E.coli gnuplot='.$gnuplot_path.' genomeSize=4.8m useGrid=false maxThreads=30 -pacbio-raw /path/to/p6.25x.fastq > /path/to/process.err 2>&1';
$command .= ' & echo $!';
$pid = exec($command, $output, $a);
var_dump($output[0]);
I have an html form that asks the user to input a domain name, this is posted to the php7.0 page below for processing by a shell script which then passes output through aha for writing to an html page which is then displayed.
The problem I have is how can I prevent users from injecting commands like:
domain.com | rm * -rf
I thought this could be done using safe_mode and restricting the directory from which commands can be run but it seems this feature is now deprecated.
$domain_arg = escapeshellarg( $_POST['domain'] );
$today = date("Y-m-d-H:i:s");
$cmd = "/home/ubuntu/dtest/dtest.sh $domain_arg | aha -b -t 'Domain test of $domain_arg' > /var/www/website/results/$domain_arg.$today.html";
$output = shell_exec($cmd);
header("Location: http://the.web.com/results/$result.$today.html");
You use escapeshellarg on the arguments before running them, the result is a single quoted string such as 'domain.com | rm *'. Your problem is that you're not using this as a shell argument, but as a portion of a shell argument:
aha -b -t 'Domain test of $domain_arg'
This will absolutely cause the problems you're describing. Try something like this instead:
<?php
$domain_arg = escapeshellarg($_POST["domain"]);
$log_msg = escapeshellarg("Domain test of $_POST[domain]");
$today = date("Y-m-d-H:i:s");
$log_file = preg_replace(
"/[^\w:\\/.-]/i",
"_",
"/var/www/website/results/$_POST[domain].$today.html"
);
$cmd = "/home/ubuntu/dtest/dtest.sh $domain_arg | aha -b -t $log_msg > $log_file";
$output = shell_exec($cmd);
$result = rawurlencode($output); // just guessing that's where it comes from
$today = rawurlencode($today);
header("Location: http://the.web.com/results/$result.$today.html");
You should rather use escapeshellcmd() instead of escapeshellarg().
Is there a PHP functionallity same as read -i in BASH so that a script can prompt the user and provide a default answer like this:
Are you doing ok? (yes/no): yes
Where "yes" is the default answer provided by the script, which the user can erase and input another.
The readline function does not seem to have what it takes. Is there any other way to do this?
Using a stream does not seem to work either:
<?php
echo "Are you doing ok? (yes/no): ";
$in = fopen('php://stdin', 'rw+');
fputs($in, 'yes'); // should be the default?
$answer = fgets($in);
fclose($in);
echo "\nYou entered: {$answer}\n";
Whatever is in written by the fputs($in, 'yes'); line is ignored:
Are you doing ok? (yes/no): yes
You entered:
Am I using the stream incorrectly? Or maybe there is some other way to achive the default value?
EDIT:
Maybe I simlified the example to much. The real issue is not a simple yes/no prompt - this is just an example. Let me emphasize again: I'm aiming for providing exactly the same functionallity as the read -i BASH command. The $answer in my specific case holds an URL, so I would like for the user to be provided with the first part of the url (scheme, host, port), so he can add/edit the rest (path, query), fragment. Like this:
Enter url: http://www.example.com/foo/
now the user complement the path with bar/baz and we get:
You entered: http://www.example.com/foo/bar/baz
But on the other hand the user also should have the option to erase the first part of the url and provide completely different string:
Enter url: ftp://www.my-super-specific-domain.com/foo/bar
There's no built in way of doing this because writing some code that does it is quite straight forward:
function writeQuestion($question, $answers)
{
echo $question . ' (' . implode('/', $answers) . '): ' . PHP_EOL;
}
function readAnswer($possibleAnswers, $defaultAnswer)
{
$in = fopen('php://stdin', 'rw+');
$answer = trim(fgets($in));
if(!in_array($answer, $possibleAnswers))
{
return $defaultAnswer;
}
return $answer;
}
$question = 'Are you doing ok?';
$answers = array('yes', 'no');
$defaultAnswer = 'yes';
writeQuestion($question, $answers);
$answer = readAnswer($answers, $defaultAnswer);
You can wrap standard bash read for prefilled/populated edit and call it from you main php cli script
bash script named xreadline:
#! /bin/bash
IFS="";read -r -p "$1" -i "$2" -e STRING;echo "$STRING"
main php cli script:
#!/usr/bin/php
<?php
function xreadline ($prompt,$prefill)
{
$on = exec ('./xreadline "'.$prompt.'" "'.$prefill.'"');
return $on;
}
$answer = xreadline ('Your answer: ', 'xyz');
echo $answer;
.....
This approach fully supports UTF8 instead of native PHP readline.
Comment messed my code so here is standalone php cli file with function call to "read" command.
Little bit tricky, but hopefully will work as supposed to. :-)
#!/usr/bin/php
<?php
function xreadline ($prompt,$prefill)
{
return exec ('/bin/bash -c \'read -r -p "'.$prompt.'" -i "'.$prefill.'" -e STRING;echo "$STRING";\'');
}
echo "Prompt test :\n";
$output = xreadline ("edit this prefilled prompt: ","prefilled stuff");
echo "\n";
echo $output;
I have a PHP script that gets passed the MySQL connection details of a remote server and I want it to execute a mysqldump command. To do this I'm using the php exec() function:
<?php
exec("/usr/bin/mysqldump -u mysql-user -h 123.145.167.189 -pmysql-pass database_name > /path-to-export/file.sql", $output);
?>
When the right login details are passed to it, it'll work absolutely fine.
However, I'm having trouble checking if it executes as expected and if it doesn't finding out why not.
The $output array returns as empty, whereas if I run the command directly on the command line a message is printed out telling me the login failed. I want to capture such error messages and display them. Any ideas on how to do that?
You should check the third parameter of exec function: &$return_var.
$return_var = NULL;
$output = NULL;
$command = "/usr/bin/mysqldump -u mysql-user -h 123.145.167.189 -pmysql-pass database_name > /path-to-export/file.sql";
exec($command, $output, $return_var);
By convention in Unix a process returns anything other than 0 when something goes wrong.
And so you can:
if($return_var) { /* there was an error code: $return_var, see the $output */ }
The solution I found is to run the command in a sub-shell and then output the stderr to stdout (2>&1). This way, the $output variable is populated with the error message (if any).
i.e. :
exec("(mysqldump -uroot -p123456 my_database table_name > /path/to/dump.sql) 2>&1", $output, $exit_status);
var_dump($exit_status); // (int) The exit status of the command (0 for success, > 0 for errors)
echo "<br />";
var_dump($output); // (array) If exit status != 0 this will handle the error message.
Results :
int(6)
array(1) { [0]=> string(46) "mysqldump: Couldn't find table: "table_name"" }
Hope it helps !
Because this line redirect the stdout output > /path-to-export/file.sql
try this,
<?php
exec("/usr/bin/mysqldump -u mysql-user -h 123.145.167.189 -pmysql-pass database_name", $output);
/* $output will have sql backup, then save file with these codes */
$h=fopen("/path-to-export/file.sql", "w+");
fputs($h, $output);
fclose($h);
?>
I was looking for the exact same solution, and I remembered I'd already solved this a couple of years ago, but forgotten about it.
As this page is high in Google for the question, here's how I did it:
<?php
define("BACKUP_PATH", "/full/path/to/backup/folder/with/trailing/slash/");
$server_name = "your.server.here";
$username = "your_username";
$password = "your_password";
$database_name = "your_database_name";
$date_string = date("Ymd");
$cmd = "mysqldump --hex-blob --routines --skip-lock-tables --log-error=mysqldump_error.log -h {$server_name} -u {$username} -p{$password} {$database_name} > " . BACKUP_PATH . "{$date_string}_{$database_name}.sql";
$arr_out = array();
unset($return);
exec($cmd, $arr_out, $return);
if($return !== 0) {
echo "mysqldump for {$server_name} : {$database_name} failed with a return code of {$return}\n\n";
echo "Error message was:\n";
$file = escapeshellarg("mysqldump_error.log");
$message = `tail -n 1 $file`;
echo "- $message\n\n";
}
?>
It's the --log-error=[/path/to/error/log/file] part of mysqldump that I always forget about!
As exec() is fetching just stdout which is redirected to the file, we have partial or missing result in the file and we don't know why. We have to get message from stderr and exec() can't do that. There are several solutions, all has been already found so this is just a summary.
Solution from Jon: log errors from mysqldump and handle them separately (can't apply for every command).
Redirect outputs to separate files, i.e. mysqldump ... 2> error.log 1> dump.sql and read the error log separately as in previous solution.
Solution from JazZ: write the dump as a subshell and redirect stderr of the subshell to stdout which can php exec() put in the $output variable.
Solution from Pascal: better be using proc_open() instead of exec() because we can get stdout and stderr separately (directly from pipes).
write below code to get the database export in .sql file.
<?php exec('mysqldump --user=name_user --password=password_enter --host=localhost database_name > filenameofsql.sql'); ?>