I have come across an interesting situation with the shell_exec() function in PHP. This command works:
$res = shell_exec("mdb-export -D \"%d/%m/%y\" ".$this->mdbFileName." ".$tableName." &> " . $outputFile);
However, this command does not work:
$res = shell_exec("mdb-export -D \"%d/%m/%y\" ".$this->mdbFileName." \"".$tableName."\" &> " . $outputFile);
When entering the command in a shell (either way - with or without quotes around the table name) it works fine. I would really like to know why the first set of escaped quotes does not affect shell_exec():
\"%d/%m/%y\"
But the second set:
\"".$tableName."\"
Does not allow shell_exec to execute. FYI: all file name variables in the script are full file paths. They were entered in the exact same way when testing in the shell. Any thoughts?
EDIT: Upon failure, shell_exec returns NULL and the command is not executed.
After some more testing, it appears that the $tableName variable contained an extra space. Another part of the program was pulling the table name from the MDB file and left a trailing space.
When echoing out the $tableName variable everything appeared fine because the space was invisible. When running shell_exec without quotes surrounding the table name, the command executed because no errors occur if there are extra spaces between parameters. However, when surrounding the variable with quotes, the mdb-export program started looking for:
"tableName "
instead of
"tableName"
causing a silent, yet complete failure.
Related
I just cannot fathom how to get the PHP exec() or shell_exec() functions to treat a '*' character as a wildcard. Is there some way to properly encode / escape this character so it makes it through to the shell?
This is on windows (via CLI shell script if that matters, Terminal or a git-bash yields the same results).
Take the following scenario:
C:\temp\ contains a bunch of png images.
echo exec('ls C:\temp\*');
// output: ls: cannot access 'C:\temp\*': No such file or directory
Permissions is not the problem:
echo exec('ls C:\temp\exmaple.png');
// output: C:\temp\example.png
Therefore the * character is the problem and is being treated as a literal filename rather than a wildcard. The file named * does not exist, so from that point of view, it's not wrong...
It also does not matter if I use double quotes to encase the command:
echo exec("ls C:\temp\*");
// output: ls: cannot access 'C:\temp\*': No such file or directory
I have also tried other things like:
exec(escapeshellcmd('ls C:\temp\*'));
exec('ls C:\temp\\\*');
exec('ls "C:\temp\*"');
exec('ls "C:\temp\"*');
And nothing works...
I'm pretty confused that I cannot find any other posts discussing this but maybe I'm just missing it. At this point I have already worked around the issue by manually programming a glob loop and using the internal copy() function on each file individually, but it's really bugging me that I do not understand how to make the wildcard work via shell command.
EDIT:
Thanks to #0stone0 - The answer provided did not particularly answer my initial question but I had not tried using forward slashes in the path and when I do:
exec('ls C:/temp/*')
It works correctly, and as 0stone0 said, it only returns the last line of the output, which is fine since this was just for proof of concept as I was not actually attempting to parse the output.
Also, on a side note, since posting this question my system had been updated to Win11 22H2 and now for some reason the original test code (with the backslashes) no longer returns the "Cannot access / no file" error message. Instead it just returns an empty string and has no output set to the &$output parameter either. That being said, I'm not sure if the forward slashes would have worked on my system prior to the 22H2 update.
exec() only returns the last output line by default.
The wildcard probably works, but the output is just truncated.
Pass an variable by ref to exec() and log that:
<?php
$output = [];
exec('ls -lta /tmp/*', $output);
var_dump($output);
Without any additional changes, this returns the same as when I run ls -lta /tmp/* in my Bash terminal
That said, glob() is still the preferred way of getting data like this especcially since
You shouldn't parse the output of ls
I am modifying a set of bash scripts that process video files and reports the processing steps to a mysql database (here is the original code in question).
The function that does the database reporting is called from the main processing script and looks like this in the original:
_report_to_db(){
if [ "${REPORT_TO_DB}" = "Y" ] ; then
echo "INSERT IGNORE INTO tableA (objectIdentifierValue,object_LastTouched) VALUES ('${MEDIA_ID}',NOW()) ON DUPLICATE KEY UPDATE object_LastTouched = NOW()" | mysql --login-path="${LOGIN_PROFILE}" "${DB_NAME}" 2> /dev/null
_db_error_check
fi
}
Since the scripts are meant to be run directly from the command line, when you run them that way it works fine. But I'm running them via php from a web interface and there's some shenanigans going on with the quoting/escaping of whitespace and/or variables.
For instance, the script breaks on the whitespace after ...| mysql and it thinks I'm trying to run mysql as root without a password and totally ignores the --login-path and the other stuff I'm piping to it.
When I call mysql from a variable like so:
_report_to_db(){
if [ "${REPORT_TO_DB}" = "Y" ] ; then
SQL_ARRAY=(INSERT IGNORE INTO tableA (columnA,lastTouched) VALUES ("${SOME_PASSED_VALUE}",NOW()) ON DUPLICATE KEY UPDATE object_LastTouched = NOW();)
MYSQL_COMMAND_ARRAY=(mysql --login-path="${LOGIN_PROFILE}" -e "${SQL_ARRAY[#]}" "${DB_NAME}")
echo "$(${MYSQL_COMMAND_ARRAY[#]})"
_db_error_check
fi
}
... I am able to log into mysql correctly but the SQL query is ignored (when it echos the result you get the standard MySQL --help output.
So far I have tried all kinds of variations on quoting, escaping, referencing the query as a separate string variable, as an array (as you see here).
What is also not helpful is that the original _db_error_check() function only checks the value of the pipe exit status. So if the pipe is ok, but there's a problem further down the path, it fails silently.
_db_error_check(){
if [ "$?" != "0" ] ; then
# reports an error if the pipe exit value ≠ 0
else
# everything is ok! even if there was a mysql error
fi
}
This is not a file or database permissions issue (already triple checked that). Are there quotes or some other stupid thing that I am missing?? Thanks! Oh, I am running OSX El Capitan.
UPDATE
Lol, I was going to post the PHP that calls the script and then I remembered that the PHP is actually calling a Pyhton script that does some other processing too, and that is what calls the bash script. Here it all is:
PHP
$command = escapeshellcmd("/usr/local/bin/python3 /Users/user/path/to/ingest.py " . $user . " 2>&1");
while (# ob_end_flush());
$proc = popen($command, 'r');
echo '<pre>';
while (!feof($proc))
{
echo fread($proc, 4096);
# flush();
}
echo '</pre>';
PYTHON
for item in os.listdir(ingestDir):
if not item.startswith("."):
filePath = os.path.abspath(ingestDir+"/"+item)
fileNameForMediaID = os.path.splitext(item)[0]
try:
ingest = subprocess.Popen(['/usr/local/bin/ingestfile','-e','-u',user,'-I',filePath,'-m',fileNameForMediaID])
ingest.wait()
os.remove(filePath)
except IOError as err:
print("OS error: {0}".format(err))
UPDATE 2
I think this might actually be a weird quirk of my installation (go figure). Using mysql --login-path=myDbUser [etc...] from a shell on my host machine I keep getting the error ERROR 1045 (28000): Access denied for user 'ADMIN'#'localhost' (using password: NO) where the client user is ADMIN and I am trying to login as myDbUser.
I actually uninstalled and reinstalled mysql (via Homebrew) and still have the same results. Using a different machine (running Sierra, but the same mysql version) I can run the above shell command successfully and log into mysql as the target user.
Also on the host machine, I can sudo -u _www zsh and run the command as the Apache user (which is the user running the whole show) without a problem. SO WHY IS IT NOT RUNNING CORRECTLY EITHER IN THE SCRIPT OR EVEN RUN FROM SHELL AS MY MAIN CLIENT USER???
Any ideas? $PATH is identical in all cases mentioned above. Same ~/.mylogin.cnf setups. Is there anything else stupid obvious I missed?
You need to use indirect expansion here:
echo "$(${MYSQL_COMMAND_ARRAY[#]})"
the man says:
If the first character of parameter is an exclamation point (!), and
parameter is not a nameref, it introduces a level of variable
indirection. Bash uses the value of the variable formed from the rest
of parameter as the name of the variable; this variable is then
expanded and that value is used in the rest of the substitution,
rather than the value of parameter itself. This is known as indirect
expansion. If parameter is a nameref, this expands to the name of the
variable referenced by parameter instead of performing the complete
indirect expansion. The exceptions to this are the expansions of
${!prefix*} and ${!name[#]} described below. The exclamation point
must immediately follow the left brace in order to introduce
indirection.
${!name[#]}
${!name[*]}
If name is an array variable, expands to the list of array indices
(keys) assigned in name. If name is not an array, expands to 0 if name
is set and null otherwise. When ‘#’ is used and the expansion appears
within double quotes, each key expands to a separate word.
PS: If I may put forward a piece of my personal opinion, having a chain of php -> python -> bash is the worst coding style one can ever met, you may want to rewrite it into single langue so it will be easier to track down further issues at least.
I am trying to pass some values from a PHP file to a BASH script. I am getting a ERROR CACHE_MISS response.
The variable 'coretown' holes the value 'Houston, TX'. It must be in that format for the bash script to work.
Results of a test to prove the variables are correct
WorkString531cdf6b8b3451.99781853 OutString531cdf6b8b3451.99781853 Houston, TX
Execute the bash script.
$errorTrap=shell_exec("./Find-Town.sh $workPath $outPath $coreTown");
Bash script:
#!/bin/bash
set -x
InFile="./zipcode.txt"
"$Work1"="$1"
"$OutFile"="$2"
"$InString"="$3"
echo "$1";
echo "$2";
echo "$3";
Returned by the 'echo' in the script:
WorkString531cdf6b8b3451.99781853 OutString531cdf6b8b3451.99781853 Houston,
Notice the state (TX) is missing. If I put 'echo "$4";' in there it will display the 'TX'.
Is one of these languages handling the content of 'coreTown' ('Houston, TX') as an array? If so, which one? Amd how do I fix it? My google searches did not address this problem.
Since $coreTown contains a space, that's being treated as an argument delimiter in the shell; you need to quote it or escape the space. Luckily, PHP has a function that does that for you: escapeshellarg.
$workPathEsc = escapeshellarg($workPath);
$outPathEsc = escapeshellarg($outPath);
$coreTownEsc = escapeshellarg($coreTown);
$errorTap = shell_exec("./Find-Town.sh $workPathEsc $outPathEsc $coreTownEsc");
how can i run an ".exe" file throw my PHP class?
Or is there any other way to do that?
I have already used
exec();
passthru();
function but its give me error, my code :
$path = "C:\Program Files\Softland\doPDF 7\dopdf.exe";
$result = passthru('$path 2>&1');
Error :
'$path' is not recognized as an internal or external command, operable program or batch file.
This isn't a good practice but ....
$result = passthru($path.' 2>&1');
or
$result = passthru("$path 2>&1");
you should (as you can see) put $path variable outside single quotes (that prevent variable evaluation and substitution) or put double qoutes (that permits variable substitution)
You need to use double quote if you want $path to be replaced by variable value so
$result = passthru("$path 2>&1");
The problem is that you're using single quotes, so the string passed to the shell was literally '$path 2>&1'. Variable substitution does not occur in side single quotes, only double, in PHP.
So you need to either concatenate the string or put it in double quotes.
$result = passthru("$path 2>&1");
I'm running on win2003 server, PHP 526, via the cmd-line.
I have a cmdline string:
$cmd = ' "d:\Prog Files\foo.exe" -p "d:\data path\datadir" ';
Trying to do this in php code
$out = `$cmd`; # note use of backticks AKA shell_exec
results in a failure by foo.exe as it interprets the -p arg as "d:\data".
However, the same $cdm string copied to the windows shell cmdline executes successfully.
How do I properly handle spaces in PHP shell_exec?
Use escapeshellarg() to escape your arguments, it should escape it with an appropriate combination of quotation marks and escaped spaces for your platform (I'm guessing you're on Windows).
Unlike Unix, which requires quotes within quotes to be escaped, Windows doesn't seem to work this way. How it keeps track of the quotes is beyond me, but this actually seems to work, despite all logic to the contrary:
$cmd = '" "C:\Path\To\Command" "Arg1" "Arg2" "';
$fp = popen($cmd, 'r');
$output='';
while ($l = fgets($fp, 1024))
$output.=$l;
I'm guessing command.exe is taking the command string total and nixing the (otherwise redundant) outside quotes. Without these outside quotes, DOS does some weird things. This solution is similar to post by user187383, but does away with the "cmd /c" which only obfuscates what's actually happening along with a mild performance cut, since cmd /c is implicit by the shell call in the first place!
This is an interesting problem. Apparently, PHP lets you put double quotes around the program or the arguments, but not both. It may be worth reporting this as a bug.
A work around is to use the DOS 8.3 name instead of quotes. E.g., "C:\Program Files\" usually becomes "C:\Progra~1".
Had this problem too - came up with an idea to route the launching through cmd.exe. The trick here is not to get lost in the double qoutes. Generally you want to put anything you want to run in:
exec('cmd /c " '.$path.' "';
Where $path is a already double-quoted path to your executable. Example:
$path = '"C:\Program Files\ToDoList Simple\ToDoList.exe" "C:\SomePath\todo.tdl" -nt test -cm test2';