I'm using shell_exec to execute a python file with a few variables and then print the real, user, and sys results to the console.
shell_exec("time /Users/$USER/anaconda/bin/python
/Applications/MAMP/cgi-bin/file.py
$var1 $var2 $var3", $result );
print_r($result);
Although this has worked for me before, it's not working now. The error I'm getting is PHP Warning: shell_exec() expects exactly 1 parameter, 2 given
It's the same response whether I just have time or /usr/bin/time.
What's going wrong here?
shell_exec() takes only a single parameter. What you were using before was likely exec().
What is in the command string that you're passing it (e.g. time or /usr/bin/time) is irrelevant to the warning you're getting.
Related
I'm using PHP function shell_exec()to execute Shell Script.
When I use this(correct) syntax, it displays output normally
echo shell_exec("ls -l");
But, for some reason, if user enters invalid command like this
echo shell_exec("lsl -l");
by default, it should give error as it gives on terminal. But, it doesn't display anything. is there any way to catch and display errors as well; via PHP?
That's because the output of the error goes to STDERR, while shell_exec only reads STDOUT. The simplest solution would probably be to pipe STDERR to STDOUT:
<?php
echo shell_exec('lsl -l 2>&1');
If you only want to know if the command was successful, I would use exec rather than shell_exec, as you can get the return value.
From the PHP docs:
This function can return NULL both when an error occurs or the program produces no output. It is not possible to detect execution failures using this function. exec() should be used when access to the program exit code is required.
If you choose to use exec() instead, you can supply a third param to the function which will return the output of the arguments:
exec ( string $command [, array &$output [, int &$return_var ]] )
If the return_var argument is present along with the output argument, then the return status of the executed command will be written to this variable.
I could not find the reason why my request fail for the following
My php code is:
if (isset($_COOKIE["user"])) {
echo '<p><h3><strong>Welcome '.$_COOKIE["param"].'</strong></h3></p>'; .....
When i request exec('ls -al') as param , the php code did not run the command.
On the response of the request it was like parameterized:
Welcome exec('ls -al')
What may the reason that failed this execution?
$_COOKIE["param"] is a string. You are echoing it. It is not supposed to run anything.
If you wanted to run a command in your PHP, you would have to use eval(). But as for running a command from a cookie value:
DON'T DO IT!
So you're saying that the value of $_COOKIE['param'] is exec('ls -al'), and you're expecting that to run when you echo it out?
That's not how it works. The value of that cookie will be the string value "exec('ls -al')", not the result of the executed code. If you think about it for a second, you'll understand why it would be a bad idea for a cookie to be able to auto-execute code.
It's not really a great idea to be running random commands through exec() anyway, especially if that input came from a user (which cookies do - the user can and will change them to try to attack you).
Instead, you should be using other input that your code can interpret as a signal to run certain code. For example, you could have the param value hold the string list files, and your code would see that value and run exec('ls -al') for you.
You still shouldn't be execing code to do this though, since it's very easy to accidentally run dangerous commands that way. Instead, you should use PHP's built-in functions as much as possible, and only after sanitizing your inputs and only running known values.
For your case, PHP has a bunch of functions that let you interact with the filesystem of your server. Use those to get a list of files on the system instead.
I am trying to use the PHP exec() function.
If the return_var argument is present along with the output argument,
then the return status of the executed command will be written to this
variable.
If the execution was successful, it's 0. However, if there is an error, it can be a multitude of other integers. I can't seem to find anywhere what those integers correspond to. How should I interpret the integer that I get?
Update:
I really should have specified this originally, but I am executing another PHP script. Unlike rsync, which has exit values on its man page, I can't find an equivalent for PHP.
So what I am doing is something like:
$rv = exec('php file.php', $out, $rv);
The return value is dependent on the process/program that you ran with exec. For instance, if you ran grep:
The exit status is 0 if selected lines are found, and 1 if not
found. If an error occurred the exit status is 2. (Note: POSIX
error handling code should check for '2' or greater.)
rsync has about 20 different error exit codes, all painstakingly explained in the man page:
http://linux.die.net/man/1/rsync
so yes, it's program-dependant :)
Even if you're running PHP script, the exit value depends on your program itself. By default php scripts will exit with 0. If you use the exit function you can return different exit codes:
http://php.net/manual/en/function.exit.php
If you want to experimentally determine what your php program exits, call it on the command line:
php file.php
then do
echo $?
this will show you the exit value of your php script.
IMHO, before use exec() function better set output and return_var parameters and read return code execution by return_var.
Don't rely on exec() return value.
Look up the manual page for the command that you are executing. This value has nothing to do with PHP but the actual command.
I have a php script that handles a form input. For design reasons both a bit out of my control, and which I do not entirely wish to change, I have to call a perl script with the parameters specified in the html form.
I sanitized all inputs and then output them to a file called input, which is read by the perl script named, for sake of brevity in this question, script.pl. Script.pl should do some stuff and then write all outputs to a file named output.
I call the perl script from php like so:
system('perl script.pl 2>errors');
No good, nothing happens. output is not created, errors is not created, and the side effect does not occur.
My apache runs as www-data user and group id. My directory is set with 775 settings with ownership as me:www-data. (My user name is replaced with "me" for sakes for privacy).
My question is two fold:
1) Am I doing this wrong? If so how should I improve upon the code?
2) Is there a more sane way to catch errors in system execution?
After programming in perl for a while, php feels like a pain in the ass.
OS: Ubuntu server edition
popen can be used to get the shell's response. that is your best bet. Which can help you debug why system is angry. also, if your pl is saying "hello" and "bye", popen can even read that.
If the command to be executed could not be found, a valid resource is returned. This may seem odd, but makes sense; it allows you to access any error message returned by the shell
Ideally, I would have taken data from stdin and written to stdout. popen would allow neat access to both.
popen('pwd;perl script.pl 2>errors;echo done');
then you can see where were you (directory) when system got called and did it "done".
In the past I have used shell_exec() or backticks to accomplish this.
The documentation for shell_exec's return value indicates it is identical to the backtick operator:
Return Values
The output from the executed command.
Hope that helps.
system() only returns the status code.
$var = shell_exec ("ls");
print $var;
$var = `ls -l`;
print $var;
Is perl in the path? Maybe you need to specify it fully (e.g. /usr/bin/perl). Is system() returning false, indicating a failure? If you try something simpler, like system('/usr/bin/true', $retval), does $retval get set to 1?
Take a look at the PHP system() documentation. The following is the function prototype of system():
string system ( string $command [, int &$return_var ] )
Pass in a 2nd argument and then print out the return string as well as the second variable. See what the error says.
I am executing a SQL Server stored procedure that is supposed to return an output parameter (ErrCode), as well as a resultset.
I am calling the procedure from PHP using the following code, but so far have been unable to retrieve the output parameter:
$stmt = mssql_init("addFaculty", $this->db);
mssql_bind($stmt, "#FacultyID", $FacultyID, SQLCHAR);
...imagine other parameters here...
mssql_bind($stmt, "#ErrCode", &$ErrCode, SQLINT1, TRUE, FALSE, 1);
$result = mssql_execute($stmt);
echo $ErrCode
$ErrCode is always echoed as 0, even when it should return a '1' or '2'. When I execute the procedure within SQL Server Studio, however, the 'Messages' tab will correctly display a '1' or a '2'.
In doing research, I found one suggestion that stated you must use mssql_next_result() first to be able to access the output parameters. I tried this, but it simply returned a PHP
"Warning: mssql_next_result(): supplied argument is not a valid MS SQL_result resource"
I also found a reference to a similar issue in this thread but did not see a real resolution.
Like the person in that thread, I am using Linux (CentOS) with PHP5 and MS SQL Server 2005.
Does anyone have any suggestions on this? I had an issue like this in a previous project as well, and in the end, simply gave up on using output parameters (and did all my error_checking in the PHP instead) because I couldn't figure it out. It would be nice to find an answer :(
I am not a PHP guy, but I think this will help.
It says:
Note that when retrieving an output or
input/output parameter, all results
returned by the stored procedure must
be consumed before the returned
parameter value is accessible.
EDIT:
Have you tried ADODB
Check my post on this problem, I used a class extended from Zend_Db_Table_Abstract. I do not use pure PHP, still using the framework accordingly. Seens to be fine and run ok, I am even getting also the resultset back! Hope it helps:
Execute MSSQL stored procedure via Zend Framework