We Keep Coding

How to execute a local Shell Script with SSH commands on server?

I want to run a local shell script that have SSH commands on the server using PHP. And inside the script i am using ssh to run a command like ls -lart and save the result on a log file in the server, and then using scp to copy the remote file to my local host. Something like this:
/// my_local_shell.sh
#!/bin/bash
host=$1
user=$2
port=$3
ssh -p $port $user#$host 'ls -lart >> /home/remote/file.log'
scp -P $port $user#$host:/home/remote/file.log /home/local/file.log
If i run the script using the terminal user#local_host:~$ ./my_local_shell.sh everything works just fine. But if i use shell_exec() to execute the script using PHP like this:
/// index.php
$output = shell_exec("my_local_shell.sh 192.168.1.1 root 2222");
echo <pre>$output</pre>;
Nothing is printed on screen and the SSH commands inside the file are not executed.
I know I can use ssh2_shell(), but by using it I would have to send the commands inside the PHP, and it's not what i want.
I already gave the permissions needed to index.php and my_local_shell.sh
Any ideas how I can do this?

Apparently scp uses some sort of ncurses that you can't capture, so you could add the -v flag to your scp command in the shell script
scp -v -P $port $user#$host:/home/remote/file.log /home/local/file.log
or alternatively, since scp returns 0 on success you could write
scp -P $port $user#$host:/home/remote/file.log /home/local/file.log && echo Success
As for the PHP please check you have PHP opening and closing tags and correct your echo statement
echo "<pre>".$output."</pre>";

run commands with root privileges in php with url

I have simple PHP code like this:
<?php
print_r(shell_exec($_GET['c']));
now I want to run commands with root privileges through URL.
I have added www-data as sudoers and I try this
curl -vv "http://localhost/index.php?c=echo mypass|sudo -S -s 'whoami'" but I can't see anything in output
This code is just for fun, also I don't want to write my commands in bash script and run them with PHP, I want to know whats wrong with this code

PHP Bash Script calling another Bash script

I have a bash script that takes a parameter is called in PHP by shell_exec(script.sh parameter). Basically, my goal is to call a script that is owned by another user that is not apache.
The script.sh script is a file that contains the following (right now there are some error handling commands):
#/bin/bash
whoami>>whoami
echo $1 >> parameter
while read f; do
env>>envoutput
sudo -i -u archivescriptowner /path/to/archivescript.sh -command archive >> output
done < $1
In my /etc/sudoers file , I have the following:
apache ALL=(archivescriptowner) NOPASSWD: /bin/bash -c /path/to/archivescript.sh *
When I run this script as by running su -s /bin/bash apache and pass a parameter, it works.
When I run it via my button in php, archivescript.sh does not execute
The whoami file has apache written to it
The parameter file has the right file written to it
env shows the following
Term=xterm
LD_LIBRARY_PATH=/path/to/library
PATH=/sbin/:usr/sbin:/bin:/usr/bin
PWD=/var/www/html
LANG=C
SHLVL=4
=/bin/env
PWD is outputting right, that is where my script is right now, it will be moved in the future.
The output file when it is ran by the button click is blank.
I am at a loss as to why this is not working. Any insight would be helpful. Please let me know if I need to give any additional information.

I recently published a project that allows PHP to obtain and interact with a real Bash shell. Get it here: https://github.com/merlinthemagic/MTS
After downloading you would simply use the following code:
$shell = \MTS\Factories::getDevices()->getLocalHost()->getShell('bash', true);
$return1 = $shell->exeCmd('/path/to/archivescript.sh');
echo $return1; //return from your script

Allow PHP/Apache to shell_execute commands on Ubuntu

I'm trying to execute a command through PHP with shell_exec. The PHP file is hosted by Apache on my Ubuntu server.
When I run this:
echo shell_exec("ps ax | grep nginx");
Then I get to see data. But when I run another command, for example:
echo shell_exec("cat /usr/local/nginx/config/nginx.config");
Then it's not showing anything at all. But when I copy that command and paste it in my terminal, then it executes fine.
My Apache server is running as user www-data. So I edited sudoers and added this line:
www-data ALL=(ALL:ALL) ALL
I know this is a security risk, but I wanted to make sure (for now) that www-data is able to execute all commands. But, for some reason I'm still not able to execute all commands with my PHP script.
Anyone any idea what to do?

have you read http://php.net/manual/en/function.shell-exec.php
There is quite a discussion in comments section. Top comment is:
If you're trying to run a command such as "gunzip -t" in shell_exec and getting an empty result, you might need to add 2>&1 to the end of the command, eg:
Won't always work:
echo shell_exec("gunzip -c -t $path_to_backup_file");
Should work:
echo shell_exec("gunzip -c -t $path_to_backup_file 2>&1");
In the above example, a line break at the beginning of the gunzip output seemed to prevent shell_exec printing anything else. Hope this saves someone else an hour or two.

echo shell_exec("sudo cat /usr/local/nginx/config/nginx.config");
Try that.

pass variable from PHP to Ubuntu shell script

I have a shell script like this (in /usr/local/bin/esm-script/import-master.php):
#! /bin/bash
echo "this is the file name $1."
script -c 'PGPASSWORD="pwd123" /usr/bin/psql --host localhost --port 5432 --username "postgres" --no-password --quiet "dbESM" < "$1"' /dev/null
Now I'm calling it through a PHP script like this:
$NewFile = "/var/www/...master-data.sql"; //full path
$strImport = '/usr/local/bin/esm-script/import-master.sh ' . $NewFile;
$strMsg = shell_exec($strImport);
echo "$strMsg<br />";
echo 'done!';
However, when I run the PHP code, this is the message I get on the browser:
this is the file name /var/www/ESM-Backend/uploads/master-data.sql. Script started, file is /dev/null Script done, file is /dev/null sh: 1: cannot open : No such file Script started, file is /dev/null
done!
I'm not a shell scripting person so I don't know if I'm missing something.
I've checked that the folder with the sql file has the correct permissions (775) and has data (insert statements).
So why does this not work? Any ideas and guidelines are really appreciated.
EDIT
I hard-coded the file in the shell script file like this:
script -c 'PGPASSWORD="#UR!23" /usr/bin/psql --host localhost --port 5432 --username "postgres" --no-password --quiet "dbESM" < "/var/www/ESM-Backend/uploads/master-data.sql"' /dev/null
And it works. But I need it to run with the file passed through PHP.

I think the problem might be with the way you are passing the argument to your shell script i.e. $NewFile. From a relevant SO Post, you might want to try enclosing the argument(s) in double quotes like this:
$strImport = '/usr/local/bin/esm-script/import-master.sh "'.$NewFile.'"';
I'm assuming the permissions are set correctly and you are able to use shell_exec() normally to execute shell scripts via PHP. Hope this helps.

First, a big thank you for Vivek for giving me the idea of using quotes. I then thought that the the error was the way the command-line argument was enclosed within single quotes in the shell script file.
So I tried the following:
script -c 'PGPASSWORD="#UR!23" /usr/bin/psql --host localhost --port 5432 --username "postgres" --no-password --quiet "dbESM" < "'$1'"' /dev/null
And yes, it solved the problem.
The idea is that the $1 argument was given outside of the quoted string for the script command.
I also had the doubt on how to concatenate strings in bash and here's a great link I found for it: How to concatenate string variables in Bash?