I have to automate a process using php in which I have to append content in a file.
The file does not have any specific permissions specified but the folder 'abc' has read only permissions, so fopen() prompts permission denied when I try to append a file.
But I can edit the file manually and also from the command prompt. So I tried the following:
When I try
echo exec("echo Testing>>\\xx.xx.x.x\C$\abc\test.txt");
in my script, it does not work.
If the same command
echo Testing>>\xx.xx.x.x\C$\abc\test.txt
is run on cmd it works.
I even tried psexec:-
echo exec('C:/psexec \xx.xx.x.x cmd /c \"echo Testing>>C:\abc\test.txt\"');
again when i run
C:/psexec \xx.xx.x.x cmd /c "echo Testing>>C:\abc\test.txt"
on cmd it works fine.
Is it anything to do with exec() that I am doing wrong?
OR Is there any other way I can edit file, because I should not change the folder permissions but still get the process automated.
I assume you are using Windows. On Debian Linux, I would tell you to give write permissions to user www-data on the appropriate directory.
You probably need to give the local IIS worker account write permissions on the directory. The local IIS worker account is likely named something like IUSR_[SERVERNAME].
Some webhosts decides to remove the function exec for security reasons.
view your php info and check if yours is disabled.
Related
I can't get exec() to read or write how I need it to:
exec("php -f /root/script/screenshot.php")
Fails with Could not open input file. Must be a permissions problem. Changing the file owner to the php user didn't fix it though.
Can't get this to work either:
exec("xvfb-run -a cutycapt --min-width=1920 --min-height=1920 --url='{$url}' --out='{$path}'");
Fails but doesn't give any error message. cutycapt is a screenshot app to take a screenshot of a website.
Both commands work perfectly from command-line. But it seems that php exec() will neither read nor write files...
watch if your folder path is in the sudoers file
Figured out that it was indeed a permissions error. The second command wasn't working because the folder didn't have write permissions to the apache user.
exec("xvfb-run -a cutycapt --min-width=1920 --min-height=1920 --url='{$url}' --out='{$path}'");
Changed the permissions, and now the above command is saving screenshots no problem at all.
i am ubuntu user.. i have a command in php that exec a python file.. the python file is set to executable.. so, my php command is:-
shell_exec("try.py");
the python file is located at desktop.. but the php file is located in www folder..
/var/www/try.php
in the try.py, i have a code to rename a file on the desktop as follow:-
print "enter"
os.rename("a.txt", "b.txt")
print "exit"
so, the try.py and a.txt are in desktop..
my problem is, when i execute the php file, it shows the "enter" only but not with the "exit".. so i guess it cannot execute the os.rename maybe because of the root privilege or anything that i dont know.. i have tried some solutions to disable password for sudo but still i didnt show the "exit".
but, if i execute the try.py directly by double click it on the desktop and execute it, the command can be done and the output shows:-
enter
exit
so, anyone knows how to execute it using php?
You can directly rename files in php using the rename function.
rename($oldname, $newname);
The problem is when you are doing os.rename("a.txt", "b.txt") it is looking for a.txt in the directory from where the application is running (so it is looking for a.txt in /var/www/.
You should give both a.txt and b.txt the full path:
os.rename('/home/user/Desktop/a.txt', '/home/user/Desktop/b.txt')
You will also have to make sure that www-data (or whatever user is running Apache) can write to the Desktop directory; however from a security perspective this is a very bad idea - any script running on the server can read the contents of your desktop (and even delete the files).
finally, i got the solution..
to be able to rename the file in desktop using os.rename, we need to edit some of the configurations in sudoers..
it involved some steps in visudo and also the php script..
in visudo (using command "sudo visudo" in terminal:)-
#user privilege specification
root All=(ALL:ALL) ALL
www-data ALL=(ALL:ALL) ALL
#includedir /etc/sudoers.d
ubuntu ALL=(ALL) NOPASSWD: ALL //use your username.. mine is ubuntu
www-data ALL=(ALL) NOPASSWD: ALL //the place where i put the php file
in php file:-
<?php
$output = exec("sudo python /home/ubuntu/Desktop/[filename.py]");
?>
for python file is just the same..
os.rename("a.txt", "b.txt")
ok.. that is the solution.. now i can run the python script which it will change the name of a file in desktop from php..
Thank you for all the comments and suggestion for the solutions.. =))
You need something like:
my_dir = os.path.dirname(os.path.realpath(sys.argv[0]))
That will equate to the directory try.py is actually in.
Then you can execute:
os.rename(os.path.join(my_dir, 'a.txt'), os.path.join(my_dir, 'b.txt'))
As mentioned above, this isn't necessarily a great idea from a security PoV though, since you have to grant write permissions to the php script.
I also usually put the my_dir code in an if sys.argv[0]: so that I can still debug from python REPL:
if sys.argv[0]:
# running as executable
my_dir = os.path.dirname(os.path.realpath(sys.argv[0]))
else:
# imported into interpreter
my_dir = '.'
That way I can still import the module into REPL to debug it, as long as I'm in the same directory as the file in question.
I've recently set up my Apache2 Server on my Linux machine. Now I've wanted to execute a PHP script (index.php), which runs a shell script (foo.sh), which creates a folder in my home directory, but the directory was not created.
These are the original two files:
foo.sh:
#!bin/bash
mkdir /home/lorenzo/testDir
index.php:
<?php
exec('sh test.sh');
?>
So, I thought maybe the problem occurs because of privileges or something, and indeed after I changed the files to that:
foo.sh:
#!bin/bash
echo "Hello world"
index.php:
<?php
$temp=exec('sh test.sh');
echo $temp;
?>
I saw the output Hello World on my website.
So the PHP script is executed and it runs the shell script. But why can't the shell script execute the mkdir command?
This indeed is most likely a permission issue.
You first have to figure out which user apache runs at. This is usually www-data (on Debian-ish Linuxes, such as Ubuntu) or apache (on RedHat-ish Linuxes) or something along the lines. A ps -eF | grep apache will reveal the user.
After you figured that out, make sure that the apache user has the appropriate rights in your home directory. You can either add it to your user group (using usermod -a -G ... and then chmod g+w ~) or allow writing for all users (chmod o+w ~).
But, both of this is a bad idea. Your php script (or anything else running as the apache user) can be broken into and cracked, leaving you home directory open for malicious attackers to modify and rm -rf.
In addition, if you’re running a RedHat-ish Linux, you will run into SELinux which by defaut prevents apache from accessing user directories at all. In that case, you also have to set setsebool -P httpd_enable_homedirs on.
Instead, I would recommend that you use a different directory and give your user full access to that. Something along the lines of /var/www/testDir with the apache as owner and group, and adding yourself to the apache user group is probably a sane idea.
It looks like a permission issue. Make sure that Apache has write permission to that directory
You may have permission issues on the server. Try to use chmod -R 775 <dirname>(or 777) in your ssh command line. You can do this in php code with chmod() too but I don't suggest you because it would run it everytime the php code runs and changing it more times is pointless. It can output to the screen but I bet the directory the script wants to make file has permission 755. Try to check it.
I am trying to run a .sh file from php.
I tried doing it with shell_exec(). but its not working
I refered many questions related to this in stack overflow but could not solve
my php code is(web.php)
<?php
echo shell_exec('/var/www/project/xxe.sh');
echo "done";
?>
only done is printed. but it is working from terminal(php /var/www/project/web.php)
In xxe.sh I am calling a python file
python vin.py
I have also changed the file permission to 777 for both .sh n .py files
please help
If you say it works on the terminal and not on apache then apache's php.ini file may be disabling the use of shell_exec().
See http://www.php.net/manual/en/ini.core.php#ini.disable-functions
Your apache's php.ini file may look something like
disable_functions=exec,passthru,shell_exec,system,proc_open,popen
Remove shell_exec from this list and restart the web server, although this is a security risk and I don't recommend it.
shell_exec might not know what directory to look in for your executable's location directory. What solved it for me was this before the shell_exec:
putenv('PATH=/usr/local/bin');
Then the terminal can find the executable. Also check permissions on every part of the command to make sure apache user has read and execute permissions.
If it works well in shell, I think apache is chrooted. So php can't find /var/...
Or user of httpd user does not have permission to enter /var/...
If you are good at PHP. Open dir /var/... And readdir() and check dir exists and check file exists.
This question might help you. scanning /home/ with opendir()
The problem is usually that when you exec code from within php it is run as the webservers user www-data in alot of linux distros. Normaly this user does not have an enviroment set up, and because of that no PATH. By using full paths in your files you can usually overcome this.
xxe.sh
/usr/bin/python /path/to/script/vin.py
While trying to run a script triggered by github post-receive webhook.
Here is where my project directory is located(cloned git repo):
/var/www/html/my-repo
I create a script inside the above directory called webhook.php:
<?php
#webhook.php
$cmd = shell_exec("git pull 2>&1");
#for debugging
echo $cmd;
?>
Execute the following command inside /var/www/html
sudo chown www-data:www-data -R my-repo/
Test it by going to http://www.myserver.com/my-repo/webhook.php
Add the path to your script to github webhooks.
I have been stuck in this problem for several hours.
I have thought about a solution.
1. move your script to a python file "script.py" and place this file to your server root.
2. shell_exec("python script.py");
Any way, it works for me.
On my host I had to give a different path for my php file to be executed from shell_exec().
This didn't work shell_exec('/usr/bin/php backgroundtask.php');.
While this did shell_exec('/opt/php/php-5.5.0/bin/php backgroundtask.php');.
You can visit this Reference.
I had the same issue because PHP backslashes.
PHP escapes the backslashes, so the command that reaches the shell
'COPY E:path1\path2\file.prn /B \127.0.0.1\"PRINTER NAME"'
so I gave command like this
'COPY E:\\path1\\path2\\file.prn /B \\\\127.0.0.1\"PRINTER NAME"'.
You have to double-escape the backslashes: once for PHP and once for the shell.
I am currently over ssh on a remote CentOS 5.6 system which runs an Apache webserver. I need to use the poppler pdftohtml binary which, unfortunately, is not currently installed on that machine. So I downloaded the poppler package and built it under my user folder. Since I I am not the system admin, I didn't do
make install
and I have all my compiled files under
/users/myfolder/poppler-0.18.2/
The file that I need to execute through php shell_exec() is
/users/myfolder/poppler-0.18.2/utils/pdftohtml
If I execute it through my ssh bash, I get the correct output. If I, instead, put this line on a php script:
echo shell_exec("/users/myfolder/poppler-0.18.2/utils/pdftohtml");
I get the following output:
sh: /users/myfolder/poppler-0.18.2/utils/pdftohtml: Permission denied
I tried setting to 777 the file permissions, which currently are -rwxrwxrwx. I also noticed that using shell_exec("whoami"); results in "apache". Shouldn't apache be able to execute the script if the file permissions are -rwxrwxrwx?
I also know that installing poppler through make install would solve the problem but since this is for testing purpose, I would like to avoid "contaminating" the system outside my personal folder until the testing is complete.
Thanks to anyone who will help!
Just because a file is executable for a user does not mean that user is actually able to execute the file. The user needs to also be able to 'get to' the file: The user needs execution permission for all 'parent directories', in your case for /users, myfolder, poppler-0.18.2 and utils.
Assuming /users is the same basic thing as /home, everybody should have +x on that. From there, you can set it: simply do chmod o+x /users/myfolder /users/myfolder/poppler-0.18.2 /users/myfolder/poppler-0.18.2/utils
(Note: This will make it possible for everybody to execute this binary, not just Apache.)
If the apache user and you share a group, it would be better to use chown the poppler directory and everything in to be owned by that group, and set g+x instead of o+x.