We Keep Coding

Php exec returns unexpected result while direct call of command in terminal returns correct result (Laravel is used)

Can't solve the problem.
Briefly: I need to execute command on remote server via ssh.
I have two PCs from where I do that job. Ubuntu server - no problem. But from FreeBSD - problem.
Target server is under Freebsd too.
Access is via ssh keys, user - root. In my client Freebsd I can do ssh root#x.x.x.x without any password, so we make conclusion that this part is ok. Next. I run php artisan tinker (for those who don't know what is this - this is terminal for executing php code). There I do:
exec("ssh root#x.x.x.x whoami");
And I get 'root'. Work is correct. But I do the same via
dd(exec("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -v root#x.x.x.x 2>&1"));
and I get:
"Permission denied (publickey,keyboard-interactive)."
For that command:
dd(exec("ssh -v root#91.222.216.24 whoami 2>&1"));
I get:
"Host key verification failed."
As I understand the only way is to use password, but why key auth fails?
How to fix that?
I've tried many options (read many articles on stackoverflow) and in some combination of code I've found that it looks like when command executed via exec another user (www) is used, not root. And I got errors like:
Could not create directory '/nonexistent/.ssh'.
As I understand the problem connected to user and its permissions. And it looks like there is no any user at all when sshing via exec.
Upd.
Right in terminal on client PC
php -r "echo(exec('whoami'));"
gives. 'root'.
But the same inside of controller in Laravel while using php exec
dd(exec('whoami'));
gives 'www'.
For some reasons in php (exec command) different user is used.
And yes, in Ubuntu, where I have no problems, I get the same user in both cases (I've checked just now), that's why everything is working there. So,.. the question is How to create ssh keys for another user, which is 'www' or should I change somehow user for php?

Using curl with email and password

I have an api to export some information to a csv file. The API is correct and it is downloading my file when I access it from the browser. I need to access this API from the terminal and download the file without having to go to the browser.
My route for the API looks like this:
Route::get('/api/file/export', 'File\FileController#export', [
'middleware'=>'auth.basic'
]);
I tried using curl like this:
curl --user email:password http://example.com/api/file/export
I have tried different curl commands but each of then displays the redirect to login html. When I use -O the command for downloading a file, it downloads a file that has the redirect to login link.
curl --user email:password -O http://example.com/api/file/export
Am I calling the API correctly? How else can I access the API from the terminal?

You should first be logged in your website. You can try this:
curl --user email:password http://domain.tld/login_page
And then use the cookies for your second request:
curl --cookie http://domain.tld/file/to/export
If that is not working, you need to do the whole submit action with cURL, meaning doing POST request with email and password etc.
Someone gave a good solution here
PS: Checkout if you don't need a token to request your API too.

curl command line works, php shell_exec() does not

There are several other posts in reference to this problem. The difference here is that I am willing to give out the troublesome url.
This works:
curl https://pas-gdl.overdrive.com/advanced-search
This does not work:
$pagesource = shell_exec("curl https://pas-gdl.overdrive.com/advanced-search");
I get the dreaded 51 error: "curl: (51) SSL: no alternative certificate subject name matches target host name 'pas-gdl.lib.overdrive.com'"
There is a wildcard ssl cert involved. I have attempted to figure out what the command line curl is doing by default as a possible solution. However, seeing as I am just executing the same command via shell_exec there should be zero difference.
The command line option produces the advanced-search html and the shell_exec does not. Any information as to why would be greatly appreciated.

use php curl instead
also look into how to curl https

php shell_exec() freeradius command

i have this problem: i want execute a command freeradius from the instruction php exec(), but it doesn't work. the code is simple:
<?php
exec('radzap -x -N 192.168.0.1 localhost secret');
?>
If I run the code in the shell work, but into the script php doeesn't work, other instructions like 'ls' ,'cd' and the other 'classical' commando work.
I utilize Fedora, maybe i don't have the permissions how user 'Apache' to utilize the dictionary Freeradius.
Sorry for my english, any suggestions? Thank
Update:
the error is:
dict_init: Couldn't open dictionary "/etc/raddb/dictionary": Permission denied
Ok, i found the error (maybe), selinux don't permict the execution of this instruction, if i set selinix permessive work, if is enable doesn't work.
It's work finally, i changed the file's permissions for user Httpd and the instruction go.

The problem isn't just that the command is failing, but it's that you don't know how it's failing. exec() doesn't give you a whole lot of information by itself, so you'll need to capture the command output (including standard error):
$output = array();
$retcode = 0;
exec('radzap -x -N 192.168.0.1 localhost secret 2>&1', $output, $retcode);
echo "Return code: $retcode\n";
print_r($output);
This gives you the command's return code and output, allowing you to see why the command is failing. There are too many possible problems to give you a specific answer.
Having said that, the most common reason for commands failing is that the binary can't be found, due to the $PATH environment variable. Try specifying the absolute path to radzap in exec, e.g. /usr/bin/radzap.

MySQL connection problems when supplying password

When I try to connect to the local MySQL database I am getting different results from these three methods:
It works when I connect with the following from the prompt:
mysql -u root -p
This way prompts me for the password, and once typed I am connected.
It works when I connect with PHP and supply the server(localhost), username(root), and password.
It does not work when I connect with PHP to run a command like this:
exec('mysql -P 3306 -u root -p'.$password.' databasename < '.$scriptfilename);
I also cannot get it to work from the prompt when I supply the password in the first line.
When I query the mysql.user table for the user root there are 3 entries:
root#::
root#127.0.0.1
root#localhost
There error I get when supplying the password in the same line is:
ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: YES)
Anybody know whats going on?

If your password contains special characters that the shell will interpret, you'll have problems unless you escape them. For example lots of punctuation will cause issues, such as !, >, <, | and more.
Generally though, do not put the password on the command-line if you can possibly help it!
To quote MySQL's 5.3.2.2. End-User Guidelines for Password Security document:
Use a -pyour_pass or --password=your_pass option on the command line.
This is convenient but insecure, because your password becomes visible to system status programs such as ps that may be invoked by other users to display command lines.
The other option is to store the password in a file that only the relevent users can read, and use the client config file:
Store your password in an option file.
[client]
password=your_pass
Then the command-line would be:
mysql --defaults-file=/path/to/file_with_password

Just add the host parameter like this:
exec('mysql -P 3306 -h localhost -u root -p'.$password.' databasename < '.$scriptfilename);

You could try using --password= rather than -p, I have found it more reliable