I know this is a simple question, but I can't for the life of me get it to work. If I log in to my server via SSH (linux) and type in : /home/username/public_html/x/foo.cgi f=subscribe l=list e=abcd#gmail.com the script runs perfectly. However, if I try to run the script via PHP by the likes of : shell_exec("/home/username/public_html/x/foo.cgi f=subscribe l=list e=abcd#gmail.com"); nothing happens.
Can anyone point me in the right direction?
Thanks ahead of time!
Tre
"Nothing happens" isn't a very descriptive error message. Nevertheless, three possibilities come to mind:
Differences between the server-hosted environment versus the shell environment.
Your server or hosting site may have disabled shell_exec or other functionality.
You may need to be running PHP as the same user you SSH'd in as (or otherwise get the correct permissions).
Some other piece of the stack are in disarray due to mis-configuration or misuse.
Take your pick. Check your logs. Make sure you don't leave any holes available for attackers to get in.
If you are managing the server, most likely this is a permissions issue. Your webserver is running as www-data or some similar user. It needs execute permissions on the script file to run it. Try changing the script's owner with the chmod command or give the file you're trying to run more liberal access permissions with the chown command.
Another thing to consider is that shell_exec may be disabled if PHP is running in safe mode.
Related
We have a small office intranet, built in PHP (on an apache server - so WAMP), that allows us to create project folders on our file server. This works by copying a set of template folders to a new location using the shell exec xcopy command and the following switches /e /k /i /c.
We (fairly) recently upgraded to a new file server running Windows Server 2008 R2 Standard. Now the xcopy command no longer works from within PHP. However, I know that the xcopy command is correct because it works if I copy and paste it into a command prompt (on the same machine).
I can see no error message but I assume this is some kind of permissions issue related to the PHP 'user', but I don't know exactly what or how to solve it.
The apache server and the file server are two separate machines. If it's relevant, the apache server is a 32bit machine and the file server is a 64bit machine but, as I say, I can invoke the xcopy command from the CLI of the 32bit machine without a problem.
The Apache process user name is SYSTEM (although I can't seem to use the 'whoami' command to check this)
Any pointers would be greatly appreciated.
FWIW, the exec string looks like this...
echo "xcopy \"\\\\path\\to\\folder\\xxxx_Project\\*.*\" \"\\\\path\\to\\folder\\9876_NEWPROJECT\" /e /k /i /c";
which (I think) materializes as this...
xcopy "\\path\to\folder\xxxx_Project\*.*" "\\path\to\folder\9876_NEWPROJECT" /e /k /i /c
Obviously, the '9876_NEWPROJECT bit is really a variable.
OK. I seem to have got it working. Here's what I did - tell me if it's a bad idea although I should point out that this is an intranet so I'm a little less concerned about security...
Go to Control Panel->Administrative Tools_>Services
Select the Apache service and hit Properties
On the Log On tab, click 'This account:' instead of 'Local System account', and then find the User account of Windows user who's normally logged on to that terminal
Restart Apache
I also amended the user info in the httpd.conf file, but I'm not actually certain that that was necessary.
If there's a better solution, that can be explained in words of two syllables or less, I'm all ears!
get_current_user() will confirm the user your script runs as.
Then try to manually execute your command as this user with runas (or if your user really is SYSTEM then you will need something like psexec to do so).
Now, assuming that your script actually runs as SYSTEM, it is very likely that this user is not authorised on the remote file server. I don't think it is even possible to do that (except, perhaps, by allowing "Everyone"). If it is, I am not sure this is a good idea anyways.
I would instead run the apache service as a regular user, and on the file server, grant access to this user.
Alternatively, you could mount the remote location as a network drive (not tested, other answers in the thread might help too).
We have a small office intranet, built in PHP (on an apache server - so WAMP), that allows us to create project folders on our file server. This works by copying a set of template folders to a new location using the shell exec xcopy command and the following switches /e /k /i /c.
We (fairly) recently upgraded to a new file server running Windows Server 2008 R2 Standard. Now the xcopy command no longer works from within PHP. However, I know that the xcopy command is correct because it works if I copy and paste it into a command prompt (on the same machine).
I can see no error message but I assume this is some kind of permissions issue related to the PHP 'user', but I don't know exactly what or how to solve it.
The apache server and the file server are two separate machines. If it's relevant, the apache server is a 32bit machine and the file server is a 64bit machine but, as I say, I can invoke the xcopy command from the CLI of the 32bit machine without a problem.
The Apache process user name is SYSTEM (although I can't seem to use the 'whoami' command to check this)
Any pointers would be greatly appreciated.
FWIW, the exec string looks like this...
echo "xcopy \"\\\\path\\to\\folder\\xxxx_Project\\*.*\" \"\\\\path\\to\\folder\\9876_NEWPROJECT\" /e /k /i /c";
which (I think) materializes as this...
xcopy "\\path\to\folder\xxxx_Project\*.*" "\\path\to\folder\9876_NEWPROJECT" /e /k /i /c
Obviously, the '9876_NEWPROJECT bit is really a variable.
OK. I seem to have got it working. Here's what I did - tell me if it's a bad idea although I should point out that this is an intranet so I'm a little less concerned about security...
Go to Control Panel->Administrative Tools_>Services
Select the Apache service and hit Properties
On the Log On tab, click 'This account:' instead of 'Local System account', and then find the User account of Windows user who's normally logged on to that terminal
Restart Apache
I also amended the user info in the httpd.conf file, but I'm not actually certain that that was necessary.
If there's a better solution, that can be explained in words of two syllables or less, I'm all ears!
get_current_user() will confirm the user your script runs as.
Then try to manually execute your command as this user with runas (or if your user really is SYSTEM then you will need something like psexec to do so).
Now, assuming that your script actually runs as SYSTEM, it is very likely that this user is not authorised on the remote file server. I don't think it is even possible to do that (except, perhaps, by allowing "Everyone"). If it is, I am not sure this is a good idea anyways.
I would instead run the apache service as a regular user, and on the file server, grant access to this user.
Alternatively, you could mount the remote location as a network drive (not tested, other answers in the thread might help too).
i read so many similar questions but nothing works with me
im using wamp 2.2 ,Apache 2.0 , PHP V5.3.8
safe_mode=off - disabled_functions deleted from php.ini i'm trying to exec
exec("chrome.exe google.com");
nothing happens and when i try
exec("calc");
the windows shows weird message to execute calc in different user although i changed the user for the apache service to Administrator and i verify the user using
exec("whoami");
where is the problem?
Environment path for CMD and php shell might not be the same.
You either have to give entire path of the file, or export the path of chrome.exe in php first
Also, I believe that chrome.exe opening a page requires XServer, php can't open graphical interfaces in shell. These commands are not passed to actual shell as a parent, so php file can't "launch" applications for you.
Please read specifics of the exec function:
PHP exec Reference
Also try adding 2> errors.txt to see what are the errors if any in the execution of the programme.
--
The program needs to know what X server to connect to, and it needs to have permissions to connect to that server. You specify the X server with the DISPLAY environment variable; this will usually be set automatically if you are running the PHP program from a terminal in
X, or from a GNOME panel or something similar; however, if you are running the PHP script in some other manner, it likely won't know what X server to connect to.
X has various ways of specifying permission to connect to a server, but the most common one is using a file called ".Xauthority" in the users home directory. Because only the user who is logged in at the X server can read this file, they are the only user who can run GUI programs. So, if you start the PHP user as the same user who is logged in at the X server, you shouldn't have any problem with permissions. However, if the PHP program is running as a different user, you will have to give that user permission to access the X server.
Reference: http://bytes.com/topic/php/answers/838364-cant-launch-graphical-apps-php-exec-ubuntu-8-04-system
(I know that link is for linux and won't have exact same solution for Windows, but exec() still needs to know which X interface to refer to)
Stop Apache running as a service.
When windows runs a service it it is not running directly as the user that started the server or manages due to this it could well be starting chrome in a service environment so you wont see it load on your desktop there are 2 ways to get around this
Stop apache service browse to your apache directory and run httpd.exe manualy then try your script it should work or if it is not required to be running though a web request so it not using anything from the browser you can allow it to work with c:\wamp\php\php.exe yourfile.php (your php path should be replaced for c:\wamp\php)
Try PHP script?
<?php shell_exec('notepad.exe');?>
It's working.
In my local ubuntu machine I would like to popup a message with zenity from a php script.
so i put:
exec("zenity --info --text 'TEST' " );
but nothing happens.
The same line works fine when typed in a shell.
I tried adding the --display parameter with different combinations but no luck.
Was thinking maybe exec commands need to be enabled somehow for safety reasons?
Or what am I doing wrong?
Thanks
Is this from the terminal (php cli) or mod_php? This seems to work fine on my machine on the terminal. If this is a server box it is highly likely that php is hardened. Check your php.ini.
If you're trying to use zenity from a php script executed by a browser, this is a wholly different story. As the php interpreter will be run as a different user, you need to make sure that this user is allowed to run programs on your X session. Check xauth and read up on how Xorg authenticates sessions etc., but make sure you pay attention to the possibly security implications that may result from any changes you make.
I am working on an application that runs locally on a Fedora 10 machine through PHP and Apache. It depends on a process that runs in the background.
The higher-ups want to be able to start/stop/restart the process, through the browser. I was trying to get this to work by having PHP make calls to the system using exec() and shell_exec, but it doesn't seem to work.
When I try to start the process using "exec('processName')", nothing happens.
When I try to use "exec('killall processName')", SELinux starts constantly popping up warnings that the process was permitted (because I put it into permissive mode), however it doesn't actually kill the process! But this seems to go on even after the page is fully loaded!?!?
I AM able to call another script in a similar fashion: "exec('/var/www/cgi-bin/ControlProgram START')". So I'm not really sure what the major differences are between the two calls/commands.
I also put the script call into the /etc/rc.local file to have the script run at login. However, will I be able to kill this script from PHP since its run by... the system?
I'm not a guru when it comes to permissions/SELinux, so don't spare on the gory details! Thanks in advance!
If you have administrative control over this system you will want to check the PHP configuration (make sure it is the config profile for the web server).
Safe_Mode will prevent PHP from executing anything outside a particular folder. In a shared hosting environment, this usually means you can only execute things that are relative to your home/www folder--which seems to be the case based on your notes.
I believe I found the problem. I'm still not exactly sure what the problem is, but it looks like it has something to do with file/directory permissions. When I moved the scripts into my /var/www/html directory, the scripts ran. I moved them into /var/www/cgi-bin and they work there too. So it might be something where apache can't execute scripts that are outside the /var/www directory, or at least it can't do it directly. Thanks for your help though!
It sounds like old school unix permissions and how apache operates. I do recall (though it has been some time) that apache is careful on what it will execute. Double check your octals.
To verify that it isn't SELinux you can disable it instead of putting it in permissive. though this will cause a file system relabel (or should). At that point your extended attributes with the SELinux contexts could get out of wack and cause SELinux problems once in enforcing again.