PHP has several common functions for executing system commands.

System functions

Note: execute an external program and display the output information.
Syntax: string system (string command, int [return_var]);
Return value: string

Details:
This function is like the system () function in C, used to execute commands and output results. If the return_var parameter exists, the status after command execution is filled in return_var. It is also worth noting that EscapeShellCmd () can be used to process user input data and prevent users from cracking the system by means of tricks (). If PHP is executed in a modular manner, this function automatically updates the output buffer area of the Web server after each row is output. PassThru () can be used to return complete strings without passing through any other intermediate output interface ().

Instance code:

The code is as follows:	Copy code
<? Php $ Last_line = system ("ls", $ retval ); Echo "Last line of the output:". $ last_line; Echo "?>

Exec function
Note: execute external programs.
Syntax: string exec (string command, string [array], int [return_var]);
Return value: string

Details:
This function executes the external program or external command that inputs the command. The returned string is the last line returned after the execution of the external program. To return the complete string, you can use the PassThru () function.

If the parameter array exists, the command adds the array to the parameter for execution. If you do not want the array to be processed, you can call unset () before executing exec (). If both the return_var and array parameters exist, the status after the command is executed is filled in return_var.

It is worth noting that EscapeShellCmd () can be used to process user input data and prevent users from cracking the system by means of tricks ().

Instance code:

The code is as follows:	Copy code
<? Php Echo exec ("whoami "); ?>

Popen function
Note: open the file.
Syntax: int popen (string command, string mode );
Return value: integer

Details:
This function executes the command to open a file, which is a file processed in pipelines. Files opened using this function can only be one-way (read-only or write-only), and must be closed using pclose. You can use fgets (), fgetss (), and fputs () in file operations (). If an error occurs when the file is opened, the value false is returned.

Instance code:

The code is as follows:	Copy code
<? $ Fp = popen ("/bin/ls", "r "); ?>

Execute system external commands using the passthru function

Prototype: function passthru (string $ command, int [optional] $ return_value)

Knowledge Point: the difference between passthru and system. passthru directly outputs the result to the browser without returning any value, and can output binary data, such as image data.

Method 4: Anti-apostrophes (and ~ Execute system external commands with the same key.

The code is as follows:	Copy code
<? Echo 'dir '; ?>

Knowledge Point: when using this method to execute system external commands, you must ensure that the shell_exec function is available; otherwise, the system external commands cannot be executed using this anti-code.

Security Description

When you use these functions to execute commands, if you use the data submitted by the user as the execution command, you need to consider system security, you can use escapeshellcmd () and escapeshellarg () the function prevents users from executing commands maliciously on the system. escapeshellcmd () is used to execute system commands, while escapeshellarg () is used to execute system command parameters. These two parameters are similar to the addslashes () function.

Now let's take a look at a custom function for executing system commands.

The code is as follows:

Copy code

Function execute ($ cfe ){ $ Res = "; If ($ cfe ){ If (function_exists ('system ')){ @ Ob_start (); @ System ($ cfe ); $ Res = @ ob_get_contents (); @ Ob_end_clean (); } Elseif (function_exists ('passthru ')){ @ Ob_start (); @ Passthru ($ cfe ); $ Res = @ ob_get_contents (); @ Ob_end_clean (); } Elseif (function_exists ('shell _ exec ')){ $ Res = @ shell_exec ($ cfe ); } Elseif (function_exists ('exec ')){ @ Exec ($ cfe, $ res ); $ Res = join ("n", $ res ); } Elseif (@ is_resource ($ f = @ popen ($ cfe, "r "))){ $ Res = "; While (! @ Feof ($ f )){ $ Res. = @ fread ($ f, 1024 ); } @ Pclose ($ f ); } } Return $ res; }