The execution results of the phpsystem command on the webpage and the command line are inconsistent. I have a file named a. php. the content is PHPcode & lt ;? $ Str & quot; optrpmbinrpm-bb -- targeti686 -- linuxtmptest. spec & quot; system ($ str );? & Gt; when I use the 192 php system Command to execute different results on the webpage and the command line
Hello everyone, now I have a file named a. php. whose content is:
PHP code
When I run http: // 192.168.1.1/a. php, the result shows:
HTML code
Building target platforms: i686--linux Building for target i686--linux Processing files: VTCUAL06.06C.P010-R1.0-P1
When I run/usr/local/php a. php in the command line, the result shows:
HTML code
Building target platforms: i686--linuxBuilding for target i686--linuxProcessing files: VTCUAL06.06C.P010-R1.0-P1Finding Provides: (using /opt/rpm/lib/rpm/find-provides)...Finding Requires: (using /opt/rpm/lib/rpm/find-requires)...Wrote: /export/home/webadm/.rpm/RPMS/i686/VTCUA
In http access mode, three rows are not displayed:
HTML code
Finding Provides: (using /opt/rpm/lib/rpm/find-provides)...Finding Requires: (using /opt/rpm/lib/rpm/find-requires)...Wrote: /export/home/webadm/.rpm/RPMS/i686/VTCUA
Does anyone know why? Thank you !!
------ Solution --------------------
This is a strange issue ~~~~
Do anyone know?
------ Solution --------------------
It's not surprising that the execution users are different. The command line executes root and the web page executes apache users.
Google once said that apache can be compiled with -- enable-suexec, but it has never been tried.
------ Solution --------------------
Discussion
It's not surprising that the execution users are different. The command line executes root and the web page executes apache users.
Google once said that apache can be compiled with -- enable-suexec, but it has never been tried.
------ Solution --------------------
Discussion
It can be executed all the time before. It just suddenly cannot be executed. So it should be irrelevant to the user.
------ Solution --------------------
This is impossible.
------ Solution --------------------
Let's take a look at the results of executing your program using the php command line.
------ Solution --------------------
Oh, no attention
This is obviously a permission issue.
Php in web mode is only an anonymous user and has the lowest permissions.
In other words, if everything can be controlled through a browser, the security of the system can be achieved.
To facilitate data query, Microsoft added the url query function to mssql2000.
The results were not exploited and became a notorious SQL attack.
------ Solution --------------------
All said it was a permission issue. if sudo is not added, what is the result?
------ Solution --------------------
Yes. if you do not have wget, download and install one.
------ Solution --------------------
No output later. I suspect an error may occur. try the code and then tell me the result.
Function my_exec ($ cmd, $ input = '')
{$ Proc = proc_open ($ cmd, array (0 => array ('pipe', 'r'), 1 => array ('pipe', 'w '), 2 => array ('pipe', 'w'), $ pipes );
Fwrite ($ pipes [0], $ input); fclose ($ pipes [0]);
$ Stdout = stream_get_contents ($ pipes [1]); fclose ($ pipes [1]);
$ Stderr = stream_get_contents ($ pipes [2]); fclose ($ pipes [2]);
$ Rtn = proc_close ($ proc );
Return array ('stdout' => $ stdout,
'Stderr' => $ stderr,
'Return '=> $ rtn
);
}
$ Str = "/opt/rpm/bin/rpm-bb -- target i686 -- linux/tmp/test. spec ";
Var_export (my_exec ($ str ));
------ Solution --------------------