php calls shell's method

This article describes the example of php call shell method, to share for your reference. The specific methods are as follows:

1. Configure

Check whether the configuration in php. ini turns on the safe mode, mainly in the following three places
safe_mode = (If this is off, don't worry about the following two)
disable_functions =
safe_mode_exec_dir=

STEP 2 Use

Because PHP is basically used for WEB program development, security has become an important aspect for people to consider. So the designers of PHP added a door to PHP: safe mode. If you run in safe mode, the PHP scripts will be limited in four ways:

Execute external commands
② There are some restrictions when opening files
③ Connect MySQL database
④ Authentication based on HTTP

In Safe Mode, only external programs in a specific directory can be executed, and calls to other programs will be rejected. This directory can be specified in the php. ini file with the safe_mode_exec_dir directive, or with the--with-exec-dir option when compiling PHP, and the default is/usr/local/php/bin.

If you call an external command that should output a result (meaning that the PHP script has no errors) and you get a blank, it is very likely that your network manager has already run PHP in safe mode.

3. How?

Invoking external commands in PHP can be achieved in the following three ways:

1) Use the special functions provided by PHP

PHP provides a total of three special functions for executing external commands: system (), exec (), and passthru ().

system()

Prototype: string system (string command [, int return_var])

The system () function is much like that in other languages, it executes a given command, outputs, and returns a result. The second parameter is optional and is used to get the status code after the command is executed.

Examples:

system("/usr/local/bin/webalizer/webalizer");

exec()

Prototype: string exec (string command [, string array [, int return_var]])

The exec () function, like system (), executes the given command, but does not output the result, but returns the last line of the result. Although it returns only the last line of the command result, you can get the complete result with the second parameter array by appending the result line by line to the end of array. So if array is not empty, it is best to clear it with unset () before calling. You can use the third parameter to get the status code of command execution only if the second parameter is specified.

Examples:

exec("/bin/ls -l");

exec("/bin/ls -l", $res);

#$res Yes 1 Data, each element representing the result 1 Row 

exec("/bin/ls -l", $res, $rc);

#$rc The value of is the command /bin/ls -l Gets or sets the status code of the. In successful cases, it is usually 0

passthru()

Prototype: void passthru (string command [, int return_var])

passthru () only invokes the command and returns no result, but outputs the result of the command running as it is directly to the standard output device. So the passthru () function is often used to call programs like pbmplus (Unix, a tool for processing pictures that outputs binary streams of original pictures). It can also get the status code of command execution.

Examples:

header("Content-type: image/gif");

passthru("./ppmtogif hunte.ppm");

I hope this article is helpful to everyone's PHP programming.