使用PHP执行unix shell命令
[英]Executing unix shell commands using PHP
问题描述
A text box will be used to capture the command. 
将使用文本框捕获命令。 I've been told that I have to use the exec() function to execute UNIX shell commands. 我被告知我必须使用exec()函数来执行UNIX shell命令。
Something like this, user types ls in the text box. 像这样的东西,用户在文本框中输入ls。 The exec() function will execute the UNIX command and the command will be displayed on the web page. exec()函数将执行UNIX命令,命令将显示在网页上。
What I want to know how will I get the output of the shell command and display in the web browser using PHP. 我想知道如何使用PHP获取shell命令的输出并在Web浏览器中显示。
I don't know where to start since I'm very new to PHP. 我不知道从哪里开始,因为我对PHP很新。
I'm using Ubuntu. 我正在使用Ubuntu。
7 个解决方案
解决方案1
12 2011-04-12 07:16:21
exec ? exec ?
system ? system ?
shell_exec ? shell_exec ?
passthru ? passthru ?
Backticks? 反引号?
Pfah! Pfah!
Real developers use proc_open ! 真正的开发人员使用proc_open ! It has the major and distinct advantage of giving you three PHP streams to feed data into the process, and read both stdout and stderr . 它有让你们三个PHP流数据送入过程,并读取主要和明显的优势, stdout和stderr 。 This is something that the other process execution functions simply don't do well. 这是其他流程执行功能根本不能很好地完成的事情。
It comes at the small cost of some boilerplate code, so it's a bit more verbose. 它来自一些样板代码的小成本,所以它更冗长一点。 I consider the trade-off to be excellent. 我认为权衡是非常好的。
Oh, and running arbitrary commands from your users is perhaps one of the greatest security risks that you could ever conceive of, but I kind of assume you know this by now. 哦, 从您的用户运行任意命令可能是您可能想到的最大的安全风险之一,但我现在假设您知道这一点。
解决方案2
10 已采纳 2011-04-12 07:11:46
You could start looking at the php manual: 你可以开始查看php手册:
System program execution 系统程序执行
But like sdleihssirhc mentioned, watchout this IS very dangerous and you should NOT allow everything to be executed! 但是,像sdleihssirhc提到,WATCHOUT,这是非常危险的,你不应该允许执行的一切!
If you still want to do it, to get the output of the shell, just use 如果您仍想这样做,要获得shell的输出,只需使用
exec EXEC
The output of the shell will be passed in the second parameter. shell的输出将在第二个参数中传递。
Eg: 例如:
exec('ls -la', $outputArray);
print_r($outputArray);
解决方案3
4 2011-04-12 07:10:38
Use $output = system($command); 使用$output = system($command);
See http://php.net/system and don't forget to read the warnings about security. 请参阅http://php.net/system ,不要忘记阅读有关安全性的警告。 If you let a user pass any data to system() (or exec() etc.) it's almost as if they had a shell on your server. 如果让用户将任何数据传递给system() (或exec()等),那就好像他们的服务器上有一个shell。 The same applies if you don't sanitize arguments passed to programs executed through these functions properly. 如果您没有正确清理传递给通过这些函数执行的程序的参数,则同样适用。
解决方案4
3 2011-04-12 07:12:17
Try $output = shell_exec('ls -lart'); 尝试$output = shell_exec('ls -lart');
doc shell_exec doc shell_exec
解决方案5
2 2011-04-12 07:14:28
As long as it is one line you can just echo the return value of exec . 只要它是一行就可以echo显exec的返回值。
Like so: 像这样:
echo exec('ls');
But it only displays the first line. 但它只显示第一行。
解决方案6
1 2011-04-12 07:12:09
exec(escapeshellarg($userSuppliedInput), $output);
echo $output;
解决方案7
0 2011-04-12 07:14:27
You can use the backticks for this purpose. 您可以使用反引号来实现此目的。 Like: 喜欢:
$output = `command-executable -switches`
In addition, some applications echo their output to the STD_ERR stream so you might not see output. 此外,某些应用程序将其输出回显到STD_ERR流,因此您可能看不到输出。 On linux, you can redirect the error input to the 'normal' input by appending 2>&1 to the command string. 在linux上,您可以通过在命令字符串中附加2>&1将错误输入重定向到“正常”输入。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.