Can't execute external process with PHP

Question

I have the following code

function generate_pdf() {

        $fdf_data_strings = $this->get_hash_for_pdf();
        #$fdf_data_names   = array('49a' => "yes");
        $fdf_data_names = array();
        $fields_hidden    = array();
        $fields_readonly  = array();
        $hud_pdf = ABSPATH.'../pdf/HUD3.pdf';

        $fdf= forge_fdf( '',
                 $fdf_data_strings,
                 $fdf_data_names,
                 $fields_hidden,
                 $fields_readonly );

        /*  echo "<pre>";
            print_r($fdf);
            echo "</pre>";
            die('');
        */

        $fdf_fn= tempnam( '.', 'fdf' );
        $fp= fopen( $fdf_fn, 'w' );
        if( $fp ) {
          fwrite( $fp, $fdf );
            //$data=fread( $fp, $fdf );
         // echo $data;
          fclose( $fp );


          header( 'Content-type: application/pdf' );
          header( 'Content-disposition: attachment; filename=settlement.pdf' ); // prompt to save to disk

          passthru( 'pdftk HUD3.pdf fill_form '. $fdf_fn.' output - flatten');

          unlink( $fdf_fn ); // delete temp file

        }
        else { // error
          echo 'Error: unable to open temp file for writing fdf data: '. $fdf_fn;
        }
    }
}

is there anything wrong with it?

the problem is, I have installed pdftk

runing whereis pdftk gives me '/usr/local/bin/pdftk'

physically checked the location, pdftk is there at the said location..

using terminal, if i run pdftk --version or any other command, it runs

if I use php like passthru('/usr/local/bin/pdftk --version') nothing is displayed

if I used php like system("PATH=/usr/local/bin && pdftk --version"); it says '/usr/local/bin /pdftk :there is no directory of file '

when I run this function script , prompt for file download pops, but when i save it, nothng is saved,

i have checked permission for this folder and changed it 0755, 0766, 0777, 0666 i have tried all, nothng works

For 3 days, i am striving to get over it, and I have asked question regarding this too, but Can't figure out what the hell is going on with me.

Can somebody help me before i strike my head with wall?

Answer 1

The pasthru function does not execute the program through the shell.

Pass the exact path into the passthru command.

Eg

passthru( '/usr/local/bin/pdftk HUD3.pdf fill_form '. $fdf_fn.' output - flatten');

or passthru( '/usr/local/bin/pdftk' . $hud_pdf . 'fill_form '. $fdf_fn.' output - flatten');

If this still doesn't work test using <?php passthru("/path/to/pdftk --help"); ?> <?php passthru("/path/to/pdftk --help"); ?> where /path/to/pdftk is your path returned by which or where is, to ensure path is correct.

If path is correct then the issue may be related to permissions either on the temporary directory you tell pdftk to use or the permissions on the pdftk binary with regards to the apache user.

If these permissions are fine you can verify the pdftk starts up from php but hangs from running your command, then might be able to try the workaround listed here .

Further documentation on passthru is avaliable passthru PHP Manual .

As a side note, the putenv php function is used to set environment variables.

Eg putenv('PATH='.getenv('PATH').':.');

All 3 PHP functions: exec(), system() and passthru() executes an external command, but the differences are:

• exec(): returns the last line of output from the command and flushes nothing.
• shell_exec(): returns the entire output from the command and flushes nothing.
• system(): returns the last line of output from the command and tries to flush the output buffer after each line of the output as it goes.
• passthru(): returns nothing and passes the resulting output without interference to the browser, especially useful when the output is in binary format.

Also see PHP exec vs-system vs passthru SO Question .

The implementation of these functions is located at exec.c and uses popen.

Answer 2

I had the same issue and this is working after lots of experiments :

function InvokePDFtk($pdf_tpl, $xfdf,$output){

        $params=" $pdf_tpl fill_form $xfdf output $output flatten 2>&1";

        $pdftk_path=exec('/usr/bin/which /usr/local/bin/pdftk');

        $have_pdftk= $pdftk_path=='/usr/local/bin/pdftk' ;

        $pdftk_path=$have_pdftk  ? $pdftk_path  : 'pdftk ';

        exec($pdftk_path.$params,$return_var);

        return  array('status'=> $have_pdftk,
                     'command' =>$pdftk_path.$params, 'output'=>$return_var);
    }

hope this might give you some insight . (change according to your needs)

Answer 3

Completing Appleman answer, those 3 functions can be considered as dangerous, because they allow you execute program using php, thus an attacker that exploited one of your script if you are not careful enougth. So in many php configuration that want to be safe they are disabled.

So you should check for the disable_functions directive in you php.ini(and any php configuration file) and see if the function you use is disabled.

Answer 4

Perhaps you should keep fclose out of the if statement, make sure you have it directed to the right file! :)

Answer 5

Is your web server chrooted? Try putting the executable into a directory that is viewable by the server.

Answer 6

使用安全模式四处游走并明确检查您的Web服务器日志文件，通常在：

/var/log/apache2/error.log