php还是apache?exec、popen、system 和 proc_open 命令不执行任何命令，甚至 ls [英] php or apache? exec, popen, system and proc_open commands do not execute any command not even ls

问题描述

我的问题是从我的 php 主页执行任何命令

My problem is with executing any command from my php homepage

解决了一半，我的 pythonscript 正在运行，但是 pythonscript 没有执行其模块的权限

Half solved, I got my pythonscript running but futher on the pythonscript does not have permission to execute its modules

但我开始认为问题出在 apache 而不是 php?我试图运行一个实际上是我最终要运行的pythonscript，然后它似乎运行但当脚本试图访问一个看起来像这样的txt文件时停止

but i´m starting to think that the problem is with apache and not php? i tried to run a pythonscript that is actually what i´m going to run in the end, then it seems to run but stops when the script tries to access a txt file looking like this

[stdout] =>
[stderr] => Traceback (most recent call last): 
 File "pythontest.py", line 4, in ? f = open("(path)/temp.txt", "w") 
 IOError: [Errno 13] Permission denied: '(path)/temp.txt'

我已经尝试了所有不同类型的执行方法，我可以找到 exec、system、popen、proc_open 几乎没有运行，我可以从 system("pwd") 获取字符串但 system("ls") 返回一个数字 127或 126.我还尝试运行已编译的 c 程序(代码如下) exec 将返回一个对象Array"，但系统只会像 ls 一样返回 127 或 126.

I have tried all different kind of execution methods that i could find exec, system, popen, proc_open almost nothing runs, i can get a string from system("pwd") but system("ls") returns a number 127 or 126. I also tried to run a compiled c program (code below) exec will return an object "Array" but system will only return 127 or 126 as ls does.

我还试图从数组"对象中获取值?从 exec 但它什么也不返回，如果我 php print_R Array 页面将不会加载.

Also I tried to get the values out of the "Array" object? from exec but it returns nothing, if I php print_R Array the page won´t load.

php 输出是(下面的代码)-> a: , out1: 126, t[[0]: , strlen out: 5, out: Array, t:不管我实际提出了多少论据！

the php output is (code below)-> a: , out1: 126, t[[0]: , strlen out: 5, out: Array, t: no matter how many arguments i actually put in!

ls 的完整路径为 126，而ls"则为数字 127

the full path to ls gives 126 and just "ls" gives the number 127

我已测试将所有文​​件 chmod 为完全权限，从 page.php 到测试程序，但它仍然给出相同的输出

i have tested to chmod all files to full permission, from the page.php to test program but it still gives the same output

php 安全模式已关闭

php safe mode is off

echo '<pre>';
print_r(execute('ls'))
echo '</pre>';

返回

array
(
    [stdout] => 
    [stderr] => sh: /var/www/html/grndb/upscgenesearch/test1: Permission denied

    [return] => 126
)

为什么当 test1 程序具有完全权限时它给我 Permission denied ?

why does it give me Permission denied when the test1 program has full permission?

<?php
$a = system("/bin/ls",$out1);
echo "a: "; echo $a;
echo ", out1: "; echo $out1;
$t = exec('pwd/test1 aa hh 11',$out);

foreach ($t as &$value) {
    echo ($value);
}

echo ", t[[0]: "; echo $t[0]; 
echo ", strlen out: "; echo strlen($out);
echo ", out: "; echo $out; 
echo ", t: "; echo $t;
?>

C 源代码

int main(int argc, char *argv[])
{
int i;

for(i = 0; i < argc; i++)
printf("arg %d: %s
", i, argv[i]);
return 0;
}

推荐答案

这里还有一个函数要添加到列表中:)

Here's another functions to add to the list :)

/**
 * Executes a program and waits for it to finish, taking pipes into account.
 * @param string $cmd Command line to execute, including any arguments.
 * @param string $input Data for standard input.
 * @return array Array of "stdout", "stderr" and "return".
 * @copyright 2011 K2F Framework / Covac Software
 */
function execute($cmd,$stdin=null){
    $proc=proc_open($cmd,array(0=>array('pipe','r'),1=>array('pipe','w'),2=>array('pipe','w')),$pipes);
    fwrite($pipes[0],$stdin);                      fclose($pipes[0]);
    $stdout=stream_get_contents($pipes[1]);        fclose($pipes[1]);
    $stderr=stream_get_contents($pipes[2]);        fclose($pipes[2]);
    $return=proc_close($proc);
    return array( 'stdout'=>$stdout, 'stderr'=>$stderr, 'return'=>$return );
}

您的案例的使用示例:

echo '<pre>';
print_r(execute('ls'));
echo '</pre>';

上面的函数提供了比直接使用 PHP 更多的功能.它可以帮助您进行调试，尽管它更适用于生产代码.

The function above is offers more features than using the PHP ones directly. It could help you at debugging, though it's more intended for production code.

一般来说，这是你应该注意的:

In general, this is what you should be aware off:

• 您未处于安全模式
• 您的可执行文件确实存在
• 您的可执行文件是可运行的 - 知道 FTP 客户端经常使用 ASCII/文本模式，更改上传文件中的 CRLF 从而损坏它们
• 确保对您的可执行文件进行 chmod 至少 755

• You're not under safe mode
• Your executable does exist
• Your executable is runnable - know that FTP clients often use ASCII/Text mode, changing CRLFs in uploaded files thus corrupting them
• Be sure to chmod your executable at least 755

这篇关于php还是apache?exec、popen、system 和 proc_open 命令不执行任何命令，甚至 ls的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！