PHP - How to know if server allows shell_exec
First check that it's callable and then that it's not disabled:
is_callable('shell_exec') && false === stripos(ini_get('disable_functions'), 'shell_exec');
This general approach works for any built in function, so you can genericize it:
function isEnabled($func) {
return is_callable($func) && false === stripos(ini_get('disable_functions'), $func);
}
if (isEnabled('shell_exec')) {
shell_exec('echo "hello world"');
}
Note to use stripos
, because PHP function names are case insensitive.
PHP exec - check if enabled or disabled
if(function_exists('exec')) {
echo "exec is enabled";
}
shell_exec does not work on the server
The actual problem that persisted was the fact that there is a Linux Security module called SE-Linux(Security-Enhanced Linux) was enforced on my machine which provides a mechanism for supporting access control security policies, like MAC. It does not allow commands like shell_exec
be executed by users other than the ones who have the permission to, like root user
.
To get the the status of SE-Linux type in your shell sestatus
or getenforced
. It has 3 modes:
1) Enforcing: SE-Linux policy is enforced. SE-Linux denies access based on SE-Linux policy rules.
2)Permissive: SE-Linux policy is not enforced. SE-Linux does not deny access, but denials are logged for actions that would have been denied if running in enforcing mode.
3)Disabled: SE-Linux is disabled.
Hope this helps others, who might get stuck because of this.
shell_exec() and IF usage
It is only executed once. Specifically when you call the shell_exec
function, NOT when you use the $cmd
variable, which holds the results of the function.
Have a look at the documented return value of the function - http://php.net/manual/en/function.shell-exec.php
The output from the executed command
In other words, your code doesn't need the line $cmd;
so could be rewritten like so:
$cmd = shell_exec("echo Hello!"); //command is fired here
if(strpos($cmd, 'Hello!') !== false) {
// $cmd contains 'Hello!'
}
running shell_exec in php causes web server to hang
shell_exec — Execute command via shell and return the complete output as a string
shell_exec expects the file handle to be open, but you redirect everything to /dev/null and detach it.
As you plan to detach the process and remove all the output, you should use exec() and escapeshellcmd()
see: http://www.php.net/manual/en/function.exec.php
How to check if a shell command exists from PHP
On Linux/Mac OS Try this:
function command_exist($cmd) {
$return = shell_exec(sprintf("which %s", escapeshellarg($cmd)));
return !empty($return);
}
Then use it in code:
if (!command_exist('makemiracle')) {
print 'no miracles';
} else {
shell_exec('makemiracle');
}
Update:
As suggested by @camilo-martin you could simply use:
if (`which makemiracle`) {
shell_exec('makemiracle');
}
Related Topics
How to Allow a User to Download a File Which Is Stored Outside of the Webroot
Where to Use MySQL_Real_Escape_String to Prevent SQL Injection
Http Header for Downloading Microsoft Word and Excel Files
How to Get/Set Session_Id() or Should It Be Generated Automatically
PHP Get Height and Width in PDF File Proprieties
Use of Undefined Constant Stdin - Assumed 'Stdin' in C:\Wamp\Www\Study\Sayhello.PHP on Line 5
Using PHP, How to Insert Text Without Overwriting to the Beginning of a Text File
Add X Days to Date, Excluding Weekends
PHP Twitter Replace Link and Hashtag with Real Link