There are several commonly used functions for executing system commands in PHP_PHP Tutorial

PHP has several commonly used functions for executing system commands, such as: system function, exec function, popen function, passthru, shell_exec function. They can all execute system commands, but the prerequisite is that the system has given permission.

system function

Description: Execute external program and display output data.
Syntax: string system(string command, int [return_var]);
Return value: string

Detailed introduction:
This function is like the function system() in C language, which is used to execute instructions and output the results. If the return_var parameter exists, the status after executing the command will be filled in return_var. It is also worth noting that if you need to process the data entered by the user, but want to prevent the user from playing tricks to crack the system, you can use EscapeShellCmd(). If PHP is executed in a modular fashion, this function will automatically update the output buffer buffer of the web server after each line of output. If you need to return a complete string and don't want to go through unnecessary other intermediate output interfaces, you can use PassThru().

Example code:

The code is as follows

Copy code

代码如下	复制代码
< ?php $last_line = system("ls", $retval); echo "Last line of the output: " . $last_line; echo " Return value: " . $retval; ?>

< ?php

$last_line = system("ls", $retval);
echo "Last line of the output: " . $last_line;
echo "

---

Return value: " . $retval;
?>

exec function
Description: Execute external program.

Syntax: string exec(string command, string [array], int [return_var]);

Return value: string

Detailed introduction:

This function executes the external program or external instruction input command. Its return string is only the last line returned after the external program is executed; if you need a complete return string, you can use the PassThru() function.

If the parameter array exists, the command will add the array to the parameter for execution. If you do not want the array to be processed, you can call unset() before executing exec(). If both return_var and array parameters exist, the status after executing the command will be filled in return_var.

代码如下	复制代码
< ?php echo exec("whoami"); ?>

It is worth noting that if you need to process the data entered by the user and prevent the user from playing tricks to crack the system, you can use EscapeShellCmd().

Example code:

The code is as follows	Copy code
< ?php echo exec("whoami"); ?>

popen function
Description: Open the file.

Syntax: int popen(string command, string mode);

代码如下	复制代码
< ? $fp = popen( "/bin/ls", "r" ); ?>

Return value: integer Detailed introduction: This function executes the command to open a file, and the file is processed by pipeline. Files opened with this function can only be one-way (read only or write only), and must be closed with pclose(). For file operations, fgets(), fgetss(), and fputs() can be used. If an error occurs while opening the file, a false value is returned. Example code:

The code is as follows	Copy code
< ?<🎜> $fp = popen( "/bin/ls", "r" );<🎜> ?>

Use function passthru to execute external system commands

Prototype: function passthru(string $command,int[optional] $return_value)

Knowledge point: The difference between passthru and system. passthru directly outputs the results to the browser without returning any value, and it can output binary, such as image data.

Method 4: Backtick` (in the same key as ~) executes external system commands

Safety Instructions

The code is as follows

代码如下	复制代码
echo `dir`; ?>

Copy code

echo `dir`;

?>

代码如下

复制代码

function execute($cfe) { $res = ”; if ($cfe) { if(function_exists(‘system’)) { @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists(‘passthru’)) { @ob_start(); @passthru($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists(‘shell_exec’)) { $res = @shell_exec($cfe); } elseif(function_exists(‘exec’)) { @exec($cfe,$res); $res = join(“n”,$res); } elseif(@is_resource($f = @popen($cfe,”r”))) { $res = ”; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); } } return $res; }

Knowledge point: When using this method to execute external system commands, you must ensure that the shell_exec function is available, otherwise you cannot use this backtick to execute external system commands.

When you use these functions to execute commands, if you are executing commands based on user submitted data, you need to consider system security. You can use the escapeshellcmd() and escapeshellarg() functions to prevent users from maliciously executing commands on the system, escapeshellcmd () is for the executed system command, while escapeshellarg() is for the parameters of the executed system command. These two parameters are somewhat similar to the functions of addslashes().

Now let’s look at a custom function that executes system commands

The code is as follows

Copy code

function execute($cfe) { $res = ”; if ($cfe) { if(function_exists(‘system’)) { @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists(‘passthru’)) { @ob_start(); @passthru($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists(‘shell_exec’)) { $res = @shell_exec($cfe); } elseif(function_exists(‘exec’)) { @exec($cfe,$res); $res = join(“n”,$res); } elseif(@is_resource($f = @popen($cfe,”r”))) { $res = ”; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); } } return $res; } http://www.bkjia.com/PHPjc/631536.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/631536.htmlTechArticlePHP has several commonly used functions for executing system commands, such as: system function, exec function, popen function, The passthru and shell_exec functions can all execute system commands, but the prerequisite must be system...