search
HomeBackend DevelopmentPHP TutorialThere are several commonly used functions for executing system commands in PHP_PHP Tutorial

PHP has several commonly used functions for executing system commands, such as: system function, exec function, popen function, passthru, shell_exec function. They can all execute system commands, but the prerequisite is that the system has given permission.

system function

Description: Execute external program and display output data.
Syntax: string system(string command, int [return_var]);
Return value: string

Detailed introduction:
This function is like the function system() in C language, which is used to execute instructions and output the results. If the return_var parameter exists, the status after executing the command will be filled in return_var. It is also worth noting that if you need to process the data entered by the user, but want to prevent the user from playing tricks to crack the system, you can use EscapeShellCmd(). If PHP is executed in a modular fashion, this function will automatically update the output buffer buffer of the web server after each line of output. If you need to return a complete string and don't want to go through unnecessary other intermediate output interfaces, you can use PassThru().

Example code:

The code is as follows Copy code
 代码如下 复制代码

$last_line = system("ls", $retval);
echo "Last line of the output: " . $last_line;
echo "


Return value: " . $retval;
?>
$last_line = system("ls", $retval);
echo "Last line of the output: " . $last_line;
echo "
Return value: " . $retval;
?>

exec function
Description: Execute external program.

Syntax: string exec(string command, string [array], int [return_var]);

Return value: string

Detailed introduction:

This function executes the external program or external instruction input command. Its return string is only the last line returned after the external program is executed; if you need a complete return string, you can use the PassThru() function.

If the parameter array exists, the command will add the array to the parameter for execution. If you do not want the array to be processed, you can call unset() before executing exec(). If both return_var and array parameters exist, the status after executing the command will be filled in return_var.
 代码如下 复制代码

echo exec("whoami");
?>

It is worth noting that if you need to process the data entered by the user and prevent the user from playing tricks to crack the system, you can use EscapeShellCmd().

Example code:

The code is as follows Copy code
echo exec("whoami");
?>

popen function
Description: Open the file.

Syntax: int popen(string command, string mode);
 代码如下 复制代码

$fp = popen( "/bin/ls", "r" );
?>

Return value: integer Detailed introduction: This function executes the command to open a file, and the file is processed by pipeline. Files opened with this function can only be one-way (read only or write only), and must be closed with pclose(). For file operations, fgets(), fgetss(), and fputs() can be used. If an error occurs while opening the file, a false value is returned. Example code:
The code is as follows Copy code
$fp = popen( "/bin/ls", "r" ); ?>


Use function passthru to execute external system commands

Prototype: function passthru(string $command,int[optional] $return_value)

Knowledge point: The difference between passthru and system. passthru directly outputs the results to the browser without returning any value, and it can output binary, such as image data.

Method 4: Backtick` (in the same key as ~) executes external system commands

Safety Instructions
The code is as follows
 代码如下 复制代码


    echo `dir`;
?>

Copy code

echo `dir`;

?>


 代码如下 复制代码

function execute($cfe) {
$res = ”;
if ($cfe) {
if(function_exists(‘system’)) {
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(function_exists(‘passthru’)) {
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
} elseif(function_exists(‘shell_exec’)) {
$res = @shell_exec($cfe);
} elseif(function_exists(‘exec’)) {
@exec($cfe,$res);
$res = join(“n”,$res);
} elseif(@is_resource($f = @popen($cfe,”r”))) {
$res = ”;
while(!@feof($f)) {
$res .= @fread($f,1024);
}
@pclose($f);
}
}
return $res;
}

Knowledge point: When using this method to execute external system commands, you must ensure that the shell_exec function is available, otherwise you cannot use this backtick to execute external system commands.
When you use these functions to execute commands, if you are executing commands based on user submitted data, you need to consider system security. You can use the escapeshellcmd() and escapeshellarg() functions to prevent users from maliciously executing commands on the system, escapeshellcmd () is for the executed system command, while escapeshellarg() is for the parameters of the executed system command. These two parameters are somewhat similar to the functions of addslashes().

The code is as follows Copy code
function execute($cfe) { $res = ”; if ($cfe) { if(function_exists(‘system’)) { @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists(‘passthru’)) { @ob_start();
@passthru($cfe);
$res = @ob_get_contents(); @ob_end_clean(); } elseif(function_exists(‘shell_exec’)) { $res = @shell_exec($cfe); } elseif(function_exists(‘exec’)) { @exec($cfe,$res); $res = join(“n”,$res); } elseif(@is_resource($f = @popen($cfe,”r”))) { $res = ”; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); } } return $res; } http://www.bkjia.com/PHPjc/631536.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/631536.htmlTechArticlePHP has several commonly used functions for executing system commands, such as: system function, exec function, popen function, The passthru and shell_exec functions can all execute system commands, but the prerequisite must be system...
Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
When would you use a trait versus an abstract class or interface in PHP?When would you use a trait versus an abstract class or interface in PHP?Apr 10, 2025 am 09:39 AM

In PHP, trait is suitable for situations where method reuse is required but not suitable for inheritance. 1) Trait allows multiplexing methods in classes to avoid multiple inheritance complexity. 2) When using trait, you need to pay attention to method conflicts, which can be resolved through the alternative and as keywords. 3) Overuse of trait should be avoided and its single responsibility should be maintained to optimize performance and improve code maintainability.

What is a Dependency Injection Container (DIC) and why use one in PHP?What is a Dependency Injection Container (DIC) and why use one in PHP?Apr 10, 2025 am 09:38 AM

Dependency Injection Container (DIC) is a tool that manages and provides object dependencies for use in PHP projects. The main benefits of DIC include: 1. Decoupling, making components independent, and the code is easy to maintain and test; 2. Flexibility, easy to replace or modify dependencies; 3. Testability, convenient for injecting mock objects for unit testing.

Explain the SPL SplFixedArray and its performance characteristics compared to regular PHP arrays.Explain the SPL SplFixedArray and its performance characteristics compared to regular PHP arrays.Apr 10, 2025 am 09:37 AM

SplFixedArray is a fixed-size array in PHP, suitable for scenarios where high performance and low memory usage are required. 1) It needs to specify the size when creating to avoid the overhead caused by dynamic adjustment. 2) Based on C language array, directly operates memory and fast access speed. 3) Suitable for large-scale data processing and memory-sensitive environments, but it needs to be used with caution because its size is fixed.

How does PHP handle file uploads securely?How does PHP handle file uploads securely?Apr 10, 2025 am 09:37 AM

PHP handles file uploads through the $\_FILES variable. The methods to ensure security include: 1. Check upload errors, 2. Verify file type and size, 3. Prevent file overwriting, 4. Move files to a permanent storage location.

What is the Null Coalescing Operator (??) and Null Coalescing Assignment Operator (??=)?What is the Null Coalescing Operator (??) and Null Coalescing Assignment Operator (??=)?Apr 10, 2025 am 09:33 AM

In JavaScript, you can use NullCoalescingOperator(??) and NullCoalescingAssignmentOperator(??=). 1.??Returns the first non-null or non-undefined operand. 2.??= Assign the variable to the value of the right operand, but only if the variable is null or undefined. These operators simplify code logic, improve readability and performance.

What is Content Security Policy (CSP) header and why is it important?What is Content Security Policy (CSP) header and why is it important?Apr 09, 2025 am 12:10 AM

CSP is important because it can prevent XSS attacks and limit resource loading, improving website security. 1.CSP is part of HTTP response headers, limiting malicious behavior through strict policies. 2. The basic usage is to only allow loading resources from the same origin. 3. Advanced usage can set more fine-grained strategies, such as allowing specific domain names to load scripts and styles. 4. Use Content-Security-Policy-Report-Only header to debug and optimize CSP policies.

What are HTTP request methods (GET, POST, PUT, DELETE, etc.) and when should each be used?What are HTTP request methods (GET, POST, PUT, DELETE, etc.) and when should each be used?Apr 09, 2025 am 12:09 AM

HTTP request methods include GET, POST, PUT and DELETE, which are used to obtain, submit, update and delete resources respectively. 1. The GET method is used to obtain resources and is suitable for read operations. 2. The POST method is used to submit data and is often used to create new resources. 3. The PUT method is used to update resources and is suitable for complete updates. 4. The DELETE method is used to delete resources and is suitable for deletion operations.

What is HTTPS and why is it crucial for web applications?What is HTTPS and why is it crucial for web applications?Apr 09, 2025 am 12:08 AM

HTTPS is a protocol that adds a security layer on the basis of HTTP, which mainly protects user privacy and data security through encrypted data. Its working principles include TLS handshake, certificate verification and encrypted communication. When implementing HTTPS, you need to pay attention to certificate management, performance impact and mixed content issues.

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. Best Graphic Settings
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
R.E.P.O. How to Fix Audio if You Can't Hear Anyone
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
WWE 2K25: How To Unlock Everything In MyRise
3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

ZendStudio 13.5.1 Mac

ZendStudio 13.5.1 Mac

Powerful PHP integrated development environment

VSCode Windows 64-bit Download

VSCode Windows 64-bit Download

A free and powerful IDE editor launched by Microsoft

mPDF

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment