subl1m1nal
asked on
PHP net user $_POST["username"] $_POST["password"] /add
I'm trying to make a php page that will add a local user and a password using data entered into a previous page. The $_POST variables don't work.
Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\wamp\www\process.php on line 4
Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\wamp\www\process.php on line 4
<html>
<body>
<?php
$output = `net user $_POST["username"] $_POST["password"] /add`; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
ASKER
Almost works. No error anyway. I was wondering how to incorporate the backticks so it runs the command.
NOt too sure what you mean by runs the command, but I am guessing maybe something like this?
<html>
<body>
<?php
$output = "`net user" . $_POST["username"] . $_POST["password"] . "/add`"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
<html>
<body>
<?php
$output = "`net user" . $_POST["username"] . $_POST["password"] . "/add`"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
ASKER
I'm trying to execute a windows command from the PHP using variables that PHP has gathered from user input. Net User will add a user to the local computer.
sytax:
net user joe joespwd /add
This will add a user named Joe with a password of joespwd to the local computer.
sytax:
net user joe joespwd /add
This will add a user named Joe with a password of joespwd to the local computer.
ahh ok i kind of get it, though unfamiliar on how it works.
I misse a couple of spaces which may prevent it from working, here is the fixed version, not sure if it will work for what you want, but you can try.
<html>
<body>
<?php
$output = "`net user " . $_POST["username"] . " " . $_POST["password"] . " /add`"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
I misse a couple of spaces which may prevent it from working, here is the fixed version, not sure if it will work for what you want, but you can try.
<html>
<body>
<?php
$output = "`net user " . $_POST["username"] . " " . $_POST["password"] . " /add`"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
ASKER
That didn't do it either. I can get it to work without the variables. E.G.
$output = `net user subl1m1nal subp@ss /add`
I just got to somehow add variables to that.
$output = `net user subl1m1nal subp@ss /add`
I just got to somehow add variables to that.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
That didn't do it either. Is there a way to pass the parameters to a batch file?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Awesome! This works now. nplib, you almost had the code perfect. The only thing is you left the backticks in, so I took them out and it works perfect now. Thanks nizsmo and nplib for your help. Final code is attached.
<html>
<body>
<?php
$output = "net user " . $_POST["username"] . " " . $_POST["password"] . " /add";
shell_exec($output);
echo "<pre>This is the output: $output</pre>";
?>
</body>
</html>
You wanted the back ticks, I didn't know why, so I just went with it.
ASKER
Good job guys.
Open in new window