Solved

PHP net user $_POST["username"] $_POST["password"] /add

Posted on 2007-12-04
12
799 Views
Last Modified: 2013-12-13
I'm trying to make a php page that will add a local user and a password using data entered into a previous page.  The $_POST variables don't work.

Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\wamp\www\process.php on line 4
<html>
<body>
<?php
$output = `net user $_POST["username"] $_POST["password"] /add`; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>

Open in new window

0
Comment
Question by:subl1m1nal
  • 6
  • 4
  • 2
12 Comments
 
LVL 21

Expert Comment

by:nizsmo
ID: 20406242
This should fix it.
<html>
<body>
<?php
$output = "net user" . $_POST["username"] . $_POST["password"] . "/add"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>

Open in new window

0
 
LVL 3

Author Comment

by:subl1m1nal
ID: 20406383
Almost works.  No error anyway.  I was wondering how to incorporate the backticks so it runs the command.
0
 
LVL 21

Expert Comment

by:nizsmo
ID: 20406401
NOt too sure what you mean by runs the command, but I am guessing maybe something like this?

<html>
<body>
<?php
$output = "`net user" . $_POST["username"] . $_POST["password"] . "/add`"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
0
Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

 
LVL 3

Author Comment

by:subl1m1nal
ID: 20406459
I'm trying to execute a windows command from the PHP using variables that PHP has gathered from user input.  Net User will add a user to the local computer.

sytax:
net user joe joespwd /add

This will add a user named Joe with a password of joespwd to the local computer.
0
 
LVL 21

Expert Comment

by:nizsmo
ID: 20406528
ahh ok i kind of get it, though unfamiliar on how it works.

I misse a couple of spaces which may prevent it from working, here is the fixed version, not sure if it will work for what you want, but you can try.


<html>
<body>
<?php
$output = "`net user " . $_POST["username"] . " " . $_POST["password"] . " /add`"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
0
 
LVL 3

Author Comment

by:subl1m1nal
ID: 20406597
That didn't do it either.  I can get it to work without the variables.  E.G.

$output = `net user subl1m1nal subp@ss /add`

I just got to somehow add variables to that.
0
 
LVL 21

Assisted Solution

by:nizsmo
nizsmo earned 200 total points
ID: 20406641
I guess you can try it all with backticks, but try echo out the output to see if the command is what you are expecting, and the $_POST is actually working:


<html>
<body>
<?php
$output = `net user ` . $_POST["username"] . ` ` . $_POST["password"] .  `/add`; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
0
 
LVL 3

Author Comment

by:subl1m1nal
ID: 20406689
That didn't do it either.  Is there a way to pass the parameters to a batch file?
0
 
LVL 17

Accepted Solution

by:
nplib earned 300 total points
ID: 20406728
you need to invoke the shell_exec() function to execute a command
<html>
<body>
<?php
$output = "`net user " . $_POST["username"] . " " . $_POST["password"] . " /add`"; ?>
shell_exec($output);
echo "<pre>$output</pre>";
?>
</body>
</html>
0
 
LVL 3

Author Comment

by:subl1m1nal
ID: 20406993
Awesome!  This works now.  nplib, you almost had the code perfect.  The only thing is you left the backticks in, so I took them out and it works perfect now.  Thanks nizsmo and nplib for your help.  Final code is attached.
<html>
<body>
<?php
$output = "net user " . $_POST["username"] . " " . $_POST["password"] . " /add";
shell_exec($output);
echo "<pre>This is the output: $output</pre>";
?>
</body>
</html>

Open in new window

0
 
LVL 17

Expert Comment

by:nplib
ID: 20407000
You wanted the back ticks, I didn't know why, so I just went with it.
0
 
LVL 3

Author Closing Comment

by:subl1m1nal
ID: 31412681
Good job guys.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction A frequently used term in Object-Oriented design is "SOLID" which is a mnemonic acronym that covers five principles of OO design.  These principles do not stand alone; there is interplay among them.  And they are not laws, merely princ…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question