Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 819
  • Last Modified:

PHP net user $_POST["username"] $_POST["password"] /add

I'm trying to make a php page that will add a local user and a password using data entered into a previous page.  The $_POST variables don't work.

Parse error: syntax error, unexpected '"', expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\wamp\www\process.php on line 4
<html>
<body>
<?php
$output = `net user $_POST["username"] $_POST["password"] /add`; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>

Open in new window

0
subl1m1nal
Asked:
subl1m1nal
  • 6
  • 4
  • 2
2 Solutions
 
nizsmoDeveloperCommented:
This should fix it.
<html>
<body>
<?php
$output = "net user" . $_POST["username"] . $_POST["password"] . "/add"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>

Open in new window

0
 
subl1m1nalAuthor Commented:
Almost works.  No error anyway.  I was wondering how to incorporate the backticks so it runs the command.
0
 
nizsmoDeveloperCommented:
NOt too sure what you mean by runs the command, but I am guessing maybe something like this?

<html>
<body>
<?php
$output = "`net user" . $_POST["username"] . $_POST["password"] . "/add`"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
subl1m1nalAuthor Commented:
I'm trying to execute a windows command from the PHP using variables that PHP has gathered from user input.  Net User will add a user to the local computer.

sytax:
net user joe joespwd /add

This will add a user named Joe with a password of joespwd to the local computer.
0
 
nizsmoDeveloperCommented:
ahh ok i kind of get it, though unfamiliar on how it works.

I misse a couple of spaces which may prevent it from working, here is the fixed version, not sure if it will work for what you want, but you can try.


<html>
<body>
<?php
$output = "`net user " . $_POST["username"] . " " . $_POST["password"] . " /add`"; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
0
 
subl1m1nalAuthor Commented:
That didn't do it either.  I can get it to work without the variables.  E.G.

$output = `net user subl1m1nal subp@ss /add`

I just got to somehow add variables to that.
0
 
nizsmoDeveloperCommented:
I guess you can try it all with backticks, but try echo out the output to see if the command is what you are expecting, and the $_POST is actually working:


<html>
<body>
<?php
$output = `net user ` . $_POST["username"] . ` ` . $_POST["password"] .  `/add`; ?>
echo "<pre>$output</pre>";
?>
</body>
</html>
0
 
subl1m1nalAuthor Commented:
That didn't do it either.  Is there a way to pass the parameters to a batch file?
0
 
nplibCommented:
you need to invoke the shell_exec() function to execute a command
<html>
<body>
<?php
$output = "`net user " . $_POST["username"] . " " . $_POST["password"] . " /add`"; ?>
shell_exec($output);
echo "<pre>$output</pre>";
?>
</body>
</html>
0
 
subl1m1nalAuthor Commented:
Awesome!  This works now.  nplib, you almost had the code perfect.  The only thing is you left the backticks in, so I took them out and it works perfect now.  Thanks nizsmo and nplib for your help.  Final code is attached.
<html>
<body>
<?php
$output = "net user " . $_POST["username"] . " " . $_POST["password"] . " /add";
shell_exec($output);
echo "<pre>This is the output: $output</pre>";
?>
</body>
</html>

Open in new window

0
 
nplibCommented:
You wanted the back ticks, I didn't know why, so I just went with it.
0
 
subl1m1nalAuthor Commented:
Good job guys.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 6
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now