Solved

shell_exec    grep  command execution from PHP script

Posted on 2009-04-08
6
2,737 Views
Last Modified: 2013-12-12
any thoughts on debugging the following script?
Note that:
-  echo shell_exec(uptime);      works fine
-  echo "grep $SearchString /var/log/exim_mainlog";       displays the get param fine
-  but the second echo as shown below displays nothing.
-  this is executed from the base apache/htdocs  directory

<html>
<HEAD>
<body>
<?
$SearchString = $_GET['s'];
echo shell_exec(uptime);
echo shell_exec("grep $SearchString /var/log/exim_mainlog");
?>
</body>
</HEAD>
0
Comment
Question by:willsherwood
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 3

Accepted Solution

by:
GarthSnyder earned 250 total points
ID: 24102914
Your syntax is correct.

Make sure the search string actually exists in the Exim log; no output is normal if there are no matches.

Also make sure that the grep command can be located -- replace "grep" with "/bin/grep" or whatever the appropriate path is on your server.

Finally, be aware of quoting and shell metacharacter issues, including spaces. If the search pattern is "mail rejected", for example, grep will think "rejected" is a file to search and will return an error without even getting to the Exim log. Test with a simple one-word search string before something complicated.
0
 
LVL 3

Assisted Solution

by:Duboux
Duboux earned 250 total points
ID: 24103322
I can't test this, because for security reasons I've turned these commands off.

But maybe rewrite it to:
echo shell_exec("grep '".$SearchString."' /var/log/exim_mainlog");


otherwhise try to write it to a txt file and include it.


$write_to_file = "/home/.../output.txt";
shell_exec("grep '".$SearchString."' /var/log/exim_mainlog >>".$write_to_file);
echo file_get_contents($write_to_file);
0
 

Author Closing Comment

by:willsherwood
ID: 31568305
thanks all!
0
Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

 

Author Comment

by:willsherwood
ID: 24107578
A bit of an update on what I have tried:
I've re-written the command to surround the SearchString with single quotes but no luck. Also tried writing to redirect the output to a file but it won't write the output to the file at all. I then found a little piece of code on the php.net page for 'shell_exec' that shows how you can print out the exit status of commands run through shell_exec. Using that, I found that the command always returns '2', which according to
http://cisl.ucar.edu/mss/dcs4/current-html/exitcodes.html - is a retryable error
and
http://www.faqs.org/docs/abs/HTML/exitcodes.html#EXITCODESREF - which says a shell builtin was misused
However, I can take the  grep  command we're passing to shell_exec (both with and without the file redirect) and execute fine from the command line. I'm suspecting there is just something wrong in general with trying to execute a grep command using shell_exec, although I can't figure why it would. The only thing I could think of is possibly the output from grep is just too large, but I can't be sure. (but some of the search examples i'm trying return a small output)

let me know if i should enter this as a new question
0
 
LVL 3

Expert Comment

by:Duboux
ID: 24109063

I did some testing on a machine that didn't have the php exec restriction.
Both with SSH as php...
The first thing I noticed is that I didn't get output on php, when I did this command:
$SearchString = "blabla";
echo shell_exec("grep '".$SearchString."' /var/log/exim_mainlog");

In SSH it gave me the error that /var/log/exim_mainlog didn't exist.
So I tried another log file, I knew existed in there ;)
And this command worked in php:
$SearchString = "Installed";
echo shell_exec("grep '".$SearchString."' /var/log/yum.log");


The other command I posted has way more restrictions if you have open_base in place.
Because in php you're running the shell commands as admin, and admin can't create & write to files that ain't in the admins /home/admin folder ;)
So, to make it work I had did the following:

$SearchString = "Installed";
$write_to_file = "/home/admin/domains/.../public_html/output.txt";
$read_from_file = "http://..../output.txt";  /// Same file, but readable from your browser
shell_exec("grep '".$SearchString."' /var/log/yum.log >> ".$write_to_file);
echo file_get_contents($read_from_file);

Anyway, if you run the commands you need in SSH first, u get more info when there are errors ;)

Hope this helps you
0
 
LVL 3

Expert Comment

by:GarthSnyder
ID: 24111704
If you can access the HTTP server logs, that's a good place to look for error messages related to this command. You are capturing the "standard" (i.e., normal) output of the command, but error output is going elsewhere.

A couple more thoughts:

1) Another way to see error output is to add "2>&1" to the end of your shell command (separated by a space). That will combine the error output into the regular output, so it should show up in the HTTP output.

2) Exit statuses are program-dependent, so you have to be clear on whose exit code you are seeing. You don't mention how you're obtaining the code - that information would be helpful.

3) In PHP safe mode, command executions can be restricted to programs in a particular directory. What does your  say about that? Are you in safe mode? Is there a safe_mode_exec_dir defined? More here.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
This article discusses how to implement server side field validation and display customized error messages to the client.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question