• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 675
  • Last Modified:

PHP to Powershell Execution

Hello everyone. I'm having some troubles figuring out how to wrap my head around this project I'm working on. I want to have a webpage function as my script's gui.

Basically I want to have a simple PHP form that will pass the text box values to powershell variables.

Name :________
Email: _________

Write-Host $Name
Write-Host $Email

How would I go about doing that? I'm a novice to both PHP and powershell.
  • 2
1 Solution
Ray PaseurCommented:
On the PHP side of things, this article can point you to some good learning resources.

PHP has an introductory tutorial on dealing with HTML forms.  When you read it, follow the links for more details about how to work with forms safely.

I'll leave the PowerShell part to another expert.
Giovanni HewardCommented:
Here's a rough example:
if ($_REQUEST['name'] && $_REQUEST['email'] {
	if (preg_match('/(\w|\s|\d|\.|-|@)+/i', $_REQUEST['name'], $regs)) {
		$name = $regs[0];
		if (preg_match('/(\w|\s|\.|-)+/i', $_REQUEST['email'], $regs)) {
			$email = $regs[0];
			exec ( "echo .|powershell.exe someScript.ps1 -name \"$name\" -email \"$email\"", $output);

Open in new window

You'll definitely want to perform proper input validation to avoid possible injection vulnerabilities.

Your PowerShell script would then handle the input values (-name and -email) using the param section of the script.  More info here.

function foo()
  param([string]$name = "name", [string]$email = "email");
  Write-Host "Arg: $name";
  Write-Host "Arg: $email";

Open in new window

Ray PaseurCommented:
Just a thought... If you're new to PHP, try to explain in writing (one sentence is all you need) what each line of code in the accepted solution is doing.  If you find that you can't do that, you might want to take some time to look up the functions, learn about regular expressions, etc.  If you're in an area of PHP programming where exec() seems like the answer, you're almost always asking the wrong question.  It's a place where many risks lie, and many hosting companies disable exec() for that reason.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now