php will not execute a shell script

Having  trouble getting PHP to kick off a shell script I wrote.
Below is the result of an echo in PHP outputting the $command_string just before I execute  exec("$command_string") ;.

/Applications/XAMPP/xamppfiles/htdocs/myapp/AdminFiles/ForBackup/database_and_or_table_dump.sh "DnD" "my_dbname"

If I take that line and paste it into a shell it runs fine.

I've simplified the shell script to just echo "HELLO", and that doesn't work.
Same if I pass no parameters.
So my script isn't running.

WHO does the script run as?  Just curious as I have the perms 777 and that didn't help.

------------
Some of my exec cmd tries:

exec("/bin/bash $command_string") ;
exec("$command_string") ;
exec ($command_string) ;

------------
Release Notes:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

[2014-08-21] XAMPP for OS X 1.8.3-5

This version of XAMPP includes:
    - Updated OpenSSL to 1.0.1g
    - Updated Apache to 2.4.9
    - Updated PHP to 5.5.11
    - phpMyAdmin 4.1.12

MySQL is 5.6.2.0
RalphAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Dave BaldwinFixer of ProblemsCommented:
Code running thru Apache will only have the permission of the Apache web server.  It will not have your permissions to run shell commands.  Apache is intentionally run under a limited user account to prevent people from doing the kinds of things that you are trying to do.  While it may be irritating on a single user computer, it is vital on a multi-user system where people might sabotage the machine.
0
RalphAuthor Commented:
Thanks Dave,

How then is the exec() and its cousins, meant to be used?
Any workarounds?
I need to run a non-trivial script, that checks/confirms things, to run mysqldump.
Could PHP run just that command with its parameters?

Thanks again,
Ralph
0
Dave BaldwinFixer of ProblemsCommented:
"exec()" is mostly useful running PHP on the command line (in the terminal) where it runs under your own permissions.  Because "exec()" can run any programs that you have permissions for, it is frequently disabled on web hosting servers.
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

RalphAuthor Commented:
Bad news, you should have prefaced.

Do you have any suggestions?
I know safe_mode is disappearing, so I don't want to go there.

My box and ultimately the DB & Apache server will be dedicated to this php app.

Thank you again,
Ralph
0
Dave BaldwinFixer of ProblemsCommented:
There is a feature called 'suexec' that is supposed to let you run PHP files in Apache under your own user permissions.  I don't know if it works or is even available for XAMPP on Mac.  Here's the Apache info: http://httpd.apache.org/docs/2.4/suexec.html

Another thing.  XAMPP (and WAMP and MAMP) is not considered secure enough for a 'production' environment with public and thus hacker access.  They are all designed to be 'easy' prototyping and testing environments.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
RalphAuthor Commented:
Thanks again Dave.  Yes, mine is a dev box, and the real one will be dedicated to one app.
If I read the literature right, affixing a DIR and providing only limited access to the files, should (in my limited understanding of the abilities of crooked minded people), keep even the real thing safe.  But I'm not the one to make that decision unless they ask me.  THEN I will have to get smart and likely find another way to do this.
0
Dave BaldwinFixer of ProblemsCommented:
You're welcome.  Security is a full-time problem for publicly exposed web sites and servers.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
MySQL Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.