0

I'm trying to execute a child script in bash through php shell_execute("$command") whose contents are like below. 

$command=$_GET['command'];
$op2=shell_exec("$command");
echo "Command $command output is <pre>  $op2 </pre>";

On submit I get

Command /path/to/childscript some_pattern 20 username test output is BLANK

basically my child script creates a touch file then send a mail then sleep and then email again and then rm the touch file 

hour=`date +%T`
pattern=$1
stime=$2
user=$3
reason=$4
    touch ${sdir}/s.${pattern} 
    echo -e "Snooze activated ! \n Sending mail, please wait." 
    echo "Snooze started at: $hour for pattern= $pattern by $user for $stime seconds, reason = $4" | mutt a@b.com -s "active" 
    ( echo -e "Snooze was started at: $hour on pattern = $pattern by $user for $stime seconds, buffered contents are below:\n " >> ${sdir}buffer.${pattern} && sleep $stime && rm -rf ${sdir}s.${pattern} && mutt a@b.com -s "Snooze expire" < ${sdir}/buffer.${pattern} && rm -rf ${sdir}/buffer.${pattern})&

Since i was getting blank as my output. I tried running this script by making a cleaner parent trigger script

cat trigger
bash /path/to/childscript some_pattern 20 username testing &
echo "done"

And I simply call this trigger script on submit, which gives me some progress

 Command /path/to/trigger output is
  done
Snooze activated ! 
 Sending mail, please wait.

I get an email aswell this time. Which means my child script does get called but my commands inside () dont get executed. The reason why last command is written like that is that i need to sure that all those commands occur in sequence only. This is surely some subshell/background problem but I'm stuck how to get this whole script working. Also I would like to run child script directly rather than invoking trigger which in turn invokes child.

My form code, although it looks fine is as below 

<div id= "test" >
<form action="/path/to/test.php" >
<form method="post" action="" >
<b>Execute command:</b><br>
<input type="text" name="command">
<input type="submit" value="enter">
<br><br>
</form>
</div>

I'm absolutely new to web devl and have been warned that this can be fatal if someone executes some random command. I agree to it, but only authorised person can get access to this page. Also if this is not possible what would be the way to run this script with appropriate checks.

pythonRcpp
  • 2,042
  • 6
  • 26
  • 48
  • Don't put backticks around the command, and don't run the command in the background with `&`. – Barmar Jan 29 '15 at 02:57
  • 4
    you should not be passing user supplied content to `shell_exec()` or command line functions without escaping the input... – kittycat Jan 29 '15 at 02:58
  • @Barmar U mean the & in the trigger script or the child script? Also backticks are nowhere, maybe wrong fomatting I did. – pythonRcpp Jan 29 '15 at 03:03
  • 2
    You shouldn't use `&` anywhere. If you run a command in the background, the main script won't wait for it to finish before returning the results to PHP. – Barmar Jan 29 '15 at 03:05
  • @Barmar, i removed all & , still doesnt help – pythonRcpp Jan 29 '15 at 03:37
  • Also, rather than sequencing the commands with `... && ... && ...`, I'd recommend making a series of `if` statements, so that you can handle failures intelligently rather than simply stopping execution silently if one command in your chain returns a failure. – ghoti Jan 29 '15 at 03:38
  • Architecturally, you're likely to have problems here in part because everything's running under PHP. Instead of launching things this way, consider having the thing that manages your snooze behaviour (the email, lock, etc) running as a separate user that is *signalled* by your PHP script rather than *run* by it. Check out [this answer](http://stackoverflow.com/a/10958125/1072112) for one strategy for handling signals using simple scripts. It's about FTP logs, but the basic principle can be used for whatever you need. – ghoti Jan 29 '15 at 03:43
  • The subshell doesn't produce any output. The `echo` command is redirected to a file. – Barmar Jan 29 '15 at 03:44
  • /bin/cat /tmp/sample #i see this ` echo -e " ${snoozedir}/snooze.${pattern}" #i see this /bin/cat /tmp/shriphp > "${snoozedir}snooze.${pattern}" # none gets created echo -e "i see thi Snooze activated ! \n Sending mail, please wait." echo -e "i see this"` – pythonRcpp Jan 29 '15 at 03:54
  • http://stackoverflow.com/questions/17234883/bash-script-run-by-php-exec-not-doing-redirection-properly im tryinhg to find how this was solved, I dont have the repo to comment there. Any suggestion on how to get this redirection thing working? Many thanks – pythonRcpp Jan 29 '15 at 04:51

0 Answers0