Passing multiple PHP variables to shell_exec()?
Solution 1
There is need to send the arguments with quota so you should use it like:
$page = shell_exec("/tmp/my_script.php '".$my_url."' '".$my_refer."'");
Solution 2
Change
$page = shell_exec('/tmp/my_script.php $my_url $my_refer');
to
$page = shell_exec("/tmp/my_script.php $my_url $my_refer");
OR
$page = shell_exec('/tmp/my_script.php "'.$my_url.'" "'.$my_refer.'"');
Also make sure to use escapeshellarg
on both your values.
Example:
$my_url=escapeshellarg($my_url);
$my_refer=escapeshellarg($my_refer);
Solution 3
Variables won't interpolate inside of a single quoted string. Also you should make sure the your arguments are properly escaped.
$page = shell_exec('/tmp/myscript.php '.escapeshellarg($my_url).' '.escapeshellarg($my_refer));
Solution 4
You might find sprintf
helpful here:
$my_url="http://www.somesite.com/";
$my_refer="http://www.somesite.com/";
$page = shell_exec(sprintf('/tmp/my_script.php "%s" "%s"', $my_url, $my_refer));
You should definitely use escapeshellarg
as recommended in the other answers if you're not the one supplying the input.
Solution 5
Change
$page = shell_exec('/tmp/my_script.php $my_url $my_refer');
to
$page = shell_exec('/tmp/my_script.php "'.$my_url.'" "'.$my_refer.'"');
Then you code will tolerate spaces in filename.
user2314387
Updated on January 29, 2020Comments
-
user2314387 over 4 years
I am calling test.sh from PHP using shell_exec method.
$my_url="http://www.somesite.com/"; $my_refer="http://www.somesite.com/"; $page = shell_exec('/tmp/my_script.php $my_url $my_refer');
However, the command line script says it only received 1 argument: the /tmp/my_script.php
When i change the call to:
Code:
$page = shell_exec('/tmp/my_script.php {$my_url} {$my_refer}');
It says it received 3 arguments but the argv[1] and argv[2] are empty.
When i change the call to:
Code:
$page = shell_exec('/tmp/my_script.php "http://www.somesite.com/" "http://www.somesite.com/"');
The script finally receives all 3 arguments as intended.
Do you always have to send just quoted text with the script and are not allowed to send a variable like $var? Or is there some special way you have to send a $var?
-
Dave Chen almost 11 yearsPHP will only parse
$
variables wrapped around double quotes ("
). -
Orangepill almost 11 yearsalso make sure you sanatize with escapseshellarg
-
DaoWen almost 11 yearsSee the docs for the differences between single- and double-quoted strings: php.net/manual/en/language.types.string.php
-
David Jashi almost 11 yearsI don't think it would help. He`d better embed quotes inside.
-
David Jashi almost 11 yearsAnd what about spaces in filenames?
-
David Jashi almost 11 yearsYes, I do intentionally. My real mistake was, that I forgot to take out
$my_url
and$my_refer
out of string. -
Alfonso Fernandez-Ocampo over 9 yearsyeah how do you grab those parameters in the "/tmp/my_script.php" ?
-
Code Lღver over 9 years@AlfonsoFernandez-Ocampo Try
print_r($_POST);
to get the parameters. -
Faiyaz Alam almost 8 years@AlfonsoFernandez-Ocampo print_r($_SERVER['argv']));
-
miken32 about 7 yearsThis will absolutely not work. Variables are not interpolated in single quoted strings.
-
Code Lღver about 7 years@miken32 Perhaps you have not seen braces which is used to manipulate the variables.
-
miken32 about 7 yearsThose are also not interpreted in single quoted strings.
-
miken32 about 7 years