Passing multiple PHP variables to shell_exec()?

php shell shell-exec

71,938

Solution 1

There is need to send the arguments with quota so you should use it like:

$page = shell_exec("/tmp/my_script.php '".$my_url."' '".$my_refer."'");

Solution 2

Change

$page = shell_exec('/tmp/my_script.php $my_url $my_refer');

$page = shell_exec("/tmp/my_script.php $my_url $my_refer");

$page = shell_exec('/tmp/my_script.php "'.$my_url.'" "'.$my_refer.'"');

Also make sure to use escapeshellarg on both your values.

Example:

$my_url=escapeshellarg($my_url);
$my_refer=escapeshellarg($my_refer);

Solution 3

Variables won't interpolate inside of a single quoted string. Also you should make sure the your arguments are properly escaped.

 $page = shell_exec('/tmp/myscript.php '.escapeshellarg($my_url).' '.escapeshellarg($my_refer));

Solution 4

You might find sprintf helpful here:

$my_url="http://www.somesite.com/";
$my_refer="http://www.somesite.com/";
$page = shell_exec(sprintf('/tmp/my_script.php "%s" "%s"', $my_url, $my_refer));

You should definitely use escapeshellarg as recommended in the other answers if you're not the one supplying the input.

Solution 5

Change

$page = shell_exec('/tmp/my_script.php $my_url $my_refer');

$page = shell_exec('/tmp/my_script.php "'.$my_url.'" "'.$my_refer.'"');

Then you code will tolerate spaces in filename.

View more solutions

71,938

Author by

user2314387

Updated on January 29, 2020

Comments

user2314387 over 4 years
I am calling test.sh from PHP using shell_exec method.
```
$my_url="http://www.somesite.com/";
$my_refer="http://www.somesite.com/";
$page = shell_exec('/tmp/my_script.php $my_url $my_refer');
```
However, the command line script says it only received 1 argument: the /tmp/my_script.php

When i change the call to:

Code:
```
$page = shell_exec('/tmp/my_script.php {$my_url} {$my_refer}');
```
It says it received 3 arguments but the argv[1] and argv[2] are empty.

When i change the call to:

Code:
```
$page = shell_exec('/tmp/my_script.php "http://www.somesite.com/" "http://www.somesite.com/"');
```
The script finally receives all 3 arguments as intended.

Do you always have to send just quoted text with the script and are not allowed to send a variable like $var? Or is there some special way you have to send a $var?
Dave Chen almost 11 years

PHP will only parse $ variables wrapped around double quotes (").
Orangepill almost 11 years

also make sure you sanatize with escapseshellarg
DaoWen almost 11 years

See the docs for the differences between single- and double-quoted strings: php.net/manual/en/language.types.string.php
David Jashi almost 11 years

I don't think it would help. He`d better embed quotes inside.
David Jashi almost 11 years

And what about spaces in filenames?
David Jashi almost 11 years

Yes, I do intentionally. My real mistake was, that I forgot to take out $my_url and $my_refer out of string.
Alfonso Fernandez-Ocampo over 9 years

yeah how do you grab those parameters in the "/tmp/my_script.php" ?
Code Lღver over 9 years

@AlfonsoFernandez-Ocampo Try print_r($_POST); to get the parameters.
Faiyaz Alam almost 8 years

@AlfonsoFernandez-Ocampo print_r($_SERVER['argv']));
miken32 about 7 years

This will absolutely not work. Variables are not interpolated in single quoted strings.
Code Lღver about 7 years

@miken32 Perhaps you have not seen braces which is used to manipulate the variables.
miken32 about 7 years

Those are also not interpreted in single quoted strings.
miken32 about 7 years

php.net/manual/en/…