ID: 15157 Updated by: torben Old Summary: exec()/system() doesn't work with parameters in quotation-marks in system-call Reported By: [EMAIL PROTECTED] Old Status: Bogus Status: Analyzed Old Bug Type: Program Execution Bug Type: Documentation problem Operating System: Linux (Debian) / Solaris 8 PHP Version: 4.1.0 New Comment:
Hartmut, you should reread the bug report. Oliver, I'm reopening this and reclassifying it as a Documentation Problem. When safe_mode is on, the arguments are passed through a function which escapes potentially dangerous characters--including the quote characters. However, this behaviour does not appear to be documented anywhere. When I enable safe_mode, I get the result you describe. However, when I remove the quotes and use this: exec('whois -h whois.denic.de Dirk Janssen', $output); ...I get the proper result on line 14: [14] => % No entries found for the selected source: "Dirk Janssen" I take it you don't get the right result from an authorized server? Torben Previous Comments: ------------------------------------------------------------------------ [2002-01-22 05:54:32] [EMAIL PROTECTED] please compile this little C program 'argdump' ---8<----- argdump.c -------------------------------- #include <stdio.h> #include <stdlib.h> int main(int argc, char **argv) { int i; for(i=0;i<argc;i++) printf("%d: %s\n",i,argv[i]); return EXIT_SUCCESS; } ---------------------------------------->8----------- and try the following PHP script (with argdump in $PATH) ---8<----- test.php -------------------------------- <?php function do_exec($cmd) { $res=array(); exec($cmd,$res); echo "\n\n$cmd\n"; print_r($res); } do_exec("argdump -h whois.denic.de Penelope\ Cruz"); do_exec("argdump -h whois.denic.de \"Penelope\ Cruz\""); do_exec("argdump -h whois.denic.de \"Penelope Cruz\""); do_exec("argdump -h whois.denic.de 'Penelope\ Cruz'"); do_exec("argdump -h whois.denic.de ".'"'."Penelope Cruz".'"'); ?> ---------------------------------------->8----------- my results are: argdump -h whois.denic.de Penelope\ Cruz Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope Cruz ) argdump -h whois.denic.de "Penelope\ Cruz" Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope\ Cruz ) argdump -h whois.denic.de "Penelope Cruz" Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope Cruz ) argdump -h whois.denic.de 'Penelope\ Cruz' Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope\ Cruz ) argdump -h whois.denic.de "Penelope Cruz" Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope Cruz ) on *both* linux (SuSE 7.3) and Solaris (SunOS 5.5.1 and 5.7) ------------------------------------------------------------------------ [2002-01-22 05:45:28] [EMAIL PROTECTED] I'm running safe-mode (of cause!) and have an symbolic link to /usr/bin/whois in my safe-mode-exec-dir. Oliver ------------------------------------------------------------------------ [2002-01-22 05:42:03] [EMAIL PROTECTED] Run phpinfo(). Is safe_mode 'On' or 'Off'? You would get this result if, for instance, safe_mode was 'On' and whois was in your safe_mode_exec_dir. Torben ------------------------------------------------------------------------ [2002-01-22 05:36:43] [EMAIL PROTECTED] Did I mention, that I tried system(), too? It's just the desperate attempt to get that thing to work. In my opinion PHP doesn't allow to pass two or more words as one parameter to a function. Oliver. ------------------------------------------------------------------------ [2002-01-22 05:32:01] [EMAIL PROTECTED] Yes, I know the difference. That's why I tried several ways (with/without quotation marks, with stripslashes($command), with/without escaped spaces ('\ ') ), but it didn't work. I asked several colleagues for advice (PHP and Linux-Freaks), but we found no solution. But tell me: Does the script work on your system? Maybe I have an error in my configuration.... Greets, Oliver. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/?id=15157 Edit this bug report at http://bugs.php.net/?id=15157&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]