class MyCLI {
public $last_response;
private $cli_is_available = false; //TODO: factory pattern
private $executable;
public function __construct($executable="/bin/echo") {
$this->last_response = null;
if (file_exists($executable)) {
$this->cli_is_available = true;
$this->executable = $executable;
}
}
public function is_available() {
return $this->cli_is_available;
}
public function foobar() {
$this->run_command('some stuff here');
}
private function run_command($argument_string) {
$command = $this->executable . escapeshellcmd($argument_string);
exec($command, $output, $status);
if ($status == 0) {
$this->last_response = implode($output);
}
return $status;
}
}
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
YOU CAN'T USE SUID ON A SHELL SCRIPT so these only work if www-data owns the script
(and can do whatever commands are in the script...)
loggedon.sh
//CAN'T DO TAIL WITHOUT SUDO!
tail /var/log/apache2/access.log > loggedon.tmp
mail -s SOFTWARE-DOWNLOAD iser@domain < loggedon.tmp
<?php
exec( './loggedon.sh');
// system( './loggedon.sh'); displays results
// passthru( './loggedon.sh'); displays all results!
?>
or system: Execute an external program and display the output
string system ( string $command [, int &$return_var ] )
ensure that www-data (or the apache user) has ownership and permissions
chown root:www-data loggedon.sh
chmod 550 loggedon.sh