2018-07-21 12:21
浏览 171


I used this cronjob to perform php script with sql query every minute:

* * * * * /usr/bin/php /local/path/to/file.php

Unfortunately, this triggers an error due to not knowing what Mysqli extension is.

therefore I used

* * * * * curl /localhost/server/root/path/to/file.php

This works, but I wonder if it is possible to specify local path of the file instead of adding php file to the apache project and running curl to execute it?

No one, but the crontab should run the file so it makes little sense to place it among other apache files. thanks

There is a hackish solution that is based on malicious users not knowing that they need to pass a query parameter:


* * * * * curl /localhost/server/root/path/to/file.php?randomString=veryRandomString


$authentication = isset($_GET['randomString']) ? $_GET['randomString'] : '';
if($authentication == "veryRandomString"){

Any other solution?

ERROR UPDATE: When I run in terminal this 2 commands I get:

/usr/bin/php /local/path/to/file.php // triggers mysqli error
php /local/path/to/file.php // successfull script execution

`whereis php` returns `/usr/bin/php`

图片转代码服务由CSDN问答提供 功能建议


  * * * * * / usr / bin / php /local/path/to/file.php

遗憾的是,这会导致错误 不知道Mysqli扩展是什么。


  * * * * * curl / localhost / server / root / path /  to / file.php 

这有效,但我想知道是否可以指定文件的本地路径,而不是将php文件添加到apache项目并运行 curl执行它?

没有人,但crontab应该运行该文件,因此将它放在其他apache文件中是没有意义的。 thanks < p>有一个基于恶意用户的黑客解决方案,他们不知道他们需要传递查询参数:


  * * * * * curl /localhost/server/root/path/to/file.php?randomString=veryRandomString


 <代码>&LT; PHP中\ N $ AUT  hentication = isset($ _ GET ['randomString'])?  $ _GET ['randomString']:''; 
if($ authentication ==“veryRandomString”){
 // proceed 
} else {


ERROR UPDATE: 当我在终端中运行这两个命令时,我得到: \ n

  / usr / bin / php /local/path/to/file.php //触发mysqli错误
php /local/path/to/file.php //成功执行脚本
其中php`返回`/ usr / bin / php` 
  • 写回答
  • 好问题 提建议
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • dongnan4571 2018-07-21 13:51

    Try using which php instead of whereis php to see which php is being used when you run php for the case that works, with no path specified.

    I suspect it might not be /usr/bin/php. Note: "which" searches your user's PATH, and it's possible that running php without the /usr/bin/php specified is running a different php version than /usr/bin/php. If that turns out to be the case, just change your crontab to specify the full path to that one, which works.

    You can also examine what php.ini is being used for the two cases:

    First, try this

    /usr/bin/php --ini

    ... and compare it to this:

    php --ini

    Are they both using the same ini? If not, are they different? Look for the extension being loaded, it should look something like this:

    If you see a semicolon in front, it means that the line is commented out, so remove the semicolon. If the extension is not loaded, of course you will not be able to load mysqli.

    Unrelated: For future projects, consider PDO instead of mysqli, it's more modern. Also, remember that solutions like "?randomString=veryRandomString" which you suggested will often log veryRandomString in web server logs.

    解决 无用
    打赏 举报
  • douping6871 2018-07-21 12:33
    mysql -u(username) -p(password) (the name of the database) -e "DELETE FROM `table_name` WHERE `column` = 'value'"

    try {
        $dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
        foreach($dbh->query('SELECT * from FOO') as $row) {
        $dbh = null;
    } catch (PDOException $e) {
        print "Error!: " . $e->getMessage() . "<br/>";
    解决 无用
    打赏 举报

相关推荐 更多相似问题