In my php server, I can not access exec function. How can I enable it and is it risk for my server?
1条回答 默认 最新
dtsi9484 2015-12-31 12:08关注You can enable it by disabling
safe_mode()inphp.ini.As far as whether or not you should do this for security reasons, I would say that it's a bit more secure to leave it disabled, but the risk should be minimal if you write your code in a safe manner and make sure to validate, sanitize, and properly-quote input. Using
exec()with a constant argument tends to be fairly safe. But, doing something likeexec('myprogram ' . $_POST['user_id']);is very very dangerous.To safely pass an argument to
exec();, you need to make use ofescapeshellarg():<?php if (isset($_POST['user_id'])) { $userId = $_POST['user_id']; } else { $userId = '0'; } exec('myprogram ' . escapeshellarg($userId));本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报
分享
- 2018-10-25 19:40回答 1 已采纳 Use the printf command instead of echo, it processes escape sequences in the format string. Also,
- 2019-04-12 12:47回答 1 已采纳 In order to run Nutch you need the JAVA_HOME environment variable set and pointing to the proper p
- 2012-03-11 18:58回答 2 已采纳 The file you mention is an autoscript file that does not do anything by itself. Like a text file.
- 2020-10-25 13:08中没有禁用这两个函数,或者在运行环境中获得了必要的权限来启用它们。 在PHP的后续版本更新中,也可能会引入新的安全措施和改进,以减少这类函数带来的风险。开发者应保持对PHP安全动态的关注,并及时应用最新的...
- 2022-01-12 06:54回答 1 已采纳 其实说白了就是把一个字符串的引号去掉,把它当成代码执行python本身就是解释性的语言,所以可以支持这种动态编译当然由此也会引发很多问题,导致编译阶段很难找出一些bug,需要加强测试
- 2015-03-08 19:30回答 2 已采纳 Try these two commands. chmod -R 777 /path/of/your/app chown -R apache:apache path/of/your/app
- 2016-09-23 22:59回答 1 已采纳 Thanks for huge help and help me by Patience & listening my question. i solve it by install mysqli
- 2021-03-22 20:40顾不得的博客 0.说明在 php 中,我们可以使用 exec()来执行系统命令,但有时我们会遇到 exec()命令执行不成功,或者无返回的情况,下面来说明一下:1.函数exec ( string $command [, array &$output [, int &$return_var ...
- 2017-02-02 04:48回答 2 已采纳 I think the argument is successfully being passed. The c code not using the argument. It is doing
- 2013-07-08 09:24回答 3 已采纳 Perhaps simply preg_match('/[0-9]*/', $output, $matches); If I'm not mistaken... To be sure:
- 2016-04-20 08:29回答 1 已采纳 change the file permissions of nmap for php user or execute it as sudo and add the php user to the
- 2020-12-18 16:36然而,这些功能强大的函数同时也伴随着潜在的安全风险,因此在实际应用中需谨慎使用。 `exec`函数用于执行外部程序,并返回程序的最后一个输出行。它的基本语法是`string exec(string command, array &$output, int...
- 2021-03-22 20:40TEDCJK的博客 0.说明在php中,我们可以使用exec()来执行系统命令,但有时我们会遇到exec()命令执行不成功,或者无返回的情况,下面来说明一下:1.函数exec ( string $command [, array &$output [, int &a...
- 2019-10-23 15:10nsy1989的博客 PHP exec函数使用: 1.检测exec函数是否开启: <?php //被禁用的函数集 $disable_functions = ini_get('disable_functions'); //转换为数组 $disabled = explode(',', $disable_functions); //判断是否包含...
- 2020-12-18 19:54在PHP中,`exec()`函数是一个非常强大的工具,它允许开发者直接执行系统级别的shell命令,并获取命令的输出。然而,这种能力也带来了安全风险,特别是当命令的构建涉及到用户输入时,可能会引发**命令注入(Command ...
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 乌班图ip地址配置及远程SSH
- ¥15 怎么让点阵屏显示静态爱心,用keiluVision5写出让点阵屏显示静态爱心的代码,越快越好
- ¥15 PSPICE制作一个加法器
- ¥15 javaweb项目无法正常跳转
- ¥15 VMBox虚拟机无法访问
- ¥15 skd显示找不到头文件
- ¥15 机器视觉中图片中长度与真实长度的关系
- ¥15 fastreport table 怎么只让每页的最下面和最顶部有横线
- ¥15 java 的protected权限 ,问题在注释里
- ¥15 这个是哪里有问题啊?