non-admin user taking ~7 seconds to run system("C:\...") command

[tbare]

as the title states, on my Windows Server 2003 machine w/ IIS 6, setting Anonymous Access to a non-admin user takes about 7 - 9 seconds to execute a script, whereas an admin account takes about 1.5 - 2 seconds.

 

Is there a way around this? I really don't want to have (even the 1 file that executes the system() command) be accessed by my admin account, but 8 seconds is an unacceptable time to wait for the next page to load.

[gizmola]

Seems pretty odd behavior.  What is the the script doing?

[tbare]

that's my thought, too... that's why i'm confused.

 

there's one line of code that's causing the issue:

system("C:\path\to\exe.exe ".$insertedID);

where $insertedID is the id of info inserted into a DB.

 

the exe is taking the insertedID as an argument, and pulling info from the DB, putting it into an excel file, and getting results, then putting the results in the db.

 

after that, the php file forwards you to your results page.

 

the odd thing is, if i run the exe from cmd using /runas, it's instantaneous...

 

i'm stumped!

[gizmola]

You might consider trying the technique used by this guy to make it asynchronous:  http://robert.accettura.com/blog/2006/09/14/asynchronous-processing-with-php/

[tbare]

unfortunately, that's not going to be too much help - the process in and of itself isn't supposed to take this long, and it's not when the domain administrator is executing the php script... only when another user is...

 

Thanks for the thought though! i'm welcome to as many other thoughts as people can come up with...

[gizmola]

How do you know it's not going to be a help?  If the script is sitting there waiting on something that it doesn't need to wait on, then you solve your problem entirely by making it asynchronous.  The task will get done, and the user will have the responsiveness desired.

[tbare]

there's nothing to do while it's processing. the new info (added from the exe) has to be there to do what happens next... :-/

[gizmola]

Just for the heck of it, try passthru() and see if there's any difference.

[tbare]

I've tried passthru and exec ... same result with both (as i would have expected...)

 

thanks though.

[gizmola]

Is ipv6 enabled on the IIS server?  If so, try disabling it.

[tbare]

nope - Windows 2k3 - no IPV6

[gizmola]

The only thing I can think of that might be of any help is to tell you that ultimately, php is calling CreateProcessAsUser().  I saw some notes about differences in environment handling in 2003 vs later versions.  Basically, you're talking about a really moldy os and an antiquated version of IIS.  I found this, which didn't seem directly relevant, but might offer some additional information:  http://support.microsoft.com/kb/904056

 

Best of luck with this, but you may end up just having to run as admin.

[tbare]

nice find! and that sucks...

 

alright - what's your thought on setting a single file (that the user never sees - strictly running the exe, using ob_start and ob_end_flush, then using header() to forward to the results page) as admin ... i don't like it, but i don't see another option now.

[gizmola]

You could also use fopen or use curl to run the one page, but yeah it seems like a creative workaround.

[tbare]

curl may work... but i honestly don't think it'd execute any faster than system, exec, or passthru....

[gizmola]

curl may work... but i honestly don't think it'd execute any faster than system, exec, or passthru....

 

I was just extrapolating based on what I assumed you wanted to do at this point.  I thought that what you wanted to do was have the one single script that does the system() call configured so that it would use your admin user, but you did not want the entire server configured that way, so you would accomplish that in some fashion.

 

Then in terms of how you continue to have your script operate, it would need to make a call to the script that does the system call from the main script, so that is where I would suggest using curl, but if I misunderstood, just ignore my ramblings.

[tbare]

yeah -- but i can specify a different anonymous user on a single file in IIS to be different than all of the other files for the site... (what you say? microsoft did a good thing?)

 

I see where you're going with that, though.