I've done/read as much as I can on exec() in Windows, but.....

[Collie]

Hey Guys/Gals

With safe_mode_exec_dir set in php.ini, the Apache service set to 'allow service to interact with the desktop', all of the executables required in the script in the safe_mode_exec_dir and cmd.exe with read/execute rights I still, after days of head-banging and gis'ing and php-freaking, can't get this to work.  I hope it is a stupid simple oversight, even if it leaves me looking stupid and simple, I'll live 

 

Right: - Windows XPSP2, Apache 2.2.4 and PHP 5.2.0 on Localhost

I'll set the scene.  I need to accept two files from a user and using a third party exe convert one into the other.  I realise using exec() with user input is dodgy so I have concatenated the user input to a long executable string and I'll do extra checking (that they are an msi and wxs file) later.

 

The files are passed to procConvertWix() by the user and from there passed to convertwix() where the concatination is done, and returned back to procConvertWix() for execution.

 

In procConvertWix() I have displayed the fully concatenated string in the browser, copied and ran it from cmd.exe and it executes perfectly, so that's not the problem.

Displaying the $ouput of exec() simply gives me:

Array

(

)

 

I have tried using a fully qualified path to cmd.exe, using shell_exec() with safe mode turned off, using start /b, system(), popen() and on it goes really.  The one below is using psexec.exe, but that is not required, just where my code is at the mo.

 

So anyone have any idea why the process won't run in the browser?  Is there another setting that I need to set? A piece of code missing? Will I just give up and drink beer instead?  Any advice would be greatly appreciated.

 

function procConvertWix(){

  global $session;

  $retval = $session->convertwix($_POST['msi'], $_POST['wix']);

  exec("$retval 2>&1", $output);

  echo $retval;

  print_r($array_output);

}

 

function convertwix($msiname, $wixname){

  chdir("c:\\program files\\php\\safedir");

  $dark = "\"c:\program files\php\safedir\wix\dark.exe\" /x";

  $msi = escapeshellarg($msiname);

  $wix = escapeshellarg($wixname);

  $psexec = "\"c:\program files\php\safedir\pstools\psexec.exe\" -d";

  $location = "C:\\test\\Ica32Pkg2\\";

  $program = $psexec." ".$dark." ".$location." ".$location.$msiname." ".$location.$wixname;

  return $program;

}

 

Thank you in advance for any help, or simply just for reading it and laughing.  I'm a happy guy to have vented my frustrations none the less.  Have a good day.

 

Col.