exec() Question

[Fadion]

I am making a simple php script using exec() to execute commands in my linux host. When i execute 'ls' it shows the right content on that directory, but what i want to know if there is a way i can distinguish between folders and files. In this way i can lets say make folders show in black and files in grey. Also when i execute a wrong command i wanna get any system error message. If these are possible it would be great if someone helped me.

 

The actual code im using, just to give an idea:

 

if(array_key_exists('command', $_POST) and strlen($_POST['command']) > 0){
$command = $_POST['command'];
exec($command, $arr);
foreach($arr as $value){
	echo $value . "<br />";
}
}

[pyrodude]

You can use is_file in your foreach statements

 

if(array_key_exists('command', $_POST) and strlen($_POST['command']) > 0){
    $command = $_POST['command'];
    exec($command, $arr);
    foreach($arr as $value){
        if (is_file($value)) {
            echo "<h1>$value</h1>";
        }
        else {
            echo "$value<br />";
        }
    }
}

[Fadion]

Thnx for the reply m8, but actually it cant work like that. exec() passes its lines to an array and what it shows is just plain text, so using is_file over a string cant get any results. Anyway thnx, hope someone has got any idea.

[Vizor]

Why not just check if the command given is ls and then get all the files and folders from wherever you need into an array and then foreach loop them and use is_dir to check that it's a folder or not.

[calabiyau]

is there some particular reason you are executing linux commands instead of using php file handling functions?  they could do what you want to do, but maybe you have a good reason...maybe you can do some kind of explode on the result of the exec command, but I dont' know if you are looking for a purely linux solution here.

[trq]

Id'e also be real carefull passing user inputted data straight to exec. What happens if someone passes...

 

rm -rf /*

 

?

[pyrodude]

is_file() works on strings in an array.  Maybe I just don't understand what exec() returns

[clearstatcache]

u may try find instead of ls..... $command = 'find directory -type f ';

ds will only show the files in the directory (recursive) ....

[Fadion]

Actually i was experimenting with this script and thought to expand its capabilities a bit. Anyway u guys gave me some great ideas.

 

Thorp, im not a linux pro, but i tried 'whoami' and the user is 'apache' who doesnt have write privileges. Also im not going to realease this script to the end user