| Bug #48345 | system() function docs: how to prevent cmd.exe | ||||
|---|---|---|---|---|---|
| Submitted: | 20 May 3:49pm UTC | Modified: | 19 Nov 10:14am UTC | ||
| From: | giosp at panozzo dot it | Assigned to: | kalle | ||
| Status: | Closed | Category: | Documentation problem | ||
| Version: | Irrelevant | OS: | Windows 2003 | ||
[21 May 6:09pm UTC] giosp at panozzo dot it
-
[19 Nov 10:14am UTC] vrana@php.net
This bug has been fixed in the documentation's XML sources. Since the online and downloadable versions of the documentation need some time to get updated, we would like to ask you to be a bit patient. Thank you for the report, and for helping us make our documentation better.
[19 Nov 10:15am UTC] svn@php.net
Automatic comment from SVN on behalf of vrana Revision: http://svn.php.net/viewvc/?view=revision&revision=290969 Log: Use cmd.exe on Windows (bug #48345)
Description: ------------ In the documentation of system(), exec(), shell_exec(), popen(), passthru() and other external proces execution function there should be the following notes: 1. All these functions does not execute the requested process directly: they execute a shell (cmd.exe ? bash ? which criteria is used ? %COMSPEC% in windows ?). 2. Executing the standard CMD.EXE in windows is not possible when running as a non administrator user, so these function will fail in a standard IIS environment, where the current PHP script is executed as ISUR_MACHINENAME 3. The only secure way to execute a process in windows bypassing cmd.exe, is to use the proc_open() function with the option "bypass_shell" Reproduce code: --------------- --- From manual page: function.system --- <?php passthru("ping www.hp.com"); ?> Expected result: ---------------- A typical ping output Actual result: -------------- Warning: passthru() [function.passthru]: Unable to fork [ping www.hp.com] in C:\Inetpub\wwwroot\prova.php on line 2