|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2005-07-12 16:44 UTC] richard dot quadling at bandvulc dot co dot uk
Description:
------------
Hi.
I have a LOT of php scripts which are launched via Windows task scheduler. They are executed using php-win.exe.
Nothing wrong so far.
Some of the scripts run other programs (e.g. WinRAR, NSLookup).
When these programs are launched, a black window (the console window) appears.
This is REALLY bad. This takes focus away from what I am doing.
I'm using the php-win.exe which is supposed to NOT supply a console box.
Now.
Having looked at the source, I see that when an external application is called, it is invoked via the system command line interpreter. I've seen the various discussions about this and its security implications.
Personally, I'd rather the command shell was NOT loaded, but ...
The real issue for me is that the command shell is launched and creates a window.
I suggest the following changes to the PHP source.
/* $Id: tsrm_win32.c,v 1.26 2004/01/08 08:14:03 andi Exp $ */
Line 214
if (!CreateProcess(NULL, cmd, &security, &security, security.bInheritHandle, NORMAL_PRIORITY_CLASS, env, cwd, &startup, &process)) {
becomes
if (!CreateProcess(NULL, cmd, &security, &security, security.bInheritHandle, NORMAL_PRIORITY_CLASS | CREATE_NO_WINDOW, env, cwd, &startup, &process)) {
/* $Id: proc_open.c,v 1.35 2005/07/01 06:49:29 hyanantha Exp $ */
Line 748
newprocok = CreateProcess(NULL, command_with_cmd, &security, &security, TRUE, NORMAL_PRIORITY_CLASS, env.envp, cwd, &si, &pi);
becomes
newprocok = CreateProcess(NULL, command_with_cmd, &security, &security, TRUE, NORMAL_PRIORITY_CLASS | CREATE_NO_WINDOW, env.envp, cwd, &si, &pi);
static const char rcsid[] = "$Id: os_win32.c,v 1.6 2002/10/13 07:23:17 shane Exp $";
Line 1260 to 1269
success = CreateProcess(execPath, /* LPCSTR address of module name */
NULL, /* LPCSTR address of command line */
NULL, /* Process security attributes */
NULL, /* Thread security attributes */
TRUE, /* Inheritable Handes inherited. */
0, /* DWORD creation flags */
env, /* Use parent environment block */
NULL, /* Address of current directory name */
&StartupInfo, /* Address of STARTUPINFO */
pInfo); /* Address of PROCESS_INFORMATION */
becomes
success = CreateProcess(execPath, /* LPCSTR address of module name */
NULL, /* LPCSTR address of command line */
NULL, /* Process security attributes */
NULL, /* Thread security attributes */
TRUE, /* Inheritable Handes inherited. */
NORMAL_PRIORITY_CLASS | CREATE_NO_WINDOW, /* DWORD creation flags */
env, /* Use parent environment block */
NULL, /* Address of current directory name */
&StartupInfo, /* Address of STARTUPINFO */
pInfo); /* Address of PROCESS_INFORMATION */
Ideally, the CREATE_NO_WINDOW should only be added (or OR'd :-)) if the executable is not the normal php.exe (i.e. ISAPI, CGI, php-win.exe, etc).
Regards,
Richard Quadling.
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Nov 21 13:01:29 2024 UTC |
Patches for this... Index: tsrm_win32.c =================================================================== RCS file: /repository/TSRM/tsrm_win32.c,v retrieving revision 1.31 diff -u -r1.31 tsrm_win32.c --- tsrm_win32.c 20 Mar 2007 17:57:44 -0000 1.31 +++ tsrm_win32.c 22 Mar 2007 15:39:50 -0000 @@ -219,7 +219,7 @@ cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c ")); sprintf(cmd, "%s /c %s", TWG(comspec), command); - if (!CreateProcess(NULL, cmd, &security, &security, security.bInheritHandle, NORMAL_PRIORITY_CLASS, env, cwd, &startup, &process)) { + if (!CreateProcess(NULL, cmd, &security, &security, security.bInheritHandle, NORMAL_PRIORITY_CLASS | CREATE_NO_WINDOW, env, cwd, &startup, &process)) { return NULL; } free(cmd); and Index: proc_open.c =================================================================== RCS file: /repository/php-src/ext/standard/proc_open.c,v retrieving revision 1.54 diff -u -r1.54 proc_open.c --- proc_open.c 24 Feb 2007 16:25:55 -0000 1.54 +++ proc_open.c 22 Mar 2007 15:39:17 -0000 @@ -738,11 +738,11 @@ } if (bypass_shell) { - newprocok = CreateProcess(NULL, command, &security, &security, TRUE, NORMAL_PRIORITY_CLASS, env.envp, cwd, &si, &pi); + newprocok = CreateProcess(NULL, command, &security, &security, TRUE, NORMAL_PRIORITY_CLASS | CREATE_NO_WINDOW, env.envp, cwd, &si, &pi); } else { spprintf(&command_with_cmd, 0, "%s /c %s", GetVersion() < 0x80000000 ? COMSPEC_NT : COMSPEC_9X, command); - newprocok = CreateProcess(NULL, command_with_cmd, &security, &security, TRUE, NORMAL_PRIORITY_CLASS, env.envp, cwd, &si, &pi); + newprocok = CreateProcess(NULL, command_with_cmd, &security, &security, TRUE, NORMAL_PRIORITY_CLASS | CREATE_NO_WINDOW, env.envp, cwd, &si, &pi); efree(command_with_cmd); }