- PHP exec — check if enabled or disabled
- Solution 3
- Solution 4
- Solution 5
- PHP exec — check if enabled or disabled
- Php Solutions
- Solution 1 — Php
- Solution 2 — Php
- Solution 3 — Php
- Solution 4 — Php
- Solution 5 — Php
- Solution 6 — Php
- Solution 7 — Php
- Solution 8 — Php
- Solution 9 — Php
- Solution 10 — Php
- PHP Exec — Check If Enabled or Disabled
- how to test if PHP system() function is allowed? and not turned off for security reasons
- PHP exec enabled?
- exec function is not working in PHP
- Safety of having exec() enabled
- Check if command exists from PHP
- How do you check if a command exists?
- Cross platform compatibility
- Knowing if a command is executable
- Links
PHP exec — check if enabled or disabled
This will check if the function actually works (permissions, rights, etc):
Solution 3
ini_get(‘disable_functions’)
What you actually want to do is use ini_get(‘disable_functions’) to find out if it is available to you:
Answered on stackoverflow here: Check if «exec» is disabled, Which actually seems to come from the PHP Man page: http://php.net/manual/en/function.exec.php#97187
If the above returns true (you can use exec()), but PHP can still not trigger the script there is a good chance that you have a path issue for that script, test this by doing:
Solution 4
This will check that exec is available and enabled BEFORE trying to run it. If you run exec() and the function does not exist or is disabled a warning will be generated. Depending on the server settings that may render to the browser and will almost-always write a line to a log file = performance hit.
// Exec function exists. // Exec is not disabled. // Safe Mode is not on. $exec_enabled = function_exists('exec') && !in_array('exec', array_map('trim', explode(', ', ini_get('disable_functions')))) && strtolower(ini_get('safe_mode')) != 1 ; if($exec_enabled) Solution 5
It’s a bit tricky to find exec function available until unless checking all possibilities
2.Scanning through ini_get(‘disabled_functions)
3.Checking safe_mode enabled
function is_shell_exec_available() < if (in_array(strtolower(ini_get('safe_mode')), array('on', '1'), true) || (!function_exists('exec'))) < return false; >$disabled_functions = explode(',', ini_get('disable_functions')); $exec_enabled = !in_array('exec', $disabled_functions); return ($exec_enabled) ? true : false; > This function never throws warnings unless ini_get function not disabled.
PHP exec — check if enabled or disabled
Is there a way to check in a php script if exec() is enabled or disabled on a server?
Php Solutions
Solution 1 — Php
This will check if the function actually works (permissions, rights, etc):
if(@exec('echo EXEC') == 'EXEC')< echo 'exec works'; > Solution 2 — Php
if(function_exists('exec')) < echo "exec is enabled"; > Solution 3 — Php
ini_get(‘disable_functions’)
What you actually want to do is use ini_get(‘disable_functions’) to find out if it is available to you:
function exec_enabled( ) < $disabled = explode(',', ini_get('disable_functions')); return !in_array('exec', $disabled); > ?> If the above returns true (you can use exec()), but PHP can still not trigger the script there is a good chance that you have a path issue for that script, test this by doing:
Solution 4 — Php
This will check that exec is available and enabled BEFORE trying to run it. If you run exec() and the function does not exist or is disabled a warning will be generated. Depending on the server settings that may render to the browser and will almost-always write a line to a log file = performance hit.
// Exec function exists. // Exec is not disabled. // Safe Mode is not on. $exec_enabled = function_exists('exec') && !in_array('exec', array_map('trim', explode(', ', ini_get('disable_functions')))) && strtolower(ini_get('safe_mode')) != 1 ; if($exec_enabled) < exec('blah'); > Solution 5 — Php
It’s a bit tricky to find exec function available until unless checking all possibilities
2.Scanning through ini_get(‘disabled_functions)
3.Checking safe_mode enabled
function is_shell_exec_available( ) < if (in_array(strtolower(ini_get('safe_mode')), array('on', '1'), true) || (!function_exists('exec'))) < return false; > $disabled_functions = explode(',', ini_get('disable_functions')); $exec_enabled = !in_array('exec', $disabled_functions); return ($exec_enabled) ? true : false; > This function never throws warnings unless ini_get function not disabled.
Solution 6 — Php
I am assuming that you are running this on a linux server.
You could test the exec function by running the following php script:
This will return the command whoami.
If it errors out, it is because the exec function could not run.
Solution 7 — Php
if(strpos(ini_get('disable_functions'),'ini_set')===false) @ini_set('display_errors',0); Solution 8 — Php
This is some ugly code I made to detect if a function is enabled or not.
function is_enabled($f) < if($f=='ini_get')return@ini_get('a')===false; return(($l=@ini_get('disable_functions'))===null||!is_callable($f)||!function_exists($f)||!in_array($f,array_map('trim',explode(',',$l))); > //Usage example: print_r(is_enabled('str_split'));//true or null if ini_get() is disabled Solution 9 — Php
(Based on other responses) To check if exec exists and services are running:
function isRunning($serviceName) < return exec('pgrep '.$serviceName); > if (@exec('echo EXEC') == 'EXEC') < $services = [ 'mysql', 'nginx', 'redis', 'supervisord', ]; foreach ($services as $service) < if (isRunning($service)) < echo $service.' service is running.
'; > else < echo $service.' service is down.
'; > > > // mysql service is running. // nginx service is running. // redis service is running. // supervisord service is down. Solution 10 — Php
if (in_array('exec', preg_split('/\s*,\s*/', ini_get('disable_functions')) < echo "exec is disabled"; > PHP Exec — Check If Enabled or Disabled
First check that it’s callable and then that it’s not disabled:
This general approach works for any built in function, so you can genericize it:
function isEnabled($func) return is_callable($func) && false === stripos(ini_get('disable_functions'), $func);
>
if (isEnabled('shell_exec')) shell_exec('echo "hello world"');
> Note to use stripos , because PHP function names are case insensitive.
how to test if PHP system() function is allowed? and not turned off for security reasons
Well, there’s only two ways it can be disabled: safe_mode or disable_functions .
So you can do a check like:
function isAvailable($func) if (ini_get('safe_mode')) return false;
$disabled = ini_get('disable_functions');
if ($disabled) $disabled = explode(',', $disabled);
$disabled = array_map('trim', $disabled);
return !in_array($func, $disabled);
>
return true;
> Oh, and function_exists should return true, since it’s a core function (otherwise you could forge a core function and cause some real havoc on a host). Therefore is_callable should also return true (since the function does exist). So the only ways to tell, are to check the ini settings, or to actually call it.
Edit: One other thing to note, there are several of ways to execute shell commands. Check out:
PHP exec enabled?
It was suhosin blacklist and can be checked with following code
exec function is not working in PHP
okay, it was a file permission issue. www-data had not the permission to write the file, after changing the permission it’s working now.
Safety of having exec() enabled
As long as you are the only one with access to the server, it is secure. The problem however occurs when somebody manages to get access to your server. This can be for several reasons, like stupid mistakes in coding, unknowningly creating holes, you lose your password, etc.
If you have exec enabled and somebody does manage to gain access, he can do almost anything with your server. Thats why its disabled in most environments. And i advise you to keep it that way.
If ping is what you want to do, check out how-to-ping-a-server-with-php
Check if command exists from PHP
Knowing if a command exists before trying to call it from a PHP script is a useful way to prevent errors; testing if a command exists can be done using the command -v utility in linux, and where in Windows.
A command is a small program that is available on a system, and that can be called from a command prompt. For example, when on a Windows system commands may be called from cmd.exe, while on Linux, commands may be called from a terminal.
Sometimes you may want to invoke a command from within a PHP script using a function like shell_exec, but what if a command does not exist on the system? The problem is that it can be hard to know which commands are available to be used. In many cases it is simply best to find PHP-alternatives; if you need to convert an image, you might be able to use the GD library extension.
It is not that there is anything wrong with calling external commands, you should just be careful, and always validate user input before sending it to shell_exec and related functions.
How do you check if a command exists?
It turns out you can use the command -v [command name] utility to check if other commands exists on the system, and this is the «standard» way of doing it in Linux and bash scripting. I even used it in project humanize.
The command utility can be used to execute a command, but also to return the path for an existing command.
A path to the executable file will be returned when you use it with the -v parameter, or NULL if the utility did not produce any output.
Knowing this, we can now create our own command_exists() function:
/** * Checks if a command exist on a typical Linux system * @param mixed $command_name * @return bool */ public function command_exists($command_name) return (null === shell_exec("command -v $command_name")) ? false : true; >
This function can then be used as any other *_exists function in PHP:
if (false === command_exists('convert')) throw new Exception("The required command 'convert' does not appear to exist on the system."); > $command = "convert this.jpeg that.avif"; $result = shell_exec(escapeshellcmd($command));
Cross platform compatibility
For this to work on both Linux and Windows, we should examine the PHP_OS constant variable. This constant contains the operating system that PHP is running under, which we can use to determine a method to tell if a command is available.
Windows systems used the where utility, while Linux typically uses the command -v utility.
Here is one way to determine which method to use:
if (false === stripos(PHP_OS, 'linux')) $test_method = 'command -v'; > else if (false === stripos(PHP_OS, 'win')) throw new Exception('This OS is not supported.'); > else $test_method = 'where'; > if (null === shell_exec("$test_method $command_name")) echo 'Command not found!'; exit(); > else echo 'Command was found.'; exit(); >
/** * Checks if a command exist. Works for both Windows and Linux systems * @param mixed $command_name * @return bool */ public function command_exists($command_name) $test_method = (false === stripos(PHP_OS, 'win')) ? 'command -v' : 'where'; return (null === shell_exec("$test_method $command_name")) ? false : true; >
However, testing for cross platform compatibility is almost completely irrelevant in this case, since you are not going to have the same commands available for Windows that you do for your typical Linux distribution anyway.
Knowing if a command is executable
Of course, knowing whether a command is also executable may be important, but unfortunately that is not possible from PHP alone. My guess is that knowing whether a command is also executable is going to be irrelevant for most uses, but if needed, you could just use a helper .sh helper script.
The PHP is_executable only works under some circumstances; indeed, it might return false even for commands that are executable.
I used a similar technique in project humanize:
#!/bin/bash # # Helper script to check for dependencies # # This script can be placed in /usr/local/bin/ # # script author: JacobSeated # |>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>| # |>>>>>>>Execute>>>>>>>>>>>>>>>>>>>>>>>>| # |>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>| if [ "$1" = "" ] then printf "\n Error: Missing required command line parameter: [command name]\n\n" exit 1 fi if [ ! -x "$(command -v $1)" ] then printf "\n This script requires \"$1\" to be installed. Exiting.\n\n" # Exit with 2 = Missing keyword or command, or permission problem. # See also: http://www.tldp.org/LDP/abs/html/exitcodes.html # A zero code indicates success, while a value higher than zero indicates an error exit 2 fi