Geek Answers Handbook

How to execute .exe program by php script

I want to execute a .exe file on my Apache server using a PHP script. The procedure is as follows:

  • user comes in, fill out an html form

  • it goes to php script

  • PHP script executes name.exe file

  • php displays the output of the name.exe file on the page.

I usually run the name.exe file from such windows:

run--> cmd--> D:\name [command]

name.exe needs to exchange data with other files, such as libraries in the same directory.

The full cmd command in windows looks like this:

D:\name library.dll [input from user]

then the program executes and prints some results in the cmd window.

I really want to run this program on my server, having formed my clients. I do not know how, but now I have a way to do this.

Another related question: is there any shell that I can install on the Linux server and execute the name.exe file in it?

+6
php
source share
5 answers

Please rethink your solution, as this is likely to cause more problems (especially security problems) than it solves. Having a PHP script execute your program, you run the risk of entering the user in the following form:

 John Doe; rm \windows\*

or

 John Doe; rm d:\name\*

You want to limit user input to a very controlled subset so that you do not enter a malicious command.

PHP does provide exec() , but be very careful.

+6
source share

You probably want passthru () or exec () .

As for Linux, if name.exe works well under WINE , you probably want to use passthru() or shell_exec () and call WINE to run name.exe . I do not know what name.exe is, so even if it works under WINE, there is no guarantee that it will really work.

There is, however, a magic shell that allows Linux to execute arbitrary Windows executables.

As already noted, be very careful what you allow before exec() or passthru() or anything else that executes code outside the script. I am not going to say that you probably should not do everything that you do, but I am not working on what you are working on.

+2
source share

Before sending to a command, you should avoid escapeshellarg typing .

 $saferinput = escapeshellarg($input); system('D:\name library.dll '.$saferinput);
+2
source share

This is a very bad idea. In addition to the need to provide funny permissions to the user account on which your web server is running, which actually gives someone the opportunity to visit your site to run executable files, you risk thread safety problems, problems with blocking the file system and others.

If you absolutely must use this exe, create a queue system. Let your site send a form request to a convenient repository (say, a database) and periodically conduct a database survey to start this process. This allows you to separate user accounts and related permissions for the website and exe, eliminates any concurrency issues and reduces the response delay for your website.

Some languages ​​(cough) allow you to create this service and the code of your site in one language / technology, but in this case you will have to tear out .NET or another compiled language to create such a service,

0
source share

I think we can do this by connecting to the server using PHP SSH. There is a library ( http://phpseclib.sourceforge.net/ ) that allows you to connect to the server via SSH. I used to try to connect to the server using telnet and execte.exe. But my school administrator blocked telnet for security reasons, so I need to work on ssh.

0
source share

More articles:


All Articles