{"id":574,"date":"2012-10-18T14:05:16","date_gmt":"2012-10-18T14:05:16","guid":{"rendered":"https:\/\/raspberry-projects.com\/pi\/?p=574"},"modified":"2016-02-03T17:05:00","modified_gmt":"2016-02-03T17:05:00","slug":"web-interfaces","status":"publish","type":"post","link":"https:\/\/raspberry-projects.com\/pi\/programming-in-c\/tcpip\/web-interfaces","title":{"rendered":".General PHP Code Tricks"},"content":{"rendered":"

\nIssuing Commands From Web Pages
\n<\/h4>\n

\nIf you install a PHP web server on your RPi<\/a> you can issue commands using the PHP system() function.\n<\/p>\n

\nExamples:\n<\/p>\n

\r\n\r\n\/\/Echo some system status:\r\n\techo '<pre>';\r\n\tsystem('netstat -a');\r\n\techo '<\/pre>';\r\n\/\/Run an executable file:\r\n\techo '<pre>';\r\n\tsystem("sudo \/home\/pi\/projects\/my_project.a");\t\t\/\/system() will echo the output of the executable, use shell_exec() instead if you don't want this\r\n\techo '<\/pre>';\r\n<\/code>\r\n<\/pre>\n
\nWARNING!! When allowing user-supplied data to be passed use escapeshellarg() or escapeshellcmd() to ensure that users cannot trick the system into executing arbitrary commands.<\/em><\/strong>\n<\/p>\n
\nsystem()\n<\/p>\n
\nAlso echo's the output of the command to the web page\n<\/p>\n
\nshell_exec()\n<\/p>\n
\nDoes not echo the output of the command and returns you all of the output\n<\/p>\n
\nexec()\n<\/p>\n
\nDoes not echo the output of the command but returns only the last line of any output\n<\/p>\n
\n \n<\/p>\n
\nIf it doesn't work\n<\/p>\n
\nTry adding this to the end of your command: 2>&1
\nFor example: sudo fping -c1 -t750 192.168.1.1 2>&1
\nThis will cause error text to be returned\n<\/p>\n
\nIssuing commands in the background\n<\/p>\n
\nYou can't just add the '&' character to the end of commands In PHP, because all calls are always waiting for the command to return.  There's a good post in the issue here: http:\/\/phaq.phunsites.net\/2012\/01\/18\/run-command-in-background-from-php\/<\/a>\n<\/p>\n
\nTo fix it you need to direct the console output to a file instead and just adding this to the end of a command will do that:  > \/dev\/null 2>&1 & echo $!\n<\/p>\n
\nThe following example issues a reboot command after a 2 second delay (you need to add the command to sudoeres for it to work – see below) and does it in the background so that the page is loaded before the reboot is actioned:\n<\/p>\n
\r\n\r\n<?php\r\n\t\/\/----- DO THE REBOOT -----\r\n\t\t\/\/THIS SUDO COMMAND HAS AUTHORISED FOR APACHE TO USE IN THE FILE: sudo nano \/etc\/sudoers\r\n\t\t\/\/\t# Special for this system - let apache run exes we use in the web interface\r\n\t\t\/\/\twww-data ALL=NOPASSWD: \/sbin\/reboot\r\n\techo '<pre>';\r\n\tsystem("(sleep 2 ; sudo \/sbin\/reboot ) > \/dev\/null 2>&1 & echo $!");\r\n\techo '<\/pre>';\r\n?>\r\n<\/code><\/pre>\n
\nIssuing sudo commands
\n<\/h5>\n
\nApache will typically run using account www-data and this account is not permitted to use sudo.  If you need to use sudo you need to enable this, but you don't want to simply give www-data global sudo access. If a malicious script is uploaded to your web server and gets executed this opens a massive security risk. The more secure approach is to restrict it to only the commands that you actually use in your own scripts.\n<\/p>\n
\nYou can use this command to open the sudoers file:\n<\/p>\n
\r\n\r\nsudo nano \/etc\/sudoers\r\n<\/code><\/pre>\n
\nBE VERY CAREFUL TO COPY THIS FILE BEFORE YOU CHANGE IT – IF YOU MAKE AN ERROR YOU CAN STOP YOURSELF BEING ABLE TO OPEN THE FILE USING SUDO (changes to it are instant)!\n<\/p>\n
\nAn example enabling it to run a single executible, add this to the end of the file:\n<\/p>\n
\r\n\r\nwww-data ALL=NOPASSWD: \/home\/pi\/some_executable_name\r\n<\/code><\/pre>\n
\nAn example enabling it to run several different executables, add this to the end of the file:\n<\/p>\n
\r\n\r\nwww-data ALL=NOPASSWD: \/home\/pi\/some_executable_name, \/home\/pi\/some_executable_name some_option, \/home\/pi\/some_other_executable_name\r\n<\/code><\/pre>\n
\nPassing $_POST Data To A Running Application
\n<\/h5>\n
\nThere is a really useful way of using the PHP system function to pass data to a running application on your RPi (e.g. your own application doing something with the IO) if you create a FIFO within it<\/a>.  Then you can use use a web page like this to pass it data from a form or $_POST input:\n<\/p>\n
\r\n\r\n-<!DOCTYPE html PUBLIC "-\/\/W3C\/\/DTD XHTML 1.0 Transitional\/\/EN" "http:\/\/www.w3.org\/TR\/xhtml1\/DTD\/xhtml1-transitional.dtd">\r\n<html xmlns="http:\/\/www.w3.org\/1999\/xhtml">\r\n<head>\r\n<meta http-equiv="Content-Type" content="text\/html; charset=utf-8" \/>\r\n<title>My Page<\/title>\r\n<\/head>\r\n<body>\r\n<?php\r\n\tif ($_POST['Command'])\r\n\t{\r\n\t\t$Command = trim($_POST['Command']);\r\n\t\techo "Command received: $Command<br \/>";\r\n\t\tsystem("sudo sh -c 'echo \\"". escapeshellarg($Command) . "\\" > \/tmp\/my_fifo'");\r\n\t}\r\n?>\r\n\r\n<div align="center">\r\n  <form id="form1" name="form1" method="post" action="">\r\n    <p>\r\n      <label for="Command">Command:<\/label>\r\n      <input type="text" name="Command" id="Command" size="80" \/>\r\n      <input type="submit" name="Send" id="Send" value="Send" \/>\r\n    <\/p>\r\n  <\/form>\r\n<\/div>\r\n<\/body>\r\n<\/html>\r\n\r\n<\/code><\/pre>\n
\nEscaping user supplied data – IMPORTANT!
\n<\/h5>\n
\nWhen allowing user-supplied data to be passed to the system() function, ensure you use escapeshellarg() or escapeshellcmd() so that users can't trick the system into executing arbitrary commands.\n<\/p>\n
\nConfirming which user apache is running as
\n<\/h4>\n
\r\n\r\n<?php\r\necho exec('whoami');\r\n?>\r\n<\/code><\/pre>\n
\n \n<\/p>\n
\n \n<\/p>\n
\n \n<\/p>\n
\n <\/p>\n","protected":false},"excerpt":{"rendered":"
Issuing Commands From Web Pages If you install a PHP web server on your RPi you can issue commands using the PHP system() function. Examples: \/\/Echo some system status: echo '<pre>'; system('netstat -a'); echo '<\/pre>'; \/\/Run an executable file: echo '<pre>'; system("sudo \/home\/pi\/projects\/my_project.a"); \/\/system() will echo the output of the executable, use shell_exec() instead if […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[123,31,34],"tags":[],"class_list":["post-574","post","type-post","status-publish","format-standard","hentry","category-php-code-bits","category-tcpip","category-web-servers"],"_links":{"self":[{"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/posts\/574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/comments?post=574"}],"version-history":[{"count":26,"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/posts\/574\/revisions"}],"predecessor-version":[{"id":2512,"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/posts\/574\/revisions\/2512"}],"wp:attachment":[{"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/media?parent=574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/categories?post=574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/raspberry-projects.com\/pi\/wp-json\/wp\/v2\/tags?post=574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}