ID: 15157 Comment by: [EMAIL PROTECTED] Reported By: [EMAIL PROTECTED] Status: Analyzed Bug Type: Documentation problem Operating System: Linux (Debian) / Solaris 8 PHP Version: 4.1.0 New Comment:
We should better continue tomorrow... Good night! Oliver. Previous Comments: ------------------------------------------------------------------------ [2002-01-22 06:35:27] [EMAIL PROTECTED] None that I'm aware of at the moment, but I don't use safe_mode much so that doesn't necessarily mean anything. :) The other problem is that it's 3:33 in the morning here and I'm just about unable to think straight. For the time being, if you have access to the server configs, maybe you can just turn off safe_mode for that host? Good night, Torben ------------------------------------------------------------------------ [2002-01-22 06:30:28] [EMAIL PROTECTED] I forgot to mention, that in safe_mode the whois like Torben described didn't work. argdump returns, that "Dirk" and "Janssen" are different parameters. No solution for safe-mode? Oliver ------------------------------------------------------------------------ [2002-01-22 06:24:59] [EMAIL PROTECTED] You got it! When I disable the safe_mode, the following works: exec('whois -h whois.denic.de "Dirk Janssen"',$output); The little c-prog returns now (safe-mode off) the right output. But please tell me: Is it possible to execute a command like this whois-call in safe-mode? I don't get it to work! And if not, whats the solution? Thanx for the support, Oliver. ------------------------------------------------------------------------ [2002-01-22 06:10:22] [EMAIL PROTECTED] Hartmut, you should reread the bug report. Oliver, I'm reopening this and reclassifying it as a Documentation Problem. When safe_mode is on, the arguments are passed through a function which escapes potentially dangerous characters--including the quote characters. However, this behaviour does not appear to be documented anywhere. When I enable safe_mode, I get the result you describe. However, when I remove the quotes and use this: exec('whois -h whois.denic.de Dirk Janssen', $output); ...I get the proper result on line 14: [14] => % No entries found for the selected source: "Dirk Janssen" I take it you don't get the right result from an authorized server? Torben ------------------------------------------------------------------------ [2002-01-22 05:54:32] [EMAIL PROTECTED] please compile this little C program 'argdump' ---8<----- argdump.c -------------------------------- #include <stdio.h> #include <stdlib.h> int main(int argc, char **argv) { int i; for(i=0;i<argc;i++) printf("%d: %s\n",i,argv[i]); return EXIT_SUCCESS; } ---------------------------------------->8----------- and try the following PHP script (with argdump in $PATH) ---8<----- test.php -------------------------------- <?php function do_exec($cmd) { $res=array(); exec($cmd,$res); echo "\n\n$cmd\n"; print_r($res); } do_exec("argdump -h whois.denic.de Penelope\ Cruz"); do_exec("argdump -h whois.denic.de \"Penelope\ Cruz\""); do_exec("argdump -h whois.denic.de \"Penelope Cruz\""); do_exec("argdump -h whois.denic.de 'Penelope\ Cruz'"); do_exec("argdump -h whois.denic.de ".'"'."Penelope Cruz".'"'); ?> ---------------------------------------->8----------- my results are: argdump -h whois.denic.de Penelope\ Cruz Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope Cruz ) argdump -h whois.denic.de "Penelope\ Cruz" Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope\ Cruz ) argdump -h whois.denic.de "Penelope Cruz" Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope Cruz ) argdump -h whois.denic.de 'Penelope\ Cruz' Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope\ Cruz ) argdump -h whois.denic.de "Penelope Cruz" Array ( [0] => 0: argdump [1] => 1: -h [2] => 2: whois.denic.de [3] => 3: Penelope Cruz ) on *both* linux (SuSE 7.3) and Solaris (SunOS 5.5.1 and 5.7) ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/?id=15157 Edit this bug report at http://bugs.php.net/?id=15157&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]