Program Execution Those functions provides means to executes commands on the system itself, and means secure such commands. Those functions are also closely related to the backtick operator. escapeshellarg escape a string to be used as a shell argument stringescapeshellarg stringarg escapeshellarg adds single quotes around a string and quotes/escapes any existing single quotes allowing you to pass a string directly to a shell function and having it be treated as a single safe argument. This function should be used to escape individual arguments to shell functions coming from user input. The shell functions include exec, system and the backtick operator. A standard use would be: See also exec, popen, system, and the backtick operator. escapeshellcmd escape shell metacharacters stringescapeshellcmd stringcommand escapeshellcmd escapes any characters in a string that might be used to trick a shell command into executing arbitrary commands. This function should be used to make sure that any data coming from user input is escaped before this data is passed to the exec or system functions, or to the backtick operator. A standard use would be: See also escapeshellarg, exec, popen, system, and the backtick operator. exec Execute an external program stringexec stringcommand stringarray intreturn_var exec executes the given command, however it does not output anything. It simply returns the last line from the result of the command. If you need to execute a command and have all the data from the command passed directly back without any interference, use the passthru function. If the array argument is present, then the specified array will be filled with every line of output from the command. Note that if the array already contains some elements, exec will append to the end of the array. If you do not want the function to append elements, call unset on the array before passing it to exec. If the return_var argument is present along with the array argument, then the return status of the executed command will be written to this variable. If you are going to allow data coming from user input to be passed to this function, then you should be using escapeshellarg or escapeshellcmd to make sure that users cannot trick the system into executing arbitrary commands. If you start a program using this function and want to leave it running in the background, you have to make sure that the output of that program is redirected to a file or some other output stream or else PHP will hang until the execution of the program ends. See also system, passthru, popen, escapeshellcmd, and the backtick operator. passthru Execute an external program and display raw output voidpassthru stringcommand intreturn_var The passthru function is similar to the exec function in that it executes a command. If the return_var argument is present, the return status of the Unix command will be placed here. This function should be used in place of exec or system when the output from the Unix command is binary data which needs to be passed directly back to the browser. A common use for this is to execute something like the pbmplus utilities that can output an image stream directly. By setting the Content-type to image/gif and then calling a pbmplus program to output a gif, you can create PHP scripts that output images directly. If you are going to allow data coming from user input to be passed to this function, then you should be using escapeshellarg or escapeshellcmd to make sure that users cannot trick the system into executing arbitrary commands. If you start a program using this function and want to leave it running in the background, you have to make sure that the output of that program is redirected to a file or some other output stream or else PHP will hang until the execution of the program ends. See also exec, system, popen, escapeshellcmd, and the backtick operator. proc_close Close a process opened by proc_open and return the exit code of that process. intproc_close resourceprocess proc_close is similar to popen except that it only works on processes opened by proc_open. proc_close waits for the process to terminate, and returns it's exit code. If you have open pipes to that process, you should fclose them prior to calling this function in order to avoid a deadlock - the child process may not be able to exit while the pipes are open. proc_open Execute a command and open file pointers for input/output resourceproc_open stringcmd arraydescriptorspec arraypipes proc_open is similar to popen but provides a much greater degree of control over the program execution. cmd is the command to be executed by the shell. descriptorspec is an indexed array where the key represents the descriptor number and the value represents how PHP will pass that descriptor to the child process. pipes will be set to an indexed array of file pointers that correspond to PHP's end of any pipes that are created. The return value is a resource representing the process; you should free it using proc_close when you are finished with it. array("pipe", "r"), // stdin is a pipe that the child will read from 1 => array("pipe", "w"), // stdout is a pipe that the child will write to 2 => array("file", "/tmp/error-output.txt", "a"), // stderr is a file to write to ); $process = proc_open("php", $descriptorspec, $pipes); if (is_resource($process)) { // $pipes now looks like this: // 0 => writeable handle connected to child stdin // 1 => readable handle connected to child stdout // Any error output will be appended to /tmp/error-output.txt fwrite($pipes[0], ""); fclose($pipes[0]); while(!feof($pipes[1])) { echo fgets($pipes[1], 1024); } fclose($pipes[1]); // It is important that you close any pipes before calling // proc_close in order to avoid a deadlock $return_value = proc_close($process); echo "command returned $return_value\n"; } ]]> The file descriptor numbers in descriptorspec are not limited to 0, 1 and 2 - you may specify any valid file descriptor number and it will be passed to the child process. This allows your script to interoperate with other scripts that run as "co-processes". In particular, this is useful for passing passphrases to programs like PGP, GPG and openssl in a more secure manner. It is also useful for reading status information provided by those programs on auxillary file descriptors. Windows compatibility: Descriptors beyond 2 (stderr) are made available to the child process as inheritable handles, but since the Windows architecture does not associate file descriptor numbers with low-level handles, the child process does not (yet) have a means of accessing those handles. Stdin, stdout and stderr work as expected. This function was introduced in PHP 4.3.0. If you only need a uni-directional (one-way) process pipe, use popen instead, as it is much easier to use. See also exec, system, passthru, popen, escapeshellcmd, and the backtick operator. system Execute an external program and display output stringsystem stringcommand intreturn_var system is just like the C version of the function in that it executes the given command and outputs the result. If a variable is provided as the second argument, then the return status code of the executed command will be written to this variable. If you are going to allow data coming from user input to be passed to this function, then you should be using escapeshellarg or escapeshellcmd to make sure that users cannot trick the system into executing arbitrary commands. If you start a program using this function and want to leave it running in the background, you have to make sure that the output of that program is redirected to a file or some other output stream or else PHP will hang until the execution of the program ends. The system call also tries to automatically flush the web server's output buffer after each line of output if PHP is running as a server module. Returns the last line of the command output on success, and &false; on failure. If you need to execute a command and have all the data from the command passed directly back without any interference, use the passthru function. See also exec, passthru, popen, escapeshellcmd, and the backtick operator. shell_exec Execute command via shell and return complete output as string stringshell_exec stringcmd This function is identical to the backtick operator.