shell cript in php code

75 views Asked by At

I have a web interface that it help me to create a profile using command in shell but actually I have something wrong in my code because my value entered in my web interface wasn't recognize in the shell srcipt this is my source code:

index.php:

<div class="inputbox">
<form id="createProfile" name="createProfile">
<label for="channelName">Group Name</label>
<br/>
<input type="text" id="groupName" name="groupName" />
<br/>
<label for="profileName">Profile Name</label>
<br/>
<input type="text" id="profileName" name="profileName" />
<input type="button" value="Create Profile" onclick="createUser()" />
</form>
</div>

script.js

function createUser(){
        if ($('#groupName').val() != '' && $('#profileName').val() != ''){
                     $.ajax({
                                type:'post',
                                url: 'addProfile.php',
                                data:{group_name:$('#groupName').val()+'/'+$('#profileName').val()},
                                cache:false,
                                success: function(returndata){
                                                                $('#profilesList').append('<option value="'+ $('#groupName').val()+'/'+$('#profileName').val() +'">' + $('#groupName').val()+'/'+$('#profileName').val() + '</option>');
                                 alert('profile added');
                                }
                        });
        }
        else{
        alert('you must enter both group name and profile name');
        }
}

addprofile.php

<?php
$var='.$_POST['group_name'].';
$output1=shell_exec('/etc/init.d/nfsen --add-profile $var  expire=0 maxsize=0 shadow=1');
echo "<pre>$output1</pre>";
?>

Can you provide me what's wrong in my code?

1

There are 1 answers

0
Travis Hegner On

In your PHP code you are using ' to delimit your string. If you want $var to be expanded into it's value, you must use " as your string delimiter or terminate the string and concat it like this: 'string start '.$var.' string end'.

Also, please be very careful about security here if this application is public. It would be very easy to submit a group_name that could execute any shell command.

EDIT: As pointed out by @Tool in the comment of your question, the $var= line needs to be adjusted for the same reason.