TechQA.

Using HTML with PHP and shell exec to search for files

2.4k views Asked by At

I am a complete beginner in PHP. I am trying to create a HTML/ PHP Script that will use the user input from an HTML form and than use php shell_exec to search for files with that input using the "find /var/www -Name " command.

I know how ro run a simple script with PHP, but I have no idea how do do that with user Input... Eg: "

<?php
    if (isset($_POST['button']))
    {
         exec('test.sh');
    }
?>
<html>
<body>
    <form method="post">
    <p>
        <button name="button">Run Script</button>
    </p>
    </form>
</body>

"

This is how far I've got. I've decided two make to files, one HTML, the second one the PHP script:

search.html

<html> 
<body>
<form action="search.php" method="post">
keyword: <input type="text" name="keyword"><br>
<input type="submit">
</form>
</body>
</html>

php script: search.php

    <html>
<body>

<?php shell_exec('find /var/www -Name "keyword"') $_POST["keyword"]; ?>
</body>
</html>
php html forms shell-exec
Original Q&A
2

There are 2 answers

0
n00dl3 On

This should do the trick :

<?php 
$keywords=$_POST["keyword"];
$result=shell_exec('find /var/www -Name "'.$keywords.'"');
echo '<pre>'.$result.'</pre>';
?>

BEWARE: it is a bad idea to use such a command, because you are using user input directly, user can run any kind of command on the server.

For example, if a user type "; rm -rf /var/www;echo " as search, it will delete the whole content of your /var/www folder. You'd better implement a php function that will do the same thing as your find command.

However, you MUST ALWAYS do sanitize any user input, everything that comes from the outside world is evil..

0
and93hil On

Got it:

<?php
$keyword=$_POST["keyword"];
$result=shell_exec(' find /var/www -name '.$keyword.'');
if (!isset($_POST['submit'])) { // if page is not submitted to itself echo the form
?>
<html>
<!DOCTYPE html>
<html>
<head>
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
</head>
<body>

<div class="container">

<div class="jumbotron">
  <h1>Search</h1> 

</div>

<div class="row">

<div class="col-md-4">
  <title>Search</title>
</head>

<body>
<form method="post" action="<?php echo $PHP_SELF;?>">
Suchen:<input type="text" size="12" maxlength="500" name="keyword"><br />
<input type="submit" value="submit" name="submit">
</form>
<?
} else {
echo " ".$result."<br />";

Related Questions in PHP

Related Questions in HTML

Related Questions in FORMS

Related Questions in SHELL-EXEC

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions