13

How do we determine which user the php script is running under when I run the script on server? Is it running under the same user as apache or phpmyadmin by chance? My question maybe wrongly framed but I want to know which user so that I set appropriate permission for different folders in /var

Travis Pessetto
  • 3,260
  • 4
  • 27
  • 55
Shagun Sodhani
  • 3,535
  • 4
  • 30
  • 41

5 Answers5

29

Execute whoami:

<?php echo exec('whoami'); ?>
Wrikken
  • 69,272
  • 8
  • 97
  • 136
jpiasetz
  • 1,692
  • 4
  • 21
  • 35
  • Hmm second person downvote after it was edited. As it stands this does work see http://stackoverflow.com/questions/7771586/how-to-check-what-user-php-is-running-as – jpiasetz Jun 18 '12 at 21:40
  • 1
    Hehe, edited it just to be able to remove my downvote (it is locked after a certain time..) – Wrikken Jun 18 '12 at 22:44
  • Thanks :). I wasn't really complaining about yours. You were right lol. – jpiasetz Jun 18 '12 at 22:58
  • While this works it isn't a particularly effective solution, and the solution below it using posix_getpwuid(posix_geteuid()) is both more efficient and able to work on servers with shell exec locked down. – Brian C Dec 01 '14 at 07:51
  • I prefer the `id` command myself, you'll get an output like this: `uid=1004(testsite) gid=1005(testsite) groups=1005(testsite),1004(sftp)` – Luke Antins Sep 26 '15 at 13:57
9

If you have posix functions available (enabled by default in most Linux-based environments) then you can use posix_geteuid and posix_getpwuid to get the name of the user (at least in non-Windows environments) like so:

$pwu_data = posix_getpwuid(posix_geteuid());
$username = $pwu_data['name'];

Another (more expensive) way to do it would be to use a shell-executing function like exec to run whoami:

$username = exec('whoami');

or even the backticks (although you may need to trim the linebreak off):

$username = `whoami`;

I personally have only ever needed to get the username of the user running the script for PHP scripts that run in the shell (on the command-line). Typically, scripts that run in the process of building the response to a request that the web server is handling will be run as the web server user, such as www-data, apache, etc. In Apache, the user that runs the apache/httpd processes is set with the User directive.

Important note: get_current_user does NOT give you the username of the user running the script, but instead gives you the OWNER of the script. Some of the answers here (appropriately down-voted) are suggesting to use get_current_user, but that will not give you the username of the user running the current script.

ghbarratt
  • 11,496
  • 4
  • 41
  • 41
-1

Do not use "whoami". When you execute a process the user will not necessarily be the same as the effective user during running of a script. But in any case "id" would provide much more useful information. Instead call get_current_user(). So simple!

Jay
  • 1
-3

Use this:

echo get_current_user();

Make sure to read the comments because it looks like this answer doesn't actually do what you want.

BonsaiOak
  • 27,741
  • 7
  • 30
  • 54
  • 5
    This is actually the "owner of the current PHP script" as per http://php.net/manual/en/function.get-current-user.php – Brian C Dec 01 '14 at 07:52
-4

Use this:

$_SERVER['REMOTE_USER'];

this variable may or may not be set.

elo
  • 615
  • 4
  • 11