2

I'm trying to execute the php code dynamically using the filename as the query string like index.php?q=script1. What I've done so far, works but only when I use include for the passed file in the main index.

<?php 
    include("class.php"); 

    if (!empty($_GET['q'])) {
        $sp = $_GET['q'];
        $sp = basename($sp);
        $location = 'src/scripts/' . $sp . '.php';

        if (file_exists($location)) {
            file_get_contents($location); // Tried, does not work
            shell_exec('php -f /' . $location); // This does not work either
            include($location); // This works
        }
    }
?>

I'm looking for a way to execute em without actually including the file in the main index. Is is possible?

Sjn19
  • 75
  • 4
  • I bet include() would also fail if the path was invalidated by prefixing it with the fs root. Also, what's the real reason for making this more futile than include? – mario Mar 11 '18 at 07:37
  • 1
    What is the problem with including a file? For what you are trying to do, it looks quite ok. I would use require however, since it HAS to work for your pages to be complete. file_get_contents reads the location and returns a string. The contents are not interpreted. – Nic3500 Mar 11 '18 at 07:38
  • I don't quite understand the logic of how php works. Sorry for this dumb question but wouldn't the index file get overloaded if 10 scripts are to be executed one by one? Or the previous one gets overwritten as soon as the file name gets changed in the url? – Sjn19 Mar 11 '18 at 07:46
  • file_get_contents need real address like example.com/file.php or localhost/file.php or etc , i think your $location is dir address – mR.Rian Mar 11 '18 at 07:48
  • Each query your Apache server gets is either a process or another thread (dpeends how you configure your MPM). Each of those execute your PHP script individually. So there is no chance of mixing up the contents. Each query and execution is unique and isolated form the other ones. – Nic3500 Mar 11 '18 at 07:51

2 Answers2

0

TRY

if (!empty($_GET['q']))
{

    $sp = $_GET['q'];
    $sp = basename($sp);
    $location = __DIR__.'/src/scripts/' . $sp . '.php';


    if (file_exists($location))
    {
         $output = shell_exec('php -f /' . $location);

         //to see output
         echo $output;
    }
}
Manish Dhruw
  • 753
  • 9
  • 18
0

If you don't wish to include a file, there are at least three different ways to get a PHP script to execute. I tested with a query string referring to the following file:

hello.php:

<?php

function greet() {
$h = "hello";
$w = "world";
return "$h, $w!";
}
echo greet();

To facilitate the execution of hello.php, one may use any of the techniques depicted in the following code:

<?php
if ( !empty( $_GET['q'] ) ) {
        $host  = $_SERVER['HTTP_HOST'];
        $uri   = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
        $file = basename( htmlentities( $_GET['q'] ) );  // "hello.php";

        if (file_exists($file)) {
            /*$contents = file_get_contents("http://$host$uri/$file"); // works
            print_r($contents);*/

            /*$output = shell_exec('php -f ./' . $file); // works, too
            print_r($output);*/
            if (headers_sent()) {  // tip fr:https://stackoverflow.com/a/8028987/701302
                 $url = "http://$host$uri/$file";
                 die("Please click this link: <a href=\"$url\">$url</a>");
            }
            else
            {
              header("Location: http://$host$uri/$file");
              exit;
            }
         }

}

With file_get_contents(), you need to pass in a url or relative url. If you pass in the path to a file, then the function will retrieve the script itself instead of executing it. Also, with file_get_contents() you need to assign any return value to a variable if you wish to capture it.

Another way is to use shell_exec() using commandline PHP with the -f option to parse and execute a PHP file. With this function, too, you must assign any return value to a variable if you wish to access the value.

Lastly, you may instruct PHP to redirect the web server to the specified file using header().

Note: one should not use a $_GET variable without doing some validation. This code checks that there is a value as well as use htmlentities() to avoid a XSS attack.

slevy1
  • 3,797
  • 2
  • 27
  • 33