LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
 
Search this Thread
Old 02-26-2014, 07:57 AM   #1
keif
Member
 
Registered: Apr 2013
Posts: 80

Rep: Reputation: Disabled
Web page input executes on command line and output back to web page


Hello everyone,

I have a simple grep task I want to make executable in my web browser. Here is the script:

from: ./grep-script.sh
Code:
#!/bin/bash 
#
# Get input from user to grep in /home/user/test-file.txt
#
echo -n "Please enter grep input: "
read grepInput
grep $grepInput /home/user/test-file.txt
Instead of having going to the command line to run ./grep-script.sh, I want to have an input box and a button on the web page. The info in the input box becomes the read variable when you click the button. Then it executes the script on the command line and brings back the results on the web page.

The web page is from the same box I wish to execute the grep command -- /var/www/html/index.html. And I have apache installed.

I know the task itself is basically worthless. But the main point is to learn a simple task like this in order to open doors to larger projects.

Any ideas on how to do this? Thanks.
 
Old 02-26-2014, 08:15 AM   #2
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 3,431
Blog Entries: 1

Rep: Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144
You will need the exec command to execute grep: http://us2.php.net/function.exec

You will need some practical HTML: http://www.w3schools.com/tags/

You will not need a script for this. You can build the whole command in the exec statement.

Not tested, but this should get you close:

Your HTML page.. index.html
Code:
<form action="backend.php" method="post">
		<button type="submit" name="formname" value="search"></button>
		<input type="text" name="search">
</form>
Your backend page,.. backend.php
Code:
        $escaped_search = escapeshellcmd($_POST["search"]);
	exec("grep -Ri $escaped_search *",$output);                 
        echo "<pre>";
        foreach ($output as $line) {
          echo "$line <br>";
        } //end foreach

Last edited by szboardstretcher; 02-26-2014 at 08:21 AM.
 
2 members found this post helpful.
Old 02-26-2014, 09:15 AM   #3
dugan
Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 5,376

Rep: Reputation: 1686Reputation: 1686Reputation: 1686Reputation: 1686Reputation: 1686Reputation: 1686Reputation: 1686Reputation: 1686Reputation: 1686Reputation: 1686Reputation: 1686
szboardstretcher's solution is good, because it actually has the necessary security.

For a bad and extremely hackable solution (you know, to compare), see here:

http://www.reddit.com/r/PHP/comments...e_web_problem/

Last edited by dugan; 02-26-2014 at 09:16 AM.
 
2 members found this post helpful.
Old 02-26-2014, 09:25 AM   #4
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 3,431
Blog Entries: 1

Rep: Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144
Quote:
Originally Posted by dugan View Post
szboardstretcher's solution is good, because it actually has the necessary security.

For a bad and extremely hackable solution (you know, to compare), see here:

http://www.reddit.com/r/PHP/comments...e_web_problem/
Its unfortunate that that thread is not, in fact, a joke.

I'm not allowed to post company code,. but I can tell you this. Our user input forms are actually run from different servers, and the input is scrubbed *at least* 10 different ways, and even then it's checked by hardware before it gets truly submitted to the dmz'd input servers.

Last edited by szboardstretcher; 02-26-2014 at 09:27 AM.
 
2 members found this post helpful.
Old 02-26-2014, 09:34 AM   #5
keif
Member
 
Registered: Apr 2013
Posts: 80

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by szboardstretcher View Post
Its unfortunate that that thread is not, in fact, a joke.

I'm not allowed to post company code,. but I can tell you this. Our user input forms are actually run from different servers, and the input is scrubbed *at least* 10 different ways, and even then it's checked by hardware before it gets truly submitted to the dmz'd input servers.
Thanks for the info szboardstretcher.

Your solution worked great. Thanks. It was perfect for the novice level I am at with this type of integration and I hope to grow from it. And explaining a little about your system helps me better see the reality of security concerns. I appreciate it.
 
1 members found this post helpful.
Old 02-26-2014, 09:37 AM   #6
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 3,431
Blog Entries: 1

Rep: Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144Reputation: 1144
Thanks for the expressive gratitude. That's nice to hear.

If you are interested in beginner level php, here is a great start:

http://www.codecademy.com/tracks/php
 
1 members found this post helpful.
Old 02-26-2014, 10:06 AM   #7
TenTenths
Senior Member
 
Registered: Aug 2011
Location: Dublin
Distribution: Centos 5 / 6
Posts: 1,781

Rep: Reputation: 573Reputation: 573Reputation: 573Reputation: 573Reputation: 573Reputation: 573
Quote:
Originally Posted by szboardstretcher View Post
and even then it's checked by hardware before it gets truly submitted to the dmz'd input servers.
WAF's rock!


So do layered applications
 
1 members found this post helpful.
Old 02-26-2014, 10:25 AM   #8
keif
Member
 
Registered: Apr 2013
Posts: 80

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by szboardstretcher View Post
Thanks for the expressive gratitude. That's nice to hear.

If you are interested in beginner level php, here is a great start:

http://www.codecademy.com/tracks/php
Thanks! I didn't know about code academy, I really like their interface (I'm used to text and link bare bones tutorials).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
executing linux commands from web page and outputing it back to the web page ashes_sheldon Programming 9 02-28-2015 12:07 AM
Is there any way to execute a program which needs some input through a php web page?? maradnus Programming 1 12-07-2011 03:58 AM
[SOLVED] How to get the source code of a web page from linux command line? chekhov_neo Linux - Newbie 4 05-07-2010 07:38 AM
Web query to execute commands and output it to a web page ! ashes_sheldon Linux - Newbie 1 05-08-2009 02:45 AM
How do I send input to a web page? wswartz Linux - Software 2 07-16-2004 05:59 PM


All times are GMT -5. The time now is 08:13 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration