如何在php中用exec替换exec命令

时间:2011-09-23 09:31:04

标签: php system exec

这是我的生成PHP认证的代码

生成CSR

 if(isset($_POST['gencsr']))
    {   
            AddLog("sslconfig.php","gencsr",ERR_ERROR);

            /* Storing the values entered by the user for re-display in case a validation check fails */
            $_SESSION['dummycountryname']   = trim($_POST["countryname"]);
            $_SESSION['dummyprovince'] = trim($_POST["province"]);
            $_SESSION['dummylocalityname'] = trim($_POST["localityname"]);
            $_SESSION['dummyorganizationname']     = trim($_POST["organizationname"]);
            $_SESSION['dummyorganizationunit']    = trim($_POST["organizationunit"]);
            $_SESSION['dummycommonname']       = trim($_POST["commonname"]);
            $_SESSION['dummyemail']       = trim($_POST["email"]);

        if($_POST['countryname']=='')
        {
            unset ($_SESSION['dummycountryname']);
            seterror('0:|:  :|: Please enter country name.');
            header("Location: ssl.php");
            exit;
        }
        if(strlen($_POST['countryname'])!=2)
        {
            unset ($_SESSION['dummycountryname']);
            seterror('0:|:  :|: Please enter country name in two letters.');
            header("Location: ssl.php");
            exit;
        }
        if(!eregi("^[a-zA-Z]+$",$_POST['countryname'])) 
        {
            unset ($_SESSION['dummycountryname']);
            seterror('0:|:  :|: Please enter valid country name.');
            header("Location: ssl.php");
            exit;
        }

        if($_POST['province']=='')
        {
            unset ($_SESSION['dummyprovince']);
            seterror('0:|:  :|: Please enter province name.');
            header("Location: ssl.php");
            exit;
        }

        if(!eregi("^[a-zA-Z0-9]([a-zA-Z0-9 \.-]+)*[a-zA-Z0-9\.]$",trim($_POST['province']))) 
        {
            unset ($_SESSION['dummyprovince']);
            seterror('0:|:  :|: Please enter valid province name.');
            header("Location: ssl.php");
            exit;
        }
        if($_POST['localityname']=='')
        {
            unset ($_SESSION['dummylocalityname']);
            seterror('0:|:  :|: Please enter locality name.');
            header("Location: ssl.php");
            exit;
        }
        if(!eregi("^[a-zA-Z0-9]([a-zA-Z0-9 \.-]+)*[a-zA-Z0-9\.]$",trim($_POST['localityname']))) 
        {
            unset ($_SESSION['dummylocalityname']);
            seterror('0:|:  :|: Please enter valid locality name.');
            header("Location: ssl.php");
            exit;
        }
        if($_POST['organizationname']=='')
        {
            unset ($_SESSION['dummyorganizationname']);
            seterror('0:|:  :|: Please enter organization name.');
            header("Location: ssl.php");
            exit;
        }
        if(!eregi("^[a-zA-Z0-9]([a-zA-Z0-9 \.-]+)*[a-zA-Z0-9\.]$",trim($_POST['organizationname']))) 
        {
            unset ($_SESSION['dummyorganizationname']);
            seterror('0:|:  :|: Please enter valid organization name.');
            header("Location: ssl.php");
            exit;
        }
        if($_POST['organizationunit']=='')
        {
            unset ($_SESSION['dummyorganizationunit']);
            seterror('0:|:  :|: Please enter organizational unit name.');
            header("Location: ssl.php");
            exit;
        }
        if(!eregi("^[a-zA-Z0-9]([a-zA-Z0-9 \.-]+)*[a-zA-Z0-9\.]$",trim($_POST['organizationunit']))) 
        {
            unset ($_SESSION['dummyorganizationunit']);
            seterror('0:|:  :|: Please enter valid organizational unit name.');
            header("Location: ssl.php");
            exit;
        }

        if($_POST['commonname']=='')
        {
            unset ($_SESSION['dummycommonname']);
            seterror('0:|:  :|: Please enter common name.');
            header("Location: ssl.php");
            exit;
        }

        $pos = strpos($_POST['commonname'],'.');
        if($pos===false)
        {
            unset ($_SESSION['dummycommonname']);
            seterror('0:|:  :|: Please enter valid common name.');
            header("Location: ssl.php");
            exit;
        }

        $hostname = substr($_POST['commonname'],0,$pos);
        $domainname = strstr($_POST['commonname'], '.');
        $domainname = substr($domainname,1);
        AddLog("sslconfig.php",$hostname,ERR_DEBUG_HIGH);
        AddLog("sslconfig.php",$domainname,ERR_DEBUG_HIGH);
        if(!validateHostName($hostname)||$hostname=="")
        {
            unset ($_SESSION['dummycommonname']);
            seterror('0:|:  :|: Please enter valid common name.');
            $error_text="Please enter valid common name.'";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
            header("Location: ssl.php");
            exit;
        }
        if(!validateDomainName($domainname))
        {
            unset ($_SESSION['dummycommonname']);
            seterror('0:|:  :|: Please enter valid common name.');
            $error_text="Please enter valid common name.'";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
            header("Location: ssl.php");
            exit;
        }
        if(!validateEmail($_POST['email']))
        {
            unset ($_SESSION['dummyemail']);
            seterror('0:|:  :|: Please enter valid email address.');
            header("Location: ssl.php");
            exit;
        }

    $dn = array("C" => "".trim($_POST['countryname']),
       "ST" => "".trim($_POST['province']),
       "L" => "".trim($_POST['localityname']),
       "O" => "".trim($_POST['organizationname']),
       "OU" => "".trim($_POST['organizationunit']),
       "CN" => "".trim($_POST['commonname']),
       "emailAddress" => "".trim($_POST['email']));

        // Generate a new private (and public) key pair
        $privkey = openssl_pkey_new();
        AddLog("sslconfig.php","privkey:".$privkey,ERR_DEBUG_HIGH);

        $csr = openssl_csr_new($dn,$privkey);   
        openssl_csr_export($csr, $csrout);

        sendmail($csrout);
        AddLog("sslconfig.php","csr:".$csr,ERR_DEBUG_HIGH);
        openssl_csr_export_to_file ($csr,"/portal/data/config/certificate/CSR.crt");
        openssl_pkey_export_to_file ($privkey,"/portal/data/config/certificate/pk.key");
        unsetSessionVariables();
        header("Location: ssl.php");
        exit;
    }

和del

// To Delete CSR
if(isset($_POST['delcsr']))
{
    if(unlink("/portal/data/config/certificate/pk.key") && unlink("/portal/data/config/certificate/CSR.crt"))
        seterror('8:|:  :|: CSR deleted successfully.');
    else
        seterror('0:|:  :|: CSR deletion failed.');
    unsetSessionVariables();
    header("Location: ssl.php");
    exit;
}

现在我想要

  1. 用php
  2. 中的system命令替换exec命令
  3. 我的新途径是:
    生成证书申请
    openssl req -new -nodes -out /portal/data/config/certificate/vendor/requests/couffin-req.pem -keyout /portal/data/config/certificate/vendor/requests/couffin-req.key -subj“/ C = IN / ST = MAHARASHTRA / L = MUMBAI / O = Couffin Inc / OU = Sales / CN = www.couffin.itpl“-config /portal/data/config/certificate/vendor/openssl.cnf
    签署证书申请
    openssl ca -policy policy_anything -batch -out /portal/data/config/certificate/vendor/certs/couffin-cert.pem -config /portal/data/config/certificate/vendor/conf/openssl.cnf -infiles / portal /数据/配置/证书/销售商/请求/ couffin-req.pem
  4. 这里有一些使用exec的函数

    例如

    function isp7bcertificate($p7btmpfilename)
    {
        $cmd = 'openssl pkcs7 -in '.$p7btmpfilename;
        exec($cmd,$array1,$error_code);
        if($error_code==0)      // p7b certificate is PEM encoded
        {
            $error_text="certificate is in PEM p7b format";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
            return true;
        }
        // // p7b certificate is DER encoded
        $cmd = 'openssl pkcs7 -inform DER -in '.$p7btmpfilename;
        exec($cmd,$array1,$error_code);
        if($error_code==0)
        {
            $error_text="certificate is in DER p7b format";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
            return true;
        }
        $error_text="certificate is not in p7b format";
        AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        return false;               // certificate not in p7b format.
    }
    

    在这里

    function uploadcert($certfilename,$pkfilename)
    {
        $folderpath = '/portal/data/config/certificate/';
        $tmpfolderpath = '/portal/data/config/certificate/tmp/';
        $error_text="upload cert called";
        AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        if(!file_exists($tmpfolderpath.$certfilename))
        {
            $error_text="Certificate file not found.";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
            return "0:|:  :|: Certificate file not found.";
        }
        else
        {
            $error_text="Certificate file present.";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        }
        if(!file_exists($tmpfolderpath.$pkfilename))
        {
            $error_text="Private key file not found.";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
            return "0:|:  :|: Private key file not found.";
        }
        else
        {
            $error_text="Privatekey file present.";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        }
    
        // To fix Bug 5468 Starts
        if(!isbase64certificate($tmpfolderpath.$certfilename))
        {
            $error_text="Output : Failed to upload certificate.";
            AddLog("sslconfig.php",$error_text,ERR_ERROR);
            return "0:|: :|: Failed to upload certificate.";
        }
    
        //Fix for Bug 5195
        //Check if a private key corresponds to a selected certificate.
        $cert_content = file_get_contents($tmpfolderpath.$certfilename);
        $priv_key_content = file_get_contents($tmpfolderpath.$pkfilename);
        $error_text="openssl_x509_check_private_key called";
        AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        $output = openssl_x509_check_private_key($cert_content,$priv_key_content);
        $error_text="Output:".$output;
        AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        if($output)
        {
            $error_text="Output : Private Key OK";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        } 
        else 
        {
            $error_text="Output : Private Key NOT OK";
            AddLog("sslconfig.php",$error_text,ERR_ERROR);
            return "0:|: :|: Private key does not correspond to selected certificate.";
        }
    
        //first rename the current localhost.crt and localhost.key as old. and then copy new files.
        if (!copy($folderpath.'localhost.crt', $tmpfolderpath.'oldlocalhost.crt')) 
        {
            $error_text="error in localhost.crt copy to oldlocalhost.crt";
            AddLog("sslconfig.php",$error_text,ERR_ERROR);
            return "0:|: :|: Certificate file corrupted.";
        }
        else
        {
            $error_text="localhost.crt copied to oldlocalhost.crt";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        }
        if (!copy($folderpath.'localhost.key', $tmpfolderpath.'oldlocalhost.key')) 
        {
            //if copy of private key is failed restore the old localhost.crt
            copy($tmpfolderpath.'oldlocalhost.crt', $folderpath.'localhost.crt');
            $error_text="error in localhost.key copy to oldlocalhost.key";
            AddLog("sslconfig.php",$error_text,ERR_ERROR);
            return "0:|: :|: Private key file corrupted.";
        }
        else
        {
            $error_text="localhost.key copied to oldlocalhost.key";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
        }
    
        $outcert = copy($tmpfolderpath.$certfilename, $folderpath.'localhost.crt');
        $outpk = copy($tmpfolderpath.$pkfilename, $folderpath.'localhost.key');
    
        if((!$outcert) || (!$outpk))
        {
            copy($tmpfolderpath.'oldlocalhost.crt', $folderpath.'localhost.crt');
            copy($tmpfolderpath.'oldlocalhost.key', $folderpath.'localhost.key');
            $cmd = 'service httpd restart';
            exec($cmd,$array1,$error_code);
            $error_text="Certificate and Private key copy error";
            AddLog("sslconfig.php",$error_text,ERR_ERROR);
            return "0:|:  :|: Certificate and Private key copy error.";
        }
        $cmd = 'service httpd restart';
        exec($cmd,$array1,$error_code);
        if($error_code!=0)
        {
            //httpd fail to start. Restore to original files
            copy($tmpfolderpath.'oldlocalhost.crt', $folderpath.'localhost.crt');
            copy($tmpfolderpath.'oldlocalhost.key', $folderpath.'localhost.key');
            $cmd = 'service httpd restart';
            exec($cmd,$array1,$error_code);
            $error_text="httpd fail to restart with new files";
            AddLog("sslconfig.php",$error_text,ERR_ERROR);
            //seterror('0:|:  :|: Certificate and Private key mismatched.');
            return "0:|:  :|: Certificate and Private key mismatched.";     
        }
        else
        {
            copy($tmpfolderpath.'oldlocalhost.crt', $folderpath.'localhost.crt');
            copy($tmpfolderpath.'oldlocalhost.key', $folderpath.'localhost.key');
            $cmd = 'service httpd restart';
            exec($cmd,$array1,$error_code);
            $error_text="httpd restart successful with new files";
            AddLog("sslconfig.php",$error_text,ERR_DEBUG_HIGH);
            return "success";
        }
    
    }
    

1 个答案:

答案 0 :(得分:0)

这可能是一个非常简短的答案,但我不知道还应该说些什么:

因为您的代码中没有任何exec - 命令,所以无需替换。结论:它已经完成了。

通常替换exec / system,这只是代码中的一个小变化:

exec($command,$return,$error);

简单地获取

$return = system($command,$error);

有关详情,请参阅documentation for exec()for system()