string system(string $command[, int &$return_var])
When allowing user-supplied data to be passed to this function, use escapeshellarg() or escapeshellcmd() to ensure that users cannot trick the system into executing arbitrary commands.
With safe mode enabled, the command string is escaped with escapeshellcmd(). Thus, echo y | echo x becomes echo y \| echo x.
system() is just like the C version of the function in that it executes the given
command and outputs the result.
The system() call also tries to automatically flush the web server's output buffer after each line of output if PHP is running as a server module.
If you need to execute a command and have all the data from the command passed directly back without any interference, use the passthru() function.
Returns the last line of the command output on success, and
FALSE on failure.
- string $command: The command that will be executed.
- int &$return_var: If the
return_varargument is present, then the return status of the executed command will be written to this variable.
Example #1 system() example
// Outputs all the result of shellcommand "ls", and returns
// the last output line into $last_line. Stores the return value
// of the shell command in $retval.
$last_line = system('ls', $retval);
// Printing additional info
<hr />Last line of the output: ' . $last_line . '
<hr />Return value: ' . $retval;
- If a program is started with this function, in order for it to continue running in the background, the output of the program must be redirected to a file or another output stream. Failing to do so will cause PHP to hang until the execution of the program ends.
- When safe mode is enabled, you can only execute files within the safe_mode_exec_dir. For practical reasons, it is currently not allowed to have .. components in the path to the executable.