PHP Conference Japan 2024

passthru

(PHP 4, PHP 5, PHP 7, PHP 8)

passthruExecute an external program and display raw output

Description

passthru(string $command, int &$result_code = null): ?false

The passthru() function is similar to the exec() function in that it executes a command. This function should be used in place of exec() or system() when the output from the Unix command is binary data which needs to be passed directly back to the browser. A common use for this is to execute something like the pbmplus utilities that can output an image stream directly. By setting the Content-type to image/gif and then calling a pbmplus program to output a gif, you can create PHP scripts that output images directly.

Parameters

command

The command that will be executed.

result_code

If the result_code argument is present, the return status of the Unix command will be placed here.

Return Values

Returns null on success or false on failure.

Errors/Exceptions

Will emit an E_WARNING if passthru() is unable to execute the command.

Throws a ValueError if command is empty or contains null bytes.

Changelog

Version Description
8.0.0 If command is empty or contains null bytes, passthru() now throws a ValueError. Previously it emitted an E_WARNING and returned false.

Notes

Warning

When allowing user-supplied data to be passed to this function, use escapeshellarg() or escapeshellcmd() to ensure that users cannot trick the system into executing arbitrary commands.

Note:

If a program is started with this function, in order for it to continue running in the background, the output of the program must be redirected to a file or another output stream. Failing to do so will cause PHP to hang until the execution of the program ends.

See Also

add a note

User Contributed Notes 15 notes

up
13
puppy at cyberpuppy dot org
19 years ago
Regarding swbrown's comment...you need to use an output buffer if you don't want the data displayed.

For example:
ob_start();
passthru("<i>command</i>");
$var = ob_get_contents();
ob_end_clean(); //Use this instead of ob_flush()

This gets all the output from the command, and exits without sending any data to stdout.
up
7
jo at durchholz dot org
17 years ago
Note to Paul Giblock: the command *is* run through the shell.
You can verify this on any Linux system with

<?php
passthru
('echo $PATH');
?>

You'll get the content of the PATH environment variable, not the string $PATH.
up
3
divinity76+spam at gmail dot com
2 years ago
if you have problems with passthru("docker-compose ...bash") losing interactive shell size information, try using proc_open instead, for some reason docker-compose bash knows the size of the outer terminal when i use use proc_open, but loses that information when i use passthru,

eg i replaced
<?php
passthru
("docker-compose -f docker-compose.yml bash",$ret);
?>
with
<?php
$empty1
=array();
$empty2=array();
$proc=proc_open("docker-compose -f docker-compose.yml bash",$empty1,$empty2 );
$ret = proc_close($proc);
?>

and suddenly docker-compose bash knew my terminal size :)
up
7
igor at bboy dot ru
19 years ago
If you are using passthru() to download files (for dynamically generated content or something outside webserver root) using similar code:

header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"myfile.zip\"");
header("Content-Length: 11111");
passthru("cat myfile.zip",$err);

and your download goes fine, but subsequent downloads / link clicks are screwed up, with headers and binary data being all over the website, try putting

exit();

after the passthrough. This will exit the script after the download is done and will not interfere with any future actions.
up
1
mail at dtrasbo dot dk
2 years ago
To capture the output of a command in a string without using output buffer functions, use shell_exec()
up
1
tox at novasonica dot com
5 years ago
I was trying to implement a system that allows running arbitrary CLI commands with parameters, but I kept running into the issues with user prompts from the command as they would let execution hang. The solution is simple: just use passthru() as it outputs everything and correctly handles user prompts out of the box.
up
1
Zak Estrada
19 years ago
Remember to use the full path (IE '/usr/local/bin/foo' instead of 'foo') when using passthru, otherwise you'll get an exit code of 127 (command not found).
up
0
myselfasunder at gmail dot com dot dfvuks
14 years ago
PHP's program-execution commands fail miserably when it comes to STDERR, and the proc_open() command doesn't work all that consistently in non-blocking mode under Windows.

This command, although useful, is no different. To form a mechanism that will see/capture both STDOUT and STDERR output, pipe the command to the 'tee' command (which can be found for Windows), and wrap the whole thing in output buffering.

Dustin Oprea
up
0
sarel dot w at envent dot co dot za
19 years ago
Zak Estrada
14-Dec-2004 11:21
Remember to use the full path (IE '/usr/local/bin/foo' instead of 'foo') when using passthru, otherwise you'll get an exit code of 127 (command not found).

Remember, you'll also get this error if your file does not have executable permission.
up
-1
Chroot
16 years ago
If you have chrooted apache and php, you will also want to put /bin/sh into the chrooted environment. Otherwise, the exec() or passthru() will not function properly, and will produce error code 127, file not found.
up
-1
nuker at list dot ru
18 years ago
I wrote function, that gets proxy server value from the Internet Explorer (from
registry). It was tested in Windows XP Pro

(Sorry for my English)

<?php
function getProxyFromIE()
{
exec("reg query \"HKEY_CURRENT_USER\Software\Microsoft".
"\Windows\CurrentVersion\Internet Settings\" /v ProxyEnable",
$proxyenable,$proxyenable_status);

exec("reg query \"HKEY_CURRENT_USER\Software\Microsoft".
"\Windows\CurrentVersion\Internet Settings\" /v ProxyServer",
$proxyserver);

if(
$proxyenable_status!=0)
return
false; #Can't access the registry! Very very bad...
else
{
$enabled=substr($proxyenable[4],-1,1);
if(
$enabled==0)
return
false;
else
{
$proxy=ereg_replace("^[ \t]{1,10}ProxyServer\tREG_SZ[ \t]{1,20}","",
$proxyserver[4]);

if(
ereg("[\=\;]",$proxy))
{
$proxy=explode(";",$proxy);
foreach(
$proxy as $i => $v)
{
if(
ereg("http",$v))
{
$proxy=str_replace("http=","",$v);
break;
}
}
if(@!
ereg("^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\:".
"[0-9]{1,5}$",$proxy))
return
false;
else
return
$proxy;
}
else
return
$proxy;
}

}
}
?>
Note, that this function returns FALSE if proxy is disabled in Internet
Explorer. This function returns ONLY HTTP proxy server.

Usage:
<?php
$proxy
=getProxyFromIE();
if(!
$proxy)
echo
"Can't get proxy!";
else
echo
$proxy;
?>
up
-1
Stuart Eve
18 years ago
I dunno if anyone else might find this useful, but when I was trying to use the passthru() command on Suse9.3 I was having no success with the command:

$command = 'gdal_translate blahahahaha';

passthru($command);

It only worked once I put:

$command = '/usr/bin/local/gdal_translate blalalala';

passthru($command);
up
-1
swbrown at ucsd dot edu
21 years ago
passthru() seems absolutely determined to buffer output no matter what you do, even with ob_implicit_flush(). The solution seems to be to use popen() instead.
up
-1
kpierre at fit dot edu
22 years ago
The documention does not mention that passthru() will only display standard output and not standard error.

If you are running a script you can pipe the STDERR to STDOUT by doing

exec 2>&1

Eg. the script below will actually print something with the passthru() function...

#!/bin/sh
exec 2>&1
ulimit -t 60
cat nosuchfile.txt
up
-3
stuartc1 at NOSPAM dot hotmail dot com
19 years ago
Thought it might beuseful to note the passthru seems to supress error messages whilst being run in Dos on Windows (test on NT).

To show FULL raw output including errors, use system().
To Top