PHP 8.0.0 Beta 4 available for testing

# system

(PHP 4, PHP 5, PHP 7)

systemExecute an external program and display the output

### Description

system ( string $command [, int &$return_var ] ) : string

system() is just like the C version of the function in that it executes the given command and outputs the result.

The system() call also tries to automatically flush the web server's output buffer after each line of output if PHP is running as a server module.

If you need to execute a command and have all the data from the command passed directly back without any interference, use the passthru() function.

### Parameters

command

The command that will be executed.

return_var

If the return_var argument is present, then the return status of the executed command will be written to this variable.

### Return Values

Returns the last line of the command output on success, and FALSE on failure.

### Examples

Example #1 system() example

 <?phpecho '<pre>';// Outputs all the result of shellcommand "ls", and returns// the last output line into $last_line. Stores the return value// of the shell command in$retval.$last_line = system('ls',$retval);// Printing additional infoecho '</pre><hr />Last line of the output: ' . $last_line . '<hr />Return value: ' .$retval;?> 

### Notes

Warning

When allowing user-supplied data to be passed to this function, use escapeshellarg() or escapeshellcmd() to ensure that users cannot trick the system into executing arbitrary commands.

Note:

If a program is started with this function, in order for it to continue running in the background, the output of the program must be redirected to a file or another output stream. Failing to do so will cause PHP to hang until the execution of the program ends.

Note: When safe mode is enabled, you can only execute files within the safe_mode_exec_dir. For practical reasons, it is currently not allowed to have .. components in the path to the executable.

Warning

With safe mode enabled, the command string is escaped with escapeshellcmd(). Thus, echo y | echo x becomes echo y \| echo x.

### User Contributed Notes 19 notes

54
no at mail dot com
8 years ago
 This is for WINDOWS users. I am running apache and I have been trying for hours now to capture the output of a command. I'd tried everything that is written here and then continued searching online with no luck at all. The output of the command was never captured. All I got was an empty array.Finally, I found a comment in a blog by a certain amazing guy that solved my problems. Adding the string ' 2>&1' to the command name finally returned the output!! This works in exec() as well as system() in PHP since it uses stream redirection to redirect the output to the correct place!system("yourCommandName 2>&1",$output) ;  kexianin at diyism dot com 10 years ago  If you can't see any output or error from system(), shell_exec() etc, you could try this: <?php function my_exec($cmd, $input='') {$proc=proc_open($cmd, array(0=>array('pipe', 'r'), 1=>array('pipe', 'w'), 2=>array('pipe', 'w')),$pipes);           fwrite($pipes[0],$input);fclose($pipes[0]);$stdout=stream_get_contents($pipes[1]);fclose($pipes[1]);           $stderr=stream_get_contents($pipes[2]);fclose($pipes[2]);$rtn=proc_close($proc); return array('stdout'=>$stdout,                        'stderr'=>$stderr, 'return'=>$rtn                       );          } var_export(my_exec('echo -e $(</dev/stdin) | wc -l', 'h\\nel\\nlo')); ?> For example, "echo shell_exec('ls');" will get nothing output, "my_exec('ls');" will get "sh: ls: command not found", "my_exec('/bin/ls');" will maybe get "sh: /bin/ls: Permission denied", and the permission may be caused by selinux.  eric_REMOVE at movementmovement_REMOVE dot com 16 years ago  It's important to note that if you are running a series of system() commands in a loop, you need to include the second argument in order for them to run synchonously.ie)// this will execute process.php asynchronously; not waiting for completion before executing the next one.$array = array('apple', 'banana', 'pear');foreach($array as$i){system("php process.php \"fruit=$i\"");}// this will execute process.php 3 times, waiting for the prior command to complete before starting a new one$array = array('apple', 'banana', 'pear');foreach($array as$i){system("php process.php \"fruit=$i\"",$status);} 
vlad dot sharanhovich at gmail dot com
12 years ago
 The double quote problem on Windows platform discussed earlier here in comments still present in PHP 5.2.5. You can't execute system($command) if$command contains more than 2 " chars. system('"echo" A'); works, while system('"echo" "A"'); does not. Search comment, that was a solution posted to overhaul this issue via temporary .bat file. 
ccurtis at aet-usa dot com
21 years ago
 If no headers have been printed, calling the system() function will flush the headers to the client and insert a newline; no further headers or cookies will be transferred to the browser.  In version 3.0.7, you will not be warned that the Header() function failed, but will be warned if trying to set a cookie.  If you want to continue to send headers after the function call, use exec() instead. 
d dot kraft at szo dot de
17 years ago
 For PHP running inside a Webserver:When calling a process viasystem("your_process &");to make it running in background, note that this process is killed when the webserver is restarted. 
morris_hirsch at hotmail dot com
17 years ago
 another reason to use shell_exec instead of system is when the result is multiple lines such as grep or ls <?php// this correctly sets answer string to all lines found//$answer = shell_exec ("grep 'set of color names' *.php ");//echo "answer =$answer";// this passes all lines to output (they  show on page)// and sets answer string to the final line $sys = system ("grep 'set of color names' *.php "); echo "sys =(($sys))";?>here is view/source resulting from system callsetprefs.php:// The standard set of color names is:setprefs.php:// Most browsers accept a wider set of color namessilly.php:  //$answer = shell_exec ("grep 'set of color names' *.php ");silly.php:$sys = system ("grep 'set of color names' *.php ");sys =((silly.php: $sys = system ("grep 'set of color names' *.php ");))and here is view source from using shell_exec insteadanswer = setprefs.php:// The standard set of color names is:setprefs.php:// Most browsers accept a wider set of color namessilly.php:$answer = shell_exec ("grep 'set of color names' *.php ");silly.php:// $sys = system ("grep 'set of color names' *.php ");  mortoray at ecircle-ag dot com 16 years ago  Do not use "system" if you use the "php.ini" option: zlib.output_compression = OnDoing so will result in the browser receiving garbage (I'm guessing the headers/buffers get confused).Use passthru in this case, it appears to work as intended.  timgolding_10 at hotmail dot com 13 years ago  An example of using the system to call the file command on a linux server. This script detects whether a user posted file is a jpeg, gif or png<?PHP$accepted_types=array("JPEG" , "GIF", "PNG");     // The temporary filename of the file in which the uploaded file was stored on the server. if(!empty($_FILES["uploadedfile"])) {$uploaddir = $_SERVER['DOCUMENT_ROOT']."/images/";$uploaddir.=basename( $_FILES['uploadedfile']['name']); //verfiy file using linux FILE command$last_line = system('file '.escapeshellarg($_FILES['uploadedfile']['tmp_name']),$retval); //get the file extension returned through magic database $splitvals=explode(' image data' ,$last_line); $vals=explode(':',$splitvals[0]); $vals[1]=str_replace(' ','',$vals[1]); if (in_array($vals[1],$accepted_types)) {    echo $vals[1].' was accepted <br />'; if(!file_exists($uploaddir)){            //Copy the file to some permanent location            if(move_uploaded_file($_FILES["uploadedfile"]["tmp_name"],$uploaddir))             {              echo $uploaddir." was uploaded! <br />"; } else { echo "There was a problem when uploding the new file, please contact admin about this."; } } else echo 'This file already exists in DB please rename file before uploading';}}else echo$_FILES['uploadedfile']['error'].'<br />';?> 
vdweij at hotmail dot com
15 years ago
 It is possible to only capture the error stream (STERR). Here it goes...(some_command par1 par2 > /dev/null) 3>&1 1>&2 2>&3-First STDOUT is redirected to /dev/null.-By using parenthesis it is possible to gain control over STERR and STOUT again.-Then switch STERR with STOUT. The switch is using the standard variable switch method -- 3 variables (buckets) are required to swap 2 variables with each other. (you have 2 variables and you need to switch the contents - you must bring in a 3rd temporary variable to hold the contents of one value so you can properly swap them).This link gave me this information:http://www.cpqlinux.com/redirect.html 
Daniel Morris (danielxmorris.com)
12 years ago
 How to produce a system beep with PHP.<?php        function beep ($int_beeps = 1) { for ($i = 0; $i <$int_beeps; $i++):$string_beeps .= "\x07"; endfor;            isset ($_SERVER['SERVER_PROTOCOL']) ? false : print$string_beeps;         }?>This will not do anything when running through a browser, if running through a shell it will produce an audible beep $int_beeps times. This should work on Windows, Unix, etc.  Anonoymous 1 year ago  Windows commands requiring a GUI.Alot of the info on this topic is from the 2010-2012 time frame and referring to XP, and basically don't work. I am using apache/php/mysql in windows 7.When requiring a system command in windows with a GUI - such as a labview executable, notepad, etc..., others have mentioned the psexec command from sysinternals, since cmd /c wont work, but the specific use was not real clearly defined. Here is what worked for me on windows 7: system('C:/nttools/2019/psexec \\\\10.100.100.101 -i -u administrator -p password -accepteula -nobanner C:\\htdocs\\test\\test.bat');The path to the psexec executable is with forward slashes, the remote PC network location (which was actually the local PC, not remote) was \\ip_address with an extra backslash for each backslash so that required the 4 \'s.The path for the command to be executed by psexec required backslashes, which also requires double backslashes.The -i option is for an interactive program, and is required for it to properly run, otherwise it show up in the taskmanager but not be visable or execute properly if given command line arguments.The -accepteula -nobanner is to suppress the sysinternals message box about their license.My command to execute is really long with multiple command line inputs with many surrounded in double quotes, so I thought it would be easiest to put that in a batch file and just call the bat file. Works great, remote users loading the webpage causes the executable to pop up on the web server, do its analysis and disappear. Labview can read native excel files with active-x functions and write to a mysql data base to store results etc, so thats a pretty powerful combination of functions.  dan at thecsl dot org 14 years ago  You probably want to check your system calls for errors. The convention is to return 0 for "no error" which is the same as FALSE which can be confusing. You need to do something like:<?php$cmd = "/usr/bin/pngtopnm $png_file >$pnm_file";  system($cmd,$return_value);  ($return_value == 0) or die("returned an error:$cmd");?> 
lc at _REMOVE__THIS_lc dot yi dot org
17 years ago
 Re: cpmorris at hotmail dot com and WINNT.I just spent some time learning to use the php system function.  I managed to get long file names to work for me.  It seems you need to take the same approach that batch files, WSH, and most other programming languages do under WinNT/2K/XP.  Putting double quotes around the Path+Filename seems to work.  So, something like this should have worked for you:"c:\program files\apache group\apache2\bin\htpasswd"Note that if you have parameters, they go OUTSIDE of the last quote.  Oh, and don't forget to escape the slashes and quotes!  I don't know what htpasswd's params are, but let us pretend:$cmd="\"c:\\program files\\apache group\\apache2\\bin\\htpasswd\" username password";$str=system($cmd);Hope this helps someone!Leonardhttp:\\www.lc.yi.org  Jim Belton 17 years ago  To run a full screen program from a PHP CLI script, redirect input from and output to /dev/tty. For example:system("timeconfig > /dev/tty < /dev/tty");System will wait for the program to finish before continuing.  cnoelker at softpearls dot de 17 years ago  Hi,some tips for using a system()-call for batch files on a windows computer:* Write the path to the executable with double back-slashes, like so: C:\\path\\to\\prog.exe* If you are refering to other pathes, e.g. as a parameter, one back-slash works fine.* Do not use SET for declaring parameters - this does not work! Example: SET PATH="C:\path\to\lib" echo path is %PATH%This works fine when started from the comand line, but when called from PHP, the variable is just empty.  nospam at php dot net 20 years ago  If you are trying to parse a CGI script to your webserver which needs arguments, take a look to the virtual() function .. it took me long before i found out it existed... It's used like this: <?php virtual("/cgi-bin/lastuser.cgi?argument"); ?> And that works excellent now for me  -1 grytolle at gmail dot com 11 years ago  This is a work-around that makes the program run in it's own directory instead of the script's. example usage: <?php runAsynchronously("c:\games\jazz2\jazz2.exe","-connect 1.2.3.4"); ?> <?php function runAsynchronously($path,$arguments) {$WshShell = new COM("WScript.Shell");     $oShellLink =$WshShell->CreateShortcut("temp.lnk");     $oShellLink->TargetPath =$path;     $oShellLink->Arguments =$arguments;     $oShellLink->WorkingDirectory = dirname($path);     $oShellLink->WindowStyle = 1;$oShellLink->Save();     $oExec =$WshShell->Run("temp.lnk", 7, false);     unset($WshShell,$oShellLink,\$oExec);     unlink("temp.lnk"); } ?> 
-3
Alastair Irvine
2 years ago
 Note that system() returns FALSE on failure, but this does NOT happen when the command returned a non-zero exit code.  system() won't even fail if the command isn't found.  (bash returns exit code 127 in this case.)  I assume system() only returns FALSE when something seriously bad happens, like not being able to run your shell.