IM With PHP exec ()

Questions and postings pertaining to the usage of ImageMagick regardless of the interface. This includes the command-line utilities, as well as the C and C++ APIs. Usage questions are like "How do I use ImageMagick to create drop shadows?".
Bonzo
Posts: 2971
Joined: 2006-05-20T08:08:19-07:00
Location: Cambridge, England

Re: IM With PHP exec ()

Post by Bonzo »

Its not something I have ever had to do and to be honist if there was a problem I would expect my hosts to sort it out.

There is this function but again you can only modify what your host allows you to: http://uk2.php.net/putenv
User avatar
anthony
Posts: 8883
Joined: 2004-05-31T19:27:03-07:00
Authentication code: 8675308
Location: Brisbane, Australia

Re: IM With PHP exec ()

Post by anthony »

Having read the function, I can see that it can be difficult to set PATH in that way due to 'security concerns'. Arrrggghhh.....

This is a pain, and means you need have to rely on the servers system administrators to, 'set things up right', whcih I am starting to feel is a rare occurance, as they are more interested in just getting it running without understanding the in's and out's. I know I am one of them in my normal real world work.

The only workaround then is to set the PATH yourself for each and every system() or exec() like command, or call a seperate 'cgi-like' script to do all the processing outside PHP. Neither is very good from a higher level programming point of view.
Anthony Thyssen -- Webmaster for ImageMagick Example Pages
https://imagemagick.org/Usage/
Bonzo
Posts: 2971
Joined: 2006-05-20T08:08:19-07:00
Location: Cambridge, England

Re: IM With PHP exec ()

Post by Bonzo »

I found the coments below in my php.ini file and as you say it still depends on the server setup and permissions.
; Setting certain environment variables may be a potential security breach.
; This directive contains a comma-delimited list of prefixes. In Safe Mode,
; the user may only alter environment variables whose names begin with the
; prefixes supplied here. By default, users will only be able to set
; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
;
; Note: If this directive is empty, PHP will let the user modify ANY
; environment variable!
safe_mode_allowed_env_vars = PHP_

; This directive contains a comma-delimited list of environment variables that
; the end user won't be able to change using putenv(). These variables will be
; protected even if safe_mode_allowed_env_vars is set to allow to change them.
safe_mode_protected_env_vars = LD_LIBRARY_PATH
User avatar
anthony
Posts: 8883
Joined: 2004-05-31T19:27:03-07:00
Authentication code: 8675308
Location: Brisbane, Australia

Re: IM With PHP exec ()

Post by anthony »

Yes. and that is probably the default setting. Very secure, especially to prevent a hacker say changing PATH and/or LD_LIBRARY_PATH, to cause a PHP script to call a hacked version of a program or library.

But it does make in more inconvenient to PHP script writers when the default PATH and LD_LIBRARY_PATH settings passed to the web server and thus PHP does not include the desired ImageMagick, Ghostscript and other delegate applications and libraries.

Setting these variables intelligently is not generally on the 'how to install' guides for setting up Web servers with PHP, which makes use of IM.

So we are back to the PHP application programmer figuring out specific system settings needed for calling IM. Whether it is the location of "convert", a PATH setting for "gs" or just LD_LIBRARY_PATH settings needed to find libraries such as "libjpeg.so" or more unusual libraries PHP itself does not require like "librsvg.so".

"Oh the pain! The pain!" -- Doctor Smith, Lost in Space
Anthony Thyssen -- Webmaster for ImageMagick Example Pages
https://imagemagick.org/Usage/
Post Reply