This web app is used to ping a website or IP address. With this code we use shell_exec() function with a preformatted command and then feed it the value for the website/ IP address. This allows users the ability to gain the power of OS commands, but limits what they are able to do.
Code Explanation:
Line 3-6 – Create an HTML form to accept the domain name or IP address, and POST this value back to this page
Line 10 – Turn the value from the form into the variable value for $command
Line 12 – Concatonate the value of $command with the ping command and assign this new value to $command. Notice we limit the ping count to only 1 using -c 1 . In linux the default for ping is to continuously run. Since shell_exec() only returns a value when a command ends then if you do not set a limit the ping will never end and the App will lock up.
Line 14 – Assigns the results from shell_exec() to $result.
Line 16 – Prints out the value from the ping in $result within <pre> tags. Shell_exec() returns text formatted for a text file. Without the <pre> tags $result will be printed as a line of text.
<h1>Ping App</h1>
<form action="ping.php" method="post">
<input type="text" name="command">
<input type="submit">
</form>
<?php
$command = $_POST['command'];
$command = "ping -c 1 $command";
$result = shell_exec($command);
echo "<pre>$result</pre>";
?>
Code language: HTML, XML (xml)
