REL1_33/php/Shell_8php_source.html

<?php

namespace MediaWiki\Shell;


use Hooks;

use MediaWiki\MediaWikiServices;


class Shell {


    const NO_ROOT = 1;


    const SECCOMP = 2;


    const PRIVATE_DEV = 4;


    const NO_NETWORK = 8;


    const NO_EXECVE = 16;


    const NO_LOCALSETTINGS = 32;


    const RESTRICT_DEFAULT = self::NO_ROOT | self::SECCOMP | self::PRIVATE_DEV |

                             self::NO_LOCALSETTINGS;


    const RESTRICT_NONE = 0;


    public static function command( ...$commands ) {

        if ( count( $commands ) === 1 && is_array( reset( $commands ) ) ) {

            // If only one argument has been passed, and that argument is an array,

            // treat it as a list of arguments

            $commands = reset( $commands );

        }

        $command = MediaWikiServices::getInstance()

            ->getShellCommandFactory()

            ->create();


        return $command->params( $commands );

    }


    public static function isDisabled() {

        static $disabled = null;


        if ( is_null( $disabled ) ) {

            if ( !function_exists( 'proc_open' ) ) {

                wfDebug( "proc_open() is disabled\n" );

                $disabled = true;

            } else {

                $disabled = false;

            }

        }


        return $disabled;

    }


    public static function escape( ...$args ) {

        if ( count( $args ) === 1 && is_array( reset( $args ) ) ) {

            // If only one argument has been passed, and that argument is an array,

            // treat it as a list of arguments

            $args = reset( $args );

        }


        $first = true;

        $retVal = '';

        foreach ( $args as $arg ) {

            if ( $arg === null ) {

                continue;

            }

            if ( !$first ) {

                $retVal .= ' ';

            } else {

                $first = false;

            }


            if ( wfIsWindows() ) {

                // Escaping for an MSVC-style command line parser and CMD.EXE

                // Refs:

                //  * https://web.archive.org/web/20020708081031/http://mailman.lyra.org/pipermail/scite-interest/2002-March/000436.html

                //  * https://technet.microsoft.com/en-us/library/cc723564.aspx

                //  * T15518

                //  * CR r63214

                // Double the backslashes before any double quotes. Escape the double quotes.

                $tokens = preg_split( '/(\\\\*")/', $arg, -1, PREG_SPLIT_DELIM_CAPTURE );

                $arg = '';

                $iteration = 0;

                foreach ( $tokens as $token ) {

                    if ( $iteration % 2 == 1 ) {

                        // Delimiter, a double quote preceded by zero or more slashes

                        $arg .= str_replace( '\\', '\\\\', substr( $token, 0, -1 ) ) . '\\"';

                    } elseif ( $iteration % 4 == 2 ) {

                        // ^ in $token will be outside quotes, need to be escaped

                        $arg .= str_replace( '^', '^^', $token );

                    } else { // $iteration % 4 == 0

                        // ^ in $token will appear inside double quotes, so leave as is

                        $arg .= $token;

                    }

                    $iteration++;

                }

                // Double the backslashes before the end of the string, because

                // we will soon add a quote

                $m = [];

                if ( preg_match( '/^(.*?)(\\\\+)$/', $arg, $m ) ) {

                    $arg = $m[1] . str_replace( '\\', '\\\\', $m[2] );

                }


                // Add surrounding quotes

                $retVal .= '"' . $arg . '"';

            } else {

                $retVal .= escapeshellarg( $arg );

            }

        }

        return $retVal;

    }


    public static function makeScriptCommand( $script, $parameters, $options = [] ) {

        global $wgPhpCli;

        // Give site config file a chance to run the script in a wrapper.

        // The caller may likely want to call wfBasename() on $script.

        Hooks::run( 'wfShellWikiCmd', [ &$script, &$parameters, &$options ] );

        $cmd = [ $options['php'] ?? $wgPhpCli ];

        if ( isset( $options['wrapper'] ) ) {

            $cmd[] = $options['wrapper'];

        }

        $cmd[] = $script;


        return self::command( $cmd )

            ->params( $parameters )

            ->restrict( self::RESTRICT_DEFAULT & ~self::NO_LOCALSETTINGS );

    }


}


and
and that you know you can do these things To protect your we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the or if you modify it For if you distribute copies of such a whether gratis or for a you must give the recipients all the rights that you have You must make sure that receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two and(2) offer you this license which gives you legal permission to copy

$wgPhpCli
$wgPhpCli
Executable path of the PHP cli binary.
Definition DefaultSettings.php:8314

wfDebug
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
Definition GlobalFunctions.php:961

wfIsWindows
wfIsWindows()
Check if the operating system is Windows.
Definition GlobalFunctions.php:1963

$command
$command
Definition cdb.php:65

$args
if( $line===false) $args
Definition cdb.php:64

Hooks
Hooks class.
Definition Hooks.php:34

MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition MediaWikiServices.php:103

MediaWiki\MediaWikiServices\getInstance
static getInstance()
Returns the global default instance of the top level service locator.
Definition MediaWikiServices.php:124

MediaWiki\Shell\Shell
Executes shell commands.
Definition Shell.php:44

MediaWiki\Shell\Shell\NO_EXECVE
const NO_EXECVE
Deny execve syscall with seccomp.
Definition Shell.php:83

MediaWiki\Shell\Shell\SECCOMP
const SECCOMP
Use seccomp to block dangerous syscalls.
Definition Shell.php:60

MediaWiki\Shell\Shell\escape
static escape(... $args)
Version of escapeshellarg() that works better on Windows.
Definition Shell.php:163

MediaWiki\Shell\Shell\NO_NETWORK
const NO_NETWORK
Restrict the request to have no network access.
Definition Shell.php:75

MediaWiki\Shell\Shell\PRIVATE_DEV
const PRIVATE_DEV
Create a private /dev.
Definition Shell.php:67

MediaWiki\Shell\Shell\command
static command(... $commands)
Returns a new instance of Command class.
Definition Shell.php:119

MediaWiki\Shell\Shell\NO_ROOT
const NO_ROOT
Disallow any root access.
Definition Shell.php:52

MediaWiki\Shell\Shell\makeScriptCommand
static makeScriptCommand( $script, $parameters, $options=[])
Generate a Command object to run a MediaWiki CLI script.
Definition Shell.php:235

MediaWiki\Shell\Shell\RESTRICT_DEFAULT
const RESTRICT_DEFAULT
Apply a default set of restrictions for improved security out of the box.
Definition Shell.php:100

MediaWiki\Shell\Shell\RESTRICT_NONE
const RESTRICT_NONE
Don't apply any restrictions.
Definition Shell.php:108

MediaWiki\Shell\Shell\NO_LOCALSETTINGS
const NO_LOCALSETTINGS
Deny access to LocalSettings.php (MW_CONFIG_FILE)
Definition Shell.php:90

MediaWiki\Shell\Shell\isDisabled
static isDisabled()
Check if this class is effectively disabled via php.ini config.
Definition Shell.php:137

$options
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
Definition hooks.txt:1999

$tokens
$tokens
Definition mwdoc-filter.php:47

MediaWiki\Shell
Copyright (C) 2017 Kunal Mehta legoktm@member.fsf.org
Definition Command.php:21