REL1_34/php/Shell_8php_source.html

<?php

namespace MediaWiki\Shell;


use Hooks;

use MediaWiki\MediaWikiServices;


class Shell {


    const NO_ROOT = 1;


    const SECCOMP = 2;


    const PRIVATE_DEV = 4;


    const NO_NETWORK = 8;


    const NO_EXECVE = 16;


    const NO_LOCALSETTINGS = 32;


    const RESTRICT_DEFAULT = self::NO_ROOT | self::SECCOMP | self::PRIVATE_DEV |

                             self::NO_LOCALSETTINGS;


    const RESTRICT_NONE = 0;


    public static function command( ...$commands ): Command {

        if ( count( $commands ) === 1 && is_array( reset( $commands ) ) ) {

            // If only one argument has been passed, and that argument is an array,

            // treat it as a list of arguments

            $commands = reset( $commands );

        }

        $command = MediaWikiServices::getInstance()

            ->getShellCommandFactory()

            ->create();


        return $command->params( $commands );

    }


    public static function isDisabled() {

        static $disabled = null;


        if ( is_null( $disabled ) ) {

            if ( !function_exists( 'proc_open' ) ) {

                wfDebug( "proc_open() is disabled\n" );

                $disabled = true;

            } else {

                $disabled = false;

            }

        }


        return $disabled;

    }


    public static function escape( ...$args ) {

        if ( count( $args ) === 1 && is_array( reset( $args ) ) ) {

            // If only one argument has been passed, and that argument is an array,

            // treat it as a list of arguments

            $args = reset( $args );

        }


        $first = true;

        $retVal = '';

        foreach ( $args as $arg ) {

            if ( $arg === null ) {

                continue;

            }

            if ( !$first ) {

                $retVal .= ' ';

            } else {

                $first = false;

            }


            if ( wfIsWindows() ) {

                // Escaping for an MSVC-style command line parser and CMD.EXE

                // Refs:

                //  * https://web.archive.org/web/20020708081031/http://mailman.lyra.org/pipermail/scite-interest/2002-March/000436.html

                //  * https://technet.microsoft.com/en-us/library/cc723564.aspx

                //  * T15518

                //  * CR r63214

                // Double the backslashes before any double quotes. Escape the double quotes.

                $tokens = preg_split( '/(\\\\*")/', $arg, -1, PREG_SPLIT_DELIM_CAPTURE );

                $arg = '';

                $iteration = 0;

                foreach ( $tokens as $token ) {

                    if ( $iteration % 2 == 1 ) {

                        // Delimiter, a double quote preceded by zero or more slashes

                        $arg .= str_replace( '\\', '\\\\', substr( $token, 0, -1 ) ) . '\\"';

                    } elseif ( $iteration % 4 == 2 ) {

                        // ^ in $token will be outside quotes, need to be escaped

                        $arg .= str_replace( '^', '^^', $token );

                    } else { // $iteration % 4 == 0

                        // ^ in $token will appear inside double quotes, so leave as is

                        $arg .= $token;

                    }

                    $iteration++;

                }

                // Double the backslashes before the end of the string, because

                // we will soon add a quote

                $m = [];

                if ( preg_match( '/^(.*?)(\\\\+)$/', $arg, $m ) ) {

                    $arg = $m[1] . str_replace( '\\', '\\\\', $m[2] );

                }


                // Add surrounding quotes

                $retVal .= '"' . $arg . '"';

            } else {

                $retVal .= escapeshellarg( $arg );

            }

        }

        return $retVal;

    }


    public static function makeScriptCommand( $script, $parameters, $options = [] ): Command {

        global $wgPhpCli;

        // Give site config file a chance to run the script in a wrapper.

        // The caller may likely want to call wfBasename() on $script.

        Hooks::run( 'wfShellWikiCmd', [ &$script, &$parameters, &$options ] );

        $cmd = [ $options['php'] ?? $wgPhpCli ];

        if ( isset( $options['wrapper'] ) ) {

            $cmd[] = $options['wrapper'];

        }

        $cmd[] = $script;


        return self::command( $cmd )

            ->params( $parameters )

            ->restrict( self::RESTRICT_DEFAULT & ~self::NO_LOCALSETTINGS );

    }


}


$wgPhpCli
$wgPhpCli
Executable path of the PHP cli binary.
Definition DefaultSettings.php:8391

wfDebug
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
Definition GlobalFunctions.php:913

wfIsWindows
wfIsWindows()
Check if the operating system is Windows.
Definition GlobalFunctions.php:1887

if
if(ini_get('mbstring.func_overload')) if(!defined('MW_ENTRY_POINT'))
Pre-config setup: Before loading LocalSettings.php.
Definition Setup.php:57

$command
$command
Definition cdb.php:65

$args
if( $line===false) $args
Definition cdb.php:64

Hooks
Hooks class.
Definition Hooks.php:34

MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition MediaWikiServices.php:117

MediaWiki\MediaWikiServices\getInstance
static getInstance()
Returns the global default instance of the top level service locator.
Definition MediaWikiServices.php:138

MediaWiki\Shell\Command
Class used for executing shell commands.
Definition Command.php:36

MediaWiki\Shell\Shell
Executes shell commands.
Definition Shell.php:44

MediaWiki\Shell\Shell\NO_EXECVE
const NO_EXECVE
Deny execve syscall with seccomp.
Definition Shell.php:83

MediaWiki\Shell\Shell\SECCOMP
const SECCOMP
Use seccomp to block dangerous syscalls.
Definition Shell.php:60

MediaWiki\Shell\Shell\escape
static escape(... $args)
Version of escapeshellarg() that works better on Windows.
Definition Shell.php:163

MediaWiki\Shell\Shell\NO_NETWORK
const NO_NETWORK
Restrict the request to have no network access.
Definition Shell.php:75

MediaWiki\Shell\Shell\PRIVATE_DEV
const PRIVATE_DEV
Create a private /dev.
Definition Shell.php:67

MediaWiki\Shell\Shell\command
static command(... $commands)
Returns a new instance of Command class.
Definition Shell.php:119

MediaWiki\Shell\Shell\NO_ROOT
const NO_ROOT
Disallow any root access.
Definition Shell.php:52

MediaWiki\Shell\Shell\makeScriptCommand
static makeScriptCommand( $script, $parameters, $options=[])
Generate a Command object to run a MediaWiki CLI script.
Definition Shell.php:236

MediaWiki\Shell\Shell\RESTRICT_DEFAULT
const RESTRICT_DEFAULT
Apply a default set of restrictions for improved security out of the box.
Definition Shell.php:100

MediaWiki\Shell\Shell\RESTRICT_NONE
const RESTRICT_NONE
Don't apply any restrictions.
Definition Shell.php:108

MediaWiki\Shell\Shell\NO_LOCALSETTINGS
const NO_LOCALSETTINGS
Deny access to LocalSettings.php (MW_CONFIG_FILE)
Definition Shell.php:90

MediaWiki\Shell\Shell\isDisabled
static isDisabled()
Check if this class is effectively disabled via php.ini config.
Definition Shell.php:137

MediaWiki\Shell
Copyright (C) 2017 Kunal Mehta legoktm@member.fsf.org
Definition Command.php:21