使用PHP啓用SVN呼叫的安全方式？

Question

有沒有辦法修改RHEL/Apache/PHP上的權限，以安全的方式啓用使用shell命令調用SVN - 即。 shell_exec（），shell（）或system（）？

目前，我在嘗試shell命令時被拒絕了權限。

Answer 1

你不一定要使用exec()電話，編造自己svn add ...命令，因爲PECL有這種穩定的PHP擴展 - Subversion。該包裝is here。

這樣您就可以輕鬆訪問代碼中所有需要的SVN功能。

Answer 2

我能夠實現這一目標的唯一方法是使用SSH2庫並在特定帳戶下連接localy。否則，我永遠無法正確設置它們。

---

這不是一個好的圖書館，我有過1天考出和搜索文檔，以便它絕對不是最好的辦法，但至少它的工作原理...

目前使用的庫：

<?php 
/** 
* 
* Runs several SSH2 commands on the devl server as root 
* 
*/ 
function ssh2Run(array $commands, $catchoutput = true, $server = 'localhost', $user = 'root', $logfile = NULL){ 

    //Open a log file for web output 
    if($logfile == NULL){ $logfile = logCreate(); } 

    //Connect to ssh2 
    $connection = ssh2_connect($server); 
    $hostkey = ssh2_fingerprint($connection); 
    logWrite($logfile, 'Connected to '.$server.', hostkey = '.$hostkey); 
    ssh2_auth_pubkey_file($connection, $user, '/home/myuser/.ssh/id_rsa.pub', '/home/myuser/.ssh/id_rsa'); 

    //Execute the various commands and read the output to the log file 
    foreach($commands as $command){ 

     // Run a command that will probably write to stderr (unless you have a folder named /hom) 
     logWrite($logfile, 'Sending command: '.$user.'@'.$server.': '.$command); 
     logWrite($logfile, '----------------------------------------------------------------------------------'); 
     $outputStream = ssh2_exec($connection, $command, true); 
     if(is_resource($outputStream)){ 
      stream_set_blocking($outputStream, true); 
     } 

     //Catch 
     if($catchoutput){ 

      if(is_resource($errorStream)){ 
       $errorStream = ssh2_fetch_stream($outputStream, SSH2_STREAM_STDERR); 
      } 

      // Enable blocking for both streams 
      if(is_resource($errorStream)){ 
       stream_set_blocking($errorStream, true); 
      } 

      // Whichever of the two below commands is listed first will receive its appropriate output. The second command receives nothing 
      logWrite($logfile, 'Output of command:'); 

      //Loop the stream until it is complete 
      while((is_resource($outputStream) && !feof($outputStream)) || (is_resource($errorStream) && !feof($errorStream))){ 

       //Content read out 
       if(is_resource($outputStream) && !feof($outputStream)){ 
        $outputContent = trim(fgets($outputStream)); 
       }else{ 
        $outputContent = ''; 
       } 
       if(is_resource($errorStream) && !feof($errorStream)){ 
        $errorContent = trim(fgets($errorStream)); 
       }else{ 
        $errorContent = ''; 
       } 

       //Add the information to the log 
       if($outputContent == '' && $errorContent == ''){ continue; } 
       if($outputContent !== ''){ 
        logWrite($logfile, 'OUT: '.$outputContent); 
       } 
       if($errorContent !== ''){ 
        logWrite($logfile, 'ERROR: '.$errorContent); 
       } 

      } 

      // Close the streams  
      if(is_resource($errorStream)){ fclose($errorStream); } 
      if(is_resource($outputStream)){ fclose($outputStream); } 

     } 

    } 

    //Return the log 
    return $logfile; 

} 

/** 
* 
* List files in a SFTP enabled directory 
* 
*/ 
function sftpList($server, $user, $path){ 

    //Connect to ssh2 
    $connection = ssh2_connect($server); 
    $hostkey = ssh2_fingerprint($connection); 
    ssh2_auth_pubkey_file($connection, $user, '/home/myuser/.ssh/id_rsa.pub', '/home/myuser/.ssh/id_rsa'); 

    //Create our SFTP resource 
    if(!$sftp = ssh2_sftp($connection)){ 
     throw new Exception('Unable to create SFTP connection.'); 
    } 

    /** 
     * Now that we have our SFTP resource, we can open a directory resource 
     * to get us a list of files. Here we will use the $sftp resource in 
     * our address string as I previously mentioned since our ssh2:// 
     * protocol allows it. 
     */ 
    $results = array(); 
    $dirHandle = opendir('ssh2.sftp://'.$sftp.$path); 
    while (false !== ($result = readdir($dirHandle))) { 
     if ($result != '.' && $result != '..') { 
      $results[] = $result; 
     } 
    } 
    closedir($dirHandle); 

    //Return the log 
    return $results; 

}