{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 干净又极端 的问题《AWS CLI command works on Bash, but not with PHP sh》','https://www.manongdao.com/q-418526.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I would like to trigger the following command:
aws route53 change-resource-record-sets --hosted-zone-id XXX
--change-batch '{ "Comment": "2018-06-19-11:31", "Changes":
[ { "Action": "CREATE", "ResourceRecordSet": { "Name": "example.com",
"Type": "TXT", "TTL": 60, "ResourceRecords":
[ { "Value": "\"something\"" } ] } } ] }'
It works when I trigger it on bash, but not when I run it in PHP:
$json = trim(shell_exec($cmd_aws_submit));
// or:
$json = trim(shell_exec("{$cmd_aws_submit}"));
AWS expects, that the value ("\"something\"") for the TXT record is quoted. I tried to quote it like this:
$value = "\\\"" . $textvalue . "\\\"";
$value = "\"" . $textvalue . "\"";
$value = "\\'" . $textvalue . "\\'";
$value = "'" . $textvalue . "'";
None of it works, I always get the following error:
Error parsing parameter '--change-batch': Invalid JSON: Invalid \escape: line 12 column 23 (char 246) JSON received: { "Comment": "2018-06-19-11:54", "Changes": [ { "Action": "CREATE", "ResourceRecordSet": { "Name": "example.com", "Type": "TXT", "TTL": 60, "ResourceRecords": [ { "Value": "\"something\"" } ] } } ] }
With other aws UNQUOTED dns record values, PHP shell_exec() works perfectly.
If I trigger it on Bash, it works perfectly using "\"something\"" - why is it not working with PHP shell_exec()?
You should use the native
escapeshellargmethod to escape arguments you pass through to the command line. This will also protect you against argument injection attacks if you decide to include potentially unsafe data in your JSON string at some stage.You could also choose to build up the JSON string as an array then use
json_encode()to construct your string for you.