I have a PHP code that stores contents of a url by file() method

Question

Asked: May 30, 20262026-05-30T16:03:31+00:00 2026-05-30T16:03:31+00:00

I have a PHP code that stores contents of a url by file() method like

$contents=file("http://www.rcsb.org/pdb/files/2AID.pdb");

I need to pass these $contents to a perl program by shell_exec() method , something like following

$result=shell_exec("perl_prog.pl $contents");

My question is how to pass this $contents to Perl program. I tried like following

@file=<@ARGV>;

but its not working. Please help me.

You must login to add an answer.

Need An Account,

Editorial Team · Answer 1 · 2026-05-30T16:03:32+00:00

That shell_exec() code is utterly vulnerable to shell injection – you’re trusting that the remote service won’t include something like:

; rm -rf /

As well, file() returns the file contents as an array – you can’t pass arrays over the command line directly. Only strings.

A moderately safer version is:

$contents = file_get_contents('http://etc....');
$safe_contents = escapeshellarg($contents);
$result = shell_exec('perl_prog.pl $safe_contents');

On the Perl side, you’d use

my ($contents) = @ARGV;

The Archive Base Latest Questions