I have the option to execute a program directly via CGI or use PHP exec/system instead. What is the difference? Also can you say which one is more secure?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have the option to execute a program directly via CGI or use PHP exec/system instead. What is the difference? Also can you say which one is more secure?
Executing a script via CGI is not much different from executing it directly. Just use the PHP-CGI binary and do:
Most of the CGI environment variables are already in the current PHP environment, so you only need to override a few.
QUERY_STRINGcorresponds to the$_GET[]variables for example.Performance-wise there is little difference. It’s oftentimes faster than if you were to invoke another subrequest
file_get_contents("http://localhost/cgi.php?user=123")over the webserver however.