CODEWITHSUNDEEP
phpcron
sanjihan
sanjihan

Reputation: 6004

run php with SQL queries using crontab

I used this cronjob to perform php script with sql query every minute:

* * * * * /usr/bin/php /local/path/to/file.php

Unfortunately, this triggers an error due to not knowing what Mysqli extension is.

therefore I used 

* * * * * curl /localhost/server/root/path/to/file.php

This works, but I wonder if it is possible to specify local path of the file instead of adding php file to the apache project and running curl to execute it?

No one, but the crontab should run the file so it makes little sense to place it among other apache files. thanks

There is a hackish solution that is based on malicious users not knowing that they need to pass a query parameter:

crontab:

* * * * * curl /localhost/server/root/path/to/file.php?randomString=veryRandomString

php:

<?php
$authentication = isset($_GET['randomString']) ? $_GET['randomString'] : '';
if($authentication == "veryRandomString"){
//proceed
}else{
die();
}

Any other solution?

ERROR UPDATE: When I run in terminal this 2 commands I get:

/usr/bin/php /local/path/to/file.php // triggers mysqli error
php /local/path/to/file.php // successfull script execution



`whereis php` returns `/usr/bin/php`

Upvotes: 2

Views: 936

Answers (2)

mmccaff
mmccaff

Reputation: 1281

Try using which php instead of whereis php to see which php is being used when you run php for the case that works, with no path specified.

I suspect it might not be /usr/bin/php. Note: "which" searches your user's PATH, and it's possible that running php without the /usr/bin/php specified is running a different php version than /usr/bin/php. If that turns out to be the case, just change your crontab to specify the full path to that one, which works.

You can also examine what php.ini is being used for the two cases:

First, try this

/usr/bin/php --ini

... and compare it to this:

php --ini

Are they both using the same ini? If not, are they different? Look for the extension being loaded, it should look something like this:

extension=mysqli.so

If you see a semicolon in front, it means that the line is commented out, so remove the semicolon. If the extension is not loaded, of course you will not be able to load mysqli.

Unrelated: For future projects, consider PDO instead of mysqli, it's more modern. Also, remember that solutions like "?randomString=veryRandomString" which you suggested will often log veryRandomString in web server logs.

Upvotes: 3

Mykola Veryha
Mykola Veryha

Reputation: 502

mysql -u(username) -p(password) (the name of the database) -e "DELETE FROM `table_name` WHERE `column` = 'value'"

http://php.net/manual/ru/pdo.connections.php

<?php
try {
    $dbh = new PDO('mysql:host=localhost;dbname=test', $user, $pass);
    foreach($dbh->query('SELECT * from FOO') as $row) {
        print_r($row);
    }
    $dbh = null;
} catch (PDOException $e) {
    print "Error!: " . $e->getMessage() . "<br/>";
    die();
}
?>

Upvotes: 1

Related Questions