Execute a shell script when an image is put on drop area using html code

  • Resolved stemsrus

    (@stemsrus)


    10 months, 2 weeks ago

    I’m using WordPress version 6.5.2 to create a webpage on the Godaddy server side.
    On my webpage, I want to add a custom HTML code that will do the following five steps below:

    (1) Using HTML custom code block, create a drag and drop area –successful
    a. Drag and drop area is visible and properly aligned and sized.?
    (2) Add the shell script in the custom html code –successful
    a. The shell script is in the HTML code
    ?(3) Drag a text file on my local computer and place it in the drop area —successful ?

    a.) When the mouse is released, the text is displayed with no processing

    (4) When the mouse is released execute the shell_script.sh which requires additional coding —FAIL
    a.) It prints the contents of the HTML page and doesn’t modify the text file
    b.) The path is embedded in my shell script to point to the virtual environment for all needed commands?


    (5) Print the expected result of the program. —FAIL
    a.) It prints the contents of the html page

    Is it possible to execute a shell script using drop area html custom code in WordPress webpage? The shell script is crucial for the operation of the webpage, and I’m unable to proceed beyond step (4) without it. Your guidance in this matter would be greatly appreciated.

    Ron

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator bcworkz

    (@bcworkz)

    I don’t know for sure but I strongly suspect you cannot cause a web page to execute a shell script. My reasoning is that doing so would introduce a huge security vulnerability. Where are you expecting this script to execute? .sh files are typically Bash scripts for Linux systems. They’d do nothing on a Win box, what many browsers are running in. Do you want this script to execute on your Linux server? But the web page is loaded into a local client browser, the only way it can affect what happens on your server is by sending a HTTP request.

    You could have your page send a HTTP request that in turn executes PHP code which can in theory execute commands on your server such as starting a Bash script. However, on many hosted servers this ability is blocked for security reasons. If this is what you want to do, ask your host if this is feasible or not.

    Thread Starter stemsrus

    (@stemsrus)

    I spoke with a Godaddy customer representative today. He said that I can execute a shell scripts from the html custom code in wordpress if they’re both on the same server. They are. Only the file that I drag to the website drop area is on my personal computer.

    The question is where does the html custom code I created in wordpress lives? I’m not able to find it in /home/mystuff/public-html/wp-content/themes. I created it from the standard block options, so I thought it might in this location.

    Ron

    Moderator bcworkz

    (@bcworkz)

    Any HTML element could trigger the process. Typically it’s a link or button. You can add it in a paragraph block or custom HTML block. It’s useful if the element has its own unique ID attribute.

    You will also need some JavaScript or jQuery that listens for a click event on that element. When clicked, the script will send a HTTP request via Ajax techniques to the server. Upon receipt of this request, after validating that the request is valid, server side PHP code can call exec() to execute a command that starts your Bash script.

    Thread Starter stemsrus

    (@stemsrus)

    Thanks for your suggestions. I got it to work by calling an HTTP request using AJAX. Numbers (4) and (5) from the initial post succeeded! I have the HTML code in a custom HTML code block, and it executes the script when the mouse is released.

    I’m not a fan of JavaScript. I tried this first, but I found a security breach: my entire script was written on the page itself for a certain error that was created—OUCH!

    Ron

    Moderator bcworkz

    (@bcworkz)

    Your Bash script leaked into an error message ?? That’s very strange. No idea how that could happen but something’s not right.

    Or do you mean your JavaScript? JS runs client side, so it’s source code is always accessible to end users. It may not be obvious, but it’s available. Never place any sensitive data in JavaScript unless it belongs to the end user.

    Thread Starter stemsrus

    (@stemsrus)

    Done!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Execute a shell script when an image is put on drop area using html code’ is closed to new replies.