I have Windows XP, Apache, PHP 5.3 and ffmpeg working fine. I need to convert flv to avi or vice versa without using the exec()
command. Is this possible?
Another option would be to utilize Suhosin. You could then at least limit where exactly the system call can from and in turn limit access to that directory.
Here's an basic example of a vhost.conf config where shell_exec is blocked everywhere in your domain except ffmpeg-folder utilizing Suhosin
<virtualhost *:80>
ServerName your.server
DocumentRoot "/var/your/public_html"
php_admin_value suhosin.executor.func.blacklist "shell_exec, passthru, show_source, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
<Directory "/var/your/public_html/ffmpeg-folder">
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
</Directory>
</virtualhost>
If you don't want to use exec() on the webserver for security reasons and the videos don't have to be converted in "realtime", you could use a unix-like cronjob for windows, create a php-script and use the php-interpreter.
http://www.makeuseof.com/tag/bring-linux-cron-like-power-to-windows/ or http://www.visualcron.com/
a) A user uploads a video and this video is saved to a temporary path. The video gets an id and a timestamp, which are saved to a database.
b) Every 15 minutes, a webserver independant php script, jar-file or c#-executable is called to create the ffmpeg comand and the necessary parameters. Then the file is converted, moved to a 'converted'-folder, the original file is deleted or moved to an 'archive'-folder and the database is updated.
It's not possible, at least there seems no example where ffmpeg
runs without some type of system call (e.g. exec
, system
) from PHP.
Edit: One option is using the dreaded safe_mode
. Refer to the manual on exec:
Note: When safe mode is enabled, you can only execute files within the safe_mode_exec_dir. ...
In theory you can place the ffmpeg binary in an arbitrary directory and give the path of that directory to the safe_mode_exec_dir
. That way users will only be able to run executables in that directory. But you must try and see the implications of such a setup in real life...
Regarding your PHP extension request: PHP ffmpeg extension is just an informational one. If you need one that can do things on actual files, you will need to build a new extension based on ffmpeg
library.
And if you plan to do this on a shared hosting, you are most probably out of luck. A standard issue shared hosting provider wouldn't provide video functionality like this. Video hosting and processing requires specialized hosting at best.
http://ffencoderd.sourceforge.net/index.html
Using a job queue and an XML based communication, videos can be sent so they're encoded.
Sounds like a plan to me.
Maybe you can connect to ssh in php and execute commands there.
Try to use pclose(popen($cmd, 'r'));
instead exec()