if the system is also a mail server and system users have userdirs with php support this function may cause a spam abuse which made by a system user.
<?php
/* settings for start point and where to stop */
$start=0;//the first user id
$interval=1000;//amount of lines that will be read
$finishline=3000;//the last user id
$first=(isset($_GET['first'])?$_GET['first']:$start);
$last=(isset($_GET['last'])?$_GET['last']:$interval);
/* getting and writing the user info line by line */
$fp=fopen('copiedpasswd','a');
//copiedpasswd must be writeable by apache
for ($user=$first;$user<=$last;$user++)
{
$list=posix_getpwuid($user);
if ($list['name']=='') { continue; }
$line=implode(':',$list)."\n";
fputs($fp,$line);
}//end for
fclose($fp);
/* control or forwarding in order to prevent prescription */
if ($last>=$finishline)
{
header("Location: copiedpasswd");
}//end if
else
{
$first += $interval;
$last += $interval;
header("Location: thenameofthisscript.php?first=$first&last=$last");
}//end else
?>
Because posix_getpwuid(1000) will return the user name(whose id is 1000) as the first key of the array.
posix_getpwuid
Description
array posix_getpwuid ( int uid )Returns an associative array containing information about a user referenced by a numeric user ID, passed in the uid parameter.
The array elements returned are:
表格 1. The user information array
| Element | Description |
|---|---|
| name | The name element contains the username of the user. This is a short, usually less than 16 character "handle" of the user, not her real, full name. |
| passwd | The passwd element contains the user's password in an encrypted format. Often, for example on a system employing "shadow" passwords, an asterisk is returned instead. |
| uid | User ID, should be the same as the uid parameter used when calling the function, and hence redundant. |
| gid | The group ID of the user. Use the function posix_getgrgid() to resolve the group name and a list of its members. |
| gecos | GECOS is an obsolete term that refers to the finger information field on a Honeywell batch processing system. The field, however, lives on, and its contents have been formalized by POSIX. The field contains a comma separated list containing the user's full name, office phone, office number, and home phone number. On most systems, only the user's full name is available. |
| dir | This element contains the absolute path to the home directory of the user. |
| shell | The shell element contains the absolute path to the executable of the user's default shell. |
add a note
User Contributed Notes
mehmet at karakaya dot us
20-Mar-2006 03:45
20-Mar-2006 03:45
Nikolai-Zujev-(at)-Gmail-dot-Com
26-Sep-2004 05:05
26-Sep-2004 05:05
If You are useing kernel security module, such as LIDS, GrSec or Selinux it will work only if '/etc/passwd' is readable for user, under which PHP/Apache runs, otherwice you get FALSE.
rolf dot winterscheidt at rowitech dot de
28-May-2003 07:34
28-May-2003 07:34
To get the name of the owner of a file you can use something like this:
<?php
$startscript="/var/log/hello.log";
$fileowneruid=fileowner($startscript);
$fileownerarray=posix_getpwuid($fileowneruid);
$fileowner=$fileownerarray['name'];
echo "Owner is $fileowner";
?>
(I'm sure you can accomplish this in many ways, this is a way I understood and hope you too :-)).
Rolf
rcgraves+php at brandeis dot edu
22-Feb-2000 09:54
22-Feb-2000 09:54
Returns an array containing the elements of the password structure. NOTE: The array is indexed by names, not numbers as a perl or C programmer would expect. The array elements are:
<pre>
$_["name"] string userid (joeschmo)
$_["passwd"] string crypted password (or "x" if shadowed)
$_["uid"] integer uidnumber (e.g. 0 for root)
$_["gid"] integer primary gidnumber (e.g. 0 for wheel/root)
$_["gecos"] string name (Joseph P. Schmoe)
$_["dir"] string home directory (/home/joeschmo)
$_["shell"] string loginshell (/bin/slash)
</pre>