PHP: Execution - Manual

<?php
$output = `ls -al`;
echo "<pre>$output</pre>";
?>

Just a general usage note.  I had a very difficult time solving a problem with my script, when I accidentally put one of these backticks at the beginning of a line, like so:

[lots of code]
`    $URL = "blah...";
[more code]

Since the backtick is right above the tab key, I probably just fat-fingered it while indenting the code.

What made this so hard to find, was that PHP reported a parse error about 50 or so lines *below* the line containing the backtick.  (There were no other backticks anywhere in my code.)  And the error message was rather cryptic:

Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING' in /blah.php on line 446

Just something to file away in case you're pulling your hair out trying to find an error that "isn't there."

You can use variables within a pair of backticks (``).

<?php
    $host = 'www.wuxiancheng.cn';
    echo `ping -n 3 {$host}`;
?>

If you want to avoid situations like the one described by @robert you may want to disable `shell_exec` and -as a consequence- the backtick operator.

To do this just edit the `php.ini` file and add `shell_exec` to the `disable_functions` setting:

    ; This directive allows you to disable certain functions.
    ; It receives a comma-delimited list of function names.
    ; https://php.net/disable-functions
    disable_functions = "shell_exec"

Then you can still use `exec()` to run terminal commands.