Run composer with a PHP script in browser

curl php composer-php

Solution 1:

An alternative to Danack's solution, is to include "composer/composer" as a dependency in your composer.json, and just use it's API, instead of extracting the contents from composer.phar.

composer.json

...
"require-dev": {
  "composer/composer": "dev-master",
}
...

Run composer install manually, so you'll be able to require it on the following script:

composer_install.php

<?php
require 'vendor/autoload.php'; // require composer dependencies

use Composer\Console\Application;
use Symfony\Component\Console\Input\ArrayInput;

// Composer\Factory::getHomeDir() method 
// needs COMPOSER_HOME environment variable set
putenv('COMPOSER_HOME=' . __DIR__ . '/vendor/bin/composer');

// call `composer install` command programmatically
$input = new ArrayInput(array('command' => 'install'));
$application = new Application();
$application->setAutoExit(false); // prevent `$application->run` method from exitting the script
$application->run($input);

echo "Done.";

When you access the script from your browser, the command should run as expected.

Solution 2:

Yes you can run Composer with a little PHP wrapper. All of the Composer source code is available in the Phar file, so it can be extracted and then you can run it after setting up an InputInterface to replace Composer expecting the commands to be passed in via the command line.

If you setup your directory structure like this:

./project  
./project/composer.json
./project/composer.lock
./project/webroot/composerExtractor.php  
./project/var/

Put the code below into composerExtractor.php and then run it from a web-browser, Composer should download all the libraries into:

./project/vendors/

As well as generating the class-loader files in that directory as well.

composerExtractor.php

<?php

define('EXTRACT_DIRECTORY', "../var/extractedComposer");


if (file_exists(EXTRACT_DIRECTORY.'/vendor/autoload.php') == true) {
    echo "Extracted autoload already exists. Skipping phar extraction as presumably it's already extracted.";
}
else{
    $composerPhar = new Phar("Composer.phar");
    //php.ini setting phar.readonly must be set to 0
    $composerPhar->extractTo(EXTRACT_DIRECTORY);
}

//This requires the phar to have been extracted successfully.
require_once (EXTRACT_DIRECTORY.'/vendor/autoload.php');

//Use the Composer classes
use Composer\Console\Application;
use Composer\Command\UpdateCommand;
use Symfony\Component\Console\Input\ArrayInput;

// change out of the webroot so that the vendors file is not created in
// a place that will be visible to the intahwebz
chdir('../');

//Create the commands
$input = new ArrayInput(array('command' => 'update'));

//Create the application and run it with the commands
$application = new Application();
$application->run($input);

?>

Although this is possible, it's not a fantastic idea but may be necessary if you can't use a host that gives you ssh access.

I'd strongly recommend at least getting a static IP address for yourself or your office and then restricting access to just your own IP, as well as probably deleting this script after it's run on the server to prevent it being accidentally run again.

Related

How to implement a dynamic form with controlled components in ReactJS?
MongoDB aggregation comparison: group(), $group and MapReduce
Has Yahoo finance web service disappeared? API changed? Down temporarily?
Detect CONNECTIVITY CHANGE in Android 7 and above when app is killed/in background
allocating shared memory
Sending and receiving text using android emulator [closed]
What is the Efficiency and Performance of LINQ and Lambda Expression in .Net?
How to animate a path on canvas - android
What is the right time for ViewData, ViewBag, Session, TempData
Filtering os.walk() dirs and files
Faster way of polygon intersection with shapely
Making a log4j console appender use different colors for different threads