I have problem with including CryptoGuard, but maybe there is my issue with object-oriented code, because I am newbie in that.
require_once('CryptoGuard.php'); // = https://github.com/CoreProc/crypto-guard/blob/master/src/CryptoGuard.php
$passphrase = 'my_private_key';
$cryptoGuard = new CryptoGuard($passphrase);
$stringToEncrypt = "private string";
$encryptedText = $cryptoGuard->encrypt($stringToEncrypt);
echo $encryptedText;
Easy usage of CryptoGuard example: https://github.com/CoreProc/crypto-guard (same as I used, but I do not use Composer so I just copied CryptoGuard.php).
There is no php error, but the part with cryptoGuard broke page (stop loading anymore things, no $encryptedText echo there).
Your Problem is the Namespace. CryptoGuard uses Coreproc\CryptoGuard;
So your Code should be
require_once('CryptoGuard.php'); // = https://github.com/CoreProc/crypto-guard/blob/master/src/CryptoGuard.php
$passphrase = 'my_private_key';
//Not missing the Namespace here
$cryptoGuard = new \Coreproc\CryptoGuard\CryptoGuard($passphrase);
$stringToEncrypt = "private string";
$encryptedText = $cryptoGuard->encrypt($stringToEncrypt);
echo $encryptedText;
Alternative, your provided Code will work, if you write at the beginning of your script:
use \Coreproc\CryptoGuard\CryptoGuard;
Related
I'm trying to make ABBC3 work with PHP 7.3 and PHPBB 3.0.14 since I can't move to PHPBB 3.3 due lots of issues with MODs not ported to extensions and theme (Absolution).
I have asked help in PHPBB forum without luck because 3.0.x and 3.1.x version are not supported anymore.
So after dozens of hours trying to understand bbcode functions I'm almost ready.
My code works when there's a single bbcode in message. But doesn't works when there's more bbcode or it's mixed with texts.
So I would like to get some help to solve this part to make everything work.
In line 98 in includes/bbcode.php this function:
$message = preg_replace($preg['search'], $preg['replace'], $message);
Is returning something like this:
$message = "some text $this->Text_effect_pass('glow', 'red', 'abc') another text. $this->moderator_pass('"fernando"', 'hello!') more text"
For this message:
some text [glow=red]abc[/glow] another text.
[mod="fernando"]hello![/mod] more text
The input for preg_replace above is like this just for context:
"some text [glow=red:mkpanc3g]abc[/glow:mkpanc3g] another text. [mod="fernando":mkpanc3g]hello![/mod:mkpanc3g]"
So basically I have to split this string in valid expressions to apply eval() then concatenate everything. Like this:
$message = "some text". eval($this->Text_effect_pass('glow', 'red', 'abc');) . "another text " . eval($this->moderator_pass('"fernando"', 'hello!');). "more text"
In this specific case there's also double quotes left in '"fernando"'.
I know is not safe apply eval() to user input so I would like to make some type of preg_match and/or preg_split to get values inside of () to pass as parameter to my functions.
The functions are basically:
Text_effect_pass()
moderator_pass()
anchor_pass()
simpleTabs_pass()
I'm thinking in something like this (Please ignore errors here):
if(preg_match("/$this->Text_effect_pass/", $message)
{
then split the string and get value inside of() and remove extra single or double quotes.
after:
$textEffect = Text_effect_pass($value[0], $value[1], $value[2]);
Finally concatenate everything:
$message = $string[0] .$textEffect. $string[1];
}
if(preg_match("/$this->moderator_pass/", $message)
{
.....
}
P.S.: ABBC3 is not compatible with PHP 7.3 due usage of e modifier. I have edited everything to remove the modifier.
Here you can see it working separately:
bbcode 1
bbcode 2
Can someone give me some help please?
After long time searching for a solution for this problem I found this site that helped me build the regex.
Now I have managed to solve the problem and I have my forum fully working with PHPBB 3.14, PHP 7.3 and ABBC3.
My solution is:
// Start Text_effect_pass
$regex = "/(\\$)(this->Text_effect_pass)(\().*?(\')(,)( )(\').*?(\')(,)( )(\').*?(\'\))/is";
if (preg_match_all($regex, $message, $matches)) {
foreach ($matches[0] as $key => $func) {
$bracket = preg_split("/(\\$)(this->Text_effect_pass)/", $func);
$param = explode("', '", $bracket[1]);
$param[0] = substr($param[0], 2);
$param[2] = substr($param[2], 0, strrpos($param[2], "')"));
$effect = $this->Text_effect_pass($param[0], $param[1], $param[2]);
if ($key == 0) {
$init = $message;
} else {
$init = $mess;
}
$mess = str_replace($matches[0][$key], $effect, $init);
}
$message = $mess;
} // End Text_effect_pass
// Start moderator_pass
$regex = "/(\\$)(this->moderator_pass)(\().*?(\')(,).*?(\').*?(\'\))/is";
if (preg_match_all($regex, $message, $matches)) {
foreach ($matches[0] as $key => $func) {
$bracket = "/(\\$)(this->moderator_pass)/";
$bracket = preg_split($bracket, $func);
$param = explode("', '", $bracket[1]);
$param[0] = substr($param[0], 2);
$param[1] = substr($param[1], 0, strrpos($param[1], "')"));
$effect = $this->moderator_pass($param[0], $param[1]);
if ($key == 0) {
$init = $message;
} else {
$init = $mess;
}
$mess = str_replace($matches[0][$key], $effect, $init);
}
$message = $mess;
} // End moderator_pass
If someone is interested can find patch files and instructions here.
Best regards.
I am trying to use data entered by the user to store it into an XML Database file for use further down the line. However, for some reason I continue to get this error.
The problem code is summarised below and the whole PHP file is below that for context.
I have tried converting the integer I got (I was using mt_rand() before using uniqid()) using strval(), also tried Type Casting to (string), even tried Type Casting to (object). All no luck. uniqid() returns a string already. In fact, the error returned when I try Type Casting to object (both from uniqid() and mt_rand()) was different, and made life confusing:
[![Error 2 Where the output of idGenerated is an object][2]][2]
Why oh why does a createTextNode hate Strings, Integers AND Objects?? And why do the other variables in the file (undergoing the SAME process) pass by absolutely fine?
Summarised Problem Code
$idGenerated = uniqid();
$dom = new DOMDocument();
$dom->load('../test.xml');
$idDec = $dom->createTextNode($idGenerated);
$id->appendChild($idDec);
$messageElement->appendChild($id);
Whole File:
<?php
session_start();
//Generate random number to avoid overwrite of file
$randomNumber = mt_rand(10, 99);
move_uploaded_file($_FILES['attachment'][tmp_name], "../uploads/" . $randomNumber . $_FILES['attachment'][name]);
//General Variables
***$idGenerated = uniqid();***
$currentDate = date('l jS \of F h:i:s A');
$sender = $_SESSION['user'];
$message = $_POST['messageText'];
$up_file = $randomNumber . $_FILES['attachment'][name];
$up_file_location = "uploads/" . $up_file;
echo "<br>";
var_dump($currentDate);
echo "<br>";
var_dump($sender);
echo "<br>";
var_dump($message);
echo "<br>";
var_dump($up_file);
echo "<br>";
var_dump($up_file_location);
$dom = new DOMDocument();
$dom->load('../test.xml');
//Dom Variable Declarations
//Declare String Data
***$idDec = $dom->createTextNode($idGenerated);***
$date = $dom->createTextNode($currentDate);
$name = $dom->createTextNode($sender);
$messageText = $dom->createTextNode($message);
$link = $dom->createTextNode($up_file_location);
$linkName = $dom->createTextNode($up_file);
//Declare Data Elements
$id = $dom->createElement('id');
$timecode = $dom->createElement('timecode');
$author = $dom->createElement('author');
$content = $dom->createElement('content');
$filePath = $dom->createElement('filePath');
$fileName = $dom->createElement('fileName');
$messageElement = $dom->createElement('message');
//Create XML Data Structure
//ID
***$id->appendChild($idDec);***
//Date
$timecode->appendChild($date);
//Name
$author->appendChild($name);
//Message
$content->appendChild($messageText);
//File (if there is one!)
$filePath->appendChild($link);
$fileName->appendChild($linkName);
//Message Wrapper Element
***$messageElement->appendChild($id);***
$messageElement->appendChild($timecode);
$messageElement->appendChild($author);
$messageElement->appendChild($content);
$messageElement->appendChild($filePath);
$messageElement->appendChild($fileName);
//Load last existing XML entry for reference (which, since they are all in reverse order, will actually be the FIRST entry in the database)
$xml = simplexml_load_file('../test.xml');
$lastEntry = $xml->log->message[0];
//Place new data BEFORE the last existing message Element
$newEntry = $dom->firstChild->appendChild($messageElement);
$lastEntry->parentNode->insertBefore($newEntry, $lastEntry);
$dom->save('../test.xml');
header("Location: ../index.php");
?>
Whenever you get Call to a member function … on a non-object, you’re using something as an object which at the time of calling is not an object. (This often seen in loops where you access a array element, expecting it to be an object when it’s not.)
But in your case, it’s simply the fact that $messageElement is not defined. Maybe you copy/pasted the code from somewhere else and forgot to copy the initial definition/initialisation of the $messageElement variable.
I wanna replace braces with <?php ?> in a file with php extension.
I have a class as a library and in this class I have three function like these:
function replace_left_delimeter($buffer)
{
return($this->replace_right_delimeter(str_replace("{", "<?php echo $", $buffer)));
}
function replace_right_delimeter($buffer)
{
return(str_replace("}", "; ?> ", $buffer));
}
function parser($view,$data)
{
ob_start(array($this,"replace_left_delimeter"));
include APP_DIR.DS.'view'.DS.$view.'.php';
ob_end_flush();
}
and I have a view file with php extension like this:
{tmp} tmpstr
in output I save just tmpstr and in source code in browser I get
<?php echo $tmp; ?>
tmpstr
In include file <? shown as <!--? and be comment. Why?
What you're trying to do here won't work. The replacements carried out by the output buffering callback occur after PHP code has already been parsed and executed. Introducing new PHP code tags at this stage won't cause them to be executed.
You will need to instead preprocess the PHP source file before evaluating it, e.g.
$tp = file_get_contents(APP_DIR.DS.'view'.DS.$view.'.php');
$tp = str_replace("{", "<?php echo \$", $tp);
$tp = str_replace("}", "; ?>", $tp);
eval($tp);
However, I'd strongly recommend using an existing template engine; this approach will be inefficient and limited. You might want to give Twig a shot, for instance.
do this:
function parser($view,$data)
{
$data=array("data"=>$data);
$template=file_get_contents(APP_DIR.DS.'view'.DS.$view.'.php');
$replace = array();
foreach ($data as $key => $value) {
#if $data is array...
$replace = array_merge(
$replace,array("{".$key."}"=>$value)
);
}
$template=strtr($template,$replace);
echo $template;
}
and ignore other two functions.
How does this work:
process.php:
<?php
$contents = file_get_contents('php://stdin');
$contents = preg_replace('/\{([a-zA-Z_][a-zA-Z_0-9]*)\}/', '<?php echo $\1; ?>', $contents);
echo $contents;
bash script:
process.php < my_file.php
Note that the above works by doing a one-off search and replace. You can easily modify the script if you want to do this on the fly.
Note also, that modifying PHP code from within PHP code is a bad idea. Self-modifying code can lead to hard-to-find bugs, and is often associated with malicious software. If you explain what you are trying to achieve - your purpose - you might get a better response.
I am attempting to make a (very) basic template engine for php. Based on my research I have found that a method that I am using is strongly disliked. I was wondering if anyone knew a great alternative to get the same result so I am not using it. And if anyone sees any other improvements that can be made please share!
the method that is not advised is the eval() method!
Here is the php file
<?php
class Engine {
private $vars = array();
public function assign($key, $value) {
$this->vars[$key] = $value;
}
public function render($file_name) {
$path = $file_name . '.html';
if (file_exists($path)) {
$content = file_get_contents($path);
foreach ($this->vars as $key => $value) {
$content = preg_replace('/\{' . $key . '\}/', $value, $content);
}
eval(' ?>' . $content . '<?php ');
} else {
exit('<h4>Engine Error</h4>');
}
}
}
?>
here is the index.php file
<?php
include_once 'engine.php';
$engine = new Engine;
$engine->assign('username', 'Zach');
$engine->assign('age', 21);
$engine->render('test');
?>
and here is just a test html file to display its basic function
My name is {username} and I am {age} years old!
outputs:
My name is Zach and I am 21 years old!
Many thanks in advance!
If you just want to output some text to the page, just use echo:
echo $content;
This is better than eval('?>' . $content . '<?php') for quite a few reasons: for one, if someone types in <?php phpinfo(); ?>, for example, as their username, it won't execute that code.
I would, however, note that you have some other problems. What if I do this?
$engine = new Engine;
$engine->assign('username', '{age}');
$engine->assign('age', 21);
$engine->render('test');
The {age} in the username value will be replaced with 21. Usually you don't want replacements to be replaced like that, particularly as it's order-dependent (if you assigned username later, it wouldn't happen).
$constPrefix = '_CONST_';
if (strstr($content, $constPrefix)) {
$constants = array('PHP_VERSION', '__FILE__');
foreach($constants as $constant) {
$constantOutput = eval($constant);
$content = str_replace($constPrefix . $constant, $constantOutput, $content);
}
}
Basically, just trying to parse some content and replace strings inside with the equivalent PHP constant. Is eval() what I should be using here? I've never actually found a reason to use it before, and it's almost 1am, and am wondering if that is a coincidence?
You can replace eval with constant:
$constantOutput = constant($constant);
Why don't you just leave out the eval?
<?php
$v = PHP_VERSION;
$f = __FILE__;
echo $v.' '.$f;
?>
gives
/tmp% php test.php
5.2.10-2ubuntu6.4 /tmp/test.php