I just inherited a codeigniter application and looking trough the source code all the controllers have scrambled code. Example:
<?php $_X='-8588104972344438462';vMASFkAm('MTExMTAxMDAwMTAxMDEwMDAwMDAwEMMTA=');*
Is there any way to get back the original code?
Is this something codeigniter specific?
I don't have much experience with codeigniter. Please help.
If you have time and will, you can debug all that. See what each function outputs while making sure you replace any evals with echos, just to be on the safe side. The string parameter for that function looks like base64 encoded string, so you might want to decode that as well (or track where it's decoded in the code, and see the output). If it's not base64, it uses some more sophisticated algorithm where x and w seem like separators...
Unfortunately, unless you do it manually, variable by variable, function by function, etc... there's no way to get it back to the original state.
And, like the other answer said, this is in no way CodeIgniter-specific.
This is not CodeIgniter related. Looks like obfuscated code -- likely due to an exploit of some kind. I'd be concerned this server has been compromised.
https://www.google.com/search?q=is+my+server+compromised
To search a little deeper, I'd start by grepping through the codebase looking for
function vMASFkAm(
to see what's there.
Related
Is there an easy way to parse the Functions and their code from a PHP file so you can log the contents of each function separately in a database?
I would like to log each separate function and the comments for the function as an individual database entry.
I started writing my own script from scratch to parse the PHP file, but it seemed like this really ought to be something someone else has already done before. So before reinventing the wheel I thought I'd ask if any of you know of another way to do it?
I found get_defined_functions() which provided the function names currently loaded. But I'm looking for the function's arguments, contents and its comments as well.
You're looking for token_get_all(), which takes a PHP source file and parses it into its components (keywords, comments, whitespace, strings, etc.).
If what you trying to do is analyze performance, such as logging slow calls, you will need a debugger like xDebug.
I have what I think is a ByteArray. When using urlencode on the string, I get this data...
%0A%82%03%01%11SaleDate%0DToYear%0DYardId%15BuyNowOnly%0BState%0BModel%0FStockId%11FromYear%11FullText%13Inventory%11Category%09Make%0FOrderBy%1DOrderDirection%0FPageNum%11PageSize%01%01%06%05-1%02%06%01%01%01%01%06%0F1024187%06%09Sale%01%01%06%13RunNumber%06%07Asc%04%01%04d
I am looking at the php function unpack, and trying unpack('c4char/Xstr/...') where X is a, A, h, H to try to pull the "SaleDate" string out, but I can't get it to work.
Probably the completely wrong approach. Do I need to write a custom unpacker of some sort?
I'm not even sure what I'm dealing with here, it's the output from a flash file, so I think it's an Amf "ByteArray" but I'm at a loss as to how to parse it.
Looking for even just a direction to start hunting for how to manipulate/parse/rebuild something like this. Ultimately I'd love to be able to run it through a function, get an associative array, change a few values, repack it, and send it on it's merry way.
I think it's AMF3 and this is the data in the messages part.
I guess if there's one "main" question, how do I manipulate that string of data simply and safely?
Thanks for any leads.
There are a lot of AMF deserializers out there that are open source, for simplicity sake, would probably make a lot of sense to not roll your own here, even though AMF3 is fairly simple.
I came across this link on github which looks promising:
https://github.com/silexlabs/amfphp-2.0
You probably don't want to roll the whole framework, but can probably roll this:
/core/amf/Deserializer.php
/core/amf/Serializer.php
As far as I can tell, this appears to be a proprietary encoding method specific to the vendor. They use a "Byte Array" to allow greater flexibility of the payload. There isn't an easy way to work with this, without completely reverse engineering their encoding and decoding algorithms.
This may be a inappropriate question for SO, but I thought lets see :)
I'm writing a website in php. Every pageload may have 10-20 DB requests.
Using the result of the DB queries I need to generate a page.
The page would contain a topic (should be image or text) followed by comments. There could be mutiple topics like this.
Currently, I'm creating a string using the DB result and sending it to the browser.
When browser receives the string (as an ajax response), it parses using split functions and creates the HTML dynamically.
I'm basically a C++ programmer; relatively new to web development. So, I do not have fair understanding of the JS objects. How long of a string can JS variable hold? Is it ok to use split and generate HTML at the client.
I'm not generating the complete HTML at the server side to avoid any overhead because of string concatenation. I believe sending less no. of characters to the client (like I'm doing) is better as compared to sending complete HTML code.
Is something (or everything) wrong in my understanding :)
Any help is appreciated.
EDIT:
Well, I'll be highly grateful if I could get opinions in yes/no. What would you recommend. Sending HTML to the client or a string that will be used at the client to generate HTML?
Unless you have a specific reason for doing so, I think you should look into generating the HTML with PHP and sending it directly to the browser. PHP was built specifically for this purpose.
I think you be best off to look at jQuery and more specific to the AJAX method of that library. Also, take a look at JSON and you should be all good to go.
Have you considered using a templating engine like Smarty?
It's pretty simple to use, take a look at the crash course, you might like it! http://www.smarty.net/crash_course
This is a string (see below, after the dashed line) in a database.inf file for a free program I downloaded that lists some websites.
The file is plain text as you can see , but there is a string after it that looks base64 encoded (due to the end chars of ==). But b64_decoding it gives giberish.
I wanted to decode it so I could add to the list of sites it had (the program lists a bunch of sites and data about them which I can read in the GUI) and to do that I need to decode this, add to it, and re-encode it.
I think the program uses .net since I think the .net library was required on install, but I know nothing of the original source language.
I am using php to figure out if there is a simple way to read this. I have tried using unpack, binhex, base_convert, etc as I suspect the file is binary at some level, but I am lost.
Nothing illegal, just wanting to know what it is and if I can add a few things to it to make it more useful for me.
here is the file - any ideas how to decode and recode this for playing with?
Site List
file size: 62139
db version: 13
generated: 2010-04-27 11:53:40
eJztPWmT27iVnze/gjVVk56pXXXz1BW3XW2PPXaNr/iIa69SUSIkMaZIhaQstys/fgHwEIiDBEjQk6Q2lUraeuAD8PDwbgAPtkl6eBoZsX8At1enDKRXRvGfL350gj/9uEmBn4MVAqFGP14Z+f0R3FoP//CA+Rb9ddXj26OfZYJ+EeicpEHrt/5V/2/XA75FDTjzlf7WvlL/NgWXnlW/BQc/jPjzxaAfMUzU7+Xr7m+pj7cVZ/C63pa8Iewa/e+299fbMM3yuv8+fa8wCs5Cy/W9EmwLztfU51Eb2SKZoUe9v458gmq9+l4hFDyiS/W9Ei0Z52tO5/W8+VQ3aGwipvcjIRGUMPmnfN8XE40qCFKABSaFpgQg2ggGARtwB9D55SbM77lfIkCxGIIvsxw2460jBrRxwbfwyJdVEFB2eSERTaTstP4r2OQsG+RhHoEfL7+XOGy6d9yObKaKwE/zJo4eCFYNDD0QhJsIXHD0RHAZRV8EzF6WRQCXkU/ECnDBIUSwB37A8oEsgg3kuF2S3rOCtASwCNq1H4ECCYVCuTT4mRlDUwH2QNDUgT1HcFGDfUewIobQjaBVGdIYkMqoV0I8h2gIgqZK7DmCi1bsOYKVcB25CFp1I38djAY6wXqeokg8Enk8qEWSXg0eT4GHGFFPPMk5BmkHn8rgaVoOA+ZVStCaTgPoo2U8eBzD6bNdHUHci38Ycwi14Xk2F0C7aCpZh3Vv1BAQQ1BFUDDdAATk9PsjuBiW/WjQGIUqglPamACBAJpBH9+9JIwFsbkE27GaXhoBXkZiHKoIzmCdhTnH9VBEsKrHoIoAfd0gZB8i8pexAnQpGMhBySndsIKmAnDsJc6GXocJX1RBQJfJViwkgaEfAmIMqgjI0fcbwTo55cINLYOg0BsXPL1GQGrnnkQMQA65hvRWxQgoDAHINlxbBQHS8JiHSUz6nswQiHZXvRCUVGzi4SNpV98NDCoIstPh4BPeR8scWkdA4FFEkOVJo38JBBSGz+AehSWzKwZDBekwe8s5EHj6IVhdMHQioN3AJM5BnHPWocQtsSFXTSTqCPAc1klAhWLUEAyaAmpGzKIfghx87UuDQqYMQFBFNGoMiggu1JcmImP5VpGD8BKW4AcV2udQtV2FZCqAiwCOIQeHYwSBxotfbq/uChTGL362Xyd+GhhRsgtjOzutD2EOO7g+7o9XD//wbw+yI9iEfrRCmB5KffbgpvENxLGN/F328O/P/axo//e7U54U3/z9wU0Bhc0wDNk+D2+4aC/wS+MMpA+DZHM6QIa83oH8aQTQn9nj+9eQVj9BYtd5qZ//2/zfa0ymGhX6usaFsicduOrMC4sLf13j2oZxmO0f3tQzwCKYnEbZAlEYt0HzsvkfkA1g+xTswiyH/gKmVBbu4tOxaNiAXDAXQrpjanW08jI149b4oQzU/fCn/4H/6cRQKRkKB6knJDHhbUahqTaYJApob9IYahNUEgVUDjSKWl/88Kd6ZUoCXygeJDEoludwX466sZQ1nPokSpLPcKtb9UZ7f9psoEeGgi33xtsELm7QRFJ/ATGVDnXRcfmPolsSQjQkMTx8C2IDTb3Z510QoC65X5C8KMVjDSeTomsjlSizPGU+Uhc6ztYmEdWpVbmh6cS2paQXiahIHMlgiVqwRNJYSmpbAkRVGkkGVZHd4eNBCR4ZHDgrxUeB81IyOIr8FB9JkaJCO51mdCTpUSx2s/fjHXhom+Z8YjoT2zKsxdKyl5YHBT3R4A8PbioF/JBWxjdhHICvaKc+Ovo7cIsVBKt8uc10KFs+Xo62rTb+R6g3jZdkM0IkSCpm1GBV8qQ1TC8Tm43GxNfK9YRZZUz+u54VnKrx5pQ3W5NzbqhwipwNjc4o88s/rRrhc5AC4z45GRs/NooGRgzORmUVkEgsrjTmLWsFHGImNPOBPS0FKqJNK3l++FcebRaHxyPIh9kgNTK+QXOxRGRsAGohDlBCwv+XNwb+E9os1eIbe7iv1wBUjNFqEHB+t5vYwqwDj82RdLOJucCSbrq05kvPVJB0aGdf413EdzCoBkLpdhdFydl4/uHVS0LQ8aUbjbGPF1FERAc7EBLuA7Gzy6FDnXpN2JCPHjW2PyN9ur/hOBH4o+Kn1EdbBH8FZc4BHNYgvX0Nzv/+Cv85RHoMkhp15EZsj3du6ktUlyd0UERSWjIUGMpIyCe4w5Pzdf0Zcl6uwzgGKeJQUmKgf0t0IuVHcUSPijlOKuAhpuUlJT3MuMTjoTdaH1ten+2t046vckOsJsF5me/FvRQSWQa+BO0xB19JWcRYT1gLw7KgObw05wp6ohhndiMyhRtwCRuYrxooLH00w8dLdGmgFfu224ptCPpq8NU63ARJp5ynvxkizT8MkebvdQSKnoXsACrDbRuKzDMVGfmRjR2S27+ua+8e61ttgqTC9CSJoZl8GI7wGTK2Xw9XBC/9VjSyeuCpBhXwOEx2qX/cs4b7RVRKSjBvYi8M21ma9tK25SXYVRs2c2nPl46CPCzDgR9SP4CG2iY5CEPzlya9pSL+86afOMQHSLTYydIh9uZwOzx56PxAD+oLgF4PEeSETXcgMKCHIOPiW1WU/qbdEuc04ojkWnxr8Mt1uOVaQvhknq93EL9RwTDYYJfwHzQY1MMVhS4L+G64YkBNH8uhURGmlr10vKXlKpiD5+OkLWhAgnWEDJr4+shB2EyDGDzLRQpsPGI/OEA5eEyyfAIdd4nMITnLR/4Gbe2WIGH970omvit/MJ4lqfFhH2bGe+jfEB+ywlNiE6HxDwsvHjZwowRhDt0cc5iXrsPBLhyYwVJByTlW3IzmdOk6CpuxULjGT2s/MPb5IfqZsyOZNv+61ohena9f4Uhzg2UhT92ZLW1LnhtevH/6y+vrJN2xTFCDdIjkgp6TykjhMwSRrwlj44/G+yJ3clfnTYYkq/TUkGC9KS3W6VkX/nsp6itgPOGVGAiqRZoI+WUjjAR/gpnKuIuNu80mOcU5j7bD5H5lXw6zO1uqRiQjr63WJoFjoG4gTkMNc7oPYRBEYAXdlRxuMArZ9wveQn/z6Mc07SXI3Vq9IV9OMLwQ4JgmX8J401UJ0IkG2i/MOqiVNRz3SUwPQ6KQwf/KlFN8h6i0DneFI117mkn6wvUbNVRKSnaG0qa2Sji8zfnR5flUYptE2Fdf+hqrLv0VZYAV9O7Umit5rVj9a2gVpZ8OrYxYZVC/5/i0wMAITL6KwvgzOgvUP+OUrvApT95oWK0qwPb4/kXw01WIwtXICUueQtfMuvp5UOp0oPLlcmdPiVNwp6geTkHgFIhsHYh0yGR/aKIRSo0NLiUYppb9lZSKUgrmm0vbWbrTVvkbhKkB0d9enc/na0j5z0kcQoZNY5DX8XckH/jgBzel7EBc9PCVn34GeRjvDD8OjAxEEfo7ieH/AeMc5nvDN7KDH0VGkhr75ACM9SmDsAxa1RgBRLRLkl0EHk6ga1b+CX/0I/DVx78Vf1Fh6n2eH5c3N/wh3hQG/Ko04K+Rl94azx6EzVYTpNXlHT3laHFiqVVicUQIyy7uxLQxu7hLh/WJIYswnOIf/G9o5RgeIQFN7rgrIcxau+xSW3PPnBGrrexHE4tIjuimqPMpolXXm+1hQJkUa9KPVy3VyPmozq0jVbRPwfb2Bzib2pCA3z7CLFjWdK7uk1NaQTO51JFokFQ/sjtRFgdr9IiQ1LYQxvD7pqSInI1Ffq9S80WWaykIA2VnXlMllQZfXOOxCP1VCxIGjqQu7yGci0Vfh99Y8dwAUQK6rJV9HH5jZPSUldGeNTOtVhlNSGaRaGgMh3Jo2tPOvbCoq2fUUhzEIoq4ZYodMTZhKEqlCLzExbWAiYsopBENEl8ljuFByQpRq0U+kkWTAT+FLaqAMbT3GhuHBTc3z3sMv0SJqf3jcWwcZ+bNZ90mLdszFd1W0aPKyBR3DK8uqvdJB26FlBJ3D6rdu2tVqTLFf+Eu9vNTyqfIqNxcWSXNQipKC+REDRVPERQ1VlK87E3nU132Oj24MjX6KABZfnvJPP7DJkqFxrrSxIYVeMkd4WodnFSKtxVDnf6lZ6jrYBZzrFL1aFaADoKE6xOK36zIm9V0H9ZqdKTjiAcPr86SturiiGFJxuoEXHk5T3e6UX3REOrVMfLZ6pN2Kfv/FW/aPBRvYs9wScV8abGH5HjqqQyKTzZJmvoRo59YcK2gdFzTgfVZGac3nuA+GCXnsErOtheeaxNaToeiBpUtVoRJGVJw4PppUZmtxhvciUyEbu5NvXkHLSxMCw+Ro5MWMUhqC5QgQfNn/TN/DZK76sSyRFjSsuYzT+OsCb2Zhpu9yFCrYKOtvPEO9iBDAddzGk6/RgJ8gYLGF1GgBo5Ggr+gHmTEgOWac1RHqJUGh/tS5q1PYcQz2XkN9NPi1b1RycXHRT9SFHHMhauTK2r/FP4CNijJsUuioEETcRP9VPml6uJX2IVRY6p+ldk39tS1zREo5KbgmIZxzqUNCRxRabjGu6IfhhAmJ2o4s217JBG69UOhr1vBxhOhz2APDAVsDis4c9ObjkOBLAY5SlqKqEDCR+SI10UvUrLDMq2FTkMCzTZOcnD0g+vySG1FhMvPIxgSBW6ZKU89+B9X85RPx9M6gq4+nNw2acy6AdE/8Y/G2wI/USLbLQ8905nqXvUqDRAleS4OehHg8WTB46ITGW6YzSxzoZkS2xSAKqA7CcAxYWs5+E30U+QZ7OeiMlE/MkRxp/OF9i2Shrt9dT8RQw8aqJ8S71APFSmkbG3L9izdiuLo536cQ1syO0VFRUulGr748JcGTTra6ifRW9whMkFRj/DPzHiBi29wgRXHS+eEomeOO7VnI6lXHG0SKtcaOp5qvUNdyFgZlu0ubO2CxY8i6BsgsxLE4JQijcJSg99mBJpE0VOioxdYvUlQZr5wF7oZBHyrHRJGAVMw/YR4+l+17m3xSni6Z+o4C61uCcrAX2++3dSapRrOxTkRNhlPHSu5apY7s2Y6iUKIiA2I2GgnBRuPDE9gDzI+GnRVLVMnBa7a+xN3ZZmoK9vDZ6ndpSMXXa62G9bpcXIWCmyywXgyGyv+18mZIT2nxtW25wvt7lCtn04b1vChgeOx33vUhYwKt73ZwtYdYSvn+dlPD8IoYw0cjQi/oR6kAkbuwprqjpOgaxn/dgIZMlKuT58pY68BG8O4KzuQmf5s6lnaI+1lOGxSRlJZH4CFj+AGFJ1UcVYZYixmnjOSResHX+AgTqlQLjQajCcb7qpuZMwW6BU5nnYNbU2SYx4ewm/FxZCku9MkTEvDEQhkTd4QvUlEnzuPTggLOFom1nr9Pldnu4YJdba5NNkLolv48VAdIamP2lP82GgwHj/WR1nkMkLWCOGKKvcHcpSXF6YGL+ARs4NFJ1J7E7rf2oMWdRKQVyxAA8cjw19C2UoBbzGf6SZCqZW2JxCBgKECAx2tYuIZ7kKKDObMm+q244LT4RCCbHcKA5Cz0QcWrJ8QH/bwu6If41fUkQwxFtO5N9ettML4S5iFaygW16xRSwP1E+JF1cOrx3cyNHBm5szVLSfzvZ9nh/s43OxZK4YGjsEMsAfj1b3xGvUhRQUbunj6qVBVCp2TNGLlAwc+zsaovv+EupGSElNvrt3TgdMtJeImSWNONojXYByCEIVmsWw9heNYuhkEneGr8htMiJIG6qcEvo2/23jl88fMHKligCkr4cBGsyd+ffPyF5mAtePazlglEwdo2SXHJAo5J3l5LUa0uOt+pIooZtPFQmuMskqKnsG6FAwsSTjwETKm754+NT6BdSU4pOgxm831kwO/5wGCyy1arIXBNhjDysC9iOsLeEkec6rf9IS+FhRcqJA6Cr9A37Ccdp3A4ASUuj8YI8JU9Wq8xN1KyF2e2IF62TV10/Ds7w9ihmKg+qnz6e75q4kSK808z/S66r77yl8/Pol92gt0zEgH6kMmLWTPp+58rMx6GGcoTSJMTxDwEQvXXhS9tGwUHl2mtjt3RmKQjTj0sxk57POEE/HhZSqcETRxHd3yo4M49FUC+RSQfEaOCnRBlHJli97CstpnPZ2YHn4TxFracolLZF9wdASdqhE3G06JZr2WyjaYtO8AdWocQbqF3QuVBQc+fP5vC6RiY4PHDPbcnC/aC+DVpr+FIyZWuTF1DkzDssO2Brn2UpUSpgudM93LTs6NTgJQMD3srjBjG/rl3rRdB6rN+LN/hhPa+2WRLkpskIvNBw+f928l3qp4l5fp4B6AWkxnHcEa9RWvHG6opUAsdMdrqJLCk7CAfsWYZQoTPHPecYpDffKHe7E5TMF0TfzVvUy9GO/Qn23PdS7+8Logc7F00Du0UqT+GzR0w/yeECIsyQVtdJH+zwX6hqiV8kJcqGQcnSqG2Fq1ESEMAjVbfIdCPZYm3GIpx5yJhfGFSWboIkSLvYiWR5Mo8FEEND0USXD6HhgWrJ8aL3+5I/ooeKVinH6uvOWZC7GeJgllzXg3RnLzkX6aRGHsC7cSr8EIWcmyF6XjJ9bUk6LHdOnA/y7kNtN60xkQErQZYUM9ftLvoKJltVXPk5RBkkaOU8opx+DrSShhauB4wuU16kLGk7Es1xbXYJI0gBvGk9M9+LwNMt3F2p7fRJfmwVIEm/nCjcIlxXwxd3UavGQAIzkcw6guNuLGOJpNRqyNvnQk5/qYltgSarCIs/TkBMgO1dhUS4/Ef3JgmUTUSBeb/IrwX8xD2IPxCnYhQ5Pp3LQX7fHi/iZKNQGhhUI2GNFAqb6VqmOeOmJyXHjEW3rO0mZfJuKGz4tLoi8SgrZPeA108canArdSbMRFx5BGchiz2M/Fl2ZcoKOxw3vchSEZM+Pdm7bwxDZ9g0MgbeSkyD5Zr+87DRFhK1288hx10C/hb9mLxdTSHVYqJzspbkAE8Y53246okeaQw+Q9gf93ia0GAByFhggNHOFGDdiDkvvrebOZ3E5xob6Vk6U130+S7UVeMrUx4mYj3jRivNkq2WmOYzVvYGwhkLc0lZIwAeaGA+/EBLeFrs1SvryFK4deg7MwMv099osfJPgCvWr9W1y8tpYjaKKyu74RvelUcl85ztLp3lenz9fr1IcuzBpOoUEbBqKLTR4jrOjGhZ1avmpmubO5tSCPSHPuxmSGfUOvSvN2TJbZqucnoQqXOL9YC5jsGAYg3VCnF/lgQT4A3U143bnLMKInyScleWPPLdsy20vc1XdZvgenzxIJ0JZ2Q0iBqjU//tYv++k4ZmuMrR9BCmue5x83IIJJFxeaZjdtiaBPFR6pU3nzmWe77RuGGRxxhqjaOYUYl9s5tolOEXEekW/XWAnvjCML5l98zL+nhHfZhNes6Zd765W9NJcYEfssWXXK6nd5wrP9XZL2y4TJWcXgXCVuO98pa8fU/oiZyrWuJZks4VMWRq8nKQQof4dXAs9aHgjUgaX7kS2ll60slNCRiLxW70t9jpMz5KIdyKAxSR2Cb2nTlA6Py4a/VQ3f44ZydQPedDZvF5wt42hKzqGPTpVojIFP+BVIylro/pfko3umfchPrzks71Nvn0lcle9NzJlhLZauJVtqhp4P3KWodoI9JULBmvzwEgJ/LYBy94pMZ2YHD3D6pF955L3P0EoGp3ubVLgBfv01TU4x97JNGt4kB6qdM57iFv1MKNtcLOwOc1wwEuFl9TzKWCaijDNbmtLmODSjwm+UFcaC+MbE86KBlH01c8xGgYWSPcEO6FIR1PqM+IfE8IPA8GOj2tX3yck4nLIc9Uq8JqD+QCpu9l2fppcgxiP8rvhtYZJImSIcbMVra1mBb5PfHtNkGyKztvOV8WdhFBnQhTG2IYiCzFgD9EpGnhhVS8M34NgMRKP/QE8lwj8MqAv4T4+rGDz0avS0KzTdY6/nGnuogLZymNTeL8ZCwptDZ03eZ4c0PO8TvsN+gTXFxEe4uJ/27M1lPB9zbi08zjMrtXiwZeQDOZSbR2Fwe2f9k7yCKN7m7JwclX3Nfm7L7uMwRsIyNQKQQ2rUm3kPYmMThZvPxnv0SAu6p+6ev3+5zGfhwjZXJnO82QP/CB3ufZKh+you0WoMKH9NwZcQnOGCfAk3IMNPwAdIeJGcOhRRk62foI/wMbbnxZeqtoDpTht3vHAWf+iI6+W/3EFHvYZVx/snuDgDA7MsTGJJSwOvI8pIdIcvAHqa8pJfICufWVCT1k8x/BIA9nN/7cfs9cs8kYKumeqwudjui5+ouI4KSTx76XbfC4NyLMckiVA86QtcwKbfxoU2CfOphBjobsi3sK2Ur2YvPIvz+KycEcYdVfnQ0z/wm1WcZefPROVVKD6G+lWoYcEbuTd55PW9ZVjmEp1R6t6qB7gF/CrBgxK5IcWaogbUc9m4Ve0r3RXtpG4GXszdRUccVjSGm80unKwhNxbfXB/ZUIKYPlAloepACa86gUvHPj9a/yqIWJ+Pk64gPYFCppoRDn/Bf2Sx4XTXWNEQsHtwc4T6QylW2cAhGaWsDIF3lemPCq7yfQgNCUgIeYsBBcWK67bkEgto2ML8Pw1ssi2CKpUAefa0+W6SYA3obrtixmI29dylK0cHaz6fC+lAA5t0QFAxHXinR1zT7q1XeOMpUwVFOLCPasm/5vrSBRBZ/4wBMzXqVVJuyFO0ERlk9WYs0PR/fjD/WgVhBwQ8v+aDIq9oDDix1x1T70Cj5b1AiKd8t7DjOcOBb/DBflqyIj3zNfwN0DMswt8APUMbENkmidXwyXBO63PpJVRyrvskBtSTjlIfbv2vVz0+Qwqxz3eohNyP7zlrLPW5jlcbEZulNBLZwR/Y9IqiXWstzfnSlCuKq+RmmEV+LKy2JsACS67weIyf1n5gIKn7c+fVCxij1LGvKXTQzPZLsvtUeE0Ofp6GX5mS6gZk6HSDySuMS+qiuOl0Pm2/B6zH8eow9uMNmFTpxknksxekixo1LaBnRSujSowad3FgvPTPxrsydymXFlvYjt0W1ey0i0Sj/ad0u1snVHrfjx5J20JCVC1uuHIqWUcmWefjxZIPLEtiwy8h63gHuXgGufsRZDG6D/6uwBhu07p4pUzBfwrjIDlf1x+uk+D+OoxjkCLUSqNmu7GVumlO6V/q8WVfT9ZqLYdG6QFmdNBsaUkeVi1PXYYb4YHMAqRHvUNkMlX+C2vutFSx91Ts8b3Qw6dgVAI/vlc6VOzC0VtOd5yD6vQGWt3tfq6CfyoWVTKlXoWxSYtNpeqbwt5Ex+3V7M3yeWvBre8EmFtkofJytTdz3Mapq9LeuItQ5g7JLNLgaK9wJMZF1+nwIlbKirVd7SgsibN0F7LnUMEXkN4HvnjX8BpQGSmqhdx9g1OnsS4C0vN6V01BFbLSlKNHtkmSY/U0SpMSTVCTBu8R7M+yD55YrjdrXvAhmH6zy5tqAyhTwF3ai6Ut9zgDCj5P3JCdPwmgiuPevPlt4r74IBcgXkwtTtmT0o4kh0JHDwfuRa7Jtg3TLP/RKP6BaChjhHAxyZofG5+R7fAnsEvSe5kYRF/7nAk+qZnkjKWjZjpvWkKcCvIPcru3tLtLefAVQGeQsamr+tcmn/8Z/Sz18LU7h//t3t91P9+jOgHSxYHaWu4Ki3wPinOxRSEdTSAW3KQUOl1TnHs18I2+UifoZ47tSKSO2L6pkmmV/JGLLn2xJF/USsEhBOnlEBJtwPAaNOnytmiheHDc9UyZvCave/pATrvx2UKluaxF4Uw9oTFBwZq0gUCVU2kLy5pyMmyEHpEPKlHjujkkwQn9jeo90Uhu0bnU1d1mk5zQK16/71Ed1HzVP/vWOdfiKO6qPoErGXxSouEfkyMqycVTHxKTyvBzo6qGs0pEAl08qz8XpS8RhblBR8BDxFY9Ax8NdLbmCAiSSTN8SlnpPohjmgjvpKpgXJfzLQTKnbA2p5wjgn28zWo8OGKQnOOBdi2bkqIO3LTustO6Mj5XvVJrKG6ozb2doVsNJC9IIa929ONA9BikuBmVBFG9yXEOdZQpcYhWPIBKga+qEq5BbLD1/Q1vCfu7ORgjV/4o+TsYzaDUQoFhUEwMo1hHp5T1Y+jziyrcOlc80ZztEyg9henYGsqPjj1HYKnaV3QxokQQgukXiaQoxAXX1352fARlw61m0SRf2kI4qPRZ3MvCK62XN1tacqGSKs+2D3f7CL9YQHsE3Bb8k6bG86qNzOKhBzssicXjDgDfkDBpOgRDAtFf83LrGkbPzYtQ7IEfQJYaXKG0Gn5MFSJZ36NgbwdjyiDCQrVL5sqNCbOkEJOkwEaICnnNrJaSxEZ4tJZA1c3RAkKyHPRgxYZoU0ooV+asypv2VqLKHgUBM8e3RIoiDv8H/FOXyg==
In all likelihood they created this string in such a way that you couldn't change it.
This isn't that they haven't thought about whether or not they want the data to be changed, they have specifically sought to obfuscate it to make it harder to change, which suggests they don't want you to do it.
Given that you are using some else's code, you should carefully check what license covers your use of the code and whether it permits you to make the modification. Once you've done that, you should approach the originator of the code to ask them how to make the change, if you feel you are entitled to.
My guess is that you have a script that contains this string. Check if you have eval() function calling this string to be base64_decode (ed). Change the eval to print. Then, execute it, redirecting the output to a file for later reading.
kevin#server:~# php suspicious_script.php > out.php
You should be able to see what's going on.
I have a whole range of jQuery code, how do I stop users from seeing the actual code, or how can I encrypt the .js file.
Please suggest opensource
Thanks
Jean
[edit]
I don't want users to know how I have coded or copy my code
[edit]
Once I use the base62 encode, can it be reverse engineered?
Check out packer by Dean Edwards. It has the ability to encode your JS. You have to let your JS be world readable, otherwise a browser couldn't download it.
You cannot prevent your users from being able to see the source code of a Javascript file : it's executed by the user's browser, which means it must be readable on the client side.
The "best" you can do it minify/obfuscate it ; see for instance the YUI Compressor, which exists to minify JS files (so they are smaller, and can be transferred faster), but also has some obfuscating functionnalities.
If will make you Javascript code harder to read/understand -- but someone really motivated will still be able to read it ; well, it will take some time and a bit of work, but it'll still be possible.
You can use google closure compiler
http://code.google.com/closure/
The Closure Compiler compiles JavaScript into compact code, it obfuscates the code, it can still be read but it will be hard to trace and will take time
Try to pack the code with the packer:
http://dean.edwards.name/packer/
This is not like code encryption, but it obfuscate the code.
There is not really much point in encrypting your js file, everyone knows you can view the source code of anyone's website. I believe there are encryptors out there for javascript, but users will have to download the decryptor module to decrypt it. Also since the browser does need to interpret the code, it would probably not be that hard to circumvent.
You could obfuscate the code, but I would do this using a minification technique, and more for performance reasons rather that hiding the code, some obfuscators are more intrusive than others, but again, the code could be re-formatted, albiet the original variable names will not be recoverable.
You just can't encrypt JavaScript that runs on the client machine. Browsers need the unencrypted code in order to execute it!
This is the first thing I found, but it looks like it might do the job:
http://www.vincentcheung.ca/jsencryption/instructions.html
As others have mentioned though, the browser has to be be able to decrypt the code, so the user would also be able to (although it may be some work to do so).
You should look at obfuscation too, which will make the code much harder to reverse engineer.
http://www.javascriptobfuscator.com/Default.aspx