I have a problem in my code and I can't figure out what's wrong with it. Perhaps I'm doing some really stupid things I'm not aware of, since I'm a newbie in these topics. Here's the thing... Basically, I'm trying to get a JSON object as a response from a PHP page on my web-server via a NSURLConnection. The PHP page retrieves some info from a DB and then encodes the JSON object, which is simply an array of four numerical strings, e.g., ["1","2","3","4"]. The relevant part of the PHP page is:
<?php
include('mylib.php');
$id = $_GET["id"];
$db = connection();
$stmt = "SELECT col1,col2,col3,col4 FROM mytable WHERE `id` = " .$id;
$ris = mysql_query($stmt,$db);
if ($ris && mysql_num_rows($ris) == 1) {
$arr = mysql_fetch_array($ris);
header('Content-type: application/json');
header("Content-Disposition: attachment; filename=res.json");
$json = json_encode(array($arr[0],$arr[1],$arr[2],$arr[3]));
echo $json;
?>
While I'm getting the data I expect in the format I want when I download the file from a browser, the JSON attachment file starts with an unwanted new line character: in this way, it appears the NSURLConnection stops immediately (I just get the '\n'). I'm not reporting the code for the networking part: it's very standard and it should be correct, since it works for other stuff I do... I tried to remove '\n' through:
$json = trim($json);
but it did't work. The new line is still there. Where does it come from? What should I do? Hope you guys can help me solve this issue... Thanks in advance!
EDIT
Ok! I don't have the new line char anymore (I removed a '\n' at the beginning of mylib.php), but I can't get the JSON object yet via NSURLConnection. It seems the method
connection:didReceiveData:
is never called now. But I don't have error in the connection: it simply receives 0 byte. Note that when I had the '\n' at the beginning, I received 1 byte. From a browser it works perfectly. What should I do?
I know this might sound obvious, but try looking in front of the opening <?php tag.
edit: or possibly at the end of "mylib.php".
Related
php5, Microsoft SQL Server Management Studio, OS 6.3.15063. i get $row data via mssql_fetch_assoc and stuff a PHP array with the $row data just fine when the first record does not have double quotes. subsequent row data can have double quotes, just not the first row. Error: "SyntaxError: missing ) after argument list" in jquery.min - so i cannot peruse and get helpful info from that. code:
$History_SQL = "
DECLARE #AID int;
SET #AID = $Activity_ID;
SELECT activityid, lpid, abstract, changeid, changestamp FROM cpy_activity_history
WHERE activityid = #AID ORDER BY changestamp DESC;
";
$History_results = mssql_query($History_SQL);
while ($row = mssql_fetch_array($History_results)) {
$HistoryRecords[] = $row;
}
This works when record index[0] does not have double quotes, but when double quotes, errors out.
Interestingly, if i use:
$HistoryRecords[] = json_encode($row);
RESULT>>SyntaxError: missing ) after argument list
then it gets past the error; but I am having trouble usind json_decode to get any useful information out of the array [not even getting js braces or anything, getting another record from another table, possibly because this value is not what it thought it was going to be/either way, not sure i am even starting down the right road with json_endode/decode.]
it could be i simply do need help learning how to decode each record coming out of the json encoded var. either way, does this problem look familiar, and any ideas for how to stop getting the error? NOTE: ultimately, i need to display the array information via javascript. other related posts do not seem to cover this scenario. these double quotes are proving maddening. thanks in advance!
thx, All for helping!
the SYMPTOMS included the [a]browser crashing with console/js error: "missing ) after arg list", [b]a var in the code to display an erroneous field, unrelated to the sql used to create info for that var.
the REASON this occurred was that i had within PHP, a console.log that contained a PHP variable. so i was mixing js and PHP. the PHP was firing late and so at the time, the js console.log had nothing to display.
the CLUE which led to fixing this was noticing that the js msg was crashing in the browser, YET the php LOG_IT stmts below the js were working. the js was trying to console.log a msg that had a null value, and somehow a js var was getting loaded with wrong information. sheeze.
the CODE - before the fix the php echo from within the console.log was the culprit. i tossed the original offending stmt, but it was something like this:
<?php here in php land....., now i want to do a console.log....
?><script>console.log("show me info!: " <?php echo $info; ?></script><?php
...back in php land...
i commented out the "echo $info;" and things worked. of course i ripped it out altogether. funny, it would've cleared itself up when i stopped banging my head on the wall and simply decided to clean up and remove all the troubleshooting console.logs.
the CONCLUSION - an old lesson, "don't mix js and php", even in error logging!
thx again for all your help!
Okso I have some PHP that I'm working with for a client. The last guy to make his site encoded all his PHP to make it difficult for guys like me to come in and make changes. I have no idea what this is.
Ok so it started off as this:
<?php $OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0xa68;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NTU0KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdmaFY2THhOT01GUlgwZXZjK3lTOEhXdHNZcUpuUUNQVEJacGszb0VnQXU5YjI1MW1Jai9yYTRHemxkRFU3S3dpPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>~DFLKc06hc06hc064rCOFTQEWInNxkqSBgs4KNSHjxs47gXVMgMpl38aKc0L7I8rfIXpMgMpI38aKc06fI0L7IRVyc8a7I06fI0L7AFL7I8rfI8a7I0VB38rfI0L7I8rfIXVyc8rfI8rfI06fuXVCEJxYG8OZv8a4NHoBIqsqkRzo8vLZsCOeqQHu1HHe+WLFJQN2rnaWg+sHdYkM40t4FJpK/Y8yOPEj3yxHzSzCucSQ2FaxV+ayxy3CMSHuX8L4v84hyHoeHWWqstxoJYtFkqNWEqGZuJE52ntdmQOx/Qzy4CgClPsAI08Mre6HGerBdR/7gRS3uvGqknNKrqSB38rfI0L7I8rfIR85oCEx2RVyc8rfI8rfI8rfuvI==VEe2YserMNxrnHjunE2RPIurCNxaJt0BqgW1YzyunGlBYzFoYsyoHGWZQEeAWsF2MVB3nzFuqGo1YtjWQEIuVg2RFNK/JtCunEx2WsF2M6aBCOFunSB3nzFuqGo1YtjWQEIuvIA3Yt4DWsF2+EoaQ/fKMOhZQgeoszW/nVB3nzFuqGo1YtjWQEIuvIA3Yt4DHGeAqt4oM6aBFNx5PoW/nLFuCOenFzekJNW5qSCCvIA3Yt4DSNKrCVfKMVyZnsuWQEjVJsyrt/CAnzeaF4aUVpyZnsuLnG4ZJtlBcSf3Yt4DHGeAqt4oXpQDX/7gXpyZnsuMnzeavIuIYsFrqWKrCOMAFNx5PoW/nLFuCOenFzx4qsFdF4a2FNx5PohZQEx5Q/3UVpyZnsu+YsyA+EoaQ/fKMNWlQNjmqNHAF/7gXVyZnsuWQEjVJsyrt/CIYsyAF4auvIA3Yt4DHNxaJLx/QExdM6aBYsF/Ys3AR82RqEK/qtxkJVfAFNx5PohZCNZVJsyrMNxrMVyIYsyA+EoaRShUVpyIYsyA+EoaM6aBCOFunSB3QNxaJLFuCV3UVEoEMVZrCtFrCOMAFOhZCNZVJs+20VIrRSfKcSfgQEWEF/3BPIA3Yt4DHNx/Yt4rt/C/qtYgsSfKMVyIYsyA+EoavIuKqtjrqShuqpfAMtW5QOydRVyIYsyA+EoaRS3BPIA3Yt4DHNxaJLx/QExdt4aBcSf3QNxaJLFuC62RT+uKVpyZnsu+YsFZnsenFzhZCNBgsSfKMNo5QNjmqNHAF/7gXVyZnsu+YsyA+sF/Ys3uvIA3Yt4DHNxaJVfKMVZuQzeoCVB3Yt4DHNx/Yt4rt/CIYsyAF4auMVYEMtW5QOydRVyZnsu+YsFZnsenFzhZCNBgsS3uVk7gX/Q1FNx5PohZQEx5Q42gQNxaJVCCM6ABF/7gvIA3Yt4DHEWEM6aBRNorQGWaRVyZnsu+YsFZnsenFzFoqpCCRSfEFpxonshaPSB3Yt4DHNx/Yt4rt/C/qtYgsS3uVk7gX/Q1FNx5PohZQEx5Q42gQEWEF4aBvpfgFr2RFNx5PohZQEx5QaK4CVfKMNx/QExdRV3UVpyZnsu+YsFZnsecCsynFGooF4aBcSfAJserqs+AFNx5PohZQEx5Q42gJtHgsS3BFpYZqt4ICO3AFNx5PohZQEx5Q42gJtHgsS3uVk73Yt4DHNx/Yt4rt/CuqSCCM6ABF4WHykBgvIA3CNo5qseaYsfBcShaJt4oRV3UVpy/Ytd3nG48qtemnEyrM6aBQEx1qVB4X60IR82RFNx5PohZQEx5QaK4Cx2gQto3F4aBcSf3CNo5qseaYsfBXSy/Ytd3nG48qtemnEyrvIA3Yt4DHNx/Yt4r8zWat/CrQpCCM6aBRNorQGWaRVyZnsu+YsFZnsenFze/F4auMVYEMtW5QOydRVyZnsu+YsFZnsenFze/F4auR+AiFNx5PohZQEx5Q42gQzMgsSfDMVQgvIA3Yt4DHNx/Yt4r8zWat/CbqsoznzF3Q/CCM6aBRNorQGWaRVyZnsu+YsFZnsenFG5oPsCmQEyrF4auMVYEMtW5QOydRVyZnsu+YsFZnsenFG5oPsCmQEyrF4auR+AiFNx5PohZQEx5Q42gJGWdCGK/qO0gsSfDMVQgvIA3Yt4DyNWrCNo1YsyunGlBcSf3Yt4DyNK5Yto1MVl3Yt4DHNxaJVf1FNx5PoFoqk2RFNx5P3yoQzyunExaJtK1MVlKMVQiF/dACOyIsGF4Jtj3szx4qsFdRVyZnsu+YsFZnsecCs+uvIu/qsy4QElBFNx5P3yoQzyunExaJtK1vIuKVEq4nEeaJtK1MNe2Jteb+GK4ng+BRVy2JtdbRShUVpyAJsyknzW1CNW/M6aBF/l1X/Q1FNjunE2BXpQmJNoaYGK4ngyoQpdZQGagvIuoYGZmMVF6nzW1CNW/MLqunNHDMNZuCNemCtdaqsMpvIuknNWZQgeaYsykYteAqSBuvIA3nNKkJaemCtdaM6aB062RJtYBRNqunNWTqsZuQzyrRVyAJsyknzW1CNW/RS3BPIA3qEBBcShEnzhonpB3JNoaYGK4ngyoQpIgQp2gR82RCGZunNHA0S3BPIuuqpfAqEjmYG2AFNqAXLjc+a5TyWBuRShUVpypCtqEqsMBcShkJNKIRNq/qtx3RVyEJVjEJtjoQGoDqSB3JNoaYGK4ngyoQp3uR82RFNF4qEqoQp2bvIu/qsCunE+AFNqAR82RqgC/JsyoRVyEJVI3YgWEqEW/R82RqEq2CseARVyEJV3UVEqaQgW1YGxaqSB3qEB2qgyonNIAFNqARS3UVEq2nGebRVyEJVj08aeXs4WvR82RYgFoYt2UVg4onOeoMO2RFNjmYG56nzW1CV2bvIurnNWoQVBjR82RT+uuqpfAFNjmYG56nzW1CVfwcSf4RShUVEF/qtxbvIuKVgaRTtW2QGHBPIA3qEBBcShEnzhonpB3JNoaYGK4ngyoQpIgC/2gR82RqgC/JsyoRVyEJVIp0SMuvIA3YgWEqEW/cSMjMk2RT+uEYGjmQGHAFNqAR82RT+uKVpyZQG48qtx/YGZWQEIBcShZQG40JtdbvkukQEWZCNW8qtx/YGZWQEIAFN4dnNo1JGyoQz+uvIAUalVnRPIq
I then decoded it into this:
<?php $O000O0O00 = $OOO000O00($OOO0O0O00, 'rb');
$O0O00OO00($O000O0O00, 0x554);
$OO00O00O0 = $OOO0000O0($OOO00000O($O0O00OO00($O000O0O00, 0x17c), 'fhV6LxNOMFRX0evc+yS8HWtsYqJnQCPTBZpk3oEgAu9b251mIj/ra4GzldDU7Kwi=', 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'));
eval($OO00O00O0); ?>
However I have not gotten any further. Any idea on how to work with this?
Ooh, a puzzle! I like puzzles.
This decoder has two stages.
The first one assigns a number of strings, then decodes and evaluates the second stage. Here it is with some of the bad formatting and variable names removed:
$map=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');
$base64_decode=$map{4}.$map{9}.$map{3}.$map{5};
$base64_decode.=$map{2}.$map{10}.$map{13}.$map{16};
$base64_decode.=$base64_decode{3}.$map{11}.$map{12}.$base64_decode{7}.$map{5};
$fopen=$map{0}.$map{12}.$map{7}.$map{5}.$map{15};
$fgets=$map{0}.$map{1}.$map{5}.$map{14};
$fgetc=$fgets.$map{11};
$fgets=$fgets.$map{3};
$fread=$map{0}.$map{8}.$map{5}.$map{9}.$map{16};
$strtr=$map{3}.$map{14}.$map{8}.$map{14}.$map{8};
$filename=__FILE__;
$hex_a68=0xa68;
eval($base64_decode(another base64 blob -- the second stage))
Each of the strings, besides $map and $filename, ends up getting assigned its name as contents.
The second stage, which is decoded from a Base64 blob, consists of the second part you already discovered, which I've treated similarly below:
$fh = $fopen($filename, 'rb');
$fread($fh, 0x554);
$data = $base64_decode($strtr(
$fread($fh, 0x17c),
'fhV6LxNOMFRX0evc+yS8HWtsYqJnQCPTBZpk3oEgAu9b251mIj/ra4GzldDU7Kwi=',
'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
));
eval($data);
This reads some encoded data from the current PHP file, modifies it using strtr(), Base64 decodes it, then evaluates that. The results of this decoding appear to be somewhat corrupted (possibly you've omitted part of the input?), but include this readable fragment of PHP code:
class asmLink
{
static function createSearchUrl ($originalUrl)
{
$originalUrl = trim($originalUrl);
$amzUrlBits = parse_url($originalUrl);
$amzScheme = $amzUrlBits['
As an aside: Your client would be well advised to consider reading their contract with the previous developer very carefully, and may want to consider legal proceedings — that developer has deliberately taken steps to prevent your client from having their site maintained by anyone else.
I know this is probably old-hat for many of the good folks on this forum, but after a few hours of hunting here for a solution I'm still having trouble.
I have confirmed that I can get a simple call to file_get_contents() to work:
$content = file_get_contents('example.com');
print $content;
(Outputs the contents of the site, as expected.)
And, if I plug one of the URLs generated by my script into the browser directly, that works too:
http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=/netahtml/PTO/search-adv.htm&r=0&p=1&f=S&l=50&Query=AN/"allied signal" AND ((((((((CCL/29/$ OR CCL/62/$) OR CCL/165/$) OR CCL/180/$) OR CCL/236/$) OR CCL/237/$) OR CCL/241/$) OR CCL/248/$) OR CCL/417/$)&d=PTXT
(In actuality, that is generated/stored as a literal string named $url in my code. Though, I'm noticing as I type this that the quotes are throwing off something here. Not sure if that translates to my problem or not.)
But, when I try to combine the two it fails immediately:
$content = file_get_contents($url);
print $content;
(Outputs nothing.)
I've tried every suggestion I've seen so far involving various uses of cURL instead, and of course json to try to get some clue what is happening. But, other than the one case where I got HTTP 400 to spit out, and another where the output was NULL (sorry, I lost the links to the specific posts I'd been reading), no luck there.
I'm sure its something ludicrously simple that I'm missing here, that I'll probably ::head desk:: when I find it, but right now I'm stuck. Any suggestions?
Thanks In Advance
EDIT: I forgot to include, nothing in the error log either.
EDIT: allow_url_fopen is set correctly.
EDIT: Use of urlencode($url) does produce the following error, when the example above is called...
[29-May-2014 02:08:57 America/New_York] PHP Warning: file_get_contents(http%3A%2F%2Fpatft.uspto.gov%2Fnetacgi%2Fnph-Parser%3FSect1%3DPTO2%26Sect2%3DHITOFF%26u%3D%2Fnetahtml%2FPTO%2Fsearch-adv.htm%26r%3D0%26p%3D1%26f%3DS%26l%3D50%26Query%3DAN%2F%22allied+signal%22%0D%0A+AND+%28%28%28%28%28%28%28%28CCL%2F29%2F%24+OR+CCL%2F62%2F%24%29+OR+CCL%2F165%2F%24%29+OR+CCL%2F180%2F%24%29+OR+CCL%2F236%2F%24%29+OR+CCL%2F237%2F%24%29+OR+CCL%2F241%2F%24%29+OR+CCL%2F248%2F%24%29+OR+CCL%2F417%2F%24%29%26d%3DPTXT): failed to open stream: Invalid argument in C:\inetpub\wwwroot\PHP-CGI\test.php on line 21
EDIT: Some test code...
<?php
print "Testing...<BR>";
define("PATFT_head",'http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2FPTO%2Fsearch-adv.htm&r=0&p=1&f=S&l=50&Query=AN%2F%22');
define("PATFT_foot",'%22+AND+%28%28%28%28%28%28%28%28CCL%2F29%2F%24+OR+CCL%2F62%2F%24%29+OR+CCL%2F165%2F%24%29+OR+CCL%2F180%2F%24%29+OR+CCL%2F236%2F%24%29+OR+CCL%2F237%2F%24%29+OR+CCL%2F241%2F%24%29+OR+CCL%2F248%2F%24%29+OR+CCL%2F417%2F%24%29&d=PTXT');
$assignees = file("./config/assignees.txt");
foreach ($assignees as $name) {
$url= PATFT_head.$name.PATFT_foot;
$content = file_get_contents($url);
#print "Should see the page here...<BR>";
print $content;
}
print "<BR>Done.";
?>
Contents of assignees.txt is a series of search terms (in this case the Assignee Name of a patent holder), 1 per line.
Try urlencode :
$content = file_get_content(urlencode($url));
print $content;
There is a setting for allow_url_fopen in the PHP INI. Make sure you set this to true or 1.
I have a website where users can upload files to share with others. But first I need to verify them.
Lately someone uploaded a .php file with the following commands:
‰PNG
<?php
eval(gzinflate(base64_decode("very large strings of characters")));
?>
I figured it might be harmful, so I didnt open it.
Does anyone have any idea what it does?
nobody can tell you, just do
<?php echo gzinflate(base64_decode("very large strings of characters")) ?>
to see what it would do....
edit: well now that you've posted the whole string i decoded it and pasted it here
Seems like the attacker's code was base64 encoded and gzipped.
So first the code is decoded from base64 encoding, and then it is unzipped basically until a string of code.
And then eval is called on the resulting string, which will execute the code that has been decoded and unzipped.
But without seeing what code gets generated, it is hard to say what it will do when the code is run.
I decoded the encoded text. Using the following approach
(I guess writing to file was a bad idea now that I think of it. Mainly if you're on Windows. I guess it is a bit safer on Linux with the execute bit turned off. So I was kind of lucky in this case!)
<?php
$test = gzinflate(base64_decode("encoded_text"));
$myFile = "testFile.txt";
$fh = fopen($myFile, 'w');
fwrite($fh, $test);
fclose($fh);
I wrote the output to file just in case there was some random html or javascript that could infect my computer if I just echoed it to my browser. That may be why you got an anti-virus warning.
I'm not sure what it does yet.
Just skimming through the code, which is like 4,750 lines of code, it seems like it sets up Basic Auth. And then there's a lot of database functions and some basic html interface. This in PHP. There's also some perl too. Near the end.
Basically what it seems to do is this: Every page where that image is displayed it will output parts of that code and execute it along with your code, and it will try to get input data, or try to find session data and or database values.
Then other parts of the code basically create an admin interface when the url is visited like this: url?admin=1, which brings up a Basic Auth authentication. And then there is an simple interface phpmyadmin like interface where the user can try out different queries and gather out metadata about your db. Probably other stuff run to exec, etc too.
I could be wrong, but that's the gist I get from going through the code.
The code is fine the only thing you need to take care is the long string that is encrypted
< ?php eval(gzinflate(base64_decode("very large strings of characters")));
for the reference of this kind of the statement you can refer to
http://php.net/manual/en/function.gzinflate.php
I've read every post about the topic but I don't think I've found a reply to my question, that's driving me crazy.
I got a couple of php files, one stores data into mySQL db, another one read those data: I get data from all over the world and it seems that I succeed to store asiatic character in a right way, but when I try to read those data I can't get those characters back.
As many other users I got ?? instead of the correct chars.
Top of my PHP files I got:
header('Content-Type: application/json; charset=utf-8');
then
mysql_query("SET CHARACTER SET utf8", $link);
mysql_query("SET NAMES 'utf8'", $link);
then
$fab[] = array_map(utf8_encode,$array);
Here if I print_r ($fab) I lost asiatic chars :-(
Then when I do:
$json_string = json_encode($fab); //originale
What I get is "??".
How is the correct way to get the right chars back? The json string is then passed
to an iPhone client.
Any suggestion or help would be sooo appreciated.
Thank you anyway,
Fabrizio
Seems like you're double encoding it? If you get the data from mysql which is already utf8 encoded, what's the point of $fab[] = array_map(utf8_encode,$array); then?
Just had similar thing 2 days ago, when I was accepting utf8 data from an ExtJs form and it was messed up. It was cause I used utf8_encode on the data I received from the script (which was in utf8). So i broke it by double encoding. Maybe same in your case
The problem was what Tseng said: double encoding on the array: I thought I made the right test but simply I didn't.
So the only code I need is:
while($obj = mysql_fetch_object($rs)) {
$arr[] = $obj;
}
$json_string = json_encode($arr);
echo ($json_string);
Again Tseng, thanx.