decode - Scrambled PHP code needs some fixing -
i adding modification phpbb3 discussion board , 1 of steps add line of code includes/functions.php
so when copied file , opened in wordpad saw looked scrambled. here how looks partly:
<?php /** * * @package phpbb3 * @version $id$ * @copyright (c) 2005 phpbb group * @license http://opensource.org/licenses/gpl-license.php gnu public license * */ /** * @ignore */ if (!defined('in_phpbb')) { exit; } // common global functions /** * set_var * * set variable, used {@link request_var request_var function} * * @access private */ function set_var(&$result, $var, $type, $multibyte = false) { settype($var, $type); $result = $var; if ($type == 'string') { $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ent_compat, 'utf-8')); if (!empty($result)) { // make sure multibyte characters wellformed if ($multibyte) { if (!preg_match('/^./u', $result)) { $result = ''; } } else { // no multibyte, allow ascii (0-127) $result = preg_replace('/[\x80-\xff]/', '?', $result); } } $result = (strip) ? stripslashes($result) : $result; } } /** * request_var * * used passed variable */ function request_var($var_name, $default, $multibyte = false, $cookie = false) { if (!$cookie && isset($_cookie[$var_name])) { if (!isset($_get[$var_name]) && !isset($_post[$var_name])) { return (is_array($default)) ? array() : $default; } $_request[$var_name] = isset($_post[$var_name]) ? $_post[$var_name] : $_get[$var_name]; } $super_global = ($cookie) ? '_cookie' : '_request'; if (!isset($globals[$super_global][$var_name]) || is_array($globals[$super_global][$var_name]) != is_array($default)) { return (is_array($default)) ? array() : $default; } $var = $globals[$super_global][$var_name]; if (!is_array($default)) { $type = gettype($default); } else { list($key_type, $type) = each($default); $type = gettype($type); $key_type = gettype($key_type); if ($type == 'array') { reset($default); $default = current($default); list($sub_key_type, $sub_type) = each($default); $sub_type = gettype($sub_type); $sub_type = ($sub_type == 'array') ? 'null' : $sub_type; $sub_key_type = gettype($sub_key_type); } } if (is_array($var)) { $_var = $var; $var = array(); foreach ($_var $k => $v) { set_var($k, $k, $key_type); if ($type == 'array' && is_array($v)) { foreach ($v $_k => $_v) { if (is_array($_v)) { $_v = null; } set_var($_k, $_k, $sub_key_type, $multibyte); set_var($var[$k][$_k], $_v, $sub_type, $multibyte); } } else { if ($type == 'array' || is_array($v)) { $v = null; } set_var($var[$k], $v, $type, $multibyte); } } } else { set_var($var, $var, $type, $multibyte); } return $var; } /** * set config value. creates missing config entry. */ function set_config($config_name, $config_value, $is_dynamic = false) { global $db, $cache, $config; $sql = 'update ' . config_table . " set config_value = '" . $db->sql_escape($config_value) . "' config_name = '" . $db->sql_escape($config_name) . "'"; $db->sql_query($sql); if (!$db->sql_affectedrows() && !isset($config[$config_name])) { $sql = 'insert ' . config_table . ' ' . $db->sql_build_array('insert', array( 'config_name' => $config_name, 'config_value' => $config_value, 'is_dynamic' => ($is_dynamic) ? 1 : 0)); $db->sql_query($sql); } $config[$config_name] = $config_value; if (!$is_dynamic) { $cache->destroy('config'); } } /** * set dynamic config value arithmetic operation. */ function set_config_count($config_name, $increment, $is_dynamic = false) { global $db, $cache; switch ($db->sql_layer) { case 'firebird': case 'postgres': $sql_update = 'cast(cast(config_value decimal(255, 0)) + ' . (int) $increment . ' varchar(255))'; break; // mysql, sqlite, mssql, mssql_odbc, oracle default: $sql_update = 'config_value + ' . (int) $increment; break; } $db->sql_query('update ' . config_table . ' set config_value = ' . $sql_update . " config_name = '" . $db->sql_escape($config_name) . "'"); if (!$is_dynamic) { $cache->destroy('config'); } } /** * generates alphanumeric random string of given length * * @return string */ function gen_rand_string($num_chars = 8) { // [a, z] + [0, 9] = 36 return substr(strtoupper(base_convert(unique_id(), 16, 36)), 0, $num_chars); } /** * generates user-friendly alphanumeric random string of given length * remove 0 , o users cannot confuse in passwords etc. * * @return string */ function gen_rand_string_friendly($num_chars = 8) { $rand_str = unique_id(); // remove z , y base_convert(), replace 0 z , o y // [a, z] + [0, 9] - {z, y} = [a, z] + [0, 9] - {0, o} = 34 $rand_str = str_replace(array('0', 'o'), array('z', 'y'), strtoupper(base_convert($rand_str, 16, 34))); return substr($rand_str, 0, $num_chars); } /** * return unique id * @param string $extra additional entropy */ function unique_id($extra = 'c') { static $dss_seeded = false; global $config; $val = $config['rand_seed'] . microtime(); $val = md5($val); $config['rand_seed'] = md5($config['rand_seed'] . $val . $extra); if ($dss_seeded !== true && ($config['rand_seed_last_update'] < time() - rand(1,10))) { set_config('rand_seed', $config['rand_seed'], true); set_config('rand_seed_last_update', time(), true); $dss_seeded = true; } return substr($val, 4, 16); } /** * return formatted string filesizes * * @param int $value filesize in bytes * @param bool $string_only true if language string should returned * @param array $allowed_units allow these units (data array indexes) * * @return mixed data array if $string_only false * @author bantu */ function get_formatted_filesize($value, $string_only = true, $allowed_units = false) { global $user; $available_units = array( 'gb' => array( 'min' => 1073741824, // pow(2, 30) 'index' => 3, 'si_unit' => 'gb', 'iec_unit' => 'gib', ), 'mb' => array( 'min' => 1048576, // pow(2, 20) 'index' => 2, 'si_unit' => 'mb', 'iec_unit' => 'mib', ), 'kb' => array( 'min' => 1024, // pow(2, 10) 'index' => 1, 'si_unit' => 'kb', 'iec_unit' => 'kib', ), 'b' => array( 'min' => 0, 'index' => 0, 'si_unit' => 'bytes', // language index 'iec_unit' => 'bytes', // language index ), ); foreach ($available_units $si_identifier => $unit_info) { if (!empty($allowed_units) && $si_identifier != 'b' && !in_array($si_identifier, $allowed_units)) { continue; } if ($value >= $unit_info['min']) { $unit_info['si_identifier'] = $si_identifier; break; } } unset($available_units); ($i = 0; $i < $unit_info['index']; $i++) { $value /= 1024; } $value = round($value, 2); // lookup units in language dictionary $unit_info['si_unit'] = (isset($user->lang[$unit_info['si_unit']])) ? $user->lang[$unit_info['si_unit']] : $unit_info['si_unit']; $unit_info['iec_unit'] = (isset($user->lang[$unit_info['iec_unit']])) ? $user->lang[$unit_info['iec_unit']] : $unit_info['iec_unit']; // default iec $unit_info['unit'] = $unit_info['iec_unit']; if (!$string_only) { $unit_info['value'] = $value; return $unit_info; } return $value . ' ' . $unit_info['unit']; } /** * determine whether approaching maximum execution time. should called once * @ beginning of script in it's used. * @return bool either true if maximum execution time reached, or false * if time still left. */ function still_on_time($extra_time = 15) { static $max_execution_time, $start_time; $time = explode(' ', microtime()); $current_time = $time[0] + $time[1]; if (empty($max_execution_time)) { $max_execution_time = (function_exists('ini_get')) ? (int) @ini_get('max_execution_time') : (int) @get_cfg_var('max_execution_time'); // if zero, set higher not let user catch ten seconds barrier. if ($max_execution_time === 0) { $max_execution_time = 50 + $extra_time; } $max_execution_time = min(max(10, ($max_execution_time - $extra_time)), 50); // debugging purposes // $max_execution_time = 10; global $starttime; $start_time = (empty($starttime)) ? $current_time : $starttime; } return (ceil($current_time - $start_time) < $max_execution_time) ? true : false; } /** * * @version version 0.1 / modified phpbb 3.0.x (using $h$ hash type identifier) * * portable php password hashing framework. * * written solar designer <solar @ openwall.com> in 2004-2006 , placed in * public domain. * * there's absolutely no warranty. * * homepage url framework is: * * http://www.openwall.com/phpass/ * * please sure update version line if edit file in way. * suggested leave main version number intact, indicate * project name (after slash) , add own revision information. * * please not change "private" password hashing method implemented in * here, thereby making hashes incompatible. however, if must, please * change hash type identifier (the "$p$") different. * * obviously, since code in public domain, above not * requirements (there can none), merely suggestions. * * * hash password */ function phpbb_hash($password) { $itoa64 = './0123456789abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz'; $random_state = unique_id(); $random = ''; $count = 6; if (($fh = @fopen('/dev/urandom', 'rb'))) { $random = fread($fh, $count); fclose($fh); } if (strlen($random) < $count) { $random = ''; ($i = 0; $i < $count; $i += 16) { $random_state = md5(unique_id() . $random_state); $random .= pack('h*', md5($random_state)); } $random = substr($random, 0, $count); } $hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64); if (strlen($hash) == 34) { return $hash; } return md5($password); } /** * check correct password * * @param string $password password in plain text * @param string $hash stored password hash * * @return bool returns true if password correct, false if not. */ function phpbb_check_hash($password, $hash) { $itoa64 = './0123456789abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz'; if (strlen($hash) == 34) { return (_hash_crypt_private($password, $hash, $itoa64) === $hash) ? true : false; } return (md5($password) === $hash) ? true : false; } /** * generate salt hash generation */ function _hash_gensalt_private($input, &$itoa64, $iteration_count_log2 = 6) { if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) { $iteration_count_log2 = 8; } $output = '$h$'; $output .= $itoa64[min($iteration_count_log2 + ((php_version >= 5) ? 5 : 3), 30)]; $output .= _hash_encode64($input, 6, $itoa64); return $output; } /** * encode hash */ function _hash_encode64($input, $count, &$itoa64) { $output = ''; $i = 0; { $value = ord($input[$i++]); $output .= $itoa64[$value & 0x3f]; if ($i < $count) { $value |= ord($input[$i]) << 8; } $output .= $itoa64[($value >> 6) & 0x3f]; if ($i++ >= $count) { break; } if ($i < $count) { $value |= ord($input[$i]) << 16; } $output .= $itoa64[($value >> 12) & 0x3f]; if ($i++ >= $count) { break; } $output .= $itoa64[($value >> 18) & 0x3f]; } while ($i < $count); return $output; } /** * crypt function/replacement */ function _hash_crypt_private($password, $setting, &$itoa64) { $output = '*'; // check correct hash if (substr($setting, 0, 3) != '$h$') { return $output; } $count_log2 = strpos($itoa64, $setting[3]); if ($count_log2 < 7 || $count_log2 > 30) { return $output; } $count = 1 << $count_log2; $salt = substr($setting, 4, 8); if (strlen($salt) != 8) { return $output; } /** * we're kind of forced use md5 here since it's * cryptographic primitive available in versions of php * in use. implement our own low-level crypto * in php result in worse performance , * consequently in lower iteration counts , hashes * quicker crack (by non-php code). */ if (php_version >= 5) { $hash = md5($salt . $password, true); { $hash = md5($hash . $password, true); } while (--$count); } else { $hash = pack('h*', md5($salt . $password)); { $hash = pack('h*', md5($hash . $password)); } while (--$count); } $output = substr($setting, 0, 12); $output .= _hash_encode64($hash, 16, $itoa64); return $output; } /** * hashes email address big integer * * @param string $email email address * * @return string unsigned big integer */ function phpbb_email_hash($email) { return sprintf('%u', crc32(strtolower($email))) . strlen($email); } /** * global function chmodding directories , files internal use * * function determines owner , group whom file belongs , user , group of php , set safest possible file permissions. * function determines owner , group common.php file , sets same provided file. * function uses bit fields build permissions. * function sets appropiate execute bit on directories. * * supported constants representing bit fields are: * * chmod_all - permissions (7) * chmod_read - read permission (4) * chmod_write - write permission (2) * chmod_execute - execute permission (1) * * note: function uses posix extension , fileowner()/filegroup() functions. if of them disabled, function tries build proper permissions, calling is_readable() , is_writable() functions. * * @param string $filename file/directory chmodded * @param int $perms permissions set * * @return bool true on success, otherwise false * @author faw, phpbb group */ function phpbb_chmod($filename, $perms = chmod_read) { static $_chmod_info; // return if file no longer exists. if (!file_exists($filename)) { return false; } // determine common vars if (empty($_chmod_info)) { if (!function_exists('fileowner') || !function_exists('filegroup')) { // no need further determine owner/group - unknown $_chmod_info['process'] = false; } else { global $phpbb_root_path, $phpex; // determine owner/group of common.php file , filename want change here $common_php_owner = @fileowner($phpbb_root_path . 'common.' . $phpex); $common_php_group = @filegroup($phpbb_root_path . 'common.' . $phpex); // , owner , groups php running under. $php_uid = (function_exists('posix_getuid')) ? @posix_getuid() : false; $php_gids = (function_exists('posix_getgroups')) ? @posix_getgroups() : false; // if unable owner/group, not try set them guessing if (!$php_uid || empty($php_gids) || !$common_php_owner || !$common_php_group) { $_chmod_info['process'] = false; } else { $_chmod_info = array( 'process' => true, 'common_owner' => $common_php_owner, 'common_group' => $common_php_group, 'php_uid' => $php_uid, 'php_gids' => $php_gids, ); } } } if ($_chmod_info['process']) { $file_uid = @fileowner($filename); $file_gid = @filegroup($filename); // change owner if (@chown($filename, $_chmod_info['common_owner'])) { clearstatcache(); $file_uid = @fileowner($filename); } // change group if (@chgrp($filename, $_chmod_info['common_group'])) { clearstatcache(); $file_gid = @filegroup($filename); } // if file_uid/gid match 1 common.php can process further, else not able change if ($file_uid != $_chmod_info['common_owner'] || $file_gid != $_chmod_info['common_group']) { $_chmod_info['process'] = false; } } // still able process? if ($_chmod_info['process']) { if ($file_uid == $_chmod_info['php_uid']) { $php = 'owner'; } else if (in_array($file_gid, $_chmod_info['php_gids'])) { $php = 'group'; } else { // since setting bit anyway, no need expensive operations $_chmod_info['process'] = false; } } // not able determine or change if (!$_chmod_info['process']) { $php = 'other'; } // owner has read/write permission $owner = chmod_read | chmod_write; if (is_dir($filename)) { $owner |= chmod_execute; // add execute bit permission if dir needs readable if ($perms & chmod_read) { $perms |= chmod_execute; } } switch ($php) { case 'owner': $result = @chmod($filename, ($owner << 6) + (0 << 3) + (0 << 0)); clearstatcache(); if (is_readable($filename) && phpbb_is_writable($filename)) { break; } case 'group': $result = @chmod($filename, ($owner << 6) + ($perms << 3) + (0 << 0)); clearstatcache(); if ((!($perms & chmod_read) || is_readable($filename)) && (!($perms & chmod_write) || phpbb_is_writable($filename))) { break; } case 'other': $result = @chmod($filename, ($owner << 6) + ($perms << 3) + ($perms << 0)); clearstatcache(); if ((!($perms & chmod_read) || is_readable($filename)) && (!($perms & chmod_write) || phpbb_is_writable($filename))) { break; } default: return false; break; } return $result; } /** * test if file/directory writable * * function calls native is_writable() when not running under * windows , not disabled. * * @param string $file path perform write test on * @return bool true when path writable, otherwise false. */ function phpbb_is_writable($file) { if (strtolower(substr(php_os, 0, 3)) === 'win' || !function_exists('is_writable')) { if (file_exists($file)) { // canonicalise path absolute path $file = phpbb_realpath($file); if (is_dir($file)) { // test directory creating file inside directory $result = @tempnam($file, 'i_w'); if (is_string($result) && file_exists($result)) { unlink($result); // ensure file in directory (returned realpathed) return (strpos($result, $file) === 0) ? true : false; } } else { $handle = @fopen($file, 'r+'); if (is_resource($handle)) { fclose($handle); return true; } } } else { // file not exist test if can write directory $dir = dirname($file); if (file_exists($dir) && is_dir($dir) && phpbb_is_writable($dir)) { return true; } } return false; } else { return is_writable($file); } } // compatibility functions if (!function_exists('array_combine')) { /** * wrapper php5 function array_combine() * @param array $keys contains keys resulting array * @param array $values contains values resulting array * * @return returns array using values keys array keys , * values values array corresponding values. returns false if * number of elements each array isn't equal or if arrays empty. */ function array_combine($keys, $values) { $keys = array_values($keys); $values = array_values($values); $n = sizeof($keys); $m = sizeof($values); if (!$n || !$m || ($n != $m)) { return false; } $combined = array(); ($i = 0; $i < $n; $i++) { $combined[$keys[$i]] = $values[$i]; } return $combined; } } if (!function_exists('str_split')) { /** * wrapper php5 function str_split() * @param array $string contains string converted * @param array $split_length contains length of each chunk * * @return converts string array. if optional split_length parameter specified, * returned array broken down as can see new lines cut big mess. did still add new code , messed up. can do? there type of script or can run php file through fix lines? note have no experience php please detailed in reply!
both wordpad , notepad++ handle unix-style newlines fine. i'm guessing or else opened , saved program such notepad, doesn't understand such newlines , messed up. if haven't modified file far, simplest solution might fresh copy of file phpbb3 archive.
Comments
Post a Comment