propel einrichten

September 19th, 2007 by admin

mit propel können in php relationale datenbanken(z.b. mysql,mssyl oder oracle) objektrelational gemappt werden, ne super sache. also dache ich mir, ich probier das ganze mal aus.

die trac seite konnte mir dazu ein sehr gutes tutorial liefern. doch leider hab ich es nicht geschaft das propel auf meine mysql datenbank zugreift. nunja ein bischen gegoogelt und dabei hab ich ein schönes deutsches tutorial auf dem tech-nick-blog gefunden, leider hat mir das auch nicht geholfen, da propel danach die folgende fehlermeldung ausgespuckt hat:

PLAIN TEXT
CODE:
  1. wrapped: No driver has been registered to handle connection type:

nachdem ich bei zend endlich fündig geworden bin konnte der folgende code vom tech-nick-blog als verursacher ausgemacht werden (in der runtime-conf.xml).

PLAIN TEXT
CODE:
  1. <dsn>mysql:host=localhost;dbname=newssystem</dsn>
  2. <user>nutzername</user>
  3. <password>passwort</password>

das ganze wird dann einfach mit der zend variante ersetzt und fertig.

PLAIN TEXT
CODE:
  1. runtime-conf.xml:
  2. <connection>
  3. <phptype>mysql</phptype>
  4. <hostspec>localhost</hostspec>
  5. <database>test</database>
  6. <username>root</username>
  7. <password>passss</password>
  8. <options>

mein propel funktioniert jetzt :-)

Posted in coding, php | No Comments »

reblog - metaweblog_RPC.plugin.php - character encoding error

Mai 22nd, 2007 by admin

reblog has a powerful metaweblog api plugin called "metaweblog_RPC.plugin.php". it is very useful to distribute rss-news to your blog(s). but the script submits all characters in uft8 format. that is a problem because wordpress (maybe other blog software too) can not handle it (for example here or here the character like ö,ä,ü are displayed as garbage). i found the solution in the php.net comments (thanks to johan andersson) and it works.

here is my fixed metaweblog_RPC.plugin.php

Posted in coding, php | No Comments »

backup

März 6th, 2007 by admin

wordpress hat eine initiative ins leben gerufen die sich "pro-backup" nennt.

alle user werden angehalten regelmäßig backups von ihren datenbanken zu erstellen.

leider empfiehlt wordpress nur phpmyadmin, was ich persönlich nict verstehe. phpmyadmin ist ein sehr nützliches tool um eine datenbank zu verwalten, jedoch nicht für automatische backups ausgelegt.

ich nutze seit ich denken kann mysqldumper. dieses script ist für die erstellung von backupdaten komzipiert.

quote:

MySQLDumpers sorgt dafür, dass Datenbanken automatisch per Cronjob gesichert werden.

mehr infos gibt es unter pro-backup.de und mysqldumper.de

Posted in backup, php | No Comments »

self modifying php script

Februar 1st, 2007 by admin

in my previous post i released a class which "decrypt" php scripts that hide source code with special functions like eval, gzinflate, base64_decode or str_rot13. i also create a class to "encrypt" php source code (not yet released). so i think it is a good idea to mix up both classes in one script. the resulting php script modify it's own code.

what is modifying code (quote from wikipedia)?

In computer science, self-modifying code is code that alters its own instructions, whether or not it is on purpose, while it is executing.

what is it good for?

  1. Hiding of code to prevent reverse engineering, as through use of a disassembler or debugger (PHP is an interpreter -> you can reverse the code)
  2. Hiding of code to evade detection by virus/spyware scanning software and the like
  3. Compression of code to be decompressed and executed at runtime, e.g. when memory or disk space is limited
  4. obscure the source code

how does it work?

  1. the script execute your source code
  2. at the end of code the magic happens (self modifying code)
  3. the script retrieve it's own crypted source code
  4. decrypt it
  5. obscure the code (replaces function and variable names by a random generated md5 string)
  6. crypt the source 10 times (if you like to change this do it on line 31)
  7. write the crypted source back to the file
  8. that's it

the source. sadly my wordpress syntax highlighter doesn't work properly with the new wordpress 2.1.
you got 2 options to get the proper source code:

1. push the "PLAINTEXT" button

2. click here for the highlighted code

any comments would be nice.

PLAIN TEXT
PHP:
  1. function mod()
  2. {
  3. $file = __FILE__;
  4. $nag = strpos($file,"(1) : eval()'d code");
  5. if($nag != false)
  6. $file = substr($file,0,$nag);
  7.  
  8. $cont = file_get_contents($file);
  9. $decoder = new decoder($cont);
  10. $cont = $decoder->decode_it();
  11. $arr = $decoder->used_functions();
  12. unset($decoder);
  13. preg_match_all('/\$([A-Za-z_0-9])+/',$cont, $result);
  14. $result[0] = array_unique($result[0]);
  15. foreach($result[0] as $line)
  16. {
  17. if($line!='$this')
  18. $cont = str_replace($line, '$'.chr(rand(65,90)).md5(microtime().'macosbrain').chr(rand(65,90)), $cont);
  19. }
  20.  
  21. preg_match_all('/function ([A-Za-z_0-9])+\(/',$cont, $result );
  22. $result = array_unique($result);
  23. foreach($result[0] as $line)
  24. {
  25. $line = substr($line,9,-1);
  26. if(substr($line,0,2)!='__')
  27. $cont = str_replace($line, chr(rand(65,90)).md5(microtime().'macosbrain_func').chr(rand(65,90)), $cont);
  28. }
  29. $encoder = new encoder($cont);
  30. for($i=0;$i <10;$i++)
  31. {
  32. call_user_func(array(&$encoder, $encoder->rand_function()));
  33. }
  34. $encoder->fill_with_php_tags();
  35. $cont = $encoder->get_crypt_source();
  36. unset($encoder);
  37. if(is_writeable($file))
  38. file_put_contents($file, $cont );
  39. else
  40. error();
  41. unset($cont);
  42. unset($file);
  43. unset($line);
  44. unset($result);
  45. unset($arr);
  46. unset($nag);
  47. }
  48.  
  49. class encoder
  50. {
  51. function __construct($source)
  52. {
  53. $this->source = $source;
  54. $this->crypt_source = $source;
  55. }
  56.  
  57. public function rand_function()
  58. {
  59. srand((double)microtime()*1000000);
  60. $possible_functions = array('str_rot13_cr','gzflate');
  61. return $possible_functions[rand(0,count($possible_functions)-1)];
  62. }
  63.  
  64. public function base64_cr()
  65. {
  66. $this->crypt_source = 'eval(base64_decode('."'".base64_encode($this->crypt_source)."'".'));';
  67. }
  68.  
  69. public function str_rot13_cr()
  70. {
  71. $this->crypt_source = 'eval(str_rot13(base64_decode('."'".base64_encode(str_rot13($this->crypt_source))."'".')));';
  72. }
  73.  
  74. public function gzflate()
  75. {
  76. $this->crypt_source = 'eval(gzinflate(base64_decode('."'".base64_encode(gzdeflate($this->crypt_source,9))."'".')));';
  77. }
  78.  
  79. public function fill_with_php_tags()
  80. {
  81. $this->crypt_source = '<?php '.$this->crypt_source.' ?>';
  82. }
  83.  
  84. public function get_crypt_source()
  85. {
  86. return ($this->crypt_source);
  87. }
  88. }
  89.  
  90. class decoder
  91. {
  92. private $used_functions = array();
  93. function __construct($data)
  94. {
  95. $data = $this->strip_php_tags($data);
  96. $this->org_data = $data;
  97. $this->result = $this->org_data;
  98. $this->done = false;
  99. }
  100.  
  101. function strip_php_tags($data)
  102. {
  103. $pos = strpos($data,'<?php');
  104. $len = 5;
  105. if($pos===false)
  106. {
  107. $pos = strpos($data,'<?');
  108. $len = 2;
  109. if($pos===false)
  110. die('no php');
  111. }
  112. $ende = strrpos($data,'?>')-$len;
  113. $data = substr($data,$len,$ende);
  114. return $data;
  115. }
  116.  
  117. function strip_what_to_execute()
  118. {
  119. $possible_code = substr($this->result,0,strpos($this->result,"'"));
  120. if($possible_code=='')
  121. $possible_code = substr($this->result,0,strpos($this->result,'"'));
  122.  
  123. $execute_arr = $this->test_possible_code($possible_code);
  124. if(count($execute_arr)> 1)
  125. {
  126. $possible_code_start = strlen($possible_code)+1;
  127. $possible_code_end = strrpos($this->result,"'");
  128. $this->result = substr($this->result,$possible_code_start,$possible_code_end-$possible_code_start);
  129. return $execute_arr;
  130. }
  131. else
  132. return false;
  133. }
  134.  
  135. function clean_string($str)
  136. {
  137. $str = trim($str);
  138. return $str;
  139. }
  140.  
  141. function test_possible_code($str)
  142. {
  143. $str = $this->clean_string($str);
  144. $functions = explode('(',$str);
  145. $execute_arr = array();
  146. if(!in_array('eval',$functions))
  147. {
  148. $this->done = true;
  149. return false;
  150. }
  151. foreach($functions as $function)
  152. {
  153. if($function!='' && $function!='eval')
  154. {
  155. if(function_exists($function) == false)
  156. error();
  157. else
  158. $execute_arr[] = $function;
  159. }
  160. }
  161. return $execute_arr;
  162. }
  163.  
  164. function do_it($execute_arr)
  165. {
  166. $cmd_str = '';
  167. $cmd_end = '';
  168. foreach($execute_arr as $cmd)
  169. {
  170. $this->used_functions[] = $cmd;
  171. $cmd_str .= $cmd.'(';
  172. $cmd_end .= ')';
  173. }
  174. $eval = $cmd_str."'".$this->result."'".$cmd_end;
  175. eval ("\$this->result = ".$eval.";");
  176. }
  177.  
  178. function decode_it()
  179. {
  180. $execute_arr = $this->strip_what_to_execute();
  181. if($this->done==false && count($execute_arr)> 0)
  182. {
  183. $this->do_it($execute_arr);
  184. $this->decode_it();
  185. }
  186. return $this->result;
  187. }
  188.  
  189. function used_functions()
  190. {
  191. return ($this->used_functions);
  192. }
  193. }
  194.  
  195. function error()
  196. {
  197. die();
  198. }
  199.  
  201.  
  202. /*real code*/
  203. echo 'test';

Posted in coding, php | 2 Comments »

PHProxy 0.4 error in php5

Dezember 11th, 2006 by admin

PHProxy 0.4 is a very nice web-proxy-server. but the script got one big disadvantage.

the script declares the following functions in phpproxy.class.php:

PLAIN TEXT
PHP:
  1. if ($this->flags['rotate13'])
  2. {
  3. function encode_url($url)
  4. {
  5. return rawurlencode(str_rot13($url));
  6. }
  7. function decode_url($url)
  8. {
  9. return str_replace('&', '&', str_rot13(rawurldecode($url)));
  10. }
  11. }
  12. else if ($this->flags['base64_encode'])
  13. {
  14. function encode_url($url)
  15. {
  17. }
  18. function decode_url($url)
  19. {
  20. return str_replace('&', '&', base64_decode(rawurldecode($url)));
  21. }
  22. }
  23. else
  24. {
  25. function encode_url($url)
  26. {
  27. return rawurlencode($url);
  28. }
  29. function decode_url($url)
  30. {
  31. return str_replace('&', '&', rawurldecode($url));
  32. }
  33. }

this is really bad coding style, but works with the old php4. php5 does not support such a crap style therefor php5 give us the following error code:

Parse error: parse error, unexpected T_FUNCTION, expecting T_VARIABLE in ...\proxy\PHProxy.class.php on line 118

to avoid this error you can use my mod of phproxy. i modified the following files to get a working phproxy on php5: PHProxy.class.php,index.php and url_form.inc

proxy0.4_macos.zip

Posted in coding, php | 2 Comments »