newbtophp Posted August 21, 2009 Share Posted August 21, 2009 I have some encoded code and if I change eval to $some, then add $some= ereg_replace('eval', 'echo', $some); eval ($some); before ?>, I get the decoded. Im trying to build a little script which would do this, using $_POST, but it dont echo the decoded it just echos whats been inserted. Heres the code which I've come up with: <form action="index2.php" method='post'> <textarea name='so' rows="8" cols="20"></textarea><br> <input type='submit' name='submit' value='Submit'/><br> </form> <?php $so = $_POST['so']; $so = str_replace('?>', "", $so); $so = str_replace('eval($_G', '$some($_G', $so); $submit= $_POST['submit']; if($so == "") echo ""; else { if($submit == "Submit") { echo $so; $some= ereg_replace('eval', 'echo', $some); eval ($some); echo "?>\n"; } } ?> All help is greatly apreciated. Thank You. Quote Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/ Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 Just need to know what im doing wrong and how to solve. Hope someone can help me Quote Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-902988 Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 Fixed a typo: <form action="index2.php" method='post'> <textarea name='so' rows="8" cols="20"></textarea><br> <input type='submit' name='submit' value='Submit'/><br> </form> <?php $so = $_POST['so']; $so = str_replace('?>', "", $so); $so = str_replace('eval($_G', '$some($_G', $so); $submit= $_POST['submit']; if($so == "") echo ""; else { if($submit == "Submit") { echo $so; $some= ereg_replace('eval', 'echo', $some); eval ($some); echo "?>\n"; } } ?> Still looking for help though :-\ Quote Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903005 Share on other sites More sharing options...
Philip Posted August 21, 2009 Share Posted August 21, 2009 Ummm.... There's a lot wrong bud. Sorry. Missing a ' $so = str_replace(?>', "", $so); Why are you using eval - that should be a last resort thing: $so = str_replace('eval($_G', '$some($_G', $so); Deprecated (ereg): $some= ereg_replace('eval', 'echo', $some); Quote Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903018 Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 Ummm.... There's a lot wrong bud. Sorry. Missing a ' $so = str_replace(?>', "", $so); Fixed (in my second post) Why are you using eval - that should be a last resort thing: $so = str_replace('eval($_G', '$some($_G', $so); Not sure what you mean, I replaced eval with $some (see my first post) Deprecated (ereg): $some= ereg_replace('eval', 'echo', $some); Quote Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903020 Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 Anyone awake? Quote Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903088 Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 and is their an alternative too ereg_replace? Quote Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903103 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.