newbtophp Posted August 21, 2009 Share Posted August 21, 2009 I have some encoded code and if I change eval to $some, then add $some= ereg_replace('eval', 'echo', $some); eval ($some); before ?>, I get the decoded. Im trying to build a little script which would do this, using $_POST, but it dont echo the decoded it just echos whats been inserted. Heres the code which I've come up with: <form action="index2.php" method='post'> <textarea name='so' rows="8" cols="20"></textarea><br> <input type='submit' name='submit' value='Submit'/><br> </form> <?php $so = $_POST['so']; $so = str_replace('?>', "", $so); $so = str_replace('eval($_G', '$some($_G', $so); $submit= $_POST['submit']; if($so == "") echo ""; else { if($submit == "Submit") { echo $so; $some= ereg_replace('eval', 'echo', $some); eval ($some); echo "?>\n"; } } ?> All help is greatly apreciated. Thank You. Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/ Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 Just need to know what im doing wrong and how to solve. Hope someone can help me Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-902988 Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 Fixed a typo: <form action="index2.php" method='post'> <textarea name='so' rows="8" cols="20"></textarea><br> <input type='submit' name='submit' value='Submit'/><br> </form> <?php $so = $_POST['so']; $so = str_replace('?>', "", $so); $so = str_replace('eval($_G', '$some($_G', $so); $submit= $_POST['submit']; if($so == "") echo ""; else { if($submit == "Submit") { echo $so; $some= ereg_replace('eval', 'echo', $some); eval ($some); echo "?>\n"; } } ?> Still looking for help though :-\ Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903005 Share on other sites More sharing options...
Philip Posted August 21, 2009 Share Posted August 21, 2009 Ummm.... There's a lot wrong bud. Sorry. Missing a ' $so = str_replace(?>', "", $so); Why are you using eval - that should be a last resort thing: $so = str_replace('eval($_G', '$some($_G', $so); Deprecated (ereg): $some= ereg_replace('eval', 'echo', $some); Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903018 Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 Ummm.... There's a lot wrong bud. Sorry. Missing a ' $so = str_replace(?>', "", $so); Fixed (in my second post) Why are you using eval - that should be a last resort thing: $so = str_replace('eval($_G', '$some($_G', $so); Not sure what you mean, I replaced eval with $some (see my first post) Deprecated (ereg): $some= ereg_replace('eval', 'echo', $some); Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903020 Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 Anyone awake? Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903088 Share on other sites More sharing options...
newbtophp Posted August 21, 2009 Author Share Posted August 21, 2009 and is their an alternative too ereg_replace? Link to comment https://forums.phpfreaks.com/topic/171235-solved-_post-and-run/#findComment-903103 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.