javascript - Substitue $_REQUEST -

-

i know enough code dangerous, couldn't write scratch if life depended on it. i'm migrating website new hosting has newer version of php doesn't allow $_request (i think). code designed encrypt pdf. works great on old site (probably older version of php).
tried replacing $_request $_get , didn't work. appreciated. excluded formatting code , basic html.

<?php $timearr = explode( ' ', microtime( ) ); $pagestarttime = $timearr[ 1 ] + $timearr[ 0 ];  $file = $_files['file']; if($_request['submit'] && (!trim($_request['password']) || $_request['password'] == 'password')) {     $msg = 'please enter password.'; } elseif(is_array($file) && $file['error'] == 0) {     $enc_path = 'encrypted';     $src = $file['tmp_name'];     $dest = "{$enc_path}/{$file['name']}";     $pass = trim($_request['password']);     $cmd_fmt = "pdftk '$src' output '$dest' user_pw '$pass'";      @mkdir($enc_path);     @system($cmd_fmt);      if(file_exists($dest)) $file_url = "http://www.company.com/{$enc_path}/" . rawurlencode($file['name']);   } ?>          }         </style>         <script type="text/javascript">         function copytoclipboard(s) {             if(window.clipboarddata && clipboarddata.setdata) {                 clipboarddata.setdata('text', s);             }             else alert('could not permission access clipboard. please copy url text box instead.');         }         </script>     </head>     <body>     <center>     <div style="width: 600px;">     <div style="text-align: center;">         <center>         <form action="<?= $_server[ 'php_self' ] ?>" method="post" enctype="multipart/form-data">         <div style="text-align: center;">             <img src="/logo.png" border="0" style="height: 145px; margin-bottom: -10px;">             <h1>pdf encryption tool</h1>         </div>         <br/>         <? if($file_url) : ?>             <span><a href="<?= $file_url ?>">click here download file</a></span><br/>             <input type="text" readonly value="<?= $file_url ?>" style="width: 350px; margin: 0 0 5px 0;"><br/>             <input type="button" onclick="copytoclipboard('<?= $file_url ?>');" value="copy clipboard">             <br/>         <? elseif($_request['submit'] && $msg) : ?>              <font color="red"><b><?= $msg ?></b></font>             <br/>         <? elseif($_request['submit']) : ?>              <font color="red"><b>there error processing request. program accepts pdf files.</b></font>             <br/>         <? endif; ?>         <br/>         <br/>         <input type="file" name="file" style="width: 350px; border: 0; margin: 0 0 5px 0;"><br/>         <input id="password" type="text" name="password" style="width: 350px;"             <?= $_request['password'] ? 'class="focus"' : ''?>             onfocus="this.classname = 'focus'; if( this.value == 'password' ) { this.value = ''; }"             onblur="if( this.value == '' ) { this.classname = ''; this.value = 'password'; }"             onkeydown="if( event.keycode == 13 ) { this.form.submit( ); return false; }"             value="<?= $_request['password'] ? $_request['password'] : 'password' ?>"         >         <br/>         <br/>         <input name="submit" value="submit" type="submit">         </form>         <br/>         <br/>     </center>     </div>     <br/>     <br/>     <?     $timearr = explode( ' ', microtime( ) );     $pageendtime = $timearr[ 1 ] + $timearr[ 0 ];     $pagetime = $pageendtime - $pagestarttime;     ?>     <span align="left">         <font color="gray" size="-3">             page took <?= number_format( $pagetime, 3 ) ?> second(s) load.         </font>     </span>     </div>     </center>     </body> </html>

$_request: associative array default contains contents of $_get, $_post , $_cookie. php.net

your form uses method "post":

<form action="<?= $_server[ 'php_self' ] ?>" method="post" enctype="multipart/form-data">

this means need replace $_request $_post

for security issues: think user can manipulate , how used break code.

for commandline use escapeshellarg. have serveral user-variables can used in html. see cross-site scripting


Comments

Post a Comment

Popular posts from this blog

Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:2.12:test (default-test) on project.Error occurred in starting fork -

-
i searched on internet provided answers did not in building project. the error starting fork. tried following methods: mvn clean install -u when searched, people said because of java 7 , should work java 6. using java 6 only. some said set surefire plugin this: <groupid>org.apache.maven.plugins</groupid> <artifactid>maven-surefire-plugin</artifactid> <version>2.5</version> <configuration> <skiptests>false</skiptests> <testfailureignore>true</testfailureignore> <forkmode>once</forkmode> </configuration> the actual error is: [error] failed execute goal org.apache.maven.plugins:maven-surefire-plugin:2.12:test (default-test) on project junitcategorizer.instrument: error occurred in starting fork, check output in log -> [help 1] org.apache.maven.lifecycle.lifecycleexecutionexception: failed execute goal org.apache.maven.plugins:maven-surefire-plugin:2...
Read more

windows - Debug iNetMgr.exe unhandle exception System.Management.Automation.CmdletInvocationException -

-
i fired windows 7 machine today , attempting start intemgr.exe process terminates immediately. started process under debugger. seems process terminating following exception: system.management.automation.cmdletinvocationexception . dumping exceptions on heap yields following results. heap has few more exception listed below. so based on research exception happens when cmdlet encounters terminating error. method call before processrecord(). provides record-by-record processing functionality cmdlet. windows powershell runtime calls method multiple times each instance of cmdlet in pipeline. how can inspect pipeline debugger? exception object: 0000000002702940 exception type: system.management.automation.itemnotfoundexception message: cannot find path 'c:\windows\system32\windowspowershell\v1.0\modules\applicationserver\applicationserver.dll' because not exist. innerexception: <none> stacktrace (generated): sp ip function 000000001...
Read more

android - CoordinatorLayout, FAB and container layout conflict -

-
Image
i have main activity drawer have container layout replace each fragment fragmentmanager . i want add fab 1 of child fragments hide/show on scroll im not sure im doing wrong , get: layout: <?xml version="1.0" encoding="utf-8"?> <android.support.design.widget.coordinatorlayout xmlns:android="http://schemas.android.com/apk/res/android" xmlns:app="http://schemas.android.com/apk/res-auto" android:layout_width="match_parent" android:layout_height="match_parent"> <android.support.design.widget.appbarlayout android:id="@+id/appbar" android:layout_width="match_parent" android:layout_height="wrap_content" android:fitssystemwindows="true" android:theme="@style/themeoverlay.appcompat.dark.actionbar"> <android.support.v7.widget.toolbar android:id="@+id/toolbar" android:layout_width="match_parent...
Read more