您的位置: 首页  >  技术问答  >  联系表单安全码php问题?如何删除代码?

联系表单安全码php问题?如何删除代码?

分类: 技术问答 2022-07-29 16:55:27
问题描述:

我试图在这个php中找到一个邮件的安全代码。 请你能告诉我哪些部分我需要删除的代码删除这个。联系表单安全码php问题?如何删除代码?

感谢您的帮助

<?php 
$adminemail = '[email protected]'; // type your actual email address in place of [email protected] 

$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt 

$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text 

$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter '; 
$messagetoadmin = "A user has filled out a form with this content: 


"; 

if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response. 


"; 
else $messagetosubmitter = $_POST['messagetosubmitter']; 

while(list($key, $value) = each($_POST)) 
{ 
if (!stristr($controlvars, ' '. $key .' ')) 
{ 
    $messagetoadmin .= $key .': '. $value .' 

'; 
    $messagetosubmitter .= $key .': '. $value .' 

'; 
} 
} 
$submitter = $_POST['submitteremail']; 
if ($submitter == '') $submitter = '[email protected]'; 
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer."); 

if ($usesecimage) 
{ 
$curr_path = getcwd(); 
chdir($usesecimage);  // Go to the WSN directory 
require 'start.php'; 
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false; 
$correct = securityimagevalue($seed); 
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button."); 
chdir($curr_path);  // Return to original directory 
} 

    session_start(); 
    if(empty($_POST['TermsOfBusiness'])) 
    { 
    error_reporting(0); 
    echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form"; 
    } 
    elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code']))) { 

     mail("$adminemail, [email protected]", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter); 
     unset($_SESSION['security_code']); 

    } else { 
     error_reporting(0); 
     echo "The security code you entered was incorrect, please click the back button on your browser to try again."; 
    } 

if ($_POST['ccsubmitter'] == 'yes') 
{ 
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail); 
} 
if ($autoresponse != '') 
{ 
$body = geturl($autoresponse); 
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail); 
} 
header('Location: '. $_POST['thankspage']); 
// just in case redirect doesn't work 
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">'); 

if (!function_exists('geturl')) 
{ 
function geturl($url) 
{ 
if (extension_loaded('curl')) 
{ 
    $user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)'; 
    $ch = curl_init(); 
    curl_setopt ($ch, CURLOPT_URL, $url); 
    curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent); 
    curl_setopt ($ch, CURLOPT_HEADER, false); 
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); 
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds 
    curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds 
    curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true); 
    $result = curl_exec ($ch); 
    curl_close ($ch); 
// curl_error($ch); // for debugging 
    return $result; 
} 

if (version_compare("4.3.0", phpversion(), "<")) 
{ 
    $filecontents = @file_get_contents($url); 
} 
else 
{ 
    $fd = @fopen($url, 'rb'); 
    $filecontents = ""; 
    do 
    { 
    $data = @fread($fd, 8192); 
    if (strlen($data) == 0) 
    { 
    break; 
    } 
    $filecontents .= $data; 
    } while(true); 
    @fclose ($fd); 
} 
return $filecontents; 
} 
} 

?>
+0

此显示有什么错误? – CuSS

删除该:)

编辑:ELSEIF ..没有显示为代码,修正。

elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code']))) { 

     mail("$adminemail, [email protected]", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter); 
     unset($_SESSION['security_code']); 

    } else { 
     error_reporting(0); 
     echo "The security code you entered was incorrect, please click the back button on your browser to try again."; 
    }

,这(卡梅伦·康纳)

if ($usesecimage) 
{ 
$curr_path = getcwd(); 
chdir($usesecimage);  // Go to the WSN directory 
require 'start.php'; 
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false; 
$correct = securityimagevalue($seed); 
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button."); 
chdir($curr_path);  // Return to original directory 
}

所以,你的文件应该保持这样的:

<?php 
$adminemail = '[email protected]'; // type your actual email address in place of [email protected] 

$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt 

$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text 

$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter '; 
$messagetoadmin = "A user has filled out a form with this content: 


"; 

if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response. 


"; 
else $messagetosubmitter = $_POST['messagetosubmitter']; 

while(list($key, $value) = each($_POST)) 
{ 
if (!stristr($controlvars, ' '. $key .' ')) 
{ 
    $messagetoadmin .= $key .': '. $value .' 

'; 
    $messagetosubmitter .= $key .': '. $value .' 

'; 
} 
} 
$submitter = $_POST['submitteremail']; 
if ($submitter == '') $submitter = '[email protected]'; 
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer."); 

    session_start(); 
    if(empty($_POST['TermsOfBusiness'])) 
    { 
    error_reporting(0); 
    echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form"; 
    } 

if ($_POST['ccsubmitter'] == 'yes') 
{ 
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail); 
} 
if ($autoresponse != '') 
{ 
$body = geturl($autoresponse); 
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail); 
} 
header('Location: '. $_POST['thankspage']); 
// just in case redirect doesn't work 
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">'); 

if (!function_exists('geturl')) 
{ 
function geturl($url) 
{ 
if (extension_loaded('curl')) 
{ 
    $user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)'; 
    $ch = curl_init(); 
    curl_setopt ($ch, CURLOPT_URL, $url); 
    curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent); 
    curl_setopt ($ch, CURLOPT_HEADER, false); 
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); 
    curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds 
    curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds 
    curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true); 
    $result = curl_exec ($ch); 
    curl_close ($ch); 
// curl_error($ch); // for debugging 
    return $result; 
} 

if (version_compare("4.3.0", phpversion(), "<")) 
{ 
    $filecontents = @file_get_contents($url); 
} 
else 
{ 
    $fd = @fopen($url, 'rb'); 
    $filecontents = ""; 
    do 
    { 
    $data = @fread($fd, 8192); 
    if (strlen($data) == 0) 
    { 
    break; 
    } 
    $filecontents .= $data; 
    } while(true); 
    @fclose ($fd); 
} 
return $filecontents; 
} 
} 

?>
+0

对不起,这根本不起作用 我收到此消息 Warning:session_start()[function.session-start]:无法发送会话缓存限制器 - 已发送的头文件(输出开始于/home/blahblahblah.co.uk /public/mailer.php:1)在/home/blahblahblah.co.uk/public/mailer.php在线36 警告:无法修改标题信息 - 已经发送的标题(输出开始于/home/blahblahblah.co .uk/public/mailer.php:1)在/home/blahblahblah.co.uk/public/mailer.php在线52 –

+0

这是一个普通的字符集错误,你使用的是mac还是win? – CuSS

二进制搜索方法可以在这里使用,其像这样开始:

  1. 删除文件的下半部分;检查:是否包含“安全码”?
  2. 否:删除文件的上半部分;检查:是否包含“安全码”?
  3. 否:重新测试假设:您确定安全代码位于此文件中吗?

一旦你找到哪一半“安全码”是:

  1. 删除一半文件的下半部分;检查:是否包含“安全码”?
  2. 否:删除顶部该文件一半的一半;检查:是否包含“安全码”?
  3. 否:重新测试假设:您确定安全代码位于此文件的这一半中吗?

重复,直到你找到一个你感兴趣的行(或线)。

扩大对CUSS的答案。这是不必要的,因为好。

if ($usesecimage) 
{ 
$curr_path = getcwd(); 
chdir($usesecimage);  // Go to the WSN directory 
require 'start.php'; 
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false; 
$correct = securityimagevalue($seed); 
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button."); 
chdir($curr_path);  // Return to original directory 
}
+0

谢谢:) 给你;) – CuSS

相关推荐