联系表单安全码php问题?如何删除代码?
我试图在这个php中找到一个邮件的安全代码。 请你能告诉我哪些部分我需要删除的代码删除这个。联系表单安全码php问题?如何删除代码?
感谢您的帮助
<?php
$adminemail = '[email protected]'; // type your actual email address in place of [email protected]
$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt
$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text
$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:
";
if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.
";
else $messagetosubmitter = $_POST['messagetosubmitter'];
while(list($key, $value) = each($_POST))
{
if (!stristr($controlvars, ' '. $key .' '))
{
$messagetoadmin .= $key .': '. $value .'
';
$messagetosubmitter .= $key .': '. $value .'
';
}
}
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = '[email protected]';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
session_start();
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
}
elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code']))) {
mail("$adminemail, [email protected]", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
unset($_SESSION['security_code']);
} else {
error_reporting(0);
echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
}
if ($_POST['ccsubmitter'] == 'yes')
{
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
$body = geturl($autoresponse);
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');
if (!function_exists('geturl'))
{
function geturl($url)
{
if (extension_loaded('curl'))
{
$user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($ch, CURLOPT_HEADER, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec ($ch);
curl_close ($ch);
// curl_error($ch); // for debugging
return $result;
}
if (version_compare("4.3.0", phpversion(), "<"))
{
$filecontents = @file_get_contents($url);
}
else
{
$fd = @fopen($url, 'rb');
$filecontents = "";
do
{
$data = @fread($fd, 8192);
if (strlen($data) == 0)
{
break;
}
$filecontents .= $data;
} while(true);
@fclose ($fd);
}
return $filecontents;
}
}
?>
删除该:)
编辑:ELSEIF ..没有显示为代码,修正。
elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code']))) {
mail("$adminemail, [email protected]", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
unset($_SESSION['security_code']);
} else {
error_reporting(0);
echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
}
,这(卡梅伦·康纳)
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
所以,你的文件应该保持这样的:
<?php
$adminemail = '[email protected]'; // type your actual email address in place of [email protected]
$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt
$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text
$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:
";
if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.
";
else $messagetosubmitter = $_POST['messagetosubmitter'];
while(list($key, $value) = each($_POST))
{
if (!stristr($controlvars, ' '. $key .' '))
{
$messagetoadmin .= $key .': '. $value .'
';
$messagetosubmitter .= $key .': '. $value .'
';
}
}
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = '[email protected]';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");
session_start();
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
}
if ($_POST['ccsubmitter'] == 'yes')
{
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
$body = geturl($autoresponse);
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');
if (!function_exists('geturl'))
{
function geturl($url)
{
if (extension_loaded('curl'))
{
$user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($ch, CURLOPT_HEADER, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec ($ch);
curl_close ($ch);
// curl_error($ch); // for debugging
return $result;
}
if (version_compare("4.3.0", phpversion(), "<"))
{
$filecontents = @file_get_contents($url);
}
else
{
$fd = @fopen($url, 'rb');
$filecontents = "";
do
{
$data = @fread($fd, 8192);
if (strlen($data) == 0)
{
break;
}
$filecontents .= $data;
} while(true);
@fclose ($fd);
}
return $filecontents;
}
}
?>
对不起,这根本不起作用 我收到此消息 Warning:session_start()[function.session-start]:无法发送会话缓存限制器 - 已发送的头文件(输出开始于/home/blahblahblah.co.uk /public/mailer.php:1)在/home/blahblahblah.co.uk/public/mailer.php在线36 警告:无法修改标题信息 - 已经发送的标题(输出开始于/home/blahblahblah.co .uk/public/mailer.php:1)在/home/blahblahblah.co.uk/public/mailer.php在线52 –
这是一个普通的字符集错误,你使用的是mac还是win? – CuSS
二进制搜索方法可以在这里使用,其像这样开始:
- 删除文件的下半部分;检查:那是否包含“安全码”?
- 否:删除文件的上半部分;检查:那是否包含“安全码”?
- 否:重新测试假设:您确定安全代码位于此文件中吗?
一旦你找到哪一半“安全码”是:
- 删除一半文件的下半部分;检查:那是否包含“安全码”?
- 否:删除顶部该文件一半的一半;检查:那是否包含“安全码”?
- 否:重新测试假设:您确定安全代码位于此文件的这一半中吗?
重复,直到你找到一个你感兴趣的行(或线)。
扩大对CUSS的答案。这是不必要的,因为好。
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
谢谢:) 给你;) – CuSS
此显示有什么错误? – CuSS