views:

269

answers:

3

I'm trying to find the security code in this php for a mailer. Please could you tell me which parts of the code I need to delete to remove this.

Thanks for your help

    <?php
$adminemail = '[email protected]'; // type your actual email address in place of [email protected]

$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt

$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text

$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:


";

 if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.


";
 else $messagetosubmitter = $_POST['messagetosubmitter'];

while(list($key, $value) = each($_POST))
{
 if (!stristr($controlvars, ' '. $key .' '))
 {
  $messagetoadmin .= $key .': '. $value .'

';
  $messagetosubmitter .= $key .': '. $value .'

';
 }
} 
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = '[email protected]';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");

if ($usesecimage)
{
 $curr_path = getcwd(); 
 chdir($usesecimage);        // Go to the WSN directory 
 require 'start.php'; 
 if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
 $correct = securityimagevalue($seed);
 if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
 chdir($curr_path);      // Return to original directory 
}

   session_start();
   if(empty($_POST['TermsOfBusiness']))
   {
    error_reporting(0);
    echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
   }
   elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {

      mail("$adminemail, [email protected]", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
      unset($_SESSION['security_code']);

   } else {
      error_reporting(0);
      echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
   }

if ($_POST['ccsubmitter'] == 'yes')
{
 mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
 $body = geturl($autoresponse);
 mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');

if (!function_exists('geturl'))
{
function geturl($url)
{
 if (extension_loaded('curl')) 
 {
   $user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
   $ch = curl_init(); 
   curl_setopt ($ch, CURLOPT_URL, $url); 
   curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent); 
   curl_setopt ($ch, CURLOPT_HEADER, false); 
   curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); 
   curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);  // timeout after 5 seconds
   curl_setopt ($ch, CURLOPT_TIMEOUT, 15);  // timeout after 5 seconds   
   curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true); 
   $result = curl_exec ($ch); 
   curl_close ($ch); 
// curl_error($ch); // for debugging
   return $result;  
 }

 if (version_compare("4.3.0", phpversion(), "<"))
 { 
  $filecontents = @file_get_contents($url);
 }
 else
 {
  $fd = @fopen($url, 'rb');
  $filecontents = "";
  do 
  {
   $data = @fread($fd, 8192);
   if (strlen($data) == 0) 
   {
    break;
   }
   $filecontents .= $data;
  } while(true); 
  @fclose ($fd);
 }
 return $filecontents;
}
}

?>
+1  A: 

remove this :)

EDIT: the elseif.. wasn't showing as code, corrected.

elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {

      mail("$adminemail, [email protected]", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
      unset($_SESSION['security_code']);

   } else {
      error_reporting(0);
      echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
   }

and this (by Cameron Conner)

if ($usesecimage)
{
 $curr_path = getcwd(); 
 chdir($usesecimage);        // Go to the WSN directory 
 require 'start.php'; 
 if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
 $correct = securityimagevalue($seed);
 if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
 chdir($curr_path);      // Return to original directory 
}

so, your file should stay like this:

    <?php
$adminemail = '[email protected]'; // type your actual email address in place of [email protected]

$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt

$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text

$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:


";

 if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.


";
 else $messagetosubmitter = $_POST['messagetosubmitter'];

while(list($key, $value) = each($_POST))
{
 if (!stristr($controlvars, ' '. $key .' '))
 {
  $messagetoadmin .= $key .': '. $value .'

';
  $messagetosubmitter .= $key .': '. $value .'

';
 }
} 
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = '[email protected]';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");

   session_start();
   if(empty($_POST['TermsOfBusiness']))
   {
    error_reporting(0);
    echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
   }

if ($_POST['ccsubmitter'] == 'yes')
{
 mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
 $body = geturl($autoresponse);
 mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');

if (!function_exists('geturl'))
{
function geturl($url)
{
 if (extension_loaded('curl')) 
 {
   $user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
   $ch = curl_init(); 
   curl_setopt ($ch, CURLOPT_URL, $url); 
   curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent); 
   curl_setopt ($ch, CURLOPT_HEADER, false); 
   curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true); 
   curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15);  // timeout after 5 seconds
   curl_setopt ($ch, CURLOPT_TIMEOUT, 15);  // timeout after 5 seconds   
   curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true); 
   $result = curl_exec ($ch); 
   curl_close ($ch); 
// curl_error($ch); // for debugging
   return $result;  
 }

 if (version_compare("4.3.0", phpversion(), "<"))
 { 
  $filecontents = @file_get_contents($url);
 }
 else
 {
  $fd = @fopen($url, 'rb');
  $filecontents = "";
  do 
  {
   $data = @fread($fd, 8192);
   if (strlen($data) == 0) 
   {
    break;
   }
   $filecontents .= $data;
  } while(true); 
  @fclose ($fd);
 }
 return $filecontents;
}
}

?>
CuSS
Sorry this doesn't work at alli get this messageWarning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/blahblahblah.co.uk/public/mailer.php:1) in /home/blahblahblah.co.uk/public/mailer.php on line 36Warning: Cannot modify header information - headers already sent by (output started at /home/blahblahblah.co.uk/public/mailer.php:1) in /home/blahblahblah.co.uk/public/mailer.php on line 52
judi
this is normaly a charset bug, are you using mac or win?
CuSS
+4  A: 

The binary-search method can be used here, which starts like this:

  1. Delete the bottom half of the file; check: Did that contain the "security code"?
  2. No: Delete the top half of the file; check: Did that contain the "security code"?
  3. No: Retest-assumption: Are you sure the security code is in this file?

Once you've found which half the "security code" is in:

  1. Delete the bottom half of that half of the file; check: Did that contain the "security code"?
  2. No: Delete the top half of that half of the file; check: Did that contain the "security code"?
  3. No: Retest-assumption: Are you sure the security code is in this half of this file?

Repeat until you have found the line (or lines) that you are interested in.

geocar
+1  A: 

Expanding on CuSS's answer.. This is unnecessary as well.

if ($usesecimage)
{
 $curr_path = getcwd(); 
 chdir($usesecimage);        // Go to the WSN directory 
 require 'start.php'; 
 if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
 $correct = securityimagevalue($seed);
 if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
 chdir($curr_path);      // Return to original directory 
}
Cameron Conner
thanks :)up for you ;)
CuSS