Differences

This shows you the differences between two versions of the page.

--- tips:findbadphp.php [2011-12-20 14:20] – 81.214.62.65
+++ tips:findbadphp.php [2013-08-31 01:25] – Fixed needle and haystack being the wrong way round, and improved trailing characters search to accept trailing new lines which PHP ignores. 81.83.194.5
@@ Line 1: / Line 1: @@
-<?php session_start();
+====== findbadphp.php ======
-ob_start();
-?>
+Use this script to find corrupted PHP files. Place it in your wiki root and call it from your browser.
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-<meta http-equiv="Content-Type" content="text/html;" charset="utf-8" />
-<link rel="stylesheet" type="text/css" href="css/giris.css"/>
-<title>Glengo CRM Raporlama</title>
-</head>
-<body>
-<form action="default.php" method="POST">
-<div id="login-box">
-        <H2>Rapor'a Giriş</H2>
-        Raporlama Sayfasına giriş için lütfen size verilmiş olan kullanıcı adını ve şifreyi giriniz
-        <br />
-        <br />
-            <div id="login-box-name" style="margin-top:20px;">Kullanıcı Adı:</div><div id="login-box-field" style="margin-top:20px;">		<input name="uq" class="form-login" title="Username" value="" size="30" maxlength="2048" /></div>
-      <div id="login-box-name">Şirfe:</div><div id="login-box-field"><input name="q" type="password" class="form-login" title="Password" value="" size="30" maxlength="2048" /></div>
-            <br />
-     		 <input type="image" name="girisb" src="images/login-btn.png" value="giris" id="girisb"   style="margin-left:90px;" >
-            <br/><br/>
-            <?php
-			if (isset($_REQUEST['uq'])) {
-					 if ($_POST['uq']!='a' || $_POST['q']!='a' ) {
-						 echo('<center>Yanlış Kullanıcı Adı Veya Parola Girdiniz</center>');
-					 }else
-					 {
-						 if (!isset($_SESSION)) {session_start();}
-						 $_SESSION['login'] = "1";
-						 header ("Location: page1.php");
-						 $_SESSION['giris_kontrol']='1';
-					 }
-				 }
-			?>
-  </div>
+<code php findbad.php>
-<form>
+<?php
-</body>
+/**
-</html>
+ * This script will search all PHP files in the same directory
+ * and below and will check for trailing or leading whitespaces
+ * and UTF-8 BOMs
+ */
+header("Content-Type: text/plain");
+echo "starting...\n";
+flush();
+traverse(dirname(__FILE__));
+echo "finished...\n";
+function traverse($dir){
+    if ($dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+            //skip hidden files and upper dirs
+            if(preg_match('/^[\._]/',$file)) continue;
+            if(is_dir($dir.'/'.$file)){
+                traverse($dir.'/'.$file);
+                continue;
+            }
+            flush();
+            if(!preg_match('/\.php$/',$file)) continue;
+            $check = @file_get_contents("$dir/$file",0,null,0,3);
+            if(!$check){
+                echo "$dir/$file is not readable.\n";
+                continue;
+            }
+            if($check == "\xef\xbb\xbf"){
+                echo "$dir/$file has UTF-8 BOM at start.\n";
+                continue;
+            }
+            if($check != '<?p'){
+                echo "$dir/$file doesn't start with <?php\n";
+                continue;
+            }
+            $check = file_get_contents("$dir/$file",0,null,
+                                filesize("$dir/$file")-5,5);
+            $pos = strpos($check, '?>');
+            if($pos !== false && !(substr($check,-2) == '?>' || substr($check,-3) == "?>\n") ){
+                echo "$dir/$file has trailing chars after closing ?>\n";
+                continue;
+            }
+       }
+       closedir($dh);
+   }
+}
+</code>