Posts Tagged ‘PHP’

  1. Install : Xdebug 

Can be done by install then entering the following :  /etc/php/7.1/fpm/php.ini:

zend_extension = /usr/lib/php/20160303/
xdebug.profiler_enable = 0
xdebug.profiler_output_name = cachegrind.out.%t
xdebug.profiler_enable_trigger = 1
xdebug.profiler_output_dir = /tmp
xdebug.profiler_enable_trigger_value = "<super secret key>"

In order, the configuration goes as follows: load the module, disable profiling be default, set the filename, enable triggering via GET/POST parameter, output in /tmp and only profile when given the key.

Restart php-fpm and you should be good to go.

2) Use the ?XDEBUG_PROFILE=<super secret key> appended to any page you want to debug and the debug file will be put in /tmp.

3) Open the debug file using something like :  For Analysis specifically for reducing 

Invocation Count is how many times that function was called. A simple tip for reducing this is to pull out any repetitive function calls from a for-loop into a single variable.

 Total Self Cost is the total percentage or time that the function is responsible for. You can improve this by reducing code complexity, using built-in native functions or removing unused variables.

GD Star Rating
GD Star Rating
if ($_POST)
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	echo "
	<table border='1'>
	foreach (explode(PHP_EOL, $_POST['textarea']) as $url)
		$url = trim($url);
		if (!preg_match("/^https?:\/\//i", $url))
			curl_setopt($ch, CURLOPT_URL, $url);
			$html = curl_exec($ch);
			if (!$html)
			$data = parse_page($html);
			// secure the data for printing
			$url = htmlentities($url, ENT_QUOTES);
			foreach ($data as $key => $value)
				$data[$key] = htmlentities($value, ENT_QUOTES, "UTF-8");
			echo "<tr>";
			echo "<td>{$url}</td>";
			echo "<td>{$data['title']}</td>";
			echo "<td>{$data['description']}</td>";
			echo "<td> {$data['keywords']}</td>";
			echo "</tr>";
	echo "
function parse_page($html)
     /* get page's title */
     preg_match("/<title>(.+)<\/title>/siU", $html, $matches);
     $title = $matches ? $matches[1] : null;
     /* get page's keywords */
     preg_match("/$re/siU", $html, $matches);
     $keywords = $matches ? $matches[1] : null;
     /* get page's description */
     preg_match("/$re/siU", $html, $matches);
     $desc = $matches ? $matches[1] : null;
     /* parse links */
     preg_match_all("/$re/siU", $html, $matches);
     $links = $matches ? $matches[2] : null;
	return array(
		"title" => $title,
		"description" => $desc,
		"keywords" => $keywords,
<form method="post" action="?">
<textarea name="textarea" cols="45" rows="5"><?php echo @htmlentities($_POST['textarea'], ENT_QUOTES, "UTF-8")?></textarea><br />
<input type="submit" name="button" id="button" value="Submit" />


GD Star Rating
GD Star Rating

paydayloanscamRecently a wordpress site had multiple SQL injections into the content randomly throughout the 100 or so blog posts as per right. These included generic keywords such as :

  • levitra
  • cialis
  • payday
  • viagra
  • pharmacy
  • pfizer

The sites it linked to where :

Going through these with Search and Replace plugin was going to take ages , so I tried to look for a regex script. I can across the following , curtious of however this only looked for cetrain Div Tags. I needed something to remove Hyperlinks containing the above keywords. I modified the code to the below and placed into the functions.php file and ran with preview on then off and went through the keyword list. Cleared about 1000 links!!

//Enter keyword below to check for in hyperlinks ( the whole link )
    $spamkeyword = "spamkeyword";
    // By default only preview infected posts. Change to 0 to clean posts
    $preview_only = 1;
    // This is the pattern to search and replace with blank
    $pattern = '%<a href=[\"\'][^"]*?'.$spamkeyword.'.*?[\"\']>.*?</a>%';
    // This is the query to find suspicious posts using fast SQL query
    $query="SELECT ID, post_content from $wpdb->posts where post_content LIKE '%$spamkeyword%'";
    global $wpdb;
    $num_cleaned = 0;
    $posts = $wpdb->get_results($query);
    echo "Suspicious: ".count($posts)." ";
    if ($preview_only)
      echo "Post IDs: ";
    // go through all suspicious posts
    foreach ($posts as $post)
//echo   $post->post_content;
        if (!$preview_only)
            // try the pattern
            $new_content=preg_replace($pattern, '',  $post->post_content);
            // update the cleaned content
            if ($new_content!=$post->post_content) {
                    'post_content' => $new_content
                array( 'ID' => $post->ID ));
        else echo $post->ID." ";
    //UnComment Below to See Results of Preview before comitting
    //echo preg_replace($pattern, '',  $post->post_content);
    if (!$preview_only)
      echo "Cleaned: $num_cleaned";


regex Upon searching for help with this , I did have to smile at the irony of the Regex Help Website being hacked in the same fashion , although obviously all clear now!

GD Star Rating
GD Star Rating