Jump to content

replacing http: at start of a string with https:


Greywacke
 Share

Recommended Posts

hi there,the following piece of php was recommended on the one accurately targeted site out of very few that were resulting from my :) search.

<?php/*SURVEY MANAGER FORM GENERATORVersion 2.2.5*/function encrypt($string, $key) {  $result = '';  for($i=0; $i<strlen($string); $i++) {    $char = substr($string, $i, 1);    $keychar = substr($key, ($i % strlen($key))-1, 1);    $char = chr(ord($char)+ord($keychar));    $result.=$char;  }  return base64_encode($result);}function decrypt($string, $key) {  $result = '';  $string = base64_decode($string);  for($i=0; $i<strlen($string); $i++) {    $char = substr($string, $i, 1);    $keychar = substr($key, ($i % strlen($key))-1, 1);    $char = chr(ord($char)-ord($keychar));    $result.=$char;  }  return $result;}// load installation db by passing encrypted include path in querystring$key = "JapieMySkapie101";$qs_encr = explode('?',$_SERVER['QUERY_STRING'],2);$qs_decr = explode('&',decrypt($qs_encr[0], $key),2);//print_r($qs_decr);$p = $qs_decr[0];			// installation path$q = $qs_decr[1];			// consumer survey idif (file_exists($p)) include($p);	// call global includefunction getquestions($surveytype,$consumerid,$leadid=0,$refid=0) {	global $conn;	$sql = "SELECT * 			FROM 				22_surveyquestions 			LEFT JOIN 				23_surveyoptions 			ON (				22_surveyquestions.bigint_QuestionID = 23_surveyoptions.bigint_QuestionID			) 			WHERE 				22_surveyquestions.bigint_TypeID = ".$surveytype." 			ORDER BY 				22_surveyquestions.smallint_SortOrder ASC, 				23_surveyoptions.smallint_SortOrder ASC;";	$result = mysql_query_errors($sql, $conn , __FILE__ , __LINE__ );	$html = "<form id=\"form_survey\" name=\"form_survey\" method=\"post\" accept-charset=\"UTF-8\" action=\"survey_handler.php\" onsubmit=\"return valform(this);\">".			"<input name=\"consumersurveyid\" id=\"consumersurveyid\" type=\"hidden\" value=\"".$GLOBALS["q"]."\" />".			"<input name=\"includepath\" id=\"includepath\" type=\"hidden\" value=\"".$GLOBALS["p"]."\" />\n";	$q = array();	$q[0] = "";	$q[1] = "";	$shtml = "";	$i = 0;	if ($result) {		while ($row = mysql_fetch_array($result)) {			$q[1] = $row["text_QuestionContent"];			if ($q[0] != $q[1]) {				$i++;				$n = 0;				if ($q[0] != "") {					$html .= "	</p>\n";				}				$q[0] = $q[1];				$html .= "	<p><label for=\"radio_answer_".$i."_1\"><strong>".$i."). ".$q[1]."</strong></label></p>\n".						 "	<p>\n";				$shtml = "";			}			$n++;			$a = xmlentities($row["text_OptionContent"]);			$sid = 0;			switch ($row["tinyint_OptionType"]) {				case 1:		// radio select + text input					$html .= "	  <input type=\"radio\" name=\"group_".$i."\" id=\"radio_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.0\" onfocus=\"document.form_survey.text_".$row["bigint_OptionID"].".focus();\" />".							 "<label for=\"radio_".$i."_".$n."\" >  ".$a."<br />   ".							 "<input type=\"text\" name=\"text_".$row["bigint_OptionID"]."\" id=\"text_".$row["bigint_OptionID"]."\" value=\"\" /></label><br />\n";					break;				case 2:		// checkbox					$html .= "	  <input type=\"checkbox\" name=\"group_".$i."[]\" id=\"check_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.0\" />".							 "<label for=\"check_".$i."_".$n."\" >  ".$a."</label><br />\n";					break;				case 3:		// checkbox + text input					$html .= "	  <input type=\"checkbox\" name=\"group_".$i."[]\" id=\"check_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.0\" onfocus=\"document.form_survey.text_".$row["bigint_OptionID"].".focus();\" />".							 "<label for=\"check_".$i."_".$n."\" >  ".$a."<br />   ".							 "<input type=\"text\" name=\"text_".$row["bigint_OptionID"]."\" id=\"text_".$row["bigint_OptionID"]."\" value=\"\" /></label><br />\n";					break;				case 4:		// supplier names listing radio					$sql0 = "SELECT 								5_suppliers.bigint_SupplierID, 								5_suppliers.text_SupplierName 							FROM 								5_suppliers 							LEFT JOIN (								27_leadssent, 								13_prospectleadsent							) ON (								5_suppliers.bigint_SupplierID = 27_leadssent.bigint_SupplierID AND 								5_suppliers.bigint_SupplierID = 13_prospectleadsent.bigint_SupplierID							) 							WHERE 								27_leadssent.bigint_LeadID = ".$leadid." OR 								13_prospectleadsent.bigint_ProspectID = ".$refid." 							GROUP BY 								5_suppliers.text_SupplierName;";					$result0 = mysql_query_errors($sql0, $conn , __FILE__ , __LINE__ );					if ($result0) {						while ($row0 = mysql_fetch_array($result0)) {							$a = $row0["text_SupplierName"];							$html .= "	  <input type=\"radio\" name=\"group_".$i."\" id=\"supplier_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.".$row0["bigint_SupplierID"]."\" />".									 "<label for=\"supplier_".$i."_".$n."\" >  ".$a."</label>".									 "<input type=\"hidden\" name=\"text_".$row0["bigint_SupplierID"]."\" id=\"text_".$row0["bigint_SupplierID"]."\" value=\"".$a."\" /><br />\n";							if ($n<mysql_num_rows($result0)) $n++;						}					}					break;				case 5:		// supplier names listing checkbox					$sql0 = "SELECT 								5_suppliers.bigint_SupplierID, 								5_suppliers.text_SupplierName 							FROM 								5_suppliers 							LEFT JOIN (								27_leadssent, 								13_prospectleadsent							) ON (								5_suppliers.bigint_SupplierID = 27_leadssent.bigint_SupplierID AND 								5_suppliers.bigint_SupplierID = 13_prospectleadsent.bigint_SupplierID							) 							WHERE 								27_leadssent.bigint_LeadID = ".$leadid." OR 								13_prospectleadsent.bigint_ProspectID = ".$refid." 							GROUP BY 								5_suppliers.text_SupplierName;";					$result0 = mysql_query_errors($sql0, $conn , __FILE__ , __LINE__ );					if ($result0) {						while ($row0 = mysql_fetch_array($result0)) {							$a = $row0["text_SupplierName"];							$html .= "	  <input type=\"checkbox\" name=\"group_".$i."[]\" id=\"supplier_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.".$row0["bigint_SupplierID"]."\" />".									 "<label for=\"supplier_".$i."_".$n."\" >  ".$a."</label>".									 "<input type=\"hidden\" name=\"text_".$row0["bigint_SupplierID"]."\" id=\"text_".$row0["bigint_SupplierID"]."\" value=\"".$a."\" /><br />\n";							if ($n<mysql_num_rows($result0)) $n++;						}					}					break;				default:	// radio select					$html .= "	  <input type=\"radio\" name=\"group_".$i."\" id=\"radio_".$i."_".$n."\" value=\"".$row["bigint_OptionID"].";.0\" />".							 "<label for=\"radio_".$i."_".$n."\" >  ".$a."</label><br />\n";			}		}		mysql_free_result($result);	}	$html .= "	</p>\n";	$html .= "	<p><input type=\"submit\" value=\"Submit!\" /><input type=\"reset\" value=\"Reset...\" /></p>\n";	$html .= "</form>";	return array($i, $html);}if (is_numeric($q)) {	// retrieve consumer survey created with cronjob	$sql0 =    "SELECT * 					FROM 						21_consumersurveys 					LEFT JOIN (						19_consumers, 						20_surveytypes, 						2_servicescatalogue, 						10_serviceprospects, 						25_serviceleads					) ON (						25_serviceleads.bigint_ConsumerID = 19_consumers.bigint_ConsumerID AND (						21_consumersurveys.bigint_ReferenceID = 10_serviceprospects.bigint_ProspectID OR 						21_consumersurveys.bigint_LeadID = 25_serviceleads.bigint_LeadID) AND 						21_consumersurveys.bigint_SurveyType = 20_surveytypes.bigint_SurveyID AND 						25_serviceleads.bigint_ServiceID = 2_servicescatalogue.bigint_ServiceID					) 					WHERE 						21_consumersurveys.bigint_ConsumerSurveysID = ".$q." 						LIMIT 0, 1;";	$result0 = mysql_query_errors($sql0, $conn , __FILE__ , __LINE__ );	if ($result0) {		if ($row = mysql_fetch_array($result0)) {			// initiate variables			$service			= $row["bigint_ServiceID"];			$consumerfullname	= $row["text_ConsumerName"];			$consumeremail		= $row["text_ConsumerE-Mail"];			$region				= $row["bigint_ConsumerRegion"];			$attribs			= $row["text_LeadAttributes"];			$attribsarr			= formattribs($attribs);			$surveytype			= $row["text_SurveyDescription"];			$surveyq			= getquestions($row["bigint_SurveyType"],$row["bigint_ConsumerID"],$row["bigint_LeadID"],$row["bigint_ReferenceID"]);			$qcnt				= $surveyq[0];			$surveyquestions	= $surveyq[1];			$servicename		= xmlentities($row["text_ServiceDescription"]);			$surveyurl			= "https://www.intellisource.co.za/survey.php?".$qs_encr[0];			$referer			= (isset($_SERVER['HTTP_REFERER']))?$_SERVER['HTTP_REFERER']:"";			$prospecting		= 0;			$recipient[6]		= 0;			$tsql0 = "SELECT * FROM 32_webformconfigs WHERE text_FormWebLocation LIKE \"".$referer."%\";";			$tresult0 = mysql_query_errors($tsql0, $conn, __FILE__, __LINE__ );			$trow0 = mysql_fetch_array($tresult0);			$formid = $trow0["bigint_FormID"];			$formname = $trow0["text_FormName"];			$formlogo = $trow0["text_FormLogo"];			$formfromname = $trow0["text_FormMailerFromName"];			$formfrommail = $trow0["text_FormMailerFromAddress"];			$redirect = $trow0["text_Redirect"];			$pmail = $trow0["text_FormMailerFromAddress"];			$tafurl = $trow0["text_WebFormTAFUrl"];			$tafimg = $trow0["text_WebFormTAFImage"];?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta name="robots" content="none" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title><?php echo populateflags("%SURVEYHEADER%"); ?></title><script language="javascript" defer="defer"><!--function valform(form) {	for (var i = 0; i < form.elements.length; i++) {		var elm = form.elements[i];		var type = elm.type;		var name = elm.name;		var val = elm.value;		var sele = false;		//alert(name);		switch (type) {			case "radio":				var q = parseInt(name.split("_")[1]);				for (var n = 0; n < form[name].length; n++) {					if (form[name][n].checked) {						sele = true;					}				}				if (!sele) {					alert("An answer is required for question "+q+").");					form.elements[i].focus();					return false;				}				break;			case "text":				if (form.elements[i-1].checked && elm.value == "") {					alert("Input text is required for checked or selected options.");					form.elements[i].focus();					return false;				}				break;		}	}	return true;}//--></script><style type="text/css"><!--body {	background:				#ffffff url('https://www.intellisource.co.za/images/mail_bg.jpg') repeat-x fixed top left;}* {	margin:					0px;	padding:				0px;}h1, h2, div {	font:					10pt Tahoma, Verdana, Arial, Helvetica, sans-serif;}p {	clear:					both;	margin:					12px;}a {	font-weight:			bold;	text-decoration:		none;}div.gw000 { /* container */	width:					90%;	margin:					0 auto;}div.gw001 { /* header */	text-align:				left;	vertical-align:			top;}div.gw002 { /* tools */	text-align:				justify;}div.gw003 { /* data listing */	}A.gw000:hover {	color:					#008000;}A.gw001:hover {	color:					#800000;}div.gw004 { /* footer */	padding:				12px;	font-size:				9pt;	text-align:				right;	border-top:				#b0b0b0 solid 1px;}div.gw005 { /* lead cost / balance */	float:					left;	text-align:				left;}div.colleft {	color:					inherited;	width:					65%;	float:					left;}div.colright {	color:					inherit;	width:					30%;	float:					right;}.cleart {	clear:					both;	margin:					12px;}.clearb {	clear:					both;	color:					#606060;	margin:					12px;}input[type="text"] {	margin-left:			21px;	width:					260px;}//--></style></head><body><div class="gw000">         <div class="gw001"><img src="<?php echo populateflags("%LOGO%"); ?>" alt="" hspace="5" border="0" align="left" /></div>    <div class="gw002"><?php echo populateflags("%SURVEYINTRO%"); ?></div>    <div class="gw003"><?php echo populateflags("%SURVEYSIGNATURE%"); ?></div>	<div class="gw004"><div class="gw005"><?php echo ((count($sql))?"SQL DEBUGGING INFO:<br />\n<br />\n".join("<br />\n<br />\n",$sql):""); ?></div></div></div></body></html><?php		}	}}?>

Edited by Pierre 'Greywacke' du Toit
Link to comment
Share on other sites

ah i get it now... the referer is not the form (this is where it identifies the form from). hmmm, wrote a query to identify the form by the form id now passed in the leads. also put a copy of the logo on the intellisource domain for download by the form. this issue is now officially sorted! the logo displays and no images "break" the https anymore... :)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...