Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Anyone know what this code does?

Discussion in 'General Discussion' started by mctDarren, Apr 10, 2006.

  1. mctDarren

    mctDarren Well-Known Member

    Joined:
    Jan 6, 2004
    Messages:
    664
    Likes Received:
    3
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    Root Administrator
    It's a call to the cURL library within PHP. See http://curl.haxx.se for more info.

    The script as shown takes the string passed via the query string and redirects to that URL and stores the resulting page within the string variable "ch". Theoretically it could be used to download something to the person's home directory, but it looks as though they aren't doing anything with the result, just grabbing the page. Still, grabbing a URL from an unchecked querystring on an open system is (to me at least) a security hazard.
     
  2. WebHostPro

    WebHostPro Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,652
    Likes Received:
    15
    Trophy Points:
    318
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Twitter:
    What do you mean? Sorry confused.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. WebHostPro

    WebHostPro Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,652
    Likes Received:
    15
    Trophy Points:
    318
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Twitter:
    O.k. I see now... yep that's annoying.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. WebHostPro

    WebHostPro Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,652
    Likes Received:
    15
    Trophy Points:
    318
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    Twitter:
    I had a new customer sign up and upload a php file with this:

    <?php
    $desturl=$_SERVER['QUERY_STRING'];
    $ch = curl_init($desturl);
    curl_setopt($ch, CURLOPT_REFERER, $_SERVER['REFERRER']);
    curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
    curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
    #curl_setopt($ch, CURLOPT_COOKIEJAR, '-'); //we'll try it and see what happens.... =)
    curl_exec($ch);
    curl_close($ch);
    ?>

    I have ano idea what;s it's for actually.

    Thanks, Charles
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. mctDarren

    mctDarren Well-Known Member

    Joined:
    Jan 6, 2004
    Messages:
    664
    Likes Received:
    3
    Trophy Points:
    168
    Location:
    New Jersey
    cPanel Access Level:
    Root Administrator
    what is with these time differences lately here? Very annoying!
     
  6. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    It looks to me like it could be being used to test that curl works, perhaps they wanted to use curk so uploaded that test script early on to check whether curl worked?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice