Re: what does this code block do?

---

• From: "starman7" <starman7@xxxxxxxxxxx>
• Date: 21 Mar 2007 08:17:00 -0700

---

On Mar 19, 5:43 am, "Vince Morgan" <vin...@xxxxxxxxxxxxxxxxxxxxx>
wrote:

"starman7" <starm...@xxxxxxxxxxx> wrote in message

news:1174276558.004984.145320@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

On Mar 18, 8:42 pm, "Vince Morgan" <vin...@xxxxxxxxxxxxxxxxxxxxx>
wrote:

"Vince Morgan" <vin...@xxxxxxxxxxxxxxxxxxxxx> wrote in message

news:45fde317$0$4753$afc38c87@xxxxxxxxxxxxxxxxxxxxxxx

if ( strpos($config_content, 'dbuser') && (substr($config_content, 0,
5) != '<?php' || substr($config_content, -2) != '?>') )

{

Thanks for the insight. The application works without that code block
- so I'm guessing the config file gets loaded despite the reported
problem.

Yep, you are correct. There is no "return" or "exit" so the script should
keep on running after the message.

Here's my actual config file:

<?php

//
// phpBB 2.x auto-generated config file
// Do not change anything in this file!
//

$dbms = 'mysql4';

$dbhost = '127.0.0.1';
$dbname = '1234567';
$dbuser = '12345678';
$dbpasswd = '123456789';

$table_prefix = 'phpbb_';

define('PHPBB_INSTALLED', true);

?>

What is being checked in the "if" condition is of three parts.
First it checks for a substring "dbuser". The function "strpos()" returns
FALSE if the substring in question is not found, but it does exist in the
file apparently.
If it did not exist then the first condition "strpos($config_content,
'dbuser')" returning FALSE would cause the entire condition to return FALSE,
as the AND "&&" opperator does not bother evaluating any further if the
first part is FALSE.

In the second part. If the first five chars of the file are not "<?php"
[minuse the quotes] or, the last two chars are not "?>" then the entire
condition evaluates as TRUE. If the condition as a whole returns TRUE you
get the message.

It could be written as below, and still work.
if ( strpos($config_content, 'dbuser') AND (substr($config_content, 0, 5)
!= '<?php' OR substr($config_content, -2) != '?>') )

any ideas why the code complains about it?

I think the problem is discovered in the second part of the condition.
That will evaluate as TRUE if the first 5 chars are not exactly "<?php", OR
if the last 2 chars are not exactly"?>".
A space in either part would cause the message to be output.
That is where I would be looking with regard to the above.

i've tried even moving everything to one line, but always seem to get
the error (unless i remove that block) - might this code be evaluated
for some reason unintended by the author's warning?

Can't help you there.

might removing
this code decrease the app's security?

Don't know.

i should mention the

environment is selinux - which requires specific/enhanced
permissions ... not sure if that's relevant given the above info ...

Nope, can't see that being the case.

If the first five chars are "<?php" and the last are "?>" including hidden
characters, I would be lost too.
If the var that the file was loaded into was empty the first part of the
condition would evaluate as FALSE and you wouldn't see the message.
I would be making absolutely certain the the file begins with "<?php" and
ends with "?>". No line break or spaces whatsoever either before the first
part, or after the last part.

I believe you have a hidden character, or a line break, or space after the
"?>"

HTH
Vince Morgan

thanks vince -

actually there seems to be an invisible space after the ending >
but i can't see it - when i echo substr($config_content, -2) it's '>
' (single quotes to indicate trailing space).
how can i get rid of? why does it pass ** dbloader test? could the
space be coming from outside the file?

** dbloader is a php page that tests the config file (among other
things) and reports it as ok

.

---

• References:
  • what does this code block do?
    • From: starman7
  • Re: what does this code block do?
    • From: Vince Morgan
  • Re: what does this code block do?
    • From: Vince Morgan
  • Re: what does this code block do?
    • From: starman7
  • Re: what does this code block do?
    • From: Vince Morgan

• Prev by Date: Re: Why is my email looking screwed up in Outlook?
• Next by Date: Re: fsockopen() Cookie problem Maximum execution time of 30 seconds exceeded
• Previous by thread: Re: what does this code block do?
• Next by thread: WTD: Site Design and Built
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Remoting Help Required ... .config file, register it as a well known type and as long as it's in the ... instances of your app out there pointing to a separate instance of that dll. ... > Now I have a request to run multiple versions of the reports on the ... (microsoft.public.dotnet.languages.vb) Re: what does this code block do? ... - so I'm guessing the config file gets loaded despite the reported ... If the first five chars of the file are not "<?php" ... this code decrease the app's security? ... I believe you have a hidden character, or a line break, or space after the ... (alt.php) Re: Latest patch parses 1.1 pages with 2.0 ... It reports 1.1. ... The properties for the root site in the MMC plugin show the .Net version as ... Version Information: Microsoft .NET Framework Version:2.0.50727.832; ... Now I could fix the config file to run happily under 2.0, ... (microsoft.public.dotnet.framework.aspnet) Re: XP is great ... > What the hell are you guys doing to corrupt your WinXP installs? ... > reports about the SP2, but other than that XP is more stable and robust ... config file, We now blow a lot of time here on nitting with versioning and ... (sci.electronics.design) Re: Bulldog UPS ... >> I have a couple and they work great with Linux. ... There's a config file. ... Also status reports are by both popup messages and ... (alt.os.linux.suse)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)