3 replies to this topic

[BlaineSch]

I started making my admin panel for a website of mine. I wanted to have a "command line" but for some reason it kept giving me some weird error when I submitted post data with odd characters? So I made this little snippet I thought I would share. Basically it converts each character in js to the ascii value and makes it comma seperated, then sends it through post, then php gets it, explodes it, and gets the real value of it.

<?PHP

function decoderbs($input) {

	$input = explode(',', $input);

	foreach($input as $p) {

		$n .= chr($p);

	}

	return $n;

}

?>

<script>

function changeit(value) {

	var ret = "";

	var i = 0;

	while(i < value.length) {

		ret += value.charCodeAt(i) + ",";

		i++;

	}

}

</script>

Could come in handy if you are encrypting in Javascript and decrypting in PHP but of course if the user could see this it probably isnt too safe. If you really wanted to use it publically - you could just copy the value into a hidden field instead of displaying it like I am doing. But like I said im doing this for my admin panel im not too worried about myself xssing it lol

[BlaineSch]

v2.0! Now both can encode/decode!

<?PHP

function encoderbs($input) {

    for($i = 0;$i < strlen($input);$i++) {

        $n .= ord($input[$i]).",";

    }

    return substr($n, 0, -1);

}

function decoderbs($input) {

    $input = explode(',', $input);

    foreach($input as $p) {

        $n .= chr($p);

    }

    return $n;

}

?>

<script>

function encoderbs(value) {

    var ret = "";

    var i = 0;

    while(i < value.length) {

        ret += value.charCodeAt(i) + ",";

        i++;

    }

} 

function decoderbs(value) {

    var ret = "";

    var i = 0;

    args = value.split(',');

    while(i < args.length) {

	ret += String.fromCharCode(args[i]);

        i++;

    }

    return ret;

}

</script>

[John]

This is for a web-based command line?

[BlaineSch]

Kinda, I originally made it because I had a type of "command line" I made for an admin panel for my site, but the thing was, it accepted multiple lines, so one line would log me in, the next say I wanna make a query, the next few lines until I ended would be the query. It gave me a TON of errors no matter what I did, so I made the v1 of this.

The v2 of this I made because I was doing the same thing but backwards, basically I want PHP to make this and Javascript to understand this. If in php your are echoing something into a script function you might get some errors if it contains HTML:

<?PHP

echo "<script>imp('2sa',1,'<form method=\"post\"><font style=\\'text-align:center;\\'>')";

I am sure you get the idea, obviously I "could" just slash everything out, but that may get annoying and I already had this simple script so I just expanded it a bit.