Sign In
Create Account
Follow Us on Twitter
Subscribe on Youtube
1
* urls.txt : Url
* bad.txt : list of words to scan and replace
* fix-dnn.php : the main script
fix-dnn.php
* Populate an array of urls from urls.txt
* Populate an array of badwords from bad.txt
* Any urls that start with "#" in urls.txt are disabled.
* Do a get request on every url one by one
o Extract the text saved inside textarea.
o Scan for extracted content for any bad words
o Replace bad words with #
o Resend the new created filtered data back to that url using post so its saved
Issue
* the POST request is not working, it doesn't update content to filtered content.
Example Use case
* Pick http://nolimitswebde....4/Default.aspx
* Check content under " Edit Text/HTML" after you click "Basic Text Box"
* The text specific inside <a> tags there is also specific in bad.txt, e.g. it has to be replaced with #
* Script works fine, but the last post doesn't update content of the text area.
Code
urls.txt
http://nolimitswebdesign.com.dnnmax.c
bad.txt
thistextSHOULBEDELETED
001.<?php
002.
003.// get arrays of bad worlds
004.$urls = file("urls.txt");
005.$badWords = file("bad.txt");
006.
007.
008.// loop over every url...
009.foreach($urls as $url) {
010.
011. // get rid of any whitespace of linebreaks
012. $url = trim($url);
013.
014. if(!startsWith($url, "#")) //# is used to comment any inactive urls
015. {
016.
017. echo "<BR />\n Sending Request to ". $url;
018. // sending a get request using curl
019. $getPage = sendCurl( $url, false, "" );
020. echo "<BR />\n Got Response";
021.
022.
023. // Check for possible errors
024. if ( $getPage['errno'] != 0 )
025. echo"<BR />\n Could not get Page: Error => bad url | timeout | redirect loop";
026.
027. else if ( $getPage['http_code'] != 200 )
028. echo"<BR />\n Could not get Page : Error => no page | no permissions | no service";
029.
030. else {
031. echo "<BR />\n No Errors Encountered. Successfully fetched page";
032.
033. // get page content
034. $page = $getPage['content'];
035.
036.
037.
038.
039. //echo "<BR />\n Extracted View State:<BR />\n" . $viewstate;
040. //echo "<BR />\n";
041. $viewstate = getVStateContent($page);
042.
043.
044.
045. // extracting data from textarea
046. $content = getTAreaContent($page);
047. //echo "<BR />\n Extracted Content:<BR />\n" . $content;
048. //echo "<BR />\n";
049.
050.
051. // check if extracted data contains any bad words
052. foreach($badWords as $badWord) {
053.
054. // get rid of any whitespace of linebreaks
055. $badWord = trim($badWord);
056.
057. //echo "<BR />\nTesting for : " . $badWord;
058. //echo "<BR /><BR />\n\nstrstr(\"$content\",\"$badWord\")";
059.
060. // check if selected bad word exists in content, if yes, replace it
061. if(strstr($content, $badWord)) {
062. //echo "Found it";
063. $content = str_replace($badWord, "#", $content);
064. }
065. }
066.
067. //echo "<BR /><BR />\n\n New Content:<BR />\n" . $content;
068. //echo "<BR /><BR />\n\n";
069.
070.
071. $postContent = getPostArray($viewstate, $content);
072. echo "<BR /><BR />\n\n Post Content:<BR />\n";
073. print_r($postContent);
074.
075.
076.
077.
078. echo "<BR /><BR />\n\n";
079. echo "<BR />\n Sending Postback to : " . $url;
080. $postbackPageCurl = sendCurl( $url, true, $postContent );
081.
082. // Check for possible errors
083. if ( $postbackPageCurl['errno'] != 0 )
084. echo"<BR />\n Could not send postback : Error => bad url | timeout | redirect loop";
085.
086. else if ( $postbackPageCurl['http_code'] != 200 )
087. echo"<BR />\n Could not send postback : Error: no page | no permissions | no service";
088.
089. else {
090.
091. echo "<BR />\n Postback was sent successfuly";
092. echo "<BR />\n";
093.
094.
095.
096. // get page content, this should contain the filtered content and "Basic Text Box" checked
097. $postbackPage = $postbackPageCurl['content'];
098. //echo "<BR /><BR />\n\nPage content:<BR/><BR/>\n\n";
099. //echo $postbackPage;
100.
101. echo "<BR /><BR />\n\n";
102. echo "Returned content after Post is <BR/>\n";
103. echo getTAreaContent($postbackPage);
104. echo "<BR /><BR />\n\n";
105. }
106.
107. }
108.
109. }
110.
111.
112.}
113.
114.
115.
116.// This function extracts and returns the text written inside text area from page's content
117.function getTAreaContent($data) {
118. $contentStartTag = "wrap=\"virtual\">";
119. $contentEndTag = "</textarea>";
120. $contentStartIndex = strpos($data, $contentStartTag) +15;
121. $contentEndIndex = strpos(substr($data, $contentStartIndex), $contentEndTag);
122.
123. // extracting data from textarea
124. $content = substr($data, $contentStartIndex, $contentEndIndex);
125.
126. return $content;
127.
128.}
129.
130.
131.// This function extracts and returns __VIEWSTATE from a page's content
132.function getVStateContent($data) {
133.
134. $viewstateStartTag = "<input type=\"hidden\" name=\"__VIEWSTATE\" id=\"__VIEWSTATE\" value=\"";
135. $viewstateEndTag = "\" />";
136. $viewstateStartIndex = strpos($data, $viewstateStartTag) + 64;
137. $viewstateEndIndex = strpos(substr($data, $viewstateStartIndex), $viewstateEndTag);
138. $viewstate = substr($data, $viewstateStartIndex, $viewstateEndIndex);
139.
140. return $viewstate;
141.}
142.
143.
144.
145.
146.
147.// This function return POSTARGS that are meant to be sent to the page within post request
148.function getPostArray($viewstate, $content) {
149.
150. $postContent["__EVENTTARGET"] = "dnn\$ctr374\$EditHTML\$teContent\$optView\$0";
151. $postContent["__EVENTARGUMENT"] = "";
152. $postContent["__LASTFOCUS"] = "";
153. $postContent["__VIEWSTATE"] = $viewstate;
154. $postContent["dnn\$dnnSEARCH\$txtSearchNew"] ="";
155. $postContent["dnn\$ctr374\$EditHTML\$teContent\$optView"] = "RICH";
156. $postContent["dnn\$ctr374\$EditHTML\$teContent\$txtDesktopHTML"] = $content;
157. $postContent["dnn\$ctr374\$EditHTML\$txtDesktopSummary"] = "";
158. $postContent["ScrollTop"] ="";
159. $postContent["dnn\$ctr374\$EditHTML\$teContent\$optRender"] = "T";
160. $postContent["dnn\$IconBar.ascx\$optMode"] = "VIEW";
161. $postContent["__dnnVariable"] = "SearchIconWebUrl:url(/images/Search/google-icon.gif);". "SearchIconSiteUrl:url(/images/Search/dotnetnuke-icon.gif);".
162. "SearchIconSelected:S";
163.
164.
165. return $postContent;
166.}
167.
168.
169.
170.
171.
172.function startsWith($haystack,$needle,$case=true) {
173. if($case){return (strcmp(substr($haystack, 0, strlen($needle)),$needle)===0);}
174. return (strcasecmp(substr($haystack, 0, strlen($needle)),$needle)===0);
175.}
176.
177.function endsWith($haystack,$needle,$case=true) {
178. if($case){return (strcmp(substr($haystack, strlen($haystack) - strlen($needle)),$needle)===0);}
179. return (strcasecmp(substr($haystack, strlen($haystack) - strlen($needle)),$needle)===0);
180.}
181.
182.
183.
184.// This function sends GET/POST requests using curl
185.function sendCurl( $url, $ispost=false, $postData="", $cookie="" )
186.{
187.
188. $options = array(
189. CURLOPT_RETURNTRANSFER => true, // return web page
190. CURLOPT_HEADER => false, // don't return headers
191. CURLOPT_FOLLOWLOCATION => true, // follow redirects
192. CURLOPT_ENCODING => "", // handle all encodings
193. CURLOPT_AUTOREFERER => true, // set referer on redirect
194. CURLOPT_CONNECTTIMEOUT => 120, // timeout on connect
195. CURLOPT_TIMEOUT => 120, // timeout on response
196. CURLOPT_MAXREDIRS => 10, // stop after 10 redirects
197. CURLOPT_USERAGENT => "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)",
198. CURLOPT_REFERER => $url,
199. CURLOPT_HTTPHEADER => array(
200. "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
201. "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7",
202. "Accept-Encoding: gzip,deflate",
203. "Accept-Language: en-us,en;q=0.5",
204. "Connection: Keep-Alive",
205. "Content-Type: text/xml; charset=utf-8",
206. "Expect: 100-continue",
207. "Keep-Alive: 115")
208. // These headers were extracted from a DNN POST request using Firefox's Live HTTP Headers plugin
209.
210. );
211.
212.
213. if($ispost) {
214. $options[CURLOPT_POST] = 1; // its a post request
215. $options[CURLOPT_POSTFIELDS] = $postData; // data for post request
216. }
217.
218.
219.
220.
221. $ch = curl_init( $url );
222. curl_setopt_array( $ch, $options );
223. $content = curl_exec( $ch );
224. $err = curl_errno( $ch );
225. $errmsg = curl_error( $ch );
226. $header = curl_getinfo( $ch );
227. curl_close( $ch );
228.
229. $header['errno'] = $err;
230. $header['errmsg'] = $errmsg;
231. $header['content'] = $content;
232. return $header;
233.}
234.
235.?>
Out Put
01.Sending Request to http://nolimitswebdesign.com.dnnmax.c...
02.Got Response
03.No Errors Encountered. Successfully fetched page
04.
05.Post Content:
06.Array ( [__EVENTTARGET] => dnn$ctr374$EditHTML$teContent$optView$0 [__EVENTARGUMENT] => [__LASTFOCUS] => [__VIEWSTATE] => /wEPDwUJMjgzMDU3ODk3D2QWBmYPFgIeBFRleHQFeTwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj5kAgEPZBYMAgEPFgIeB1Zpc2libGVoZAICDxYCHgdjb250ZW50BQpNeSBXZWJzaXRlZAIDDxYCHwIFOERvdE5ldE51a2UsIEROTiwgQ29udGVudCwgTWFuYWdlbWVudCwgQ01TLERvdE5ldE51a2UsRE5OZAIEDxYCHwIFKENvcHlyaWdodCAyMDA5IGJ5IERvdE5ldE51a2UgQ29ycG9yYXRpb25kAgUPFgIfAgULRG90TmV0TnVrZSBkAgYPFgIfAgUKTXkgV2Vic2l0ZWQCAg9kFgICAQ9kFgICBA9kFgJmD2QWFAIBD2QWAmYPZBYGAgMPEGRkFgFmZAIJD2QWAmYPDxYGHghJbWFnZVVybAUSL2ltYWdlcy9leHBhbmQuZ2lmHg1BbHRlcm5hdGVUZXh0BQhNYXhpbWl6ZR4HVG9vbFRpcAUITWF4aW1pemUWCh4HdXNlcmN0cgUJVXNhYmlsaXR5Hgd1c2Vya2V5BRRDb250cm9sUGFuZWxWaXNpYmxlMB4Hb25jbGljawVRaWYgKF9fZG5uX1NlY3Rpb25NYXhNaW4odGhpcywgICdkbm5fSWNvbkJhci5hc2N4X3Jvd0NvbnRyb2xQYW5lbCcpKSByZXR1cm4gZmFsc2U7HghtYXhfaWNvbgUSL2ltYWdlcy9leHBhbmQuZ2lmHghtaW5faWNvbgUUL2ltYWdlcy9jb2xsYXBzZS5naWZkAgsPFgIeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7FgZmD2QWGAIDD2QWAmYPDxYCHwQFDEFkZCBOZXcgUGFnZWRkAgUPZBYCZg8PFgIfBAUVQ3VycmVudCBQYWdlIFNldHRpbmdzZGQCBw8PZBYCHgdvbkNsaWNrBUhqYXZhc2NyaXB0OnJldHVybiBjb25maXJtKCdBcmUgWW91IFN1cmUgWW91IFdpc2ggVG8gRGVsZXRlIFRoaXMgUGFnZT8nKTsWAmYPDxYCHwQFE0RlbGV0ZSBDdXJyZW50IFBhZ2VkZAIJDw8WAh8ABQNBZGRkZAILDw8WAh8ABQhTZXR0aW5nc2RkAg0PDxYCHwAFBkRlbGV0ZRYCHwwFSGphdmFzY3JpcHQ6cmV0dXJuIGNvbmZpcm0oJ0FyZSBZb3UgU3VyZSBZb3UgV2lzaCBUbyBEZWxldGUgVGhpcyBQYWdlPycpO2QCDw9kFgJmDw8WAh8EBRFDb3B5IEN1cnJlbnQgUGFnZWRkAhEPZBYCZg8PFgIfBAULRXhwb3J0IFBhZ2VkZAITD2QWAmYPDxYCHwQFC0ltcG9ydCBQYWdlZGQCFQ8PFgIfAAUEQ29weWRkAhcPDxYCHwAFBkV4cG9ydGRkAhkPDxYCHwAFBkltcG9ydGRkAgEPZBYQAgEPEGRkFgFmZAIFDxBkZBYAZAIHDxAPFgIeC18hRGF0YUJvdW5kZ2QQFQkRPFNlbGVjdCBBIE1vZHVsZT4NQWNjb3VudCBMb2dpbgdCYW5uZXJzDUZlZWQgRXhwbG9yZXIFTGlua3MMU2VhcmNoIElucHV0DlNlYXJjaCBSZXN1bHRzCVRleHQvSFRNTAxVc2VyIEFjY291bnQVCQItMQIzMgIxNQI1MAI1NgI0NAI0NQI1NQIzMxQrAwlnZ2dnZ2dnZ2dkZAILDxBkDxYBZhYBEAULQ29udGVudFBhbmUFC0NvbnRlbnRQYW5lZ2RkAg0PDxYCHgdFbmFibGVkaGRkAhEPEGRkFgBkAhkPDxYEHwAFA0FkZB8OaGRkAiMPDxYCHwAFGkluc3RhbGwgQWRkaXRpb25hbCBNb2R1bGVzZGQCAg9kFhgCAw8PFgIfDmhkFgJmDw8WBB8DBS9+L0FkbWluL0NvbnRyb2xQYW5lbC9pbWFnZXMvaWNvbmJhcl9zaXRlX2J3LmdpZh8EBRJFZGl0IFNpdGUgU2V0dGluZ3NkZAIFDw8WAh8OaGQWAmYPDxYEHwMFMH4vQWRtaW4vQ29udHJvbFBhbmVsL2ltYWdlcy9pY29uYmFyX3VzZXJzX2J3LmdpZh8EBQxNYW5hZ2UgVXNlcnNkZAIHDw8WAh8OaGQWAmYPDxYEHwMFMH4vQWRtaW4vQ29udHJvbFBhbmVsL2ltYWdlcy9pY29uYmFyX3JvbGVzX2J3LmdpZh8EBRVNYW5hZ2UgU2VjdXJpdHkgUm9sZXNkZAIJDw8WBB8ABQRTaXRlHw5oZGQCCw8PFgQfAAUFVXNlcnMfDmhkZAINDw8WBB8ABQVSb2xlcx8OaGRkAg8PDxYCHw5oZBYCZg8PFgQfAwUwfi9BZG1pbi9Db250cm9sUGFuZWwvaW1hZ2VzL2ljb25iYXJfZmlsZXNfYncuZ2lmHwQFDE1hbmFnZSBGaWxlc2RkAhEPDxYCHgtOYXZpZ2F0ZVVybAVCaHR0cDovL3d3dy5kb3RuZXRudWtlLmNvbS9kZWZhdWx0LmFzcHg/dGFiaWQ9Nzg3JmhlbHBjdWx0dXJlPWVuLXVzZBYCZg8PFgIfBAUQR290byBPbmxpbmUgSGVscGRkAhMPDxYCHw5oZBYCZg8PFgQfAwU0fi9BZG1pbi9Db250cm9sUGFuZWwvaW1hZ2VzL2ljb25iYXJfc29sdXRpb25zX2J3LmdpZh8EBQ5WaWV3IFNvbHV0aW9uc2RkAhUPDxYEHwAFBUZpbGVzHw5oZGQCFw8PFgQfAAUESGVscB8PBUJodHRwOi8vd3d3LmRvdG5ldG51a2UuY29tL2RlZmF1bHQuYXNweD90YWJpZD03ODcmaGVscGN1bHR1cmU9ZW4tdXNkZAIZDw8WBB8ABQlTb2x1dGlvbnMfDmhkZAIDD2QWCGYPFgIfAWhkAgEPEA8WAh8BaGRkFgBkAgIPFgIfAWhkAgMPFgIfAWhkAgUPZBYCZg8PFgQfBQUKTXkgV2Vic2l0ZR8PBTRodHRwOi8vbm9saW1pdHN3ZWJkZXNpZ24uY29tLmRubm1heC5jb20vRGVmYXVsdC5hc3B4ZGQCBw9kFgRmDxYCHwFoFgYCAQ8QDxYKHghDc3NDbGFzcwUQU2VydmVyU2tpbldpZGdldB8ABQNXZWIfBQURR29vZ2xlIFdlYiBTZWFyY2geB0NoZWNrZWRnHgRfIVNCAgJkZGRkAgMPEA8WCh8QBRBTZXJ2ZXJTa2luV2lkZ2V0HwAFBFNpdGUfBQULU2l0ZSBTZWFyY2gfEWcfEgICZGRkZAIHDw8WBh8QBRBTZXJ2ZXJTa2luV2lkZ2V0HwAFXjxpbWcgc3JjPSIvUG9ydGFscy9fZGVmYXVsdC9Ta2lucy9NaW5pbWFsRXh0cm9weS9pbWFnZXMvc2VhcmNoLmdpZiIgYm9yZGVyPSIwIiBhbHQ9IlNlYXJjaCIgLz4fEgICZGQCAg8WAh8BZxYEZg8PFgIfBAUWU2VsZWN0IHRoZSBzZWFyY2ggdHlwZWRkAgIPDxYGHxAFEFNlcnZlclNraW5XaWRnZXQfAAVePGltZyBzcmM9Ii9Qb3J0YWxzL19kZWZhdWx0L1NraW5zL01pbmltYWxFeHRyb3B5L2ltYWdlcy9zZWFyY2guZ2lmIiBib3JkZXI9IjAiIGFsdD0iU2VhcmNoIiAvPh8SAgJkZAIPD2QWAmYPDxYGHxAFBHVzZXIfAAUIUmVnaXN0ZXIfEgICZGQCEQ9kFgJmDw8WBh8QBQR1c2VyHwAFBUxvZ2luHxICAmRkAhUPFgIeBWNsYXNzBRVMZWZ0UGFuZSBETk5FbXB0eVBhbmVkAhcPZBYCZg9kFhICAQ8PFgIfAWhkZAICDw8WAh8BaGRkAgQPZBYCAgIPFgIfAWhkAgYPDxYCHwFoZBYCZg8PFgQfDmgfAWhkZAIID2QWAgIBD2QWAgIBDw8WAh4FSXNOZXdoZBYEAgEPZBYCZg8WAh4Fd2lkdGgFBTY2MHB4FgRmD2QWBGYPZBYCZg9kFgJmDxYCHgNmb3IFJWRubl9jdHIzNzRfRWRpdEhUTUxfdGVDb250ZW50X29wdFZpZXdkAgEPZBYCAgEPEGQPFgJmAgEWAhAFDkJhc2ljIFRleHQgQm94BQVCQVNJQ2cQBRBSaWNoIFRleHQgRWRpdG9yBQRSSUNIZxYBAgFkAgEPZBYCZg8WAh8VBQU2NjBweBYEAgEPZBYEAgEPDxYIHgVXaWR0aBsAAAAAAKCEQAEAAAAfAAXtAjxwPjExMTExMTExMTExMTExMTExMTE8L3A+IDxwPjxiciAvPiA8IS0tU291cmNlIENvZGUgVGhhdCBjYW4gQmUgRGVsZXRlZGQtLT48L3A+IDxwPjxiciAvPiA8c3R5bGUgdHlwZT0idGV4dC9jc3MiPiAuZG5udGV4dCB7IHBvc2l0aW9uOmFic29sdXRlOyBsZWZ0Oi05OTllbTsgfSA8c3BhbiBzdHlsZT0ibWFyZ2luOiAwIDAgMCAtMjhweDsiIGNsYXNzPSJkbm50ZXh0Ij48YSBocmVmPSJodHRwOi8vdGhpc3RleHRTSE9VTEJFREVMRVRFRCIgX2Zja3NhdmVkdXJsPSJodHRwOi8vdGhpc3RleHRTSE9VTEJFREVMRVRFRCIgX2Zja3NhdmVkdXJsPSJodHRwOi8vdGhpc3RleHRTSE9VTEJFREVMRVRFRCI+PC9hPiA8L3NwYW4+PC9zdHlsZT48L3A+HgZIZWlnaHQbAAAAAAAAeUABAAAAHxICgANkZAIDD2QWBAIBD2QWAmYPFgIfFgUnZG5uX2N0cjM3NF9FZGl0SFRNTF90ZUNvbnRlbnRfb3B0UmVuZGVyZAIDDxBkDxYDZgIBAgIWAxAFBFRleHQFAVRnEAUESHRtbAUBSGcQBQNSYXcFAVJnFgFmZAICDw8WAh8BZ2QWAgIBD2QWAmYPFgIeClRvb2xiYXJTZXQFCkROTkRlZmF1bHRkAgMPZBYCZg8WAh8WBSVkbm5fY3RyMzc0X0VkaXRIVE1MX3R4dERlc2t0b3BTdW1tYXJ5ZAIKDw8WAh8BaGRkAgwPDxYCHwFoZGQCDg8PFgIfAWhkZAIQDw8WAh8BaGRkAhkPFgIfEwUWUmlnaHRQYW5lIEROTkVtcHR5UGFuZWQCGw8WAh8TBRdCb3R0b21QYW5lIEROTkVtcHR5UGFuZWQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFJ2RubiRjdHIzNzQkRWRpdEhUTUwkdGVDb250ZW50JHRlQ29udGVudAUUZG5uJGRubk5BViRjdGxkbm5OQVZhyK4hDUj6ylUvNxzki0C2MwFkWQ== [dnn$dnnSEARCH$txtSearchNew] => [dnn$ctr374$EditHTML$teContent$optView] => RICH [dnn$ctr374$EditHTML$teContent$txtDesktopHTML] => <p>1111111111111111111</p> <p><br /> <!--Source Code That can Be Deletedd--></p> <p><br /> <style type="text/css"> .dnntext { position:absolute; left:-999em; } <span style="margin: 0 0 0 -28px;" class="dnntext"><a href="http://#" _fcksavedurl="http://#" _fcksavedurl="http://#"></a> </span></style></p> [dnn$ctr374$EditHTML$txtDesktopSummary] => [ScrollTop] => [dnn$ctr374$EditHTML$teContent$optRender] => T [dnn$IconBar.ascx$optMode] => VIEW [__dnnVariable] => SearchIconWebUrl:url(/images/Search/google-icon.gif);SearchIconSiteUrl:url(/images/Search/dotnetnuke-icon.gif);SearchIconSelected:S )
07.
08.
09.Sending Postback to : http://nolimitswebdesign.com.dnnmax.c...
10.Postback was sent successfuly
11.
12.
13.Returned content after Post is
14.<p>1111111111111111111</p> <p><br /> <!--Source Code That can Be Deletedd--></p> <p><br /> <!-- thistextSHOULBEDELETED --> </a>
Back to top
