4 replies to this topic

[DEViANT]

I wrote this script a month or so ago to enhance my PHP skeelz. Thought i'd share it with you guys, since some of you are pretty ok people. :c-biggrin:

What the script does :
Take in an article, Search the article words for synonyms in the synonym DB, and then return a page where you can enable/disable synonym words. You then specify the number of articles you would like to spin out, and it takes all the words you enabled and randomly substitutes words within the article, to make each article you spin out (theoretically) unique. It then produces a zip file full of text files with the unique articles, all spun of one article. You also have the option of adding several different titles, which is also assigned to spun out articles, randomly.

Why this script :
I've seen allot of alternatives that sucks, also i've seen one or two that are better but not necessarily free. The script will help people trying to sell off article packs, or have unique content on their different niche websites. Or if you like submitting articles to different article directories, you can submit unique ones. Or if your bored. I dont care, DONT USE IT!

How it works :
Extract the archive and then open the readme file in the "etc" folder.

Additionaly :
This script can be used allongside other scripts, it uses $_SESSION['mid'] as the unique identifier per user. If $_SESSION['mid'] isn't set, ie your site doesnt set session variables/doesnt use the session variable $_SESSION['mid'] , it will automatically be set to "1". If your site uses another variable to store the "User ID" you can just set it when the session is created, by adding the following code :

$_SESSION['mid'] = $_SESSION['whatever_your_member_id_is'];

Got it? Good.

The script also stores the articles you spin so you can go back at a later stage and spin out articles again. just visit the recent.php page to select and spin out an article pack.

This script was written mainly to be implemented onto/into other sites, therefore its displays are pretty basic.

For copyright and licensing information, please visit this page : The GNU General Public License v3.0 - GNU Project - Free Software Foundation (FSF)

Demo Link : Will be awarded to whomever replies with a link to it on their site first ( free advertising. whoo! )

Download attached to this post, enjoy and feel free to ask for support in this thread.

Think I covered everything? Oh also, would like feedback on my work from a programmers perspective on my saucecode, gimee some c&c!

Attached Files

•  spinv2..zip   116.7K   178 downloads

[Alexander]

What if:

<input type="hidden" name="oa_id" value="../../" />

<input type="hidden" name="oa_id" value="../../;malicious-command-here" />

#POST[oa_id] => '../../'

mkdir("$oaid", 0777); //process.class.php

shell_exec('rm -rf '.$_POST['oa_id']); //process.php

?

Edited by Alexander, 13 December 2010 - 05:29 PM.

[DEViANT]

Holly crap, I never even thought of that :O

Thanks for pointing it out!

[Alexander]

A minor audit: For your mkdir: 777 allows owner/group/other users to read write and execute that folder's contents, such as 'nobody' or 'www-data' that Apache/xxxx runs under. The 'other user' can be 'foobar2' from a compromised account which can freely read or write binaries to there, that is a bad idea and why generally something like 754 is good (owner: rwx, group: rx, other: r, or -rwxr-xr--)

$mid and $oa_id, ajax=>get_words.php, ajax=>add_words.php, ajax=>toggle_words.php are susceptable to SQL injection and malicous modification, first two should be verified with ctype_digit() at most basic, oa_id and mid should be random and not submitted by user input, time() can cause collision.

ascii2entities() is unclear and appears to not get rid of smartquotes entered in UTF compliant browser textbox. Maybe do it with jQuery before escaping:

 
function removeMSChars(str) {
    var myReplacements = new Array();
    var myCode, intReplacement;
    myReplacements[8216] = 39;
    myReplacements[8217] = 39;
    myReplacements[8220] = 34;
    myReplacements[8221] = 34;
    myReplacements[8212] = 45;
    for(c=0; c<str.length; c++) {
        var myCode = str.charCodeAt(c);
        if(myReplacements[myCode] != undefined) {
            intReplacement = myReplacements[myCode];
            str = str.substr(0,c) + String.fromCharCode(intReplacement) + str.substr(c+1);
        }
    }
    return str;
}

savetoDB contains this. Urlencode inflates data quite a bit -- serialize() is standard method and json_encode() is even greater at space efficiency and can be read by JS:

function savetoDB($content,$title,$oa,$mid)
        {
            $content = urlencode($content);
            $title = urlencode($title);

[DEViANT]

Nullw0rm said:

A minor audit: For your mkdir: 777 allows owner/group/other users to read write and execute that folder's contents, such as 'nobody' or 'www-data' that Apache/xxxx runs under. The 'other user' can be 'foobar2' from a compromised account which can freely read or write binaries to there, that is a bad idea and why generally something like 754 is good (owner: rwx, group: rx, other: r, or -rwxr-xr--)

Your right, I was lazy on that. I figured since the whole process wouldn't take longer than 15 seconds ( mkdir -> fill with files -> zip it up) I could slide by on unsecure file configurations.

Nullw0rm said:

$mid and $oa_id, ajax=>get_words.php, ajax=>add_words.php, ajax=>toggle_words.php are susceptable to SQL injection and malicous modification, first two should be verified with ctype_digit() at most basic, oa_id and mid should be random and not submitted by user input, time() can cause collision.

I knew I was forgetting something! I wanted to add that on the AJAX pages, never got to it. Thanks!

Nullw0rm said:

ascii2entities() is unclear and appears to not get rid of smartquotes entered in UTF compliant browser textbox. Maybe do it with jQuery before escaping:

 

function removeMSChars(str) {

    var myReplacements = new Array();

    var myCode, intReplacement;

    myReplacements[8216] = 39;

    myReplacements[8217] = 39;

    myReplacements[8220] = 34;

    myReplacements[8221] = 34;

    myReplacements[8212] = 45;

    for(c=0; c<str.length; c++) {

        var myCode = str.charCodeAt(c);

        if(myReplacements[myCode] != undefined) {

            intReplacement = myReplacements[myCode];

            str = str.substr(0,c) + String.fromCharCode(intReplacement) + str.substr(c+1);

        }

    }

    return str;

}

Im saving that little jQuery function for future use... Thanks ;D

Nullw0rm said:

savetoDB contains this. Urlencode inflates data quite a bit -- serialize() is standard method and json_encode() is even greater at space efficiency and can be read by JS:

function savetoDB($content,$title,$oa,$mid)

        {

            $content = urlencode($content);

            $title = urlencode($title);

I wasn't sure what to use there, as addslashes/stripslashes are a pain. I'll go with json_encode in the future.

Thanks for taking the time to look through the script, I really do appreciate all the feedback you are giving me. I'd rep+ you if I could, guess your going to have to settel for a digital high 5



:c-biggrin: