How to find "hidden" include? PHP code refers to a variable, but it is not explicitly set anywhere?

A

Alexander2021-12-22 09:18:42

PHP

Alexander, 2021-12-22 09:18:42

We have an ancient project on apache + php 5.4 (I myself have never touched PHP, my stack is exclusively .net). Before NG, we decided to launch a couple more servers so that there would be duplication, and people would not distract us on New Year's holidays if the main server dies. We built a test machine on nginx+php7.4-fpm. And, of course, nothing works.

index.php

<? include('work.php'); ?>
<html>
  <head>
  </head>
  <frameset rows="50,*,20" frameborder="yes" border="1" framespacing="1">
    <frame src="/Frameset/viewHeader/" scrolling="NO" marginwidth="0" marginheight="0" name="top" frameborder="NO">
    <frame src="/Frameset/viewContent/" name="main" scrolling="AUTO" marginwidth="12" marginheight="12" frameborder="NO">
    <frame src="/Frameset/viewFooter/" name="footer" scrolling="NO" marginwidth="0" marginheight="0" name="bottom" frameborder="NO">
  </frameset>
  <noframes>
    <body bgcolor="#FFFFFF" text="#000000"></body>
  </noframes>
</html>

work.php

.....
session_name('s');
session_start();
.....
$ui=$_SESSION;
$ui['val42'] = 42;
..... тут дальше идут миллионы всяких присваиваний вида $ui[''''] =
..... затем тут же идут всякие хелперы и прочее
function num($a){
  return number_format($a/100, 2,'.',',');
}
....

And further, for example /Frameset/viewFooter/index.php (the same one inside the frame)

<html>
  <head>
    <meta http-equiv="refresh" content="600">
    <link rel="stylesheet" href="/_stylesheets/main.css">
  </head>
<body>
  <?=num($ui['val42'])?>
</body>
</html>

Well, it doesn't work either, because the $ui variable is not defined inside the frame, and the num function is also unknown. Which is correct, even from my .net experience, because inside the frame is a separate page - a separate request. But the problem is that everything works on the old server.
So the question is: why? Maybe there were some settings of apache or PHP itself, or earlier (at the time of 5.4) it was possible to do this. And how can we not rewrite everything under NG. I would like to launch this ancient *site* with minimal alterations.

Preliminary answers:
- there are no visible includes inside viewFooter.php (maybe there are some default ones, but I don't know where and how to look)
- stackoverflow claims that this does not happen - https://stackoverflow.com/questions/ 25425958/access...- I agree with him, but I have a working project in my hands
- maybe apache somehow groups requests, but nginx does not (because inside viewFooter.php there is not even session_start and other things, but calling $ui works)

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexander, 2021-12-22
@JustOxlamon

So for those who, like me, will not see "hidden" includes. But he will think that they SHOULD be logically, the answer is as follows: there is a .htaccess for the apache server (and not just one, but in many folders) and there will be RewriteRule request redirection rules (or similar ones, for example, here is the https help: //httpd.apache.org/docs/2.4/howto/htaccess.html ). These rules can help you. In my case, the
RewriteRule ^(Frameset|Journal|Objects|Reports)/(viewFooter|viewHeader|Structure|Operation)/$ index.php?mode=$1&action=$2
worked, which redirected requests like /frameset/viewFooter to /index .php with parameters, and already there was the necessary include.