9
in a particular coding, i made a complete directory scan and then the files falling under a particular category are stored in a database. However the variable used for storage contains the real path(e.g. C:\wamp\www\example), but the value stored in the database is different because it removes all the '\' from the variable and store a value like C:wampwwwexample and thus further usage of the path becomes impossible. The code written for the purpose is pasted below please suggest me a way so that the value stored in the database is the real path and not a distorted value!
THE CODE=>
<html>
<head><title>Scan Result</title></head>
<BGSOUND SRC="Windows XP Exclamation.wav">
<b><font face="Verdana, Arial, Helvetica, sans-serif">Current Directory Contain
Following files and Sub Directories...</font></b>
<p>
<?php
include 'opendb.php';
$found = array();$i=0;
$vc=0;
if(isset($_REQUEST['custom']))
{
$C=$_REQUEST['custom'];
if($C=="")
header('location:CustomScan.php?y=You have not enterd appropiate drive name');
else if(!(is_dir($C)))
header('location:CustomScan.php?y=You have not enterd appropiate drive name');
@DirDisply($C);
}
else
header('location:CustomScan.php?y=You have not enterd appropiate drive name');
function DirDisply($p)
{
global $found,$vc,$i;
$TrackDir=opendir($p);
while ($file = readdir($TrackDir))
{
if ($file == "." || $file == "..")
{
continue;
}
else
{
$n=$p."\\".$file;
echo $n."<br>";
$i++;
if (is_dir($n) )
@DirDisply($n);
else
{
if(is_executable($n) )
{
$handle=fopen($n, "rb");
$convert=bin2hex( fread( $handle, filesize($n) ) );
$query="SELECT signature, virus FROM virusdetails";
$result=mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$pattern="/"."{$row['signature']}"."/";
$name="{$row['virus']}";
if(preg_match($pattern,$convert))
{
$vc++;
$query="INSERT INTO found (signature, virus, file) VALUES ('$pattern', '$name' ,'$n')";
mysql_query($query);
}
}
fclose($handle);
pack( "H*", $convert );continue;
}
}
}
}
closedir($TrackDir);
return;
}
echo"<br><br><br><br><b>SCAN RESULT<br><br><br>Total files scanned is $i </b><br><br>";
if($vc==0)
echo"<b>your computer is running free of virus</b><br>";
else
echo"<b><i>your computer has ".($vc)." occurences of virus<br><br>The infected files are => <br></b></i>";
$query="SELECT signature, virus, file FROM found";
$result=mysql_query($query);$k=1;
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
echo"$k> <b>Signature:</b><i>{$row['signature']}</i><br><b>Virus:</b><i>{$row['virus']}</i><br><b>Name Of The Infected File:</b><i>{$row['file']}</i><br>";
$k++;echo"<br>";
}
?>
</p>
<table align="center" cellspacing="0" >
<tr><td><center><a href="CustomScan.php">Previous</a></td>
<td><center><a href="index.php">Home</a></td>
</tr>
</table>
</body>
</html>
