Ping

19 Years Ago corewizard 0 216 Views

Ping a server

<?php

// Address error handling.

ini_set('display_errors', 1);
error_reporting(E_ALL ^ E_NOTICE);

// Obtain POST data.

$ping_ip_addr = $_POST['ping_ip_addr']; // input
$ping_count   = $_POST['ping_count'];   // select

// Remove any slashes if Magic Quotes GPC is enabled.

if (get_magic_quotes_gpc())
    {
    $ping_ip_addr = stripslashes($ping_ip_addr);
    }

// Create arrays.

$ping_count_array = array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 25); // Ping count

?>

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
<title>Ping</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta name="author" content="firstbase" />
<style type="text/css">

body
    {
    margin: 0;
    padding: 10px;
    background-color: #ffffff;
    }

div.output
    {
    margin: 0;
    padding: 10px;
    background-color: #eeeeee;
    border-style: solid;
    border-width: 1px;
    border-color: #000000;
    }

</style>
</head>

<body>
<h1>Ping</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p><label for="ping_ip_addr">IP address:</label><br />
<input name="ping_ip_addr" id="ping_ip_addr" type="text" value="<?php echo $_POST['submit'] == 'Ping' ? htmlentities($ping_ip_addr, ENT_QUOTES) : $_SERVER['REMOTE_ADDR'];; ?>" size="40" maxlength="15" /></p>
<p><label for="ping_count">Ping count:</label><br />
<select name="ping_count" id="ping_count">
<?php

foreach ($ping_count_array as $ping_count_item)
    {
    echo '<option' . ($ping_count == $ping_count_item ? ' selected="selected"' : '') . '>' . $ping_count_item . '</option>' . "\n";
    }

?>
</select></p>
<p><input type="submit" name="submit" value="Ping" /></p>
</form>
<p>Ping may take a while, please be patient.</p>
<?php

if ($_POST['submit'] == 'Ping') // Form has been submitted.
    {
    echo '<div class="output">' . "\n";

    /**************************************************************************/

    // Check for spoofed form submission.

    $illegal = FALSE;

    if (strlen($ping_ip_addr) > 15)
        {
        $illegal = TRUE;
        }

    if (!in_array($ping_count, $ping_count_array))
        {
        $illegal = TRUE;
        }

    /**************************************************************************/

    if (!$illegal) // Form submission was not spoofed.
        {
        if (ereg('^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$', $ping_ip_addr)) // Acquired data contains no problems.
            {
            // Display result.

            echo '<pre>' . "\n" .
                 'ping -c ' . $ping_count . ' ' . $ping_ip_addr . "\n\n";

            system('ping -c ' . $ping_count . ' ' . $ping_ip_addr); // Ping IP address.

            echo '</pre>' . "\n" .
                 '<p>Ping complete.</p>' . "\n";
            }
        else // Acquired data contains problems!
            {
            echo '<p>Please enter a valid IP address.</p>' . "\n";
            }
        }
    else // Form submission was spoofed!
        {
        echo '<p>An illegal operation was encountered.</p>' . "\n";
        }

    echo '</div>' . "\n";
    }

?>
</body>

</html>

JLChafardet 0 Newbie Poster

15 Years Ago

this is the most insecure way of performing a ping, if your webhost allowes you the system / exec functions, you are hosting your site on a highly possible hack target, with the biggest loophole of php.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.