PHP

Suspicious PHP Variable / Show Hidden / Invisible Variable Text PHP

By May 18, 2020 No Comments

I encountered a very weird thing lately. strtotime() was not working. If we accept the input from the DB (WordPress) it wasn’t working however if we type in the hardcoded string it was working.

The string was exactly the same. It had only one weird thing.

The string echo from DB with var_dump() showed one character extra than what it should.

This was my only clue.

I came across a function that displays the variable in hex which we can then decode online and see the real output and there’s where I found the culprit.

See that weird character? It was not visible when we echo string in the browser.

The site where I decoded: https://www.convertstring.com/EncodeDecode/HexDecode

How did I encode?

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
// Source: https://stackoverflow.com/questions/1057572/how-can-i-get-a-hex-dump-of-a-string-in-php
function hex_dump($data, $newline="\n")
{
  static $from = '';
  static $to = '';

  static $width = 16; # number of bytes per line

  static $pad = '.'; # padding for non-visible characters

  if ($from==='')
  {
    for ($i=0; $i<=0xFF; $i++)
    {
      $from .= chr($i);
      $to .= ($i >= 0x20 && $i <= 0x7E) ? chr($i) : $pad;
    }
  }

  $hex = str_split(bin2hex($data), $width*2);
  $chars = str_split(strtr($data, $from, $to), $width);

  $offset = 0;
  foreach ($hex as $i => $line)
  {
    echo sprintf('%6X',$offset).' : '.implode(' ', str_split($line,2)) . ' [' . $chars[$i] . ']' . $newline;
    $offset += $width;
  }
}

Final solution was to type in the string again in to DB and then it worked perfectly.

What could have caused this?

I copied the string from the admin panel ACF both the items were in same page, pasted from one to other and I encountered this issue.