0

I am building a web application which will run in electron with angular as a frontend framework and laravel as a backend framework. In the application it's possible to login with a smartcard (thanks to node-pcsclite), it reads the bytes on the smartcard and then I convert them.

The smartcard contains a code which is linked to the staff table in my MSSQL database. I can retrieve the code from the smartcard and I can log into the application when it uses mysql as database server.

Now when I'm trying to do the same but with mssql, I get an error which should be viewed in html mode instead of the error page itself.

Screenshot

(The code can be alphanumeric)

So it adds all these strange characters (probably non-existing characters), not that much of a problem right? At least, that's what I thought. So I tried to fix it by using this code inside my laravel controller:

preg_replace('/[^A-Za-z0-9\-]/', '', $string);

This didn't solve anything. Then I thought I might have a problem with the query, so I ran SQL Profiler, the problem is that (probably because of the special characters) the query is broken.

select top 1 * from [Staff] where [CodeInit] = '
go

So does anyone know how to really remove the strange characters?

If you need more information feel free to ask.

John Bupit
  • 10,406
  • 8
  • 39
  • 75
Stefan
  • 59
  • 1
  • 4
  • I assume you have obfuscated the string deliberately with asterisks? The value that is now mainly asterisks - is it encased with quote marks because it doesn't look like it in the screenshot? – Professor Abronsius Aug 14 '15 at 07:48
  • First of all, these red characters aren't asterisks, those are dots (probably because it can't display what it really is). If I take a look at the error page, it displays this query: SQL: select top 1 * from [Staff] where [CodeInit] = 10741. The problem is that the dots are illegal characters but I can't remove them. – Stefan Aug 14 '15 at 07:51
  • Have you tried something like this? http://stackoverflow.com/questions/1176904/php-how-to-remove-all-non-printable-characters-in-a-string – Millard Aug 14 '15 at 08:01
  • 1
    It got fixed, it was my fault, I was using the function in the wrong place. Excuse me. – Stefan Aug 14 '15 at 08:36

1 Answers1

-1

I had this problem and landed to this question when searching for a solution. I was unable to find any fix.

The string with non-printable characters retrieved from mdecrypt_generic() so I wanted a way to remove those characters. When I copy and paste the retrieved value from browser to Brackets text editor, it show these red dots.

I just pasted it to google and then it was encoded to %10. Nothing helped till now, so as a temporary solution I just used rtrim() to remove those dots.

Copy the dot in brackets and replace with "DOT_HERE".

rtrim(rtrim($pvp, "DOT_HERE"), "\0\4");

"\0\4" will remove only nulls and EOT but not that dot character(%10).

Further here is a screenshot with that red dot. You can use Brackets text editor to see this.

enter image description here

Note that $pvp is the decrypted text.

Janaka R Rajapaksha
  • 3,585
  • 1
  • 25
  • 28