> + not \; or you will fork on every result. > > Additionally, is this injected code one long string or broken down > by the > mailer? Grep isn't the best way to deal with it. It's pretty easy > to correct > with perl, bit trickier if it's multiline, still not too hard: > > find /home/horbury -type f -exec \ > perl -pi.bak -e 's,<\?/\*\*/eval\(base64_decode\(.*?\?>,,s' > {} + >
Hi Mel... S'One long singleline string broken down by the mailer... <?php /**/eval(base64_decode([the huge long string originally quoted]));?> Have tried doing a find and replace using perl, initially just to replace the string, leaving an empty base64_decode(), however, one of the ICT Teachers has created paths with spaces in, which seemed to throw off the perl I was using... will give yours a try later today *fingers crossed*... If worst comes to worst I can restore from backups, it'll just mean students lose a few days of work that they'd submitted thru Moodle (I've been off for a day or three, and this appears to have happened on the first day of my absence) Ta fer the helpful suggestions thus far! Marc A Coyles - Horbury School ICT Support Team Mbl: 07850 518106 Land: 01924 282740 ext 730 Helpdesk: 01924 282740 ext 2000 _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"