Search code examples
phpwebkillterminate

Stopping a rogue PHP script sending E-Mail

Please don't laugh at me but I believe that I just did something extremely stupid. I was working on setting up a newsletter for a site that I am working on, but I tried it out at first when there was a typo. While scanning throughout the database and sending emails, I screwed up on the part that makes it stop. I fixed the code, but the emails are still being send (to my mom :O) and they don't seem to be stoping.

This is the script when I executed it:

$message = $_POST['emailmessage'];
$subject = $_POST['subject'];
$query = mysql_query("SELECT `email` FROM `members` WHERE `active`='1'");
//This line underneath should not be there
$rows = mysql_fetch_assoc($query);
$headers = array(
    "From: contact@thestopitcampaign.com",
    "Content-Type: text/html"
);
//should be '$rows = mysql_fetch_assoc($query)' instead of '$rows'
while($rows)
{
    mail($rows['email'],$subject,$message,implode("\r\n",$headers));
    echo "<p>Sent to: " . $rows['email'] . "</p>";
}

I contacted FatCow to see if they could stop the script, but they said that they could not do that and they would have to delete my entire account and put me on a different server. I cannot do that. Is there anyway to generate an error or something that would make the rogue script stop? FYI I do not have SSH access.

--I looked in my php config file and the timeout for a script is 300 seconds. That seems like a lot of emails to send. Is there anyway to stop those emails?

Solution

  • What has been sent can't be stopped any more. But it won't run forever and probably has already stopped.

    If the server is not grossly misconfigured by the provider, your script didn't run any longer than a certain time limit, e.g. 60 seconds. Even though messages continue to come through, it's probably no longer running, but the mail server is taking its time to handle all the messages that it created.

    I would wait and see - the flood is likely to end soon.

    What the provider says about moving the account to a different server doesn't seem to make any sense at all - if there is a rogue process that is sending E-Mail, they should be able to kill it easily. But anyway... I would wait.