Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace miniorangedev\craftsinglesignon\controllers; use miniorangedev\cra..
Decoded Output download
<?php
namespace miniorangedev\craftsinglesignon\controllers;
use miniorangedev\craftsinglesignon\Craftsinglesignon;
use craft\helpers\UrlHelper;
use craft\elements\User;
use miniorangedev\craftsinglesignon\controllers\ResourcesController;
use Craft;
use craft\web\Controller;
use craft\helpers\App;
class LoginController extends Controller
{
protected array|int|bool $allowAnonymous = ["index", "callback", "test_config", "saml", "samllogin"];
public function actionIndex()
{
$E6 = ResourcesController::actionDatadb();
$cE = @$E6["oauthsettings"] ?: null;
$hL = @$cE["client_id"] ?: null;
$SE = @$cE["scope"] ?: null;
$ZO = @$cE["authorization_url"] ?: null;
$HW = @$cE["app_provider"] ?: null;
$qo = @$cE["callback_url"] ?: null;
if (!isset($_GET["test_config"])) {
goto Jj;
}
$E6["test_config"] = 1;
$uq = Craft::$app->sites->currentSite->name;
$vb = Craft::$app->version > 4 ? getenv("CRAFT_DB_TABLE_PREFIX") : getenv("DB_TABLE_PREFIX");
Craft::$app->db->createCommand()->update($vb . "mologin_config", ["options" => json_encode($E6)], ["name" => $uq])->execute();
Jj:
if (isset($_REQUEST["code"])) {
goto ra;
}
$QX = App::parseEnv($ZO) . "?redirect_uri=" . App::parseEnv($qo) . "&response_type=code&client_id=" . App::parseEnv($hL) . "&scope=" . App::parseEnv($SE) . "&state=" . App::parseEnv($HW);
header("Location:" . $QX);
exit;
ra:
}
public function actionCallback()
{
$PT = Craft::$app->request->getQueryParam("code");
$E6 = ResourcesController::actionDatadb() != null ? ResourcesController::actionDatadb() : array();
$cE = @$E6["oauthsettings"] ?: null;
$FE = @$E6["oauthattribute"] ?: null;
$hL = @$cE["client_id"] ?: null;
$SG = @$cE["client_secret"] ?: null;
$U0 = @$cE["oauth_token_api"] ?: null;
$u_ = @$cE["user_info_api"] ?: null;
$WI = @$FE["username_attribute"] ?: null;
$cB = @$FE["email_attribute"] ?: null;
$wY = @$FE["firstname_attribute"] ?: null;
$yH = @$FE["lastname_attribute"] ?: null;
$Kh = @$FE["custom_attr_count"] ?: 0;
$hM = @$FE["custom_attributes"] ?: null;
$qo = @$cE["callback_url"] ?: null;
$AH = "authorization_code";
$HD = array();
$ys = array();
$Vc = curl_init(App::parseEnv($U0));
curl_setopt($Vc, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($Vc, CURLOPT_ENCODING, '');
curl_setopt($Vc, CURLOPT_RETURNTRANSFER, true);
curl_setopt($Vc, CURLOPT_AUTOREFERER, true);
curl_setopt($Vc, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($Vc, CURLOPT_MAXREDIRS, 10);
curl_setopt($Vc, CURLOPT_POST, true);
curl_setopt($Vc, CURLOPT_HTTPHEADER, array("Accept: application/json"));
curl_setopt($Vc, CURLOPT_POSTFIELDS, "redirect_uri=" . urlencode(App::parseEnv($qo)) . "&grant_type=" . App::parseEnv($AH) . "&client_id=" . App::parseEnv($hL) . "&client_secret=" . App::parseEnv($SG) . "&code=" . App::parseEnv($PT));
$ae = curl_exec($Vc);
if (curl_error($Vc)) {
goto nM;
}
if (is_array(json_decode($ae, true))) {
goto q_;
}
exit("Invalid response received getting access_token from url " . App::parseEnv($U0));
q_:
goto p5;
nM:
exit(curl_error($Vc));
p5:
$ae = json_decode($ae, true);
if (isset($ae["error_description"])) {
goto iw;
}
if (isset($ae["error"])) {
goto NB;
}
if ($u_ == null && isset($ae["id_token"])) {
goto j3;
}
if (isset($ae["access_token"])) {
goto gO;
}
exit("Invalid response received from OAuth Provider. Contact your administrator for more details.");
goto Qi;
gO:
$uI = $ae["access_token"];
Qi:
goto OF;
j3:
$WE = $this->decodeJWT($ae["id_token"]);
Craft::error($WE);
$A7 = gettype(@$WE[$WI]) == "string" ? @$WE[$WI] ?: null : (@$WE[$WI][0] ?: null);
$H9 = gettype(@$WE[$cB]) == "string" ? @$WE[$cB] ?: null : (@$WE[$cB][0] ?: null);
$E6["firstname"] = gettype(@$WE[$wY]) == "string" ? @$WE[$wY] ?: null : (@$WE[$wY][0] ?: null);
$E6["lastname"] = gettype(@$WE[$yH]) == "string" ? @$WE[$yH] ?: null : (@$WE[$yH][0] ?: null);
$zJ = 1;
fx:
if (!($zJ <= $Kh)) {
goto Fz;
}
$ys[$hM["custom_attribute" . strval($zJ)]] = @$WE[$hM["custom_attribute_value" . strval($zJ)]] ?: null;
n9:
$zJ++;
goto fx;
Fz:
OF:
goto Hd;
NB:
exit($ae["error"]);
Hd:
goto i5;
iw:
exit($ae["error_description"]);
i5:
if (!isset($uI)) {
goto QO;
}
$Vc = curl_init($u_ . "?access_token=" . $uI);
curl_setopt($Vc, CURLOPT_RETURNTRANSFER, true);
if (empty($sy)) {
goto Q_;
}
curl_setopt($Vc, CURLOPT_HTTPHEADER, $sy);
Q_:
curl_setopt($Vc, CURLOPT_POST, false);
curl_setopt($Vc, CURLOPT_VERBOSE, true);
curl_setopt($Vc, CURLOPT_SSL_VERIFYPEER, false);
$qP = curl_exec($Vc);
if (!curl_error($Vc)) {
goto ns;
}
exit(curl_error($Vc));
ns:
if (is_array(json_decode($qP, true))) {
goto aL;
}
exit("Invalid response received getting access_token from url " . $u_);
aL:
$HD = json_decode($qP, true);
curl_close($Vc);
if (isset($HD["error_description"])) {
goto WG;
}
if (isset($HD["error"])) {
goto io;
}
if (isset($HD)) {
goto Md;
}
exit("Invalid response received from OAuth Provider. Contact your administrator for more details.");
goto k2;
Md:
$A7 = gettype(@$HD[$WI]) == "string" ? @$HD[$WI] ?: null : (@$HD[$WI][0] ?: null);
$H9 = gettype(@$HD[$cB]) == "string" ? @$HD[$cB] ?: null : (@$HD[$cB][0] ?: null);
$E6["firstname"] = gettype(@$HD[$wY]) == "string" ? @$HD[$wY] ?: null : (@$HD[$wY][0] ?: null);
$E6["lastname"] = gettype(@$HD[$yH]) == "string" ? @$HD[$yH] ?: null : (@$HD[$yH][0] ?: null);
$zJ = 1;
CW:
if (!($zJ <= $Kh)) {
goto M0;
}
$ys[$hM["custom_attribute" . strval($zJ)]] = @$HD[$hM["custom_attribute_value" . strval($zJ)]] ?: null;
ZK:
$zJ++;
goto CW;
M0:
k2:
goto v8;
io:
exit($HD["error"]);
v8:
goto sT;
WG:
exit($HD["error_description"]);
sT:
QO:
if (!isset($E6["test_config"])) {
goto Zf;
}
$E6["test_config"] = null;
$uq = Craft::$app->sites->currentSite->name;
$vb = Craft::$app->version > 4 ? getenv("CRAFT_DB_TABLE_PREFIX") : getenv("DB_TABLE_PREFIX");
Craft::$app->db->createCommand()->update($vb . "mologin_config", ["options" => json_encode($E6)], ["name" => $uq])->execute();
self::actionTest_config($HD);
Zf:
self::actionLogin_flow($E6, $A7, $H9, $Kh, $hM, $ys);
}
private function decodeJWT($QF)
{
$Tp = explode(".", $QF);
if (!(count($Tp) !== 3)) {
goto Qx;
}
exit("Invalid JWT format");
Qx:
list($Q2, $jb, $nF) = $Tp;
$Gw = json_decode(base64_decode($Q2), true);
$sl = json_decode(base64_decode($jb), true);
if (!(!$Gw || !$sl)) {
goto Ri;
}
exit("Invalid JWT data");
Ri:
return $sl;
}
public static function actionLogin_flow($E6, $A7 = null, $H9 = null, $Kh, $hM, $ys)
{
$user = new User();
$Iq = User::find()->email($H9)->all();
$Ma = @$E6["customsettings"] ?: null;
$PG = @$E6["oauthsettings"]["noreg"] ?: null;
$Yy = @$E6["firstname"] ?: '';
$Wl = @$E6["lastname"] ?: '';
if (!(isset($Iq[0]["admin"]) && $Iq[0]["admin"] == 1)) {
goto ln;
}
exit("No Email Address Return!");
ln:
if (empty($Iq)) {
goto Hs;
}
$user = User::find()->username($A7)->one();
if (!$user) {
goto FT;
}
$user->firstName = $Yy;
$user->lastName = $Wl;
$zJ = 1;
d2:
if (!($zJ <= $Kh)) {
goto m1;
}
$user->setFieldValue($hM["custom_attribute" . strval($zJ)], $ys[$hM["custom_attribute" . strval($zJ)]]);
q3:
$zJ++;
goto d2;
m1:
Craft::$app->getElements()->saveElement($user, false);
FT:
goto Xx;
Hs:
if (!Craft::$app->getUser()->getIdentity()) {
goto Iy;
}
return;
Iy:
$user->username = $A7;
$user->email = $H9;
$user->active = true;
$user->slug = "mologin";
$user->firstName = $Yy;
$user->lastName = $Wl;
if (!$user->validate(null, false)) {
goto Zp;
}
$zJ = 1;
dQ:
if (!($zJ <= $Kh)) {
goto v0;
}
$user->setFieldValue($hM["custom_attribute" . strval($zJ)], $ys[$hM["custom_attribute" . strval($zJ)]]);
iK:
$zJ++;
goto dQ;
v0:
Craft::$app->getElements()->saveElement($user, false);
if (isset($Ma["grouphandle"])) {
goto S5;
}
$V9 = @$Ma["userRole"] ?: array("accessCp");
Craft::$app->userPermissions->saveUserPermissions($user->id, $V9);
goto FE;
S5:
foreach ($Ma["grouphandle"] as $ZW) {
$q7 = Craft::$app->userGroups->getGroupByHandle($ZW);
Craft::$app->users->assignUserToGroups($user->id, [$q7->id]);
SR:
}
w5:
FE:
Zp:
Xx:
$Iq = User::find()->email($H9)->all();
if (isset($Iq)) {
goto C2;
}
exit("Error in login!");
goto Ky;
C2:
Craft::$app->getUser()->login($Iq[0]);
$IC = App::parseEnv(@$Ma["redirect_url"]) ?: UrlHelper::cpUrl("dashboard");
Craft::$app->getResponse()->redirect($IC);
Ky:
}
public static function actionTest_config($HD)
{
$Gs = "<div style="color: #3c763d; background-color: #dff0d8; padding:2%; margin-bottom:20px; text-align:center; border:1px solid #AEDB9A; font-size:18pt;">TEST SUCCESSFUL</div>";
$q8 = "<center><table style='width: 80%;'>";
$q8 .= "<tr><th>Key</th><th>Value</th></tr>";
foreach ($HD as $YG => $Wc) {
$q8 .= "<tr>";
$q8 .= "<td>{$YG}</td>";
$q8 .= "<td>";
if (is_array($Wc)) {
goto ul;
}
$q8 .= "<strong>{$Wc}</strong>";
goto iU;
ul:
if (empty($Wc)) {
goto Ct;
}
$q8 .= self::actionTest_config($Wc);
Ct:
iU:
$q8 .= "</td></tr>";
FD:
}
g7:
$q8 .= "</table></center>\xa <style>\xa table, th, td {\xa border: 1px solid black;\xa border-collapse: collapse;\xa padding: 10px;
font-size: 15px;
}
</style>";
echo $Gs .= $q8;
exit;
}
}
?>Did this file decode correctly?
Original Code
<?php
namespace miniorangedev\craftsinglesignon\controllers;
use miniorangedev\craftsinglesignon\Craftsinglesignon;
use craft\helpers\UrlHelper;
use craft\elements\User;
use miniorangedev\craftsinglesignon\controllers\ResourcesController;
use Craft;
use craft\web\Controller;
use craft\helpers\App;
class LoginController extends Controller
{
protected array|int|bool $allowAnonymous = ["\151\156\x64\145\170", "\x63\141\x6c\x6c\142\141\x63\x6b", "\x74\145\163\164\137\143\x6f\156\146\151\x67", "\163\x61\155\x6c", "\163\x61\x6d\x6c\154\157\147\151\156"];
public function actionIndex()
{
$E6 = ResourcesController::actionDatadb();
$cE = @$E6["\x6f\x61\165\x74\x68\x73\x65\x74\164\151\x6e\147\163"] ?: null;
$hL = @$cE["\143\154\x69\x65\156\x74\137\151\x64"] ?: null;
$SE = @$cE["\163\143\157\x70\145"] ?: null;
$ZO = @$cE["\x61\165\164\x68\x6f\162\151\172\141\x74\x69\x6f\x6e\x5f\165\x72\x6c"] ?: null;
$HW = @$cE["\141\160\160\x5f\160\162\x6f\166\x69\x64\x65\162"] ?: null;
$qo = @$cE["\143\141\154\154\x62\x61\x63\x6b\x5f\x75\x72\154"] ?: null;
if (!isset($_GET["\164\145\163\x74\x5f\143\157\x6e\x66\x69\147"])) {
goto Jj;
}
$E6["\164\x65\163\164\137\x63\157\x6e\x66\151\x67"] = 1;
$uq = Craft::$app->sites->currentSite->name;
$vb = Craft::$app->version > 4 ? getenv("\103\122\101\x46\x54\137\x44\x42\x5f\124\101\x42\x4c\x45\x5f\120\122\105\106\111\x58") : getenv("\104\102\x5f\124\101\102\x4c\x45\x5f\x50\x52\105\x46\111\x58");
Craft::$app->db->createCommand()->update($vb . "\155\157\x6c\x6f\147\151\156\137\143\x6f\156\x66\x69\147", ["\157\160\164\151\157\156\x73" => json_encode($E6)], ["\x6e\141\155\145" => $uq])->execute();
Jj:
if (isset($_REQUEST["\x63\157\x64\145"])) {
goto ra;
}
$QX = App::parseEnv($ZO) . "\77\x72\x65\x64\151\162\x65\143\x74\137\x75\162\x69\75" . App::parseEnv($qo) . "\x26\x72\x65\163\x70\x6f\x6e\163\145\137\164\171\160\145\x3d\143\x6f\144\x65\46\x63\154\x69\145\x6e\x74\137\151\144\75" . App::parseEnv($hL) . "\46\x73\x63\x6f\x70\x65\75" . App::parseEnv($SE) . "\46\163\164\x61\164\145\75" . App::parseEnv($HW);
header("\114\157\x63\141\x74\151\x6f\x6e\x3a" . $QX);
exit;
ra:
}
public function actionCallback()
{
$PT = Craft::$app->request->getQueryParam("\x63\157\144\x65");
$E6 = ResourcesController::actionDatadb() != null ? ResourcesController::actionDatadb() : array();
$cE = @$E6["\x6f\141\165\x74\150\163\x65\x74\164\151\x6e\x67\x73"] ?: null;
$FE = @$E6["\157\x61\165\164\150\141\164\x74\x72\151\142\165\x74\x65"] ?: null;
$hL = @$cE["\143\154\151\145\x6e\164\137\151\144"] ?: null;
$SG = @$cE["\143\154\151\145\156\x74\137\x73\145\143\x72\145\x74"] ?: null;
$U0 = @$cE["\x6f\141\165\164\150\137\164\157\x6b\145\156\x5f\x61\x70\151"] ?: null;
$u_ = @$cE["\165\163\145\x72\137\x69\156\x66\157\137\141\160\151"] ?: null;
$WI = @$FE["\x75\x73\x65\x72\156\x61\155\145\137\x61\x74\x74\x72\x69\142\x75\x74\145"] ?: null;
$cB = @$FE["\145\x6d\141\x69\x6c\137\141\x74\x74\x72\151\x62\x75\x74\x65"] ?: null;
$wY = @$FE["\146\x69\162\x73\x74\x6e\141\x6d\x65\137\x61\164\x74\162\x69\142\x75\x74\x65"] ?: null;
$yH = @$FE["\154\x61\163\164\156\141\155\145\137\x61\x74\164\162\151\x62\165\x74\x65"] ?: null;
$Kh = @$FE["\143\x75\163\164\x6f\x6d\x5f\141\164\x74\162\137\x63\x6f\x75\x6e\x74"] ?: 0;
$hM = @$FE["\x63\165\163\164\x6f\155\x5f\x61\164\164\x72\151\142\165\x74\145\163"] ?: null;
$qo = @$cE["\x63\141\x6c\154\x62\x61\143\x6b\x5f\x75\x72\154"] ?: null;
$AH = "\141\x75\x74\x68\x6f\x72\x69\172\x61\164\x69\x6f\x6e\x5f\x63\157\144\x65";
$HD = array();
$ys = array();
$Vc = curl_init(App::parseEnv($U0));
curl_setopt($Vc, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($Vc, CURLOPT_ENCODING, '');
curl_setopt($Vc, CURLOPT_RETURNTRANSFER, true);
curl_setopt($Vc, CURLOPT_AUTOREFERER, true);
curl_setopt($Vc, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($Vc, CURLOPT_MAXREDIRS, 10);
curl_setopt($Vc, CURLOPT_POST, true);
curl_setopt($Vc, CURLOPT_HTTPHEADER, array("\x41\x63\143\145\160\x74\x3a\x20\141\x70\x70\154\151\143\141\x74\151\157\x6e\57\x6a\x73\157\x6e"));
curl_setopt($Vc, CURLOPT_POSTFIELDS, "\162\x65\144\151\162\145\x63\x74\x5f\x75\162\151\75" . urlencode(App::parseEnv($qo)) . "\x26\147\162\x61\156\x74\137\x74\171\x70\x65\x3d" . App::parseEnv($AH) . "\x26\x63\154\151\145\156\x74\137\x69\144\x3d" . App::parseEnv($hL) . "\x26\x63\x6c\x69\145\x6e\164\x5f\x73\145\x63\x72\x65\164\75" . App::parseEnv($SG) . "\x26\x63\x6f\x64\x65\x3d" . App::parseEnv($PT));
$ae = curl_exec($Vc);
if (curl_error($Vc)) {
goto nM;
}
if (is_array(json_decode($ae, true))) {
goto q_;
}
exit("\111\156\x76\x61\154\x69\x64\40\162\x65\163\x70\157\156\x73\x65\x20\x72\145\143\145\x69\x76\145\x64\40\x67\x65\164\164\x69\x6e\x67\40\141\143\143\145\163\x73\137\x74\x6f\x6b\x65\x6e\x20\x66\x72\x6f\x6d\40\x75\x72\154\x20" . App::parseEnv($U0));
q_:
goto p5;
nM:
exit(curl_error($Vc));
p5:
$ae = json_decode($ae, true);
if (isset($ae["\145\162\162\x6f\x72\137\144\145\163\143\x72\151\160\x74\151\157\x6e"])) {
goto iw;
}
if (isset($ae["\x65\x72\x72\x6f\x72"])) {
goto NB;
}
if ($u_ == null && isset($ae["\151\144\x5f\x74\x6f\153\x65\x6e"])) {
goto j3;
}
if (isset($ae["\x61\143\x63\145\163\163\x5f\164\157\153\145\156"])) {
goto gO;
}
exit("\x49\156\166\x61\154\x69\144\40\162\145\x73\x70\x6f\156\163\x65\x20\162\145\x63\x65\151\x76\x65\144\x20\x66\162\157\155\x20\117\101\x75\164\x68\x20\120\x72\157\x76\151\144\145\162\x2e\x20\103\x6f\x6e\x74\x61\x63\x74\x20\x79\157\165\x72\40\141\x64\155\x69\156\151\x73\x74\162\x61\164\157\x72\40\146\157\162\40\x6d\157\x72\145\x20\x64\145\164\x61\x69\x6c\x73\x2e");
goto Qi;
gO:
$uI = $ae["\x61\143\143\145\x73\x73\x5f\x74\x6f\x6b\x65\x6e"];
Qi:
goto OF;
j3:
$WE = $this->decodeJWT($ae["\x69\x64\137\164\x6f\x6b\x65\x6e"]);
Craft::error($WE);
$A7 = gettype(@$WE[$WI]) == "\163\164\x72\151\156\x67" ? @$WE[$WI] ?: null : (@$WE[$WI][0] ?: null);
$H9 = gettype(@$WE[$cB]) == "\163\164\x72\x69\x6e\147" ? @$WE[$cB] ?: null : (@$WE[$cB][0] ?: null);
$E6["\146\151\x72\163\x74\x6e\x61\155\x65"] = gettype(@$WE[$wY]) == "\x73\164\162\x69\156\147" ? @$WE[$wY] ?: null : (@$WE[$wY][0] ?: null);
$E6["\154\x61\163\164\156\141\x6d\145"] = gettype(@$WE[$yH]) == "\163\164\162\151\156\147" ? @$WE[$yH] ?: null : (@$WE[$yH][0] ?: null);
$zJ = 1;
fx:
if (!($zJ <= $Kh)) {
goto Fz;
}
$ys[$hM["\x63\165\x73\164\x6f\155\x5f\x61\164\164\x72\x69\142\x75\x74\145" . strval($zJ)]] = @$WE[$hM["\x63\x75\163\x74\157\155\137\141\164\x74\162\x69\x62\x75\x74\145\137\166\x61\154\165\x65" . strval($zJ)]] ?: null;
n9:
$zJ++;
goto fx;
Fz:
OF:
goto Hd;
NB:
exit($ae["\x65\162\162\157\162"]);
Hd:
goto i5;
iw:
exit($ae["\145\162\162\157\x72\x5f\x64\x65\163\143\162\x69\160\164\151\x6f\x6e"]);
i5:
if (!isset($uI)) {
goto QO;
}
$Vc = curl_init($u_ . "\77\x61\x63\143\x65\163\x73\x5f\x74\157\x6b\x65\x6e\75" . $uI);
curl_setopt($Vc, CURLOPT_RETURNTRANSFER, true);
if (empty($sy)) {
goto Q_;
}
curl_setopt($Vc, CURLOPT_HTTPHEADER, $sy);
Q_:
curl_setopt($Vc, CURLOPT_POST, false);
curl_setopt($Vc, CURLOPT_VERBOSE, true);
curl_setopt($Vc, CURLOPT_SSL_VERIFYPEER, false);
$qP = curl_exec($Vc);
if (!curl_error($Vc)) {
goto ns;
}
exit(curl_error($Vc));
ns:
if (is_array(json_decode($qP, true))) {
goto aL;
}
exit("\111\156\166\141\154\x69\x64\x20\162\x65\x73\x70\157\x6e\x73\145\x20\x72\x65\x63\145\x69\x76\145\x64\40\x67\x65\x74\x74\x69\x6e\x67\x20\141\143\x63\x65\x73\163\x5f\x74\x6f\x6b\145\x6e\40\146\x72\x6f\x6d\x20\x75\x72\x6c\40" . $u_);
aL:
$HD = json_decode($qP, true);
curl_close($Vc);
if (isset($HD["\145\162\x72\157\162\137\144\145\x73\143\162\151\x70\164\x69\157\156"])) {
goto WG;
}
if (isset($HD["\x65\162\162\x6f\162"])) {
goto io;
}
if (isset($HD)) {
goto Md;
}
exit("\x49\156\x76\x61\x6c\x69\x64\x20\162\145\163\x70\x6f\156\x73\x65\40\x72\145\x63\x65\x69\166\x65\x64\40\146\x72\157\x6d\40\x4f\101\x75\x74\150\x20\x50\162\157\166\x69\x64\145\162\56\x20\103\157\x6e\x74\141\143\164\40\x79\157\x75\x72\40\x61\144\155\x69\156\151\163\x74\x72\141\x74\x6f\162\x20\x66\x6f\162\x20\155\157\162\x65\40\144\x65\164\141\x69\x6c\163\56");
goto k2;
Md:
$A7 = gettype(@$HD[$WI]) == "\x73\x74\x72\x69\x6e\x67" ? @$HD[$WI] ?: null : (@$HD[$WI][0] ?: null);
$H9 = gettype(@$HD[$cB]) == "\x73\x74\162\151\156\147" ? @$HD[$cB] ?: null : (@$HD[$cB][0] ?: null);
$E6["\x66\x69\162\x73\x74\x6e\141\x6d\145"] = gettype(@$HD[$wY]) == "\163\164\162\151\156\x67" ? @$HD[$wY] ?: null : (@$HD[$wY][0] ?: null);
$E6["\x6c\141\x73\x74\x6e\x61\x6d\145"] = gettype(@$HD[$yH]) == "\x73\164\162\151\x6e\x67" ? @$HD[$yH] ?: null : (@$HD[$yH][0] ?: null);
$zJ = 1;
CW:
if (!($zJ <= $Kh)) {
goto M0;
}
$ys[$hM["\x63\x75\x73\x74\x6f\155\137\x61\164\x74\x72\x69\142\165\164\145" . strval($zJ)]] = @$HD[$hM["\x63\165\x73\164\157\x6d\x5f\x61\x74\x74\162\x69\142\165\164\145\137\x76\x61\154\165\145" . strval($zJ)]] ?: null;
ZK:
$zJ++;
goto CW;
M0:
k2:
goto v8;
io:
exit($HD["\x65\162\x72\157\162"]);
v8:
goto sT;
WG:
exit($HD["\145\162\x72\x6f\162\137\144\x65\163\x63\x72\x69\160\164\x69\157\156"]);
sT:
QO:
if (!isset($E6["\x74\145\163\164\x5f\x63\x6f\156\146\x69\147"])) {
goto Zf;
}
$E6["\x74\x65\163\164\x5f\143\x6f\156\x66\151\147"] = null;
$uq = Craft::$app->sites->currentSite->name;
$vb = Craft::$app->version > 4 ? getenv("\103\x52\x41\x46\124\137\104\102\x5f\124\x41\102\114\105\137\x50\x52\x45\106\x49\130") : getenv("\x44\102\x5f\x54\101\102\x4c\x45\137\120\122\105\x46\x49\130");
Craft::$app->db->createCommand()->update($vb . "\155\x6f\154\x6f\x67\x69\156\x5f\x63\157\156\146\151\147", ["\x6f\160\x74\x69\x6f\x6e\x73" => json_encode($E6)], ["\156\x61\x6d\x65" => $uq])->execute();
self::actionTest_config($HD);
Zf:
self::actionLogin_flow($E6, $A7, $H9, $Kh, $hM, $ys);
}
private function decodeJWT($QF)
{
$Tp = explode("\56", $QF);
if (!(count($Tp) !== 3)) {
goto Qx;
}
exit("\x49\x6e\166\x61\x6c\151\x64\40\112\x57\124\40\146\157\x72\155\x61\164");
Qx:
list($Q2, $jb, $nF) = $Tp;
$Gw = json_decode(base64_decode($Q2), true);
$sl = json_decode(base64_decode($jb), true);
if (!(!$Gw || !$sl)) {
goto Ri;
}
exit("\x49\156\x76\141\x6c\x69\144\40\112\x57\124\x20\x64\141\x74\x61");
Ri:
return $sl;
}
public static function actionLogin_flow($E6, $A7 = null, $H9 = null, $Kh, $hM, $ys)
{
$user = new User();
$Iq = User::find()->email($H9)->all();
$Ma = @$E6["\x63\165\x73\x74\x6f\155\x73\x65\x74\164\151\156\147\163"] ?: null;
$PG = @$E6["\157\x61\x75\x74\150\x73\145\164\164\x69\156\147\x73"]["\x6e\x6f\162\145\147"] ?: null;
$Yy = @$E6["\146\151\x72\163\164\x6e\141\155\x65"] ?: '';
$Wl = @$E6["\154\141\163\164\x6e\x61\155\145"] ?: '';
if (!(isset($Iq[0]["\141\x64\155\x69\156"]) && $Iq[0]["\141\144\x6d\151\x6e"] == 1)) {
goto ln;
}
exit("\x4e\x6f\x20\105\155\141\151\x6c\x20\101\144\144\x72\x65\163\x73\x20\122\x65\x74\165\x72\156\41");
ln:
if (empty($Iq)) {
goto Hs;
}
$user = User::find()->username($A7)->one();
if (!$user) {
goto FT;
}
$user->firstName = $Yy;
$user->lastName = $Wl;
$zJ = 1;
d2:
if (!($zJ <= $Kh)) {
goto m1;
}
$user->setFieldValue($hM["\143\165\x73\x74\x6f\155\137\141\164\164\162\151\142\165\x74\145" . strval($zJ)], $ys[$hM["\x63\165\x73\x74\157\x6d\x5f\141\x74\x74\x72\151\142\165\x74\145" . strval($zJ)]]);
q3:
$zJ++;
goto d2;
m1:
Craft::$app->getElements()->saveElement($user, false);
FT:
goto Xx;
Hs:
if (!Craft::$app->getUser()->getIdentity()) {
goto Iy;
}
return;
Iy:
$user->username = $A7;
$user->email = $H9;
$user->active = true;
$user->slug = "\x6d\x6f\154\157\x67\151\156";
$user->firstName = $Yy;
$user->lastName = $Wl;
if (!$user->validate(null, false)) {
goto Zp;
}
$zJ = 1;
dQ:
if (!($zJ <= $Kh)) {
goto v0;
}
$user->setFieldValue($hM["\143\x75\163\x74\x6f\155\137\x61\x74\164\x72\x69\142\165\164\x65" . strval($zJ)], $ys[$hM["\143\165\163\164\x6f\155\x5f\141\x74\164\x72\x69\142\x75\x74\x65" . strval($zJ)]]);
iK:
$zJ++;
goto dQ;
v0:
Craft::$app->getElements()->saveElement($user, false);
if (isset($Ma["\x67\x72\157\165\160\x68\141\156\x64\x6c\145"])) {
goto S5;
}
$V9 = @$Ma["\x75\x73\145\162\x52\157\154\145"] ?: array("\141\143\143\145\x73\163\103\x70");
Craft::$app->userPermissions->saveUserPermissions($user->id, $V9);
goto FE;
S5:
foreach ($Ma["\x67\x72\x6f\165\160\150\x61\156\x64\x6c\145"] as $ZW) {
$q7 = Craft::$app->userGroups->getGroupByHandle($ZW);
Craft::$app->users->assignUserToGroups($user->id, [$q7->id]);
SR:
}
w5:
FE:
Zp:
Xx:
$Iq = User::find()->email($H9)->all();
if (isset($Iq)) {
goto C2;
}
exit("\x45\x72\x72\157\162\40\x69\x6e\x20\x6c\x6f\x67\151\156\x21");
goto Ky;
C2:
Craft::$app->getUser()->login($Iq[0]);
$IC = App::parseEnv(@$Ma["\162\x65\x64\x69\x72\x65\143\x74\x5f\x75\x72\x6c"]) ?: UrlHelper::cpUrl("\144\141\x73\x68\142\x6f\141\162\144");
Craft::$app->getResponse()->redirect($IC);
Ky:
}
public static function actionTest_config($HD)
{
$Gs = "\74\144\x69\166\40\x73\x74\x79\154\x65\75\x22\143\x6f\154\x6f\x72\72\x20\43\x33\x63\x37\x36\x33\144\x3b\x20\142\x61\x63\x6b\147\162\157\x75\156\144\x2d\143\x6f\x6c\157\x72\72\x20\43\144\x66\146\60\144\70\73\40\160\x61\x64\144\151\x6e\147\72\x32\x25\73\x20\155\x61\x72\147\151\x6e\55\142\x6f\x74\x74\157\x6d\72\62\x30\x70\170\73\40\x74\145\x78\164\55\141\x6c\151\147\x6e\72\x63\145\156\164\145\x72\x3b\x20\142\x6f\162\144\x65\162\x3a\x31\160\x78\40\x73\157\154\x69\x64\40\x23\101\x45\x44\102\x39\x41\x3b\40\x66\157\156\x74\x2d\163\151\172\x65\x3a\x31\x38\160\x74\73\42\76\124\105\123\124\40\123\125\x43\x43\105\x53\123\x46\125\114\74\x2f\144\151\x76\x3e";
$q8 = "\x3c\143\145\x6e\x74\x65\x72\76\74\x74\141\142\x6c\145\x20\x73\x74\171\154\x65\75\47\167\151\x64\164\x68\72\x20\70\x30\45\73\x27\x3e";
$q8 .= "\x3c\164\162\76\x3c\164\150\x3e\113\145\x79\74\57\x74\150\76\74\x74\150\76\x56\x61\x6c\165\x65\74\57\x74\x68\x3e\x3c\x2f\x74\162\x3e";
foreach ($HD as $YG => $Wc) {
$q8 .= "\74\x74\162\x3e";
$q8 .= "\x3c\x74\x64\76{$YG}\x3c\x2f\x74\x64\x3e";
$q8 .= "\74\x74\144\x3e";
if (is_array($Wc)) {
goto ul;
}
$q8 .= "\x3c\x73\164\162\x6f\156\x67\x3e{$Wc}\74\57\163\x74\162\157\156\147\x3e";
goto iU;
ul:
if (empty($Wc)) {
goto Ct;
}
$q8 .= self::actionTest_config($Wc);
Ct:
iU:
$q8 .= "\74\57\164\x64\x3e\x3c\x2f\x74\x72\x3e";
FD:
}
g7:
$q8 .= "\x3c\57\164\x61\x62\154\x65\76\74\x2f\x63\145\156\164\145\x72\x3e\xa\x20\x20\x20\40\x20\40\40\40\x20\x20\x20\x20\74\163\x74\x79\154\145\76\xa\x20\x20\40\x20\x20\x20\40\40\40\40\x20\x20\x20\x20\x20\x20\164\x61\x62\154\x65\54\40\164\150\54\x20\164\x64\40\x7b\xa\40\40\40\40\x20\x20\40\40\40\x20\x20\40\x20\x20\40\x20\x20\40\40\x20\142\x6f\162\x64\x65\x72\72\x20\61\160\170\40\163\x6f\x6c\x69\x64\40\142\x6c\141\143\153\73\xa\x20\x20\40\x20\x20\x20\40\x20\40\x20\x20\x20\x20\x20\x20\x20\x20\x20\40\x20\142\x6f\x72\x64\x65\x72\55\143\157\154\154\141\x70\163\145\x3a\40\143\x6f\154\x6c\x61\x70\163\x65\73\xa\40\x20\40\40\x20\40\40\x20\40\x20\x20\x20\40\x20\40\40\40\40\40\x20\160\x61\x64\x64\151\x6e\x67\72\40\61\x30\160\x78\73\12\x20\40\40\x20\x20\40\x20\40\40\40\x20\x20\x20\40\40\x20\40\x20\40\40\146\157\156\164\55\x73\x69\172\145\72\40\x31\65\x70\170\x3b\12\40\40\40\40\40\40\x20\x20\x20\x20\x20\x20\x20\40\40\x20\175\12\x20\40\x20\40\x20\x20\x20\x20\x20\x20\40\40\74\x2f\163\164\x79\154\x65\x3e";
echo $Gs .= $q8;
exit;
}
}
Function Calls
| None |
Stats
| MD5 | 08a1c88219a884984f6a16b5ac2ab3aa |
| Eval Count | 0 |
| Decode Time | 51 ms |