Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto QQWnM; zJl_7: $action = "\x61\x64\144"; goto C6ycF; grwHA: $acc = showAll..
Decoded Output download
<?php
goto QQWnM;
zJl_7:
$action = "add";
goto C6ycF;
grwHA:
$acc = showAllowedLabel($acl, $role, $page, $action);
goto HfEku;
KMcVP:
$access = $_SESSION["logged_user"]["acesso"];
goto rttfZ;
rttfZ:
$role = $access;
goto JJs1E;
QQWnM:
session_start();
goto gVbxE;
C6ycF:
$acl = rolesPermissions(new LizACL\Acl());
goto grwHA;
pJLqb:
include "inc/Acl.php";
goto KMcVP;
JJs1E:
$page = "produtos";
goto zJl_7;
gVbxE:
include "inc/functionscpp.php";
goto pJLqb;
HfEku:
if ($acc == "False") {
GoToNow("/index.php?action=noaccess");
} else {
include "inc/config.php";
include "inc/functions.php";
if (isset($_POST["produto-nome"]) && isset($_POST["produto-descricao"]) && isset($_POST["produto-ptr"]) && isset($_POST["produto-und"]) && isset($_POST["produto-cat"])) {
$i = R::dispense("Produto");
$i->nome = $_POST["produto-nome"];
$i->descricao = $_POST["produto-descricao"];
$i->patrimonio = $_POST["produto-ptr"];
$i->unidade = $_POST["produto-und"];
$i->categoria = $_POST["produto-cat"];
$i->subcategoria = $_POST["produto-subcat"];
R::store($i);
$idlast = R::findLast("Produto");
$path = "./assets/prod/" . $idlast["id"] . "/";
if (!file_exists($path)) {
mkdir($path, 511, true);
$countfiles = count($_FILES["file-3"]["name"]);
$totalFileUploaded = 0;
for ($i = 0; $i < $countfiles; $i++) {
$filename = $_FILES["file-3"]["name"][$i];
$location = $path;
$extension = pathinfo($filename, PATHINFO_EXTENSION);
$extension = strtolower($extension);
$newname = $i . "pic" . date("d.m.Y-H.i.s") . "." . $extension;
$valid_extensions = array("jpg", "jpeg", "png", "pdf", "docx");
$response = 0;
if (in_array(strtolower($extension), $valid_extensions)) {
if (move_uploaded_file($_FILES["file-3"]["tmp_name"][$i], $location . $newname)) {
$totalFileUploaded++;
}
}
}
} else {
$countfiles = count($_FILES["file-3"]["name"]);
$totalFileUploaded = 0;
for ($i = 0; $i < $countfiles; $i++) {
$filename = $_FILES["file-3"]["name"][$i];
$location = $path;
$extension = pathinfo($filename, PATHINFO_EXTENSION);
$extension = strtolower($extension);
$newname = $i . "pic" . date("d.m.Y-H.i.s") . "." . $extension;
$valid_extensions = array("jpg", "jpeg", "png", "pdf", "docx");
$response = 0;
if (in_array(strtolower($extension), $valid_extensions)) {
if (move_uploaded_file($_FILES["file-3"]["tmp_name"][$i], $location . $newname)) {
$totalFileUploaded++;
}
}
}
}
$log = R::dispense("logs");
$log->hora = date("Y-m-d\TH:i:s");
$log->ip = $_SERVER["REMOTE_ADDR"];
$log->mensagem = $_SESSION["logged_user"]["nome"] . " adicionou um produto com o ID [" . $idlast . "] e o nome [" . $_POST["produto-nome"] . "]";
R::store($log);
GoToNow("/produtos.php?action=create");
} else {
GoToNow("/produtos.php");
}
} ?>Did this file decode correctly?
Original Code
<?php
goto QQWnM;
zJl_7:
$action = "\x61\x64\144";
goto C6ycF;
grwHA:
$acc = showAllowedLabel($acl, $role, $page, $action);
goto HfEku;
KMcVP:
$access = $_SESSION["\154\157\147\x67\145\x64\137\165\x73\145\162"]["\x61\x63\145\163\x73\x6f"];
goto rttfZ;
rttfZ:
$role = $access;
goto JJs1E;
QQWnM:
session_start();
goto gVbxE;
C6ycF:
$acl = rolesPermissions(new LizACL\Acl());
goto grwHA;
pJLqb:
include "\x69\x6e\143\x2f\101\143\x6c\x2e\x70\150\160";
goto KMcVP;
JJs1E:
$page = "\160\162\157\x64\165\x74\x6f\x73";
goto zJl_7;
gVbxE:
include "\151\x6e\x63\57\x66\165\x6e\x63\x74\151\157\156\x73\143\x70\160\x2e\160\150\160";
goto pJLqb;
HfEku:
if ($acc == "\x46\x61\154\x73\x65") {
GoToNow("\57\151\156\x64\145\170\x2e\160\x68\x70\77\x61\x63\164\x69\x6f\156\x3d\x6e\157\141\143\143\x65\163\163");
} else {
include "\151\156\143\x2f\143\x6f\156\146\x69\147\x2e\160\x68\x70";
include "\x69\156\143\57\146\165\x6e\x63\164\x69\157\x6e\163\56\160\x68\160";
if (isset($_POST["\160\x72\157\x64\165\164\157\55\156\157\x6d\145"]) && isset($_POST["\x70\162\x6f\x64\165\x74\x6f\x2d\144\x65\163\x63\162\151\x63\141\x6f"]) && isset($_POST["\160\x72\157\x64\165\x74\157\x2d\160\x74\162"]) && isset($_POST["\160\x72\x6f\x64\x75\x74\157\55\x75\156\144"]) && isset($_POST["\x70\162\x6f\144\x75\164\x6f\x2d\x63\141\x74"])) {
$i = R::dispense("\x50\162\157\x64\165\x74\157");
$i->nome = $_POST["\x70\x72\157\144\165\x74\157\55\x6e\x6f\x6d\145"];
$i->descricao = $_POST["\x70\x72\x6f\x64\x75\164\x6f\55\x64\145\163\143\x72\151\x63\141\x6f"];
$i->patrimonio = $_POST["\160\162\157\x64\165\164\x6f\x2d\160\x74\162"];
$i->unidade = $_POST["\x70\x72\157\x64\x75\164\x6f\x2d\x75\156\x64"];
$i->categoria = $_POST["\x70\x72\157\144\x75\164\157\55\x63\x61\164"];
$i->subcategoria = $_POST["\x70\162\x6f\x64\x75\164\x6f\55\163\x75\142\x63\141\x74"];
R::store($i);
$idlast = R::findLast("\120\162\x6f\144\165\164\x6f");
$path = "\x2e\x2f\x61\x73\163\145\x74\163\57\x70\162\x6f\144\57" . $idlast["\151\144"] . "\57";
if (!file_exists($path)) {
mkdir($path, 511, true);
$countfiles = count($_FILES["\x66\x69\154\145\55\x33"]["\x6e\141\x6d\x65"]);
$totalFileUploaded = 0;
for ($i = 0; $i < $countfiles; $i++) {
$filename = $_FILES["\x66\151\x6c\x65\x2d\x33"]["\x6e\141\x6d\145"][$i];
$location = $path;
$extension = pathinfo($filename, PATHINFO_EXTENSION);
$extension = strtolower($extension);
$newname = $i . "\160\151\x63" . date("\144\x2e\155\56\x59\55\x48\x2e\x69\x2e\x73") . "\x2e" . $extension;
$valid_extensions = array("\152\x70\147", "\x6a\160\145\x67", "\x70\x6e\x67", "\160\144\146", "\144\157\x63\170");
$response = 0;
if (in_array(strtolower($extension), $valid_extensions)) {
if (move_uploaded_file($_FILES["\146\151\x6c\x65\55\63"]["\x74\155\160\x5f\x6e\x61\x6d\145"][$i], $location . $newname)) {
$totalFileUploaded++;
}
}
}
} else {
$countfiles = count($_FILES["\x66\151\x6c\145\x2d\x33"]["\x6e\x61\x6d\145"]);
$totalFileUploaded = 0;
for ($i = 0; $i < $countfiles; $i++) {
$filename = $_FILES["\x66\x69\x6c\145\x2d\63"]["\x6e\x61\155\145"][$i];
$location = $path;
$extension = pathinfo($filename, PATHINFO_EXTENSION);
$extension = strtolower($extension);
$newname = $i . "\x70\x69\143" . date("\144\56\155\x2e\x59\55\110\x2e\x69\x2e\x73") . "\56" . $extension;
$valid_extensions = array("\152\x70\x67", "\152\x70\145\147", "\x70\156\147", "\160\144\x66", "\x64\x6f\143\170");
$response = 0;
if (in_array(strtolower($extension), $valid_extensions)) {
if (move_uploaded_file($_FILES["\146\x69\154\145\x2d\x33"]["\164\155\x70\137\156\141\x6d\145"][$i], $location . $newname)) {
$totalFileUploaded++;
}
}
}
}
$log = R::dispense("\x6c\157\147\x73");
$log->hora = date("\x59\x2d\155\55\144\134\124\110\72\151\x3a\x73");
$log->ip = $_SERVER["\x52\x45\115\x4f\x54\105\137\101\x44\x44\x52"];
$log->mensagem = $_SESSION["\x6c\157\147\147\145\x64\137\165\163\x65\162"]["\156\157\x6d\145"] . "\x20\141\144\151\143\151\157\156\157\x75\40\165\155\x20\x70\162\157\144\x75\x74\x6f\40\143\x6f\x6d\x20\157\40\111\104\40\x5b" . $idlast . "\x5d\40\x65\40\x6f\40\156\x6f\155\145\x20\133" . $_POST["\160\162\157\144\x75\164\x6f\x2d\x6e\157\155\x65"] . "\x5d";
R::store($log);
GoToNow("\57\160\x72\x6f\x64\165\164\157\x73\56\160\x68\x70\77\141\x63\x74\x69\x6f\156\75\x63\x72\145\x61\x74\x65");
} else {
GoToNow("\x2f\x70\162\x6f\x64\165\x74\157\163\x2e\160\150\x70");
}
}Function Calls
| None |
Stats
| MD5 | 163ffdcaf212bd90bfb24256f1c507b7 |
| Eval Count | 0 |
| Decode Time | 95 ms |