Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /** * This file is a part of the miniorange-saml-20-single-sign-on plugin. * ..
Decoded Output download
<?php
/**
* This file is a part of the miniorange-saml-20-single-sign-on plugin.
*
* @link https://plugins.miniorange.com/
* @author miniOrange
* @package miniorange-saml-20-single-sign-on
*/
include_once dirname(__FILE__) . '/Utilities.php';
include_once dirname(__FILE__) . '/Response.php';
include_once dirname(__FILE__) . '/LogoutRequest.php';
require_once dirname(__FILE__) . '/includes/lib/encryption.php';
include_once 'xmlseclibs.php';
use MOSAML\LicenseLibrary\Mo_License_Service;
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class mo_login_wid extends WP_Widget
{
public function __construct()
{
$bv = get_site_option("saml_identity_name");
parent::__construct("Saml_Login_Widget", "Login with " . $bv, array("description" => __("This is a miniOrange SAML login widget.", "mosaml")));
}
public function widget($u5, $JD)
{
extract($u5);
if (empty($JD["wid_title"])) {
goto mTA;
}
$p8 = apply_filters("widget_title", $JD["wid_title"]);
mTA:
echo $u5["before_widget"];
if (empty($p8)) {
goto cOt;
}
echo $u5["before_title"] . $p8 . $u5["after_title"];
cOt:
$this->loginForm();
echo $u5["after_widget"];
}
public function update($Ns, $dr)
{
$JD = array();
$JD["wid_title"] = strip_tags($Ns["wid_title"]);
return $JD;
}
public function form($JD)
{
$p8 = '';
if (empty($JD["wid_title"])) {
goto hXl;
}
$p8 = $JD["wid_title"];
hXl:
echo "
<p><label for="" . $this->get_field_id("wid_title") . " ">" . _e("Title:") . " </label>
\x9 <input class="widefat" id="" . $this->get_field_id("wid_title") . "" name="" . $this->get_field_name("wid_title") . "" type="text" value="" . $p8 . "" />\xd\xa </p>";
}
public function loginForm()
{
global $post;
$rw = get_site_option("saml_sso_settings");
$GW = get_current_blog_id();
$rT = Utilities::get_active_sites();
if (Utilities::mo_saml_in_array($GW, $rT)) {
goto Y49;
}
return;
Y49:
if (!(empty($rw[$GW]) && !empty($rw["DEFAULT"]))) {
goto X1q;
}
$rw[$GW] = $rw["DEFAULT"];
X1q:
if (!is_user_logged_in()) {
goto nTY;
}
$current_user = wp_get_current_user();
$WL = "Hello,";
if (empty($rw[$GW]["mo_saml_custom_greeting_text"])) {
goto nHX;
}
$WL = $rw[$GW]["mo_saml_custom_greeting_text"];
nHX:
$Y1 = '';
if (empty($rw[$GW]["mo_saml_greeting_name"])) {
goto oUV;
}
switch ($rw[$GW]["mo_saml_greeting_name"]) {
case "USERNAME":
$Y1 = $current_user->user_login;
goto ik9;
case "EMAIL":
$Y1 = $current_user->user_email;
goto ik9;
case "FNAME":
$Y1 = $current_user->user_firstname;
goto ik9;
case "LNAME":
$Y1 = $current_user->user_lastname;
goto ik9;
case "FNAME_LNAME":
$Y1 = $current_user->user_firstname . " " . $current_user->user_lastname;
goto ik9;
case "LNAME_FNAME":
$Y1 = $current_user->user_lastname . " " . $current_user->user_firstname;
goto ik9;
default:
$Y1 = $current_user->user_login;
}
Iui:
ik9:
oUV:
if (!empty(trim($Y1))) {
goto n47;
}
$Y1 = $current_user->user_login;
n47:
$NQ = $WL . " " . $Y1;
$gl = "Logout";
if (empty($rw[$GW]["mo_saml_custom_logout_text"])) {
goto JRg;
}
$gl = $rw[$GW]["mo_saml_custom_logout_text"];
JRg:
echo $NQ . " | <a href="" . wp_logout_url(home_url()) . "" title="logout" >" . $gl . "</a></li>";
goto yfZ;
nTY:
echo "\xd\xa \x9<script>
\x9\x9function submitSamlForm(){ document.getElementById("login").submit(); }\xd\xa </script>\xd
\x9 \x9<form name="login" id="login" method="post" action="">
\xa\x9 \x9<input type="hidden" name="option" value="saml_user_login" />
\xa\xd
\x9<font size="+1" style="vertical-align:top;"> </font>";
$m9 = get_site_option("saml_identity_name");
$oX = get_site_option("saml_x509_certificate");
if (!empty($m9) && !empty($oX)) {
goto BG8;
}
echo "Please configure the miniOrange SAML Plugin first.";
goto i6L;
BG8:
$ni = "Login with ##IDP##";
if (empty($rw[$GW]["mo_saml_custom_login_text"])) {
goto IGY;
}
$ni = $rw[$GW]["mo_saml_custom_login_text"];
IGY:
$ni = str_replace("##IDP##", $m9, $ni);
$Uz = false;
if (!(!empty($rw[$GW]["mo_saml_use_button_as_widget"]) && $rw[$GW]["mo_saml_use_button_as_widget"] == "true")) {
goto UY3;
}
$Uz = true;
UY3:
if (!$Uz) {
goto Vu5;
}
$TD = !empty($rw[$GW]["mo_saml_button_width"]) ? $rw[$GW]["mo_saml_button_width"] : "100";
$ng = !empty($rw[$GW]["mo_saml_button_height"]) ? $rw[$GW]["mo_saml_button_height"] : "50";
$QT = !empty($rw[$GW]["mo_saml_button_size"]) ? $rw[$GW]["mo_saml_button_size"] : "50";
$zY = !empty($rw[$GW]["mo_saml_button_curve"]) ? $rw[$GW]["mo_saml_button_curve"] : "5";
$Pm = !empty($rw[$GW]["mo_saml_button_color"]) ? $rw[$GW]["mo_saml_button_color"] : "0085ba";
$rg = !empty($rw[$GW]["mo_saml_button_theme"]) ? $rw[$GW]["mo_saml_button_theme"] : "longbutton";
$nh = !empty($rw[$GW]["mo_saml_button_text"]) ? $rw[$GW]["mo_saml_button_text"] : (get_site_option("saml_identity_name") ? get_site_option("saml_identity_name") : "Login");
$i8 = !empty($rw[$GW]["mo_saml_font_color"]) ? $rw[$GW]["mo_saml_font_color"] : "ffffff";
$SY = !empty($rw[$GW]["mo_saml_font_size"]) ? $rw[$GW]["mo_saml_font_size"] : "20";
$BM = !empty($rw[$GW]["sso_button_login_form_position"]) ? $rw[$GW]["sso_button_login_form_position"] : "above";
$ni = "<input type="button" name="mo_saml_wp_sso_button" value="" . $nh . "" style="";
$a9 = '';
if ($rg == "longbutton") {
goto wxk;
}
if ($rg == "circle") {
goto ap3;
}
if ($rg == "oval") {
goto EqK;
}
if ($rg == "square") {
goto i11;
}
goto yhH;
ap3:
$a9 = $a9 . "width:" . $QT . "px;";
$a9 = $a9 . "height:" . $QT . "px;";
$a9 = $a9 . "border-radius:999px;";
goto yhH;
EqK:
$a9 = $a9 . "width:" . $QT . "px;";
$a9 = $a9 . "height:" . $QT . "px;";
$a9 = $a9 . "border-radius:5px;";
goto yhH;
i11:
$a9 = $a9 . "width:" . $QT . "px;";
$a9 = $a9 . "height:" . $QT . "px;";
$a9 = $a9 . "border-radius:0px;";
yhH:
goto anc;
wxk:
$a9 = $a9 . "width:" . $TD . "px;";
$a9 = $a9 . "height:" . $ng . "px;";
$a9 = $a9 . "border-radius:" . $zY . "px;";
anc:
$a9 = $a9 . "background-color:#" . $Pm . ";";
$a9 = $a9 . "border-color:transparent;";
$a9 = $a9 . "color:#" . $i8 . ";";
$a9 = $a9 . "font-size:" . $SY . "px;";
$a9 = $a9 . "padding:0px;";
$ni = $ni . $a9 . ""/>";
Vu5:
echo " <a href="#" onClick="submitSamlForm()">";
echo $ni;
echo "</a></form> ";
i6L:
if (empty(get_site_option("mo_saml_redirect_error_code"))) {
goto JsX;
}
echo "<div></div><div title="Login Error"><font color="red">We could not sign you in. Please contact your Administrator.</font></div>";
delete_site_option("mo_saml_redirect_error_code");
delete_site_option("mo_saml_redirect_error_reason");
JsX:
echo "<a href="http://miniorange.com/wordpress-ldap-login" style="display:none">Login to WordPress using LDAP</a>
\x9 \x9<a href="http://miniorange.com/cloud-identity-broker-service" style="display:none">Cloud Identity broker service</a>\xd
\x9\x9 <a href="http://miniorange.com/strong_auth" style="display:none;"></a>\xd
\x9 \x9 <a href="http://miniorange.com/single-sign-on-sso" style="display:none;"></a>
\x9 \x9 <a href="http://miniorange.com/fraud" style="display:none;"></a>
\xd
\x9\x9 </ul>
\x9 </form>";
yfZ:
}
function mo_saml_logout_init()
{
do_action("mo_saml_pre_logout_init");
if (!(isset($_REQUEST["option"]) and $_REQUEST["option"] == "saml_user_logout")) {
goto VVv;
}
$user = is_user_logged_in() ? wp_get_current_user() : null;
if (empty($user)) {
goto DDC;
}
wp_logout();
DDC:
VVv:
}
function mo_saml_logout($o8)
{
$user = get_user_by("id", $o8);
$pD = get_site_option("saml_logout_url");
$sh = get_site_option("saml_logout_binding_type");
$current_user = $user;
$SB = get_user_meta($current_user->ID, "mo_saml_idp_login");
$SB = !empty($SB[0]) ? $SB[0] : '';
$jK = wp_get_referer();
if (!empty($jK)) {
goto gsG;
}
$jK = !empty(get_site_option("mo_saml_sp_base_url")) ? get_site_option("mo_saml_sp_base_url") : get_network_site_url();
gsG:
if (empty($pD)) {
goto AZu;
}
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto UJV;
}
session_start();
UJV:
if (!empty($_SESSION["mo_saml_logout_request"])) {
goto d3o;
}
if ($SB == "true") {
goto QWv;
}
goto Jbv;
d3o:
self::createLogoutResponseAndRedirect($pD, $sh);
exit;
goto Jbv;
QWv:
delete_user_meta($current_user->ID, "mo_saml_idp_login");
$DV = get_user_meta($current_user->ID, "mo_saml_name_id");
$x5 = get_user_meta($current_user->ID, "mo_saml_session_index");
mo_saml_create_logout_request($DV, $x5, $pD, $sh, $jK);
Jbv:
AZu:
wp_redirect($jK);
exit;
}
function createLogoutResponseAndRedirect($pD, $sh)
{
$fs = get_site_option("mo_saml_sp_base_url");
if (!empty($fs)) {
goto rV9;
}
$fs = get_network_site_url();
rV9:
$Gn = $_SESSION["mo_saml_logout_request"];
$Gx = $_SESSION["mo_saml_logout_relay_state"];
unset($_SESSION["mo_saml_logout_request"]);
unset($_SESSION["mo_saml_logout_relay_state"]);
$G7 = new DOMDocument();
$G7->loadXML($Gn);
$Gn = $G7->firstChild;
if (!($Gn->localName == "LogoutRequest")) {
goto bvh;
}
$ET = new SAML2_LogoutRequest($Gn);
$VQ = get_site_option("mo_saml_sp_entity_id");
if (!empty($VQ)) {
goto HeQ;
}
$VQ = $fs . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
HeQ:
$TB = $pD;
$Jo = Utilities::createLogoutResponse($ET->getId(), $VQ, $TB, $sh);
if (!is_user_logged_in()) {
goto oHB;
}
wp_destroy_current_session();
wp_clear_auth_cookie();
wp_set_current_user(0);
oHB:
do_action("mo_saml_idp_initiated_slo_pre_redirect", $ET->getId(), $Gx);
if (empty($sh) || $sh == "HttpRedirect") {
goto tuy;
}
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto ulK;
}
$E2 = base64_encode($Jo);
Utilities::postSAMLResponse($pD, $E2, $Gx);
exit;
ulK:
$at = '';
$Wv = '';
$E2 = Utilities::signXML($Jo, "Status");
Utilities::postSAMLResponse($pD, $E2, $Gx);
goto obx;
tuy:
$Ox = $pD;
if (strpos($pD, "?") !== false) {
goto YM6;
}
$Ox .= "?";
goto GrR;
YM6:
$Ox .= "&";
GrR:
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto Re0;
}
$Ox .= "SAMLResponse=" . $Jo . "&RelayState=" . urlencode($Gx);
header("Location: " . $Ox);
exit;
Re0:
$Ox .= "SAMLResponse=" . $Jo . "&RelayState=" . urlencode($Gx);
header("Location: " . $Ox);
exit;
obx:
bvh:
}
}
function mo_saml_create_logout_request($DV, $x5, $pD, $sh, $jK)
{
$fs = get_site_option("mo_saml_sp_base_url");
if (!empty($fs)) {
goto eKy;
}
$fs = get_network_site_url();
eKy:
$VQ = get_site_option("mo_saml_sp_entity_id");
if (!empty($VQ)) {
goto I2L;
}
$VQ = $fs . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
I2L:
$TB = $pD;
$rt = $jK;
if (!empty($rt)) {
goto Lx5;
}
$rt = saml_get_current_page_url();
if (!strpos($rt, "?")) {
goto L1f;
}
$rt = get_network_site_url();
L1f:
Lx5:
$rt = mo_saml_relaystate_url($rt);
$mb = Utilities::createLogoutRequest($DV, $VQ, $TB, $x5, $sh);
if (empty($sh) || $sh == "HttpRedirect") {
goto HAL;
}
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto cMF;
}
$E2 = base64_encode($mb);
Utilities::postSAMLRequest($pD, $E2, $rt);
exit;
cMF:
$at = '';
$Wv = '';
$E2 = Utilities::signXML($mb, "NameIDPolicy");
Utilities::postSAMLRequest($pD, $E2, $rt);
goto MlR;
HAL:
$Ox = $pD;
if (strpos($pD, "?") !== false) {
goto uKB;
}
$Ox .= "?";
goto r2u;
uKB:
$Ox .= "&";
r2u:
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto kN_;
}
$Ox .= "SAMLRequest=" . $mb . "&RelayState=" . urlencode($rt);
header("Location: " . $Ox);
exit;
kN_:
$mb = "SAMLRequest=" . $mb . "&RelayState=" . urlencode($rt) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$HH = array("type" => "private");
$ns = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $HH);
$KH = get_site_option("mo_saml_current_cert_private_key");
$ns->loadKey($KH, FALSE);
$TI = new XMLSecurityDSig();
$Pw = $ns->signData($mb);
$Pw = base64_encode($Pw);
$Ox .= $mb . "&Signature=" . urlencode($Pw);
header("Location:" . $Ox);
exit;
MlR:
}
function mo_login_validate()
{
if (Mo_License_Service::is_customer_license_verified()) {
goto VAN;
}
return;
VAN:
if (!(!empty($_REQUEST["option"]) && $_REQUEST["option"] == "mosaml_metadata" && Mo_License_Service::is_customer_license_valid())) {
goto UNr;
}
miniorange_generate_metadata();
UNr:
if (!(!empty($_REQUEST["option"]) && ($_REQUEST["option"] == "saml_user_login" || $_REQUEST["option"] == "testConfig" || $_REQUEST["option"] == "getsamlrequest" || $_REQUEST["option"] == "getsamlresponse"))) {
goto Cqw;
}
if (mo_saml_is_sp_configured()) {
goto f7R;
}
if (!is_user_logged_in()) {
goto cen;
}
if (empty($_REQUEST["redirect_to"])) {
goto Xbd;
}
$CR = htmlspecialchars($_REQUEST["redirect_to"]);
wp_safe_redirect($CR);
exit;
Xbd:
cen:
goto dOw;
f7R:
if (!(is_user_logged_in() and $_REQUEST["option"] == "saml_user_login")) {
goto jWJ;
}
if (empty($_REQUEST["redirect_to"])) {
goto StS;
}
$CR = htmlspecialchars($_REQUEST["redirect_to"]);
wp_safe_redirect($CR);
exit;
StS:
return;
jWJ:
$fs = get_site_option("mo_saml_sp_base_url");
if (!empty($fs)) {
goto dm2;
}
$fs = get_network_site_url();
dm2:
$rw = get_site_option("saml_sso_settings");
$GW = get_current_blog_id();
$rT = Utilities::get_active_sites();
if (Utilities::mo_saml_in_array($GW, $rT)) {
goto Rzu;
}
return;
Rzu:
if (!(empty($rw[$GW]) && !empty($rw["DEFAULT"]))) {
goto BQt;
}
$rw[$GW] = $rw["DEFAULT"];
BQt:
if ($_REQUEST["option"] == "testConfig" and array_key_exists("newcert", $_REQUEST)) {
goto b_p;
}
if ($_REQUEST["option"] == "testConfig") {
goto UNd;
}
if ($_REQUEST["option"] == "getsamlrequest") {
goto XoT;
}
if ($_REQUEST["option"] == "getsamlresponse") {
goto SsT;
}
if (!empty($rw[$GW]["mo_saml_relay_state"])) {
goto xqd;
}
if (!empty($_REQUEST["redirect_to"])) {
goto G_h;
}
$rt = saml_get_current_page_url();
goto Xk5;
G_h:
$rt = $_REQUEST["redirect_to"];
Xk5:
goto lUe;
xqd:
$rt = $rw[$GW]["mo_saml_relay_state"];
lUe:
goto r4J;
SsT:
$rt = "displaySAMLResponse";
r4J:
goto enC;
XoT:
$rt = "displaySAMLRequest";
enC:
goto nPx;
UNd:
$rt = "testValidate";
nPx:
goto PM1;
b_p:
$rt = "testNewCertificate";
PM1:
$Mu = get_site_option("saml_login_url");
$Vh = !empty(get_site_option("saml_login_binding_type")) ? get_site_option("saml_login_binding_type") : "HttpPost";
$rw = get_site_option("saml_sso_settings");
$GW = get_current_blog_id();
$rT = Utilities::get_active_sites();
if (Utilities::mo_saml_in_array($GW, $rT)) {
goto IQs;
}
return;
IQs:
if (!(empty($rw[$GW]) && !empty($rw["DEFAULT"]))) {
goto XiT;
}
$rw[$GW] = $rw["DEFAULT"];
XiT:
$cF = !empty($rw[$GW]["mo_saml_force_authentication"]) ? $rw[$GW]["mo_saml_force_authentication"] : '';
$lR = $fs . "/";
$VQ = get_site_option("mo_saml_sp_entity_id");
$hY = get_site_option("saml_nameid_format");
if (!empty($hY)) {
goto eJ5;
}
$hY = "1.1:nameid-format:unspecified";
eJ5:
if (!empty($VQ)) {
goto IU_;
}
$VQ = $fs . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
IU_:
$mb = Utilities::createAuthnRequest($lR, $VQ, $Mu, $cF, $Vh, $hY);
if (!($rt == "displaySAMLRequest")) {
goto cgF;
}
mo_saml_show_SAML_log(Utilities::createAuthnRequest($lR, $VQ, $Mu, $cF, "HttpPost", $hY), $rt);
cgF:
$Ox = htmlspecialchars_decode($Mu);
if (strpos($Mu, "?") !== false) {
goto MZ0;
}
$Ox .= "?";
goto o3B;
MZ0:
$Ox .= "&";
o3B:
$rt = mo_saml_relaystate_url($rt);
if ($Vh == "HttpRedirect") {
goto dRY;
}
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto dDg;
}
$E2 = base64_encode($mb);
Utilities::postSAMLRequest($Mu, $E2, $rt);
exit;
dDg:
$at = '';
$Wv = '';
if ($_REQUEST["option"] == "testConfig" && array_key_exists("newcert", $_REQUEST)) {
goto OTC;
}
$E2 = Utilities::signXML($mb, "NameIDPolicy");
goto Jry;
OTC:
$E2 = Utilities::signXML($mb, "NameIDPolicy", true);
Jry:
Utilities::postSAMLRequest($Mu, $E2, $rt);
update_site_option("mo_saml_new_cert_test", true);
goto l3z;
dRY:
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto szi;
}
$Ox .= "SAMLRequest=" . $mb . "&RelayState=" . urlencode($rt);
header("Location: " . $Ox);
exit;
szi:
$mb = "SAMLRequest=" . $mb . "&RelayState=" . urlencode($rt) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$HH = array("type" => "private");
$ns = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $HH);
if ($_REQUEST["option"] == "testConfig" && array_key_exists("newcert", $_REQUEST)) {
goto GjP;
}
$KH = get_site_option("mo_saml_current_cert_private_key");
goto Qra;
GjP:
$KH = file_get_contents(plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
Qra:
$ns->loadKey($KH, FALSE);
$TI = new XMLSecurityDSig();
$Pw = $ns->signData($mb);
$Pw = base64_encode($Pw);
$Ox .= $mb . "&Signature=" . urlencode($Pw);
header("Location: " . $Ox);
exit;
l3z:
dOw:
Cqw:
if (!(array_key_exists("SAMLResponse", $_REQUEST) && !empty($_REQUEST["SAMLResponse"]))) {
goto P78;
}
if (array_key_exists("RelayState", $_POST) && !empty($_POST["RelayState"]) && $_POST["RelayState"] != "/") {
goto nuX;
}
$XS = '';
goto U_L;
nuX:
$XS = $_POST["RelayState"];
U_L:
$XS = mo_saml_parse_url($XS);
$fs = get_site_option("mo_saml_sp_base_url");
if (!empty($fs)) {
goto r_m;
}
$fs = get_network_site_url();
r_m:
$xb = $_REQUEST["SAMLResponse"];
$xb = base64_decode($xb);
if (!($XS == "displaySAMLResponse")) {
goto ycn;
}
mo_saml_show_SAML_log($xb, $XS);
ycn:
if (!(array_key_exists("SAMLResponse", $_GET) && !empty($_GET["SAMLResponse"]))) {
goto ZSq;
}
$xb = gzinflate($xb);
ZSq:
$G7 = new DOMDocument();
$G7->loadXML($xb);
$kP = $G7->firstChild;
$Hy = $G7->documentElement;
$Iw = new DOMXpath($G7);
$Iw->registerNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");
$Iw->registerNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
if ($kP->localName == "LogoutResponse") {
goto UtK;
}
$vS = $Iw->query("/samlp:Response/samlp:Status/samlp:StatusCode", $Hy);
$xn = !empty($vS) ? $vS->item(0)->getAttribute("Value") : '';
$Gl = explode(":", $xn);
if (!array_key_exists(7, $Gl)) {
goto eQd;
}
$vS = $Gl[7];
eQd:
$Nv = $Iw->query("/samlp:Response/samlp:Status/samlp:StatusMessage", $Hy);
$Vc = !empty($Nv) ? $Nv->item(0) : '';
if (empty($Vc)) {
goto xvZ;
}
$Vc = $Vc->nodeValue;
xvZ:
if (array_key_exists("RelayState", $_POST) && !empty($_POST["RelayState"]) && $_POST["RelayState"] != "/") {
goto HEB;
}
$XS = '';
goto kJA;
HEB:
$XS = $_POST["RelayState"];
$XS = mo_saml_parse_url($XS);
kJA:
if (!($vS != "Success")) {
goto a5n;
}
show_status_error($vS, $XS, $Vc);
a5n:
if (!($XS !== "testValidate" && $XS !== "testNewCertificate")) {
goto BOr;
}
$C2 = parse_url($XS, PHP_URL_HOST);
$vI = parse_url($fs, PHP_URL_HOST);
$Mm = parse_url(get_current_base_url(), PHP_URL_HOST);
if (!empty($XS)) {
goto sAm;
}
$XS = "/";
goto Vuh;
sAm:
$XS = mo_saml_parse_url($XS);
Vuh:
if (!(!empty($C2) && $C2 != $Mm && !mo_saml_is_subdomain($C2, $Mm))) {
goto pjW;
}
Utilities::postSAMLResponse($XS, $_REQUEST["SAMLResponse"], mo_saml_relaystate_url($XS));
pjW:
BOr:
$WU = maybe_unserialize(get_site_option("saml_x509_certificate"));
update_site_option("mo_saml_response", base64_encode($xb));
foreach ($WU as $ns => $Hr) {
if (@openssl_x509_read($Hr)) {
goto dMd;
}
unset($WU[$ns]);
dMd:
Tij:
}
j1h:
$lR = $fs . "/";
if ($XS == "testNewCertificate") {
goto uo6;
}
$xb = new SAML2_Response($kP, get_site_option("mo_saml_current_cert_private_key"));
goto tC1;
uo6:
$fh = file_get_contents(plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
$xb = new SAML2_Response($kP, $fh);
tC1:
$yh = $xb->getSignatureData();
$OV = current($xb->getAssertions())->getSignatureData();
if (!(empty($OV) && empty($yh))) {
goto foA;
}
if ($XS == "testValidate" or $XS == "testNewCertificate") {
goto Sw7;
}
wp_die("We could not sign you in. Please contact administrator", "Error: Invalid SAML Response");
goto IOj;
Sw7:
$W_ = mo_options_error_constants::Error_no_certificate;
$FQ = mo_options_error_constants::Cause_no_certificate;
echo "<div style="font-family:Calibri;padding:0 3%;">\xd\xa <div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error :" . esc_html($W_) . " </strong></p>\xd
\xd
<p><strong>Possible Cause: " . esc_html($FQ) . "</strong></p>\xd
</div></div>";
mo_saml_download_logs($W_, $FQ);
exit;
IOj:
foA:
$W9 = '';
if (is_array($WU)) {
goto f5G;
}
$Vp = XMLSecurityKey::getRawThumbprint($WU);
$Vp = mo_saml_convert_to_windows_iconv($Vp);
$Vp = preg_replace("/\s+/", '', $Vp);
if (empty($yh)) {
goto vCD;
}
$W9 = Utilities::processResponse($lR, $Vp, $yh, $xb, 0, $XS);
vCD:
if (empty($OV)) {
goto LDk;
}
$W9 = Utilities::processResponse($lR, $Vp, $OV, $xb, 0, $XS);
LDk:
goto snJ;
f5G:
foreach ($WU as $ns => $Hr) {
$Vp = XMLSecurityKey::getRawThumbprint($Hr);
$Vp = mo_saml_convert_to_windows_iconv($Vp);
$Vp = preg_replace("/\s+/", '', $Vp);
if (empty($yh)) {
goto yYS;
}
$W9 = Utilities::processResponse($lR, $Vp, $yh, $xb, $ns, $XS);
yYS:
if (empty($OV)) {
goto s6v;
}
$W9 = Utilities::processResponse($lR, $Vp, $OV, $xb, $ns, $XS);
s6v:
if (!$W9) {
goto x8J;
}
goto WfP;
x8J:
BpS:
}
WfP:
snJ:
if (empty($yh)) {
goto zti;
}
$cs = $yh["Certificates"][0];
goto XpB;
zti:
$cs = $OV["Certificates"][0];
XpB:
if ($W9) {
goto pbQ;
}
if ($XS == "testValidate" or $XS == "testNewCertificate") {
goto R5i;
}
wp_die("We could not sign you in. Please contact your Administrator", "Error :Certificate not found");
goto rT_;
R5i:
$W_ = mo_options_error_constants::Error_wrong_certificate;
$FQ = mo_options_error_constants::Cause_wrong_certificate;
$N2 = "-----BEGIN CERTIFICATE-----<br>" . chunk_split($cs, 64) . "<br>-----END CERTIFICATE-----";
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>\xd\xa <div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Unable to find a certificate matching the configured fingerprint.</p>
\xa <p>Please contact your administrator and report the following error:</p>
<p><strong>Possible Cause: </strong>'X.509 Certificate' field in plugin does not match the certificate found in SAML Response.</p>
\xa <p><strong>Certificate found in SAML Response: </strong><font face="Courier New"><br><br>" . $N2 . "</p></font>\xd
<p><strong>Solution: </strong></p>
\xa <ol>\xd
<li>Copy paste the certificate provided above in X509 Certificate under Service Provider Setup tab.</li>\xd
<li>If issue persists disable <b>Character encoding</b> under Service Provder Setup tab.</li>\xd\xa </ol>\xd\xa </div>\xd\xa <div style="margin:3%;display:block;text-align:center;">\xd\xa <div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
mo_saml_download_logs($W_, $FQ);
exit;
rT_:
pbQ:
$xF = get_site_option("saml_issuer");
$VQ = get_site_option("mo_saml_sp_entity_id");
if (!empty($VQ)) {
goto fUM;
}
$VQ = $fs . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
fUM:
Utilities::validateIssuerAndAudience($xb, $VQ, $xF, $XS);
$KL = current(current($xb->getAssertions())->getNameId());
$xx = current($xb->getAssertions())->getAttributes();
$xx["NameID"] = array("0" => $KL);
$x5 = current($xb->getAssertions())->getSessionIndex();
mo_saml_checkMapping($xx, $XS, $x5);
goto giB;
UtK:
if (empty($_REQUEST["RelayState"])) {
goto G6G;
}
$Gx = $_REQUEST["RelayState"];
G6G:
if (!is_user_logged_in()) {
goto Iyl;
}
wp_destroy_current_session();
wp_clear_auth_cookie();
wp_set_current_user(0);
Iyl:
if (empty($Gx)) {
goto iTD;
}
$Gx = mo_saml_parse_url($Gx);
goto wCP;
iTD:
$Gx = $fs;
wCP:
do_action("mo_saml_sp_initiated_slo_pre_redirect", $Gx);
header("Location:" . $Gx);
exit;
giB:
P78:
if (!(array_key_exists("SAMLRequest", $_REQUEST) && !empty($_REQUEST["SAMLRequest"]))) {
goto X0z;
}
$mb = $_REQUEST["SAMLRequest"];
$XS = "/";
if (!array_key_exists("RelayState", $_REQUEST)) {
goto hvY;
}
$XS = $_REQUEST["RelayState"];
hvY:
$mb = base64_decode($mb);
if (!(array_key_exists("SAMLRequest", $_GET) && !empty($_GET["SAMLRequest"]))) {
goto c75;
}
$mb = gzinflate($mb);
c75:
$G7 = new DOMDocument();
$G7->loadXML($mb);
$D5 = $G7->firstChild;
if (!($D5->localName == "LogoutRequest")) {
goto T6P;
}
$ET = new SAML2_LogoutRequest($D5);
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto R2n;
}
session_start();
R2n:
$_SESSION["mo_saml_logout_request"] = $mb;
$_SESSION["mo_saml_logout_relay_state"] = $XS;
wp_redirect(htmlspecialchars_decode(wp_logout_url()));
exit;
T6P:
X0z:
}
function mo_saml_is_subdomain($gd, $t6)
{
$oC = substr($gd, strpos($gd, ".") + 1);
if ($oC === $t6) {
goto Fh1;
}
return false;
goto rTU;
Fh1:
return true;
rTU:
}
function mo_saml_relaystate_url($XS)
{
$jt = parse_url($XS, PHP_URL_SCHEME);
$XS = str_replace($jt . "://", '', $XS);
return $XS;
}
function mo_saml_hash_relaystate($XS)
{
$jt = parse_url($XS, PHP_URL_SCHEME);
$XS = str_replace($jt . "://", '', $XS);
$XS = base64_encode($XS);
$uG = cdjsurkhh($XS);
$XS = $XS . "." . $uG;
return $XS;
}
function mo_saml_get_relaystate($XS)
{
if (!filter_var($XS, FILTER_VALIDATE_URL)) {
goto fNh;
}
return $XS;
fNh:
$l_ = strpos($XS, ".");
if ($l_) {
goto Nrp;
}
wp_die("An error occured. Please contact your administrator.", "Error : Not a trusted source of the SAML response");
exit;
Nrp:
$Gx = substr($XS, 0, $l_);
$DL = substr($XS, $l_ + 1);
$OZ = cdjsurkhh($Gx);
if (!($DL !== $OZ)) {
goto NXa;
}
wp_die("An error occured. Please contact your administrator.", "Error : Not a trusted source of the SAML response");
exit;
NXa:
$Gx = base64_decode($Gx);
return $Gx;
}
function cdjsurkhh($D6)
{
$uG = hash("sha512", $D6);
$Oj = substr($uG, 7, 14);
return $Oj;
}
function mo_saml_parse_url($XS)
{
if (!($XS != "testValidate" && $XS != "testNewCertificate")) {
goto qTG;
}
$fs = get_site_option("mo_saml_sp_base_url");
if (!empty($fs)) {
goto jce;
}
$fs = get_network_site_url();
jce:
$jt = parse_url($fs, PHP_URL_SCHEME);
if (filter_var($XS, FILTER_VALIDATE_URL)) {
goto JLN;
}
$XS = $jt . "://" . $XS;
JLN:
qTG:
return $XS;
}
function mo_saml_is_subsite($XS)
{
$Qu = parse_url($XS, PHP_URL_HOST);
$qL = parse_url($XS, PHP_URL_PATH);
if (is_subdomain_install()) {
goto dLK;
}
$go = strpos($qL, "/", 1) != false ? strpos($qL, "/", 1) : strlen($qL) - 1;
$qL = substr($qL, 0, $go + 1);
$blog_id = get_blog_id_from_url($Qu, $qL);
goto cKJ;
dLK:
$blog_id = get_blog_id_from_url($Qu);
cKJ:
if ($blog_id !== 0) {
goto qh_;
}
return false;
goto TkJ;
qh_:
return true;
TkJ:
}
function mo_saml_show_SAML_log($D5, $CL)
{
header("Content-Type: text/html");
$Hy = new DOMDocument();
$Hy->preserveWhiteSpace = false;
$Hy->formatOutput = true;
$Hy->loadXML($D5);
if ($CL == "displaySAMLRequest") {
goto YRA;
}
$BJ = "SAML Response";
goto N1P;
YRA:
$BJ = "SAML Request";
N1P:
$Ia = $Hy->saveXML();
$tG = htmlentities($Ia);
$tG = rtrim($tG);
$RO = simplexml_load_string($Ia);
$Mr = json_encode($RO);
$w6 = json_decode($Mr);
$qp = plugins_url("includes/css/style_settings.css?ver=4.8.40", __FILE__);
echo "<link rel='stylesheet' id='mo_saml_admin_settings_style-css' href='" . $qp . "' type='text/css' media='all' />
\xd\xa<div class="mo-display-logs" ><p type="text" id="SAML_type">" . $BJ . "</p></div>
\xa\xd
<div type="text" id="SAML_display" class="mo-display-block"><pre class='brush: xml;'>" . $tG . "</pre></div>\xd
<br>
<div\x9 style="margin:3%;display:block;text-align:center;">\xd
\xd
<div style="margin:3%;display:block;text-align:center;" >
\xd
</div>
<button id="copy" onclick="copyDivToClipboard()" style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;" >Copy</button>
\xa
\xa<input id="dwn-btn" style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Download"
\xa">\xd
</div>
\xa</div>\xd\xa\xd\xa\xd
";
ob_end_flush();
echo "\xd
<script>\xd\xa\xd\xafunction copyDivToClipboard() {\xd
var aux = document.createElement("input");\xd\xaaux.setAttribute("value", document.getElementById("SAML_display").textContent);\xd
document.body.appendChild(aux);\xd\xaaux.select();
document.execCommand("copy");
\xadocument.body.removeChild(aux);\xd\xadocument.getElementById('copy').textContent = "Copied";\xd
document.getElementById('copy').style.background = "grey";
window.getSelection().selectAllChildren( document.getElementById( "SAML_display" ) );
\xa
}\xd
function download(filename, text) {\xd
var element = document.createElement('a');\xd
element.setAttribute('href', 'data:Application/octet-stream;charset=utf-8,' + encodeURIComponent(text));
element.setAttribute('download', filename);\xd\xa
\xaelement.style.display = 'none';\xd\xadocument.body.appendChild(element);
\xa\xd
element.click();
\xa
\xadocument.body.removeChild(element);
}
\xa
document.getElementById("dwn-btn").addEventListener("click", function () {\xd
\xd\xavar filename = document.getElementById("SAML_type").textContent+".xml";
var node = document.getElementById("SAML_display");
htmlContent = node.innerHTML;\xd\xatext = node.textContent;
\xadownload(filename, text);
}, false);\xd
\xd
</script>
";
exit;
}
function mo_saml_checkMapping($xx, $XS, $x5)
{
try {
$gR = get_site_option("saml_am_email");
$O_ = get_site_option("saml_am_username");
$h0 = get_site_option("saml_am_first_name");
$g9 = get_site_option("saml_am_last_name");
$vX = get_site_option("saml_am_group_name");
$ca = array();
$ca = maybe_unserialize(get_site_option("saml_am_role_mapping"));
$bo = get_site_option("saml_am_account_matcher");
$Un = '';
$tW = '';
if (empty($xx)) {
goto mNZ;
}
if (!empty($h0) && !empty($xx[$h0])) {
goto TlJ;
}
$h0 = '';
goto FgT;
TlJ:
$h0 = $xx[$h0][0];
FgT:
if (!empty($g9) && !empty($xx[$g9])) {
goto pE1;
}
$g9 = '';
goto Wos;
pE1:
$g9 = $xx[$g9][0];
Wos:
if (!empty($O_) && !empty($xx[$O_])) {
goto gh6;
}
$tW = $xx["NameID"][0];
goto cIz;
gh6:
$tW = $xx[$O_][0];
cIz:
if (!empty($gR) && !empty($xx[$gR])) {
goto SQg;
}
$Un = $xx["NameID"][0];
goto sF3;
SQg:
$Un = $xx[$gR][0];
sF3:
if (!empty($vX) && !empty($xx[$vX])) {
goto RKt;
}
$vX = array();
goto AQd;
RKt:
$vX = $xx[$vX];
AQd:
if (!empty($bo)) {
goto d3c;
}
$bo = "email";
d3c:
mNZ:
if ($XS == "testValidate") {
goto Wt1;
}
if ($XS == "testNewCertificate") {
goto wlC;
}
mo_saml_login_user($Un, $h0, $g9, $tW, $vX, $ca, $XS, $bo, $x5, $xx["NameID"][0], $xx);
goto gRz;
Wt1:
if (Mo_License_Service::is_customer_license_valid()) {
goto XKh;
}
Utilities::mo_saml_display_end_user_error_message_with_code("WPSAMLERR029");
XKh:
update_site_option("mo_saml_test", "Test Successful");
mo_saml_show_test_result($h0, $g9, $Un, $vX, $xx, $XS);
goto gRz;
wlC:
if (Mo_License_Service::is_customer_license_valid()) {
goto ELN;
}
Utilities::mo_saml_display_end_user_error_message_with_code("WPSAMLERR029");
ELN:
update_site_option("mo_saml_test_new_cert", "Test successful");
mo_saml_show_test_result($h0, $g9, $Un, $vX, $xx, $XS);
gRz:
} catch (Exception $XJ) {
echo sprintf("An error occurred while processing the SAML Response.");
exit;
}
}
function mo_saml_show_test_result($h0, $g9, $Un, $vX, $xx, $XS)
{
echo "<div style="font-family:Calibri;padding:0 3%;">";
if (!empty($Un)) {
goto Ae4;
}
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;">TEST FAILED</div>
<div style="color: #a94442;font-size:14pt; margin-bottom:20px;">WARNING: Some Attributes Did Not Match.</div>
\xa <div style="display:block;text-align:center;margin-bottom:4%;"><img style="width:15%;"src="" . plugin_dir_url(__FILE__) . "images/wrong.png"></div>";
goto WXO;
Ae4:
update_site_option("mo_saml_test_config_attrs", $xx);
echo "<div style="color: #3c763d;
\xa background-color: #dff0d8; padding:2%;margin-bottom:20px;text-align:center; border:1px solid #AEDB9A; font-size:18pt;">TEST SUCCESSFUL</div>\xd
<div style="display:block;text-align:center;margin-bottom:4%;"><img style="width:15%;"src="" . plugin_dir_url(__FILE__) . "images/green_check.png"></div>";
WXO:
$UW = $XS == "testNewCertificate" ? "display:none" : '';
$jE = get_site_option("saml_am_account_matcher") ? get_site_option("saml_am_account_matcher") : "email";
if (!($jE == "email" && !filter_var($xx["NameID"][0], FILTER_VALIDATE_EMAIL))) {
goto YD9;
}
echo "<p><font color="#FF0000" style="font-size:14pt">(Warning: The NameID value is not a valid Email ID)</font></p>";
YD9:
echo "<span style="font-size:14pt;"><b>Hello</b>, " . $Un . "</span><br/><p style="font-weight:bold;font-size:14pt;margin-left:1%;">ATTRIBUTES RECEIVED:</p>\xd
<table style="border-collapse:collapse;border-spacing:0; display:table;width:100%; font-size:14pt;background-color:#EDEDED;">\xd\xa <tr style="text-align:center;"><td style="font-weight:bold;border:2px solid #949090;padding:2%;">ATTRIBUTE NAME</td><td style="font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;">ATTRIBUTE VALUE</td></tr>";
if (!empty($xx)) {
goto OAj;
}
echo "No Attributes Received.";
goto KnP;
OAj:
foreach ($xx as $ns => $Hr) {
echo "<tr><td style='font-weight:bold;border:2px solid #949090;padding:2%;'>" . $ns . "</td><td style='padding:2%;border:2px solid #949090; word-wrap:break-word;'>" . implode("<hr/>", $Hr) . "</td></tr>";
O79:
}
Zr5:
KnP:
echo "</table></div>";
echo "<div style="margin:3%;display:block;text-align:center;">
\xa <input style="padding:1%;width:250px;background: #0091CD none repeat scroll 0% 0%;
cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space:\xd
nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;" . $UW . ""\xd
type="button" value="Configure Attribute/Role Mapping" onClick="close_and_redirect();">
\xd\xa <input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>
\xa <script>
\xd
function close_and_redirect(){
\xa window.opener.redirect_to_attribute_mapping();
self.close();\xd\xa }\xd\xa
function refreshParent() {\xd\xa window.opener.location.reload();
}
</script>";
exit;
}
function mo_saml_convert_to_windows_iconv($Vp)
{
$Bl = get_site_option("mo_saml_encoding_enabled");
if (!($Bl !== "checked")) {
goto bUs;
}
return $Vp;
bUs:
return iconv("UTF-8", "CP1252//IGNORE", $Vp);
}
function mo_saml_login_user($Un, $h0, $g9, $tW, $vX, $ca, $XS, $bo, $x5 = '', $DV = '', $xx = null)
{
do_action("mo_abr_filter_login", $xx);
$tW = mo_saml_sanitize_username($tW);
if (get_site_option("mo_saml_disable_role_mapping")) {
goto eWa;
}
check_if_user_allowed_to_login_due_to_role_restriction($vX);
eWa:
$fs = get_site_option("mo_saml_sp_base_url");
mo_saml_restrict_users_based_on_domain($Un);
if (!empty($ca)) {
goto k4o;
}
$ca["DEFAULT"]["default_role"] = "subscriber";
$ca["DEFAULT"]["dont_allow_unlisted_user"] = '';
$ca["DEFAULT"]["dont_create_user"] = '';
$ca["DEFAULT"]["keep_existing_users_role"] = '';
$ca["DEFAULT"]["mo_saml_dont_allow_user_tologin_create_with_given_groups"] = '';
$ca["DEFAULT"]["mo_saml_restrict_users_with_groups"] = '';
k4o:
global $wpdb;
$T9 = get_current_blog_id();
$ai = "unchecked";
if (!empty($fs)) {
goto Usu;
}
$fs = get_network_site_url();
Usu:
if (email_exists($Un) || username_exists($tW)) {
goto aUk;
}
$Ki = Utilities::get_active_sites();
$pe = get_site_option("mo_apply_role_mapping_for_sites");
if (!get_site_option("mo_saml_disable_role_mapping")) {
goto FvS;
}
$he = wp_generate_password(12, false);
$o8 = wpmu_create_user($tW, $he, $Un);
goto vXi;
FvS:
$o8 = mo_saml_assign_roles_to_new_user($Ki, $pe, $ca, $vX, $tW, $Un);
vXi:
switch_to_blog($T9);
if (!empty($o8)) {
goto eVn;
}
if (!get_site_option("mo_saml_disable_role_mapping")) {
goto TA9;
}
wp_die("We could not sign you in. Please contact administrator", "Login Failed!");
goto Cv9;
TA9:
$XV = get_site_option("mo_saml_account_creation_disabled_msg");
if (!empty($XV)) {
goto M6K;
}
$XV = "We could not sign you in. Please contact your Administrator.";
M6K:
wp_die($XV, "Error: Not a WordPress Member");
Cv9:
eVn:
$user = get_user_by("id", $o8);
mo_saml_map_basic_attributes($user, $h0, $g9, $xx);
mo_saml_map_custom_attributes($o8, $xx);
$GK = mo_saml_get_redirect_url($fs, $XS);
do_action("miniorange_post_authenticate_user_login", $user, null, $GK, true);
mo_saml_set_auth_cookie($user, $x5, $DV, true);
do_action("mo_saml_attributes", $tW, $Un, $h0, $g9, $vX, null, true);
goto OQW;
aUk:
if (email_exists($Un)) {
goto S5_;
}
$user = get_user_by("login", $tW);
if (!(!Mo_License_Service::is_customer_license_valid() && !user_can(get_user_by("login", $tW)->ID, "manage_options"))) {
goto GcS;
}
Utilities::mo_saml_display_end_user_error_message_with_code("WPSAMLERR029");
GcS:
goto DxK;
S5_:
$user = get_user_by("email", $Un);
if (!(!Mo_License_Service::is_customer_license_valid() && !user_can(get_user_by("email", $Un)->ID, "manage_options"))) {
goto vwn;
}
Utilities::mo_saml_display_end_user_error_message_with_code("WPSAMLERR029");
vwn:
DxK:
$o8 = $user->ID;
if (!(!empty($Un) and strcasecmp($Un, $user->user_email) != 0)) {
goto n1X;
}
$o8 = wp_update_user(array("ID" => $o8, "user_email" => $Un));
n1X:
mo_saml_map_basic_attributes($user, $h0, $g9, $xx);
mo_saml_map_custom_attributes($o8, $xx);
$Ki = Utilities::get_active_sites();
$pe = get_site_option("mo_apply_role_mapping_for_sites");
if (get_site_option("mo_saml_disable_role_mapping")) {
goto a12;
}
foreach ($Ki as $blog_id) {
switch_to_blog($blog_id);
$user = get_user_by("id", $o8);
$dZ = '';
if ($pe) {
goto bvK;
}
$dZ = $blog_id;
goto hv6;
bvK:
$dZ = 0;
hv6:
if (empty($ca)) {
goto lfo;
}
if (!empty($ca[$dZ])) {
goto goJ;
}
if (!empty($ca["DEFAULT"])) {
goto B1c;
}
$qB = "subscriber";
$HT = '';
$ai = '';
$lW = '';
goto K1b;
B1c:
$qB = !empty($ca["DEFAULT"]["default_role"]) ? $ca["DEFAULT"]["default_role"] : "subscriber";
$HT = !empty($ca["DEFAULT"]["dont_allow_unlisted_user"]) ? $ca["DEFAULT"]["dont_allow_unlisted_user"] : '';
$ai = !empty($ca["DEFAULT"]["dont_create_user"]) ? $ca["DEFAULT"]["dont_create_user"] : '';
$lW = !empty($ca["DEFAULT"]["keep_existing_users_role"]) ? $ca["DEFAULT"]["keep_existing_users_role"] : '';
K1b:
goto OFv;
goJ:
$qB = !empty($ca[$dZ]["default_role"]) ? $ca[$dZ]["default_role"] : '';
$HT = !empty($ca[$dZ]["dont_allow_unlisted_user"]) ? $ca[$dZ]["dont_allow_unlisted_user"] : '';
$ai = !empty($ca[$dZ]["dont_create_user"]) ? $ca[$dZ]["dont_create_user"] : '';
$lW = !empty($ca[$dZ]["keep_existing_users_role"]) ? $ca[$dZ]["keep_existing_users_role"] : '';
OFv:
lfo:
if (!is_user_member_of_blog($o8, $blog_id)) {
goto T1S;
}
if (!empty($lW) && $lW == "checked") {
goto VCL;
}
$gX = assign_roles_to_user($user, $ca, $blog_id, $vX, $dZ);
goto Uk2;
VCL:
$gX = false;
Uk2:
if (is_administrator_user($user)) {
goto kqR;
}
if (!empty($lW) && $lW == "checked") {
goto v9S;
}
if ($gX !== true && !empty($HT) && $HT == "checked") {
goto PtN;
}
if ($gX !== true && !empty($qB) && $qB !== "false") {
goto MD_;
}
if ($gX !== true && is_user_member_of_blog($o8, $blog_id)) {
goto I0f;
}
goto A3D;
v9S:
goto A3D;
PtN:
$o8 = wp_update_user(array("ID" => $o8, "role" => false));
goto A3D;
MD_:
$o8 = wp_update_user(array("ID" => $o8, "role" => $qB));
goto A3D;
I0f:
$Vd = get_site_option("default_role");
$o8 = wp_update_user(array("ID" => $o8, "role" => $Vd));
A3D:
kqR:
goto DTp;
T1S:
$XL = TRUE;
$rw = get_site_option("saml_sso_settings");
if (!empty($rw[$blog_id])) {
goto cvv;
}
$rw[$blog_id] = $rw["DEFAULT"];
cvv:
if (empty($ca)) {
goto KuW;
}
if (!empty($ca[$dZ])) {
goto b1n;
}
if (empty($ca["DEFAULT"])) {
goto CVd;
}
$Rh = get_saml_roles_to_assign($ca, $dZ, $vX);
if (!(empty($Rh) && strcmp($ca["DEFAULT"]["dont_create_user"], "checked") == 0)) {
goto aEv;
}
$XL = FALSE;
aEv:
CVd:
goto p33;
b1n:
$Rh = get_saml_roles_to_assign($ca, $dZ, $vX);
if (!(empty($Rh) && strcmp($ca[$dZ]["dont_create_user"], "checked") == 0)) {
goto d7v;
}
$XL = FALSE;
d7v:
p33:
KuW:
if (!$XL) {
goto Zc1;
}
add_user_to_blog($blog_id, $o8, false);
$gX = assign_roles_to_user($user, $ca, $blog_id, $vX, $dZ);
if ($gX !== true && !empty($HT) && $HT == "checked") {
goto Jak;
}
if ($gX !== true && !empty($qB) && $qB !== "false") {
goto H9h;
}
if ($gX !== true) {
goto Li0;
}
goto oOB;
Jak:
$o8 = wp_update_user(array("ID" => $o8, "role" => false));
goto oOB;
H9h:
$o8 = wp_update_user(array("ID" => $o8, "role" => $qB));
goto oOB;
Li0:
$Vd = get_site_option("default_role");
$o8 = wp_update_user(array("ID" => $o8, "role" => $Vd));
oOB:
Zc1:
DTp:
FMk:
}
jxF:
a12:
switch_to_blog($T9);
if ($o8) {
goto suS;
}
wp_die("Invalid user. Please try again.");
suS:
$user = get_user_by("id", $o8);
mo_saml_set_auth_cookie($user, $x5, $DV, true);
do_action("mo_saml_attributes", $tW, $Un, $h0, $g9, $vX);
OQW:
mo_saml_post_login_redirection($fs, $XS);
}
function mo_saml_add_user_to_blog($Un, $tW, $blog_id = 0)
{
if (email_exists($Un)) {
goto i59;
}
if (!empty($tW)) {
goto QR0;
}
$o8 = mo_saml_create_user($Un, $Un, $blog_id);
goto SRq;
QR0:
$o8 = mo_saml_create_user($tW, $Un, $blog_id);
SRq:
goto Fwx;
i59:
$user = get_user_by("email", $Un);
$o8 = $user->ID;
if (empty($blog_id)) {
goto l6S;
}
add_user_to_blog($blog_id, $o8, false);
l6S:
Fwx:
return $o8;
}
function mo_saml_create_user($tW, $Un, $blog_id)
{
$F0 = wp_generate_password(10, false);
if (username_exists($tW)) {
goto qgN;
}
$o8 = wp_create_user($tW, $F0, $Un);
goto VcY;
qgN:
$user = get_user_by("login", $tW);
$o8 = $user->ID;
if (!$blog_id) {
goto T_a;
}
add_user_to_blog($blog_id, $o8, false);
T_a:
VcY:
if (!is_wp_error($o8)) {
goto fEJ;
}
if (empty($tW)) {
goto giT;
}
if (strlen($tW) > 60) {
goto iYA;
}
wp_die("We couldn't sign you in. Please contact your administrator", "Error: User Creation Failed");
goto LWJ;
iYA:
wp_die("We couldn't sign you in. Please contact your administrator", "Error: Username length limit exceeded");
LWJ:
goto Ltm;
giT:
wp_die("We couldn't sign you in. Please contact your administrator", "Error: Username Empty");
Ltm:
fEJ:
return $o8;
}
function mo_saml_assign_roles_to_new_user($Ki, $pe, $ca, $vX, $tW, $Un)
{
global $wpdb;
$user = NULL;
$Yc = false;
foreach ($Ki as $blog_id) {
$ly = TRUE;
$dZ = '';
if ($pe) {
goto kKU;
}
$dZ = $blog_id;
goto bPO;
kKU:
$dZ = 0;
bPO:
$rw = maybe_unserialize(get_site_option("saml_sso_settings"));
if (!empty($rw["DEFAULT"])) {
goto maS;
}
$rw["DEFAULT"] = array();
maS:
if (!empty($rw[$blog_id])) {
goto Pgq;
}
$rw[$blog_id] = $rw["DEFAULT"];
Pgq:
if (empty($ca)) {
goto wZr;
}
if (!empty($ca[$dZ])) {
goto buD;
}
if (!empty($ca["DEFAULT"])) {
goto hmx;
}
$qB = "subscriber";
$HT = '';
$lW = '';
$Rh = '';
goto HJ3;
hmx:
$qB = !empty($ca["DEFAULT"]["default_role"]) ? $ca["DEFAULT"]["default_role"] : '';
$HT = !empty($ca["DEFAULT"]["dont_allow_unlisted_user"]) ? $ca["DEFAULT"]["dont_allow_unlisted_user"] : '';
$lW = array_key_exists("keep_existing_users_role", $ca["DEFAULT"]) ? $ca["DEFAULT"]["keep_existing_users_role"] : '';
$Rh = get_saml_roles_to_assign($ca, $dZ, $vX);
if (!(empty($Rh) && strcmp($ca["DEFAULT"]["dont_create_user"], "checked") == 0)) {
goto XfV;
}
$ly = FALSE;
XfV:
HJ3:
goto i31;
buD:
$qB = !empty($ca[$dZ]["default_role"]) ? $ca[$dZ]["default_role"] : '';
$HT = !empty($ca[$dZ]["dont_allow_unlisted_user"]) ? $ca[$dZ]["dont_allow_unlisted_user"] : '';
$lW = !empty($ca[$dZ]["keep_existing_users_role"]) ? $ca[$dZ]["keep_existing_users_role"] : '';
$Rh = get_saml_roles_to_assign($ca, $dZ, $vX);
if (!(empty($Rh) && strcmp($ca[$dZ]["dont_create_user"], "checked") == 0)) {
goto jY5;
}
$ly = FALSE;
jY5:
i31:
wZr:
if (!$ly) {
goto hm9;
}
$o8 = NULL;
switch_to_blog($blog_id);
$o8 = mo_saml_add_user_to_blog($Un, $tW, $blog_id);
$user = get_user_by("id", $o8);
$gX = assign_roles_to_user($user, $ca, $blog_id, $vX, $dZ);
if ($gX !== true && !empty($HT) && $HT == "checked") {
goto fZi;
}
if ($gX !== true && !empty($qB) && $qB !== "false") {
goto gho;
}
if ($gX !== true) {
goto o33;
}
goto Vhq;
fZi:
$o8 = wp_update_user(array("ID" => $o8, "role" => false));
goto Vhq;
gho:
$o8 = wp_update_user(array("ID" => $o8, "role" => $qB));
goto Vhq;
o33:
$Vd = get_site_option("default_role");
$o8 = wp_update_user(array("ID" => $o8, "role" => $Vd));
Vhq:
$Pe = $user->{$wpdb->prefix . "capabilities"};
if (!empty($wp_roles)) {
goto MSl;
}
$wp_roles = new WP_Roles($dZ);
MSl:
hm9:
LkI:
}
rLz:
if (!empty($user)) {
goto Wz1;
}
return;
goto KlF;
Wz1:
return $user->ID;
KlF:
}
function mo_saml_sanitize_username($tW)
{
$q7 = sanitize_user($tW, true);
$hy = apply_filters("pre_user_login", $q7);
$tW = trim($hy);
return $tW;
}
function mo_saml_map_basic_attributes($user, $h0, $g9, $xx)
{
$o8 = $user->ID;
if (empty($h0)) {
goto uQj;
}
$o8 = wp_update_user(array("ID" => $o8, "first_name" => $h0));
uQj:
if (empty($g9)) {
goto PqI;
}
$o8 = wp_update_user(array("ID" => $o8, "last_name" => $g9));
PqI:
if (is_null($xx)) {
goto dFJ;
}
update_user_meta($o8, "mo_saml_user_attributes", $xx);
$hQ = get_site_option("saml_am_display_name");
if (empty($hQ)) {
goto zPh;
}
if (strcmp($hQ, "USERNAME") == 0) {
goto snG;
}
if (strcmp($hQ, "FNAME") == 0 && !empty($h0)) {
goto DzR;
}
if (strcmp($hQ, "LNAME") == 0 && !empty($g9)) {
goto LNJ;
}
if (strcmp($hQ, "FNAME_LNAME") == 0 && !empty($g9) && !empty($h0)) {
goto dGf;
}
if (!(strcmp($hQ, "LNAME_FNAME") == 0 && !empty($g9) && !empty($h0))) {
goto a7d;
}
$o8 = wp_update_user(array("ID" => $o8, "display_name" => $g9 . " " . $h0));
a7d:
goto dwC;
dGf:
$o8 = wp_update_user(array("ID" => $o8, "display_name" => $h0 . " " . $g9));
dwC:
goto SNT;
LNJ:
$o8 = wp_update_user(array("ID" => $o8, "display_name" => $g9));
SNT:
goto W5K;
DzR:
$o8 = wp_update_user(array("ID" => $o8, "display_name" => $h0));
W5K:
goto zh8;
snG:
$o8 = wp_update_user(array("ID" => $o8, "display_name" => $user->user_login));
zh8:
zPh:
dFJ:
}
function mo_saml_map_custom_attributes($o8, $xx)
{
if (!get_site_option("mo_saml_custom_attrs_mapping")) {
goto cI5;
}
$kS = maybe_unserialize(get_site_option("mo_saml_custom_attrs_mapping"));
foreach ($kS as $ns => $Hr) {
if (empty($xx[$Hr])) {
goto GBa;
}
$Hx = false;
if (!(count($xx[$Hr]) == 1)) {
goto OGr;
}
$Hx = true;
OGr:
if (!$Hx) {
goto ZyL;
}
update_user_meta($o8, $ns, $xx[$Hr][0]);
goto Zpw;
ZyL:
$QD = array();
foreach ($xx[$Hr] as $ux) {
array_push($QD, $ux);
W2A:
}
hOx:
update_user_meta($o8, $ns, $QD);
Zpw:
GBa:
udh:
}
zfY:
cI5:
}
function mo_saml_restrict_users_based_on_domain($Un)
{
$oq = get_site_option("mo_saml_enable_domain_restriction_login");
if (!$oq) {
goto Tuo;
}
$ep = get_site_option("saml_am_email_domains");
$VA = explode(";", $ep);
$cu = explode("@", $Un);
$EV = !empty($cu[1]) ? $cu[1] : '';
$JN = get_site_option("mo_saml_allow_deny_user_with_domain");
$XV = get_site_option("mo_saml_restricted_domain_error_msg");
if (!empty($XV)) {
goto Y5F;
}
$XV = "You are not allowed to login. Please contact your Administrator.";
Y5F:
if (!empty($JN) && $JN == "deny") {
goto fD3;
}
if (Utilities::mo_saml_in_array($EV, $VA)) {
goto cns;
}
wp_die($XV, "Permission Denied Error - 2");
cns:
goto ePr;
fD3:
if (!Utilities::mo_saml_in_array($EV, $VA)) {
goto JWj;
}
wp_die($XV, "Permission Denied Error - 1");
JWj:
ePr:
Tuo:
}
function mo_saml_set_auth_cookie($user, $x5, $DV, $eG)
{
$o8 = $user->ID;
do_action("wp_login", $user->user_login, $user);
if (empty($x5)) {
goto hUl;
}
update_user_meta($o8, "mo_saml_session_index", $x5);
hUl:
if (empty($DV)) {
goto aOg;
}
update_user_meta($o8, "mo_saml_name_id", $DV);
aOg:
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto M3F;
}
session_start();
M3F:
$_SESSION["mo_saml"]["logged_in_with_idp"] = TRUE;
update_user_meta($o8, "mo_saml_idp_login", "true");
wp_set_current_user($o8);
$iD = false;
$iD = apply_filters("mo_remember_me", $iD);
wp_set_auth_cookie($o8, $iD);
if (!$eG) {
goto bI8;
}
do_action("user_register", $o8);
bI8:
}
function mo_saml_post_login_redirection($fs, $XS)
{
$CR = mo_saml_get_redirect_url($fs, $XS);
wp_redirect($CR);
exit;
}
function mo_saml_get_redirect_url($fs, $XS)
{
$GK = '';
$rw = get_site_option("saml_sso_settings");
$GW = get_current_blog_id();
if (!(empty($rw[$GW]) && !empty($rw["DEFAULT"]))) {
goto ceD;
}
$rw[$GW] = $rw["DEFAULT"];
ceD:
$Yu = !empty($rw[$GW]["mo_saml_relay_state"]) ? $rw[$GW]["mo_saml_relay_state"] : '';
if (!empty($Yu)) {
goto aZw;
}
if (!empty($XS)) {
goto Qu0;
}
$GK = $fs;
goto eKU;
Qu0:
$GK = $XS;
eKU:
goto hfv;
aZw:
$GK = $Yu;
hfv:
return $GK;
}
function check_if_user_allowed_to_login_due_to_role_restriction($vX)
{
$ca = maybe_unserialize(get_site_option("saml_am_role_mapping"));
$Ki = Utilities::get_active_sites();
$pe = get_site_option("mo_apply_role_mapping_for_sites");
if ($ca) {
goto Lo8;
}
$ca = array();
Lo8:
if (!empty($ca["DEFAULT"])) {
goto aKv;
}
$ca["DEFAULT"] = array();
aKv:
foreach ($Ki as $blog_id) {
if ($pe) {
goto YEc;
}
$dZ = $blog_id;
goto rSw;
YEc:
$dZ = 0;
rSw:
if (!empty($ca[$dZ])) {
goto L2n;
}
$n3 = $ca["DEFAULT"];
goto wkc;
L2n:
$n3 = $ca[$dZ];
wkc:
if (empty($n3)) {
goto qsY;
}
$NJ = !empty($n3["mo_saml_dont_allow_user_tologin_create_with_given_groups"]) ? $n3["mo_saml_dont_allow_user_tologin_create_with_given_groups"] : '';
if (!($NJ == "checked")) {
goto Hh2;
}
if (empty($vX)) {
goto sYR;
}
$oy = $n3["mo_saml_restrict_users_with_groups"];
$Sx = explode(";", $oy);
foreach ($Sx as $uq) {
foreach ($vX as $At) {
$At = trim($At);
if (!(!empty($At) && $At == $uq)) {
goto B1h;
}
wp_die("You are not authorized to login. Please contact your administrator.", "Error");
B1h:
EiD:
}
bus:
Nuz:
}
kud:
sYR:
Hh2:
qsY:
B0B:
}
b6_:
}
function assign_roles_to_user($user, $ca, $blog_id, $vX, $dZ)
{
$gX = false;
if (!(!empty($vX) && !empty($ca) && !is_administrator_user($user) && is_user_member_of_blog($user->ID, $blog_id))) {
goto snn;
}
if (!empty($ca[$dZ])) {
goto QX8;
}
if (empty($ca["DEFAULT"])) {
goto WTh;
}
$n3 = $ca["DEFAULT"];
WTh:
goto ycC;
QX8:
$n3 = $ca[$dZ];
ycC:
if (empty($n3)) {
goto IUM;
}
$user->set_role(false);
$dy = '';
$MN = false;
unset($n3["default_role"]);
unset($n3["dont_create_user"]);
unset($n3["dont_allow_unlisted_user"]);
unset($n3["keep_existing_users_role"]);
unset($n3["mo_saml_dont_allow_user_tologin_create_with_given_groups"]);
unset($n3["mo_saml_restrict_users_with_groups"]);
foreach ($n3 as $WN => $GB) {
$Sx = explode(";", $GB);
foreach ($Sx as $uq) {
if (!(!empty($uq) && Utilities::mo_saml_in_array($uq, $vX))) {
goto gVs;
}
$gX = true;
$user->add_role($WN);
gVs:
dEr:
}
WS7:
T33:
}
i_p:
IUM:
snn:
$s7 = get_site_option("mo_saml_super_admin_role_mapping");
$pj = array();
if (empty($s7)) {
goto mEO;
}
$pj = explode(";", $s7);
mEO:
if (!(!empty($vX) && !empty($pj))) {
goto yWW;
}
foreach ($pj as $uq) {
if (!Utilities::mo_saml_in_array($uq, $vX)) {
goto dhk;
}
grant_super_admin($user->ID);
dhk:
xUu:
}
yq9:
yWW:
return $gX;
}
function get_saml_roles_to_assign($ca, $blog_id, $vX)
{
$Rh = array();
if (!(!empty($vX) && !empty($ca))) {
goto KiR;
}
if (!empty($ca[$blog_id])) {
goto UbZ;
}
if (empty($ca["DEFAULT"])) {
goto GSL;
}
$n3 = $ca["DEFAULT"];
GSL:
goto nBi;
UbZ:
$n3 = $ca[$blog_id];
nBi:
if (empty($n3)) {
goto UmX;
}
unset($n3["default_role"]);
unset($n3["dont_create_user"]);
unset($n3["dont_allow_unlisted_user"]);
unset($n3["keep_existing_users_role"]);
unset($n3["mo_saml_dont_allow_user_tologin_create_with_given_groups"]);
unset($n3["mo_saml_restrict_users_with_groups"]);
foreach ($n3 as $WN => $GB) {
$Sx = explode(";", $GB);
foreach ($Sx as $uq) {
if (!(!empty($uq) and Utilities::mo_saml_in_array($uq, $vX))) {
goto C4I;
}
array_push($Rh, $WN);
C4I:
a84:
}
ucl:
zJ9:
}
f8K:
UmX:
KiR:
return $Rh;
}
function is_administrator_user($user)
{
$xM = $user->roles;
if (!is_null($xM) && Utilities::mo_saml_in_array("administrator", $xM)) {
goto tRt;
}
return false;
goto sEq;
tRt:
return true;
sEq:
}
function mo_saml_is_customer_registered()
{
$uo = get_site_option("mo_saml_admin_email");
$AQ = get_site_option("mo_saml_admin_customer_key");
if (!$uo || !$AQ || !is_numeric(trim($AQ))) {
goto t8S;
}
return 1;
goto exi;
t8S:
return 0;
exi:
}
function mo_saml_is_customer_license_verified()
{
$ns = get_site_option("mo_saml_customer_token");
$ta = AESEncryption::decrypt_data(get_site_option("t_site_status"), $ns);
$W2 = get_site_option("sml_lk");
$uo = get_site_option("mo_saml_admin_email");
$AQ = get_site_option("mo_saml_admin_customer_key");
$O2 = AESEncryption::decrypt_data(get_site_option("no_sbs"), $ns);
$XB = false;
if (!get_site_option("no_sbs")) {
goto C2n;
}
$aX = Utilities::get_sites();
$XB = $O2 < count($aX);
C2n:
if ($ta != "true" && !$W2 || !$uo || !$AQ || !is_numeric(trim($AQ)) || $XB) {
goto ZkG;
}
return 1;
goto OA3;
ZkG:
return 0;
OA3:
}
function show_status_error($Ya, $XS)
{
if ($XS == "testValidate" or $XS == "testNewCertificate") {
goto nOT;
}
wp_die("We could not sign you in. Please contact your Administrator.", "Error: Invalid SAML Response Status");
goto qqj;
nOT:
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong> Invalid SAML Response Status.</p>\xd
<p><strong>Causes</strong>: Identity Provider has sent '" . esc_html($Ya) . "' status code in SAML Response. </p>
<p><strong>Reason</strong>: " . get_status_message(esc_html($Ya)) . "</p><br>";
if (empty($YC)) {
goto MPd;
}
echo "<p><strong>Status Message in the SAML Response:</strong> <br/>" . esc_html($YC) . "</p><br>";
MPd:
echo "\xd\xa </div>\xd
\xa <div style="margin:3%;display:block;text-align:center;">
\xa <div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
exit;
qqj:
}
function addLink($Gf, $Lb)
{
$eu = "<a href="" . $Lb . "">" . $Gf . "</a>";
return $eu;
}
function get_status_message($Ya)
{
switch ($Ya) {
case "Requester":
return "The request could not be performed due to an error on the part of the requester.";
goto Kn2;
case "Responder":
return "The request could not be performed due to an error on the part of the SAML responder or SAML authority.";
goto Kn2;
case "VersionMismatch":
return "The SAML responder could not process the request because the version of the request message was incorrect.";
goto Kn2;
default:
return "Unknown";
}
olk:
Kn2:
}
function saml_get_current_page_url()
{
$j5 = $_SERVER["HTTP_HOST"];
if (!(substr($j5, -1) == "/")) {
goto ZoP;
}
$j5 = substr($j5, 0, -1);
ZoP:
$Cg = $_SERVER["REQUEST_URI"];
if (!(substr($Cg, 0, 1) == "/")) {
goto zDl;
}
$Cg = substr($Cg, 1);
zDl:
$w5 = !empty($_SERVER["HTTPS"]) && strcasecmp($_SERVER["HTTPS"], "on") == 0;
$Gx = "http" . ($w5 ? "s" : '') . "://" . $j5 . "/" . $Cg;
return $Gx;
}
function get_network_site_url()
{
$qp = network_site_url();
if (!(substr($qp, -1) == "/")) {
goto U8W;
}
$qp = substr($qp, 0, -1);
U8W:
return $qp;
}
function get_current_base_url()
{
return sprintf("%s://%s/", !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] != "off" ? "https" : "http", $_SERVER["HTTP_HOST"]);
}
add_action("widgets_init", function () {
register_widget("mo_login_wid");
});
add_action("init", "mo_login_validate");
?>Did this file decode correctly?
Original Code
<?php
/**
* This file is a part of the miniorange-saml-20-single-sign-on plugin.
*
* @link https://plugins.miniorange.com/
* @author miniOrange
* @package miniorange-saml-20-single-sign-on
*/
include_once dirname(__FILE__) . '/Utilities.php';
include_once dirname(__FILE__) . '/Response.php';
include_once dirname(__FILE__) . '/LogoutRequest.php';
require_once dirname(__FILE__) . '/includes/lib/encryption.php';
include_once 'xmlseclibs.php';
use MOSAML\LicenseLibrary\Mo_License_Service;
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class mo_login_wid extends WP_Widget
{
public function __construct()
{
$bv = get_site_option("\163\141\155\x6c\x5f\x69\144\x65\x6e\164\x69\164\171\x5f\156\141\155\x65");
parent::__construct("\123\141\155\154\137\x4c\x6f\147\151\x6e\137\127\151\144\x67\x65\x74", "\114\x6f\147\151\156\40\167\151\164\150\40" . $bv, array("\x64\145\163\x63\x72\151\x70\164\x69\157\x6e" => __("\124\150\x69\x73\x20\x69\x73\40\141\x20\155\x69\x6e\x69\117\x72\141\156\147\145\40\x53\x41\x4d\114\x20\x6c\157\x67\151\x6e\x20\167\x69\x64\x67\x65\164\56", "\x6d\157\x73\141\x6d\x6c")));
}
public function widget($u5, $JD)
{
extract($u5);
if (empty($JD["\167\151\x64\x5f\x74\151\164\x6c\x65"])) {
goto mTA;
}
$p8 = apply_filters("\167\x69\144\x67\x65\164\137\x74\151\164\154\145", $JD["\x77\x69\144\x5f\164\x69\164\x6c\x65"]);
mTA:
echo $u5["\x62\145\146\x6f\x72\x65\x5f\167\151\x64\x67\x65\x74"];
if (empty($p8)) {
goto cOt;
}
echo $u5["\x62\145\x66\x6f\x72\x65\137\x74\x69\x74\154\145"] . $p8 . $u5["\141\146\164\x65\x72\137\164\x69\164\154\145"];
cOt:
$this->loginForm();
echo $u5["\x61\x66\164\x65\x72\137\x77\x69\x64\147\x65\164"];
}
public function update($Ns, $dr)
{
$JD = array();
$JD["\167\151\144\137\164\x69\164\x6c\145"] = strip_tags($Ns["\x77\151\144\x5f\x74\x69\164\x6c\x65"]);
return $JD;
}
public function form($JD)
{
$p8 = '';
if (empty($JD["\x77\x69\144\x5f\164\151\x74\x6c\145"])) {
goto hXl;
}
$p8 = $JD["\x77\x69\144\137\164\x69\164\x6c\145"];
hXl:
echo "\15\12\11\11\x3c\160\76\74\154\141\x62\x65\154\40\x66\157\162\x3d\42" . $this->get_field_id("\167\151\144\x5f\x74\x69\164\x6c\145") . "\x20\x22\76" . _e("\124\x69\164\x6c\x65\72") . "\40\74\57\x6c\x61\142\145\x6c\x3e\15\12\x9\11\11\74\x69\156\x70\165\164\40\x63\154\x61\x73\163\x3d\42\x77\151\144\x65\146\141\x74\42\x20\x69\x64\75\42" . $this->get_field_id("\x77\151\x64\137\x74\x69\x74\154\145") . "\x22\x20\156\141\x6d\145\x3d\x22" . $this->get_field_name("\x77\151\144\137\x74\151\164\x6c\145") . "\42\40\x74\x79\x70\x65\x3d\x22\164\x65\170\x74\x22\40\x76\x61\154\x75\145\75\x22" . $p8 . "\x22\40\57\76\xd\xa\11\11\74\x2f\x70\x3e";
}
public function loginForm()
{
global $post;
$rw = get_site_option("\x73\141\x6d\x6c\x5f\163\163\x6f\x5f\x73\x65\x74\164\x69\x6e\x67\163");
$GW = get_current_blog_id();
$rT = Utilities::get_active_sites();
if (Utilities::mo_saml_in_array($GW, $rT)) {
goto Y49;
}
return;
Y49:
if (!(empty($rw[$GW]) && !empty($rw["\104\105\x46\101\x55\x4c\x54"]))) {
goto X1q;
}
$rw[$GW] = $rw["\104\105\106\101\125\x4c\x54"];
X1q:
if (!is_user_logged_in()) {
goto nTY;
}
$current_user = wp_get_current_user();
$WL = "\x48\145\x6c\x6c\x6f\x2c";
if (empty($rw[$GW]["\155\157\137\x73\x61\x6d\154\137\x63\x75\x73\164\x6f\x6d\137\147\162\x65\145\164\151\x6e\x67\x5f\164\x65\x78\164"])) {
goto nHX;
}
$WL = $rw[$GW]["\155\157\137\x73\x61\x6d\154\x5f\143\x75\163\x74\x6f\x6d\x5f\147\162\x65\x65\164\x69\x6e\147\137\x74\x65\170\x74"];
nHX:
$Y1 = '';
if (empty($rw[$GW]["\x6d\x6f\137\163\141\x6d\x6c\137\x67\162\x65\x65\164\x69\x6e\x67\137\x6e\x61\x6d\145"])) {
goto oUV;
}
switch ($rw[$GW]["\x6d\x6f\137\x73\141\155\154\x5f\x67\x72\x65\145\164\x69\156\x67\x5f\156\x61\x6d\x65"]) {
case "\125\x53\105\x52\116\101\x4d\x45":
$Y1 = $current_user->user_login;
goto ik9;
case "\x45\x4d\101\x49\x4c":
$Y1 = $current_user->user_email;
goto ik9;
case "\106\x4e\101\x4d\x45":
$Y1 = $current_user->user_firstname;
goto ik9;
case "\114\x4e\101\x4d\105":
$Y1 = $current_user->user_lastname;
goto ik9;
case "\106\116\x41\115\105\x5f\114\116\x41\x4d\105":
$Y1 = $current_user->user_firstname . "\x20" . $current_user->user_lastname;
goto ik9;
case "\114\x4e\101\115\x45\x5f\x46\116\101\115\x45":
$Y1 = $current_user->user_lastname . "\x20" . $current_user->user_firstname;
goto ik9;
default:
$Y1 = $current_user->user_login;
}
Iui:
ik9:
oUV:
if (!empty(trim($Y1))) {
goto n47;
}
$Y1 = $current_user->user_login;
n47:
$NQ = $WL . "\x20" . $Y1;
$gl = "\114\x6f\x67\x6f\165\164";
if (empty($rw[$GW]["\155\157\x5f\x73\x61\x6d\x6c\137\143\165\x73\164\157\x6d\137\x6c\157\147\157\x75\164\137\x74\x65\x78\x74"])) {
goto JRg;
}
$gl = $rw[$GW]["\x6d\x6f\137\163\x61\155\x6c\x5f\143\165\163\x74\157\x6d\x5f\154\157\147\157\x75\x74\137\164\x65\x78\164"];
JRg:
echo $NQ . "\x20\174\x20\74\141\40\150\x72\x65\146\75\42" . wp_logout_url(home_url()) . "\x22\40\x74\151\164\154\x65\x3d\x22\x6c\157\x67\x6f\x75\164\x22\40\x3e" . $gl . "\x3c\x2f\141\x3e\74\x2f\x6c\x69\76";
goto yfZ;
nTY:
echo "\xd\xa\11\11\x9\x3c\163\143\162\151\x70\164\76\15\12\11\11\x9\x9\146\x75\156\x63\x74\x69\157\x6e\40\x73\165\142\155\x69\x74\123\x61\155\154\x46\157\x72\x6d\x28\51\x7b\x20\144\x6f\143\x75\155\145\156\x74\56\x67\x65\164\105\x6c\145\x6d\x65\x6e\x74\x42\x79\111\144\50\x22\154\x6f\x67\x69\156\x22\x29\56\163\x75\142\x6d\151\164\x28\51\73\x20\175\xd\xa\11\11\11\74\57\163\143\x72\151\x70\x74\76\xd\12\x9\11\x9\x3c\146\x6f\162\155\40\156\x61\155\x65\x3d\x22\x6c\157\147\151\156\x22\x20\x69\144\x3d\x22\154\x6f\147\x69\x6e\42\x20\x6d\145\x74\150\157\x64\75\x22\160\x6f\163\x74\x22\x20\x61\143\164\x69\157\156\75\x22\x22\x3e\15\xa\x9\11\11\x9\74\x69\x6e\160\165\x74\40\164\x79\160\145\x3d\x22\x68\x69\144\144\x65\156\42\x20\156\x61\x6d\145\x3d\x22\157\x70\164\151\x6f\x6e\x22\x20\166\141\x6c\x75\145\75\42\163\141\x6d\x6c\x5f\165\x73\145\x72\137\x6c\157\x67\x69\x6e\x22\40\57\x3e\15\xa\xd\12\11\11\11\x9\74\x66\x6f\156\x74\40\x73\x69\x7a\145\x3d\x22\53\x31\42\x20\163\x74\x79\x6c\145\75\42\x76\x65\x72\164\151\143\x61\x6c\x2d\x61\154\x69\147\156\x3a\164\x6f\x70\x3b\x22\x3e\x20\x3c\x2f\146\157\x6e\x74\x3e";
$m9 = get_site_option("\163\141\x6d\154\137\x69\144\145\x6e\164\151\x74\171\137\x6e\141\x6d\x65");
$oX = get_site_option("\x73\141\155\x6c\137\x78\65\x30\x39\137\143\145\x72\164\x69\x66\x69\x63\x61\164\x65");
if (!empty($m9) && !empty($oX)) {
goto BG8;
}
echo "\x50\x6c\145\141\x73\145\40\143\157\156\146\x69\x67\165\162\145\40\x74\150\145\x20\x6d\x69\156\151\117\x72\x61\x6e\x67\145\40\x53\101\115\x4c\40\x50\x6c\165\x67\x69\x6e\x20\x66\151\x72\163\164\x2e";
goto i6L;
BG8:
$ni = "\x4c\157\x67\x69\156\x20\167\x69\164\150\x20\x23\x23\x49\104\120\x23\43";
if (empty($rw[$GW]["\155\x6f\137\x73\141\155\x6c\137\x63\165\x73\x74\x6f\155\137\x6c\157\147\x69\x6e\137\164\x65\170\164"])) {
goto IGY;
}
$ni = $rw[$GW]["\155\x6f\x5f\x73\141\x6d\154\x5f\143\x75\x73\x74\157\x6d\x5f\154\157\147\151\156\x5f\x74\145\170\164"];
IGY:
$ni = str_replace("\43\x23\x49\x44\x50\43\43", $m9, $ni);
$Uz = false;
if (!(!empty($rw[$GW]["\x6d\157\137\163\x61\x6d\x6c\137\165\x73\x65\x5f\x62\x75\x74\164\157\156\137\x61\x73\137\x77\x69\x64\147\x65\164"]) && $rw[$GW]["\155\157\137\163\x61\x6d\x6c\x5f\x75\163\x65\x5f\142\x75\x74\164\x6f\156\137\x61\x73\137\x77\151\x64\147\x65\164"] == "\164\162\x75\145")) {
goto UY3;
}
$Uz = true;
UY3:
if (!$Uz) {
goto Vu5;
}
$TD = !empty($rw[$GW]["\155\157\x5f\x73\141\155\154\x5f\142\x75\x74\164\157\156\137\x77\151\x64\x74\150"]) ? $rw[$GW]["\x6d\157\x5f\x73\141\155\154\x5f\x62\165\x74\x74\x6f\x6e\137\x77\151\144\x74\x68"] : "\61\60\60";
$ng = !empty($rw[$GW]["\155\x6f\137\163\141\x6d\154\x5f\142\165\164\x74\x6f\156\x5f\x68\145\151\147\150\164"]) ? $rw[$GW]["\x6d\157\x5f\x73\x61\155\154\x5f\x62\165\164\164\157\x6e\137\x68\x65\x69\147\x68\x74"] : "\x35\60";
$QT = !empty($rw[$GW]["\155\x6f\137\x73\141\155\x6c\x5f\x62\x75\x74\164\x6f\156\137\163\x69\x7a\145"]) ? $rw[$GW]["\x6d\x6f\x5f\x73\141\155\154\137\x62\165\x74\164\x6f\x6e\x5f\163\x69\172\145"] : "\65\x30";
$zY = !empty($rw[$GW]["\x6d\157\137\x73\x61\x6d\x6c\137\x62\165\164\x74\157\156\137\x63\x75\x72\166\x65"]) ? $rw[$GW]["\155\x6f\x5f\x73\141\x6d\x6c\137\x62\165\x74\x74\157\x6e\137\143\165\162\x76\145"] : "\x35";
$Pm = !empty($rw[$GW]["\155\x6f\137\x73\x61\155\x6c\x5f\142\x75\x74\164\x6f\156\x5f\x63\x6f\x6c\157\x72"]) ? $rw[$GW]["\x6d\x6f\137\x73\141\x6d\154\x5f\142\x75\164\x74\157\x6e\x5f\x63\x6f\154\157\162"] : "\x30\x30\x38\x35\x62\141";
$rg = !empty($rw[$GW]["\x6d\x6f\x5f\x73\141\155\154\137\142\x75\164\164\157\x6e\x5f\x74\x68\x65\155\x65"]) ? $rw[$GW]["\x6d\157\137\x73\141\x6d\x6c\137\142\x75\164\x74\157\156\x5f\x74\x68\x65\155\145"] : "\154\157\156\x67\142\x75\x74\x74\157\x6e";
$nh = !empty($rw[$GW]["\155\x6f\137\x73\x61\155\x6c\x5f\x62\x75\x74\x74\157\x6e\137\164\x65\170\x74"]) ? $rw[$GW]["\155\x6f\x5f\x73\x61\x6d\154\137\142\x75\164\164\157\x6e\137\x74\145\x78\164"] : (get_site_option("\163\141\155\154\137\151\144\x65\x6e\x74\x69\x74\x79\x5f\x6e\141\x6d\145") ? get_site_option("\163\x61\155\154\x5f\151\x64\x65\x6e\x74\151\164\x79\x5f\x6e\141\155\x65") : "\x4c\x6f\147\151\156");
$i8 = !empty($rw[$GW]["\x6d\x6f\137\163\141\155\154\x5f\x66\157\x6e\164\137\143\x6f\x6c\157\162"]) ? $rw[$GW]["\x6d\x6f\137\163\141\155\154\137\146\157\156\x74\x5f\143\157\154\x6f\x72"] : "\x66\146\x66\x66\146\146";
$SY = !empty($rw[$GW]["\155\x6f\137\163\x61\155\154\x5f\x66\157\156\164\137\163\x69\172\x65"]) ? $rw[$GW]["\x6d\x6f\137\163\x61\x6d\154\x5f\x66\157\x6e\x74\137\163\x69\172\x65"] : "\x32\60";
$BM = !empty($rw[$GW]["\163\x73\x6f\x5f\142\165\x74\x74\x6f\x6e\137\x6c\157\147\x69\x6e\x5f\x66\157\x72\155\x5f\160\157\163\x69\164\151\157\x6e"]) ? $rw[$GW]["\163\x73\x6f\x5f\142\x75\164\x74\x6f\x6e\137\x6c\157\x67\151\156\137\146\157\162\x6d\137\160\157\x73\x69\x74\x69\157\156"] : "\141\x62\x6f\x76\x65";
$ni = "\74\x69\156\x70\x75\x74\x20\164\171\x70\145\x3d\42\x62\165\x74\164\x6f\156\x22\x20\156\x61\x6d\x65\75\42\155\x6f\x5f\x73\x61\x6d\154\137\x77\160\x5f\x73\x73\157\137\x62\165\164\x74\157\x6e\x22\40\x76\141\x6c\165\145\75\x22" . $nh . "\42\40\x73\164\x79\x6c\x65\x3d\42";
$a9 = '';
if ($rg == "\x6c\x6f\x6e\147\142\x75\x74\x74\157\156") {
goto wxk;
}
if ($rg == "\x63\x69\162\143\x6c\145") {
goto ap3;
}
if ($rg == "\157\166\141\154") {
goto EqK;
}
if ($rg == "\x73\161\165\x61\162\145") {
goto i11;
}
goto yhH;
ap3:
$a9 = $a9 . "\167\x69\x64\164\150\72" . $QT . "\x70\x78\73";
$a9 = $a9 . "\x68\x65\x69\147\x68\164\x3a" . $QT . "\160\x78\x3b";
$a9 = $a9 . "\142\157\162\144\145\x72\x2d\162\141\x64\x69\x75\x73\x3a\x39\x39\x39\x70\x78\73";
goto yhH;
EqK:
$a9 = $a9 . "\x77\151\144\x74\150\72" . $QT . "\x70\170\73";
$a9 = $a9 . "\x68\145\x69\147\x68\x74\72" . $QT . "\160\170\73";
$a9 = $a9 . "\x62\x6f\162\x64\x65\162\55\162\x61\144\151\x75\163\x3a\65\x70\x78\x3b";
goto yhH;
i11:
$a9 = $a9 . "\x77\151\x64\x74\x68\72" . $QT . "\x70\x78\x3b";
$a9 = $a9 . "\x68\145\151\x67\150\164\72" . $QT . "\160\x78\73";
$a9 = $a9 . "\142\x6f\x72\x64\x65\x72\x2d\x72\x61\144\x69\165\x73\x3a\x30\160\170\x3b";
yhH:
goto anc;
wxk:
$a9 = $a9 . "\x77\x69\x64\x74\150\x3a" . $TD . "\160\x78\x3b";
$a9 = $a9 . "\150\x65\151\147\150\x74\x3a" . $ng . "\x70\170\x3b";
$a9 = $a9 . "\142\157\x72\144\x65\x72\x2d\162\x61\x64\151\x75\163\72" . $zY . "\160\x78\73";
anc:
$a9 = $a9 . "\x62\x61\143\x6b\x67\162\x6f\x75\156\144\x2d\143\157\x6c\x6f\x72\x3a\43" . $Pm . "\73";
$a9 = $a9 . "\142\157\x72\x64\x65\162\x2d\143\x6f\154\x6f\162\72\x74\162\141\156\163\x70\141\x72\145\156\x74\73";
$a9 = $a9 . "\143\157\x6c\x6f\x72\72\x23" . $i8 . "\x3b";
$a9 = $a9 . "\146\x6f\156\164\x2d\163\151\172\145\x3a" . $SY . "\160\170\73";
$a9 = $a9 . "\160\141\x64\x64\151\156\147\72\x30\160\170\73";
$ni = $ni . $a9 . "\x22\x2f\x3e";
Vu5:
echo "\40\74\x61\x20\150\162\x65\146\75\x22\43\42\40\157\156\x43\154\x69\143\153\x3d\42\x73\x75\x62\155\151\164\123\141\x6d\154\106\157\x72\x6d\50\51\42\x3e";
echo $ni;
echo "\74\57\x61\76\74\57\146\x6f\162\x6d\x3e\40";
i6L:
if (empty(get_site_option("\x6d\x6f\137\163\x61\155\154\x5f\x72\x65\x64\151\x72\x65\143\164\x5f\x65\162\x72\x6f\x72\137\143\157\x64\145"))) {
goto JsX;
}
echo "\x3c\144\151\166\x3e\74\x2f\x64\151\166\x3e\x3c\144\x69\x76\40\164\x69\164\x6c\145\75\42\114\157\x67\151\x6e\40\x45\x72\162\157\162\x22\x3e\74\146\x6f\156\x74\40\143\157\x6c\x6f\162\75\x22\x72\145\x64\42\x3e\127\145\40\x63\157\165\154\144\x20\x6e\157\x74\x20\x73\151\147\x6e\x20\x79\x6f\165\40\151\156\x2e\40\120\154\x65\141\163\145\x20\x63\157\x6e\x74\x61\143\x74\x20\171\x6f\x75\x72\x20\x41\x64\155\151\156\x69\x73\164\x72\141\x74\157\162\56\74\57\x66\x6f\156\164\76\x3c\x2f\144\151\166\76";
delete_site_option("\x6d\157\137\x73\141\x6d\x6c\x5f\162\145\x64\151\162\145\143\x74\137\x65\162\162\x6f\162\x5f\143\157\x64\145");
delete_site_option("\155\157\x5f\163\141\155\x6c\137\x72\x65\144\151\162\145\143\164\137\x65\162\x72\x6f\162\137\162\145\141\163\x6f\156");
JsX:
echo "\74\x61\40\150\162\x65\x66\x3d\42\x68\164\164\x70\x3a\57\x2f\155\151\x6e\x69\157\x72\141\x6e\x67\145\56\143\x6f\155\x2f\167\x6f\x72\144\x70\x72\x65\163\x73\55\x6c\144\141\x70\55\x6c\x6f\x67\x69\x6e\42\40\163\x74\x79\x6c\x65\75\x22\144\151\163\160\x6c\141\x79\72\156\x6f\x6e\145\42\x3e\114\157\x67\x69\156\x20\x74\157\x20\x57\157\x72\144\120\162\x65\163\163\x20\165\163\x69\x6e\147\40\x4c\104\x41\120\74\57\141\76\15\12\x9\11\11\x9\74\x61\40\x68\x72\x65\146\x3d\x22\150\x74\164\160\72\57\57\155\151\156\x69\157\162\x61\156\147\145\56\143\x6f\x6d\57\143\154\157\x75\144\55\x69\x64\x65\156\164\x69\x74\171\x2d\142\162\157\x6b\145\x72\55\x73\x65\x72\166\x69\143\x65\42\40\x73\164\171\x6c\145\x3d\42\x64\151\163\160\x6c\x61\x79\x3a\x6e\157\156\x65\x22\x3e\103\154\x6f\x75\x64\x20\x49\144\x65\156\x74\151\x74\171\40\142\x72\157\x6b\x65\162\x20\x73\x65\x72\x76\151\143\x65\74\x2f\141\x3e\xd\12\x9\x9\11\11\x3c\141\x20\x68\162\x65\x66\x3d\x22\150\164\164\x70\x3a\x2f\57\x6d\151\x6e\151\157\162\141\x6e\x67\145\56\x63\157\x6d\57\x73\x74\162\157\156\x67\x5f\x61\x75\x74\x68\42\x20\163\x74\x79\x6c\x65\75\42\144\151\x73\160\x6c\141\171\72\x6e\x6f\156\x65\73\x22\76\x3c\57\141\x3e\xd\12\x9\11\x9\11\x3c\141\40\x68\x72\x65\x66\x3d\x22\150\x74\x74\160\x3a\x2f\57\155\151\156\151\x6f\x72\x61\x6e\147\145\x2e\143\157\x6d\57\x73\x69\156\x67\154\145\55\163\x69\x67\156\x2d\x6f\x6e\55\x73\163\157\42\x20\x73\x74\171\x6c\x65\75\x22\144\x69\163\160\x6c\x61\x79\72\x6e\157\x6e\145\73\x22\76\74\x2f\x61\x3e\15\12\x9\11\x9\11\x3c\141\x20\150\162\145\146\75\42\x68\x74\164\x70\x3a\x2f\57\155\x69\156\x69\157\x72\x61\156\x67\145\x2e\x63\157\x6d\57\146\x72\141\x75\x64\42\x20\x73\164\x79\154\x65\x3d\x22\144\151\163\160\x6c\141\171\x3a\x6e\157\156\145\x3b\x22\76\x3c\57\141\x3e\15\12\xd\12\x9\x9\11\x3c\57\165\x6c\76\15\12\x9\11\x3c\57\146\x6f\162\155\76";
yfZ:
}
function mo_saml_logout_init()
{
do_action("\x6d\157\137\x73\141\155\154\137\x70\x72\145\x5f\154\157\147\x6f\x75\x74\137\x69\156\x69\164");
if (!(isset($_REQUEST["\x6f\x70\x74\x69\x6f\156"]) and $_REQUEST["\x6f\x70\164\x69\x6f\156"] == "\163\x61\x6d\x6c\x5f\165\x73\x65\x72\137\154\157\x67\x6f\x75\164")) {
goto VVv;
}
$user = is_user_logged_in() ? wp_get_current_user() : null;
if (empty($user)) {
goto DDC;
}
wp_logout();
DDC:
VVv:
}
function mo_saml_logout($o8)
{
$user = get_user_by("\x69\x64", $o8);
$pD = get_site_option("\x73\141\155\x6c\137\154\157\x67\157\165\164\137\x75\x72\x6c");
$sh = get_site_option("\x73\141\x6d\x6c\137\154\x6f\147\157\165\x74\137\142\151\156\x64\x69\156\x67\x5f\164\171\x70\x65");
$current_user = $user;
$SB = get_user_meta($current_user->ID, "\155\x6f\x5f\x73\x61\x6d\154\137\151\x64\x70\x5f\x6c\x6f\147\x69\156");
$SB = !empty($SB[0]) ? $SB[0] : '';
$jK = wp_get_referer();
if (!empty($jK)) {
goto gsG;
}
$jK = !empty(get_site_option("\155\157\x5f\163\x61\155\x6c\137\163\160\137\x62\141\163\145\137\x75\162\154")) ? get_site_option("\x6d\157\137\x73\141\x6d\154\x5f\163\160\x5f\142\x61\x73\145\x5f\165\162\154") : get_network_site_url();
gsG:
if (empty($pD)) {
goto AZu;
}
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto UJV;
}
session_start();
UJV:
if (!empty($_SESSION["\x6d\157\137\163\x61\x6d\x6c\137\154\x6f\147\x6f\165\x74\137\x72\145\x71\165\145\x73\x74"])) {
goto d3o;
}
if ($SB == "\x74\162\165\145") {
goto QWv;
}
goto Jbv;
d3o:
self::createLogoutResponseAndRedirect($pD, $sh);
exit;
goto Jbv;
QWv:
delete_user_meta($current_user->ID, "\155\x6f\137\x73\x61\155\x6c\x5f\x69\x64\x70\137\x6c\x6f\147\151\x6e");
$DV = get_user_meta($current_user->ID, "\x6d\157\x5f\x73\x61\155\x6c\x5f\156\141\x6d\x65\137\151\x64");
$x5 = get_user_meta($current_user->ID, "\155\157\x5f\163\141\155\x6c\137\x73\x65\163\163\x69\157\x6e\x5f\151\156\x64\x65\x78");
mo_saml_create_logout_request($DV, $x5, $pD, $sh, $jK);
Jbv:
AZu:
wp_redirect($jK);
exit;
}
function createLogoutResponseAndRedirect($pD, $sh)
{
$fs = get_site_option("\155\157\x5f\x73\141\155\x6c\137\x73\160\x5f\x62\x61\x73\x65\137\165\x72\x6c");
if (!empty($fs)) {
goto rV9;
}
$fs = get_network_site_url();
rV9:
$Gn = $_SESSION["\155\x6f\137\x73\141\155\x6c\137\154\157\x67\x6f\165\164\x5f\x72\145\x71\x75\145\163\164"];
$Gx = $_SESSION["\x6d\157\137\163\x61\155\x6c\x5f\x6c\x6f\147\157\165\x74\137\x72\145\x6c\141\171\x5f\x73\x74\x61\164\145"];
unset($_SESSION["\x6d\157\x5f\163\x61\x6d\154\x5f\x6c\157\x67\157\x75\164\137\162\145\161\165\145\163\164"]);
unset($_SESSION["\155\157\x5f\x73\x61\155\154\x5f\x6c\157\147\157\x75\164\x5f\162\x65\154\141\x79\137\x73\x74\141\x74\x65"]);
$G7 = new DOMDocument();
$G7->loadXML($Gn);
$Gn = $G7->firstChild;
if (!($Gn->localName == "\114\x6f\147\157\x75\x74\122\145\x71\165\145\x73\164")) {
goto bvh;
}
$ET = new SAML2_LogoutRequest($Gn);
$VQ = get_site_option("\x6d\x6f\137\x73\x61\x6d\x6c\137\163\x70\x5f\145\156\164\151\x74\x79\137\x69\x64");
if (!empty($VQ)) {
goto HeQ;
}
$VQ = $fs . "\57\x77\x70\55\143\157\156\164\145\x6e\164\x2f\x70\154\165\x67\151\x6e\163\x2f\x6d\x69\x6e\x69\157\162\x61\x6e\x67\x65\55\x73\x61\155\x6c\x2d\x32\60\x2d\x73\151\156\x67\154\x65\x2d\163\151\147\x6e\55\157\156\x2f";
HeQ:
$TB = $pD;
$Jo = Utilities::createLogoutResponse($ET->getId(), $VQ, $TB, $sh);
if (!is_user_logged_in()) {
goto oHB;
}
wp_destroy_current_session();
wp_clear_auth_cookie();
wp_set_current_user(0);
oHB:
do_action("\155\157\x5f\x73\x61\x6d\154\137\151\x64\x70\x5f\151\156\151\164\151\141\164\145\x64\137\x73\154\x6f\x5f\160\x72\145\x5f\x72\x65\x64\151\x72\145\x63\164", $ET->getId(), $Gx);
if (empty($sh) || $sh == "\110\164\164\x70\x52\x65\x64\x69\162\145\x63\x74") {
goto tuy;
}
if (!(get_site_option("\x73\x61\155\x6c\x5f\x72\145\x71\x75\x65\x73\164\137\x73\151\147\156\x65\x64") == "\x75\x6e\x63\150\x65\143\153\x65\x64")) {
goto ulK;
}
$E2 = base64_encode($Jo);
Utilities::postSAMLResponse($pD, $E2, $Gx);
exit;
ulK:
$at = '';
$Wv = '';
$E2 = Utilities::signXML($Jo, "\x53\x74\x61\x74\165\x73");
Utilities::postSAMLResponse($pD, $E2, $Gx);
goto obx;
tuy:
$Ox = $pD;
if (strpos($pD, "\x3f") !== false) {
goto YM6;
}
$Ox .= "\77";
goto GrR;
YM6:
$Ox .= "\x26";
GrR:
if (!(get_site_option("\x73\141\x6d\x6c\x5f\162\x65\x71\x75\145\163\164\x5f\x73\151\x67\x6e\x65\144") == "\x75\156\x63\x68\x65\143\x6b\145\x64")) {
goto Re0;
}
$Ox .= "\x53\x41\x4d\x4c\x52\145\163\160\157\x6e\x73\145\x3d" . $Jo . "\46\122\145\x6c\141\x79\x53\x74\141\x74\145\75" . urlencode($Gx);
header("\114\157\x63\x61\164\x69\157\x6e\x3a\x20" . $Ox);
exit;
Re0:
$Ox .= "\123\101\115\x4c\122\145\163\160\157\156\163\x65\75" . $Jo . "\x26\122\x65\x6c\x61\x79\x53\x74\141\164\145\x3d" . urlencode($Gx);
header("\114\x6f\x63\x61\164\151\157\156\72\40" . $Ox);
exit;
obx:
bvh:
}
}
function mo_saml_create_logout_request($DV, $x5, $pD, $sh, $jK)
{
$fs = get_site_option("\x6d\x6f\x5f\x73\x61\x6d\x6c\137\163\160\x5f\142\141\163\x65\137\x75\x72\154");
if (!empty($fs)) {
goto eKy;
}
$fs = get_network_site_url();
eKy:
$VQ = get_site_option("\x6d\x6f\137\163\141\x6d\x6c\x5f\163\160\137\x65\x6e\x74\x69\x74\x79\x5f\x69\144");
if (!empty($VQ)) {
goto I2L;
}
$VQ = $fs . "\x2f\167\x70\55\143\157\x6e\x74\x65\156\x74\x2f\160\154\165\147\x69\156\x73\x2f\x6d\151\x6e\x69\157\x72\x61\x6e\x67\x65\55\x73\x61\x6d\154\55\x32\60\55\163\151\x6e\147\x6c\x65\55\x73\151\147\x6e\x2d\157\156\57";
I2L:
$TB = $pD;
$rt = $jK;
if (!empty($rt)) {
goto Lx5;
}
$rt = saml_get_current_page_url();
if (!strpos($rt, "\x3f")) {
goto L1f;
}
$rt = get_network_site_url();
L1f:
Lx5:
$rt = mo_saml_relaystate_url($rt);
$mb = Utilities::createLogoutRequest($DV, $VQ, $TB, $x5, $sh);
if (empty($sh) || $sh == "\110\164\164\x70\122\145\x64\151\x72\145\x63\164") {
goto HAL;
}
if (!(get_site_option("\163\x61\155\x6c\137\x72\145\x71\165\x65\163\x74\137\163\x69\x67\x6e\145\x64") == "\x75\156\143\150\145\143\153\145\x64")) {
goto cMF;
}
$E2 = base64_encode($mb);
Utilities::postSAMLRequest($pD, $E2, $rt);
exit;
cMF:
$at = '';
$Wv = '';
$E2 = Utilities::signXML($mb, "\x4e\x61\x6d\x65\111\104\x50\157\x6c\151\143\x79");
Utilities::postSAMLRequest($pD, $E2, $rt);
goto MlR;
HAL:
$Ox = $pD;
if (strpos($pD, "\77") !== false) {
goto uKB;
}
$Ox .= "\x3f";
goto r2u;
uKB:
$Ox .= "\46";
r2u:
if (!(get_site_option("\163\141\x6d\154\x5f\162\145\x71\x75\145\163\164\x5f\x73\x69\147\x6e\145\x64") == "\165\156\x63\150\x65\143\x6b\x65\144")) {
goto kN_;
}
$Ox .= "\123\101\115\x4c\122\x65\161\x75\145\x73\164\75" . $mb . "\46\x52\145\x6c\141\x79\123\x74\141\x74\145\x3d" . urlencode($rt);
header("\x4c\157\x63\x61\164\x69\157\156\72\40" . $Ox);
exit;
kN_:
$mb = "\x53\101\x4d\x4c\x52\145\x71\165\145\x73\x74\75" . $mb . "\46\x52\x65\154\141\171\x53\164\x61\164\145\75" . urlencode($rt) . "\46\123\151\x67\101\154\147\75" . urlencode(XMLSecurityKey::RSA_SHA256);
$HH = array("\164\171\160\x65" => "\x70\x72\151\x76\141\x74\145");
$ns = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $HH);
$KH = get_site_option("\155\157\x5f\163\x61\155\154\137\x63\x75\162\x72\145\x6e\164\137\143\x65\162\164\x5f\160\x72\x69\166\141\x74\145\137\x6b\145\171");
$ns->loadKey($KH, FALSE);
$TI = new XMLSecurityDSig();
$Pw = $ns->signData($mb);
$Pw = base64_encode($Pw);
$Ox .= $mb . "\46\x53\151\147\x6e\x61\164\165\x72\145\75" . urlencode($Pw);
header("\x4c\157\143\x61\164\151\157\x6e\72" . $Ox);
exit;
MlR:
}
function mo_login_validate()
{
if (Mo_License_Service::is_customer_license_verified()) {
goto VAN;
}
return;
VAN:
if (!(!empty($_REQUEST["\157\160\x74\x69\157\156"]) && $_REQUEST["\x6f\160\x74\151\x6f\156"] == "\155\x6f\163\x61\155\x6c\x5f\x6d\145\164\141\x64\x61\x74\x61" && Mo_License_Service::is_customer_license_valid())) {
goto UNr;
}
miniorange_generate_metadata();
UNr:
if (!(!empty($_REQUEST["\157\x70\164\x69\157\156"]) && ($_REQUEST["\157\160\x74\x69\157\156"] == "\163\x61\x6d\154\x5f\165\x73\145\x72\137\154\x6f\147\151\x6e" || $_REQUEST["\157\160\164\151\157\156"] == "\164\145\163\x74\x43\157\x6e\x66\x69\147" || $_REQUEST["\x6f\x70\x74\151\157\x6e"] == "\147\145\x74\x73\x61\155\x6c\x72\x65\161\x75\145\x73\164" || $_REQUEST["\157\x70\x74\x69\157\156"] == "\x67\x65\164\x73\x61\x6d\154\162\x65\163\x70\x6f\x6e\x73\x65"))) {
goto Cqw;
}
if (mo_saml_is_sp_configured()) {
goto f7R;
}
if (!is_user_logged_in()) {
goto cen;
}
if (empty($_REQUEST["\162\145\144\x69\162\145\x63\x74\137\x74\157"])) {
goto Xbd;
}
$CR = htmlspecialchars($_REQUEST["\x72\145\144\x69\x72\145\x63\x74\137\164\157"]);
wp_safe_redirect($CR);
exit;
Xbd:
cen:
goto dOw;
f7R:
if (!(is_user_logged_in() and $_REQUEST["\x6f\160\x74\x69\x6f\156"] == "\x73\x61\x6d\x6c\137\x75\x73\x65\162\137\154\x6f\147\x69\156")) {
goto jWJ;
}
if (empty($_REQUEST["\x72\145\144\151\162\145\x63\164\137\x74\x6f"])) {
goto StS;
}
$CR = htmlspecialchars($_REQUEST["\162\145\x64\x69\x72\145\x63\164\137\164\157"]);
wp_safe_redirect($CR);
exit;
StS:
return;
jWJ:
$fs = get_site_option("\x6d\157\137\x73\x61\x6d\x6c\x5f\163\x70\x5f\x62\x61\163\145\137\165\162\x6c");
if (!empty($fs)) {
goto dm2;
}
$fs = get_network_site_url();
dm2:
$rw = get_site_option("\163\x61\155\x6c\x5f\x73\x73\157\x5f\163\145\164\x74\x69\156\147\x73");
$GW = get_current_blog_id();
$rT = Utilities::get_active_sites();
if (Utilities::mo_saml_in_array($GW, $rT)) {
goto Rzu;
}
return;
Rzu:
if (!(empty($rw[$GW]) && !empty($rw["\104\x45\106\101\125\114\124"]))) {
goto BQt;
}
$rw[$GW] = $rw["\x44\105\106\x41\x55\x4c\124"];
BQt:
if ($_REQUEST["\x6f\x70\x74\x69\x6f\x6e"] == "\x74\145\x73\164\103\157\x6e\146\x69\x67" and array_key_exists("\x6e\x65\x77\x63\145\162\x74", $_REQUEST)) {
goto b_p;
}
if ($_REQUEST["\x6f\x70\164\x69\x6f\156"] == "\x74\x65\x73\164\x43\x6f\156\x66\x69\x67") {
goto UNd;
}
if ($_REQUEST["\157\x70\164\151\x6f\x6e"] == "\x67\145\x74\x73\141\x6d\154\162\x65\x71\x75\x65\163\164") {
goto XoT;
}
if ($_REQUEST["\157\x70\x74\x69\157\x6e"] == "\x67\x65\164\x73\x61\155\154\x72\x65\163\160\x6f\x6e\163\145") {
goto SsT;
}
if (!empty($rw[$GW]["\x6d\157\137\x73\141\155\x6c\137\x72\145\x6c\x61\x79\137\163\164\x61\164\x65"])) {
goto xqd;
}
if (!empty($_REQUEST["\x72\x65\144\x69\x72\145\143\164\x5f\164\157"])) {
goto G_h;
}
$rt = saml_get_current_page_url();
goto Xk5;
G_h:
$rt = $_REQUEST["\162\145\x64\151\162\x65\143\164\137\164\x6f"];
Xk5:
goto lUe;
xqd:
$rt = $rw[$GW]["\155\157\x5f\163\141\155\154\137\162\x65\154\x61\171\137\x73\x74\x61\x74\145"];
lUe:
goto r4J;
SsT:
$rt = "\144\151\x73\160\154\141\171\123\x41\x4d\x4c\122\x65\163\x70\x6f\x6e\x73\145";
r4J:
goto enC;
XoT:
$rt = "\144\151\x73\160\154\x61\171\123\x41\115\x4c\122\145\x71\x75\x65\163\x74";
enC:
goto nPx;
UNd:
$rt = "\164\145\x73\x74\x56\x61\154\x69\x64\141\x74\145";
nPx:
goto PM1;
b_p:
$rt = "\164\x65\163\164\x4e\x65\167\x43\x65\x72\x74\151\146\151\143\141\164\x65";
PM1:
$Mu = get_site_option("\163\141\155\x6c\137\x6c\x6f\x67\151\156\x5f\x75\x72\154");
$Vh = !empty(get_site_option("\x73\141\x6d\154\x5f\154\x6f\x67\151\x6e\137\142\x69\156\144\151\156\x67\x5f\x74\x79\160\145")) ? get_site_option("\163\x61\x6d\154\137\x6c\x6f\x67\151\156\x5f\142\151\x6e\x64\x69\156\x67\137\164\171\x70\145") : "\x48\164\164\160\x50\x6f\163\x74";
$rw = get_site_option("\x73\x61\155\154\137\163\163\x6f\137\x73\x65\164\164\151\x6e\147\x73");
$GW = get_current_blog_id();
$rT = Utilities::get_active_sites();
if (Utilities::mo_saml_in_array($GW, $rT)) {
goto IQs;
}
return;
IQs:
if (!(empty($rw[$GW]) && !empty($rw["\x44\x45\x46\101\125\x4c\124"]))) {
goto XiT;
}
$rw[$GW] = $rw["\104\105\106\x41\125\x4c\124"];
XiT:
$cF = !empty($rw[$GW]["\x6d\x6f\x5f\x73\x61\x6d\x6c\x5f\x66\157\x72\143\x65\x5f\141\165\164\x68\x65\x6e\x74\x69\143\x61\x74\x69\x6f\156"]) ? $rw[$GW]["\x6d\x6f\x5f\163\x61\155\x6c\x5f\x66\x6f\x72\143\x65\137\141\165\x74\150\145\x6e\164\151\x63\x61\x74\151\x6f\x6e"] : '';
$lR = $fs . "\x2f";
$VQ = get_site_option("\x6d\157\137\163\141\x6d\x6c\x5f\x73\x70\137\145\156\x74\x69\x74\x79\137\151\144");
$hY = get_site_option("\x73\141\155\x6c\x5f\x6e\141\x6d\145\x69\x64\x5f\x66\157\x72\155\141\164");
if (!empty($hY)) {
goto eJ5;
}
$hY = "\x31\x2e\x31\72\x6e\141\x6d\145\x69\144\55\146\x6f\162\x6d\x61\x74\72\x75\x6e\163\160\x65\x63\151\x66\x69\145\144";
eJ5:
if (!empty($VQ)) {
goto IU_;
}
$VQ = $fs . "\57\167\160\x2d\x63\x6f\156\164\x65\x6e\x74\x2f\160\154\165\147\x69\x6e\x73\57\x6d\151\x6e\151\x6f\x72\141\156\x67\145\55\163\141\x6d\154\55\62\x30\x2d\x73\x69\x6e\x67\154\x65\55\163\x69\x67\x6e\55\157\x6e\57";
IU_:
$mb = Utilities::createAuthnRequest($lR, $VQ, $Mu, $cF, $Vh, $hY);
if (!($rt == "\x64\x69\x73\x70\x6c\141\171\123\x41\x4d\x4c\x52\145\161\165\x65\x73\164")) {
goto cgF;
}
mo_saml_show_SAML_log(Utilities::createAuthnRequest($lR, $VQ, $Mu, $cF, "\110\164\164\160\x50\x6f\163\x74", $hY), $rt);
cgF:
$Ox = htmlspecialchars_decode($Mu);
if (strpos($Mu, "\77") !== false) {
goto MZ0;
}
$Ox .= "\x3f";
goto o3B;
MZ0:
$Ox .= "\x26";
o3B:
$rt = mo_saml_relaystate_url($rt);
if ($Vh == "\x48\x74\164\160\122\145\144\x69\x72\145\143\x74") {
goto dRY;
}
if (!(get_site_option("\x73\x61\x6d\x6c\x5f\x72\145\161\x75\145\x73\164\x5f\163\151\x67\x6e\145\x64") == "\x75\x6e\143\150\145\143\153\145\144")) {
goto dDg;
}
$E2 = base64_encode($mb);
Utilities::postSAMLRequest($Mu, $E2, $rt);
exit;
dDg:
$at = '';
$Wv = '';
if ($_REQUEST["\157\x70\x74\151\157\156"] == "\x74\x65\x73\x74\103\157\156\x66\x69\147" && array_key_exists("\x6e\145\167\143\145\162\164", $_REQUEST)) {
goto OTC;
}
$E2 = Utilities::signXML($mb, "\116\141\155\x65\111\104\120\157\x6c\151\143\171");
goto Jry;
OTC:
$E2 = Utilities::signXML($mb, "\x4e\141\155\x65\x49\104\x50\x6f\154\151\143\x79", true);
Jry:
Utilities::postSAMLRequest($Mu, $E2, $rt);
update_site_option("\x6d\157\x5f\163\x61\x6d\154\137\x6e\145\x77\137\x63\x65\162\164\x5f\x74\145\163\x74", true);
goto l3z;
dRY:
if (!(get_site_option("\x73\x61\155\154\x5f\162\145\161\x75\x65\x73\x74\137\x73\x69\x67\x6e\x65\144") == "\x75\x6e\143\150\x65\x63\x6b\x65\144")) {
goto szi;
}
$Ox .= "\x53\101\x4d\x4c\122\x65\161\x75\x65\163\164\75" . $mb . "\46\x52\145\x6c\x61\x79\123\x74\141\164\x65\x3d" . urlencode($rt);
header("\114\157\143\x61\x74\x69\157\156\72\x20" . $Ox);
exit;
szi:
$mb = "\123\101\115\114\x52\145\x71\165\x65\x73\164\75" . $mb . "\x26\x52\x65\x6c\141\171\123\x74\x61\164\x65\75" . urlencode($rt) . "\x26\123\x69\147\x41\154\x67\75" . urlencode(XMLSecurityKey::RSA_SHA256);
$HH = array("\x74\x79\160\x65" => "\x70\x72\x69\x76\141\164\145");
$ns = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $HH);
if ($_REQUEST["\157\x70\164\151\157\x6e"] == "\x74\145\163\164\103\x6f\156\146\151\x67" && array_key_exists("\x6e\x65\x77\x63\x65\x72\x74", $_REQUEST)) {
goto GjP;
}
$KH = get_site_option("\x6d\x6f\x5f\163\141\x6d\154\x5f\x63\165\162\x72\145\156\x74\x5f\143\x65\162\x74\x5f\160\162\x69\x76\141\164\x65\137\x6b\x65\x79");
goto Qra;
GjP:
$KH = file_get_contents(plugin_dir_path(__FILE__) . "\x72\145\x73\157\x75\162\x63\145\x73" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
Qra:
$ns->loadKey($KH, FALSE);
$TI = new XMLSecurityDSig();
$Pw = $ns->signData($mb);
$Pw = base64_encode($Pw);
$Ox .= $mb . "\x26\x53\x69\x67\x6e\x61\x74\x75\x72\x65\x3d" . urlencode($Pw);
header("\x4c\157\x63\x61\x74\151\x6f\156\72\x20" . $Ox);
exit;
l3z:
dOw:
Cqw:
if (!(array_key_exists("\x53\101\x4d\x4c\x52\145\x73\x70\157\x6e\x73\145", $_REQUEST) && !empty($_REQUEST["\x53\x41\115\x4c\x52\145\x73\160\157\x6e\x73\x65"]))) {
goto P78;
}
if (array_key_exists("\122\145\154\x61\171\123\x74\141\164\x65", $_POST) && !empty($_POST["\x52\x65\154\141\x79\x53\x74\141\x74\x65"]) && $_POST["\x52\145\154\x61\171\123\164\141\164\145"] != "\x2f") {
goto nuX;
}
$XS = '';
goto U_L;
nuX:
$XS = $_POST["\x52\145\154\x61\171\x53\164\x61\x74\145"];
U_L:
$XS = mo_saml_parse_url($XS);
$fs = get_site_option("\x6d\157\x5f\163\141\x6d\154\x5f\163\160\137\x62\141\x73\x65\x5f\165\162\x6c");
if (!empty($fs)) {
goto r_m;
}
$fs = get_network_site_url();
r_m:
$xb = $_REQUEST["\x53\101\115\x4c\x52\145\163\160\157\156\163\145"];
$xb = base64_decode($xb);
if (!($XS == "\144\151\x73\x70\x6c\141\x79\123\101\x4d\x4c\122\145\163\160\157\x6e\x73\145")) {
goto ycn;
}
mo_saml_show_SAML_log($xb, $XS);
ycn:
if (!(array_key_exists("\x53\x41\x4d\x4c\122\145\x73\x70\157\156\163\145", $_GET) && !empty($_GET["\123\101\x4d\114\122\x65\163\x70\157\x6e\x73\x65"]))) {
goto ZSq;
}
$xb = gzinflate($xb);
ZSq:
$G7 = new DOMDocument();
$G7->loadXML($xb);
$kP = $G7->firstChild;
$Hy = $G7->documentElement;
$Iw = new DOMXpath($G7);
$Iw->registerNamespace("\x73\x61\x6d\x6c\x70", "\165\162\156\72\157\x61\x73\151\163\x3a\156\141\155\145\163\x3a\164\x63\x3a\x53\101\115\x4c\72\62\x2e\60\72\x70\162\x6f\164\157\x63\157\x6c");
$Iw->registerNamespace("\x73\141\x6d\x6c", "\165\162\156\x3a\x6f\141\x73\151\163\x3a\156\x61\x6d\x65\x73\x3a\164\143\72\123\101\x4d\114\x3a\62\x2e\x30\72\x61\x73\163\x65\x72\164\151\157\x6e");
if ($kP->localName == "\114\157\x67\x6f\x75\164\x52\x65\x73\160\157\x6e\163\145") {
goto UtK;
}
$vS = $Iw->query("\x2f\x73\141\x6d\154\x70\x3a\x52\145\x73\x70\157\156\x73\x65\57\x73\x61\155\x6c\x70\72\x53\x74\x61\164\x75\x73\57\x73\141\x6d\154\x70\72\123\164\x61\164\165\x73\x43\x6f\144\x65", $Hy);
$xn = !empty($vS) ? $vS->item(0)->getAttribute("\x56\141\154\x75\145") : '';
$Gl = explode("\x3a", $xn);
if (!array_key_exists(7, $Gl)) {
goto eQd;
}
$vS = $Gl[7];
eQd:
$Nv = $Iw->query("\57\163\141\x6d\x6c\160\x3a\x52\145\x73\x70\157\156\x73\x65\x2f\x73\x61\155\x6c\160\72\x53\164\x61\164\x75\x73\57\x73\x61\x6d\154\160\72\x53\x74\x61\164\165\163\115\145\163\x73\141\147\145", $Hy);
$Vc = !empty($Nv) ? $Nv->item(0) : '';
if (empty($Vc)) {
goto xvZ;
}
$Vc = $Vc->nodeValue;
xvZ:
if (array_key_exists("\x52\145\154\x61\x79\x53\x74\x61\x74\145", $_POST) && !empty($_POST["\x52\145\154\141\171\x53\164\141\x74\x65"]) && $_POST["\122\x65\x6c\x61\171\123\164\141\x74\x65"] != "\x2f") {
goto HEB;
}
$XS = '';
goto kJA;
HEB:
$XS = $_POST["\x52\x65\x6c\x61\x79\123\x74\x61\164\145"];
$XS = mo_saml_parse_url($XS);
kJA:
if (!($vS != "\123\165\143\143\x65\x73\x73")) {
goto a5n;
}
show_status_error($vS, $XS, $Vc);
a5n:
if (!($XS !== "\x74\145\x73\x74\126\141\154\151\144\x61\x74\x65" && $XS !== "\x74\x65\163\x74\116\x65\x77\x43\x65\x72\x74\151\146\x69\143\141\x74\145")) {
goto BOr;
}
$C2 = parse_url($XS, PHP_URL_HOST);
$vI = parse_url($fs, PHP_URL_HOST);
$Mm = parse_url(get_current_base_url(), PHP_URL_HOST);
if (!empty($XS)) {
goto sAm;
}
$XS = "\x2f";
goto Vuh;
sAm:
$XS = mo_saml_parse_url($XS);
Vuh:
if (!(!empty($C2) && $C2 != $Mm && !mo_saml_is_subdomain($C2, $Mm))) {
goto pjW;
}
Utilities::postSAMLResponse($XS, $_REQUEST["\x53\101\115\x4c\122\x65\x73\160\x6f\156\x73\x65"], mo_saml_relaystate_url($XS));
pjW:
BOr:
$WU = maybe_unserialize(get_site_option("\x73\x61\155\x6c\137\170\x35\x30\x39\137\143\145\162\x74\151\146\x69\143\141\164\x65"));
update_site_option("\155\x6f\137\163\x61\x6d\x6c\137\x72\145\163\x70\x6f\x6e\163\145", base64_encode($xb));
foreach ($WU as $ns => $Hr) {
if (@openssl_x509_read($Hr)) {
goto dMd;
}
unset($WU[$ns]);
dMd:
Tij:
}
j1h:
$lR = $fs . "\57";
if ($XS == "\164\x65\x73\164\x4e\x65\x77\103\x65\162\x74\x69\146\151\x63\141\164\145") {
goto uo6;
}
$xb = new SAML2_Response($kP, get_site_option("\155\x6f\137\163\x61\x6d\x6c\137\x63\x75\162\162\145\156\164\x5f\x63\145\x72\x74\x5f\x70\x72\x69\166\141\164\x65\137\x6b\145\x79"));
goto tC1;
uo6:
$fh = file_get_contents(plugin_dir_path(__FILE__) . "\x72\145\x73\x6f\x75\x72\x63\145\163" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
$xb = new SAML2_Response($kP, $fh);
tC1:
$yh = $xb->getSignatureData();
$OV = current($xb->getAssertions())->getSignatureData();
if (!(empty($OV) && empty($yh))) {
goto foA;
}
if ($XS == "\164\x65\163\164\x56\x61\x6c\151\x64\141\164\x65" or $XS == "\164\145\163\164\x4e\145\167\x43\145\162\x74\x69\x66\151\143\141\x74\145") {
goto Sw7;
}
wp_die("\127\145\40\143\157\165\x6c\x64\x20\156\x6f\164\40\163\x69\147\156\40\x79\157\165\40\x69\156\x2e\40\x50\154\x65\141\163\145\x20\x63\157\156\164\141\x63\x74\40\x61\144\x6d\x69\x6e\x69\163\164\162\x61\164\x6f\x72", "\x45\x72\162\x6f\162\72\40\x49\156\166\x61\x6c\x69\144\40\x53\x41\x4d\114\x20\x52\145\163\160\157\156\x73\x65");
goto IOj;
Sw7:
$W_ = mo_options_error_constants::Error_no_certificate;
$FQ = mo_options_error_constants::Cause_no_certificate;
echo "\74\144\x69\166\40\x73\x74\x79\154\145\x3d\x22\x66\x6f\x6e\x74\55\146\x61\x6d\x69\x6c\x79\72\x43\x61\x6c\151\142\x72\151\73\x70\x61\x64\x64\151\x6e\147\72\x30\40\x33\x25\x3b\42\76\xd\xa\x20\40\x20\x20\40\40\x20\x20\x20\40\40\40\40\x20\40\x20\x20\x20\x20\40\74\x64\x69\x76\x20\163\x74\x79\154\145\75\42\x63\x6f\x6c\x6f\x72\72\x20\43\x61\71\64\x34\x34\x32\73\142\x61\x63\153\147\162\157\165\156\144\55\x63\x6f\154\157\x72\x3a\40\x23\146\x32\144\145\144\145\73\160\141\x64\x64\151\x6e\x67\72\x20\61\65\x70\x78\73\x6d\x61\162\147\x69\x6e\x2d\x62\157\x74\164\157\x6d\x3a\x20\62\60\x70\170\x3b\164\x65\x78\164\55\x61\154\x69\147\x6e\x3a\143\145\156\164\145\x72\x3b\142\x6f\162\144\x65\x72\x3a\x31\x70\x78\40\163\x6f\x6c\x69\144\x20\43\105\66\x42\63\x42\x32\x3b\146\157\x6e\164\x2d\x73\x69\x7a\145\72\x31\70\160\x74\x3b\42\x3e\x20\x45\x52\122\117\122\x3c\x2f\144\151\x76\x3e\15\12\40\40\40\x20\40\40\x20\40\40\40\x20\40\x20\x20\40\x20\40\40\40\40\74\144\151\166\40\x73\x74\x79\154\145\75\42\x63\157\x6c\x6f\162\72\40\43\x61\71\x34\64\x34\62\x3b\x66\x6f\x6e\164\x2d\x73\151\x7a\x65\x3a\61\64\160\164\x3b\x20\155\x61\x72\147\151\x6e\x2d\x62\157\x74\x74\x6f\x6d\x3a\x32\x30\160\x78\x3b\42\x3e\74\x70\x3e\74\x73\x74\162\x6f\x6e\x67\x3e\x45\x72\162\157\x72\40\40\x3a" . esc_html($W_) . "\x20\x3c\57\163\x74\x72\x6f\156\x67\x3e\74\57\x70\76\xd\12\x20\x20\x20\40\x20\x20\40\x20\40\40\x20\x20\40\40\40\40\x20\40\x20\x20\xd\12\40\40\40\40\x20\40\40\x20\x20\40\40\40\x20\40\x20\x20\40\x20\x20\40\x3c\x70\x3e\x3c\x73\x74\x72\x6f\x6e\x67\x3e\120\x6f\x73\x73\x69\x62\154\145\x20\103\141\165\x73\145\72\40" . esc_html($FQ) . "\74\x2f\x73\x74\x72\157\156\x67\76\74\57\160\x3e\xd\12\x20\40\x20\x20\40\x20\40\40\x20\40\x20\x20\x20\x20\x20\40\40\40\x20\40\15\12\40\x20\x20\40\40\40\x20\40\x20\x20\40\40\40\40\40\40\40\40\x20\40\x3c\x2f\144\x69\x76\76\74\x2f\x64\151\166\x3e";
mo_saml_download_logs($W_, $FQ);
exit;
IOj:
foA:
$W9 = '';
if (is_array($WU)) {
goto f5G;
}
$Vp = XMLSecurityKey::getRawThumbprint($WU);
$Vp = mo_saml_convert_to_windows_iconv($Vp);
$Vp = preg_replace("\x2f\x5c\163\x2b\57", '', $Vp);
if (empty($yh)) {
goto vCD;
}
$W9 = Utilities::processResponse($lR, $Vp, $yh, $xb, 0, $XS);
vCD:
if (empty($OV)) {
goto LDk;
}
$W9 = Utilities::processResponse($lR, $Vp, $OV, $xb, 0, $XS);
LDk:
goto snJ;
f5G:
foreach ($WU as $ns => $Hr) {
$Vp = XMLSecurityKey::getRawThumbprint($Hr);
$Vp = mo_saml_convert_to_windows_iconv($Vp);
$Vp = preg_replace("\x2f\x5c\163\x2b\57", '', $Vp);
if (empty($yh)) {
goto yYS;
}
$W9 = Utilities::processResponse($lR, $Vp, $yh, $xb, $ns, $XS);
yYS:
if (empty($OV)) {
goto s6v;
}
$W9 = Utilities::processResponse($lR, $Vp, $OV, $xb, $ns, $XS);
s6v:
if (!$W9) {
goto x8J;
}
goto WfP;
x8J:
BpS:
}
WfP:
snJ:
if (empty($yh)) {
goto zti;
}
$cs = $yh["\x43\x65\162\164\151\x66\151\143\x61\164\x65\163"][0];
goto XpB;
zti:
$cs = $OV["\x43\x65\x72\164\151\x66\151\x63\x61\164\x65\163"][0];
XpB:
if ($W9) {
goto pbQ;
}
if ($XS == "\164\x65\x73\164\126\x61\x6c\x69\x64\141\x74\x65" or $XS == "\164\x65\x73\164\116\x65\x77\x43\145\x72\164\151\146\x69\143\141\164\145") {
goto R5i;
}
wp_die("\127\145\x20\143\157\x75\154\x64\40\156\x6f\x74\40\x73\151\147\x6e\x20\x79\157\165\40\x69\156\56\40\x50\x6c\145\x61\163\x65\40\x63\157\x6e\164\x61\143\x74\40\171\x6f\165\x72\x20\101\144\155\x69\x6e\x69\x73\164\162\141\x74\157\162", "\105\162\162\157\x72\x20\x3a\103\x65\x72\x74\151\x66\x69\x63\141\x74\145\x20\x6e\157\x74\40\x66\x6f\x75\156\144");
goto rT_;
R5i:
$W_ = mo_options_error_constants::Error_wrong_certificate;
$FQ = mo_options_error_constants::Cause_wrong_certificate;
$N2 = "\55\55\55\55\x2d\102\105\107\x49\x4e\x20\x43\x45\x52\124\x49\x46\111\103\x41\x54\105\x2d\x2d\55\x2d\55\74\142\x72\76" . chunk_split($cs, 64) . "\x3c\x62\162\76\55\55\55\55\x2d\x45\x4e\104\40\103\x45\122\124\x49\x46\x49\x43\101\x54\105\x2d\x2d\55\55\55";
echo "\74\144\151\166\x20\163\x74\x79\x6c\145\x3d\x22\146\157\156\x74\55\146\x61\155\151\x6c\x79\72\x43\x61\154\x69\x62\x72\151\x3b\x70\141\144\144\x69\x6e\147\72\x30\x20\63\45\73\x22\76";
echo "\74\x64\151\166\40\x73\164\x79\x6c\145\x3d\42\x63\157\154\157\162\x3a\40\43\x61\x39\64\x34\x34\x32\73\x62\141\x63\153\147\162\x6f\165\156\x64\x2d\143\x6f\x6c\157\x72\72\40\x23\146\x32\x64\x65\144\x65\x3b\160\x61\144\144\151\x6e\x67\72\x20\x31\65\x70\x78\x3b\155\x61\x72\147\151\156\55\142\x6f\164\x74\x6f\x6d\72\40\62\x30\x70\x78\x3b\x74\145\x78\164\55\141\154\x69\x67\x6e\x3a\x63\x65\x6e\164\145\162\x3b\x62\x6f\x72\x64\x65\x72\72\61\x70\170\40\163\157\x6c\151\144\x20\x23\x45\66\x42\x33\102\62\73\146\x6f\x6e\164\x2d\x73\x69\x7a\x65\x3a\x31\70\x70\x74\73\x22\x3e\x20\x45\122\x52\x4f\122\74\57\x64\151\x76\x3e\xd\xa\x20\40\x20\x20\x20\40\x20\40\x20\x20\40\40\x20\40\x20\40\x20\x20\x20\x20\74\x64\151\166\40\x73\x74\171\x6c\145\75\42\143\x6f\154\x6f\162\72\40\43\x61\71\64\x34\x34\x32\73\x66\x6f\x6e\x74\55\163\151\x7a\x65\72\x31\64\160\164\73\40\155\x61\x72\x67\x69\156\x2d\x62\x6f\164\164\157\x6d\x3a\62\x30\160\170\73\x22\76\74\x70\x3e\74\163\164\162\157\156\x67\76\x45\x72\x72\157\162\x3a\40\x3c\57\163\164\x72\157\156\x67\76\125\x6e\x61\142\x6c\x65\40\164\157\x20\146\151\x6e\144\40\141\x20\143\145\162\164\x69\x66\151\x63\x61\x74\x65\40\155\x61\x74\x63\150\151\x6e\x67\x20\x74\x68\145\40\143\157\x6e\x66\x69\147\x75\x72\145\x64\x20\x66\151\x6e\147\145\x72\160\x72\151\156\164\x2e\x3c\57\160\x3e\15\xa\40\40\x20\x20\x20\x20\x20\x20\40\40\x20\40\40\40\x20\40\40\40\x20\x20\x20\40\40\40\x3c\x70\x3e\120\x6c\145\x61\163\145\x20\x63\157\x6e\x74\141\143\164\40\171\x6f\x75\162\40\141\x64\x6d\x69\x6e\x69\x73\164\x72\141\164\157\162\40\141\x6e\144\40\x72\x65\x70\157\x72\x74\40\164\x68\x65\40\x66\x6f\x6c\x6c\157\x77\151\x6e\x67\x20\145\x72\x72\x6f\x72\x3a\x3c\57\160\x3e\15\12\x20\40\40\x20\x20\40\40\40\x20\40\40\x20\40\x20\x20\40\40\40\40\x20\x20\x20\40\x20\74\x70\x3e\74\x73\x74\162\x6f\156\147\x3e\x50\157\x73\x73\x69\x62\x6c\145\40\x43\x61\165\x73\145\72\x20\74\x2f\163\164\162\157\x6e\147\x3e\x27\x58\56\x35\x30\x39\40\x43\145\x72\x74\151\x66\151\143\141\x74\145\47\x20\146\151\x65\x6c\x64\40\x69\x6e\x20\x70\154\x75\x67\151\x6e\40\x64\x6f\x65\163\x20\x6e\x6f\164\x20\155\x61\164\x63\x68\x20\x74\150\145\x20\143\x65\162\x74\x69\x66\x69\x63\x61\164\x65\x20\x66\x6f\x75\156\x64\40\151\156\40\x53\x41\x4d\x4c\40\x52\145\163\160\x6f\x6e\x73\x65\x2e\74\57\160\x3e\15\xa\x20\x20\x20\x20\x20\x20\x20\40\40\40\x20\40\x20\x20\40\x20\x20\x20\40\40\40\40\x20\x20\x3c\x70\76\74\x73\x74\x72\x6f\156\x67\76\x43\x65\x72\x74\x69\x66\151\143\x61\x74\x65\x20\x66\157\165\x6e\144\x20\151\x6e\40\x53\x41\115\114\40\x52\145\x73\x70\157\156\163\x65\72\40\x3c\57\x73\x74\162\x6f\156\x67\76\74\146\x6f\156\164\40\146\141\143\145\x3d\x22\103\157\x75\x72\151\145\162\x20\x4e\145\167\42\x3e\x3c\x62\162\76\x3c\142\x72\76" . $N2 . "\x3c\57\x70\76\x3c\57\146\x6f\x6e\164\76\xd\12\40\x20\40\40\40\x20\40\40\40\x20\40\40\40\x20\40\40\x20\x20\x20\x20\40\40\x20\x20\74\x70\76\74\x73\x74\x72\157\x6e\147\76\x53\x6f\154\165\x74\x69\x6f\156\x3a\40\x3c\57\163\164\x72\x6f\156\147\76\74\57\x70\76\15\xa\x20\x20\40\x20\40\40\40\x20\40\40\x20\40\40\x20\x20\x20\x20\x20\x20\40\x20\x20\x20\40\74\157\x6c\76\xd\12\x20\x20\x20\x20\40\40\x20\40\40\x20\40\40\x20\x20\40\40\40\x20\40\x20\40\x20\40\40\40\x20\x20\x3c\154\x69\76\x43\157\x70\x79\40\160\x61\x73\164\x65\x20\164\x68\145\40\x63\x65\x72\164\151\146\x69\143\x61\x74\x65\x20\x70\162\x6f\166\151\x64\145\x64\x20\141\x62\x6f\x76\x65\x20\151\x6e\40\x58\x35\60\71\x20\x43\x65\x72\x74\x69\x66\151\x63\141\164\145\x20\x75\156\x64\145\162\40\123\x65\162\166\x69\x63\145\40\120\x72\x6f\166\x69\144\145\162\40\x53\x65\164\x75\160\x20\164\x61\142\56\74\x2f\154\151\x3e\xd\12\40\40\x20\40\40\40\40\x20\x20\40\40\x20\x20\x20\40\40\40\40\x20\40\x20\40\x20\40\40\x20\40\x3c\154\151\x3e\111\x66\x20\151\x73\163\165\145\x20\160\x65\x72\163\151\163\x74\163\x20\144\151\x73\x61\x62\154\x65\x20\74\x62\x3e\103\150\x61\x72\141\143\x74\x65\162\x20\x65\x6e\143\157\144\151\156\x67\74\57\142\x3e\x20\165\156\x64\x65\x72\40\123\145\x72\166\151\143\x65\40\x50\x72\x6f\166\x64\145\x72\40\x53\145\164\165\x70\40\x74\141\x62\56\x3c\x2f\x6c\151\76\xd\xa\x20\40\x20\x20\40\x20\40\x20\40\x20\x20\40\40\40\40\x20\x20\x20\40\x20\x20\40\x20\x20\74\57\x6f\154\x3e\xd\xa\x20\40\40\40\40\x20\x20\x20\40\40\x20\40\40\x20\x20\40\40\40\x20\x20\40\40\40\40\x3c\x2f\x64\x69\166\76\xd\xa\40\40\x20\40\40\x20\40\x20\40\x20\40\40\x20\40\40\x20\40\40\40\40\74\144\x69\x76\x20\163\164\171\154\x65\x3d\x22\x6d\141\162\x67\151\156\72\63\45\x3b\144\151\x73\160\x6c\141\x79\72\x62\x6c\x6f\143\153\73\164\145\x78\164\55\141\x6c\151\147\156\72\143\145\156\x74\145\162\73\x22\x3e\xd\xa\40\x20\40\40\40\x20\40\40\x20\x20\x20\x20\40\x20\x20\x20\40\40\x20\40\40\x20\x20\40\x20\40\40\x20\x3c\x64\x69\x76\x20\163\x74\171\x6c\145\x3d\42\155\141\162\147\151\x6e\x3a\x33\45\73\144\x69\x73\160\154\141\171\x3a\x62\154\157\143\153\73\x74\145\170\164\55\141\154\151\147\156\x3a\143\145\x6e\164\x65\x72\73\42\76\74\x69\156\160\165\x74\x20\163\x74\x79\154\145\75\42\x70\x61\x64\x64\151\156\147\72\x31\45\x3b\167\151\x64\164\x68\72\x31\60\x30\x70\170\x3b\x62\141\143\x6b\x67\162\x6f\165\156\144\x3a\x20\x23\60\60\x39\x31\x43\104\x20\x6e\157\x6e\x65\x20\162\x65\160\x65\141\x74\40\x73\x63\x72\157\x6c\154\x20\60\x25\x20\x30\45\x3b\143\165\162\x73\157\x72\x3a\x20\x70\x6f\151\x6e\x74\x65\x72\73\146\x6f\x6e\164\55\163\151\x7a\145\x3a\x31\x35\x70\x78\x3b\x62\x6f\162\144\145\162\55\x77\151\144\164\x68\72\40\61\x70\x78\x3b\x62\x6f\162\x64\x65\162\x2d\163\164\x79\154\x65\72\40\163\x6f\x6c\x69\144\x3b\x62\157\162\x64\x65\162\55\162\x61\x64\151\165\x73\72\x20\63\x70\170\x3b\167\x68\151\x74\x65\55\x73\160\141\x63\145\72\40\156\x6f\x77\162\x61\160\73\x62\157\170\55\163\x69\172\151\x6e\x67\x3a\x20\142\157\162\144\x65\x72\x2d\142\157\170\x3b\142\157\x72\x64\x65\162\x2d\x63\157\154\x6f\x72\x3a\40\x23\60\x30\67\63\101\x41\73\142\x6f\170\x2d\x73\x68\141\144\157\167\72\40\60\x70\x78\x20\x31\x70\170\40\60\x70\170\x20\x72\x67\x62\x61\x28\61\62\60\54\x20\x32\x30\60\54\x20\62\63\60\54\40\60\x2e\66\51\40\151\156\163\145\164\73\x63\x6f\x6c\x6f\x72\72\x20\x23\x46\106\x46\x3b\x22\164\171\160\x65\x3d\x22\x62\165\x74\164\157\156\x22\40\x76\x61\154\165\145\75\x22\x44\x6f\x6e\x65\42\x20\x6f\x6e\103\x6c\x69\143\x6b\x3d\42\x73\145\154\146\x2e\143\x6c\x6f\x73\x65\x28\x29\73\42\x3e\74\57\x64\151\166\76";
mo_saml_download_logs($W_, $FQ);
exit;
rT_:
pbQ:
$xF = get_site_option("\x73\141\x6d\x6c\x5f\151\x73\163\165\145\162");
$VQ = get_site_option("\155\x6f\137\x73\x61\x6d\154\137\163\160\x5f\145\x6e\164\151\x74\171\x5f\151\x64");
if (!empty($VQ)) {
goto fUM;
}
$VQ = $fs . "\57\x77\x70\x2d\143\157\156\164\145\x6e\x74\x2f\x70\154\165\x67\151\156\163\57\x6d\x69\156\x69\157\162\141\x6e\147\x65\x2d\163\x61\155\154\55\62\60\x2d\163\x69\x6e\147\154\x65\x2d\x73\x69\147\x6e\x2d\x6f\x6e\57";
fUM:
Utilities::validateIssuerAndAudience($xb, $VQ, $xF, $XS);
$KL = current(current($xb->getAssertions())->getNameId());
$xx = current($xb->getAssertions())->getAttributes();
$xx["\x4e\141\x6d\145\x49\104"] = array("\60" => $KL);
$x5 = current($xb->getAssertions())->getSessionIndex();
mo_saml_checkMapping($xx, $XS, $x5);
goto giB;
UtK:
if (empty($_REQUEST["\x52\x65\x6c\141\171\x53\164\x61\164\x65"])) {
goto G6G;
}
$Gx = $_REQUEST["\x52\145\x6c\141\x79\123\x74\x61\x74\145"];
G6G:
if (!is_user_logged_in()) {
goto Iyl;
}
wp_destroy_current_session();
wp_clear_auth_cookie();
wp_set_current_user(0);
Iyl:
if (empty($Gx)) {
goto iTD;
}
$Gx = mo_saml_parse_url($Gx);
goto wCP;
iTD:
$Gx = $fs;
wCP:
do_action("\x6d\157\x5f\163\141\155\x6c\137\x73\x70\137\151\x6e\151\164\151\x61\x74\145\144\x5f\163\154\157\x5f\x70\162\145\137\x72\x65\x64\151\162\145\143\x74", $Gx);
header("\x4c\157\143\x61\x74\151\157\156\72" . $Gx);
exit;
giB:
P78:
if (!(array_key_exists("\x53\101\x4d\x4c\x52\145\161\165\145\x73\x74", $_REQUEST) && !empty($_REQUEST["\x53\x41\115\114\122\x65\161\165\145\163\x74"]))) {
goto X0z;
}
$mb = $_REQUEST["\x53\101\115\x4c\122\145\161\165\145\163\x74"];
$XS = "\57";
if (!array_key_exists("\122\x65\x6c\x61\x79\123\164\141\164\145", $_REQUEST)) {
goto hvY;
}
$XS = $_REQUEST["\x52\145\x6c\x61\x79\123\x74\141\x74\145"];
hvY:
$mb = base64_decode($mb);
if (!(array_key_exists("\x53\x41\x4d\x4c\122\145\x71\165\x65\163\164", $_GET) && !empty($_GET["\x53\101\115\x4c\x52\145\x71\165\x65\163\x74"]))) {
goto c75;
}
$mb = gzinflate($mb);
c75:
$G7 = new DOMDocument();
$G7->loadXML($mb);
$D5 = $G7->firstChild;
if (!($D5->localName == "\x4c\x6f\147\157\x75\164\x52\x65\x71\x75\145\x73\164")) {
goto T6P;
}
$ET = new SAML2_LogoutRequest($D5);
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto R2n;
}
session_start();
R2n:
$_SESSION["\155\x6f\137\163\141\155\154\x5f\154\x6f\147\157\165\164\137\x72\145\161\165\x65\163\164"] = $mb;
$_SESSION["\155\157\137\x73\x61\x6d\154\x5f\154\x6f\x67\x6f\165\x74\x5f\162\x65\x6c\x61\171\x5f\x73\164\x61\x74\x65"] = $XS;
wp_redirect(htmlspecialchars_decode(wp_logout_url()));
exit;
T6P:
X0z:
}
function mo_saml_is_subdomain($gd, $t6)
{
$oC = substr($gd, strpos($gd, "\56") + 1);
if ($oC === $t6) {
goto Fh1;
}
return false;
goto rTU;
Fh1:
return true;
rTU:
}
function mo_saml_relaystate_url($XS)
{
$jt = parse_url($XS, PHP_URL_SCHEME);
$XS = str_replace($jt . "\x3a\57\x2f", '', $XS);
return $XS;
}
function mo_saml_hash_relaystate($XS)
{
$jt = parse_url($XS, PHP_URL_SCHEME);
$XS = str_replace($jt . "\x3a\57\x2f", '', $XS);
$XS = base64_encode($XS);
$uG = cdjsurkhh($XS);
$XS = $XS . "\x2e" . $uG;
return $XS;
}
function mo_saml_get_relaystate($XS)
{
if (!filter_var($XS, FILTER_VALIDATE_URL)) {
goto fNh;
}
return $XS;
fNh:
$l_ = strpos($XS, "\x2e");
if ($l_) {
goto Nrp;
}
wp_die("\101\x6e\x20\145\162\162\157\162\x20\157\143\143\x75\x72\x65\x64\56\x20\120\154\145\141\x73\x65\40\x63\x6f\x6e\164\x61\x63\164\40\x79\157\x75\x72\40\x61\144\155\151\x6e\151\x73\x74\x72\x61\x74\157\x72\x2e", "\105\x72\x72\157\162\x20\72\40\116\x6f\164\x20\141\x20\x74\x72\165\x73\164\x65\144\40\163\157\165\x72\x63\x65\x20\x6f\x66\x20\164\x68\145\40\123\101\x4d\x4c\40\x72\145\x73\x70\157\156\163\x65");
exit;
Nrp:
$Gx = substr($XS, 0, $l_);
$DL = substr($XS, $l_ + 1);
$OZ = cdjsurkhh($Gx);
if (!($DL !== $OZ)) {
goto NXa;
}
wp_die("\101\156\40\145\162\x72\157\x72\40\x6f\x63\x63\165\x72\x65\x64\56\40\120\154\145\141\163\145\40\x63\x6f\156\x74\x61\x63\164\x20\x79\157\165\x72\x20\x61\x64\155\151\x6e\x69\163\x74\162\x61\164\x6f\162\56", "\105\162\x72\157\162\x20\72\x20\x4e\157\164\40\141\x20\164\162\x75\163\x74\145\144\x20\x73\x6f\165\x72\143\145\40\x6f\146\40\164\150\x65\x20\x53\101\115\x4c\40\x72\145\x73\x70\157\x6e\163\x65");
exit;
NXa:
$Gx = base64_decode($Gx);
return $Gx;
}
function cdjsurkhh($D6)
{
$uG = hash("\x73\150\x61\65\x31\x32", $D6);
$Oj = substr($uG, 7, 14);
return $Oj;
}
function mo_saml_parse_url($XS)
{
if (!($XS != "\x74\145\163\x74\x56\x61\154\x69\144\x61\x74\x65" && $XS != "\164\x65\163\164\x4e\145\x77\103\145\x72\164\151\146\x69\x63\141\164\x65")) {
goto qTG;
}
$fs = get_site_option("\x6d\x6f\x5f\x73\141\155\x6c\x5f\x73\160\137\142\141\163\x65\x5f\165\x72\x6c");
if (!empty($fs)) {
goto jce;
}
$fs = get_network_site_url();
jce:
$jt = parse_url($fs, PHP_URL_SCHEME);
if (filter_var($XS, FILTER_VALIDATE_URL)) {
goto JLN;
}
$XS = $jt . "\x3a\57\57" . $XS;
JLN:
qTG:
return $XS;
}
function mo_saml_is_subsite($XS)
{
$Qu = parse_url($XS, PHP_URL_HOST);
$qL = parse_url($XS, PHP_URL_PATH);
if (is_subdomain_install()) {
goto dLK;
}
$go = strpos($qL, "\x2f", 1) != false ? strpos($qL, "\x2f", 1) : strlen($qL) - 1;
$qL = substr($qL, 0, $go + 1);
$blog_id = get_blog_id_from_url($Qu, $qL);
goto cKJ;
dLK:
$blog_id = get_blog_id_from_url($Qu);
cKJ:
if ($blog_id !== 0) {
goto qh_;
}
return false;
goto TkJ;
qh_:
return true;
TkJ:
}
function mo_saml_show_SAML_log($D5, $CL)
{
header("\x43\157\x6e\x74\x65\156\164\x2d\x54\x79\x70\145\72\x20\164\145\x78\x74\x2f\150\x74\x6d\154");
$Hy = new DOMDocument();
$Hy->preserveWhiteSpace = false;
$Hy->formatOutput = true;
$Hy->loadXML($D5);
if ($CL == "\144\151\163\x70\x6c\x61\171\x53\101\x4d\114\122\145\x71\x75\145\x73\164") {
goto YRA;
}
$BJ = "\x53\101\115\114\40\x52\145\x73\x70\157\156\163\x65";
goto N1P;
YRA:
$BJ = "\123\101\115\114\40\x52\145\x71\165\145\163\164";
N1P:
$Ia = $Hy->saveXML();
$tG = htmlentities($Ia);
$tG = rtrim($tG);
$RO = simplexml_load_string($Ia);
$Mr = json_encode($RO);
$w6 = json_decode($Mr);
$qp = plugins_url("\151\156\143\x6c\x75\x64\x65\163\x2f\143\163\x73\x2f\163\164\x79\154\x65\137\163\x65\164\x74\x69\x6e\x67\163\x2e\x63\163\x73\77\x76\x65\x72\75\x34\56\x38\56\x34\x30", __FILE__);
echo "\x3c\154\151\x6e\x6b\x20\x72\x65\154\x3d\x27\x73\x74\171\154\145\163\x68\145\x65\x74\x27\40\x69\144\75\47\155\x6f\x5f\x73\141\155\x6c\x5f\x61\144\x6d\151\156\137\x73\145\164\x74\x69\156\x67\x73\x5f\163\164\x79\154\145\55\143\x73\x73\x27\40\x20\150\162\x65\146\75\x27" . $qp . "\47\x20\x74\171\x70\145\x3d\x27\x74\x65\x78\x74\57\x63\163\163\x27\40\x6d\x65\x64\151\141\75\x27\x61\154\x6c\x27\40\57\76\15\12\xd\xa\x3c\144\151\x76\x20\143\154\x61\x73\163\x3d\42\155\x6f\55\144\151\163\x70\x6c\x61\x79\x2d\x6c\x6f\147\x73\42\40\76\74\160\40\164\x79\x70\145\x3d\x22\164\x65\170\x74\42\40\40\x20\151\x64\75\42\123\101\x4d\x4c\137\164\x79\x70\145\x22\76" . $BJ . "\74\x2f\x70\x3e\74\x2f\x64\151\166\x3e\15\xa\xd\12\x3c\144\151\166\x20\x74\171\x70\145\75\42\x74\x65\170\164\x22\x20\151\x64\75\42\x53\101\115\114\137\144\x69\x73\x70\x6c\x61\x79\42\40\x63\x6c\x61\x73\x73\75\x22\155\157\55\x64\151\163\160\154\x61\x79\55\x62\154\x6f\143\x6b\42\76\74\160\x72\145\40\x63\154\141\163\x73\x3d\x27\x62\162\x75\163\150\72\x20\x78\x6d\x6c\73\47\76" . $tG . "\x3c\57\160\x72\145\76\74\x2f\144\151\166\x3e\xd\12\x3c\x62\x72\76\15\12\x3c\144\151\x76\x9\x20\163\164\x79\154\x65\75\x22\x6d\x61\162\147\x69\x6e\72\x33\x25\73\x64\151\163\160\x6c\x61\x79\72\142\154\157\x63\x6b\x3b\x74\145\170\164\x2d\x61\154\151\147\x6e\x3a\x63\145\156\164\x65\162\x3b\x22\x3e\xd\12\xd\12\74\x64\x69\x76\40\163\164\x79\x6c\x65\75\x22\x6d\141\162\x67\x69\x6e\72\x33\45\x3b\144\151\163\160\x6c\141\171\x3a\142\154\x6f\x63\153\73\164\x65\170\164\x2d\x61\154\x69\x67\156\x3a\x63\x65\x6e\164\145\162\73\x22\40\76\15\12\xd\12\x3c\57\x64\151\166\x3e\15\12\x3c\x62\x75\x74\x74\157\x6e\x20\151\144\x3d\x22\x63\157\160\x79\x22\40\x6f\156\143\154\151\x63\153\x3d\42\x63\157\160\x79\x44\x69\166\x54\157\x43\154\x69\x70\x62\157\x61\x72\144\x28\x29\x22\40\x20\163\164\171\154\x65\75\42\160\141\144\x64\151\x6e\147\72\x31\45\73\167\151\144\x74\150\x3a\61\x30\x30\x70\x78\73\x62\x61\143\x6b\147\x72\157\165\x6e\144\72\40\x23\60\60\x39\x31\x43\x44\40\156\x6f\156\145\x20\x72\145\160\145\141\x74\x20\163\x63\162\157\x6c\154\x20\60\45\40\x30\x25\x3b\143\165\x72\x73\x6f\x72\x3a\40\x70\157\151\x6e\164\145\162\73\146\x6f\156\x74\x2d\163\151\x7a\x65\72\x31\x35\160\x78\73\x62\157\162\144\145\x72\55\x77\x69\x64\164\150\72\x20\x31\x70\170\73\142\157\x72\x64\145\162\x2d\x73\164\x79\x6c\145\x3a\40\163\157\154\151\144\x3b\x62\157\162\144\x65\x72\x2d\162\141\144\151\165\x73\x3a\40\63\160\170\73\167\x68\x69\x74\145\55\x73\x70\141\143\145\72\x20\x6e\x6f\x77\x72\x61\160\x3b\142\x6f\x78\55\163\151\172\x69\156\x67\72\x20\x62\157\162\144\x65\x72\x2d\x62\x6f\170\x3b\x62\x6f\x72\x64\x65\x72\x2d\143\x6f\x6c\x6f\162\x3a\40\x23\60\60\67\63\x41\x41\73\x62\x6f\170\x2d\x73\150\x61\144\157\x77\72\x20\60\x70\170\x20\x31\160\x78\40\60\160\170\40\162\x67\x62\141\x28\x31\62\x30\54\40\x32\60\60\54\40\62\x33\x30\54\40\60\56\66\x29\40\151\156\x73\145\x74\73\x63\157\x6c\x6f\x72\x3a\40\43\106\x46\106\73\x22\40\76\x43\157\160\171\74\x2f\142\x75\164\164\157\156\x3e\15\xa\x26\x6e\142\x73\x70\x3b\15\xa\74\x69\x6e\x70\165\x74\40\x69\x64\x3d\x22\x64\x77\156\x2d\x62\164\x6e\42\x20\163\x74\171\154\x65\75\42\160\141\144\144\151\x6e\x67\x3a\61\x25\73\x77\151\x64\164\150\72\61\60\60\160\x78\73\x62\141\143\x6b\147\162\157\x75\156\144\x3a\40\x23\60\60\71\61\x43\x44\x20\x6e\157\156\x65\x20\x72\145\160\145\x61\x74\40\x73\x63\162\157\x6c\154\x20\x30\45\40\60\45\x3b\x63\x75\162\163\157\x72\x3a\x20\160\x6f\151\x6e\x74\145\162\x3b\x66\x6f\156\x74\x2d\163\x69\172\145\x3a\x31\65\160\x78\73\142\157\x72\144\x65\162\55\167\x69\144\164\150\x3a\40\61\160\170\x3b\142\x6f\162\144\x65\x72\55\163\x74\x79\154\145\x3a\40\x73\x6f\154\x69\144\x3b\x62\x6f\x72\144\145\x72\55\162\141\144\x69\165\x73\x3a\40\x33\160\x78\73\167\x68\151\x74\145\55\163\160\x61\143\145\x3a\x20\156\x6f\167\x72\x61\160\73\x62\157\x78\55\163\151\x7a\x69\156\147\72\x20\142\157\162\144\145\x72\x2d\142\x6f\x78\x3b\142\157\162\x64\x65\x72\55\143\157\x6c\157\x72\72\x20\43\x30\x30\x37\x33\101\x41\x3b\x62\157\x78\55\163\x68\x61\144\x6f\167\72\x20\60\160\x78\x20\61\160\x78\40\x30\160\x78\40\x72\147\x62\x61\50\61\62\x30\x2c\x20\62\x30\60\54\40\x32\63\60\x2c\x20\60\x2e\66\x29\40\151\156\163\x65\164\x3b\x63\157\154\x6f\x72\72\40\x23\106\x46\106\73\x22\x74\x79\160\x65\x3d\x22\142\x75\164\x74\157\156\x22\40\166\x61\x6c\165\x65\75\42\x44\x6f\x77\x6e\154\157\x61\144\42\40\15\xa\x22\x3e\xd\12\74\x2f\x64\151\x76\x3e\15\xa\x3c\57\144\151\166\76\xd\xa\xd\xa\xd\12";
ob_end_flush();
echo "\xd\12\74\x73\x63\x72\151\160\x74\x3e\xd\xa\xd\xa\146\165\156\143\x74\x69\x6f\x6e\40\x63\157\x70\171\104\x69\166\124\x6f\103\x6c\151\160\142\x6f\x61\162\x64\50\51\x20\173\xd\12\x76\x61\x72\x20\141\x75\x78\40\x3d\40\144\157\x63\x75\x6d\145\156\164\x2e\x63\162\x65\141\x74\145\105\x6c\x65\x6d\145\x6e\164\x28\42\x69\156\x70\165\x74\x22\x29\x3b\xd\xa\141\165\170\x2e\163\x65\164\x41\164\164\x72\151\x62\165\164\145\50\x22\166\x61\154\x75\x65\x22\54\x20\x64\157\143\165\155\145\156\x74\56\x67\145\x74\105\154\x65\x6d\x65\156\164\x42\171\x49\x64\x28\x22\123\x41\x4d\114\137\144\x69\163\160\x6c\x61\171\x22\x29\56\x74\x65\170\x74\103\x6f\156\x74\145\x6e\x74\x29\73\xd\12\x64\157\143\165\x6d\145\x6e\164\x2e\x62\x6f\144\x79\56\x61\160\160\145\x6e\x64\103\150\151\154\144\50\141\165\x78\51\73\xd\xa\141\165\x78\x2e\x73\145\154\x65\143\x74\x28\x29\73\15\12\x64\x6f\x63\165\x6d\145\156\x74\56\x65\x78\145\143\x43\157\x6d\x6d\141\x6e\144\x28\42\x63\x6f\160\171\42\x29\73\15\xa\144\x6f\143\x75\155\x65\x6e\164\x2e\x62\x6f\144\x79\x2e\x72\145\x6d\x6f\166\x65\x43\150\x69\x6c\x64\50\141\165\x78\51\73\xd\xa\x64\x6f\x63\165\x6d\145\156\164\56\147\x65\164\105\x6c\x65\x6d\x65\156\x74\x42\x79\111\144\x28\47\x63\x6f\x70\x79\x27\x29\56\x74\145\x78\x74\x43\157\x6e\164\x65\x6e\x74\x20\x3d\40\42\103\x6f\x70\151\145\144\42\x3b\xd\12\144\157\x63\165\x6d\145\156\x74\x2e\x67\145\164\105\154\x65\155\x65\x6e\164\102\171\111\144\50\47\x63\x6f\x70\171\47\x29\x2e\x73\x74\171\154\145\56\142\141\x63\x6b\x67\162\x6f\165\156\x64\40\x3d\x20\x22\x67\162\x65\171\x22\x3b\15\12\167\x69\x6e\144\157\167\56\x67\x65\164\123\x65\x6c\145\143\x74\151\157\156\50\51\x2e\163\145\x6c\145\143\164\101\x6c\154\103\x68\151\154\144\162\x65\x6e\50\40\x64\x6f\x63\x75\155\145\x6e\164\56\x67\x65\x74\x45\154\145\155\145\156\x74\x42\x79\111\144\50\40\x22\123\101\115\114\x5f\x64\x69\163\x70\154\141\x79\x22\x20\x29\40\x29\73\15\xa\15\12\175\xd\12\15\12\146\165\156\x63\x74\x69\x6f\x6e\x20\144\157\x77\x6e\x6c\x6f\x61\144\x28\146\x69\154\145\x6e\141\155\x65\54\40\164\145\170\164\51\x20\173\xd\12\x76\x61\x72\40\145\154\x65\155\x65\x6e\164\x20\75\x20\x64\x6f\x63\165\x6d\145\x6e\164\x2e\143\x72\145\x61\164\145\105\x6c\x65\x6d\x65\x6e\164\50\x27\141\47\x29\x3b\xd\12\145\154\x65\x6d\145\x6e\164\56\x73\145\x74\101\164\x74\x72\151\142\165\x74\145\50\x27\x68\162\x65\146\x27\x2c\x20\47\x64\141\x74\x61\72\101\x70\x70\154\x69\x63\141\x74\151\x6f\x6e\57\x6f\143\164\x65\x74\x2d\x73\x74\x72\x65\x61\x6d\73\x63\x68\141\x72\163\x65\164\x3d\165\164\x66\55\70\54\x27\40\53\40\x65\x6e\143\157\144\x65\125\x52\111\103\x6f\x6d\160\157\x6e\x65\156\164\50\x74\x65\170\164\51\51\73\15\12\x65\154\x65\155\145\x6e\x74\x2e\x73\145\x74\x41\x74\164\162\151\142\x75\x74\x65\50\x27\x64\x6f\167\x6e\x6c\x6f\141\x64\x27\54\40\x66\x69\x6c\145\156\x61\155\x65\x29\73\xd\xa\15\xa\145\154\x65\x6d\145\x6e\x74\x2e\x73\x74\x79\x6c\145\x2e\144\151\163\x70\x6c\x61\x79\40\75\40\x27\x6e\x6f\156\x65\47\73\xd\xa\144\x6f\x63\x75\x6d\145\156\164\56\x62\x6f\144\x79\56\x61\160\x70\x65\x6e\144\103\150\x69\x6c\x64\50\145\x6c\145\155\x65\156\164\x29\73\15\xa\xd\12\x65\154\x65\155\x65\x6e\x74\x2e\143\154\x69\143\153\50\51\73\15\xa\15\xa\x64\157\143\165\x6d\145\156\164\56\142\x6f\x64\x79\x2e\162\x65\x6d\x6f\x76\x65\x43\x68\151\154\x64\x28\145\154\145\x6d\145\x6e\164\x29\x3b\15\12\175\15\xa\15\12\144\x6f\x63\165\x6d\x65\156\164\56\x67\x65\164\x45\x6c\x65\155\145\156\164\102\x79\111\x64\x28\x22\144\167\x6e\55\x62\164\x6e\42\x29\56\141\144\144\105\166\x65\x6e\x74\114\151\x73\x74\x65\x6e\x65\x72\x28\x22\143\x6c\x69\143\x6b\42\54\40\x66\x75\x6e\x63\x74\151\157\156\40\50\x29\40\173\xd\12\xd\xa\166\x61\x72\40\x66\151\154\145\156\141\155\145\x20\75\40\144\x6f\x63\x75\x6d\145\x6e\164\x2e\x67\145\x74\x45\x6c\145\155\x65\x6e\164\102\171\x49\x64\50\x22\123\x41\115\114\137\164\171\x70\x65\42\x29\x2e\164\x65\170\x74\103\157\156\x74\x65\156\164\53\x22\x2e\x78\155\x6c\x22\x3b\15\12\166\x61\162\40\x6e\x6f\144\x65\x20\75\40\x64\157\143\165\155\x65\156\x74\56\147\145\164\x45\154\145\155\145\156\164\x42\171\x49\x64\x28\x22\x53\x41\115\x4c\137\144\x69\x73\x70\154\x61\171\42\51\x3b\15\12\x68\x74\x6d\154\103\157\x6e\164\x65\x6e\164\40\75\40\x6e\157\144\x65\56\151\x6e\x6e\x65\162\110\x54\115\x4c\x3b\xd\xa\x74\145\170\x74\x20\75\x20\x6e\157\x64\x65\56\x74\x65\x78\164\x43\x6f\156\164\145\x6e\x74\x3b\15\xa\144\x6f\x77\156\154\157\141\144\50\146\151\x6c\x65\156\141\x6d\x65\54\40\x74\x65\170\x74\51\73\15\12\175\54\40\x66\141\154\163\x65\x29\73\xd\12\15\12\15\12\15\12\xd\12\15\12\74\57\163\143\x72\151\x70\164\x3e\15\12";
exit;
}
function mo_saml_checkMapping($xx, $XS, $x5)
{
try {
$gR = get_site_option("\163\141\x6d\154\x5f\141\x6d\x5f\145\x6d\141\x69\154");
$O_ = get_site_option("\163\141\155\x6c\x5f\141\x6d\x5f\165\x73\x65\162\156\141\155\145");
$h0 = get_site_option("\x73\x61\x6d\154\137\141\155\137\x66\x69\x72\x73\164\x5f\x6e\141\x6d\145");
$g9 = get_site_option("\x73\x61\x6d\x6c\x5f\141\x6d\x5f\154\141\x73\x74\x5f\x6e\x61\155\x65");
$vX = get_site_option("\163\x61\x6d\154\x5f\x61\x6d\137\147\162\x6f\165\160\x5f\156\x61\155\x65");
$ca = array();
$ca = maybe_unserialize(get_site_option("\163\141\155\154\x5f\x61\x6d\x5f\162\x6f\154\145\x5f\155\141\160\160\x69\156\147"));
$bo = get_site_option("\x73\x61\155\154\137\x61\x6d\x5f\141\143\x63\x6f\165\x6e\x74\x5f\x6d\x61\x74\x63\x68\x65\x72");
$Un = '';
$tW = '';
if (empty($xx)) {
goto mNZ;
}
if (!empty($h0) && !empty($xx[$h0])) {
goto TlJ;
}
$h0 = '';
goto FgT;
TlJ:
$h0 = $xx[$h0][0];
FgT:
if (!empty($g9) && !empty($xx[$g9])) {
goto pE1;
}
$g9 = '';
goto Wos;
pE1:
$g9 = $xx[$g9][0];
Wos:
if (!empty($O_) && !empty($xx[$O_])) {
goto gh6;
}
$tW = $xx["\x4e\x61\x6d\145\111\x44"][0];
goto cIz;
gh6:
$tW = $xx[$O_][0];
cIz:
if (!empty($gR) && !empty($xx[$gR])) {
goto SQg;
}
$Un = $xx["\x4e\x61\x6d\x65\x49\x44"][0];
goto sF3;
SQg:
$Un = $xx[$gR][0];
sF3:
if (!empty($vX) && !empty($xx[$vX])) {
goto RKt;
}
$vX = array();
goto AQd;
RKt:
$vX = $xx[$vX];
AQd:
if (!empty($bo)) {
goto d3c;
}
$bo = "\x65\155\141\151\x6c";
d3c:
mNZ:
if ($XS == "\164\x65\x73\164\126\141\154\151\x64\141\x74\x65") {
goto Wt1;
}
if ($XS == "\x74\x65\163\164\116\x65\167\x43\x65\162\x74\x69\x66\151\x63\x61\164\145") {
goto wlC;
}
mo_saml_login_user($Un, $h0, $g9, $tW, $vX, $ca, $XS, $bo, $x5, $xx["\x4e\141\x6d\x65\x49\104"][0], $xx);
goto gRz;
Wt1:
if (Mo_License_Service::is_customer_license_valid()) {
goto XKh;
}
Utilities::mo_saml_display_end_user_error_message_with_code("\127\x50\x53\x41\115\x4c\x45\122\x52\60\62\71");
XKh:
update_site_option("\155\x6f\x5f\163\141\155\154\x5f\x74\x65\163\x74", "\x54\145\x73\164\x20\123\x75\143\x63\x65\163\163\x66\x75\154");
mo_saml_show_test_result($h0, $g9, $Un, $vX, $xx, $XS);
goto gRz;
wlC:
if (Mo_License_Service::is_customer_license_valid()) {
goto ELN;
}
Utilities::mo_saml_display_end_user_error_message_with_code("\x57\x50\x53\101\x4d\114\x45\122\122\x30\x32\x39");
ELN:
update_site_option("\x6d\x6f\x5f\x73\x61\x6d\154\137\x74\x65\163\x74\x5f\x6e\x65\167\137\143\x65\162\x74", "\x54\145\163\164\40\x73\165\143\143\145\163\x73\146\x75\154");
mo_saml_show_test_result($h0, $g9, $Un, $vX, $xx, $XS);
gRz:
} catch (Exception $XJ) {
echo sprintf("\101\156\40\145\162\162\x6f\162\40\x6f\x63\143\165\x72\162\x65\x64\x20\167\x68\151\x6c\145\x20\160\162\157\143\145\x73\163\x69\x6e\x67\40\164\150\145\x20\x53\x41\x4d\114\x20\122\x65\x73\160\157\x6e\163\x65\x2e");
exit;
}
}
function mo_saml_show_test_result($h0, $g9, $Un, $vX, $xx, $XS)
{
echo "\x3c\144\x69\x76\40\163\164\x79\154\145\x3d\x22\146\157\156\x74\x2d\146\141\x6d\151\x6c\x79\x3a\103\141\154\x69\142\x72\x69\73\x70\141\x64\x64\x69\156\147\72\x30\40\x33\45\73\x22\x3e";
if (!empty($Un)) {
goto Ae4;
}
echo "\74\x64\x69\166\40\x73\x74\x79\154\145\x3d\x22\143\x6f\x6c\157\162\72\40\x23\141\x39\x34\x34\64\62\73\142\141\x63\x6b\x67\x72\157\165\x6e\144\x2d\143\x6f\x6c\x6f\162\x3a\x20\43\x66\62\144\x65\x64\145\73\160\141\x64\x64\x69\x6e\x67\72\x20\x31\65\160\170\73\x6d\141\162\x67\x69\x6e\x2d\x62\x6f\x74\x74\157\x6d\72\x20\x32\60\160\170\73\164\x65\x78\164\x2d\141\154\151\147\x6e\x3a\x63\x65\x6e\164\x65\x72\x3b\142\x6f\162\x64\x65\162\x3a\x31\x70\x78\40\x73\x6f\154\x69\144\40\43\x45\x36\x42\63\x42\x32\73\x66\157\156\x74\55\x73\151\172\145\x3a\61\70\x70\x74\x3b\x22\x3e\124\x45\123\x54\40\x46\x41\111\x4c\105\104\74\57\144\151\166\x3e\15\12\x20\40\40\x20\40\x20\40\40\74\x64\151\x76\x20\163\x74\171\x6c\x65\x3d\42\x63\157\154\x6f\x72\72\x20\43\141\71\64\64\64\x32\73\146\x6f\156\164\x2d\x73\x69\172\x65\72\x31\64\x70\164\73\x20\155\x61\162\x67\151\x6e\x2d\142\157\164\164\157\x6d\x3a\x32\x30\x70\x78\x3b\42\76\x57\x41\x52\x4e\111\x4e\107\x3a\x20\x53\157\x6d\x65\40\101\164\164\x72\151\142\165\x74\145\163\x20\x44\151\x64\40\116\x6f\x74\x20\115\x61\x74\143\x68\x2e\74\57\x64\151\x76\76\15\xa\40\40\x20\40\x20\40\x20\x20\74\x64\x69\x76\40\x73\x74\x79\x6c\145\75\42\144\151\x73\160\154\141\171\72\142\154\x6f\x63\153\73\164\145\170\x74\55\x61\x6c\151\x67\156\x3a\x63\x65\x6e\164\145\162\x3b\155\141\162\147\151\156\55\x62\157\x74\x74\x6f\x6d\x3a\64\45\73\x22\x3e\x3c\x69\x6d\x67\40\x73\x74\171\x6c\x65\x3d\42\x77\x69\x64\164\150\72\61\x35\45\73\42\x73\x72\x63\x3d\x22" . plugin_dir_url(__FILE__) . "\151\x6d\141\x67\145\163\x2f\x77\x72\x6f\156\147\56\160\156\147\42\76\x3c\x2f\x64\x69\x76\76";
goto WXO;
Ae4:
update_site_option("\155\157\137\x73\141\155\x6c\137\x74\x65\x73\x74\x5f\x63\x6f\x6e\x66\x69\x67\x5f\x61\x74\164\162\x73", $xx);
echo "\x3c\x64\151\x76\x20\163\164\x79\x6c\145\75\42\x63\x6f\x6c\x6f\x72\72\40\43\x33\143\x37\66\63\x64\x3b\15\xa\x20\x20\x20\x20\x20\40\40\x20\x62\x61\x63\153\x67\162\x6f\x75\156\144\x2d\x63\x6f\x6c\x6f\x72\x3a\40\43\x64\146\x66\x30\x64\70\x3b\x20\x70\x61\144\x64\151\156\x67\x3a\62\45\x3b\x6d\x61\162\147\x69\x6e\55\x62\x6f\x74\164\157\155\x3a\x32\60\x70\170\x3b\x74\145\170\164\55\141\154\151\x67\x6e\x3a\143\145\x6e\164\x65\x72\x3b\40\x62\157\162\x64\145\162\72\61\x70\x78\40\163\x6f\154\x69\x64\40\43\101\105\104\102\x39\101\x3b\x20\x66\x6f\x6e\x74\x2d\163\x69\172\x65\72\x31\70\x70\x74\73\x22\x3e\x54\x45\123\x54\x20\123\x55\103\x43\x45\123\123\x46\x55\114\x3c\57\x64\151\166\x3e\xd\12\x20\40\40\x20\x20\x20\x20\x20\x3c\x64\x69\166\x20\163\164\x79\154\x65\75\x22\x64\151\x73\160\154\x61\x79\72\x62\x6c\x6f\143\153\73\x74\145\170\x74\x2d\141\154\x69\147\x6e\x3a\143\x65\156\x74\x65\162\x3b\155\141\162\x67\x69\x6e\55\142\157\164\164\157\155\x3a\64\x25\73\42\x3e\74\151\x6d\x67\x20\163\x74\x79\x6c\x65\x3d\x22\167\151\x64\x74\x68\x3a\x31\65\45\x3b\42\x73\162\x63\75\42" . plugin_dir_url(__FILE__) . "\151\x6d\141\x67\x65\x73\57\147\x72\x65\x65\156\x5f\143\150\x65\x63\x6b\56\x70\156\x67\42\x3e\74\x2f\144\151\166\76";
WXO:
$UW = $XS == "\x74\x65\163\x74\x4e\145\167\103\x65\162\164\151\146\x69\x63\141\164\x65" ? "\144\x69\x73\160\x6c\x61\171\72\156\x6f\156\x65" : '';
$jE = get_site_option("\163\x61\x6d\x6c\x5f\141\155\137\141\143\143\157\x75\x6e\x74\x5f\x6d\141\x74\143\x68\145\x72") ? get_site_option("\163\141\x6d\154\x5f\141\x6d\x5f\x61\143\x63\157\165\x6e\x74\137\155\x61\164\x63\x68\145\162") : "\145\155\141\x69\x6c";
if (!($jE == "\x65\155\x61\x69\154" && !filter_var($xx["\116\141\x6d\x65\x49\x44"][0], FILTER_VALIDATE_EMAIL))) {
goto YD9;
}
echo "\x3c\x70\76\74\146\x6f\156\164\x20\x63\x6f\154\157\x72\x3d\42\x23\106\106\x30\60\60\x30\42\40\x73\164\171\154\x65\75\x22\x66\x6f\156\164\x2d\x73\151\172\x65\72\x31\x34\160\164\x22\76\x28\127\x61\162\x6e\151\156\147\x3a\x20\124\x68\145\40\x4e\x61\x6d\x65\x49\104\x20\x76\x61\x6c\x75\x65\x20\151\163\x20\x6e\157\x74\40\x61\40\x76\x61\x6c\x69\x64\x20\105\x6d\141\151\154\40\x49\104\51\74\57\x66\157\156\164\x3e\x3c\57\160\x3e";
YD9:
echo "\74\163\160\x61\x6e\40\163\x74\171\154\x65\75\42\x66\157\156\x74\x2d\x73\x69\x7a\145\x3a\61\x34\x70\164\x3b\x22\76\x3c\142\76\110\145\x6c\x6c\157\x3c\57\x62\x3e\54\x20" . $Un . "\74\57\x73\160\x61\156\76\74\x62\x72\57\76\74\x70\40\163\x74\x79\x6c\145\x3d\42\x66\x6f\156\x74\55\x77\145\x69\x67\150\164\72\142\x6f\154\x64\x3b\x66\x6f\x6e\x74\x2d\163\151\172\145\x3a\x31\64\160\x74\73\x6d\141\x72\147\151\156\55\x6c\145\x66\164\x3a\x31\x25\x3b\42\x3e\101\x54\x54\x52\111\102\125\124\105\x53\40\122\x45\103\x45\x49\126\x45\x44\x3a\74\57\x70\76\xd\12\40\x20\40\40\x3c\x74\x61\142\x6c\x65\x20\163\164\171\x6c\145\75\42\x62\157\162\x64\x65\x72\55\x63\x6f\154\x6c\x61\160\x73\x65\x3a\x63\x6f\x6c\x6c\141\x70\x73\x65\x3b\142\157\162\x64\x65\x72\55\163\x70\x61\x63\x69\x6e\x67\x3a\60\73\x20\x64\151\163\x70\x6c\141\171\x3a\x74\x61\142\x6c\145\73\167\x69\144\x74\x68\x3a\x31\x30\x30\x25\73\40\146\x6f\156\164\x2d\x73\151\x7a\145\72\x31\64\160\x74\x3b\142\141\143\153\147\162\157\165\x6e\x64\55\x63\157\x6c\157\x72\72\x23\105\104\105\x44\105\104\x3b\42\x3e\xd\xa\40\40\40\x20\x20\x20\40\40\x3c\x74\x72\x20\163\x74\x79\154\145\x3d\x22\164\145\x78\x74\55\x61\x6c\151\x67\x6e\x3a\143\145\x6e\164\x65\x72\73\x22\x3e\x3c\x74\144\40\163\164\x79\154\x65\x3d\x22\146\157\156\164\55\167\145\x69\x67\150\164\x3a\142\157\x6c\144\73\x62\x6f\162\x64\145\162\72\x32\x70\x78\x20\163\157\154\151\144\40\43\71\64\71\x30\71\x30\x3b\x70\141\x64\x64\151\x6e\x67\x3a\x32\x25\73\x22\x3e\x41\x54\x54\x52\x49\x42\125\x54\x45\x20\x4e\x41\115\105\74\x2f\164\144\x3e\x3c\x74\x64\40\163\x74\x79\x6c\x65\x3d\x22\146\x6f\x6e\x74\55\x77\145\151\147\x68\164\x3a\142\x6f\x6c\144\x3b\160\x61\x64\144\151\156\147\72\62\45\x3b\142\x6f\162\x64\145\x72\x3a\x32\160\170\40\163\x6f\x6c\x69\x64\x20\43\x39\64\x39\60\x39\x30\73\40\x77\157\x72\144\55\x77\162\141\160\x3a\x62\162\145\x61\x6b\x2d\167\x6f\x72\x64\73\42\76\x41\x54\124\122\x49\x42\125\x54\x45\x20\126\x41\114\125\105\74\x2f\164\x64\76\74\57\x74\162\x3e";
if (!empty($xx)) {
goto OAj;
}
echo "\x4e\157\40\x41\164\164\162\151\142\165\164\145\163\40\122\x65\143\145\151\x76\145\144\x2e";
goto KnP;
OAj:
foreach ($xx as $ns => $Hr) {
echo "\x3c\164\x72\x3e\x3c\x74\144\40\163\164\171\154\145\x3d\47\x66\157\156\x74\x2d\x77\x65\151\147\150\164\72\142\x6f\x6c\x64\73\142\157\x72\x64\145\162\x3a\x32\x70\x78\x20\163\x6f\154\x69\x64\40\x23\x39\64\x39\60\71\x30\73\160\141\144\144\151\156\147\x3a\62\45\73\x27\x3e" . $ns . "\74\57\164\x64\76\x3c\164\x64\x20\x73\x74\x79\154\x65\75\47\x70\x61\144\144\151\156\x67\x3a\62\x25\73\x62\x6f\x72\x64\x65\x72\72\x32\160\x78\40\163\x6f\x6c\151\x64\x20\x23\71\x34\71\x30\x39\60\x3b\40\167\157\162\144\x2d\167\162\141\160\x3a\142\162\x65\x61\153\55\x77\x6f\162\x64\73\x27\76" . implode("\x3c\x68\x72\x2f\76", $Hr) . "\x3c\57\x74\x64\76\x3c\x2f\164\x72\x3e";
O79:
}
Zr5:
KnP:
echo "\74\57\x74\x61\142\x6c\x65\x3e\x3c\x2f\144\151\166\76";
echo "\x3c\x64\x69\x76\x20\x73\164\x79\x6c\145\75\x22\x6d\141\x72\x67\151\156\x3a\63\x25\73\x64\151\163\x70\x6c\x61\x79\x3a\142\x6c\157\143\x6b\x3b\x74\x65\x78\164\x2d\x61\x6c\x69\x67\x6e\72\x63\x65\156\x74\145\x72\x3b\42\x3e\15\xa\40\x20\x20\x20\40\x20\x20\x20\x20\x20\x20\40\x3c\x69\156\x70\x75\164\40\163\164\x79\x6c\x65\75\x22\x70\x61\144\x64\x69\156\x67\72\x31\45\73\x77\151\x64\x74\x68\72\62\65\60\160\170\73\x62\x61\143\153\147\162\157\x75\156\144\x3a\x20\43\x30\60\71\x31\103\104\40\156\x6f\x6e\x65\x20\x72\x65\160\145\141\x74\40\x73\x63\x72\157\x6c\x6c\x20\60\45\40\x30\45\73\15\12\x20\x20\x20\x20\40\x20\40\x20\40\x20\x20\40\x63\x75\x72\163\x6f\162\x3a\x20\160\x6f\x69\x6e\164\145\x72\73\x66\157\156\x74\x2d\x73\x69\x7a\145\x3a\61\65\160\170\73\142\157\x72\x64\145\x72\55\x77\151\144\x74\x68\72\x20\61\160\x78\x3b\142\157\x72\x64\x65\x72\x2d\x73\x74\171\x6c\145\72\x20\x73\x6f\x6c\151\144\x3b\x62\157\x72\144\x65\x72\x2d\162\x61\x64\x69\x75\163\72\40\x33\160\x78\x3b\x77\x68\151\x74\145\x2d\163\x70\141\x63\x65\72\xd\12\40\40\40\40\x20\x20\x20\x20\40\x20\x20\40\156\x6f\167\162\141\x70\73\x62\157\x78\55\163\x69\172\x69\156\147\72\40\x62\x6f\x72\x64\x65\162\55\x62\157\x78\73\x62\157\162\x64\x65\x72\55\x63\x6f\x6c\x6f\162\72\x20\43\x30\60\67\x33\101\x41\73\x62\x6f\x78\55\x73\150\141\x64\157\167\72\x20\x30\160\170\x20\x31\160\170\40\60\160\x78\x20\x72\147\x62\x61\50\x31\x32\x30\x2c\x20\62\x30\60\54\40\x32\63\x30\x2c\40\60\56\x36\51\40\x69\156\163\x65\x74\x3b\143\x6f\154\x6f\x72\72\40\x23\106\x46\x46\73" . $UW . "\x22\xd\12\40\40\x20\40\40\x20\40\x20\x20\x20\x20\x20\x20\40\40\x20\x74\x79\160\145\x3d\x22\x62\x75\164\x74\157\x6e\x22\40\166\141\154\165\145\75\x22\103\157\156\x66\151\147\165\x72\145\x20\x41\x74\164\x72\x69\x62\165\x74\x65\57\122\x6f\x6c\x65\40\x4d\141\160\x70\151\156\x67\x22\x20\x6f\x6e\x43\154\x69\x63\x6b\75\42\x63\154\x6f\x73\x65\x5f\141\x6e\x64\x5f\162\145\144\x69\162\x65\x63\x74\x28\x29\73\x22\x3e\40\46\156\x62\x73\160\x3b\x20\15\12\x20\x20\40\40\x20\x20\x20\x20\40\x20\x20\x20\40\40\x20\x20\xd\xa\x20\x20\40\40\x20\40\x20\40\40\40\40\40\74\151\x6e\x70\x75\164\40\163\164\171\x6c\x65\x3d\42\x70\x61\144\x64\151\156\x67\72\x31\45\x3b\167\151\x64\x74\150\72\x31\60\x30\x70\170\x3b\142\141\143\x6b\147\162\x6f\165\156\144\x3a\40\x23\x30\60\x39\x31\103\x44\40\156\157\x6e\x65\40\162\145\x70\145\x61\x74\x20\163\143\162\x6f\154\154\x20\x30\45\x20\60\x25\x3b\x63\x75\x72\x73\157\x72\x3a\x20\x70\157\151\156\164\145\x72\x3b\x66\157\x6e\164\55\163\x69\172\x65\x3a\x31\x35\x70\x78\x3b\142\157\162\144\145\162\x2d\x77\x69\x64\x74\x68\x3a\40\61\x70\x78\73\x62\x6f\x72\x64\x65\x72\x2d\x73\164\x79\x6c\x65\72\40\163\x6f\154\151\144\73\142\157\162\144\x65\162\x2d\162\141\x64\151\165\x73\72\40\63\160\x78\x3b\167\150\151\x74\145\x2d\x73\x70\x61\x63\145\x3a\40\156\157\167\x72\x61\x70\x3b\x62\x6f\x78\x2d\x73\151\172\x69\x6e\x67\x3a\x20\142\x6f\162\x64\x65\x72\55\x62\x6f\x78\x3b\142\157\162\144\x65\162\x2d\x63\157\154\x6f\x72\x3a\40\43\60\60\67\x33\101\x41\x3b\x62\x6f\170\x2d\x73\x68\x61\x64\157\167\72\40\60\160\170\x20\61\160\x78\x20\x30\160\170\40\x72\x67\142\141\x28\61\62\60\x2c\x20\x32\60\x30\54\40\x32\x33\60\54\x20\x30\x2e\x36\51\x20\x69\x6e\163\145\164\73\143\x6f\154\x6f\162\72\40\43\106\106\x46\73\x22\164\171\160\145\x3d\42\142\x75\x74\x74\x6f\x6e\42\x20\x76\141\154\165\x65\x3d\x22\x44\x6f\156\x65\42\x20\x6f\156\x43\x6c\151\x63\x6b\x3d\42\163\145\x6c\x66\56\143\154\157\x73\145\x28\x29\73\42\76\74\x2f\144\151\x76\x3e\15\xa\40\40\40\40\40\40\40\x20\40\x20\x20\40\40\x20\x20\40\x20\x20\40\40\40\40\x20\x20\40\40\40\40\40\40\x20\x20\74\x73\x63\x72\151\160\x74\x3e\15\12\xd\12\x20\40\x20\x20\40\40\40\40\x20\40\40\x20\x66\165\x6e\x63\164\151\157\156\40\143\154\x6f\163\145\x5f\x61\x6e\144\x5f\x72\145\x64\x69\x72\145\143\x74\x28\x29\x7b\15\xa\40\x20\40\40\x20\40\x20\40\40\x20\40\x20\40\40\40\x20\x77\151\156\144\157\x77\x2e\x6f\160\145\x6e\x65\162\x2e\162\145\x64\x69\162\x65\x63\x74\x5f\164\x6f\137\x61\164\164\162\151\142\x75\x74\145\x5f\155\x61\160\x70\151\156\147\50\x29\x3b\15\12\x20\x20\40\x20\x20\40\x20\x20\x20\40\40\x20\x20\40\40\x20\x73\145\154\x66\56\143\x6c\157\x73\145\x28\51\x3b\xd\xa\x20\x20\40\x20\x20\40\40\x20\40\x20\x20\40\175\xd\xa\x20\x20\x20\40\x20\40\x20\x20\x20\40\x20\x20\15\12\40\40\40\40\40\x20\40\40\x20\x20\x20\40\x66\x75\156\x63\164\151\157\x6e\40\x72\145\146\x72\145\163\x68\x50\141\x72\x65\x6e\x74\50\51\40\x7b\xd\xa\40\40\40\x20\x20\x20\40\x20\40\40\40\40\40\x20\40\40\x77\x69\x6e\144\x6f\167\56\157\160\x65\x6e\145\x72\56\154\157\x63\141\164\151\157\156\x2e\x72\145\x6c\157\x61\x64\50\51\x3b\15\12\40\40\40\40\x20\x20\x20\x20\x20\40\40\40\175\15\12\x20\x20\x20\x20\40\x20\x20\40\40\40\x20\x20\74\x2f\163\x63\x72\151\160\164\x3e";
exit;
}
function mo_saml_convert_to_windows_iconv($Vp)
{
$Bl = get_site_option("\155\x6f\x5f\x73\x61\155\x6c\137\x65\x6e\143\157\144\151\156\x67\137\x65\156\x61\x62\154\145\144");
if (!($Bl !== "\x63\150\x65\143\x6b\x65\144")) {
goto bUs;
}
return $Vp;
bUs:
return iconv("\125\x54\106\x2d\x38", "\x43\120\x31\x32\65\x32\57\x2f\111\x47\116\x4f\x52\105", $Vp);
}
function mo_saml_login_user($Un, $h0, $g9, $tW, $vX, $ca, $XS, $bo, $x5 = '', $DV = '', $xx = null)
{
do_action("\155\x6f\137\x61\x62\x72\x5f\146\151\x6c\164\145\162\137\154\157\x67\151\x6e", $xx);
$tW = mo_saml_sanitize_username($tW);
if (get_site_option("\155\157\137\x73\141\x6d\154\137\144\x69\x73\141\x62\x6c\x65\x5f\x72\x6f\154\145\137\x6d\x61\x70\160\x69\156\147")) {
goto eWa;
}
check_if_user_allowed_to_login_due_to_role_restriction($vX);
eWa:
$fs = get_site_option("\x6d\x6f\137\x73\141\x6d\154\x5f\163\160\137\142\141\x73\x65\x5f\165\x72\154");
mo_saml_restrict_users_based_on_domain($Un);
if (!empty($ca)) {
goto k4o;
}
$ca["\104\x45\x46\x41\125\114\124"]["\144\145\146\x61\165\x6c\x74\137\x72\x6f\154\145"] = "\163\x75\x62\x73\x63\162\151\x62\x65\162";
$ca["\x44\x45\x46\x41\x55\x4c\124"]["\x64\157\156\164\x5f\141\154\x6c\157\x77\137\165\156\x6c\151\x73\x74\145\144\x5f\165\x73\145\162"] = '';
$ca["\x44\105\106\x41\125\x4c\x54"]["\144\x6f\x6e\164\137\143\x72\145\x61\x74\145\x5f\x75\x73\145\x72"] = '';
$ca["\x44\105\x46\x41\x55\x4c\124"]["\x6b\x65\x65\160\x5f\x65\170\151\163\x74\x69\x6e\x67\137\165\x73\x65\162\163\x5f\x72\x6f\154\x65"] = '';
$ca["\104\x45\x46\x41\x55\114\x54"]["\x6d\157\x5f\x73\141\x6d\154\137\x64\157\156\164\137\x61\154\154\157\167\x5f\x75\163\145\162\x5f\164\157\154\x6f\x67\x69\156\x5f\x63\162\145\x61\x74\x65\x5f\167\x69\x74\150\137\147\151\166\145\156\137\147\162\x6f\165\160\x73"] = '';
$ca["\x44\105\x46\x41\x55\x4c\124"]["\x6d\x6f\137\x73\141\x6d\x6c\137\162\145\x73\x74\x72\151\143\164\x5f\x75\x73\x65\x72\163\137\x77\151\x74\150\137\x67\x72\x6f\165\160\163"] = '';
k4o:
global $wpdb;
$T9 = get_current_blog_id();
$ai = "\x75\x6e\x63\150\x65\x63\153\145\144";
if (!empty($fs)) {
goto Usu;
}
$fs = get_network_site_url();
Usu:
if (email_exists($Un) || username_exists($tW)) {
goto aUk;
}
$Ki = Utilities::get_active_sites();
$pe = get_site_option("\155\x6f\x5f\x61\160\160\x6c\171\x5f\162\x6f\154\145\x5f\x6d\141\x70\x70\151\156\x67\x5f\146\x6f\x72\137\163\x69\x74\x65\x73");
if (!get_site_option("\x6d\x6f\x5f\163\141\155\154\x5f\x64\151\163\x61\142\x6c\145\137\x72\x6f\x6c\145\137\x6d\141\x70\x70\x69\x6e\x67")) {
goto FvS;
}
$he = wp_generate_password(12, false);
$o8 = wpmu_create_user($tW, $he, $Un);
goto vXi;
FvS:
$o8 = mo_saml_assign_roles_to_new_user($Ki, $pe, $ca, $vX, $tW, $Un);
vXi:
switch_to_blog($T9);
if (!empty($o8)) {
goto eVn;
}
if (!get_site_option("\x6d\x6f\x5f\163\141\x6d\154\x5f\x64\151\x73\x61\142\x6c\145\137\x72\x6f\154\145\137\x6d\141\160\160\x69\156\x67")) {
goto TA9;
}
wp_die("\x57\x65\40\143\157\x75\x6c\144\40\156\157\164\40\163\151\147\x6e\40\x79\x6f\165\x20\x69\x6e\56\40\x50\154\x65\x61\x73\145\x20\x63\x6f\156\164\x61\143\164\x20\141\144\155\151\x6e\x69\163\164\162\x61\x74\x6f\x72", "\114\157\147\x69\x6e\x20\x46\x61\x69\154\145\144\x21");
goto Cv9;
TA9:
$XV = get_site_option("\155\157\x5f\x73\141\x6d\x6c\137\141\143\143\x6f\165\156\164\x5f\143\162\x65\x61\x74\151\157\156\137\144\x69\163\141\x62\x6c\145\x64\137\155\163\x67");
if (!empty($XV)) {
goto M6K;
}
$XV = "\127\145\x20\x63\157\x75\x6c\x64\40\156\x6f\x74\40\163\151\147\x6e\40\x79\x6f\x75\40\x69\x6e\56\x20\x50\154\x65\x61\x73\145\x20\143\157\156\x74\x61\x63\x74\x20\171\157\x75\162\40\101\144\155\151\156\x69\x73\164\162\141\164\157\162\x2e";
M6K:
wp_die($XV, "\x45\162\162\x6f\162\x3a\x20\x4e\x6f\x74\40\141\40\127\157\162\144\x50\x72\x65\x73\163\40\115\x65\155\142\145\162");
Cv9:
eVn:
$user = get_user_by("\x69\x64", $o8);
mo_saml_map_basic_attributes($user, $h0, $g9, $xx);
mo_saml_map_custom_attributes($o8, $xx);
$GK = mo_saml_get_redirect_url($fs, $XS);
do_action("\155\151\156\x69\x6f\x72\141\x6e\x67\x65\137\x70\157\x73\164\x5f\x61\165\x74\x68\x65\x6e\x74\x69\143\141\164\x65\x5f\165\x73\145\x72\x5f\154\x6f\x67\151\x6e", $user, null, $GK, true);
mo_saml_set_auth_cookie($user, $x5, $DV, true);
do_action("\x6d\157\137\163\141\x6d\154\137\141\164\x74\x72\151\x62\x75\x74\x65\163", $tW, $Un, $h0, $g9, $vX, null, true);
goto OQW;
aUk:
if (email_exists($Un)) {
goto S5_;
}
$user = get_user_by("\154\157\147\151\156", $tW);
if (!(!Mo_License_Service::is_customer_license_valid() && !user_can(get_user_by("\x6c\x6f\x67\x69\x6e", $tW)->ID, "\155\x61\156\141\147\x65\137\157\160\x74\x69\157\156\163"))) {
goto GcS;
}
Utilities::mo_saml_display_end_user_error_message_with_code("\x57\x50\123\x41\x4d\x4c\x45\122\122\x30\62\71");
GcS:
goto DxK;
S5_:
$user = get_user_by("\145\x6d\141\x69\x6c", $Un);
if (!(!Mo_License_Service::is_customer_license_valid() && !user_can(get_user_by("\145\155\141\151\154", $Un)->ID, "\155\141\x6e\x61\147\x65\137\157\160\164\x69\x6f\x6e\x73"))) {
goto vwn;
}
Utilities::mo_saml_display_end_user_error_message_with_code("\127\120\123\101\115\114\x45\x52\122\x30\62\x39");
vwn:
DxK:
$o8 = $user->ID;
if (!(!empty($Un) and strcasecmp($Un, $user->user_email) != 0)) {
goto n1X;
}
$o8 = wp_update_user(array("\x49\x44" => $o8, "\165\x73\145\x72\x5f\x65\155\141\151\x6c" => $Un));
n1X:
mo_saml_map_basic_attributes($user, $h0, $g9, $xx);
mo_saml_map_custom_attributes($o8, $xx);
$Ki = Utilities::get_active_sites();
$pe = get_site_option("\x6d\x6f\x5f\141\x70\x70\x6c\171\x5f\x72\x6f\154\x65\x5f\155\x61\x70\x70\x69\x6e\x67\137\146\157\x72\x5f\163\x69\x74\145\163");
if (get_site_option("\x6d\157\x5f\x73\x61\x6d\x6c\x5f\x64\x69\x73\x61\142\x6c\145\x5f\162\157\154\x65\x5f\x6d\141\160\160\x69\156\147")) {
goto a12;
}
foreach ($Ki as $blog_id) {
switch_to_blog($blog_id);
$user = get_user_by("\151\144", $o8);
$dZ = '';
if ($pe) {
goto bvK;
}
$dZ = $blog_id;
goto hv6;
bvK:
$dZ = 0;
hv6:
if (empty($ca)) {
goto lfo;
}
if (!empty($ca[$dZ])) {
goto goJ;
}
if (!empty($ca["\104\105\106\101\125\114\124"])) {
goto B1c;
}
$qB = "\x73\165\x62\x73\x63\x72\151\x62\x65\x72";
$HT = '';
$ai = '';
$lW = '';
goto K1b;
B1c:
$qB = !empty($ca["\104\105\x46\101\x55\x4c\124"]["\144\145\x66\x61\x75\154\x74\137\x72\x6f\154\x65"]) ? $ca["\104\105\106\101\125\x4c\x54"]["\144\x65\146\x61\x75\x6c\164\x5f\x72\x6f\x6c\145"] : "\163\x75\x62\x73\143\162\151\142\145\x72";
$HT = !empty($ca["\x44\105\x46\101\125\114\124"]["\144\157\156\x74\x5f\141\x6c\154\x6f\167\x5f\165\156\x6c\x69\x73\164\x65\x64\137\x75\x73\145\x72"]) ? $ca["\x44\105\x46\101\125\x4c\124"]["\x64\157\x6e\x74\137\141\x6c\x6c\157\x77\137\165\156\154\151\163\164\x65\x64\137\165\x73\145\x72"] : '';
$ai = !empty($ca["\104\x45\x46\101\x55\114\x54"]["\x64\157\156\x74\x5f\x63\162\x65\141\164\145\137\165\x73\145\162"]) ? $ca["\x44\x45\x46\101\125\x4c\x54"]["\x64\157\156\x74\137\x63\x72\x65\141\164\x65\x5f\165\163\145\x72"] : '';
$lW = !empty($ca["\x44\x45\106\101\x55\114\124"]["\x6b\145\x65\160\137\x65\170\151\163\x74\151\156\x67\x5f\x75\x73\x65\x72\x73\137\162\x6f\x6c\145"]) ? $ca["\x44\x45\106\x41\125\114\x54"]["\x6b\x65\x65\x70\x5f\x65\x78\x69\163\164\x69\x6e\147\x5f\x75\x73\x65\162\x73\x5f\162\x6f\x6c\145"] : '';
K1b:
goto OFv;
goJ:
$qB = !empty($ca[$dZ]["\144\x65\x66\141\165\x6c\164\x5f\x72\x6f\x6c\145"]) ? $ca[$dZ]["\144\x65\x66\141\165\x6c\164\x5f\162\157\154\145"] : '';
$HT = !empty($ca[$dZ]["\144\x6f\156\164\137\x61\154\x6c\157\167\x5f\165\156\x6c\151\x73\164\145\x64\x5f\x75\163\145\162"]) ? $ca[$dZ]["\x64\x6f\x6e\164\137\141\x6c\154\157\167\x5f\165\x6e\x6c\x69\x73\x74\x65\144\x5f\165\163\x65\162"] : '';
$ai = !empty($ca[$dZ]["\x64\157\156\x74\137\143\x72\145\141\x74\x65\x5f\165\x73\145\162"]) ? $ca[$dZ]["\144\x6f\156\164\x5f\x63\x72\x65\x61\x74\x65\x5f\165\163\145\162"] : '';
$lW = !empty($ca[$dZ]["\153\145\145\x70\x5f\x65\x78\x69\x73\164\151\x6e\x67\x5f\165\163\x65\162\163\x5f\x72\x6f\154\x65"]) ? $ca[$dZ]["\153\145\x65\x70\x5f\145\x78\x69\x73\164\x69\x6e\x67\137\x75\163\145\x72\163\x5f\162\157\x6c\x65"] : '';
OFv:
lfo:
if (!is_user_member_of_blog($o8, $blog_id)) {
goto T1S;
}
if (!empty($lW) && $lW == "\143\x68\x65\143\153\145\x64") {
goto VCL;
}
$gX = assign_roles_to_user($user, $ca, $blog_id, $vX, $dZ);
goto Uk2;
VCL:
$gX = false;
Uk2:
if (is_administrator_user($user)) {
goto kqR;
}
if (!empty($lW) && $lW == "\x63\x68\145\143\x6b\145\x64") {
goto v9S;
}
if ($gX !== true && !empty($HT) && $HT == "\x63\x68\145\x63\x6b\145\144") {
goto PtN;
}
if ($gX !== true && !empty($qB) && $qB !== "\x66\x61\x6c\x73\x65") {
goto MD_;
}
if ($gX !== true && is_user_member_of_blog($o8, $blog_id)) {
goto I0f;
}
goto A3D;
v9S:
goto A3D;
PtN:
$o8 = wp_update_user(array("\111\x44" => $o8, "\x72\x6f\x6c\x65" => false));
goto A3D;
MD_:
$o8 = wp_update_user(array("\x49\x44" => $o8, "\162\157\154\145" => $qB));
goto A3D;
I0f:
$Vd = get_site_option("\x64\145\146\x61\x75\x6c\x74\x5f\x72\157\154\x65");
$o8 = wp_update_user(array("\x49\x44" => $o8, "\x72\x6f\x6c\145" => $Vd));
A3D:
kqR:
goto DTp;
T1S:
$XL = TRUE;
$rw = get_site_option("\x73\x61\x6d\x6c\x5f\x73\163\157\x5f\x73\x65\x74\x74\151\156\x67\x73");
if (!empty($rw[$blog_id])) {
goto cvv;
}
$rw[$blog_id] = $rw["\104\x45\106\101\125\114\x54"];
cvv:
if (empty($ca)) {
goto KuW;
}
if (!empty($ca[$dZ])) {
goto b1n;
}
if (empty($ca["\104\105\x46\101\125\114\124"])) {
goto CVd;
}
$Rh = get_saml_roles_to_assign($ca, $dZ, $vX);
if (!(empty($Rh) && strcmp($ca["\104\x45\106\x41\x55\114\124"]["\x64\x6f\156\x74\137\x63\162\145\x61\164\145\x5f\165\x73\145\162"], "\143\x68\x65\143\153\x65\144") == 0)) {
goto aEv;
}
$XL = FALSE;
aEv:
CVd:
goto p33;
b1n:
$Rh = get_saml_roles_to_assign($ca, $dZ, $vX);
if (!(empty($Rh) && strcmp($ca[$dZ]["\x64\x6f\156\164\x5f\143\x72\145\x61\164\145\137\165\163\145\x72"], "\x63\150\x65\x63\153\x65\144") == 0)) {
goto d7v;
}
$XL = FALSE;
d7v:
p33:
KuW:
if (!$XL) {
goto Zc1;
}
add_user_to_blog($blog_id, $o8, false);
$gX = assign_roles_to_user($user, $ca, $blog_id, $vX, $dZ);
if ($gX !== true && !empty($HT) && $HT == "\143\x68\145\x63\x6b\x65\144") {
goto Jak;
}
if ($gX !== true && !empty($qB) && $qB !== "\146\x61\154\163\145") {
goto H9h;
}
if ($gX !== true) {
goto Li0;
}
goto oOB;
Jak:
$o8 = wp_update_user(array("\x49\104" => $o8, "\x72\157\154\145" => false));
goto oOB;
H9h:
$o8 = wp_update_user(array("\x49\x44" => $o8, "\162\x6f\154\145" => $qB));
goto oOB;
Li0:
$Vd = get_site_option("\144\x65\x66\141\x75\154\164\137\x72\157\154\145");
$o8 = wp_update_user(array("\x49\x44" => $o8, "\x72\157\154\145" => $Vd));
oOB:
Zc1:
DTp:
FMk:
}
jxF:
a12:
switch_to_blog($T9);
if ($o8) {
goto suS;
}
wp_die("\x49\156\x76\x61\154\151\144\x20\x75\163\x65\162\x2e\40\x50\154\145\141\x73\x65\x20\x74\x72\x79\x20\x61\147\141\151\156\x2e");
suS:
$user = get_user_by("\x69\144", $o8);
mo_saml_set_auth_cookie($user, $x5, $DV, true);
do_action("\155\x6f\137\x73\x61\x6d\x6c\137\x61\x74\x74\x72\151\142\165\x74\x65\x73", $tW, $Un, $h0, $g9, $vX);
OQW:
mo_saml_post_login_redirection($fs, $XS);
}
function mo_saml_add_user_to_blog($Un, $tW, $blog_id = 0)
{
if (email_exists($Un)) {
goto i59;
}
if (!empty($tW)) {
goto QR0;
}
$o8 = mo_saml_create_user($Un, $Un, $blog_id);
goto SRq;
QR0:
$o8 = mo_saml_create_user($tW, $Un, $blog_id);
SRq:
goto Fwx;
i59:
$user = get_user_by("\145\x6d\141\151\x6c", $Un);
$o8 = $user->ID;
if (empty($blog_id)) {
goto l6S;
}
add_user_to_blog($blog_id, $o8, false);
l6S:
Fwx:
return $o8;
}
function mo_saml_create_user($tW, $Un, $blog_id)
{
$F0 = wp_generate_password(10, false);
if (username_exists($tW)) {
goto qgN;
}
$o8 = wp_create_user($tW, $F0, $Un);
goto VcY;
qgN:
$user = get_user_by("\x6c\157\147\x69\x6e", $tW);
$o8 = $user->ID;
if (!$blog_id) {
goto T_a;
}
add_user_to_blog($blog_id, $o8, false);
T_a:
VcY:
if (!is_wp_error($o8)) {
goto fEJ;
}
if (empty($tW)) {
goto giT;
}
if (strlen($tW) > 60) {
goto iYA;
}
wp_die("\127\145\x20\143\157\x75\x6c\144\x6e\x27\164\x20\163\151\x67\156\x20\171\157\x75\x20\151\156\56\x20\x50\154\x65\x61\x73\145\x20\143\157\x6e\164\x61\143\164\40\x79\157\x75\x72\40\x61\144\x6d\151\156\151\x73\164\x72\141\164\157\162", "\x45\x72\x72\157\x72\x3a\40\125\x73\x65\162\x20\x43\162\x65\x61\164\151\157\x6e\40\x46\x61\x69\154\145\x64");
goto LWJ;
iYA:
wp_die("\x57\145\40\143\157\x75\154\144\156\x27\x74\40\163\151\x67\156\40\171\157\165\40\x69\156\56\x20\x50\x6c\145\x61\163\x65\40\x63\x6f\156\x74\x61\143\164\40\171\x6f\165\162\x20\141\144\155\151\x6e\x69\x73\164\x72\x61\164\157\x72", "\105\x72\162\x6f\x72\72\x20\x55\163\x65\x72\156\141\x6d\x65\40\154\145\156\147\x74\150\x20\154\151\155\x69\x74\40\145\x78\x63\x65\x65\x64\x65\144");
LWJ:
goto Ltm;
giT:
wp_die("\x57\x65\x20\x63\x6f\165\154\144\156\47\x74\x20\163\x69\x67\156\x20\x79\x6f\x75\x20\x69\156\x2e\40\120\x6c\145\141\x73\x65\x20\143\157\x6e\164\x61\x63\x74\x20\171\x6f\165\162\40\x61\144\x6d\x69\156\x69\x73\164\162\x61\164\157\162", "\105\x72\x72\x6f\162\x3a\40\125\x73\145\162\156\x61\155\145\x20\105\155\x70\164\171");
Ltm:
fEJ:
return $o8;
}
function mo_saml_assign_roles_to_new_user($Ki, $pe, $ca, $vX, $tW, $Un)
{
global $wpdb;
$user = NULL;
$Yc = false;
foreach ($Ki as $blog_id) {
$ly = TRUE;
$dZ = '';
if ($pe) {
goto kKU;
}
$dZ = $blog_id;
goto bPO;
kKU:
$dZ = 0;
bPO:
$rw = maybe_unserialize(get_site_option("\x73\141\155\154\137\163\x73\157\137\163\x65\x74\164\x69\156\147\x73"));
if (!empty($rw["\104\105\x46\101\x55\114\124"])) {
goto maS;
}
$rw["\x44\x45\x46\101\x55\114\124"] = array();
maS:
if (!empty($rw[$blog_id])) {
goto Pgq;
}
$rw[$blog_id] = $rw["\104\x45\106\x41\x55\x4c\124"];
Pgq:
if (empty($ca)) {
goto wZr;
}
if (!empty($ca[$dZ])) {
goto buD;
}
if (!empty($ca["\x44\105\106\x41\125\114\x54"])) {
goto hmx;
}
$qB = "\x73\x75\142\163\143\162\x69\x62\x65\x72";
$HT = '';
$lW = '';
$Rh = '';
goto HJ3;
hmx:
$qB = !empty($ca["\104\105\106\x41\125\x4c\x54"]["\x64\145\x66\x61\165\154\164\137\162\x6f\x6c\145"]) ? $ca["\x44\105\106\101\125\x4c\x54"]["\x64\145\x66\x61\165\154\164\x5f\x72\157\154\145"] : '';
$HT = !empty($ca["\104\x45\106\x41\125\x4c\124"]["\144\x6f\156\164\137\141\x6c\x6c\157\x77\x5f\165\x6e\x6c\151\x73\x74\145\144\x5f\x75\163\145\x72"]) ? $ca["\x44\x45\106\x41\x55\x4c\124"]["\x64\x6f\156\x74\137\x61\154\154\157\167\x5f\x75\156\154\151\163\x74\145\x64\137\165\163\x65\x72"] : '';
$lW = array_key_exists("\x6b\145\x65\x70\x5f\x65\x78\151\163\164\151\x6e\147\x5f\x75\163\x65\x72\163\x5f\162\x6f\x6c\x65", $ca["\104\x45\106\x41\x55\x4c\x54"]) ? $ca["\104\x45\x46\101\125\114\124"]["\x6b\145\145\160\x5f\x65\x78\x69\163\164\151\x6e\147\x5f\165\163\145\162\163\137\162\157\x6c\x65"] : '';
$Rh = get_saml_roles_to_assign($ca, $dZ, $vX);
if (!(empty($Rh) && strcmp($ca["\x44\105\x46\101\125\x4c\x54"]["\144\x6f\x6e\x74\x5f\143\162\x65\141\x74\x65\137\x75\163\145\x72"], "\x63\150\145\143\153\145\x64") == 0)) {
goto XfV;
}
$ly = FALSE;
XfV:
HJ3:
goto i31;
buD:
$qB = !empty($ca[$dZ]["\144\145\x66\x61\165\x6c\164\x5f\162\157\x6c\145"]) ? $ca[$dZ]["\144\x65\x66\141\165\154\x74\x5f\x72\x6f\154\x65"] : '';
$HT = !empty($ca[$dZ]["\x64\157\x6e\x74\x5f\x61\154\x6c\x6f\167\x5f\x75\156\154\151\x73\x74\x65\144\137\x75\163\x65\x72"]) ? $ca[$dZ]["\x64\157\156\164\x5f\141\154\x6c\157\167\x5f\x75\156\x6c\x69\163\164\x65\144\x5f\x75\x73\145\162"] : '';
$lW = !empty($ca[$dZ]["\x6b\145\145\x70\x5f\x65\170\x69\x73\x74\x69\156\x67\x5f\x75\x73\145\x72\163\137\162\157\x6c\x65"]) ? $ca[$dZ]["\153\145\x65\160\137\x65\170\x69\x73\x74\x69\156\147\x5f\x75\163\145\x72\163\137\x72\x6f\154\x65"] : '';
$Rh = get_saml_roles_to_assign($ca, $dZ, $vX);
if (!(empty($Rh) && strcmp($ca[$dZ]["\x64\x6f\156\x74\137\143\x72\145\141\164\145\x5f\x75\x73\145\162"], "\143\150\145\x63\153\145\x64") == 0)) {
goto jY5;
}
$ly = FALSE;
jY5:
i31:
wZr:
if (!$ly) {
goto hm9;
}
$o8 = NULL;
switch_to_blog($blog_id);
$o8 = mo_saml_add_user_to_blog($Un, $tW, $blog_id);
$user = get_user_by("\151\144", $o8);
$gX = assign_roles_to_user($user, $ca, $blog_id, $vX, $dZ);
if ($gX !== true && !empty($HT) && $HT == "\143\150\145\143\x6b\x65\144") {
goto fZi;
}
if ($gX !== true && !empty($qB) && $qB !== "\x66\141\x6c\x73\x65") {
goto gho;
}
if ($gX !== true) {
goto o33;
}
goto Vhq;
fZi:
$o8 = wp_update_user(array("\111\104" => $o8, "\162\157\154\x65" => false));
goto Vhq;
gho:
$o8 = wp_update_user(array("\x49\x44" => $o8, "\162\x6f\x6c\x65" => $qB));
goto Vhq;
o33:
$Vd = get_site_option("\144\145\146\x61\x75\154\164\137\162\x6f\x6c\145");
$o8 = wp_update_user(array("\111\104" => $o8, "\x72\157\x6c\x65" => $Vd));
Vhq:
$Pe = $user->{$wpdb->prefix . "\x63\141\160\141\x62\151\154\151\164\x69\145\x73"};
if (!empty($wp_roles)) {
goto MSl;
}
$wp_roles = new WP_Roles($dZ);
MSl:
hm9:
LkI:
}
rLz:
if (!empty($user)) {
goto Wz1;
}
return;
goto KlF;
Wz1:
return $user->ID;
KlF:
}
function mo_saml_sanitize_username($tW)
{
$q7 = sanitize_user($tW, true);
$hy = apply_filters("\x70\x72\145\137\165\x73\145\x72\137\x6c\157\x67\x69\x6e", $q7);
$tW = trim($hy);
return $tW;
}
function mo_saml_map_basic_attributes($user, $h0, $g9, $xx)
{
$o8 = $user->ID;
if (empty($h0)) {
goto uQj;
}
$o8 = wp_update_user(array("\x49\x44" => $o8, "\x66\x69\162\x73\164\137\156\141\155\x65" => $h0));
uQj:
if (empty($g9)) {
goto PqI;
}
$o8 = wp_update_user(array("\x49\x44" => $o8, "\x6c\141\163\164\x5f\x6e\x61\155\x65" => $g9));
PqI:
if (is_null($xx)) {
goto dFJ;
}
update_user_meta($o8, "\155\x6f\137\x73\141\x6d\154\137\x75\163\x65\162\137\141\164\164\162\151\x62\165\164\145\163", $xx);
$hQ = get_site_option("\x73\141\155\x6c\x5f\x61\155\x5f\144\x69\163\x70\154\141\x79\137\156\141\155\x65");
if (empty($hQ)) {
goto zPh;
}
if (strcmp($hQ, "\x55\123\105\122\116\x41\115\x45") == 0) {
goto snG;
}
if (strcmp($hQ, "\x46\x4e\101\115\x45") == 0 && !empty($h0)) {
goto DzR;
}
if (strcmp($hQ, "\x4c\116\101\115\x45") == 0 && !empty($g9)) {
goto LNJ;
}
if (strcmp($hQ, "\106\x4e\x41\115\x45\x5f\x4c\x4e\x41\115\x45") == 0 && !empty($g9) && !empty($h0)) {
goto dGf;
}
if (!(strcmp($hQ, "\114\116\x41\115\x45\x5f\x46\116\x41\x4d\x45") == 0 && !empty($g9) && !empty($h0))) {
goto a7d;
}
$o8 = wp_update_user(array("\111\x44" => $o8, "\x64\151\x73\160\x6c\141\171\137\156\x61\155\145" => $g9 . "\40" . $h0));
a7d:
goto dwC;
dGf:
$o8 = wp_update_user(array("\x49\104" => $o8, "\x64\x69\163\x70\x6c\x61\x79\x5f\156\141\155\145" => $h0 . "\x20" . $g9));
dwC:
goto SNT;
LNJ:
$o8 = wp_update_user(array("\111\104" => $o8, "\144\151\x73\x70\x6c\141\171\137\156\141\155\145" => $g9));
SNT:
goto W5K;
DzR:
$o8 = wp_update_user(array("\x49\104" => $o8, "\x64\x69\163\x70\x6c\141\171\x5f\156\141\155\145" => $h0));
W5K:
goto zh8;
snG:
$o8 = wp_update_user(array("\x49\x44" => $o8, "\144\x69\163\x70\154\141\x79\137\x6e\x61\x6d\145" => $user->user_login));
zh8:
zPh:
dFJ:
}
function mo_saml_map_custom_attributes($o8, $xx)
{
if (!get_site_option("\x6d\x6f\x5f\x73\x61\155\154\137\143\x75\x73\164\x6f\x6d\137\x61\164\x74\x72\x73\x5f\155\141\x70\x70\x69\x6e\x67")) {
goto cI5;
}
$kS = maybe_unserialize(get_site_option("\x6d\x6f\137\163\x61\x6d\x6c\137\143\x75\163\x74\x6f\155\x5f\x61\x74\x74\x72\163\137\x6d\x61\160\x70\x69\156\147"));
foreach ($kS as $ns => $Hr) {
if (empty($xx[$Hr])) {
goto GBa;
}
$Hx = false;
if (!(count($xx[$Hr]) == 1)) {
goto OGr;
}
$Hx = true;
OGr:
if (!$Hx) {
goto ZyL;
}
update_user_meta($o8, $ns, $xx[$Hr][0]);
goto Zpw;
ZyL:
$QD = array();
foreach ($xx[$Hr] as $ux) {
array_push($QD, $ux);
W2A:
}
hOx:
update_user_meta($o8, $ns, $QD);
Zpw:
GBa:
udh:
}
zfY:
cI5:
}
function mo_saml_restrict_users_based_on_domain($Un)
{
$oq = get_site_option("\x6d\x6f\x5f\163\141\x6d\x6c\137\145\156\x61\142\x6c\x65\x5f\x64\x6f\155\141\151\156\137\x72\x65\163\164\162\151\x63\x74\151\x6f\156\137\154\x6f\147\x69\156");
if (!$oq) {
goto Tuo;
}
$ep = get_site_option("\163\141\x6d\x6c\x5f\141\155\x5f\x65\x6d\141\x69\x6c\137\x64\157\x6d\141\151\156\163");
$VA = explode("\x3b", $ep);
$cu = explode("\100", $Un);
$EV = !empty($cu[1]) ? $cu[1] : '';
$JN = get_site_option("\x6d\157\x5f\163\x61\155\154\x5f\x61\154\x6c\x6f\167\137\144\x65\156\x79\137\x75\x73\145\x72\137\x77\151\x74\x68\137\144\x6f\x6d\x61\151\x6e");
$XV = get_site_option("\155\157\137\x73\141\x6d\154\137\x72\145\163\164\x72\x69\x63\164\145\x64\x5f\144\x6f\x6d\x61\151\x6e\x5f\x65\162\162\x6f\162\137\x6d\x73\x67");
if (!empty($XV)) {
goto Y5F;
}
$XV = "\x59\157\x75\x20\x61\162\x65\x20\156\x6f\164\40\141\x6c\154\x6f\167\145\x64\40\164\x6f\40\154\157\147\x69\156\56\x20\x50\x6c\x65\141\x73\145\40\143\x6f\156\164\141\143\x74\40\x79\157\165\x72\40\101\x64\155\151\x6e\x69\163\x74\x72\141\164\157\x72\56";
Y5F:
if (!empty($JN) && $JN == "\144\145\156\x79") {
goto fD3;
}
if (Utilities::mo_saml_in_array($EV, $VA)) {
goto cns;
}
wp_die($XV, "\x50\145\162\x6d\151\163\x73\151\157\x6e\40\x44\145\156\151\145\x64\40\x45\x72\x72\157\x72\40\55\x20\62");
cns:
goto ePr;
fD3:
if (!Utilities::mo_saml_in_array($EV, $VA)) {
goto JWj;
}
wp_die($XV, "\120\x65\x72\x6d\x69\x73\x73\151\x6f\x6e\x20\104\x65\x6e\151\x65\x64\x20\x45\x72\x72\157\162\40\x2d\40\61");
JWj:
ePr:
Tuo:
}
function mo_saml_set_auth_cookie($user, $x5, $DV, $eG)
{
$o8 = $user->ID;
do_action("\x77\160\x5f\x6c\x6f\147\151\x6e", $user->user_login, $user);
if (empty($x5)) {
goto hUl;
}
update_user_meta($o8, "\155\157\137\x73\141\x6d\154\137\163\x65\163\x73\x69\157\156\x5f\x69\156\144\x65\x78", $x5);
hUl:
if (empty($DV)) {
goto aOg;
}
update_user_meta($o8, "\155\157\137\163\141\155\x6c\x5f\156\141\155\x65\x5f\x69\144", $DV);
aOg:
if (!(!session_id() || session_id() == '' || empty($_SESSION))) {
goto M3F;
}
session_start();
M3F:
$_SESSION["\x6d\157\x5f\163\x61\155\154"]["\x6c\157\147\x67\145\144\137\151\x6e\x5f\167\x69\x74\x68\x5f\x69\144\x70"] = TRUE;
update_user_meta($o8, "\x6d\x6f\x5f\x73\141\155\154\137\151\144\160\x5f\x6c\157\147\x69\x6e", "\x74\x72\x75\x65");
wp_set_current_user($o8);
$iD = false;
$iD = apply_filters("\x6d\x6f\137\x72\145\x6d\x65\155\142\x65\162\x5f\155\145", $iD);
wp_set_auth_cookie($o8, $iD);
if (!$eG) {
goto bI8;
}
do_action("\165\163\x65\162\137\162\145\x67\x69\163\x74\145\162", $o8);
bI8:
}
function mo_saml_post_login_redirection($fs, $XS)
{
$CR = mo_saml_get_redirect_url($fs, $XS);
wp_redirect($CR);
exit;
}
function mo_saml_get_redirect_url($fs, $XS)
{
$GK = '';
$rw = get_site_option("\x73\141\x6d\154\x5f\x73\x73\157\x5f\x73\145\164\x74\x69\156\x67\163");
$GW = get_current_blog_id();
if (!(empty($rw[$GW]) && !empty($rw["\104\105\106\101\x55\114\x54"]))) {
goto ceD;
}
$rw[$GW] = $rw["\x44\105\106\101\125\x4c\124"];
ceD:
$Yu = !empty($rw[$GW]["\155\157\137\163\141\155\154\x5f\x72\145\154\141\171\137\x73\164\141\164\x65"]) ? $rw[$GW]["\155\x6f\137\x73\x61\155\x6c\x5f\162\x65\154\141\171\x5f\x73\x74\141\x74\145"] : '';
if (!empty($Yu)) {
goto aZw;
}
if (!empty($XS)) {
goto Qu0;
}
$GK = $fs;
goto eKU;
Qu0:
$GK = $XS;
eKU:
goto hfv;
aZw:
$GK = $Yu;
hfv:
return $GK;
}
function check_if_user_allowed_to_login_due_to_role_restriction($vX)
{
$ca = maybe_unserialize(get_site_option("\163\141\155\154\x5f\x61\155\x5f\x72\157\x6c\x65\x5f\x6d\141\x70\160\x69\x6e\x67"));
$Ki = Utilities::get_active_sites();
$pe = get_site_option("\x6d\157\137\x61\x70\x70\154\171\137\x72\x6f\x6c\x65\x5f\x6d\x61\160\x70\x69\x6e\x67\137\146\x6f\x72\x5f\163\x69\x74\x65\163");
if ($ca) {
goto Lo8;
}
$ca = array();
Lo8:
if (!empty($ca["\104\x45\x46\x41\x55\114\124"])) {
goto aKv;
}
$ca["\x44\105\106\101\x55\114\x54"] = array();
aKv:
foreach ($Ki as $blog_id) {
if ($pe) {
goto YEc;
}
$dZ = $blog_id;
goto rSw;
YEc:
$dZ = 0;
rSw:
if (!empty($ca[$dZ])) {
goto L2n;
}
$n3 = $ca["\x44\105\106\101\x55\114\124"];
goto wkc;
L2n:
$n3 = $ca[$dZ];
wkc:
if (empty($n3)) {
goto qsY;
}
$NJ = !empty($n3["\x6d\x6f\137\163\x61\x6d\154\x5f\144\x6f\x6e\164\x5f\141\154\154\x6f\x77\137\165\163\145\x72\x5f\164\x6f\x6c\x6f\x67\x69\156\x5f\143\x72\x65\141\164\x65\137\x77\151\164\150\137\x67\x69\166\x65\156\137\147\x72\157\165\x70\163"]) ? $n3["\155\157\x5f\163\x61\155\x6c\x5f\144\x6f\x6e\164\137\141\154\x6c\157\x77\x5f\165\163\x65\x72\x5f\164\x6f\x6c\x6f\x67\x69\x6e\x5f\x63\x72\x65\x61\164\x65\137\167\x69\x74\x68\137\x67\x69\x76\x65\156\137\x67\x72\x6f\165\160\x73"] : '';
if (!($NJ == "\143\150\x65\x63\x6b\145\x64")) {
goto Hh2;
}
if (empty($vX)) {
goto sYR;
}
$oy = $n3["\155\x6f\137\x73\141\x6d\154\137\x72\x65\163\x74\x72\151\143\x74\x5f\165\x73\145\162\163\x5f\167\x69\164\x68\x5f\x67\162\157\x75\160\163"];
$Sx = explode("\73", $oy);
foreach ($Sx as $uq) {
foreach ($vX as $At) {
$At = trim($At);
if (!(!empty($At) && $At == $uq)) {
goto B1h;
}
wp_die("\x59\x6f\165\x20\141\x72\145\40\156\157\164\x20\x61\165\x74\x68\x6f\162\151\172\x65\x64\x20\164\x6f\40\154\157\x67\x69\156\x2e\40\120\x6c\145\x61\163\x65\40\x63\x6f\x6e\164\141\143\x74\40\x79\x6f\x75\x72\40\141\144\155\x69\x6e\151\163\x74\162\141\x74\157\162\x2e", "\x45\162\162\x6f\x72");
B1h:
EiD:
}
bus:
Nuz:
}
kud:
sYR:
Hh2:
qsY:
B0B:
}
b6_:
}
function assign_roles_to_user($user, $ca, $blog_id, $vX, $dZ)
{
$gX = false;
if (!(!empty($vX) && !empty($ca) && !is_administrator_user($user) && is_user_member_of_blog($user->ID, $blog_id))) {
goto snn;
}
if (!empty($ca[$dZ])) {
goto QX8;
}
if (empty($ca["\x44\x45\106\101\125\x4c\x54"])) {
goto WTh;
}
$n3 = $ca["\104\x45\106\101\125\x4c\x54"];
WTh:
goto ycC;
QX8:
$n3 = $ca[$dZ];
ycC:
if (empty($n3)) {
goto IUM;
}
$user->set_role(false);
$dy = '';
$MN = false;
unset($n3["\x64\x65\x66\x61\165\154\164\137\162\157\154\x65"]);
unset($n3["\144\x6f\156\x74\137\143\x72\145\x61\164\x65\x5f\165\163\x65\162"]);
unset($n3["\x64\x6f\156\x74\137\x61\x6c\154\157\167\137\x75\156\154\151\x73\164\x65\x64\137\165\x73\x65\162"]);
unset($n3["\x6b\145\x65\x70\137\x65\x78\x69\x73\164\151\156\147\x5f\165\163\x65\162\x73\137\162\x6f\x6c\x65"]);
unset($n3["\x6d\x6f\x5f\x73\141\x6d\154\x5f\x64\x6f\156\164\137\x61\154\x6c\157\x77\137\165\163\x65\162\137\164\157\154\x6f\147\x69\156\137\x63\162\145\141\164\145\137\x77\151\x74\150\x5f\147\151\x76\x65\x6e\137\147\162\x6f\165\x70\163"]);
unset($n3["\x6d\157\137\x73\141\155\x6c\x5f\162\145\x73\164\x72\151\x63\164\137\x75\x73\145\162\163\x5f\167\151\164\150\x5f\147\x72\157\x75\x70\163"]);
foreach ($n3 as $WN => $GB) {
$Sx = explode("\73", $GB);
foreach ($Sx as $uq) {
if (!(!empty($uq) && Utilities::mo_saml_in_array($uq, $vX))) {
goto gVs;
}
$gX = true;
$user->add_role($WN);
gVs:
dEr:
}
WS7:
T33:
}
i_p:
IUM:
snn:
$s7 = get_site_option("\x6d\157\137\x73\x61\155\154\x5f\x73\165\160\145\x72\137\x61\144\155\x69\x6e\137\162\x6f\x6c\x65\137\155\141\x70\x70\x69\156\x67");
$pj = array();
if (empty($s7)) {
goto mEO;
}
$pj = explode("\x3b", $s7);
mEO:
if (!(!empty($vX) && !empty($pj))) {
goto yWW;
}
foreach ($pj as $uq) {
if (!Utilities::mo_saml_in_array($uq, $vX)) {
goto dhk;
}
grant_super_admin($user->ID);
dhk:
xUu:
}
yq9:
yWW:
return $gX;
}
function get_saml_roles_to_assign($ca, $blog_id, $vX)
{
$Rh = array();
if (!(!empty($vX) && !empty($ca))) {
goto KiR;
}
if (!empty($ca[$blog_id])) {
goto UbZ;
}
if (empty($ca["\x44\105\106\x41\125\114\x54"])) {
goto GSL;
}
$n3 = $ca["\104\105\x46\101\125\x4c\x54"];
GSL:
goto nBi;
UbZ:
$n3 = $ca[$blog_id];
nBi:
if (empty($n3)) {
goto UmX;
}
unset($n3["\x64\x65\146\x61\x75\x6c\164\x5f\162\x6f\154\145"]);
unset($n3["\144\x6f\x6e\x74\x5f\143\x72\145\x61\164\x65\x5f\x75\163\145\162"]);
unset($n3["\144\157\156\164\x5f\141\x6c\x6c\157\167\x5f\x75\156\154\x69\x73\x74\x65\x64\137\x75\163\x65\x72"]);
unset($n3["\153\x65\145\x70\137\145\170\x69\163\x74\x69\156\147\137\x75\163\x65\x72\163\x5f\162\157\154\x65"]);
unset($n3["\x6d\157\x5f\x73\141\155\x6c\x5f\144\x6f\156\164\x5f\141\154\154\157\167\137\165\163\145\x72\x5f\x74\157\x6c\x6f\147\x69\156\137\x63\162\145\141\x74\x65\x5f\x77\151\x74\x68\x5f\x67\151\166\145\x6e\137\x67\162\157\x75\x70\163"]);
unset($n3["\155\157\x5f\163\x61\x6d\154\x5f\x72\x65\x73\164\x72\x69\x63\x74\137\x75\163\145\162\163\137\167\x69\x74\150\x5f\x67\162\157\x75\160\163"]);
foreach ($n3 as $WN => $GB) {
$Sx = explode("\73", $GB);
foreach ($Sx as $uq) {
if (!(!empty($uq) and Utilities::mo_saml_in_array($uq, $vX))) {
goto C4I;
}
array_push($Rh, $WN);
C4I:
a84:
}
ucl:
zJ9:
}
f8K:
UmX:
KiR:
return $Rh;
}
function is_administrator_user($user)
{
$xM = $user->roles;
if (!is_null($xM) && Utilities::mo_saml_in_array("\x61\x64\155\151\156\151\x73\x74\x72\141\x74\x6f\x72", $xM)) {
goto tRt;
}
return false;
goto sEq;
tRt:
return true;
sEq:
}
function mo_saml_is_customer_registered()
{
$uo = get_site_option("\x6d\x6f\x5f\163\x61\x6d\x6c\137\141\144\155\x69\156\137\145\155\x61\151\154");
$AQ = get_site_option("\155\157\x5f\x73\x61\x6d\x6c\137\x61\x64\x6d\x69\x6e\x5f\143\165\x73\164\x6f\155\145\162\137\x6b\145\x79");
if (!$uo || !$AQ || !is_numeric(trim($AQ))) {
goto t8S;
}
return 1;
goto exi;
t8S:
return 0;
exi:
}
function mo_saml_is_customer_license_verified()
{
$ns = get_site_option("\x6d\157\x5f\x73\141\x6d\x6c\x5f\143\x75\163\x74\x6f\155\x65\162\x5f\x74\157\x6b\x65\x6e");
$ta = AESEncryption::decrypt_data(get_site_option("\x74\137\163\151\164\145\137\163\164\141\x74\x75\x73"), $ns);
$W2 = get_site_option("\x73\x6d\154\137\x6c\153");
$uo = get_site_option("\155\x6f\137\x73\x61\155\154\137\141\x64\x6d\x69\x6e\137\x65\155\x61\x69\154");
$AQ = get_site_option("\155\157\x5f\x73\x61\x6d\x6c\x5f\141\144\155\x69\x6e\137\x63\165\163\164\x6f\x6d\x65\162\x5f\x6b\145\171");
$O2 = AESEncryption::decrypt_data(get_site_option("\x6e\157\x5f\x73\x62\x73"), $ns);
$XB = false;
if (!get_site_option("\156\x6f\x5f\163\142\x73")) {
goto C2n;
}
$aX = Utilities::get_sites();
$XB = $O2 < count($aX);
C2n:
if ($ta != "\x74\x72\x75\x65" && !$W2 || !$uo || !$AQ || !is_numeric(trim($AQ)) || $XB) {
goto ZkG;
}
return 1;
goto OA3;
ZkG:
return 0;
OA3:
}
function show_status_error($Ya, $XS)
{
if ($XS == "\x74\x65\163\x74\126\x61\x6c\x69\144\x61\x74\145" or $XS == "\164\x65\163\164\116\x65\x77\x43\x65\x72\164\x69\x66\151\x63\141\x74\x65") {
goto nOT;
}
wp_die("\x57\145\x20\x63\157\165\x6c\144\40\x6e\x6f\164\40\163\151\147\156\40\x79\157\x75\x20\151\156\56\x20\x50\x6c\x65\x61\163\145\40\x63\x6f\156\x74\x61\x63\164\40\x79\157\165\x72\x20\x41\144\x6d\151\156\x69\163\x74\x72\141\164\x6f\x72\56", "\105\x72\x72\x6f\162\72\x20\x49\x6e\166\141\x6c\x69\x64\40\x53\x41\115\x4c\x20\x52\145\163\160\157\x6e\x73\145\x20\123\x74\141\x74\165\163");
goto qqj;
nOT:
echo "\74\144\151\166\x20\x73\164\171\154\x65\x3d\x22\x66\x6f\156\x74\55\x66\x61\155\151\154\x79\72\x43\x61\x6c\x69\142\162\151\x3b\x70\x61\x64\144\151\156\147\72\60\x20\x33\x25\x3b\x22\76";
echo "\74\x64\151\x76\x20\163\164\x79\x6c\145\x3d\x22\143\x6f\x6c\157\x72\72\x20\x23\141\71\x34\x34\x34\x32\73\x62\141\x63\153\x67\x72\x6f\165\x6e\144\55\143\x6f\154\157\162\x3a\40\x23\146\62\x64\145\x64\x65\73\x70\x61\144\144\151\156\x67\72\40\x31\65\160\170\x3b\155\141\x72\x67\151\x6e\55\142\x6f\x74\x74\157\155\x3a\40\x32\60\160\x78\73\164\x65\x78\x74\55\x61\154\x69\147\x6e\x3a\143\145\156\x74\x65\x72\x3b\142\x6f\x72\144\x65\x72\x3a\61\160\x78\x20\163\x6f\x6c\151\144\x20\43\105\66\102\x33\102\x32\73\146\157\156\x74\x2d\x73\x69\172\x65\x3a\61\70\x70\164\73\42\x3e\x20\105\x52\x52\x4f\122\74\57\x64\x69\166\x3e\15\12\x20\x20\x20\x20\40\40\40\x20\74\144\151\x76\40\x73\164\171\154\x65\x3d\42\143\x6f\x6c\157\x72\72\40\x23\x61\x39\64\64\64\62\73\x66\157\x6e\x74\55\x73\x69\172\x65\72\x31\64\x70\x74\73\40\155\x61\162\x67\x69\x6e\55\142\157\x74\164\157\155\72\62\60\160\170\73\42\76\x3c\x70\76\x3c\x73\164\x72\x6f\x6e\x67\76\105\162\x72\x6f\x72\x3a\x20\x3c\x2f\163\x74\162\157\x6e\147\x3e\x20\111\156\x76\141\x6c\x69\144\40\x53\101\115\x4c\x20\122\x65\x73\160\x6f\x6e\163\x65\40\x53\x74\x61\x74\165\163\56\x3c\x2f\x70\x3e\xd\12\x20\x20\40\40\x20\40\x20\x20\x20\40\x20\x20\x3c\x70\x3e\74\x73\164\x72\x6f\x6e\147\x3e\x43\x61\x75\x73\145\163\74\x2f\x73\164\x72\x6f\x6e\x67\x3e\x3a\40\x49\x64\x65\156\x74\151\x74\171\x20\x50\162\157\x76\151\x64\145\162\40\150\x61\163\x20\163\145\156\164\40\47" . esc_html($Ya) . "\47\x20\x73\x74\x61\164\x75\x73\40\143\157\x64\x65\40\151\x6e\40\123\x41\115\114\x20\x52\x65\x73\x70\157\156\x73\x65\x2e\40\74\57\x70\x3e\15\12\x20\40\x20\40\40\40\x20\40\40\40\x20\x20\x3c\160\76\74\x73\x74\162\157\x6e\x67\76\x52\x65\x61\163\157\156\74\x2f\163\164\x72\157\156\147\x3e\72\40" . get_status_message(esc_html($Ya)) . "\x3c\57\160\76\x3c\142\x72\x3e";
if (empty($YC)) {
goto MPd;
}
echo "\x3c\x70\76\74\163\x74\x72\x6f\156\x67\x3e\x53\164\x61\x74\165\163\40\x4d\x65\163\163\x61\x67\145\40\151\x6e\x20\x74\150\145\x20\x53\x41\115\114\x20\x52\x65\163\x70\x6f\x6e\163\145\x3a\74\57\x73\x74\162\157\x6e\147\76\40\x3c\x62\x72\57\76" . esc_html($YC) . "\x3c\x2f\160\x3e\74\x62\162\76";
MPd:
echo "\xd\xa\x20\40\x20\x20\40\x20\x20\x20\x3c\x2f\144\x69\166\76\xd\12\15\xa\x20\40\x20\x20\40\40\x20\40\x3c\x64\x69\x76\40\x73\x74\x79\154\x65\x3d\42\x6d\x61\x72\147\x69\156\72\63\x25\x3b\x64\151\x73\x70\x6c\141\171\72\142\x6c\157\143\153\73\x74\x65\170\164\55\x61\154\151\147\x6e\72\x63\145\156\164\145\x72\x3b\42\76\15\xa\x20\x20\40\40\x20\40\x20\40\x20\40\40\40\x3c\x64\151\x76\40\163\164\171\x6c\145\75\x22\x6d\x61\x72\x67\x69\x6e\72\63\x25\x3b\x64\151\x73\x70\154\141\171\x3a\x62\154\157\143\153\73\164\x65\170\x74\55\141\154\151\x67\156\x3a\143\x65\x6e\164\x65\x72\73\x22\76\x3c\151\156\x70\165\x74\40\x73\164\171\x6c\x65\x3d\x22\160\x61\144\x64\151\156\147\72\61\45\73\x77\151\144\x74\150\x3a\61\60\x30\160\x78\73\142\141\143\x6b\x67\162\x6f\x75\156\x64\72\x20\43\60\x30\x39\61\103\104\40\156\x6f\156\x65\x20\162\145\160\x65\141\164\x20\163\143\162\157\154\x6c\40\60\45\x20\60\x25\73\143\x75\x72\163\x6f\162\x3a\x20\160\x6f\x69\x6e\x74\145\162\73\x66\x6f\156\164\55\x73\151\172\x65\72\61\65\x70\x78\x3b\142\x6f\x72\144\145\x72\55\x77\x69\x64\x74\150\72\x20\x31\x70\170\x3b\x62\157\x72\144\145\x72\x2d\x73\164\x79\x6c\x65\72\40\x73\157\154\x69\144\x3b\x62\x6f\x72\144\x65\x72\x2d\x72\x61\144\x69\165\x73\x3a\40\x33\160\170\73\x77\150\151\164\x65\x2d\x73\160\141\143\145\72\40\156\x6f\x77\162\x61\160\x3b\x62\157\170\x2d\x73\x69\172\151\156\x67\x3a\x20\142\157\162\144\x65\x72\x2d\142\x6f\170\73\142\x6f\162\x64\145\x72\x2d\143\x6f\154\157\162\x3a\40\x23\60\60\67\x33\x41\101\73\142\x6f\170\55\163\x68\141\144\157\167\72\x20\x30\x70\170\40\x31\x70\170\40\x30\160\x78\40\x72\147\142\141\50\61\x32\x30\x2c\x20\x32\60\x30\x2c\x20\62\63\60\54\x20\60\56\66\x29\x20\x69\156\x73\145\x74\x3b\143\x6f\x6c\x6f\162\72\x20\43\x46\106\106\x3b\x22\164\x79\x70\145\75\42\x62\165\164\164\x6f\156\42\x20\x76\x61\x6c\165\x65\75\x22\104\157\156\x65\x22\x20\x6f\156\103\x6c\151\x63\153\x3d\x22\x73\x65\x6c\x66\56\x63\x6c\157\x73\x65\50\51\x3b\42\76\x3c\x2f\144\x69\x76\x3e";
exit;
qqj:
}
function addLink($Gf, $Lb)
{
$eu = "\74\x61\40\150\x72\x65\146\x3d\x22" . $Lb . "\42\x3e" . $Gf . "\74\57\x61\x3e";
return $eu;
}
function get_status_message($Ya)
{
switch ($Ya) {
case "\x52\145\x71\x75\x65\x73\164\x65\162":
return "\124\x68\145\x20\162\145\161\165\145\163\x74\40\x63\x6f\165\x6c\144\x20\156\157\164\x20\142\x65\x20\x70\145\162\146\157\162\155\145\x64\x20\144\x75\x65\x20\x74\157\x20\141\156\x20\x65\162\x72\157\x72\40\157\156\x20\x74\x68\x65\x20\x70\141\162\164\x20\157\x66\40\x74\x68\145\x20\x72\x65\x71\x75\145\x73\164\x65\162\x2e";
goto Kn2;
case "\122\145\163\x70\x6f\156\x64\145\x72":
return "\124\x68\145\x20\162\x65\x71\x75\x65\x73\x74\x20\x63\157\x75\154\x64\40\x6e\x6f\x74\x20\x62\145\40\x70\145\x72\x66\x6f\x72\155\145\x64\40\144\165\145\40\x74\157\40\141\x6e\40\145\162\162\x6f\x72\x20\157\156\40\x74\150\145\x20\x70\x61\x72\164\x20\x6f\146\40\164\x68\145\40\x53\101\x4d\x4c\x20\162\145\x73\x70\157\156\144\145\x72\40\157\162\x20\123\101\115\114\x20\141\165\x74\150\157\162\x69\164\171\x2e";
goto Kn2;
case "\x56\145\162\163\151\157\156\x4d\151\x73\155\141\164\143\x68":
return "\x54\x68\145\x20\123\101\115\114\40\162\x65\x73\160\157\x6e\x64\x65\162\40\143\x6f\165\x6c\x64\x20\156\x6f\x74\40\160\162\x6f\143\145\163\163\x20\164\x68\x65\x20\x72\x65\161\x75\145\163\x74\x20\x62\145\143\x61\165\163\145\40\x74\x68\145\40\166\145\x72\163\x69\x6f\156\x20\157\146\40\x74\150\x65\40\x72\x65\x71\165\x65\x73\164\40\155\145\163\163\141\147\x65\x20\x77\141\163\x20\151\x6e\143\x6f\x72\x72\145\143\164\x2e";
goto Kn2;
default:
return "\125\x6e\x6b\x6e\x6f\167\x6e";
}
olk:
Kn2:
}
function saml_get_current_page_url()
{
$j5 = $_SERVER["\x48\124\124\x50\x5f\x48\x4f\123\124"];
if (!(substr($j5, -1) == "\x2f")) {
goto ZoP;
}
$j5 = substr($j5, 0, -1);
ZoP:
$Cg = $_SERVER["\122\x45\121\x55\x45\123\124\x5f\125\122\111"];
if (!(substr($Cg, 0, 1) == "\x2f")) {
goto zDl;
}
$Cg = substr($Cg, 1);
zDl:
$w5 = !empty($_SERVER["\x48\124\x54\120\x53"]) && strcasecmp($_SERVER["\110\124\x54\120\x53"], "\157\156") == 0;
$Gx = "\x68\164\164\160" . ($w5 ? "\x73" : '') . "\72\x2f\57" . $j5 . "\57" . $Cg;
return $Gx;
}
function get_network_site_url()
{
$qp = network_site_url();
if (!(substr($qp, -1) == "\57")) {
goto U8W;
}
$qp = substr($qp, 0, -1);
U8W:
return $qp;
}
function get_current_base_url()
{
return sprintf("\45\163\x3a\57\57\45\x73\57", !empty($_SERVER["\110\124\x54\x50\123"]) && $_SERVER["\x48\x54\124\x50\123"] != "\x6f\146\146" ? "\150\x74\164\x70\163" : "\x68\x74\164\160", $_SERVER["\x48\x54\124\120\137\x48\117\123\x54"]);
}
add_action("\167\151\x64\x67\145\x74\163\x5f\151\156\151\x74", function () {
register_widget("\155\x6f\x5f\x6c\157\x67\x69\156\137\x77\x69\x64");
});
add_action("\x69\x6e\x69\164", "\x6d\x6f\x5f\x6c\x6f\147\x69\x6e\137\166\141\x6c\x69\x64\x61\x74\x65");
Function Calls
| None |
Stats
| MD5 | 201ef673e02ec61462e119a1dc8b2679 |
| Eval Count | 0 |
| Decode Time | 149 ms |