Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval("?>".base64_decode("PD9waHANCg0KLyoqDQogKiBBdXRob3I6IEFza2FyYWxpIE1ha2FuYWRhcg0..

Decoded Output download

?>b'<?php

/**
 * Author: Askarali Makanadar
 * Date: 05-11-2018
 */
class Login_model extends CI_Model
{
	
	function __construct()
	{
		parent::__construct();
	}

	public function verify_credentials($username,$password)
	{
		//Filtering XSS and html escape from user inputs 
		$username=$this->security->xss_clean(html_escape($username));
		$password=$this->security->xss_clean(html_escape($password));
				
		$query=$this->db->query("select * from db_users where username=\'$username\' and password=\'".md5($password)."\' and status=1");
		if($query->num_rows()==1){

			$logdata = array(\'inv_username\'  => $query->row()->username,
				        	 \'inv_userid\'  => $query->row()->id,
				        	 \'logged_in\' => TRUE 
				        	);
			$this->session->set_userdata($logdata);
			$this->session->set_flashdata(\'success\', \'Welcome \'.$query->row()->username." !");
			return true;
		}
		else{
			return false;
		}		
	}
	public function verify_email_send_otp($email)
	{
		$q1=$this->db->query("select email,company_name from db_company where email<>\'\'");
		if($q1->num_rows()==0){
			$this->session->set_flashdata(\'failed\', \'Failed to send OTP! Contact admin :(\');
			return false;
			exit();
		}
		//Filtering XSS and html escape from user inputs 
		$email_id=$this->security->xss_clean(html_escape($email));
				
		$query=$this->db->query("select * from db_users where email=\'$email\' and status=1");
		if($query->num_rows()==1){
			$otp=rand(1000,9999);

			$server_subject = "OTP for Password Change | OTP: ".$otp;
			$ready_message="---------------------------------------------------------
Hello User,

You are requested for Password Change,
Please enter ".$otp." as a OTP.

Note: Don\'t share this OTP with anyone.
Thank you
---------------------------------------------------------
		";
		
			$this->load->library(\'email\');
			$this->email->from($q1->row()->email, $q1->row()->company_name);
			$this->email->to($email_id);
			$this->email->subject($server_subject);
			$this->email->message($ready_message);

			if($this->email->send()){
				//redirect(\'contact/success\');
				$this->session->set_flashdata(\'success\', \'OTP has been sent to your email ID!\');
				$otpdata = array(\'email\'  => $email,\'otp\'  => $otp );
				$this->session->set_userdata($otpdata);
				//echo "Email Sent";
				return true;
			}
			else{
				//echo "Failed to Send Message.Try again!";
				return false;
			}
		}
		else{
			return false;
		}		
	}
	public function verify_otp($otp)
	{
		//Filtering XSS and html escape from user inputs 
		$otp=$this->security->xss_clean(html_escape($otp));
		$email=$this->security->xss_clean(html_escape($email));
		if($this->session->userdata(\'email\')==$email){ redirect(base_url().\'logout\',\'refresh\');	}
				
		$query=$this->db->query("select * from db_users where username=\'$username\' and password=\'".md5($password)."\' and status=1");
		if($query->num_rows()==1){

			$logdata = array(\'inv_username\'  => $query->row()->username,
				        	 \'inv_userid\'  => $query->row()->id,
				        	 \'logged_in\' => TRUE 
				        	);
			$this->session->set_userdata($logdata);
			return true;
		}
		else{
			return false;
		}		
	}
	public function change_password($password,$email){
			$query=$this->db->query("select * from db_users where email=\'$email\' and status=1");
			if($query->num_rows()==1){
				/*if($query->row()->username == \'admin\'){
					echo "Restricted Admin Password Change";exit();
				}*/
				$password=md5($password);
				$query1="update db_users set password=\'$password\' where email=\'$email\'";
				if ($this->db->simple_query($query1)){

				        return true;
				}
				else{
				        return false;
				}
			}
			else{
				return false;
				}

		}
}'

Did this file decode correctly?

Original Code

<?php eval("?>".base64_decode("PD9waHANCg0KLyoqDQogKiBBdXRob3I6IEFza2FyYWxpIE1ha2FuYWRhcg0KICogRGF0ZTogMDUtMTEtMjAxOA0KICovDQpjbGFzcyBMb2dpbl9tb2RlbCBleHRlbmRzIENJX01vZGVsDQp7DQoJDQoJZnVuY3Rpb24gX19jb25zdHJ1Y3QoKQ0KCXsNCgkJcGFyZW50OjpfX2NvbnN0cnVjdCgpOw0KCX0NCg0KCXB1YmxpYyBmdW5jdGlvbiB2ZXJpZnlfY3JlZGVudGlhbHMoJHVzZXJuYW1lLCRwYXNzd29yZCkNCgl7DQoJCS8vRmlsdGVyaW5nIFhTUyBhbmQgaHRtbCBlc2NhcGUgZnJvbSB1c2VyIGlucHV0cyANCgkJJHVzZXJuYW1lPSR0aGlzLT5zZWN1cml0eS0+eHNzX2NsZWFuKGh0bWxfZXNjYXBlKCR1c2VybmFtZSkpOw0KCQkkcGFzc3dvcmQ9JHRoaXMtPnNlY3VyaXR5LT54c3NfY2xlYW4oaHRtbF9lc2NhcGUoJHBhc3N3b3JkKSk7DQoJCQkJDQoJCSRxdWVyeT0kdGhpcy0+ZGItPnF1ZXJ5KCJzZWxlY3QgKiBmcm9tIGRiX3VzZXJzIHdoZXJlIHVzZXJuYW1lPSckdXNlcm5hbWUnIGFuZCBwYXNzd29yZD0nIi5tZDUoJHBhc3N3b3JkKS4iJyBhbmQgc3RhdHVzPTEiKTsNCgkJaWYoJHF1ZXJ5LT5udW1fcm93cygpPT0xKXsNCg0KCQkJJGxvZ2RhdGEgPSBhcnJheSgnaW52X3VzZXJuYW1lJyAgPT4gJHF1ZXJ5LT5yb3coKS0+dXNlcm5hbWUsDQoJCQkJICAgICAgICAJICdpbnZfdXNlcmlkJyAgPT4gJHF1ZXJ5LT5yb3coKS0+aWQsDQoJCQkJICAgICAgICAJICdsb2dnZWRfaW4nID0+IFRSVUUgDQoJCQkJICAgICAgICAJKTsNCgkJCSR0aGlzLT5zZXNzaW9uLT5zZXRfdXNlcmRhdGEoJGxvZ2RhdGEpOw0KCQkJJHRoaXMtPnNlc3Npb24tPnNldF9mbGFzaGRhdGEoJ3N1Y2Nlc3MnLCAnV2VsY29tZSAnLiRxdWVyeS0+cm93KCktPnVzZXJuYW1lLiIgISIpOw0KCQkJcmV0dXJuIHRydWU7DQoJCX0NCgkJZWxzZXsNCgkJCXJldHVybiBmYWxzZTsNCgkJfQkJDQoJfQ0KCXB1YmxpYyBmdW5jdGlvbiB2ZXJpZnlfZW1haWxfc2VuZF9vdHAoJGVtYWlsKQ0KCXsNCgkJJHExPSR0aGlzLT5kYi0+cXVlcnkoInNlbGVjdCBlbWFpbCxjb21wYW55X25hbWUgZnJvbSBkYl9jb21wYW55IHdoZXJlIGVtYWlsPD4nJyIpOw0KCQlpZigkcTEtPm51bV9yb3dzKCk9PTApew0KCQkJJHRoaXMtPnNlc3Npb24tPnNldF9mbGFzaGRhdGEoJ2ZhaWxlZCcsICdGYWlsZWQgdG8gc2VuZCBPVFAhIENvbnRhY3QgYWRtaW4gOignKTsNCgkJCXJldHVybiBmYWxzZTsNCgkJCWV4aXQoKTsNCgkJfQ0KCQkvL0ZpbHRlcmluZyBYU1MgYW5kIGh0bWwgZXNjYXBlIGZyb20gdXNlciBpbnB1dHMgDQoJCSRlbWFpbF9pZD0kdGhpcy0+c2VjdXJpdHktPnhzc19jbGVhbihodG1sX2VzY2FwZSgkZW1haWwpKTsNCgkJCQkNCgkJJHF1ZXJ5PSR0aGlzLT5kYi0+cXVlcnkoInNlbGVjdCAqIGZyb20gZGJfdXNlcnMgd2hlcmUgZW1haWw9JyRlbWFpbCcgYW5kIHN0YXR1cz0xIik7DQoJCWlmKCRxdWVyeS0+bnVtX3Jvd3MoKT09MSl7DQoJCQkkb3RwPXJhbmQoMTAwMCw5OTk5KTsNCg0KCQkJJHNlcnZlcl9zdWJqZWN0ID0gIk9UUCBmb3IgUGFzc3dvcmQgQ2hhbmdlIHwgT1RQOiAiLiRvdHA7DQoJCQkkcmVhZHlfbWVzc2FnZT0iLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpIZWxsbyBVc2VyLA0KDQpZb3UgYXJlIHJlcXVlc3RlZCBmb3IgUGFzc3dvcmQgQ2hhbmdlLA0KUGxlYXNlIGVudGVyICIuJG90cC4iIGFzIGEgT1RQLg0KDQpOb3RlOiBEb24ndCBzaGFyZSB0aGlzIE9UUCB3aXRoIGFueW9uZS4NClRoYW5rIHlvdQ0KLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQoJCSI7DQoJCQ0KCQkJJHRoaXMtPmxvYWQtPmxpYnJhcnkoJ2VtYWlsJyk7DQoJCQkkdGhpcy0+ZW1haWwtPmZyb20oJHExLT5yb3coKS0+ZW1haWwsICRxMS0+cm93KCktPmNvbXBhbnlfbmFtZSk7DQoJCQkkdGhpcy0+ZW1haWwtPnRvKCRlbWFpbF9pZCk7DQoJCQkkdGhpcy0+ZW1haWwtPnN1YmplY3QoJHNlcnZlcl9zdWJqZWN0KTsNCgkJCSR0aGlzLT5lbWFpbC0+bWVzc2FnZSgkcmVhZHlfbWVzc2FnZSk7DQoNCgkJCWlmKCR0aGlzLT5lbWFpbC0+c2VuZCgpKXsNCgkJCQkvL3JlZGlyZWN0KCdjb250YWN0L3N1Y2Nlc3MnKTsNCgkJCQkkdGhpcy0+c2Vzc2lvbi0+c2V0X2ZsYXNoZGF0YSgnc3VjY2VzcycsICdPVFAgaGFzIGJlZW4gc2VudCB0byB5b3VyIGVtYWlsIElEIScpOw0KCQkJCSRvdHBkYXRhID0gYXJyYXkoJ2VtYWlsJyAgPT4gJGVtYWlsLCdvdHAnICA9PiAkb3RwICk7DQoJCQkJJHRoaXMtPnNlc3Npb24tPnNldF91c2VyZGF0YSgkb3RwZGF0YSk7DQoJCQkJLy9lY2hvICJFbWFpbCBTZW50IjsNCgkJCQlyZXR1cm4gdHJ1ZTsNCgkJCX0NCgkJCWVsc2V7DQoJCQkJLy9lY2hvICJGYWlsZWQgdG8gU2VuZCBNZXNzYWdlLlRyeSBhZ2FpbiEiOw0KCQkJCXJldHVybiBmYWxzZTsNCgkJCX0NCgkJfQ0KCQllbHNlew0KCQkJcmV0dXJuIGZhbHNlOw0KCQl9CQkNCgl9DQoJcHVibGljIGZ1bmN0aW9uIHZlcmlmeV9vdHAoJG90cCkNCgl7DQoJCS8vRmlsdGVyaW5nIFhTUyBhbmQgaHRtbCBlc2NhcGUgZnJvbSB1c2VyIGlucHV0cyANCgkJJG90cD0kdGhpcy0+c2VjdXJpdHktPnhzc19jbGVhbihodG1sX2VzY2FwZSgkb3RwKSk7DQoJCSRlbWFpbD0kdGhpcy0+c2VjdXJpdHktPnhzc19jbGVhbihodG1sX2VzY2FwZSgkZW1haWwpKTsNCgkJaWYoJHRoaXMtPnNlc3Npb24tPnVzZXJkYXRhKCdlbWFpbCcpPT0kZW1haWwpeyByZWRpcmVjdChiYXNlX3VybCgpLidsb2dvdXQnLCdyZWZyZXNoJyk7CX0NCgkJCQkNCgkJJHF1ZXJ5PSR0aGlzLT5kYi0+cXVlcnkoInNlbGVjdCAqIGZyb20gZGJfdXNlcnMgd2hlcmUgdXNlcm5hbWU9JyR1c2VybmFtZScgYW5kIHBhc3N3b3JkPSciLm1kNSgkcGFzc3dvcmQpLiInIGFuZCBzdGF0dXM9MSIpOw0KCQlpZigkcXVlcnktPm51bV9yb3dzKCk9PTEpew0KDQoJCQkkbG9nZGF0YSA9IGFycmF5KCdpbnZfdXNlcm5hbWUnICA9PiAkcXVlcnktPnJvdygpLT51c2VybmFtZSwNCgkJCQkgICAgICAgIAkgJ2ludl91c2VyaWQnICA9PiAkcXVlcnktPnJvdygpLT5pZCwNCgkJCQkgICAgICAgIAkgJ2xvZ2dlZF9pbicgPT4gVFJVRSANCgkJCQkgICAgICAgIAkpOw0KCQkJJHRoaXMtPnNlc3Npb24tPnNldF91c2VyZGF0YSgkbG9nZGF0YSk7DQoJCQlyZXR1cm4gdHJ1ZTsNCgkJfQ0KCQllbHNlew0KCQkJcmV0dXJuIGZhbHNlOw0KCQl9CQkNCgl9DQoJcHVibGljIGZ1bmN0aW9uIGNoYW5nZV9wYXNzd29yZCgkcGFzc3dvcmQsJGVtYWlsKXsNCgkJCSRxdWVyeT0kdGhpcy0+ZGItPnF1ZXJ5KCJzZWxlY3QgKiBmcm9tIGRiX3VzZXJzIHdoZXJlIGVtYWlsPSckZW1haWwnIGFuZCBzdGF0dXM9MSIpOw0KCQkJaWYoJHF1ZXJ5LT5udW1fcm93cygpPT0xKXsNCgkJCQkvKmlmKCRxdWVyeS0+cm93KCktPnVzZXJuYW1lID09ICdhZG1pbicpew0KCQkJCQllY2hvICJSZXN0cmljdGVkIEFkbWluIFBhc3N3b3JkIENoYW5nZSI7ZXhpdCgpOw0KCQkJCX0qLw0KCQkJCSRwYXNzd29yZD1tZDUoJHBhc3N3b3JkKTsNCgkJCQkkcXVlcnkxPSJ1cGRhdGUgZGJfdXNlcnMgc2V0IHBhc3N3b3JkPSckcGFzc3dvcmQnIHdoZXJlIGVtYWlsPSckZW1haWwnIjsNCgkJCQlpZiAoJHRoaXMtPmRiLT5zaW1wbGVfcXVlcnkoJHF1ZXJ5MSkpew0KDQoJCQkJICAgICAgICByZXR1cm4gdHJ1ZTsNCgkJCQl9DQoJCQkJZWxzZXsNCgkJCQkgICAgICAgIHJldHVybiBmYWxzZTsNCgkJCQl9DQoJCQl9DQoJCQllbHNlew0KCQkJCXJldHVybiBmYWxzZTsNCgkJCQl9DQoNCgkJfQ0KfQ==")); ?>

Function Calls

base64_decode 1

Variables

None

Stats

MD5 23a576b02417dad919911abe08fe8a63
Eval Count 1
Decode Time 86 ms