Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval("?>".base64_decode("PD9waHANCg0KLyoqDQogKiBBdXRob3I6IEFza2FyYWxpIE1ha2FuYWRhcg0..
Decoded Output download
?>b'<?php
/**
* Author: Askarali Makanadar
* Date: 05-11-2018
*/
class Login_model extends CI_Model
{
function __construct()
{
parent::__construct();
}
public function verify_credentials($username,$password)
{
//Filtering XSS and html escape from user inputs
$username=$this->security->xss_clean(html_escape($username));
$password=$this->security->xss_clean(html_escape($password));
$query=$this->db->query("select * from db_users where username=\'$username\' and password=\'".md5($password)."\' and status=1");
if($query->num_rows()==1){
$logdata = array(\'inv_username\' => $query->row()->username,
\'inv_userid\' => $query->row()->id,
\'logged_in\' => TRUE
);
$this->session->set_userdata($logdata);
$this->session->set_flashdata(\'success\', \'Welcome \'.$query->row()->username." !");
return true;
}
else{
return false;
}
}
public function verify_email_send_otp($email)
{
$q1=$this->db->query("select email,company_name from db_company where email<>\'\'");
if($q1->num_rows()==0){
$this->session->set_flashdata(\'failed\', \'Failed to send OTP! Contact admin :(\');
return false;
exit();
}
//Filtering XSS and html escape from user inputs
$email_id=$this->security->xss_clean(html_escape($email));
$query=$this->db->query("select * from db_users where email=\'$email\' and status=1");
if($query->num_rows()==1){
$otp=rand(1000,9999);
$server_subject = "OTP for Password Change | OTP: ".$otp;
$ready_message="---------------------------------------------------------
Hello User,
You are requested for Password Change,
Please enter ".$otp." as a OTP.
Note: Don\'t share this OTP with anyone.
Thank you
---------------------------------------------------------
";
$this->load->library(\'email\');
$this->email->from($q1->row()->email, $q1->row()->company_name);
$this->email->to($email_id);
$this->email->subject($server_subject);
$this->email->message($ready_message);
if($this->email->send()){
//redirect(\'contact/success\');
$this->session->set_flashdata(\'success\', \'OTP has been sent to your email ID!\');
$otpdata = array(\'email\' => $email,\'otp\' => $otp );
$this->session->set_userdata($otpdata);
//echo "Email Sent";
return true;
}
else{
//echo "Failed to Send Message.Try again!";
return false;
}
}
else{
return false;
}
}
public function verify_otp($otp)
{
//Filtering XSS and html escape from user inputs
$otp=$this->security->xss_clean(html_escape($otp));
$email=$this->security->xss_clean(html_escape($email));
if($this->session->userdata(\'email\')==$email){ redirect(base_url().\'logout\',\'refresh\'); }
$query=$this->db->query("select * from db_users where username=\'$username\' and password=\'".md5($password)."\' and status=1");
if($query->num_rows()==1){
$logdata = array(\'inv_username\' => $query->row()->username,
\'inv_userid\' => $query->row()->id,
\'logged_in\' => TRUE
);
$this->session->set_userdata($logdata);
return true;
}
else{
return false;
}
}
public function change_password($password,$email){
$query=$this->db->query("select * from db_users where email=\'$email\' and status=1");
if($query->num_rows()==1){
/*if($query->row()->username == \'admin\'){
echo "Restricted Admin Password Change";exit();
}*/
$password=md5($password);
$query1="update db_users set password=\'$password\' where email=\'$email\'";
if ($this->db->simple_query($query1)){
return true;
}
else{
return false;
}
}
else{
return false;
}
}
}'
Did this file decode correctly?
Original Code
<?php eval("?>".base64_decode("PD9waHANCg0KLyoqDQogKiBBdXRob3I6IEFza2FyYWxpIE1ha2FuYWRhcg0KICogRGF0ZTogMDUtMTEtMjAxOA0KICovDQpjbGFzcyBMb2dpbl9tb2RlbCBleHRlbmRzIENJX01vZGVsDQp7DQoJDQoJZnVuY3Rpb24gX19jb25zdHJ1Y3QoKQ0KCXsNCgkJcGFyZW50OjpfX2NvbnN0cnVjdCgpOw0KCX0NCg0KCXB1YmxpYyBmdW5jdGlvbiB2ZXJpZnlfY3JlZGVudGlhbHMoJHVzZXJuYW1lLCRwYXNzd29yZCkNCgl7DQoJCS8vRmlsdGVyaW5nIFhTUyBhbmQgaHRtbCBlc2NhcGUgZnJvbSB1c2VyIGlucHV0cyANCgkJJHVzZXJuYW1lPSR0aGlzLT5zZWN1cml0eS0+eHNzX2NsZWFuKGh0bWxfZXNjYXBlKCR1c2VybmFtZSkpOw0KCQkkcGFzc3dvcmQ9JHRoaXMtPnNlY3VyaXR5LT54c3NfY2xlYW4oaHRtbF9lc2NhcGUoJHBhc3N3b3JkKSk7DQoJCQkJDQoJCSRxdWVyeT0kdGhpcy0+ZGItPnF1ZXJ5KCJzZWxlY3QgKiBmcm9tIGRiX3VzZXJzIHdoZXJlIHVzZXJuYW1lPSckdXNlcm5hbWUnIGFuZCBwYXNzd29yZD0nIi5tZDUoJHBhc3N3b3JkKS4iJyBhbmQgc3RhdHVzPTEiKTsNCgkJaWYoJHF1ZXJ5LT5udW1fcm93cygpPT0xKXsNCg0KCQkJJGxvZ2RhdGEgPSBhcnJheSgnaW52X3VzZXJuYW1lJyAgPT4gJHF1ZXJ5LT5yb3coKS0+dXNlcm5hbWUsDQoJCQkJICAgICAgICAJICdpbnZfdXNlcmlkJyAgPT4gJHF1ZXJ5LT5yb3coKS0+aWQsDQoJCQkJICAgICAgICAJICdsb2dnZWRfaW4nID0+IFRSVUUgDQoJCQkJICAgICAgICAJKTsNCgkJCSR0aGlzLT5zZXNzaW9uLT5zZXRfdXNlcmRhdGEoJGxvZ2RhdGEpOw0KCQkJJHRoaXMtPnNlc3Npb24tPnNldF9mbGFzaGRhdGEoJ3N1Y2Nlc3MnLCAnV2VsY29tZSAnLiRxdWVyeS0+cm93KCktPnVzZXJuYW1lLiIgISIpOw0KCQkJcmV0dXJuIHRydWU7DQoJCX0NCgkJZWxzZXsNCgkJCXJldHVybiBmYWxzZTsNCgkJfQkJDQoJfQ0KCXB1YmxpYyBmdW5jdGlvbiB2ZXJpZnlfZW1haWxfc2VuZF9vdHAoJGVtYWlsKQ0KCXsNCgkJJHExPSR0aGlzLT5kYi0+cXVlcnkoInNlbGVjdCBlbWFpbCxjb21wYW55X25hbWUgZnJvbSBkYl9jb21wYW55IHdoZXJlIGVtYWlsPD4nJyIpOw0KCQlpZigkcTEtPm51bV9yb3dzKCk9PTApew0KCQkJJHRoaXMtPnNlc3Npb24tPnNldF9mbGFzaGRhdGEoJ2ZhaWxlZCcsICdGYWlsZWQgdG8gc2VuZCBPVFAhIENvbnRhY3QgYWRtaW4gOignKTsNCgkJCXJldHVybiBmYWxzZTsNCgkJCWV4aXQoKTsNCgkJfQ0KCQkvL0ZpbHRlcmluZyBYU1MgYW5kIGh0bWwgZXNjYXBlIGZyb20gdXNlciBpbnB1dHMgDQoJCSRlbWFpbF9pZD0kdGhpcy0+c2VjdXJpdHktPnhzc19jbGVhbihodG1sX2VzY2FwZSgkZW1haWwpKTsNCgkJCQkNCgkJJHF1ZXJ5PSR0aGlzLT5kYi0+cXVlcnkoInNlbGVjdCAqIGZyb20gZGJfdXNlcnMgd2hlcmUgZW1haWw9JyRlbWFpbCcgYW5kIHN0YXR1cz0xIik7DQoJCWlmKCRxdWVyeS0+bnVtX3Jvd3MoKT09MSl7DQoJCQkkb3RwPXJhbmQoMTAwMCw5OTk5KTsNCg0KCQkJJHNlcnZlcl9zdWJqZWN0ID0gIk9UUCBmb3IgUGFzc3dvcmQgQ2hhbmdlIHwgT1RQOiAiLiRvdHA7DQoJCQkkcmVhZHlfbWVzc2FnZT0iLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpIZWxsbyBVc2VyLA0KDQpZb3UgYXJlIHJlcXVlc3RlZCBmb3IgUGFzc3dvcmQgQ2hhbmdlLA0KUGxlYXNlIGVudGVyICIuJG90cC4iIGFzIGEgT1RQLg0KDQpOb3RlOiBEb24ndCBzaGFyZSB0aGlzIE9UUCB3aXRoIGFueW9uZS4NClRoYW5rIHlvdQ0KLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQoJCSI7DQoJCQ0KCQkJJHRoaXMtPmxvYWQtPmxpYnJhcnkoJ2VtYWlsJyk7DQoJCQkkdGhpcy0+ZW1haWwtPmZyb20oJHExLT5yb3coKS0+ZW1haWwsICRxMS0+cm93KCktPmNvbXBhbnlfbmFtZSk7DQoJCQkkdGhpcy0+ZW1haWwtPnRvKCRlbWFpbF9pZCk7DQoJCQkkdGhpcy0+ZW1haWwtPnN1YmplY3QoJHNlcnZlcl9zdWJqZWN0KTsNCgkJCSR0aGlzLT5lbWFpbC0+bWVzc2FnZSgkcmVhZHlfbWVzc2FnZSk7DQoNCgkJCWlmKCR0aGlzLT5lbWFpbC0+c2VuZCgpKXsNCgkJCQkvL3JlZGlyZWN0KCdjb250YWN0L3N1Y2Nlc3MnKTsNCgkJCQkkdGhpcy0+c2Vzc2lvbi0+c2V0X2ZsYXNoZGF0YSgnc3VjY2VzcycsICdPVFAgaGFzIGJlZW4gc2VudCB0byB5b3VyIGVtYWlsIElEIScpOw0KCQkJCSRvdHBkYXRhID0gYXJyYXkoJ2VtYWlsJyAgPT4gJGVtYWlsLCdvdHAnICA9PiAkb3RwICk7DQoJCQkJJHRoaXMtPnNlc3Npb24tPnNldF91c2VyZGF0YSgkb3RwZGF0YSk7DQoJCQkJLy9lY2hvICJFbWFpbCBTZW50IjsNCgkJCQlyZXR1cm4gdHJ1ZTsNCgkJCX0NCgkJCWVsc2V7DQoJCQkJLy9lY2hvICJGYWlsZWQgdG8gU2VuZCBNZXNzYWdlLlRyeSBhZ2FpbiEiOw0KCQkJCXJldHVybiBmYWxzZTsNCgkJCX0NCgkJfQ0KCQllbHNlew0KCQkJcmV0dXJuIGZhbHNlOw0KCQl9CQkNCgl9DQoJcHVibGljIGZ1bmN0aW9uIHZlcmlmeV9vdHAoJG90cCkNCgl7DQoJCS8vRmlsdGVyaW5nIFhTUyBhbmQgaHRtbCBlc2NhcGUgZnJvbSB1c2VyIGlucHV0cyANCgkJJG90cD0kdGhpcy0+c2VjdXJpdHktPnhzc19jbGVhbihodG1sX2VzY2FwZSgkb3RwKSk7DQoJCSRlbWFpbD0kdGhpcy0+c2VjdXJpdHktPnhzc19jbGVhbihodG1sX2VzY2FwZSgkZW1haWwpKTsNCgkJaWYoJHRoaXMtPnNlc3Npb24tPnVzZXJkYXRhKCdlbWFpbCcpPT0kZW1haWwpeyByZWRpcmVjdChiYXNlX3VybCgpLidsb2dvdXQnLCdyZWZyZXNoJyk7CX0NCgkJCQkNCgkJJHF1ZXJ5PSR0aGlzLT5kYi0+cXVlcnkoInNlbGVjdCAqIGZyb20gZGJfdXNlcnMgd2hlcmUgdXNlcm5hbWU9JyR1c2VybmFtZScgYW5kIHBhc3N3b3JkPSciLm1kNSgkcGFzc3dvcmQpLiInIGFuZCBzdGF0dXM9MSIpOw0KCQlpZigkcXVlcnktPm51bV9yb3dzKCk9PTEpew0KDQoJCQkkbG9nZGF0YSA9IGFycmF5KCdpbnZfdXNlcm5hbWUnICA9PiAkcXVlcnktPnJvdygpLT51c2VybmFtZSwNCgkJCQkgICAgICAgIAkgJ2ludl91c2VyaWQnICA9PiAkcXVlcnktPnJvdygpLT5pZCwNCgkJCQkgICAgICAgIAkgJ2xvZ2dlZF9pbicgPT4gVFJVRSANCgkJCQkgICAgICAgIAkpOw0KCQkJJHRoaXMtPnNlc3Npb24tPnNldF91c2VyZGF0YSgkbG9nZGF0YSk7DQoJCQlyZXR1cm4gdHJ1ZTsNCgkJfQ0KCQllbHNlew0KCQkJcmV0dXJuIGZhbHNlOw0KCQl9CQkNCgl9DQoJcHVibGljIGZ1bmN0aW9uIGNoYW5nZV9wYXNzd29yZCgkcGFzc3dvcmQsJGVtYWlsKXsNCgkJCSRxdWVyeT0kdGhpcy0+ZGItPnF1ZXJ5KCJzZWxlY3QgKiBmcm9tIGRiX3VzZXJzIHdoZXJlIGVtYWlsPSckZW1haWwnIGFuZCBzdGF0dXM9MSIpOw0KCQkJaWYoJHF1ZXJ5LT5udW1fcm93cygpPT0xKXsNCgkJCQkvKmlmKCRxdWVyeS0+cm93KCktPnVzZXJuYW1lID09ICdhZG1pbicpew0KCQkJCQllY2hvICJSZXN0cmljdGVkIEFkbWluIFBhc3N3b3JkIENoYW5nZSI7ZXhpdCgpOw0KCQkJCX0qLw0KCQkJCSRwYXNzd29yZD1tZDUoJHBhc3N3b3JkKTsNCgkJCQkkcXVlcnkxPSJ1cGRhdGUgZGJfdXNlcnMgc2V0IHBhc3N3b3JkPSckcGFzc3dvcmQnIHdoZXJlIGVtYWlsPSckZW1haWwnIjsNCgkJCQlpZiAoJHRoaXMtPmRiLT5zaW1wbGVfcXVlcnkoJHF1ZXJ5MSkpew0KDQoJCQkJICAgICAgICByZXR1cm4gdHJ1ZTsNCgkJCQl9DQoJCQkJZWxzZXsNCgkJCQkgICAgICAgIHJldHVybiBmYWxzZTsNCgkJCQl9DQoJCQl9DQoJCQllbHNlew0KCQkJCXJldHVybiBmYWxzZTsNCgkJCQl9DQoNCgkJfQ0KfQ==")); ?>
Function Calls
base64_decode | 1 |
Stats
MD5 | 23a576b02417dad919911abe08fe8a63 |
Eval Count | 1 |
Decode Time | 86 ms |