Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $__='printf';$_='Loading AppController'; ..
Decoded Output download
b'
namespace app\controllers;
use app\components\AjaxResponse;
use app\components\api\ApiManager;
use app\components\AuthyApiManager;
use app\components\AwarenessWebsite;
use app\components\AzureOAuthManager;
use app\components\AzureServerManager;
use app\components\CookieManager;
use app\components\DomainManager;
use app\components\EnduserManager;
use app\components\filters\ChangePasswordFilter;
use app\components\JsonManager;
use app\components\License;
use app\components\NotificationManager;
use app\components\PhishingReportManager;
use app\components\SamlManager;
use app\components\SslManager;
use app\components\SsoBaseManager;
use app\components\SsoManager;
use app\components\UserIdentity;
use app\components\UserManager;
use app\components\VictimManager;
use app\components\WebUser;
use app\exceptions\FormValidationException;
use app\forms\LoginForm;
use app\helpers\AppLogger;
use CAction;
use CampaignEvent;
use CampaignEventVictim;
use CDbCriteria;
use CHtml;
use CHttpCookie;
use CHttpException;
use Exception;
use LicenseLog;
use PasswordCommonManager;
use Resque;
use Role;
use User;
use UserConfirmAuthyForm;
use UserEditForm;
use UserPasswordEditForm;
use UserPermission;
use Yii;
/**
* Main app controller.
*/
class AppController extends Controller {
/**
* @return array action filters
*/
public function filters() {
$noAuth = implode(", ", [
"index",
"login",
"createAdmin",
"error",
"confirmAuthy",
"resendAuthyToken",
"verify",
"recovery",
"reset",
"captcha",
"event",
"o365Config",
"ssoError",
"ssoLogin",
"OAuth",
]);
return [
"accessControl - $noAuth, logout",
"checkAuth - $noAuth, addPhishingReport",
"checkDomain - event, o365Config, addPhishingReport",
"https + login, confirmAuthy, createAdmin",
"postOnly + closeNotification",
[ChangePasswordFilter::class . " - $noAuth, logout, addPhishingReport"],
"ajaxOnly + resendAuthyToken, closeNotification",
];
}
/**
* Returns a list of external action classes.
* @return array
*/
public function actions() {
return [
"captcha" => [
"class" => "CCaptchaAction",
"testLimit" => 1,
],
];
}
/**
* @return array access rules
*/
public function accessRules() {
$userActions = $this->_getUserActions();
$userManager = new UserManager();
return $userManager->getRules($userActions);
}
/**
* Get allowed for user actions
* @return array
*/
private function _getUserActions() {
$userManager = new UserManager();
$user = Yii::app()->user->getUser();
$actions = [
"azureAdAuth",
"closeNotification",
"hideNotification",
];
$rules = [
UserPermission::API => [
"swaggerUi",
],
];
foreach ($rules as $permission => $acts) {
if ($userManager->hasPermission($user, $permission)) {
$actions = array_merge($actions, $acts);
}
}
return $actions;
}
/**
* Before action
* @param CAction $action
* @return boolean
*/
protected function beforeAction($action) {
if (!parent::beforeAction($action)) {
return false;
}
switch ($action->id) {
case "login":
case "recovery":
case "reset":
if (!Yii::app()->user->isGuest) {
if (Yii::app()->user->isEnduser()) {
$this->redirect(EnduserManager::getEnduserUrl("enduser/profile"));
} else {
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
$this->redirect(["campaign/index"]);
}
}
break;
case "confirmAuthy":
if (Yii::app()->user->isGuest) {
$this->redirect(["app/login"]);
} elseif (Yii::app()->user->getState("2faVerified")) {
if (Yii::app()->user->isEnduser()) {
$this->redirect(EnduserManager::getEnduserUrl("enduser/profile"));
} else {
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
$this->redirect(["campaign/index"]);
}
}
break;
default:
break;
}
return true;
}
/**
* Get 404 template
* @return string
*/
private function _getNotFoundTemplate() {
$dm = new DomainManager();
return $dm->getNotFoundContent();
}
/**
* Redirect user to the login page
*/
public function actionIndex() {
if (!$this->_system->admin_path || $this->_system->admin_path == "admin") {
if (!User::model()->count() && Yii::app()->system->isSaas()) {
return $this->redirect(["app/createAdmin"]);
}
}
$system = Yii::app()->system->getModel();
$baseUrl = Yii::app()->system->getAdminDomain() . ($system->admin_port ? ":{$system->admin_port}" : "");
if ($system->enduser_portal_full_domain != $baseUrl && $system->enduser_portal_full_domain == $_SERVER["HTTP_HOST"]) {
return $this->redirect(["enduser/login"]);
} else {
return $this->redirect(["app/login"]);
}
}
/**
* Azure ad auth
* @param $id
* @return void
* @throws CHttpException
*/
public function actionAzureAdAuth($id = null) {
try {
$azureServerManager = new AzureServerManager();
$id = $id ? $id : Yii::app()->user->getState("OAuth2.azureServerId");
$azureServer = null;
if ($id) {
$azureServer = $azureServerManager->getAzureServer($id);
}
if (!$azureServer) {
throw new CHttpException(404, __t("Azure Server not found."));
}
$ssoOAuthManager = new AzureOAuthManager(AzureOAuthManager::IMPORT_AUTH);
$ssoOAuthManager->setProvider(
Yii::app()->createAbsoluteUrl("oauth"),
$azureServer->azure_client_id,
$azureServer->client_secret,
$azureServer->tenant_id
);
if (isset($_GET["code"]) && Yii::app()->user->getState("OAuth2.state") && isset($_GET["state"])) {
if ($_GET["state"] == Yii::app()->user->getState("OAuth2.state")) {
$token = $ssoOAuthManager->generateToken($_GET["code"]);
$azureServer->refresh_token = $token->getRefreshToken();
$azureServer->access_token = $token->getToken();
$azureServer->save();
Yii::app()->user->setFlash("success", __t("Successfully authenticated."));
return $this->redirect(["azureServer/edit", "id" => $azureServer->id]);
} else {
AppLogger::error("OAuth Authentication Error");
Yii::app()->user->setFlash("error", "OAuth Authentication Error");
}
} else {
$authorizationUrl = $ssoOAuthManager->getAuthorizationUrl();
Yii::app()->user->setState("OAuth2.state", $ssoOAuthManager->getState());
Yii::app()->user->setState("OAuth2.azureServerId", $azureServer->id);
return $this->redirect($authorizationUrl);
}
} catch (Exception $exception) {
AppLogger::error($exception->getMessage() . PHP_EOL . $exception->getTraceAsString());
Yii::app()->user->setFlash("error", "OAuth Authentication Error");
$this->redirect(["azureServer/edit", "id" => $azureServer->id]);
;
}
}
/**
* OAuth
*
* @param $type
* @param null|string $redirectUrl
* @return void|null
* @throws Exception
*/
public function actionOauth($type, $redirectUrl = null) {
$ssoOAuthManager = new AzureOAuthManager(AzureOAuthManager::BASIC_AUTH);
try {
$ssoOAuthManager->setProvider(
Yii::app()->createAbsoluteUrl("app/oauth", ["type" => $type]),
Yii::app()->system->sso_oauth_client_id,
Yii::app()->system->sso_oauth_client_secret,
Yii::app()->system->sso_oauth_tenant_id
);
} catch (Exception $ex) {
AppLogger::error($ex->getMessage() . PHP_EOL . $ex->getTraceAsString());
Yii::app()->user->setFlash("error", "OAuth Authentication Error");
$this->redirect($type === SsoBaseManager::ADMIN_TYPE ? $this->createUrl("admin/login") : EnduserManager::getEnduserUrl("enduser/login"));
}
if (isset($_GET["code"]) && Yii::app()->user->getState("OAuth2.state") && isset($_GET["state"])) {
if ($_GET["state"] == Yii::app()->user->getState("OAuth2.state")) {
$redirectUrl = Yii::app()->user->getState("OAuth2.redirectUrl");
Yii::app()->user->setState("OAuth2.redirectUrl", null);
$ssoOAuthManager->generateToken($_GET["code"]);
$me = $ssoOAuthManager->getMe();
$system = Yii::app()->system->getModel();
try {
// Look for "mail" or "userPrincipalName" fields
$mail = !empty($me["mail"]) ? $me["mail"] : (!empty($me["userPrincipalName"]) ? $me["userPrincipalName"] : "");
if (!empty($mail)) {
$login = $mail;
$identity = new UserIdentity($login, null);
if ($type == SsoBaseManager::ADMIN_TYPE) {
$identity->authenticate(true, false, true);
Yii::app()->user->login($identity);
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
Yii::app()->user->setId($identity->getId());
License::log(LicenseLog::TYPE_USER_LOGIN, "-");
$api = new ApiManager();
$api->persistToken($identity);
} else {
$enduserManager = new EnduserManager();
$name = !empty($me["displayName"]) ? $me["displayName"] : $login;
$language = !empty($me["preferredLanguage"]) ? substr($me["preferredLanguage"], 0, 2) : null;
$enduserManager->createFromSso($login, $name, $language);
$identity->authenticate(true, true, true);
Yii::app()->user->login($identity);
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
Yii::app()->user->setId($identity->getId());
License::log(LicenseLog::TYPE_USER_LOGIN, "-");
}
} else {
throw new Exception(__t("Email cannot be blank."));
}
} catch (Exception $e) {
AppLogger::error($e->getMessage() . PHP_EOL . $e->getTraceAsString());
Yii::app()->user->setFlash("error", $e->getMessage());
if ($this->_system->sso_auto_login) {
$system->sso_auto_login_error = true;
$system->save(["sso_auto_login_error"]);
}
}
$this->redirect($redirectUrl);
} else {
AppLogger::error("OAuth Authentication Error");
Yii::app()->user->setFlash("error", "OAuth Authentication Error");
}
} else {
$authorizationUrl = $ssoOAuthManager->getAuthorizationUrl();
Yii::app()->user->setState("OAuth2.state", $ssoOAuthManager->getState());
Yii::app()->user->setState("OAuth2.redirectUrl", $redirectUrl);
$this->redirect($authorizationUrl);
}
}
/**
* Sso Login page
* @param null $redirect
* @param null $type
* @return void
* @throws Exception
*/
public function actionSsoLogin($redirect = null, $type = null) {
$ssoManager = new SsoManager();
$system = Yii::app()->system->getModel();
// Redirect to login page if the redirect url is not to the same domain of the server
if (!empty($redirect) && !$ssoManager->checkIfUrlHasAppDomain($redirect)) {
$errorMessage = "SSO Authentication Error: wrong return URI parameter.";
AppLogger::error("{$errorMessage} The URI parameter that was given is {$redirect}");
Yii::app()->user->setFlash("error", $errorMessage);
// Redirect to login page
return $this->redirect($type === SsoBaseManager::ADMIN_TYPE ? $this->createUrl("admin/login") : EnduserManager::getEnduserUrl("enduser/login"));
}
if (Yii::app()->system->sso_enabled) {
if (Yii::app()->system->sso_protocol === SsoBaseManager::SAML_PROTOCOL) {
if (!$ssoManager->isAuthenticated() && $ssoManager->settingsCheck()) {
$ssoManager->checkSamlAuth($redirect);
}
if ($ssoManager->isAuthenticated()) {
$system->sso_auto_login_error = true;
$system->save(["sso_auto_login_error"]);
return $this->redirect($redirect ? $redirect : ["app/login"]);
}
} elseif (Yii::app()->system->sso_protocol === SsoBaseManager::OAUTH_PROTOCOL) {
return $this->redirect(["app/oauth", "type" => $type, "redirectUrl" => $redirect ? $redirect : Yii::app()->createAbsoluteUrl("app/login")]);
}
}
}
/**
* Log the user in and redirect to a project list
* @param string $link
* @param bool $clearToken
* @throws Exception
*/
public function actionLogin($link = null, $clearToken = false) {
if (!User::model()->count() && Yii::app()->system->isSaas()) {
return $this->redirect(["app/createAdmin"]);
}
$system = Yii::app()->system->getModel();
$form = new LoginForm();
// forward the system\'s general name to the LoginForm (can be empty)
$form->generalName = Yii::app()->system->general_name;
//Check if generalName is empty if its empty set it to "ThriveDX"
if (empty($form->generalName)) {
$form->generalName = "ThriveDX";
}
$isSaml = false;
try {
if (!empty($link)) {
$sm = new SamlManager();
if (!$system->sso_auto_login_error && $sm->isSamlLink($link)) {
$user = $sm->samlAuthorization($link);
$form->email = $user->email;
$form->password = $user->password;
$form->language = !empty($_POST["LoginForm"]["language"]) ? $_POST["LoginForm"]["language"] : null;
$_POST["LoginForm"] = $form;
$isSaml = true;
}
}
} catch (Exception $e) {
Yii::app()->user->setFlash("error", $e->getMessage());
return $this->redirect($this->createUrl("admin/login"));
}
// collect user input data
if (isset($_POST["LoginForm"])) {
$form->attributes = $_POST["LoginForm"];
$form->setSaml($isSaml);
if ($form->validate()) {
$cookieLanguage = new CHttpCookie(CookieManager::COOKIE_LANGUAGE, $form->language);
$cookieLanguage->path = "/";
$cookieLanguage->secure = true;
$cookieLanguage->expire = time() + 60 * 60 * 24 * 30;
Yii::app()->request->cookies[CookieManager::COOKIE_LANGUAGE] = $cookieLanguage;
$userManager = new UserManager();
$user = User::model()->findByAttributes([
"email" => $form->attributes["email"]
]);
if ($user && Yii::app()->system->getAccountLockout() && $user->locked_at) {
if ($userManager->unlockAccountHandler($user)) {
return $this->redirect($this->createUrl("app/login"));
}
}
if ($form->login($isSaml)) {
if (Yii::app()->user->getCertificateRequired()) {
return $this->redirect(["app/verify"]);
} elseif (Yii::app()->user->getTwoFactorAuthRequired()) {
Yii::app()->user->setState("2faVerified", false);
return $this->redirect(["app/confirmAuthy"]);
} else {
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
// Validate, that user has email
$email = $user->email ?? Yii::app()->user->email;
if ($email) {
Resque::redis()->del("{$email}.loginAttempt");
}
$lastVisitedUrl = CookieManager::get(null, null, "lastVisitedUrl");
if ($lastVisitedUrl) {
CookieManager::delete(null, null, "lastVisitedUrl", "", "");
return $this->redirect($lastVisitedUrl);
}
return $this->redirect(["campaign/index"]);
}
} else {
$form->password = null;
if (Yii::app()->system->getAccountLockout()) {
$user = User::model()->findByAttributes([
"email" => $form->attributes["email"]
]);
if ($user) {
$userManager->lockAccountHandler($user);
} else {
Yii::app()->user->setFlash("error", __t("Incorrect username or password."));
}
} else {
Yii::app()->user->setFlash("error", __t("Incorrect username or password."));
}
}
} else {
$form->password = null;
Yii::app()->user->setFlash("error", __t("Please fix the errors below."));
}
} else {
$clearToken = true;
}
if ($system->sso_enabled && $system->sso_auto_login && !$system->sso_auto_login_error && Yii::app()->user->isGuest) {
return $this->redirect(["app/ssoLogin", "type" => SsoBaseManager::ADMIN_TYPE]);
}
$system->sso_auto_login_error = false;
$system->save(["sso_auto_login_error"]);
// display the login form
$this->pageTitle = __t("Login");
$this->render("login", [
"form" => $form,
"recovery" => true,
"clearToken" => $clearToken,
"ssoEnabled" => Yii::app()->system->sso_enabled,
"enduser" => 0,
"ssoRedirect" => null,
]);
}
/**
* 2FA authentication
*/
public function actionConfirmAuthy() {
$form = new UserConfirmAuthyForm();
$authyManager = new AuthyApiManager(Yii::app()->system->getModel()->auth_api_key);
/** @var User $user */
$user = Yii::app()->user->getUser();
if (isset($_POST["UserConfirmAuthyForm"])) {
$form->attributes = $_POST["UserConfirmAuthyForm"];
if ($form->validate()) {
try {
$result = $authyManager->verifyToken($user->authy_id, $form->code);
Yii::app()->user->setState("2faVerified", $result["success"]);
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
return $this->redirect(["campaign/index"]);
} catch (Exception $e) {
if (in_array($e->getCode(), [404, 500])) {
Yii::app()->user->setState("2faVerified", true);
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
return $this->redirect(["campaign/index"]);
} else {
Yii::app()->user->setFlash("error", $e->getMessage());
}
}
} else {
Yii::app()->user->setFlash("error", __t("Please fix the errors below."));
}
} else {
try {
$authyManager->requestSms($user->authy_id);
} catch (Exception $e) {
Yii::app()->user->setFlash("error", $e->getMessage());
}
}
$this->layout = "//layouts/authy";
$this->pageTitle = __t("Two Factor Authentication");
$this->render("confirm-authy", [
"form" => $form,
]);
}
/**
* Swagger UI
*/
public function actionSwaggerUi() {
$swaggerData = ApiManager::json();
$this->breadcrumbs[] = [__t("Common System Settings"), $this->createUrl("domain/index")];
$this->breadcrumbs[] = [__t("API Whitelist"), $this->createUrl("settings/whitelist")];
$this->breadcrumbs[] = [__t("API documentation"), ""];
$this->vuejs = true;
$this->render("swagger", [
"data" => $swaggerData
]);
}
/**
* Resend 2FA token
*/
public function actionResendAuthyToken() {
$response = new AjaxResponse();
try {
if (!Yii::app()->user->getTwoFactorAuthRequired()) {
throw new CHttpException(403, __t("Permission denied."));
}
$authyManager = new AuthyApiManager(Yii::app()->system->getModel()->auth_api_key);
/** @var User $user */
$user = Yii::app()->user->getUser();
$result = $authyManager->requestSms($user->authy_id);
$response->addData("message", CHtml::encode($result["message"]));
} catch (Exception $e) {
$response->setError($e->getMessage());
}
echo $response->serialize();
}
/**
* Password reset
*/
public function actionReset($key) {
$user = User::model()->findByAttributes([
"security_key" => $key
]);
if (!$user || $user->securityKeyExpired) {
Yii::app()->user->setFlash("error", __t("Verification failed. Please try again."));
return $this->redirect(["app/recovery"]);
}
$form = new UserPasswordEditForm($user->id);
// collect user input data
if (isset($_POST["UserPasswordEditForm"])) {
$form->attributes = $_POST["UserPasswordEditForm"];
try {
if (!$form->validate()) {
throw new FormValidationException();
}
$user->password_updated_at = date(ISO_DATE_TIME);
$user->password = $user->passwordFunction($form->password);
$user->save();
$mgr = new UserManager();
$passwordCommonManager = new PasswordCommonManager();
if (Yii::app()->system->getPasswordCommon() && $passwordCommonManager->isPasswordCommon($form->password)) {
$form->addError("password", __t("This password is one of the most used passwords, try another one."));
throw new FormValidationException();
} elseif (Yii::app()->system->getPasswordHistory() && $mgr->isPasswordRestricted($user->id, $form->password)) {
$form->addError("password", __t("This password has been previously used, please create a new password."));
throw new FormValidationException();
} else {
$mgr->setPassword($user, $form->password);
$mgr->setPasswordHistory($user->id, $user->password);
$mgr->generateSecurityKey($user);
}
Yii::app()->user->setFlash("success", __t("Password successfully changed."));
return $this->redirect(["app/login"]);
} catch (FormValidationException $e) {
Yii::app()->user->setFlash("error", __t("Please fix the errors below."));
}
}
$this->pageTitle = __t("Reset Your Password");
$this->render("password-reset", [
"form" => $form,
"strengthCheckEnabled" => Yii::app()->system->getPasswordStrengthCheck()
]);
}
/**
* Password recovery request
*/
public function actionRecovery() {
$form = new LoginForm(LoginForm::RECOVERY);
// forward the system\'s general name to the LoginForm (can be empty)
$form->generalName = Yii::app()->system->general_name;
// collect user input data
if (isset($_POST["LoginForm"])) {
$form->attributes = $_POST["LoginForm"];
if ($form->validate()) {
try {
$enduserManager = new EnduserManager();
$mgr = new UserManager();
$criteria = new CDbCriteria();
$criteria->addCondition("LOWER(email) = LOWER(:email)");
$criteria->addCondition("role_id != :enduser_id");
$criteria->params = [
":enduser_id" => $enduserManager->getRoleId(),
":email" => $form->email,
];
$user = User::model()->find($criteria);
if ($user) {
$mgr->sendPasswordRecoveryEmail($user, 0);
}
Yii::app()->user->setFlash("success", __t("An email with password reset instructions is sent to the entered email address."));
return $this->redirect(["app/login"]);
} catch (Exception $e) {
Yii::app()->user->setFlash("error", __t("Sorry, an error occurred while sending email."));
AppLogger::error($e->getMessage());
}
} else {
Yii::app()->user->setFlash("error", __t("Please fix the errors below."));
}
}
$this->pageTitle = __t("Password Recovery");
$this->render("login", [
"form" => $form,
"ssoRedirect" => null,
"enduser" => 0,
"ssoEnabled" => Yii::app()->system->sso_enabled,
]);
}
/**
* Log the user out and redirect to the main page
*/
public function actionLogout() {
$role = Yii::app()->user->getState("role");
License::log(LicenseLog::TYPE_USER_LOGOUT, "-");
$token = Yii::app()->user->getState("OAuth2.token");
Yii::app()->user->logout();
if (Yii::app()->system->sso_enabled) {
$ssoManager = new SsoManager();
if (Yii::app()->system->sso_protocol === SsoBaseManager::SAML_PROTOCOL && $ssoManager->isAuthenticated()) {
$ssoManager->logout($role);
} elseif (Yii::app()->system->sso_protocol === SsoBaseManager::OAUTH_PROTOCOL && $token) {
$azureOAuthManager = new AzureOAuthManager();
$azureOAuthManager->setProvider(
null,
Yii::app()->system->sso_oauth_client_id,
Yii::app()->system->sso_oauth_client_secret,
Yii::app()->system->sso_oauth_tenant_id
);
$azureOAuthManager->logout($role == Role::ENDUSER ? EnduserManager::getEnduserUrl("enduser/login") : $ssoManager->getRedirectUrl(Yii::app()->createUrl("app/login")));
exit;
}
}
switch ($role) {
case Role::ENDUSER:
return $this->redirect(EnduserManager::getEnduserUrl("enduser/login"));
default:
return $this->redirect(["app/login"]);
}
}
/**
* Exception handler
*/
public function actionError() {
$error = Yii::app()->errorHandler->error;
$this->breadcrumbs[] = [__t("Error"), ""];
if ($error) {
$message = $error["message"];
switch ($error["code"]) {
case 404:
$template = $this->_getNotFoundTemplate();
if ($template) {
echo $template;
exit();
}
break;
case 400:
$message = __t("Your session has been terminated. Please log in again.");
break;
case 500:
AppLogger::error($message);
$uniqueHash = strtoupper(substr(hash("sha256", time() . rand() . $error["message"]), 0, 16));
$message = __t("Internal server error. Please send this error code to the administrator - {code}.", [
"{code}" => $uniqueHash
]);
break;
}
if (Yii::app()->request->isAjaxRequest) {
echo $message;
} else {
$this->pageTitle = __t("Error {code}", [ "{code}" => $error["code"] ]);
$this->render("error", [
"message" => $message
]);
}
}
}
/**
* Verify user\'s certificate, if needed
*/
public function actionVerify() {
/** @var WebUser $user */
$user = Yii::app()->user;
if ($user->isGuest) {
return $this->redirect(["app/login"]);
}
if (!$user->getCertificateRequired()) {
if ($user->getTwoFactorAuthRequired()) {
return $this->redirect(["app/confirmAuthy"]);
} else {
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
return $this->redirect(["campaign/index"]);
}
}
$user->setState("certificateVerified", false);
$serial = $user->getCertificateSerial();
$issuer = $user->getCertificateIssuer();
$email = $user->getEmail();
$validations = [
"SSL_CLIENT_VERIFY" => "SUCCESS",
"SSL_CLIENT_M_SERIAL" => $serial,
"SSL_CLIENT_I_DN" => SslManager::formatSslClientParam($issuer),
"SSL_CLIENT_S_DN_Email" => $email,
];
if ($serial && $issuer) {
$failed = false;
foreach ($validations as $key => $validator) {
if ($key === "SSL_CLIENT_I_DN") {
if (isset($_SERVER[$key])) {
$_SERVER[$key] = SslManager::formatSslClientParam($_SERVER[$key]);
}
if (isset($_SERVER["REDIRECT_" . $key])) {
$_SERVER["REDIRECT_" . $key] = SslManager::formatSslClientParam($_SERVER["REDIRECT_" . $key]);
}
}
if (isset($_SERVER[$key]) && $_SERVER[$key] == $validator) {
continue;
}
if (isset($_SERVER["REDIRECT_" . $key]) && $_SERVER["REDIRECT_" . $key] == $validator) {
continue;
}
$failed = true;
break;
}
if ($failed) {
$user->logout();
Yii::app()->session->open();
Yii::app()->user->setFlash("error", __t("Invalid client certificate."));
return $this->redirect(Yii::app()->homeUrl);
}
}
$user->setState("certificateVerified", true);
if ($user->getTwoFactorAuthRequired()) {
return $this->redirect(["app/confirmAuthy"]);
} else {
Yii::app()->user->setState(UserIdentity::USER_JUST_LOGGED_IN, true);
return $this->redirect(["campaign/index"]);
}
}
/**
* Hide notification
* @param string $key
*/
public function actionHideNotification($key) {
$response = new AjaxResponse();
$nm = new NotificationManager();
$nm->hide($key);
echo $response->serialize();
}
/**
* Close main notification
* @param $notification
*/
public function actionCloseNotification($notification) {
$response = new AjaxResponse();
if (in_array($notification, NotificationManager::getMainNotifications())) {
$cookieName = strtolower(preg_replace(\'/(?<!^)[A-Z]/\', \'_$0\', $notification));
Yii::app()->request->cookies["dashboard_view"] = new CHttpCookie($cookieName, 0, ["expire" => time() + NotificationManager::YEAR_IN_SECONDS * 10, "httpOnly" => true, "secure" => true]);
}
echo $response->serialize();
}
/**
* Register event
*/
public function actionEvent() {
$response = new AjaxResponse();
try {
$link = filter_input(INPUT_COOKIE, CookieManager::COOKIE_AWARENESS_LINK);
$awareness = true;
if (!$link) {
$link = filter_input(INPUT_COOKIE, "link");
$awareness = false;
}
$victimManager = new VictimManager();
$victim = null;
if (!$link) {
$link = CookieManager::get(null, null, CookieManager::COOKIE_ENDUSER_DIRECT_LOGIN);
$campaignCookie = CookieManager::get(null, null, CookieManager::COOKIE_CAMPAIGN_DIRECT_LOGIN);
if (!$link) {
throw new Exception(__t("User not found."));
}
$awarenessWebsite = new AwarenessWebsite();
$email = null;
try {
$email = $awarenessWebsite->getEnduserDirectLoginEmailFromToken($link);
$campaignId = $awarenessWebsite->getEnduserDirectLoginEmailFromToken($campaignCookie);
if ($email) {
$victim = $victimManager->getVictimByEmail($email, $campaignId, null);
}
} catch (Exception $e) {
AppLogger::error($e->getMessage() . PHP_EOL . $e->getTraceAsString());
}
} else {
$victim = $victimManager->getVictim($link, $awareness);
}
if (!$victim) {
throw new Exception(__t("User not found."));
}
if (!array_key_exists("event", $_POST) || $_POST["event"] == "") {
throw new Exception(__t("No event sent."));
}
$id = $victim->scenario->campaign_id;
$event = CampaignEvent::model()->findByAttributes([
"name" => $_POST["event"],
"campaign_id" => $id
]);
if (is_null($event)) {
$event = new CampaignEvent();
$event->name = $_POST["event"];
$event->campaign_id = $id;
$event->save();
}
$eventVictim = new CampaignEventVictim();
$eventVictim->victim_id = $victim->id;
$eventVictim->campaign_event_id = $event->id;
$eventVictim->save();
if ($eventVictim->campaign_event->name == CampaignEvent::EVENT_VIDEO_FINISH) {
$victim->awareness_video_watched_at = date(ISO_DATE_TIME);
$victim->save();
}
} catch (Exception $e) {
AppLogger::error($e->getMessage() . PHP_EOL . $e->getTraceAsString());
$response->setError($e->getMessage());
}
echo $response->serialize();
}
/**
* Outlook 365 configuration action
* @param integer $client
* @throws
*/
public function actionO365Config($client = null) {
$license = new License();
$link = $this->_system->getSslUrl() . Yii::app()->createUrl("scenario/phishingReport");
if ($client && $license->getOption(License::OPTION_INCIDENT_CLIENT)) {
$link = $this->_system->getSslUrl() . Yii::app()->createUrl("scenario/phishingReport", ["client" => $client]);
}
$phishingReportManager = new PhishingReportManager();
$phishingReportSettings = $phishingReportManager->getPhishingReportSettings($this->_system->outlook_default_language);
$vars = [
"submitEmailAddress" => trim($this->_system->outlook_email),
"submitHttpUrl" => $link,
"useEmlFormat" => $this->_system->outlook_use_eml_format,
"thankYouLucy" => $phishingReportSettings->outlook_lucy_message,
"thankYou" => $phishingReportSettings->outlook_message,
"submitHttp" => $this->_system->outlook_report_http,
"submitSimulationHttp" => $this->_system->outlook_simulation_report_http,
"submitSmtp" => $this->_system->outlook_report_smtp,
"subject" => $phishingReportSettings->outlook_subject,
"useXHeaders" => $this->_system->outlook_use_x_headers,
"suppressSim" => $this->_system->outlook_suppress_simulation_email,
"moreAnalysis" => $this->_system->outlook_more_analysis,
"moreAnalysisText" => $phishingReportSettings->outlook_more_analysis_text,
"userRequest" => $phishingReportSettings->outlook_user_request,
"userRequestTitle" => $phishingReportSettings->outlook_report_title,
"errorTitle" => $phishingReportSettings->outlook_error_title,
"errorText" => $phishingReportSettings->outlook_send_error,
"buttonTitle" => $phishingReportSettings->outlook_button,
"buttonText" => $phishingReportSettings->outlook_supertip,
"reportedEmailFolder" => ($this->_system->outlook_action_with_reported_email == PhishingReportManager::NON_SYSTEM_FOLDER) ?
$this->_system->outlook_reported_email_folder :
$this->_system->outlook_action_with_reported_email,
"client" => $client,
];
$this->sendCorsHeader();
header("Content-Type: application/json");
echo JsonManager::encode($vars, JSON_UNESCAPED_SLASHES);
}
/**
* Create Admin user action
*/
public function actionCreateAdmin() {
if (User::model()->count() || !Yii::app()->system->isSaas()) {
return $this->redirect(["app/login"]);
}
/** @var UserEditForm $form */
$form = new UserEditForm(null);
$form->scenario = UserEditForm::SCENARIO_INSERT;
if (isset($_POST["UserEditForm"])) {
$form->attributes = $_POST["UserEditForm"];
$form->name = "Administrator";
try {
/** @var Role $adminRole */
$adminRole = Role::model()->findByAttributes(["role" => Role::ADMIN]);
$form->roleId = $adminRole->id;
if ($form->validate()) {
$user = new User();
$user->fromForm($form);
$user->password = $user->passwordFunction($form->password);
$user->save();
return $this->redirect(["app/login"]);
} else {
Yii::app()->user->setFlash("error", __t("Please fix the errors below."));
}
} catch (Exception $e) {
Yii::app()->user->setFlash("error", $e->getMessage());
}
}
$this->pageTitle = __t("Create Admin");
$this->render("create-admin", [
"form" => $form
]);
}
/**
* SSO Error Handler
*/
public function actionSsoError() {
$ssoManager = new SsoManager();
$this->breadcrumbs[] = [__t("Error"), ""];
$system = Yii::app()->system->getModel();
$system->sso_auto_login_error = true;
$system->save(["sso_auto_login_error"]);
if (isset($_REQUEST["SimpleSAML_Auth_State_exceptionId"])) {
$message = null;
try {
$ssoException = !empty($_REQUEST["SimpleSAML_Auth_State_exceptionId"]) ? $_REQUEST["SimpleSAML_Auth_State_exceptionId"] : null;
$customException = !empty($_REQUEST["error"]) ? $_REQUEST["error"] : null;
$message = $ssoException ? $ssoManager->getError($ssoException) : $customException;
} catch (Exception $ex) {
$message = $ex->getMessage() ? $ex->getMessage() : __t("Unexpected Sso error");
}
Yii::app()->user->setFlash("error", __t("{:error}", [
":error" => $message
]));
}
return $this->redirect(["app/login"]);
}
}
'Did this file decode correctly?
Original Code
<?php
$__='printf';$_='Loading AppController';
$__ = 'base64_decode' ;
$____ = 'Z3p1bmNvbXByZXNz' ;
$_ = $__('eNrlfUl34tqS7g+6gxKQ5EkNamBhBAKDE4EaNEPICCHR3IsNhl//InajdqvB6XOqar2Bl21Qs5vY0X4R0fNPH0urFa07ynbZNvylrVztwfTiHvSb2/48O/bo/no9jj17GmkD9bpWP3duu3V1290IrrnbffXfS3s7d+wpfnZ3Fufya+GzlfmprAfRdGl1t07bvL1eT611+r22cnH35oc3nK5ntimthtED13vbNfwNY7mbbTNYtyOpcjx99adnj6KFpLa8wbbhO+C7vbmAdWnDT7N72vJl1Y6ihaXCWnvRelc1Jv3iWurJDVtbd68eHFv7q3cw785c2a6HynrZlt/XA/nDsbrSuvWpunsd3mveGj174JzcoR6tDzimLTzfi4yBel93vMt6rw9W1qdU877xui1/NJvH52nZNj9gTaqe9+p29JOzj3ZLWz/BvY3W0xhsT+v29gTjB7pTLuuD3uy+tvru9hut62Ld/mz2zM70Mturd8do+ly50XNNWNd1GIV438rWu/XXNnq/tbKm0spqNRsDnCHy7Ow+R28D+GxI9gv22QHaaVlL6/PkDFR4tvyh29sd7Av5O/t8ci3SxsVpRx/6Xr652fN5dKzPK/IcOJvXNbkuRWf9qbLs4Ht/8Dk+A++6Lq3o4IZmG+fI3zeDvV4P1JPT7qoezkd1TuTeRfys/jKc3mBto/U+2sb3SVvJta7x8+dDXVr3YV3a7ycnuVfzhvpVNE/RZ4tBtIOxAY3AfO7sGSrsT2facTujEPjDu2sJzpU6Ar6stuL3qqOLO4jPk7lO7R+lARjn3jnBGiuerR/fDFxvKXO9buknr1/8PMUHVGcQSZm9UeE6ezSDn/cV8Nb03CwrOqF8eLkd/90Lnv6twflaWT/IfmsZOaJ94Pcv19POxXfdFAXo8xloSFrv5bM7MG/awPzhDYB/DyewfzLQIM73M1oHyl9wr6/1ni7j4DiG3/g3vEu5OTbwvz2+b3Rb2qG/JPQtf2gxr5vE179cj/jbXw/NwIU9gWta7r5w/XE8j99HfkaD7oXIot6TrA0ioCvYx4Fx1IKrjz8We27qJ1hZ3dCx/eDlqfidO5APsEbC75adUQS8MJpZ+nvZNbAPN7ejie+HdQN+enMNItO6ML5x7hpfOwBdAW92+vQacyD/xyl5F5yd28pySp8D70M5WPUeSfjdfgr8Sd+tBv2SOTogR2bi9btP2lOD0rpz087pvaI/ozvwWXV9GF3WQen3E7ftnVzx97/pfme/s+fhXz0/NZ7hKPKG5s0NFFfwDNCn4Ex2pjGNaz0pRUtXH+nA7ZSuD/DC6X8Y3b1rPf3DJXqKfwZeGTqqcoSzeAQ6Oxh78wp8pPI5+kB+Bz75gWNgawvP+XWf7kwc335lrR987lbyhspd6519Rs9nct7T/Gd+9ZvQM8inu9eXP9xh6I9vCvAHGXhl9+INIhjXdAu/L8J9Ut+fVwP1A+TYbAl8yWvLN6fPzvHu+HPZ/gQeO/FfgqegbO1fesrWGeiz1SC6w8+H0wKaHcg3rzfyhOfLOm3fkrEC/5lGoIPR+Zo66HnmBzyz0Rxs4K+UjqSxkL+pjL4OE385V86wL5I2kPeMT95A3uOe7eizFcpX2+b9JabRoz9LaHQL52H7Nou/u9B3KlfPGp1X1sR3DuYHk68xH13f/JM2PKf2P+G5Ir63bKtXbzA9Luea/3shvIbT5Rn3TAue5N+wPzOJ8wOVy3gRrTC+Avvb0Segx5y8Hn3PZF6kUTvzmeK9srFsZnyNf/17XLVWc4Wd4Ym/Ppggw5rKEnUHuu993Rq1QK7dx73Qf8usA9XZZ/Eag1zp6RLS4MuiuwF6lqg8Z3uLMmmR3oOn0MvqfP7vuQJ2z9rP6YLkvjTNge0igc3zwccQ6xyB9C98r0HneRwNicxne9G9j+tote9FHpwlkNcXr22GGup6gULeEdNoShYLZLdgbUcnb69KoKPsPavL6Vy8PnmZTccf67nas+SDXtthukz8OeyN4D6yns7KCn++7kEP7fkn2BcyF/gN66oTnalwbzJPvF8oE94O5s0x1FAkX9g1zflfbwR8Wo8WexnoCPTbNtW/s/ya0H2Gdhgti8co0vV2J8Xoh9Xn+TDtAB3B2ozM1VzEq6UC70v/74C+6VjqDmQd0B49N0A3IF/0a3ossI//gs+2QJf3/J6TH1gzrefnz8f77/12u24poOu3TiCTkb8wGtfO+XeM5/nzWrrHlE+Y8jvcf3DmfpjwzSu9djg5vRaepcjpcSf8KMtfU+9i84T7GL9i+jb5exwoPcdCnd6I+Xbquyewg25LSwLbhsuKp1B4HecNA9C725/R0vohOpNAlyY8h5zxFM8bRWQPDf6OZC3y+7Sylv64p17h3KMeAmes6l7RXiRr5IAMJD6G8vUEvSCSlm0f3knoBvce6CEKxfQDcgjsGm1PbVRtdyzIFThnYDeB3rI3d27HAZshDF79whh3S7SdeiOiI4Cc+lk8v+S6kxM8HTUzOq0WoLOA3QR85f33gdAmjvOud0yQQbOcHBY/h9hjuxPI0ifgidK/yDkA3g60HfuK4Pk1z+K8UAddcAJjgf0ZRHA+p9K4j/ZZlofC+5Anxs837REc7lHE/3/pKGADgl42MILxPPxLvA5s7+ZK5A5h3RqMr2yuaHMYHR34pnEs+FF2J9OQzLktwe+Wvln0ZbDwzb4tRa+gt0nAG6OcrG2+NuoZ9R/md/hx4TagXTfn2bHsc/E4BiPklf/J8fUMbRbswF3Zs5Bfbstk3WkteS2gX0l4VpqsB9DzS5udpUgS8MLsvhPeoJadBdAx1KmE9sS4p93g7FtAh+g/jJyedqobY/Wz4ZzBflEa8mufxfQ4rrPBfPUT8gOvtxX4ZI8/UWeJnx+BjtnzAyd+n3wF+xBk/WekBWHpGjH9y3esT/Tb1I+vbK6HabKOVN6PnIH5AbxXeoPrTXOqGpE8ht+GLX3+1iVP1VV5tAiuvgey2amh54q1cdHud21lu7K8jxegCXjvjyq64Dpn2eclPBV583Z1Pxe/H+gga9SWO5z9rLs3I6/Fdj/hF3V2hY4+kOfZdQr8xbFaV7DTJGcmtDvusL4nd79+SBdG/U/fyyCLdSN+/jxvtz2FzkCK7QTuD0j0f/+U5SdpPUR/Z3ov+usHYDd/OH3i20P5fRw3sGM5T9CYfu0NfsHPNtIGjDcMwQ5vG43tKzL/kNJPwb6iOuA25kmRfH8DHuZYEpxzNXRh3nZHAfng+5vh1W9y3e+FBDoB/QzOqEgnYXKczA94aesCYzuTc7efXmDPJBznKFgW5Na6E91Bn3on/LY13S5ttGfKddCUDVdyxpCPyzukY3iu4gxaJzcYeSK5lpE9ufM0Gk67YGdH7hzs0wIv4d9Ru3FhySBjrwU7dYmxERP5Xf0zqI+o23fbxIcMa/D0gbp8an22ZC6RTP1Sz798bXf6Kxmn9K8lfcaG+HCGUqA9w/wCLU/bZK/S98W8mD17aX1uHLCTXFUO2Xh8bYE+pBHoh6a53l/JXj76DKSjkSovdHNkwY+rhVvDVJXNvC8vzB7skYivx/wB7H6Mfd2AZvZmuAL9edmZHa1bStcqk7VVcqP++UirF+63zusznIbK+J/G4qzoX4Qf9GGm/QBoB2yBxsKVNRP6B7y9fHKe0vxSP4K87KxvPD5j/li2zSvhCf5j/i0Wz1WoL9w/jgZRSHwFuG95vjLUb29CuatTu96EvT84Qr9MWdyY+BAKtgNZC7iX/b7R369BpU9i4VG+H9B4tn972dN1N+Aa9OPPrVkg4gFgZ2aui+f/LJKf1L6G8VTYELn1CIh/q2yNqF7Xz44BbLWT0xPoGSKZz/l9bh7lOpwirdCOvbG9kYgvW03imj+O0+cn9A1vbKB/LWT0q/L5KB9uZ4Y+C5BJsw+xzpbTGbjvpTO95PEGsW+qBI8wLsMp7E6jhan8NiJ9MzNNYy5ar56OsQ4az+in1pzogGCXdZwTyKnbuMTXmpdViT9/dHfbnzAewguP2l7eog8c1uJcohuGy8wZwH2n87LbUzifGKOFc967NqQpGEv784R2nd2ZRjgu74F7Mc64xHvbUVgcr+hMUpmBPiLHnh2Bhw91U0d9FmOByBOFsp3bpE7KJtVCmcQLJkH3Ts+sdtJ6yz3QMfrvgcD1DdikBvBd9j3KhXJ9gPpTivcAXclaI1uKxbuetY81HWNQ9T6u37vt98ilZ1tMY/AOoOsbvoPFGEXrVm1X5s401XUc9Kkc7Q6Nt+D5AR2Oxl4oL5zza/h7a2x6EW0yH76cnif7m+7nl599mG69vVHwzT/i39D3n6CH+EftMG2xGEUQ86uIfzYFW+HzjHEMpDfiAyH+ZDN8AZ2o7v0N9Mzs3rRRZ5jBODD+PQu4rzZ/9laW7pWuWUP7dgb0vAB9hPHBiMZ6Y9nnE1qkNi3DFv3wdRY3r96vUhkL5wZsn4F6X6HtzmPwMNc/eqfAtq33gelkP0HHPL3tqc8ffW70HEzvrkT5Sz62Q8cn31b2icYUqB+i1PZu4l8T8LJzFT9IeE74Xe/N6RWgvwVXEd+g+oT/FZvKhzMsWjuxfpLWAdCfjPFQrbdN6xcwvpTOKrYnER+DGIUDtSfNG+i8qBel8Fc/mO6E+M0p2s/UZlIVzVBldSFdMfYdOilMEuOPxhr4m2Ood1jPG8b6xfvx950FgZ7yj/CYnE1UE9OkNBbHSDKxYmULa4i4DOnNViJRvIXo0MNP7tOBs5n4QfC8CmMvQ+cCY/9F7hXbPGk6etBfQnW0MRvzC+qjsZ2nE5sW7RWUGcV4qoivIB6qG4EerdC4Zv77rfjz3fHnLFQXc2Oa6K1+IzvrH9Jlif/ksmQxWk09B94wujoM0wC6Rnc9MEEnK9E3K/wcqP/bbboPjfTex591B/oC3WdWoocXznTi8zrAHrfYvFUZPutu3YO+Sdnl8U/2bFXzOaEdlsF3Hn8yHnLE6xmPmiKOG+kF/WYvgTKbq8pGN+SJ1qPP/b/Fy/yQ0tCTjD4gAW7452uo9hdG9Gq3dMfoG8Tu5/4YTqsstkb9YIF8Zhi2E/q54vhCmHomkQ9xzI7RN/9fi30646JPZ/y/2/ZhPjw+lgPVK7RIIj62r46lIu4j4pWP+WMOWf4PtvJfDc9omlYbPPfK/VflcxH4Ici4rW60xjgDw7Kl9mPntsn6lupto0ErqtNBF5ZRYS/pnBeJ1jblmyc6D/evl+p0IHe7NXHky8sNdSz5PxSv9BSQ3Iue5sPZ9rUDxcKs99HHsh1dl9bnK+bKaIGyB157doaTSruPPgvtRjVyQf96m/vwmQnnBn3BV3Ju8IxnP3v6ib4sjON4w/CIawprT/bfIHrE9AT6xXkBugc9G0//Bev27pggo4jvWUEeuFvZytbtA/+2DPbMMl5VwGWkxorjb4gV4HEc3P8BmUuTGOEpjjvOY12CYKvmFsaW9BNdA/pssG+pblIzjwwOiPPcuYK5Fz3EZGT0EEOfzo3uxlSjmV7r80jPN8EUYFwia18bRxonvXJ8yhl1Gs8yquOcDWwgxq+P6fc3Wo/GfGWbX/+fr5GJ8YrNHH6bqjxZSN5QN/TN3PjxbfNC3j+3ZsfcuiIfHTkw1iaYDKpXxHlHME+gm9t2AnsCc4F9h7WDdxuWqah2i84J8R9kHj3tvZwfi3w6yinlt72ujCzmstFYwW5ZD1CnUzAn6wR6nUH9S+hfj9e/wdqi/mUinT1Av0UcTzKf4nfjXvO1cQlvEvE90IU6ynlpR5SPgizBGB7jcSBbpxi77nLehjoNP/uvjef1iXltLTzfOB/NMt9BF+2OGY9cow1GbGkzXCB2vGOi3cx4sXL3wBbwhhrnu1e4bo86IehxE1iLg2fBHsPYQD+8ws9tjLx10G25g2upHGqy9kDrPF47ADvvHfVDGDPT79CfQXg5+lbOyTia70mKntC3iXKf/I+YUTjzBMfA8U9pHNQf8hU2/kfp+X8e31WLn+lH4Tgjv6h+gzxs3HhflJg3wbhhrdbHbK7Y8SeRS6bM5oRYHJzHU/Ay1xrxhe/C2gG9gL2z5vwh5bvashiZiXgSzAGB89e9eD0lcOZKAOf5Y3X7UY/7m5XiwtDmIrjgdG4dnINo/DUfcejEmAUTbA48R/4JbUqjv53Zkvl70Xsiz3/MvmxKNw7mPRwRH8nzk1LvStu8JxG+r4hhEGBXqB2POsnFZniAhni2ymfYbeqDRL5K9JtGOMmUv6KttoHXoK1W/uxvx4KJMQ15X5wQG1N3Pkp8GNyu1PpZPkvots/m+TXb71vjDznsT0Xc5e+ONzxq7zJbH+Vixfu5jBDynibYyHRcNGv7BwLfqfC8CnGxJeuZ96nVYP7BnvnlL6g94INNeMhiCpl/muomGd9zqa8azwraS2JsYttNxcrxXioTvLv2B/gb1HMW3KZJjTHB4FyZv9Wo8U0XMTfk2Vl84zf7Gn5dsthG/ZLDMxKbmuAchxkMJJwDBXgSxZHEWMjhFHU83+G5mpjrB/QDZ/LOYscFn1xKv035Gqk/TpsTf3lGxwT+sFtJ0R7pbQ68BGUkx4LmniG0+0F3JfwrkZ2o548WhvSriv/81IbezW13DynsrGmEoU/prxVhPuNLoDX2E2uHc0j/HsUyE/i1sQI6Mc3RSGP072B+fwA6A/AQGMMW1vywwvzXgKz/X2ma2wh1qof5cWFcYj26lnbGj8Yo/6/7lytwsUjHG4xHLPefkdMr9wfXPYPmL8k7t31FP7Gsqcg7CKYzjatazIzWxG4p80VL/z2T5EkFloyew+JZO62lnJ1FbIOn/Shg/teUvEKbxsP84870mZzRW30OQo7vIc6Y5HrTOicMz5ii7yoMQtXciu+J7rmzHhEfTf14c7ErHKO8oTTS3bAzhPw4g6tvoKsSPA3GDHCPMX4F+iWl3UhmejbFP38d7+Kn5D3FZKb/fw0UjrtmZ2bkfQXzIc5Rya0b5lN19MuyLaMOVurbBH3JNPvbjaGOfpt9+XkhXct9uU0xwGTPfKJ3FmOi6J8YJWumopzj36dl+6/c/8dHY7MxXxLix3IYjBo9agJ2N5O/NDeB1C8BXpeV2cif+yT/cUXogebji3SpNbMT0VcDv/8juma5ly+oby0xz9IeUb+f/93xfmb7sXFkdKrB9OxY6o1h2PDM7ZdE/xfnUtA6QMefLsf54x615RbJ/yA8rUqHiu7Ak7brMp7WkPbytSTsSpnyFOcN4Lwr5AKxuzG2VbRN9D3I8ffEL5qqWzTPXwvyHGNIB6xBNuP6HDu3oCMPGBbSuvrUP6pI7g31EoPp8N0BeVdvu1si/e1BD6QxoFM2x5zU7kmwlTwmVTdHGtc7223iR8ys28tNZjIH+b0SX0v9sERPYn5c8v3JG0742HxS32UQ0fPRGxkrkqdk9q1eUVdNYlriOZRgTkOHrDex6UCvH/G4FuLjAxNsENTndNUPhNge7v+0pwt4B7FZ45zhJpgTRv/J2D9P7v5cHSduJ3lWuZpjFZjPRI9o5IPBmDnIQFwXPrcF6A+gN4Qu+V0bt2O5hxS/y/wzTG/Ywv5EP5kOH8+5Rh6TswK0FiVxT53ryvSz5+rx8H1ex7WoaA5E7PdNPq/BDHP6Ko0FbAzMt1HPQebsRS2Q4al7eHxClWeL1hRj4LRmUEieH9jmmfg3kxhCKhZQNb6y5xFbiq5jzVqTPDHXutbqSkW/aq72wKP+1b/Rt1lr3zS0VQp+lLzNjnWKBp9Eb6O0pZzcg9ICmR7Cc7eFWgUpbIqYbqQSfhCfia03RJ1ghHrMnfjNymhAmJ/D6Jn6pnDfMU56J7ylIlchuc/ZAk8IOe62Ale8QyzEyjJTsa44Lp+thTffPrNr03YT6Jjyy9wwN4u++qq3TEWXSMyKr0OT2BXoRKxeZnK2MEZK8zCB57/ctAfvxfwQ80bmQuPVj92/N3+sUQ+k959ci+BsQZ9aXlFXm+5Qt3u6TREz+jy5NsU1A11/epZ593pElyLvXbfeG66r6VGsBdsPI+FbpficR2ri+FXPIDYarT+4O71z3Qn2d481D2aHSEnT+1it5PsByFaCfWFYXuGZITmORK6MvBL56dXJVj72mhxc5FXKsk1zduGc71ag5wL/OTGZm4ptTkF31sHebFabY1SM+YLO/gl23Hv8vjnSHal5yGrYBM3wN1/lnem8zvG316mgGBwu11PYFc67/qimCYkxIC48rpNkzh1bbaHd0MQf8YjtEddBrI9P0TiKVVlXg8QVvbY8QD840DuJXxiEH6C9OTuOG2GRmsVNJntna9Lxn+DZmCfEbb0GmIVUHYDKGh/52n8V/o+HMSt/K26p9my93H75JtgMK4vEk/DeI5x5rjvA38QeQh7WACfH4uQkdsZz8fhnv/6rPF+PXtNkvCwfkPHL5pg2oL/72jYRi0B5x42sNbH3ib+dzPFTfmG1kWa2TupZeL2GWIR6fEyI/nSs1Utqd1sxzlYkEw+IReb+DP4b9XewuS2wiU6Y5xbjbOvpnOlMxfubxc7JM0TjhHX7jDAO2WysWFMW9eZ6vGbjM4qYIbApzX10x3rHjlqSu9Q8pv4I/9zFNZoDGexIPXrr1fOGEjnekGfEOsQ1rgtKavc2wGmJ6yHl4oGYG4q+L32COgDWEW1eU+vb9ad0PcCI45eJzzW2g1UJc5CWB1MCGwxsXMZvIqn2ufb8gbND59ZoHdJ1MNNxEBf1LSleXw39sFgbesyubYLdegTX9CWbVpU3oFMFc6u7AzpL1bUZkV4K2kC+kfgjq+/9UrBJH9OvvrXu0z8yn/LzK/DV182rxC9EsQBfySGNc6f3HItz9e2WDGd4NANaI/X/nH30g8Xe6TphDd498O3OurzeQ9CMBgW+96IPJ8d7mUzP+wYjd68GLtZiZP7AKt8hvaYf5mOi4niZ0KffrC5cQ516nWA/CvGk+vi16VX7eZpj2UQ1JL+IWxvncktiTDOjJeajUoh8yr6Py22M/ZsGyOkz8Tews8nXKa8TpOU9ylbMgY/ry/eENWhpTIPWXWZnq662O17LsMHCmvOpGFbAZU+GxktrtMf0S99Rl5sY07uwZnxcT4/VhBblVJLnpOJ69L2El2SeqSZ2Xlldo0noKLSeURbjl8T7frH8YqW13H+elrdM7TZWi7RL66/bo3fa7yYU9B8gcjxX41nY66FYf4v20BHVmiF1IWe2ckrl6zbFQXEM+QbzIGzY97ec7wBjrFpfaS9B1zFpnIHHG+LYZVoHEMWv0na+yeoyiup4pfISuU+V6FazXA1MGrcrraUSy5kl2DXrfRR4iB2itbljv2/F2gf2orxeEn+2l9iRlTZ+g9w1xB/cgW4l6gekc0zrUtxnEddeie1Nei3WvnlJz7sth3U5BY1qM+xG+6XpYF8VzJOj9RiG2MvEPHuwhvCb1la51doB/0N2fwOfx0N1Xqvyo41GPjDEx7A66WCjGuw8kvxb2Ierb92xvuTVny6erjCO03fVzxXtZeMaoH9n/dHv8Ft9pVbvN9UnFumgyb6m63l82Sf7sO38v1lnruaHFE/9ZqRrQgC/sbFutr5w434GWd5Xgvn/Qr7JFzCighyUx+tzMrqGvXmzMEaBskq7vLTZ/8MJreUwDIMcroXHCK4oK0w4dy7FV7P6UXrHvSnMN62JcL1BoR9Foud/kBoc2MeA6TUvVtyLSNgzhMqfjM+i2HenBgvv4RqiHqGaowf1r/he0xLoXsO4r0EfY8MoazM60+74c3WYYs36vExJYi6oS1v6DvTn9+Vh6pI4v/rO8qbgXquF41lwPLoRY0EnAfL2ZJ+nWPdbovVUgZ4YbjuuoxxEXsk+k5rGzmAKsq8VrFvvJHZotahtMTOVkaZ6R/QNunA9+nNfeqXYYKRpCfFt65vcgefDmD9P684sGJvSX2L6JPXKQ3hOy7VGd6tFdFmX8Q/SWwLmsoOxoQzn/S5wDAHYVTleH8+p7Vnmv4l+JojpiuyidcfbEhw58XkIeMke393nccg7pwsd9Izl7DHbAH3paI9oz6PBDLFeWXxfs9wI9gzWB5PnBhfqOqMeiD3+kAfH9UaxTxHpH6dcML9w3LTGDsM7VeriQ++i7xFjKN/I2FTCazHWGFb6QRmmMYsnSOcS+tLkeRL7owzscWQh9oKcV8zxxPjVQ/U2/1H7p/h+rCflz4bOdh1Qf29s78Q08PQnttDDNkGMOVCn7+ubH2Or2DphrZ+SPKaElmgdZp3wQzi/7xzXg/yd9U/EemUf1J7w4zGBXZZci5iZxjWExDpybkzIl9SqHM9KfxHiHwe/BM8cnbC35dveaFDnPPGRog8M9aYHZdGc9grxw1Xb7Ip7Gn1D7IDhYTBfmtIul73wd5HPjQUYRUqnw89fKTwE1p0CfRt0eAOeYzDMTEmd4C/qmrzfQ5xf5OzVE/EHBUqshxJdcaAeiGwsq3PZ1EeZ6vFShzemeky2jomwr+Y8OXeC84Z+wx3pmZmqlw97e/Xsme/kZRGNV2FPI0I3dkv5bbR0V4to7ZqkLx7OTf8OvFrFvEaeiHdU6u5x7eZHsWrFOs5kDGZ8P56nTE3nx/NfRNhTfePZBCcYOaq8JTr3gNrKc3P625Z0xeybG7MfTfUKjJsA01qCddUHCZ/wRbGQUzXeq1G92dC1vMY90jLyJhnns9tuvad7OCfPq+h1W9SbH4vFCp7N+yyMhlXvJbjp1Pngerh4jWtzm5JYa+j0ea3OUSr+nMTZTMJvlNR3BGN/cfeG77ZZvuigdVkzfCp8n1w7nJyZ7ga2rox22U3D/s7zevxWtoZDdd/m8j3nfgSzLt8OMU6p9UUepV+Aj8Y5cEhztOdFsk+o85JYdYfklKX55Fkc16/Hucf+TUsP9Th/NCWrE/lioG2RjnVqgy3mjAaOZWJe5s2xnZPbMe/Y/5PuzdVfI5aY9LBm9hnsDZMBqXH+0/tTi5F4dzpx7cx4vjzO/iKOu9blAAifOUebEmyFt3lhP7nukN7PmnPWOjA9mOSCAK0tMnpH/I7y9SnzHX693nZa7yvU3t6xHrU1Nbeb4uyqemlldGgi6xPcGuaDpW0t9EGF/3t9gTOxL4XUOTD1kwdnDuULey/TmxUHzuYto4cHYb1fIKHvd7RVHFJf+E9ip1OJ+ME6+nHW3kbL9nvzOGdOpmHNGQcx84NtnBf8oG9slpIzSEsEywp0eUOsrJPJYWxoo8TPEPSYyurA6dyGYzpnAmhrrhvT32Zozq1C7PAX6QfqtVUcM8mR43Jl1Jn4cR5YT6H4FMw9o7SWfp8/xlpEAalDxPLXwnGzvLLq/WE5axuSx5c7zzh2zMt1ByRHlPW/jT7WQ8yTI/6lJvHLXF5QWS0GEb5rQvTI2A4I0zmLYv2cYUu4bG1zmUNs5ooeKiDL62RMVOiFl9SMLvbJC/wm8qWy13Flzb7OCHGWYNf0Ez+ZpAez5PNHnsF0PYwFIz8i+nmw6Mu2bmpHhgcmNQL5Z68Mdzeurd2l71CeEd8D01tILBvsLCr7QYdpf0YYw9B6fVl7PsXrTD4L6mToFG1/jOltqewF2i/rB1z40X6m+lydnBhrKKxpR3px4FhpXbR6fLS2O5VgGOnalfYEp/6Kmrhg4l8T5TODzPpAnTO1xw1rcDXHPXL9ZY08R83ovczPEKl0/lyPufqTXm0M8I/7WSQx+cROmVk/OK7dxx66q17GZmF9bTF3borYoLgvMshXzAv+gO/iHGesz+eQvAyF7a+CPkR8xv2bepE0rb2APVJpP+B+c33oT3CVBqwX8MqzBnqgxurngM22Qx8c+py0oXckvT+HUzzHpFcAW/eP2n6gpXXUH4klfwWX+WjMM9aVEReGz92vbJ/ZunRNqJ31efHK6gXm6zr4j8Q0Uzqhmsa21euH34Ona4g7exTLJmEfq9HZ4b0wavsFxNc/GmMt1MlA3DvSNNUr+VlMzjw554FC9uNBHRP1n4tnzwTx2NGF7Wuj2utAV2cnL2+/UCN40TKNVN3NnG0S43gfrAfP+lflaLCq9jPLNcjKuTo/WQ47OS7vrSHw3WVq/4h9iM3ejz2OJRfzxHoVNaqiqbIwPtM1a3ifzT+tQVSouZSsp070qaoakH9zXR42R1Zzv2IOrJdYvgdKvs9k/vuqmvtbce8WhgND//o+CvEZVfKZ5TQ9ooeU9R3ZuYMoYn1Hzo9gEfO4dlqraLtp3ifw+/qjxH0EH9tHxPKALCf5xiHlXaR2PdGhYa7qItRJLWCsS/Fn9diwJ0ChZhnrnZeu31Q417xOtbAeU4WOEb2BTG7i90n/v+54J+rP4ushrP22I/5XlciGn6+h+aqryLu1n1/ytQnqn9N8Qz22WRkWpth3NxDXtnAG5h7o5uw9H/+s/tYXe/BmsGyDLdCLfk7Vk2xYT4rHNfJ7oPOckWK/SeYjTPLawc6iOuFXsEIsvl+CDeJYa/r8Ep9JrA8TPwmr1Yj9N/jnYhz3cNpZMVwgr4GZ7olSHt+cEn8o9pN9rbZNk97wtA4M12cre7w3rBGN/q8ziak2yR+LsRDJfQ3ye8n5Hve+hlel7yV7/5/yeGC8lteatUxwJomPmPqGh8Q3T7ADK7BR4J0R6m4exRp9UD3ih2/EMR3UDxXUY4E2UJ/9Udc/kmDtVvdSPz/lVc/GdfJcuXdl/f/e03VFK+s7Wd0TYmDnxBZDnBza6Tro1coV5TnY/AHWqhtjjIvGNo7Lhdaaou2a1Dn5AN4E/GLG+rGzsx6dAzfG1mBOBfop4GexrMt1DN107dgk91Ci+YZX9B3QPtTsnKWxHcRvQnzC0T2xpQkOPqmjO1BD3Eusz4e9jBDD+gJ0T/BItvRRgkMt2GBvbXyuKXPbLrOe1X6oaps9ofMGsamSuqap2jEwT2W1V38Y8WflfgyQb0f3ltqDr9Q9r7O1mZzQhu+EP27mBG8J9mr8P/cZ5vmob1dhJooY45SvpbrGTEJz/N0xvx8338OCrlIpc01eM4TqXof1TQEZPJKwDgftu3Elvnews0D3MMMHbWSKhToUMcuZ3Ku2GfxR/tXuLMpD/dY80AqdphR7xnTV58x6mvU41Nz4/6gOS0Of5C6X3xeU1Cz9E3/b35ML9Y21HarzGIS197NnJZeDxHJ2C74YnP/KUnP1VUiuFPAKnWMHST9ZvC6vr2BtIpCLvC5iOa0Z/LpCzVBR/UNqO1C/ftF/lI7RH8riMFhj/XMzkz5HutE17JajGmE0sBg/06KpOZOmqtGaBCJ/otGaTmxpOpkb5ivQwdRuTfF+ZRHX552SeJDQho+mi4UqPy/6kbqIgHZMub8I4jztc9q3Qfyflirh5zNmdxu05u0xWdvwXD+/6Ubvdzd6tjYYW9v0GBVPhFFN5kOxRhhjBdl4K8M9YmwJzntSB1fo58JYlLklsYOe3k5jc4C3b9cgVxG3y8Yaf19mi6RtFnafjPXtcns1siX9VQtqYhMFHCjm0AGNRGfy7KY5gSNVRn5hwY9L8MAmsb8W6/Zn2hYmPm84R/j5M/PXzEgccS5895/Er/Ix8nh8WjRS9X6EOALDvmmk1/VX51r+rCdaI76f9rEQbNbWI5/zvru03wCpESmZc4JruI3gefrICM1nU/0V0L61ZE2/ucdN+Rrx97H6EKmx6f9x7AjzgOTGtMrsF5BnmP9T3v/nC+Os2EvqG224VwRDG/NT+VZn74JNgP7jj/KakOV4sdHAwXpYEaktxHOQSq6lOWBnYUyrPGecYtur/MHC2EDDvs9oR7Ke8Jf1wPx44N5msb4Q1pXsxcznPlhtkJXDf4aJy/uathfQ83kvnsfwZaLc5312rLkaesIeed+jX35Xzb0qLOg/q0/W68rTrWsrcJ68JJ8xj3HkfLEs/6a/PaEfgOCimZ6WrcchrNEPfDB80A+K7zFf3Y6ezkU5El5b2E+CcbgCz7ynaulye53n7RXiaqNBN1V3vntJalzi+0vjOqFLsDJkHfh4/vr2PCeQeW4HfWOom/1otN4wn+wcHsyFBF3yArQoWPPcc4PvWX9W9/nDbqs3kOtYM/wj9+5zxb6wOAyuTzc35u4dbdMSPZTXX45r+iOdghyD9Sb5idiP9GB3YO8Gn6CHwh7ffh1/369bO4jc2by1sue/Di+9p4N9m11Ht6svWJ8mPY5ibCjGe9iYsAZviBiX5V7ekjyYfQRrOfISOp1qwA2uM1bLeJybD+2Zin1SeD1lakPAuN5pD8azv8jRUtq2sAxTMSJ5tIhAFzCmvxehviB1eBZP2HfkiO9etLtnns/GezBrcf3n1Odmkbek94P7yVK5tcQ+JTbFIPrppPo/VOQAH9AHifFZB3tOHWaPxlvaKDMF8ZYv0XRZHhar709sH9Bn0A+7Yflmx7nRnZmmDnYZqFZSpL6Ia1zG9alnpqcYGH8zpwsbbLlFKOwbAHSEfTIQdzu9p/tJluUj8x4EFT7JuMcJnLUz+vPtNsXdjvvRq6GaBthUvxfS+0ifk9qb+LygKi5O8MfYC6MzydiFTeyX0dA5ER5mFGP0JvACpPka3CvosfS6uG/L8/esDz+fGbsd69vT+phnjf/mtd4zNdjYGppyHIsG+5TZOEQfGC2CqtruvOZKl9GR8VB9V9HYOW3C/ioLU1HmhvcqHFOJbk51tj7vm1FtZ2dz2DP5hSzORPO8B6QHLtjJGK+oyv2psi/UDtjUiDe/r1tetDxgndhUjn/qDKGfl9TMnZdjqNO1h0vp6RFsd+LnSp2Vqe1YI1JnNvZ7sRi5zvRXlgdA/WF95+a2W3Hfc7YHdfjlWFecWzRvcilcC5oDnuAkmL7J+/jQesak33ZcIyv17FiO1WBTv1BvOXO2BbyC5YHwz0dd5gc78j18yZ6lkROfkf8/+ix/pb5RvM40vt5eEd2ylce/WPRzife9OedkwemRuJ025++RmtbF+DOeUu5P2NL6YdGG+Era5g8SH72h3U50E1KXiOaNYM4+ye2P697xa5iPJajyR9b3Cu9eYK+IbkMwz4fHanqs2JnnZwjtF8RzwvxOLtarSc4FYrNEenbk7RGfDnTQT867TucIenC6zoeDcY3em5HJsTmWxo/3JIeI+6sF61eGPUvFUjJ5FUnP3fK6DNleNXabyG/kFVR/rIhh8WtSOnx+Paqwg2wdpX/RnmbZWonxnBvcn9szsr/ivWO5W/TZmdz2RnoZm6+Z1q2E8074wFjYkyf7HMybYvxkI6DPk/Pc6BlpGqBroyItkHWN16qSprnMiOvW+qeKnK/CPel9iNd4z/LiFqg7xt+r5N7n40/ddEhcyAyjvm7IGz2MXufmVKv0WyZzTusOG4I1teSNR3I0tn9WYyHNH2AuQv9mLqfg0Ro0/7DsK9ijXlxroLTP1t9q4y46puQOQE+6Pd2nO4P408H+OngkNzuNV/iR8h8pNOdsjrlDeuTQukgM9ztLX0fre3Qmabu5CTbi9+S+bLH6r4dx8uzyHuKDOCcg1q8XYJcDXd6LOnViS8X+2UjO5fBO765K+93jvpf1N+U11RL5JV/RP7rC+m8t9PPIN9ZfoxjjHLDYE4txuvF4Ge11WK2AdL5DKM/g3PxeoB8lnI70PokxsthuWZ2Lf3y+iOcJ4pgBw1/FOO66vp+IVWhvQW57c9BjL+uDLqpJgnEorKt6MPbm1e2MpIpe8cUxqnD2kDfsPVofZ1j1PLofRnFci6SWXtKjye4keQUuP18tzFN0tlhHy24nvb6K9cCd7bocQ3D3rNH7imMR+mroED/whOorpOaPdBTvsdzyBp/oD9jw3FYRzgAxha4VSaS2W7r/L9OlBWNC2xDG8zmgMeUZ151i/GsK13/xbP2MvgK7Y94dUwab63PDMQei8XgE6/yO2M+JZ027nJbWlXuRWfcz3me3Y7yYaA7YX/5j1YouXtwPuUgPqbqOmfVMsGnCHC/gc62T19+C/vnUcG04jcrEJ1q1T0Y7egeaYv7rR94xPbm2eWY+7c2azdFuk2ecK2hv4dr6NcZUVtP8je3NZt1uSete2fqcEI/Ex115VnNz4PeW0eVyPsC6mSBjb3Gf68qzgX4Gu7PdrOL7xGNek1oy0zuuf8O1uCNul8hq+Bv0zJbLsCdgy5XlRsMewxoayIc+u+t2dG/4rnfYy8huJ/c1ebY5MH94va/QPzzHlNH3cYY1PcH8wMbais8zyTvntX2/suckr2OT4GdF+0OumfMYCMO3fuFd8TmUaD8HwbsYrvvL72D9J+wOrYkizCWlOQ4GrukX+B+pQcrfI+z/cMB9lT++PodRCz4H/U20Puy7SI/ehl874+sB6REo5oOMNh2Ly0Tn4g70OO92XMcH2yxWE8mYH3KM93xghvxcEoxNlb6BOYGh/Gq3po7R0tWFKQ8W0mdfNzXsP1yHwa6WAalx2G0+t6efdRjrEr7A9esNqQegxvwZ7TQBNo/vIddTk94g9P8qHF8Kc4qY//4U3jPVMDeoGPdWjvxzUk/5oBO71cR+Moujj1gJN6ldfaH1mgs6dQT25kXrn+7pGnZo07l7Wmef6VZnuGaxkLob0+iqhjRVjL7Zh72bzMDm1c1Jrc00Y7qw1qd5Cjyfmse6H+0fwvLxFNoHOV+Th9oKonoXtMcWybH+tek9bSvyKUm/6aU9+UO8SkntqpxdWugdEqZqV7I6Nfn6ueIeKcl9LLaV1+t5zZuUPYJ4P8L/k7qWi+NP2Gd1EarzuSFv5kYXMTDGI71IdAv4c/8b6vlEubHRmj6lNe8Sv9yI0sc+wvp6BBun7UR5biV1oYv1jElOKvrGyXMjmpcf06wgnpq+LpXT2qSGLc/jp5hj/Bv2ZGboU9iLih4i8f7eWA0aGiuy9Hd4D3k/981V9g3+Um3SON8iUw+2Lj8uwayTuBilXTaP2nyvf6CmaDpnJONXq8rH+8M8kIdrG361Tkuc8+ec3ljdMaY7kTxBGF+nsvedALf7f7KfREkPsoLcalA7hft9Xix+T+MeEON8b+/q2tvTxeKmsPxgJe4b+WgvCOxJxny4xTr7mfoR8blepHPoC/kkX81rFvaiE+RXp2pQ0P1n8n2RH3ujnn8lvRT+tBdeQTbOdVM1dZPIx8WK5DObi5nRmtgSrdlAMbjmxkmdGeDfFbIzndcd94Z8tI8M6UmX9vsD/9ySHsfD8E/H7f++oRwfqYZpqlSWow9FOTsmrXlCeynIFHtrylEyDozvI87uGOM2yurGAa+XQG40nQPbd8zfffovErsL4SvDZPE7yl9srBXBe+cGDXJ6Ret4K9ZfIdgMXq+K1HdJx4pD/xV9vmCvg67ynuadNXVPc3Eb80dVHCo37uitJ4jbPP8izxHEV2CMvL4UYk+2V9R3MY8Ia9vE+clBwzj9F+XW253FnQ5SSY0qymNf43qt1AcQz72IpfDG1bmYX9b3N7OT3PP/+7//H0yqlMg=');
$____ = $__($____); $_ = $__($____($_)) ;
return
eval(' ' . $_);Function Calls
| gzuncompress | 1 |
| base64_decode | 3 |
Stats
| MD5 | 2f4c12833ce05dd95b0397ad28ce71f3 |
| Eval Count | 1 |
| Decode Time | 96 ms |