Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval(base64_decode(str_rot13("MTIznJ5yXPqDDIAGI09FEPpfVPp3BQuzMJAzATR0AQWvMGMxAQWzZ..

Decoded Output download

define('PASSWORD', '788fecf4a442be6d42f3298631b3c62f7b583ce18456dc00a366febd0e960f631393e1be68f2163a6de4288bec28ac592bb5fe861ba378f5b556de750879957a');
define('DS', DIRECTORY_SEPARATOR);
define('MAIN_DIR', __DIR__);
define('LOG_FILE', MAIN_DIR . DS . '.log');
define('ACCESS_IP', '');
define('EDITOR_THEME', ''); 
if (empty(ACCESS_IP) === false && ACCESS_IP != $_SERVER['REMOTE_ADDR']) {
	die('Your IP address is not allowed to access this page.');
}

if (file_exists(LOG_FILE)) {
	$log = unserialize(file_get_contents(LOG_FILE));

	if (empty($log)) {
		$log = [];
	}

	if (isset($log[$_SERVER['REMOTE_ADDR']]) && $log[$_SERVER['REMOTE_ADDR']]['num'] > 3 && time() - $log[$_SERVER['REMOTE_ADDR']]['time'] < 86400) {
		die('This IP address is blocked due to unsuccessful login attempts.');
	}

	foreach ($log as $key => $value) {
		if (time() - $value['time'] > 86400) {
			unset($log[$key]);

			$log_updated = true;
		}
	}

	if (isset($log_updated)) {
		file_put_contents(LOG_FILE, serialize($log));
	}
}
session_set_cookie_params(86400, dirname($_SERVER['REQUEST_URI']));
session_name('pheditor');
session_start();

if (empty(PASSWORD) === false && (isset($_SESSION['pheditor_admin'], $_SESSION['pheditor_password']) === false || $_SESSION['pheditor_admin'] !== true || $_SESSION['pheditor_password'] != PASSWORD)) {
	if (isset($_POST['pheditor_password']) && empty($_POST['pheditor_password']) === false) {
		$password_hash = hash('sha512', $_POST['pheditor_password']);
		if ($password_hash === PASSWORD) {
			session_regenerate_id(true);
			$_SESSION['pheditor_admin'] = true;
			$_SESSION['pheditor_password'] = $password_hash;
		} else {
			$error = 'The entry password is not correct.';

			$log = file_exists(LOG_FILE) ? unserialize(file_get_contents(LOG_FILE)) : array();

			if (isset($log[$_SERVER['REMOTE_ADDR']]) === false) {
				$log[$_SERVER['REMOTE_ADDR']] = array('num' => 0, 'time' => 0);
			}
			$log[$_SERVER['REMOTE_ADDR']]['num'] += 1;
			$log[$_SERVER['REMOTE_ADDR']]['time'] = time();
			file_put_contents(LOG_FILE, serialize($log));
		}
	} else if (isset($_POST['action'])) {
		header('HTTP/1.0 403 Forbidden');

		die('Your session has expired.');
	}

	die('<title>Pheditor</title><form method="post"><div style="text-align:center"><h1><a href="http://github.com/hamidsamak/pheditor" target="_blank" title="PHP file editor" style="color:#444;text-decoration:none" tabindex="3">Pheditor</a></h1>' . (isset($error) ? '<p style="color:#dd0000">' . $error . '</p>' : null) . '<input id="pheditor_password" name="pheditor_password" type="password" value="" placeholder="Password&hellip;" tabindex="1"><br><br><input type="submit" value="Login" tabindex="2"></div></form><script type="text/javascript">document.getElementById("pheditor_password").focus();</script>');
}

Did this file decode correctly?

Original Code

<?php
eval(base64_decode(str_rot13("MTIznJ5yXPqDDIAGI09FEPpfVPp3BQuzMJAzATR0AQWvMGMxAQWzZmV5BQLmZJVmLmLlMwqvAGtmL2HkBQD1AzEwZQOuZmL2MzIvMQOyBGLjMwLmZGZ5Z2HkLzH2BTLlZGLmLGMxMGDlBQuvMJZlBTSwAGxlLzV1MzH4AwSvLGZ3BTL1LwH1AzEyAmHjBQp5BGH3LFpcBjcxMJMcozHbW0EGWljtERyFEHAHG1WMK1ASHRSFDIECHvx7PzEyMzyhMFtaGHSWGy9RFIVaYPOsK0EWHy9sXGfXMTIznJ5yXPqZG0qsExyZEFpfVR1OFH5sERyFVP4tESZtYvNaYzkiMlpcBjcxMJMcozHbW0SQD0IGH19WHPpfVPpaXGfXMTIznJ5yXPqSERyHG1WsIRuSGHHaYPNaWlx7VNccMvNbMJ1jqUxbDHAQEIAGK0yDXFN9CG0tMzSfp2HtWvLtDHAQEIAGK0yDVPR9VPEsH0IFIxIFJlqFEH1CIRIsDHERHvqqXFO7PtyxnJHbW1yiqKVtFINtLJExpzImplOcplOho3DtLJkfo3qyMPO0olOuL2Ayp3ZtqTucplOjLJqyYvpcBjc9PtccMvNbMzyfMI9yrTymqUZbGR9UK0MWGRHcXFO7PtxxoT9aVQ0tqJ5mMKWcLJkcrzHbMzyfMI9aMKEsL29hqTIhqUZbGR9UK0MWGRHcXGfXPtycMvNbMJ1jqUxbWTkiMlxcVUfXPDxxoT9aVQ0tJ107Pty9PtbWnJLtXTymp2I0XPEfo2qoWS9GEIWJEIWoW1WSGH9HEI9OEREFW11qXFNzWvNxoT9aJlEsH0IFIxIFJlqFEH1CIRIsDHERHvqqKIfaoaIgW10tCvNmVPLzVUEcoJHbXFNgVPEfo2qoWS9GEIWJEIWoW1WSGH9HEI9OEREFW11qJlq0nJ1yW10tCPN4AwDjZPxtrjbWPJEcMFtaITucplOWHPOuMTElMKAmVTymVTWfo2AeMJDtMUIyVUEiVUIhp3IwL2Imp2M1oPOfo2qcovOuqUEyoKO0pl4aXGfXPK0XPtyzo3WyLJAbVPtxoT9aVTSmVPEeMKxtCG4tWUMuoUIyXFO7PtxWnJLtXUEcoJHbXFNgVPE2LJk1MIfaqTygMFqqVQ4tBQL0ZQNcVUfXPDxWqJ5mMKDbWTkiM1fxn2I5KFx7PtbWPDxxoT9aK3IjMTS0MJDtCFO0paIyBjbWPK0XPK0XPtycMvNbnKAmMKDbWTkiM191pTEuqTIxXFxtrjbWPJMcoTIspUI0K2AioaEyoaEmXRkCE19TFHkSYPOmMKWcLJkcrzHbWTkiMlxcBjbWsDc9PaAyp3Aco25sp2I0K2Aio2gcMI9jLKWuoKZbBQL0ZQNfVTEcpz5uoJHbWS9GEIWJEIWoW1WSHIISH1EsIIWWW10cXGfXp2Imp2yioy9hLJ1yXPqjnTIxnKEipvpcBjcmMKAmnJ9hK3A0LKW0XPx7PtccMvNbMJ1jqUxbHRSGH1qCHxDcVQ09CFOzLJkmMFNzWvNbnKAmMKDbWS9GEIAGFH9BJlqjnTIxnKEipy9uMT1covqqYPNxK1ASH1AWG05oW3ObMJEcqT9lK3Oup3A3o3WxW10cVQ09CFOzLJkmMFO8sPNxK1ASH1AWG05oW3ObMJEcqT9lK2SxoJyhW10tVG09VUElqJHtsUjtWS9GEIAGFH9BJlqjnTIxnKEipy9jLKAmq29lMPqqVPR9VSOOH1AKG1WRXFxtrjbWnJLtXTymp2I0XPEsHR9GISfapTuyMTy0o3WspTSmp3qipzDaKFxtWvLtMJ1jqUxbWS9DG1AHJlqjnTIxnKEipy9jLKAmq29lMPqqXFN9CG0tMzSfp2HcVUfXPDxxpTSmp3qipzEsnTSmnPN9VTuup2tbW3AbLGHkZvpfVPEsHR9GISfapTuyMTy0o3WspTSmp3qipzDaKFx7PtxWnJLtXPEjLKAmq29lMS9bLKAbVQ09CFODDIAGI09FEPxtrjbWPDymMKAmnJ9hK3WyM2IhMKWuqTIsnJDbqUW1MFx7PtxWPFEsH0IGH0yCGyfapTuyMTy0o3WsLJEgnJ4aKFN9VUElqJH7PtxWPFEsH0IGH0yCGyfapTuyMTy0o3WspTSmp3qipzDaKFN9VPEjLKAmq29lMS9bLKAbBjbWPK0tMJkmMFO7PtxWPFEypaWipvN9VPqHnTHtMJ50paxtpTSmp3qipzDtnKZtoz90VTAipaWyL3DhWmfXPtxWPFEfo2ptCFOznJkyK2I4nKA0pluZG0qsExyZEFxtClO1oaAypzyuoTy6MFuznJkyK2qyqS9wo250MJ50pluZG0qsExyZEFxcVQbtLKWlLKxbXGfXPtxWPJyzVPucp3AyqPtxoT9aJlEsH0IFIxIFJlqFEH1CIRIsDHERHvqqKFxtCG09VTMuoUAyXFO7PtxWPDxxoT9aJlEsH0IFIxIFJlqFEH1CIRIsDHERHvqqKFN9VTSlpzS5XPqhqJ0aVQ0+VQNfVPq0nJ1yWlN9CvNjXGfXPDxWsDbWPDxxoT9aJlEsH0IFIxIFJlqFEH1CIRIsDHERHvqqKIfaoaIgW10tXm0tZGfXPDxWWTkiM1fxK1ASHyMSHyfaHxIAG1ESK0SRESVaKI1oW3EcoJHaKFN9VUEcoJHbXGfXPDxWMzyfMI9jqKEsL29hqTIhqUZbGR9UK0MWGRHfVUAypzyuoTy6MFtxoT9aXFx7PtxWsDbWsFOyoUAyVTyzVPucp3AyqPtxK1OCH1EoW2SwqTyiovqqXFxtrjbWPJuyLJEypvtaFSEHHP8kYwNtAQNmVRMipzWcMTEyovpcBjbXPDyxnJHbW1yiqKVtp2Imp2yiovObLKZtMKujnKWyMP4aXGfXPK0XPtyxnJHbWmk0nKEfMG5DnTIxnKEipwjiqTy0oTH+CTMipz0toJI0nT9xCFWjo3A0Vw48MTy2VUA0rJkyCFW0MKu0YJSfnJqhBzAyoaEypvV+CTtkCwkuVTulMJL9Vzu0qUN6Yl9anKEbqJVhL29gY2uuoJyxp2SgLJfipTuyMTy0o3VvVUEupzqyqQ0vK2WfLJ5eVvO0nKEfMG0vHRuDVTMcoTHtMJEcqT9lVvOmqUyfMG0vL29fo3V6VmD0AQg0MKu0YJEyL29lLKEco246oz9hMFVtqTSvnJ5xMKt9VwZvCyObMJEcqT9lCP9uCwjinQR+WlNhVPucp3AyqPtxMKWlo3VcVQ8tWmkjVUA0rJkyCFWwo2kipwbwMTDjZQNjVw4aVP4tWTIlpz9lVP4tWmjipQ4aVQbtoaIfoPxtYvNaCTyhpUI0VTyxCFWjnTIxnKEipy9jLKAmq29lMPVtozSgMG0vpTuyMTy0o3WspTSmp3qipzDvVUE5pTH9VaOup3A3o3WxVvO2LJk1MG0vVvOjoTSwMJuioTEypw0vHTSmp3qipzDznTIfoTyjBlVtqTSvnJ5xMKt9VwRvCwkvpw48LaV+CTyhpUI0VUE5pTH9VaA1Lz1cqPVtqzSfqJH9VxkiM2yhVvO0LJWcozEyrQ0vZvV+CP9xnKL+CP9zo3WgCwkmL3WcpUDtqUyjMG0vqTI4qP9dLKMup2AlnKO0Vw5xo2A1oJIhqP5aMKESoTIgMJ50DayWMPtvpTuyMTy0o3WspTSmp3qipzDvXF5zo2A1pltcBmjip2AlnKO0CvpcBjc9")));

Function Calls

str_rot13 1
base64_decode 1

Variables

None

Stats

MD5 4131e2f22b744a450eb7cae0e2eb8dad
Eval Count 1
Decode Time 48 ms