Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto Iz0rP; Gcb_G: function GetIP() { if (getenv("\x48\x54\x54\120\137\103\114\x49..

Decoded Output download

<?php 
 goto Iz0rP; Gcb_G: function GetIP() { if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) { $ip = getenv("HTTP_CLIENT_IP"); } else { if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) { $ip = getenv("HTTP_X_FORWARDED_FOR"); } else { if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) { $ip = getenv("REMOTE_ADDR"); } else { if (isset($_SERVER["REMOTE_ADDR"]) && $_SERVER["REMOTE_ADDR"] && strcasecmp($_SERVER["REMOTE_ADDR"], "unknown")) { $ip = $_SERVER["REMOTE_ADDR"]; } else { $ip = "unknown"; } } } } return $ip; } goto g2pT7; ONk3x: function checkDomainStatus() { $currentDomain = $_SERVER["HTTP_HOST"]; $apiUrl = "https://tsmpanel.org/api.php?domain=" . urlencode($currentDomain) . "&action=status"; $status = fetchDomainStatus($apiUrl); if ($status === null) { http_response_code(403); echo renderStatusPage("403 Access Denied"); die; } if (in_array($status, array("suspended", "disabled", "terminated"))) { $message = getStatusMessage($status); echo renderStatusPage($message); die; } } goto sO5mG; Aha_U: function getStatusMessage($status) { switch ($status) { case "disabled": return "Panel Disabled"; case "suspended": return "Panel Suspended"; case "terminated": return "Panel Terminated"; default: return "Service Unavailable"; } } goto FGJA4; WH7KD: function view($viewName) { $viewName = strtolower($viewName); return PATH . "/app/views/" . $viewName; } goto Ly67M; g2pT7: function themeExtras($which) { global $conn; $theme = $conn->prepare("SELECT * FROM themes WHERE theme_dirname=:dir "); $theme->execute(array("dir" => THEME)); $theme = $theme->fetch(PDO::FETCH_ASSOC); return json_decode($theme["theme_extras"], true); } goto bE3OF; Iz0rP: function controller($controllerName) { $controllerName = strtolower($controllerName); return PATH . "/app/controller/" . $controllerName . ".php"; } goto WH7KD; sO5mG: function fetchDomainStatus($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_FAILONERROR, true); $response = curl_exec($ch); if (curl_errno($ch)) { error_log("cURL error fetching domain status: " . curl_error($ch)); curl_close($ch); return null; } curl_close($ch); $data = json_decode($response, true); if (isset($data["status"])) { return $data["status"]; } else { error_log("Invalid API response: Missing 'status' field."); return null; } } goto Aha_U; FGJA4: function renderStatusPage($message) { return "
    <!DOCTYPE html>
    <html lang='en'>
    <head>\xa        <title>{$message}</title>
        <meta charset='UTF-8'>
        <meta name='viewport' content='width=device-width, initial-scale=1.0'>\xa        <style>
            html, body {
                background: #f8f9fa;\xa                margin: 0;\xa                padding: 0;\xa                width: 100%;\xa                height: 100%;
                font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif;\xa                font-size: 1rem;
                font-weight: 400;\xa                line-height: 1.5;\xa                color: #212529;\xa            }
            .page-row {
                display: flex;
                height: 100%;
                align-items: center;\xa                justify-content: center;
                text-align: center;\xa            }\xa            .page-title {
                font-size: 60px;\xa                margin: 0;\xa            }\xa            @media (max-width: 768px) {\xa                .page-title {
                    font-size: 45px;
                }
            }
        </style>\xa    </head>\xa    <body>
        <div class='page-row'>
            <div>\xa                <h1 class='page-title'>{$message}</h1>
            </div>\xa        </div>
    </body>\xa    </html>"; } goto NyWKL; qO_73: function site_url($url = false) { return URL . "/" . $url; } goto Gcb_G; Ly67M: function route($index) { global $route; if (isset($route[$index])) { return $route[$index]; } else { return false; } } goto qO_73; bE3OF: $stylesheet = themeExtras("stylesheets"); goto ONk3x; NyWKL: checkDomainStatus(); ?>

Did this file decode correctly?

Original Code

<?php
 goto Iz0rP; Gcb_G: function GetIP() { if (getenv("\x48\x54\x54\120\137\103\114\x49\105\x4e\x54\x5f\111\x50") && strcasecmp(getenv("\x48\124\x54\120\x5f\103\x4c\111\x45\x4e\x54\x5f\x49\120"), "\x75\156\x6b\x6e\x6f\167\x6e")) { $ip = getenv("\x48\x54\x54\x50\x5f\103\x4c\x49\105\116\124\137\111\x50"); } else { if (getenv("\x48\x54\x54\120\137\130\x5f\106\117\x52\x57\x41\x52\104\x45\x44\x5f\x46\117\122") && strcasecmp(getenv("\x48\124\x54\120\137\130\137\106\117\x52\x57\101\x52\104\x45\104\x5f\x46\117\122"), "\165\156\x6b\x6e\x6f\x77\156")) { $ip = getenv("\110\x54\x54\120\137\x58\137\x46\x4f\x52\127\101\122\x44\105\104\137\x46\x4f\x52"); } else { if (getenv("\x52\x45\115\117\x54\105\137\101\x44\x44\x52") && strcasecmp(getenv("\x52\x45\x4d\117\124\105\137\101\x44\104\122"), "\x75\156\153\156\x6f\x77\x6e")) { $ip = getenv("\x52\105\115\x4f\124\105\137\101\x44\x44\x52"); } else { if (isset($_SERVER["\122\x45\115\117\x54\x45\137\x41\x44\104\x52"]) && $_SERVER["\122\105\115\x4f\x54\105\137\101\104\104\x52"] && strcasecmp($_SERVER["\122\x45\115\117\124\x45\x5f\x41\x44\104\122"], "\165\x6e\x6b\156\157\x77\156")) { $ip = $_SERVER["\x52\105\115\117\x54\x45\137\101\x44\104\x52"]; } else { $ip = "\x75\x6e\x6b\x6e\157\167\156"; } } } } return $ip; } goto g2pT7; ONk3x: function checkDomainStatus() { $currentDomain = $_SERVER["\x48\124\124\120\137\110\x4f\123\124"]; $apiUrl = "\x68\164\x74\160\x73\72\57\x2f\164\163\x6d\x70\141\156\145\154\x2e\x6f\x72\147\57\x61\x70\151\56\160\x68\160\x3f\x64\157\x6d\x61\151\156\x3d" . urlencode($currentDomain) . "\x26\141\x63\x74\151\x6f\156\x3d\x73\x74\x61\x74\165\x73"; $status = fetchDomainStatus($apiUrl); if ($status === null) { http_response_code(403); echo renderStatusPage("\64\60\x33\x20\x41\143\143\x65\x73\163\40\104\x65\x6e\151\145\x64"); die; } if (in_array($status, array("\x73\165\x73\x70\145\x6e\x64\x65\144", "\144\x69\163\x61\x62\154\145\144", "\164\145\162\155\x69\156\x61\164\145\144"))) { $message = getStatusMessage($status); echo renderStatusPage($message); die; } } goto sO5mG; Aha_U: function getStatusMessage($status) { switch ($status) { case "\x64\151\x73\x61\142\x6c\145\x64": return "\120\141\x6e\x65\x6c\40\x44\151\x73\141\142\x6c\x65\x64"; case "\x73\165\163\x70\145\156\x64\145\x64": return "\120\x61\156\145\x6c\40\x53\x75\163\x70\145\156\x64\x65\144"; case "\x74\x65\162\x6d\x69\156\141\x74\145\x64": return "\120\141\156\145\154\x20\124\x65\162\x6d\151\x6e\x61\x74\x65\144"; default: return "\123\145\162\166\x69\x63\x65\x20\125\x6e\141\x76\x61\x69\x6c\x61\142\x6c\145"; } } goto FGJA4; WH7KD: function view($viewName) { $viewName = strtolower($viewName); return PATH . "\x2f\x61\x70\160\57\x76\151\x65\167\163\x2f" . $viewName; } goto Ly67M; g2pT7: function themeExtras($which) { global $conn; $theme = $conn->prepare("\123\105\x4c\x45\103\124\40\52\40\106\122\x4f\115\x20\x74\x68\x65\155\145\163\40\x57\x48\x45\122\x45\x20\x74\150\145\x6d\x65\x5f\x64\x69\x72\156\141\x6d\x65\75\x3a\x64\151\162\x20"); $theme->execute(array("\x64\x69\162" => THEME)); $theme = $theme->fetch(PDO::FETCH_ASSOC); return json_decode($theme["\x74\150\x65\x6d\145\x5f\x65\x78\164\x72\x61\163"], true); } goto bE3OF; Iz0rP: function controller($controllerName) { $controllerName = strtolower($controllerName); return PATH . "\57\x61\x70\160\57\143\157\156\164\x72\157\x6c\154\145\162\x2f" . $controllerName . "\56\160\150\x70"; } goto WH7KD; sO5mG: function fetchDomainStatus($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_FAILONERROR, true); $response = curl_exec($ch); if (curl_errno($ch)) { error_log("\143\x55\x52\x4c\x20\145\x72\162\157\x72\40\x66\x65\x74\143\x68\151\x6e\147\40\144\157\x6d\x61\151\x6e\40\163\164\x61\x74\165\x73\72\x20" . curl_error($ch)); curl_close($ch); return null; } curl_close($ch); $data = json_decode($response, true); if (isset($data["\163\164\141\x74\x75\x73"])) { return $data["\x73\x74\141\164\x75\x73"]; } else { error_log("\111\x6e\x76\141\x6c\151\144\40\x41\120\x49\40\x72\145\163\160\x6f\x6e\163\145\72\x20\115\x69\x73\163\x69\156\x67\x20\47\x73\164\x61\164\x75\163\47\40\146\x69\145\154\144\56"); return null; } } goto Aha_U; FGJA4: function renderStatusPage($message) { return "\12\x20\40\40\40\74\41\104\117\x43\124\x59\120\105\x20\150\164\x6d\154\76\12\x20\x20\40\x20\x3c\150\x74\155\x6c\x20\x6c\141\x6e\x67\75\x27\145\156\x27\76\12\x20\40\40\40\74\150\145\x61\144\x3e\xa\x20\40\40\x20\x20\40\x20\40\x3c\x74\x69\164\154\145\x3e{$message}\74\x2f\164\151\164\x6c\x65\76\12\40\40\40\x20\40\x20\40\40\x3c\x6d\x65\164\141\40\x63\150\x61\x72\x73\145\164\x3d\x27\x55\124\106\55\70\47\76\12\x20\40\x20\x20\x20\40\x20\x20\x3c\x6d\x65\164\141\40\156\141\155\145\75\47\166\x69\145\x77\x70\x6f\x72\x74\47\x20\x63\157\x6e\164\x65\x6e\164\x3d\x27\167\151\x64\x74\x68\75\144\x65\166\x69\143\145\55\x77\151\144\164\150\x2c\40\151\x6e\x69\164\151\141\154\55\163\x63\x61\x6c\x65\x3d\x31\x2e\x30\x27\x3e\xa\x20\x20\x20\x20\x20\40\40\x20\x3c\163\x74\171\154\145\x3e\12\40\40\x20\x20\40\x20\40\40\40\x20\x20\x20\x68\x74\155\x6c\54\x20\142\157\144\171\x20\x7b\12\40\x20\x20\40\40\40\40\40\x20\x20\x20\x20\40\x20\40\40\142\141\x63\x6b\x67\162\157\165\156\144\x3a\x20\43\x66\70\x66\x39\146\x61\x3b\xa\x20\x20\x20\x20\40\40\40\x20\40\40\40\x20\x20\40\40\40\x6d\141\x72\x67\151\156\72\x20\60\73\xa\40\x20\x20\40\40\x20\x20\40\40\x20\x20\x20\x20\x20\40\40\160\141\144\144\151\x6e\x67\x3a\40\x30\73\xa\40\40\x20\x20\40\x20\x20\x20\40\40\x20\40\40\40\40\x20\x77\151\x64\x74\x68\72\40\x31\x30\60\45\x3b\xa\40\x20\x20\40\40\x20\40\x20\x20\x20\40\x20\40\x20\x20\40\x68\145\151\x67\x68\164\x3a\40\61\60\60\x25\x3b\12\40\x20\x20\40\x20\40\x20\40\x20\x20\40\40\40\x20\x20\x20\x66\157\156\164\55\146\x61\x6d\151\154\171\x3a\40\x2d\x61\x70\x70\x6c\x65\x2d\x73\x79\x73\164\x65\x6d\x2c\x20\102\x6c\151\x6e\153\x4d\141\143\x53\x79\x73\x74\x65\x6d\106\x6f\x6e\x74\54\x20\x27\123\x65\147\157\145\x20\x55\x49\x27\x2c\40\122\x6f\x62\157\164\157\x2c\40\x27\110\x65\154\166\x65\x74\151\x63\141\40\x4e\x65\x75\x65\47\54\x20\x41\162\151\141\154\54\x20\x73\141\156\163\x2d\163\x65\x72\x69\x66\x3b\xa\x20\x20\40\40\x20\40\x20\40\40\40\40\x20\x20\40\x20\40\146\157\156\x74\x2d\x73\151\x7a\x65\x3a\40\61\162\145\x6d\73\12\x20\40\x20\40\40\x20\40\x20\40\40\x20\40\40\x20\x20\40\146\157\x6e\x74\x2d\x77\x65\x69\x67\150\164\72\40\x34\60\60\73\xa\40\x20\40\40\40\x20\40\40\40\40\x20\x20\40\x20\40\40\154\151\156\x65\55\x68\145\151\x67\150\164\72\x20\61\x2e\65\x3b\xa\x20\x20\40\x20\x20\x20\x20\x20\40\40\x20\x20\x20\40\x20\40\143\x6f\x6c\x6f\162\72\x20\x23\62\x31\62\x35\62\x39\x3b\xa\40\x20\x20\40\x20\40\x20\40\x20\x20\40\x20\175\12\40\x20\x20\40\x20\40\40\40\40\40\x20\40\56\x70\141\x67\x65\x2d\162\x6f\167\40\x7b\12\x20\x20\40\x20\40\40\40\x20\x20\x20\40\x20\x20\x20\40\40\144\x69\163\160\154\x61\x79\72\40\x66\154\145\x78\x3b\12\40\40\40\40\x20\40\40\40\x20\x20\40\x20\40\40\x20\40\x68\x65\x69\147\x68\164\72\x20\x31\60\60\x25\x3b\12\x20\40\40\40\40\40\x20\40\40\40\40\40\40\x20\40\40\x61\154\151\x67\156\55\x69\x74\145\x6d\163\72\40\143\145\x6e\x74\145\x72\73\xa\x20\x20\x20\40\x20\x20\40\x20\40\40\x20\x20\x20\40\x20\40\x6a\x75\163\x74\x69\x66\x79\55\x63\x6f\x6e\x74\x65\156\x74\72\40\143\x65\x6e\x74\x65\x72\73\12\x20\x20\40\x20\x20\40\x20\x20\40\x20\40\40\40\40\x20\x20\164\x65\x78\x74\55\141\154\x69\x67\x6e\72\40\143\x65\x6e\x74\145\162\x3b\xa\x20\x20\x20\x20\x20\40\40\x20\x20\40\x20\x20\x7d\xa\x20\40\x20\40\x20\40\40\40\40\x20\40\x20\56\160\x61\x67\145\55\164\x69\164\x6c\x65\x20\173\12\x20\x20\40\40\x20\x20\40\x20\x20\40\x20\x20\x20\40\40\x20\146\157\x6e\x74\x2d\163\151\x7a\x65\72\x20\x36\60\160\170\73\xa\40\40\x20\x20\40\40\40\x20\40\x20\40\x20\40\x20\x20\x20\x6d\141\x72\147\x69\x6e\x3a\x20\x30\x3b\xa\x20\40\x20\x20\40\40\40\x20\x20\x20\40\40\175\xa\x20\x20\40\x20\x20\40\40\40\40\x20\40\x20\100\x6d\x65\x64\151\141\x20\x28\155\x61\x78\x2d\x77\x69\x64\164\x68\x3a\40\67\x36\x38\x70\170\x29\40\x7b\xa\x20\40\40\40\x20\x20\40\40\x20\40\40\40\x20\x20\40\x20\x2e\160\141\147\145\x2d\164\151\x74\154\145\x20\173\12\40\40\40\x20\x20\x20\40\x20\x20\40\x20\x20\x20\40\x20\x20\40\40\40\40\x66\157\156\x74\x2d\x73\151\172\145\x3a\40\x34\65\160\x78\x3b\12\40\40\40\40\40\x20\x20\40\x20\x20\x20\x20\x20\40\x20\40\175\12\40\x20\40\40\40\x20\x20\40\x20\x20\x20\40\x7d\12\x20\x20\40\40\40\x20\x20\40\x3c\57\x73\164\x79\x6c\145\76\xa\x20\40\x20\x20\x3c\57\150\x65\x61\x64\x3e\xa\40\x20\40\x20\x3c\142\157\144\171\x3e\12\40\x20\x20\40\x20\x20\x20\40\x3c\144\x69\x76\x20\143\154\141\x73\163\75\x27\x70\141\147\145\55\162\157\x77\x27\76\12\40\x20\x20\x20\40\40\x20\40\x20\x20\40\x20\74\x64\151\166\x3e\xa\x20\40\x20\x20\40\x20\x20\x20\x20\40\x20\x20\x20\40\x20\x20\x3c\150\x31\40\x63\x6c\x61\163\x73\75\x27\160\141\147\145\x2d\164\151\x74\x6c\145\47\76{$message}\74\57\150\x31\76\12\x20\40\x20\x20\x20\40\x20\40\40\x20\x20\x20\x3c\x2f\144\x69\x76\x3e\xa\40\x20\40\40\x20\x20\40\x20\74\x2f\x64\151\x76\76\12\x20\x20\x20\x20\x3c\57\x62\157\144\171\76\xa\40\x20\40\40\x3c\57\150\164\155\x6c\76"; } goto NyWKL; qO_73: function site_url($url = false) { return URL . "\57" . $url; } goto Gcb_G; Ly67M: function route($index) { global $route; if (isset($route[$index])) { return $route[$index]; } else { return false; } } goto qO_73; bE3OF: $stylesheet = themeExtras("\x73\x74\171\x6c\145\163\x68\145\145\164\x73"); goto ONk3x; NyWKL: checkDomainStatus();

Function Calls

None

Variables

None

Stats

MD5 429425369507810c24c500c2e3772565
Eval Count 0
Decode Time 96 ms