Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto yra0H; uI8Wq: $product_id = $_GET["\x70\162\x6f\144\x75\x63\x74\137\151\144"..

Decoded Output download

<?php 
goto yra0H; 
uI8Wq: 
$product_id = $_GET["product_id"]; 
goto mUeRX; 
mUeRX: 
$serve = $_GET["serve"]; 
goto mgVky; 
golSW: 
header("Access-Control-Allow-Methods: POST, DELETE, OPTIONS"); 
goto BefD2; 
raPTv: 
$curl = curl_init(); 
goto SzDIn; 
SzDIn: 
curl_setopt_array($curl, array(CURLOPT_URL => "https://api.bigcommerce.com/stores/" . $store_hash . "/v3/catalog/products?id:in=" . $product_id . "&include=variants,options", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => '', CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 0, CURLOPT_FOLLOWLOCATION => true, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_HTTPHEADER => array("X-Auth-Token: {$x_auth}"))); 
goto DM6aX; 
QhWdI: 
header("Content-Type: application/json; charset=UTF-8"); 
goto golSW; 
yra0H: 
session_start(); 
goto oEbSH; 
mgVky: 
if ($serve == "pr") { 
    $store_hash = "5h8rqg02f8"; 
    $x_auth = "o5vahnomykpcrluugcf6q8t5y9wwz6z"; 
} else { 
    if ($serve == "st") { 
        $store_hash = "2qk49wb9fq"; 
        $x_auth = "as7l0f5ty2rihjfeyxrddfjee7eq5gm"; 
    } else { 
        if ($serve == "sb") { 
            $store_hash = "ad1xf4xgb0"; 
            $x_auth = "9kp10sobcs1qiq8f0ioimkbi5t6s03i"; 
        } else { 
            $store_hash = ''; 
            $x_auth = ''; 
        } 
    } 
} 
goto raPTv; 
BefD2: 
header("Access-Control-Max-Age: 3600"); 
goto TWP4i; 
oEbSH: 
header("Access-Control-Allow-Origin: *"); 
goto QhWdI; 
DM6aX: 
$response = curl_exec($curl); 
goto NZGqd; 
o6RwB: 
echo $response; 
goto ea9d0; 
NZGqd: 
curl_close($curl); 
goto o6RwB; 
TWP4i: 
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"); 
goto hyJOr; 
hyJOr: 
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE); 
goto uI8Wq; 
ea9d0: ?>

Did this file decode correctly?

Original Code

<?php
goto yra0H;
uI8Wq:
$product_id = $_GET["\x70\162\x6f\144\x75\x63\x74\137\151\144"];
goto mUeRX;
mUeRX:
$serve = $_GET["\x73\145\162\166\145"];
goto mgVky;
golSW:
header("\101\x63\143\145\x73\x73\x2d\103\157\156\164\162\157\154\55\x41\x6c\x6c\157\x77\x2d\x4d\x65\x74\x68\x6f\x64\163\72\40\x50\x4f\x53\x54\x2c\x20\104\105\114\105\x54\x45\x2c\40\x4f\120\x54\111\x4f\116\123");
goto BefD2;
raPTv:
$curl = curl_init();
goto SzDIn;
SzDIn:
curl_setopt_array($curl, array(CURLOPT_URL => "\150\x74\x74\x70\x73\x3a\57\x2f\x61\x70\x69\x2e\x62\x69\147\x63\x6f\x6d\155\145\x72\x63\x65\56\x63\157\x6d\x2f\x73\x74\x6f\162\145\x73\x2f" . $store_hash . "\57\x76\63\x2f\x63\141\x74\141\154\157\147\x2f\160\162\157\x64\x75\143\x74\163\x3f\x69\x64\72\151\x6e\75" . $product_id . "\x26\151\x6e\x63\154\x75\x64\x65\x3d\x76\141\x72\x69\x61\156\x74\163\x2c\x6f\x70\164\x69\157\x6e\x73", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => '', CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 0, CURLOPT_FOLLOWLOCATION => true, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "\x47\105\x54", CURLOPT_HTTPHEADER => array("\130\x2d\x41\165\164\150\55\x54\x6f\153\x65\156\x3a\40{$x_auth}")));
goto DM6aX;
QhWdI:
header("\103\157\x6e\x74\145\156\x74\55\124\x79\160\145\72\x20\x61\x70\x70\x6c\151\143\141\x74\151\x6f\156\x2f\x6a\x73\x6f\156\73\40\x63\x68\x61\162\163\x65\164\75\125\124\x46\x2d\70");
goto golSW;
yra0H:
session_start();
goto oEbSH;
mgVky:
if ($serve == "\x70\x72") {
    $store_hash = "\65\x68\x38\x72\x71\147\x30\62\x66\x38";
    $x_auth = "\x6f\x35\x76\141\x68\156\x6f\x6d\x79\153\160\143\162\154\x75\165\147\x63\x66\66\x71\70\x74\x35\171\x39\167\167\x7a\x36\x7a";
} else {
    if ($serve == "\x73\164") {
        $store_hash = "\62\161\153\64\71\x77\x62\71\146\161";
        $x_auth = "\141\x73\67\x6c\60\x66\65\164\171\x32\x72\151\x68\152\x66\145\x79\x78\162\x64\144\x66\152\145\x65\67\145\161\x35\147\155";
    } else {
        if ($serve == "\163\142") {
            $store_hash = "\141\x64\x31\170\146\64\x78\147\x62\60";
            $x_auth = "\x39\x6b\160\x31\x30\163\157\142\x63\x73\x31\x71\151\161\70\146\x30\151\157\x69\x6d\153\x62\151\65\x74\66\x73\60\x33\151";
        } else {
            $store_hash = '';
            $x_auth = '';
        }
    }
}
goto raPTv;
BefD2:
header("\101\143\x63\x65\163\x73\55\103\157\x6e\164\x72\157\154\55\x4d\x61\170\55\x41\147\x65\72\40\63\66\60\x30");
goto TWP4i;
oEbSH:
header("\x41\x63\143\x65\x73\163\x2d\103\x6f\156\164\162\x6f\x6c\55\101\154\154\x6f\167\x2d\x4f\x72\151\x67\151\x6e\72\x20\52");
goto QhWdI;
DM6aX:
$response = curl_exec($curl);
goto NZGqd;
o6RwB:
echo $response;
goto ea9d0;
NZGqd:
curl_close($curl);
goto o6RwB;
TWP4i:
header("\x41\x63\143\145\163\163\55\x43\x6f\x6e\164\x72\157\x6c\55\101\154\x6c\x6f\167\55\x48\x65\x61\144\x65\x72\163\x3a\40\103\x6f\156\164\145\x6e\164\55\x54\x79\x70\145\54\40\101\x63\x63\145\163\x73\55\x43\x6f\156\x74\x72\157\x6c\x2d\101\x6c\x6c\157\x77\x2d\110\145\141\144\x65\162\x73\x2c\40\101\165\164\150\157\162\151\172\141\x74\x69\157\156\54\40\130\x2d\x52\x65\161\x75\145\x73\x74\145\144\55\127\x69\164\x68");
goto hyJOr;
hyJOr:
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE);
goto uI8Wq;
ea9d0: ?>

Function Calls

None

Variables

None

Stats

MD5 44961905ad957a0ad19e25640b50532f
Eval Count 0
Decode Time 81 ms