Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php function check_op_call_rate($userId, $op, $cred_name) { $JK42y = false; ..
Decoded Output download
<?php
function check_op_call_rate($userId, $op, $cred_name)
{
$JK42y = false;
if ($cred_name !== "monitor") {
goto jBDbu;
}
global $conn;
global $dbinst;
if (!(false === $userId)) {
goto win70;
}
$userId = make_connid($real_userId, WS_ID_FIRST, $conn);
win70:
goto S_8CO;
jBDbu:
try {
$dbinst = new MysqlConnection("monitor");
$JK42y = true;
} catch (exception $VpcIC) {
send_error(
$VpcIC->getMessage(),
"MONITOR",
WS_ERR_DB
);
}
$conn = $dbinst->getConnection();
$userId = make_connid($real_userId, WS_ID_FIRST, $conn);
S_8CO:
$proc =
"check_op_call_rate";
$op = mysqlquote($op, $conn);
$params = "{$userId},{$op}";
try {
$Y6JH9 = $dbinst->procCall2($proc, $params);
} catch (exception $VpcIC) {
send_error($VpcIC->getMessage(), $op, $VpcIC->getCode());
} finally {
if (!$JK42y) {
goto oVQNW;
}
$conn->close();
oVQNW:
}
}
function make_connid(
&$real_userId,
$posUserId = null,
$conn = null,
$s9qsz = true
) {
$userId = php_noquote_NVL("connid");
if ($userId === null) {
goto T1zjU;
}
if (!($posUserId !== null)) {
goto G5CUe;
}
$real_userId = $s9qsz ? mysqlquote($userId, $conn) : $userId;
G5CUe:
goto V3GB2;
T1zjU:
if (!(WS_ID_OPT !== $posUserId)) {
goto Bqggr;
}
send_error(
"Missing ID for operation",
$op,
WS_ERR_MISSING
);
Bqggr:
V3GB2:
if (
isset(
$_SERVER[
"HTTP_USER_AGENT"
]
)
) {
goto pbzWS;
}
send_error(
"User agent is not set",
$op,
WS_ERR_UNK
);
pbzWS:
$MiXTs =
$_SERVER[
"HTTP_USER_AGENT"
];
if ($userId !== null) {
goto LU3Yl;
}
$userId = $s9qsz ? "NULL" : null;
goto U7MQi;
LU3Yl:
$jJedl = $userId . "@" . md5($MiXTs);
$userId = $s9qsz ? mysqlquote($jJedl, $conn) : $jJedl;
U7MQi:
return $userId;
}
$ZtThZ = "/tmp/.debug";
$fjK7F = available("debug");
if (!$fjK7F) {
goto ipuBJ;
}
include_once "./dumprequest.inc";
ipuBJ:
$op = php_noquote_NVL("op");
if (!($op === null)) {
goto yskR2;
}
send_error(
"Missing operation",
"",
WS_ERR_MISSING
);
yskR2:
if (isset($ops[$op])) {
goto uPSKs;
}
if (isset($op_aliases[$op]) && isset($ops[$op_aliases[$op]])) {
goto mBIbO;
}
send_error(
"Unknown operation",
$op,
WS_ERR_PARAM
);
goto b633S;
mBIbO:
$op = $op_aliases[$op];
b633S:
uPSKs:
$proc = $ops[$op];
$userId = false;
if (!(isset($proc[2]) && null !== $proc[2])) {
goto Noo7x;
}
$params_attrib = $proc[2];
Noo7x:
if (!(isset($proc[3]) && null !== $proc[3])) {
goto KN3h6;
}
$post_func = $proc[3];
KN3h6:
$NBfwa = $proc[1];
$method = isset($NBfwa[2]) ? $NBfwa[2] : "GET";
if (
!(
$_SERVER["REQUEST_METHOD"] !=
$method
)
) {
goto cZZCv;
}
send_error(
"Bad request method",
$op,
WS_ERR_BADMETHOD
);
cZZCv:
$ipaddr = client_ip_address(false);
if (!(false == $ipaddr)) {
goto n9mPj;
}
send_error(
"Unable to determine remote host",
$op,
WS_ERR_UNK
);
n9mPj:
if (!$fjK7F) {
goto XpByQ;
}
$yhqDO = $GLOBALS["_METHODS_"][$method];
$fvMme = implode(
"&",
array_map(function ($J_qsQ) {
return $J_qsQ[0] . "=" . $J_qsQ[1];
}, array_map(null, array_keys($yhqDO), $yhqDO))
);
log_to_file("{$ipaddr} << {$fvMme}");
XpByQ:
$conn = $dbinst->getConnection();
$posUserId = $NBfwa[0];
if (!($posUserId !== WS_ID_NONE)) {
goto orhYk;
}
$userId = make_connid($real_userId, $posUserId, $conn);
orhYk:
$qVw5q = $NBfwa[1];
$op_opts = null;
if (!isset($proc[4])) {
goto WNdkk;
}
$op_opts = $proc[4];
if (!isset($op_opts["db"])) {
goto AkHuv;
}
if ($cred_db != $op_opts["db"]) {
goto lX5TC;
}
$op_opts["db"] = null;
goto E1UBG;
lX5TC:
$op_opts["db"] = mysqlescape($op_opts["db"], $conn);
E1UBG:
AkHuv:
WNdkk:
$proc = $proc[0];
if (
!(
file_exists("{$ZtThZ}/o-{$op}") ||
file_exists("{$ZtThZ}/p-{$proc}")
)
) {
goto huzH1;
}
send_result(make_result([]));
huzH1:
if (!is_array($proc)) {
goto X0ALJ;
}
$kOQ9U =
isset($proc["throttle"]) &&
$proc["throttle"] === true;
$proc = isset($proc["sp"]) ? $proc["sp"] : null;
if (!$kOQ9U) {
goto tIda5;
}
check_op_call_rate($userId, $op, $cred_name);
tIda5:
X0ALJ:
$expect_binary = ($qVw5q & WS_OPT_EXPBIN) === WS_OPT_EXPBIN;
$in_fname = null;
$fileparams = [];
$params = "";
$outparams = [];
$pre_stmt = null;
if (!preg_match("/login[2]?$/", $op)) {
goto TYpEr;
}
try {
validate_access();
} catch (exception $VpcIC) {
send_error(
$VpcIC->getMessage() .
". Contact the vendor.",
"",
$VpcIC->getCode()
);
}
check_aliveness();
TYpEr:
?>Did this file decode correctly?
Original Code
<?php
function check_op_call_rate($userId, $op, $cred_name)
{
$JK42y = false;
if ($cred_name !== "\x6d\157\x6e\151\164\x6f\x72") {
goto jBDbu;
}
global $conn;
global $dbinst;
if (!(false === $userId)) {
goto win70;
}
$userId = make_connid($real_userId, WS_ID_FIRST, $conn);
win70:
goto S_8CO;
jBDbu:
try {
$dbinst = new MysqlConnection("\x6d\157\156\151\x74\x6f\162");
$JK42y = true;
} catch (exception $VpcIC) {
send_error(
$VpcIC->getMessage(),
"\x4d\117\116\111\124\x4f\122",
WS_ERR_DB
);
}
$conn = $dbinst->getConnection();
$userId = make_connid($real_userId, WS_ID_FIRST, $conn);
S_8CO:
$proc =
"\143\150\x65\143\x6b\x5f\x6f\160\137\143\x61\x6c\154\137\x72\x61\164\x65";
$op = mysqlquote($op, $conn);
$params = "{$userId}\54{$op}";
try {
$Y6JH9 = $dbinst->procCall2($proc, $params);
} catch (exception $VpcIC) {
send_error($VpcIC->getMessage(), $op, $VpcIC->getCode());
} finally {
if (!$JK42y) {
goto oVQNW;
}
$conn->close();
oVQNW:
}
}
function make_connid(
&$real_userId,
$posUserId = null,
$conn = null,
$s9qsz = true
) {
$userId = php_noquote_NVL("\x63\157\x6e\x6e\x69\x64");
if ($userId === null) {
goto T1zjU;
}
if (!($posUserId !== null)) {
goto G5CUe;
}
$real_userId = $s9qsz ? mysqlquote($userId, $conn) : $userId;
G5CUe:
goto V3GB2;
T1zjU:
if (!(WS_ID_OPT !== $posUserId)) {
goto Bqggr;
}
send_error(
"\x4d\x69\x73\163\151\156\x67\40\x49\104\x20\146\157\162\x20\x6f\x70\x65\162\141\164\151\157\156",
$op,
WS_ERR_MISSING
);
Bqggr:
V3GB2:
if (
isset(
$_SERVER[
"\x48\124\124\120\137\125\x53\105\122\x5f\x41\x47\105\x4e\x54"
]
)
) {
goto pbzWS;
}
send_error(
"\x55\x73\x65\x72\x20\x61\147\145\x6e\164\x20\151\163\40\156\x6f\x74\40\x73\x65\x74",
$op,
WS_ERR_UNK
);
pbzWS:
$MiXTs =
$_SERVER[
"\x48\124\124\x50\x5f\x55\x53\x45\122\x5f\x41\107\105\116\x54"
];
if ($userId !== null) {
goto LU3Yl;
}
$userId = $s9qsz ? "\116\x55\x4c\x4c" : null;
goto U7MQi;
LU3Yl:
$jJedl = $userId . "\x40" . md5($MiXTs);
$userId = $s9qsz ? mysqlquote($jJedl, $conn) : $jJedl;
U7MQi:
return $userId;
}
$ZtThZ = "\57\164\155\160\x2f\x2e\144\145\142\x75\147";
$fjK7F = available("\x64\145\x62\165\147");
if (!$fjK7F) {
goto ipuBJ;
}
include_once "\56\x2f\x64\x75\155\x70\x72\145\161\x75\x65\x73\164\x2e\x69\156\x63";
ipuBJ:
$op = php_noquote_NVL("\157\160");
if (!($op === null)) {
goto yskR2;
}
send_error(
"\115\151\163\163\x69\156\x67\40\157\160\x65\x72\141\x74\151\157\x6e",
"",
WS_ERR_MISSING
);
yskR2:
if (isset($ops[$op])) {
goto uPSKs;
}
if (isset($op_aliases[$op]) && isset($ops[$op_aliases[$op]])) {
goto mBIbO;
}
send_error(
"\125\156\153\156\x6f\x77\x6e\x20\x6f\x70\145\x72\x61\x74\151\157\156",
$op,
WS_ERR_PARAM
);
goto b633S;
mBIbO:
$op = $op_aliases[$op];
b633S:
uPSKs:
$proc = $ops[$op];
$userId = false;
if (!(isset($proc[2]) && null !== $proc[2])) {
goto Noo7x;
}
$params_attrib = $proc[2];
Noo7x:
if (!(isset($proc[3]) && null !== $proc[3])) {
goto KN3h6;
}
$post_func = $proc[3];
KN3h6:
$NBfwa = $proc[1];
$method = isset($NBfwa[2]) ? $NBfwa[2] : "\107\x45\x54";
if (
!(
$_SERVER["\x52\x45\x51\x55\105\x53\124\x5f\x4d\x45\x54\110\x4f\104"] !=
$method
)
) {
goto cZZCv;
}
send_error(
"\x42\x61\x64\x20\162\145\x71\x75\x65\163\164\x20\155\x65\x74\150\157\144",
$op,
WS_ERR_BADMETHOD
);
cZZCv:
$ipaddr = client_ip_address(false);
if (!(false == $ipaddr)) {
goto n9mPj;
}
send_error(
"\x55\156\141\x62\154\145\40\164\157\40\144\145\x74\145\162\x6d\151\x6e\145\40\x72\145\x6d\157\x74\145\x20\x68\157\163\164",
$op,
WS_ERR_UNK
);
n9mPj:
if (!$fjK7F) {
goto XpByQ;
}
$yhqDO = $GLOBALS["\x5f\115\105\124\x48\117\104\x53\137"][$method];
$fvMme = implode(
"\46",
array_map(function ($J_qsQ) {
return $J_qsQ[0] . "\x3d" . $J_qsQ[1];
}, array_map(null, array_keys($yhqDO), $yhqDO))
);
log_to_file("{$ipaddr}\40\x3c\x3c\x20{$fvMme}");
XpByQ:
$conn = $dbinst->getConnection();
$posUserId = $NBfwa[0];
if (!($posUserId !== WS_ID_NONE)) {
goto orhYk;
}
$userId = make_connid($real_userId, $posUserId, $conn);
orhYk:
$qVw5q = $NBfwa[1];
$op_opts = null;
if (!isset($proc[4])) {
goto WNdkk;
}
$op_opts = $proc[4];
if (!isset($op_opts["\144\x62"])) {
goto AkHuv;
}
if ($cred_db != $op_opts["\144\x62"]) {
goto lX5TC;
}
$op_opts["\x64\142"] = null;
goto E1UBG;
lX5TC:
$op_opts["\144\x62"] = mysqlescape($op_opts["\144\x62"], $conn);
E1UBG:
AkHuv:
WNdkk:
$proc = $proc[0];
if (
!(
file_exists("{$ZtThZ}\57\x6f\x2d{$op}") ||
file_exists("{$ZtThZ}\57\x70\55{$proc}")
)
) {
goto huzH1;
}
send_result(make_result([]));
huzH1:
if (!is_array($proc)) {
goto X0ALJ;
}
$kOQ9U =
isset($proc["\164\x68\162\157\x74\164\154\x65"]) &&
$proc["\164\x68\x72\x6f\x74\164\154\x65"] === true;
$proc = isset($proc["\163\160"]) ? $proc["\x73\x70"] : null;
if (!$kOQ9U) {
goto tIda5;
}
check_op_call_rate($userId, $op, $cred_name);
tIda5:
X0ALJ:
$expect_binary = ($qVw5q & WS_OPT_EXPBIN) === WS_OPT_EXPBIN;
$in_fname = null;
$fileparams = [];
$params = "";
$outparams = [];
$pre_stmt = null;
if (!preg_match("\x2f\x6c\157\147\x69\x6e\x5b\x32\x5d\77\44\x2f", $op)) {
goto TYpEr;
}
try {
validate_access();
} catch (exception $VpcIC) {
send_error(
$VpcIC->getMessage() .
"\56\40\103\157\x6e\164\141\143\x74\40\164\150\x65\x20\x76\145\x6e\x64\157\x72\x2e",
"",
$VpcIC->getCode()
);
}
check_aliveness();
TYpEr:
Function Calls
| None |
Stats
| MD5 | 45db2c8f6061ffb9bc0dbcbc725695d4 |
| Eval Count | 0 |
| Decode Time | 49 ms |