Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $_F=__FILE__;$_X='Pz48P3BocA0KICAJY2wxc3MgTDJnNG4gew0KCQljMm5zdCBFUlJPUl9FTVBUWV9MT0..

Decoded Output download

?><?php
  	class Login {
		const ERROR_EMPTY_LOGIN = "Please fill in all fields!";
		const ERROR_VALIDATE_LOGIN = "Username or password doesn't match!";
		const ERROR_BANNED_LOGIN = "Sorry, you have been banned from viewing this page!";
		private $username;
		private $password;	
		private $ytk;
		private $userID;
		public function __construct() {
			session_start();
			$this->connectToMySQL();
			$this->checkUserIP();		
			if(!isset($_SESSION['auth'])){
				$_SESSION['auth'] = 0;
			}		
		}
		public function getUsername() {
			return $this->username;
		}
		public function getPassword() {
			return $this->password;
		}
		public function getEncryptedPassword() {
			return $this->password;
		}	
		public function getUserIP() {
			return getenv("REMOTE_ADDR");
		}
		public function validateEmail($email) {
			if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
				return false;
			}
			return true;
		}
		public function connectToMySQL() {	
			@mysql_connect(DB_SERVER, DB_USER, DB_PASS) OR die("Cannot connect to MySQL server!");	
			mysql_select_db(DB_DATABASE) OR die("Cannot select database!");
		}
		public function verifyLogin($username, $password, $yetki = 0) { 
			$this->username = $username;
			if(empty($username) || empty($password)) {
				throw new Exception(Login::ERROR_EMPTY_LOGIN);
			}	
			else {
			$where = '';
			if (is_array($yetki))
			{
				foreach ($yetki as $y)
				{
					if (empty($where))
						$where = ' AND yetki IN ('.$y;
					else
						$where .= ', '.$y;
				}
				$where .= ')';
			}
			else if ($yetki > 0)
			{
				$where = ' AND yetki = '.$yetki;
			}
			$query = sprintf("SELECT * FROM uye WHERE rumuz = '%s' AND 
						sifre = '%s' ".$where." AND durum = '1' LIMIT 0,1", 											
						$this->clean($username),
						$this->clean($password));
			$result = mysql_query($query) OR die('Ge&#231;ersiz Sorgu!');	
				if (mysql_num_rows($result) == 1) {
					$r = mysql_fetch_assoc($result);
					$this->ytk = $r['yetki'];
					$this->userID = $r['id'];
					$_SESSION['auth'] = 1;
					$this->sessionVerify();
					header("Location: secure.php");
				}
				else {
					$ip = $this->getUserIP();			
					mysql_query("INSERT INTO uye_hatali_giris(IP,tarih) VALUES('$ip','".date('Y-m-d H:i:s')."')");
				
					$_SESSION['auth'] = 0;
					throw new Exception(Login::ERROR_VALIDATE_LOGIN);
				}
			}	
			mysql_free_result($result);			
		}
		public function checkUserIP() {
			$ip = $this->getUserIP();
			$query = ("SELECT * FROM uye_hatali_giris WHERE IP= '$ip' LIMIT 0,10");			  
			$result = mysql_query($query) OR die("Ge&#231;ersiz sorgu!");
				if (mysql_num_rows($result) >= 10) {
					header('Location:banned.php');
					exit;
				}
			mysql_free_result($result);
		}
		public function sessionVerify() {
			$_SESSION['auth'] = 1;
			$_SESSION['name'] = $this->username;
			$_SESSION['yetki'] = $this->ytk;
			$_SESSION['id'] = $this->userID;
             if($this->ytk == 2 || $this->ytk == 3)
            {
               $_SESSION['Adminauth'] = 1;
            }
		}
		public function verifyAccess() {
			global $conf;
			if($_SESSION['auth'] == 1) {
				return true;
			}
			else
			{
			header("Location:401.php");
			exit;
			}
		}
         public function verifyAdminAccess() {
			if($_SESSION['Adminauth'] == 1) {
				return true;
			}
			else
			{
			header("Location:401.php");
			exit;
			}
		}
 		public function clean($input) {
			return mysql_real_escape_string($input);
		}	
	}
?>

Did this file decode correctly?

Original Code

<?php $_F=__FILE__;$_X='Pz48P3BocA0KICAJY2wxc3MgTDJnNG4gew0KCQljMm5zdCBFUlJPUl9FTVBUWV9MT0dJTiA9ICJQbDUxczUgZjRsbCA0biAxbGwgZjQ1bGRzISI7DQoJCWMybnN0IEVSUk9SX1ZBTElEQVRFX0xPR0lOID0gIlVzNXJuMW01IDJyIHAxc3N3MnJkIGQyNXNuJ3QgbTF0Y2ghIjsNCgkJYzJuc3QgRVJST1JfQkFOTkVEX0xPR0lOID0gIlMycnJ5LCB5MjMgaDF2NSBiNTVuIGIxbm41ZCBmcjJtIHY0NXc0bmcgdGg0cyBwMWc1ISI7DQoJCXByNHYxdDUgJDNzNXJuMW01Ow0KCQlwcjR2MXQ1ICRwMXNzdzJyZDsJDQoJCXByNHYxdDUgJHl0azsNCgkJcHI0djF0NSAkM3M1cklEOw0KCQlwM2JsNGMgZjNuY3Q0Mm4gX19jMm5zdHIzY3QoKSB7DQoJCQlzNXNzNDJuX3N0MXJ0KCk7DQoJCQkkdGg0cy0+YzJubjVjdFQyTXlTUUwoKTsNCgkJCSR0aDRzLT5jaDVja1VzNXJJUCgpOwkJDQoJCQk0ZighNHNzNXQoJF9TRVNTSU9OWycxM3RoJ10pKXsNCgkJCQkkX1NFU1NJT05bJzEzdGgnXSA9IDA7DQoJCQl9CQkNCgkJfQ0KCQlwM2JsNGMgZjNuY3Q0Mm4gZzV0VXM1cm4xbTUoKSB7DQoJCQlyNXQzcm4gJHRoNHMtPjNzNXJuMW01Ow0KCQl9DQoJCXAzYmw0YyBmM25jdDQybiBnNXRQMXNzdzJyZCgpIHsNCgkJCXI1dDNybiAkdGg0cy0+cDFzc3cycmQ7DQoJCX0NCgkJcDNibDRjIGYzbmN0NDJuIGc1dEVuY3J5cHQ1ZFAxc3N3MnJkKCkgew0KCQkJcjV0M3JuICR0aDRzLT5wMXNzdzJyZDsNCgkJfQkNCgkJcDNibDRjIGYzbmN0NDJuIGc1dFVzNXJJUCgpIHsNCgkJCXI1dDNybiBnNXQ1bnYoIlJFTU9URV9BRERSIik7DQoJCX0NCgkJcDNibDRjIGYzbmN0NDJuIHYxbDRkMXQ1RW0xNGwoJDVtMTRsKSB7DQoJCQk0ZighZjRsdDVyX3YxcigkNW0xNGwsIEZJTFRFUl9WQUxJREFURV9FTUFJTCkpIHsNCgkJCQlyNXQzcm4gZjFsczU7DQoJCQl9DQoJCQlyNXQzcm4gdHIzNTsNCgkJfQ0KCQlwM2JsNGMgZjNuY3Q0Mm4gYzJubjVjdFQyTXlTUUwoKSB7CQ0KCQkJQG15c3FsX2Mybm41Y3QoREJfU0VSVkVSLCBEQl9VU0VSLCBEQl9QQVNTKSBPUiBkNDUoIkMxbm4ydCBjMm5uNWN0IHQyIE15U1FMIHM1cnY1ciEiKTsJDQoJCQlteXNxbF9zNWw1Y3RfZGIoREJfREFUQUJBU0UpIE9SIGQ0NSgiQzFubjJ0IHM1bDVjdCBkMXQxYjFzNSEiKTsNCgkJfQ0KCQlwM2JsNGMgZjNuY3Q0Mm4gdjVyNGZ5TDJnNG4oJDNzNXJuMW01LCAkcDFzc3cycmQsICR5NXRrNCA9IDApIHsgDQoJCQkkdGg0cy0+M3M1cm4xbTUgPSAkM3M1cm4xbTU7DQoJCQk0Zig1bXB0eSgkM3M1cm4xbTUpIHx8IDVtcHR5KCRwMXNzdzJyZCkpIHsNCgkJCQl0aHIydyBuNXcgRXhjNXB0NDJuKEwyZzRuOjpFUlJPUl9FTVBUWV9MT0dJTik7DQoJCQl9CQ0KCQkJNWxzNSB7DQoJCQkkd2g1cjUgPSAnJzsNCgkJCTRmICg0c18xcnIxeSgkeTV0azQpKQ0KCQkJew0KCQkJCWYycjUxY2ggKCR5NXRrNCAxcyAkeSkNCgkJCQl7DQoJCQkJCTRmICg1bXB0eSgkd2g1cjUpKQ0KCQkJCQkJJHdoNXI1ID0gJyBBTkQgeTV0azQgSU4gKCcuJHk7DQoJCQkJCTVsczUNCgkJCQkJCSR3aDVyNSAuPSAnLCAnLiR5Ow0KCQkJCX0NCgkJCQkkd2g1cjUgLj0gJyknOw0KCQkJfQ0KCQkJNWxzNSA0ZiAoJHk1dGs0ID4gMCkNCgkJCXsNCgkJCQkkd2g1cjUgPSAnIEFORCB5NXRrNCA9ICcuJHk1dGs0Ow0KCQkJfQ0KCQkJJHEzNXJ5ID0gc3ByNG50ZigiU0VMRUNUICogRlJPTSAzeTUgV0hFUkUgcjNtM3ogPSAnJXMnIEFORCANCgkJCQkJCXM0ZnI1ID0gJyVzJyAiLiR3aDVyNS4iIEFORCBkM3IzbSA9ICc2JyBMSU1JVCAwLDYiLCAJCQkJCQkJCQkJCQ0KCQkJCQkJJHRoNHMtPmNsNTFuKCQzczVybjFtNSksDQoJCQkJCQkkdGg0cy0+Y2w1MW4oJHAxc3N3MnJkKSk7DQoJCQkkcjVzM2x0ID0gbXlzcWxfcTM1cnkoJHEzNXJ5KSBPUiBkNDUoJ0c1JiNhbzY7NXJzNHogUzJyZzMhJyk7CQ0KCQkJCTRmIChteXNxbF9uM21fcjJ3cygkcjVzM2x0KSA9PSA2KSB7DQoJCQkJCSRyID0gbXlzcWxfZjV0Y2hfMXNzMmMoJHI1czNsdCk7DQoJCQkJCSR0aDRzLT55dGsgPSAkclsneTV0azQnXTsNCgkJCQkJJHRoNHMtPjNzNXJJRCA9ICRyWyc0ZCddOw0KCQkJCQkkX1NFU1NJT05bJzEzdGgnXSA9IDY7DQoJCQkJCSR0aDRzLT5zNXNzNDJuVjVyNGZ5KCk7DQoJCQkJCWg1MWQ1cigiTDJjMXQ0Mm46IHM1YzNyNS5waHAiKTsNCgkJCQl9DQoJCQkJNWxzNSB7DQoJCQkJCSQ0cCA9ICR0aDRzLT5nNXRVczVySVAoKTsJCQkNCgkJCQkJbXlzcWxfcTM1cnkoIklOU0VSVCBJTlRPIDN5NV9oMXQxbDRfZzRyNHMoSVAsdDFyNGgpIFZBTFVFUygnJDRwJywnIi5kMXQ1KCdZLW0tZCBIOjQ6cycpLiInKSIpOw0KCQkJCQ0KCQkJCQkkX1NFU1NJT05bJzEzdGgnXSA9IDA7DQoJCQkJCXRocjJ3IG41dyBFeGM1cHQ0Mm4oTDJnNG46OkVSUk9SX1ZBTElEQVRFX0xPR0lOKTsNCgkJCQl9DQoJCQl9CQ0KCQkJbXlzcWxfZnI1NV9yNXMzbHQoJHI1czNsdCk7CQkJDQoJCX0NCgkJcDNibDRjIGYzbmN0NDJuIGNoNWNrVXM1cklQKCkgew0KCQkJJDRwID0gJHRoNHMtPmc1dFVzNXJJUCgpOw0KCQkJJHEzNXJ5ID0gKCJTRUxFQ1QgKiBGUk9NIDN5NV9oMXQxbDRfZzRyNHMgV0hFUkUgSVA9ICckNHAnIExJTUlUIDAsNjAiKTsJCQkgIA0KCQkJJHI1czNsdCA9IG15c3FsX3EzNXJ5KCRxMzVyeSkgT1IgZDQ1KCJHNSYjYW82OzVyczR6IHMycmczISIpOw0KCQkJCTRmIChteXNxbF9uM21fcjJ3cygkcjVzM2x0KSA+PSA2MCkgew0KCQkJCQloNTFkNXIoJ0wyYzF0NDJuOmIxbm41ZC5waHAnKTsNCgkJCQkJNXg0dDsNCgkJCQl9DQoJCQlteXNxbF9mcjU1X3I1czNsdCgkcjVzM2x0KTsNCgkJfQ0KCQlwM2JsNGMgZjNuY3Q0Mm4gczVzczQyblY1cjRmeSgpIHsNCgkJCSRfU0VTU0lPTlsnMTN0aCddID0gNjsNCgkJCSRfU0VTU0lPTlsnbjFtNSddID0gJHRoNHMtPjNzNXJuMW01Ow0KCQkJJF9TRVNTSU9OWyd5NXRrNCddID0gJHRoNHMtPnl0azsNCgkJCSRfU0VTU0lPTlsnNGQnXSA9ICR0aDRzLT4zczVySUQ7DQogICAgICAgICAgICAgNGYoJHRoNHMtPnl0ayA9PSBhIHx8ICR0aDRzLT55dGsgPT0gbykNCiAgICAgICAgICAgIHsNCiAgICAgICAgICAgICAgICRfU0VTU0lPTlsnQWRtNG4xM3RoJ10gPSA2Ow0KICAgICAgICAgICAgfQ0KCQl9DQoJCXAzYmw0YyBmM25jdDQybiB2NXI0ZnlBY2M1c3MoKSB7DQoJCQlnbDJiMWwgJGMybmY7DQoJCQk0ZigkX1NFU1NJT05bJzEzdGgnXSA9PSA2KSB7DQoJCQkJcjV0M3JuIHRyMzU7DQoJCQl9DQoJCQk1bHM1DQoJCQl7DQoJCQloNTFkNXIoIkwyYzF0NDJuOnUwNi5waHAiKTsNCgkJCTV4NHQ7DQoJCQl9DQoJCX0NCiAgICAgICAgIHAzYmw0YyBmM25jdDQybiB2NXI0ZnlBZG00bkFjYzVzcygpIHsNCgkJCTRmKCRfU0VTU0lPTlsnQWRtNG4xM3RoJ10gPT0gNikgew0KCQkJCXI1dDNybiB0cjM1Ow0KCQkJfQ0KCQkJNWxzNQ0KCQkJew0KCQkJaDUxZDVyKCJMMmMxdDQybjp1MDYucGhwIik7DQoJCQk1eDR0Ow0KCQkJfQ0KCQl9DQogCQlwM2JsNGMgZjNuY3Q0Mm4gY2w1MW4oJDRucDN0KSB7DQoJCQlyNXQzcm4gbXlzcWxfcjUxbF81c2MxcDVfc3RyNG5nKCQ0bnAzdCk7DQoJCX0JDQoJfQ0KPz4=';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?>

Function Calls

strtr 1
ereg_replace 1
base64_decode 2

Variables

$_F index.php
$_R 0
$_X 0

Stats

MD5 5eb67aaaadb3719f908dbf2def7549dd
Eval Count 2
Decode Time 77 ms