Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $_F=__FILE__;$_X='Pz48P3BocA0KICAJY2wxc3MgTDJnNG4gew0KCQljMm5zdCBFUlJPUl9FTVBUWV9MT0..
Decoded Output download
?><?php
class Login {
const ERROR_EMPTY_LOGIN = "Please fill in all fields!";
const ERROR_VALIDATE_LOGIN = "Username or password doesn't match!";
const ERROR_BANNED_LOGIN = "Sorry, you have been banned from viewing this page!";
private $username;
private $password;
private $ytk;
private $userID;
public function __construct() {
session_start();
$this->connectToMySQL();
$this->checkUserIP();
if(!isset($_SESSION['auth'])){
$_SESSION['auth'] = 0;
}
}
public function getUsername() {
return $this->username;
}
public function getPassword() {
return $this->password;
}
public function getEncryptedPassword() {
return $this->password;
}
public function getUserIP() {
return getenv("REMOTE_ADDR");
}
public function validateEmail($email) {
if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return false;
}
return true;
}
public function connectToMySQL() {
@mysql_connect(DB_SERVER, DB_USER, DB_PASS) OR die("Cannot connect to MySQL server!");
mysql_select_db(DB_DATABASE) OR die("Cannot select database!");
}
public function verifyLogin($username, $password, $yetki = 0) {
$this->username = $username;
if(empty($username) || empty($password)) {
throw new Exception(Login::ERROR_EMPTY_LOGIN);
}
else {
$where = '';
if (is_array($yetki))
{
foreach ($yetki as $y)
{
if (empty($where))
$where = ' AND yetki IN ('.$y;
else
$where .= ', '.$y;
}
$where .= ')';
}
else if ($yetki > 0)
{
$where = ' AND yetki = '.$yetki;
}
$query = sprintf("SELECT * FROM uye WHERE rumuz = '%s' AND
sifre = '%s' ".$where." AND durum = '1' LIMIT 0,1",
$this->clean($username),
$this->clean($password));
$result = mysql_query($query) OR die('Geçersiz Sorgu!');
if (mysql_num_rows($result) == 1) {
$r = mysql_fetch_assoc($result);
$this->ytk = $r['yetki'];
$this->userID = $r['id'];
$_SESSION['auth'] = 1;
$this->sessionVerify();
header("Location: secure.php");
}
else {
$ip = $this->getUserIP();
mysql_query("INSERT INTO uye_hatali_giris(IP,tarih) VALUES('$ip','".date('Y-m-d H:i:s')."')");
$_SESSION['auth'] = 0;
throw new Exception(Login::ERROR_VALIDATE_LOGIN);
}
}
mysql_free_result($result);
}
public function checkUserIP() {
$ip = $this->getUserIP();
$query = ("SELECT * FROM uye_hatali_giris WHERE IP= '$ip' LIMIT 0,10");
$result = mysql_query($query) OR die("Geçersiz sorgu!");
if (mysql_num_rows($result) >= 10) {
header('Location:banned.php');
exit;
}
mysql_free_result($result);
}
public function sessionVerify() {
$_SESSION['auth'] = 1;
$_SESSION['name'] = $this->username;
$_SESSION['yetki'] = $this->ytk;
$_SESSION['id'] = $this->userID;
if($this->ytk == 2 || $this->ytk == 3)
{
$_SESSION['Adminauth'] = 1;
}
}
public function verifyAccess() {
global $conf;
if($_SESSION['auth'] == 1) {
return true;
}
else
{
header("Location:401.php");
exit;
}
}
public function verifyAdminAccess() {
if($_SESSION['Adminauth'] == 1) {
return true;
}
else
{
header("Location:401.php");
exit;
}
}
public function clean($input) {
return mysql_real_escape_string($input);
}
}
?>
Did this file decode correctly?
Original Code
<?php $_F=__FILE__;$_X='Pz48P3BocA0KICAJY2wxc3MgTDJnNG4gew0KCQljMm5zdCBFUlJPUl9FTVBUWV9MT0dJTiA9ICJQbDUxczUgZjRsbCA0biAxbGwgZjQ1bGRzISI7DQoJCWMybnN0IEVSUk9SX1ZBTElEQVRFX0xPR0lOID0gIlVzNXJuMW01IDJyIHAxc3N3MnJkIGQyNXNuJ3QgbTF0Y2ghIjsNCgkJYzJuc3QgRVJST1JfQkFOTkVEX0xPR0lOID0gIlMycnJ5LCB5MjMgaDF2NSBiNTVuIGIxbm41ZCBmcjJtIHY0NXc0bmcgdGg0cyBwMWc1ISI7DQoJCXByNHYxdDUgJDNzNXJuMW01Ow0KCQlwcjR2MXQ1ICRwMXNzdzJyZDsJDQoJCXByNHYxdDUgJHl0azsNCgkJcHI0djF0NSAkM3M1cklEOw0KCQlwM2JsNGMgZjNuY3Q0Mm4gX19jMm5zdHIzY3QoKSB7DQoJCQlzNXNzNDJuX3N0MXJ0KCk7DQoJCQkkdGg0cy0+YzJubjVjdFQyTXlTUUwoKTsNCgkJCSR0aDRzLT5jaDVja1VzNXJJUCgpOwkJDQoJCQk0ZighNHNzNXQoJF9TRVNTSU9OWycxM3RoJ10pKXsNCgkJCQkkX1NFU1NJT05bJzEzdGgnXSA9IDA7DQoJCQl9CQkNCgkJfQ0KCQlwM2JsNGMgZjNuY3Q0Mm4gZzV0VXM1cm4xbTUoKSB7DQoJCQlyNXQzcm4gJHRoNHMtPjNzNXJuMW01Ow0KCQl9DQoJCXAzYmw0YyBmM25jdDQybiBnNXRQMXNzdzJyZCgpIHsNCgkJCXI1dDNybiAkdGg0cy0+cDFzc3cycmQ7DQoJCX0NCgkJcDNibDRjIGYzbmN0NDJuIGc1dEVuY3J5cHQ1ZFAxc3N3MnJkKCkgew0KCQkJcjV0M3JuICR0aDRzLT5wMXNzdzJyZDsNCgkJfQkNCgkJcDNibDRjIGYzbmN0NDJuIGc1dFVzNXJJUCgpIHsNCgkJCXI1dDNybiBnNXQ1bnYoIlJFTU9URV9BRERSIik7DQoJCX0NCgkJcDNibDRjIGYzbmN0NDJuIHYxbDRkMXQ1RW0xNGwoJDVtMTRsKSB7DQoJCQk0ZighZjRsdDVyX3YxcigkNW0xNGwsIEZJTFRFUl9WQUxJREFURV9FTUFJTCkpIHsNCgkJCQlyNXQzcm4gZjFsczU7DQoJCQl9DQoJCQlyNXQzcm4gdHIzNTsNCgkJfQ0KCQlwM2JsNGMgZjNuY3Q0Mm4gYzJubjVjdFQyTXlTUUwoKSB7CQ0KCQkJQG15c3FsX2Mybm41Y3QoREJfU0VSVkVSLCBEQl9VU0VSLCBEQl9QQVNTKSBPUiBkNDUoIkMxbm4ydCBjMm5uNWN0IHQyIE15U1FMIHM1cnY1ciEiKTsJDQoJCQlteXNxbF9zNWw1Y3RfZGIoREJfREFUQUJBU0UpIE9SIGQ0NSgiQzFubjJ0IHM1bDVjdCBkMXQxYjFzNSEiKTsNCgkJfQ0KCQlwM2JsNGMgZjNuY3Q0Mm4gdjVyNGZ5TDJnNG4oJDNzNXJuMW01LCAkcDFzc3cycmQsICR5NXRrNCA9IDApIHsgDQoJCQkkdGg0cy0+M3M1cm4xbTUgPSAkM3M1cm4xbTU7DQoJCQk0Zig1bXB0eSgkM3M1cm4xbTUpIHx8IDVtcHR5KCRwMXNzdzJyZCkpIHsNCgkJCQl0aHIydyBuNXcgRXhjNXB0NDJuKEwyZzRuOjpFUlJPUl9FTVBUWV9MT0dJTik7DQoJCQl9CQ0KCQkJNWxzNSB7DQoJCQkkd2g1cjUgPSAnJzsNCgkJCTRmICg0c18xcnIxeSgkeTV0azQpKQ0KCQkJew0KCQkJCWYycjUxY2ggKCR5NXRrNCAxcyAkeSkNCgkJCQl7DQoJCQkJCTRmICg1bXB0eSgkd2g1cjUpKQ0KCQkJCQkJJHdoNXI1ID0gJyBBTkQgeTV0azQgSU4gKCcuJHk7DQoJCQkJCTVsczUNCgkJCQkJCSR3aDVyNSAuPSAnLCAnLiR5Ow0KCQkJCX0NCgkJCQkkd2g1cjUgLj0gJyknOw0KCQkJfQ0KCQkJNWxzNSA0ZiAoJHk1dGs0ID4gMCkNCgkJCXsNCgkJCQkkd2g1cjUgPSAnIEFORCB5NXRrNCA9ICcuJHk1dGs0Ow0KCQkJfQ0KCQkJJHEzNXJ5ID0gc3ByNG50ZigiU0VMRUNUICogRlJPTSAzeTUgV0hFUkUgcjNtM3ogPSAnJXMnIEFORCANCgkJCQkJCXM0ZnI1ID0gJyVzJyAiLiR3aDVyNS4iIEFORCBkM3IzbSA9ICc2JyBMSU1JVCAwLDYiLCAJCQkJCQkJCQkJCQ0KCQkJCQkJJHRoNHMtPmNsNTFuKCQzczVybjFtNSksDQoJCQkJCQkkdGg0cy0+Y2w1MW4oJHAxc3N3MnJkKSk7DQoJCQkkcjVzM2x0ID0gbXlzcWxfcTM1cnkoJHEzNXJ5KSBPUiBkNDUoJ0c1JiNhbzY7NXJzNHogUzJyZzMhJyk7CQ0KCQkJCTRmIChteXNxbF9uM21fcjJ3cygkcjVzM2x0KSA9PSA2KSB7DQoJCQkJCSRyID0gbXlzcWxfZjV0Y2hfMXNzMmMoJHI1czNsdCk7DQoJCQkJCSR0aDRzLT55dGsgPSAkclsneTV0azQnXTsNCgkJCQkJJHRoNHMtPjNzNXJJRCA9ICRyWyc0ZCddOw0KCQkJCQkkX1NFU1NJT05bJzEzdGgnXSA9IDY7DQoJCQkJCSR0aDRzLT5zNXNzNDJuVjVyNGZ5KCk7DQoJCQkJCWg1MWQ1cigiTDJjMXQ0Mm46IHM1YzNyNS5waHAiKTsNCgkJCQl9DQoJCQkJNWxzNSB7DQoJCQkJCSQ0cCA9ICR0aDRzLT5nNXRVczVySVAoKTsJCQkNCgkJCQkJbXlzcWxfcTM1cnkoIklOU0VSVCBJTlRPIDN5NV9oMXQxbDRfZzRyNHMoSVAsdDFyNGgpIFZBTFVFUygnJDRwJywnIi5kMXQ1KCdZLW0tZCBIOjQ6cycpLiInKSIpOw0KCQkJCQ0KCQkJCQkkX1NFU1NJT05bJzEzdGgnXSA9IDA7DQoJCQkJCXRocjJ3IG41dyBFeGM1cHQ0Mm4oTDJnNG46OkVSUk9SX1ZBTElEQVRFX0xPR0lOKTsNCgkJCQl9DQoJCQl9CQ0KCQkJbXlzcWxfZnI1NV9yNXMzbHQoJHI1czNsdCk7CQkJDQoJCX0NCgkJcDNibDRjIGYzbmN0NDJuIGNoNWNrVXM1cklQKCkgew0KCQkJJDRwID0gJHRoNHMtPmc1dFVzNXJJUCgpOw0KCQkJJHEzNXJ5ID0gKCJTRUxFQ1QgKiBGUk9NIDN5NV9oMXQxbDRfZzRyNHMgV0hFUkUgSVA9ICckNHAnIExJTUlUIDAsNjAiKTsJCQkgIA0KCQkJJHI1czNsdCA9IG15c3FsX3EzNXJ5KCRxMzVyeSkgT1IgZDQ1KCJHNSYjYW82OzVyczR6IHMycmczISIpOw0KCQkJCTRmIChteXNxbF9uM21fcjJ3cygkcjVzM2x0KSA+PSA2MCkgew0KCQkJCQloNTFkNXIoJ0wyYzF0NDJuOmIxbm41ZC5waHAnKTsNCgkJCQkJNXg0dDsNCgkJCQl9DQoJCQlteXNxbF9mcjU1X3I1czNsdCgkcjVzM2x0KTsNCgkJfQ0KCQlwM2JsNGMgZjNuY3Q0Mm4gczVzczQyblY1cjRmeSgpIHsNCgkJCSRfU0VTU0lPTlsnMTN0aCddID0gNjsNCgkJCSRfU0VTU0lPTlsnbjFtNSddID0gJHRoNHMtPjNzNXJuMW01Ow0KCQkJJF9TRVNTSU9OWyd5NXRrNCddID0gJHRoNHMtPnl0azsNCgkJCSRfU0VTU0lPTlsnNGQnXSA9ICR0aDRzLT4zczVySUQ7DQogICAgICAgICAgICAgNGYoJHRoNHMtPnl0ayA9PSBhIHx8ICR0aDRzLT55dGsgPT0gbykNCiAgICAgICAgICAgIHsNCiAgICAgICAgICAgICAgICRfU0VTU0lPTlsnQWRtNG4xM3RoJ10gPSA2Ow0KICAgICAgICAgICAgfQ0KCQl9DQoJCXAzYmw0YyBmM25jdDQybiB2NXI0ZnlBY2M1c3MoKSB7DQoJCQlnbDJiMWwgJGMybmY7DQoJCQk0ZigkX1NFU1NJT05bJzEzdGgnXSA9PSA2KSB7DQoJCQkJcjV0M3JuIHRyMzU7DQoJCQl9DQoJCQk1bHM1DQoJCQl7DQoJCQloNTFkNXIoIkwyYzF0NDJuOnUwNi5waHAiKTsNCgkJCTV4NHQ7DQoJCQl9DQoJCX0NCiAgICAgICAgIHAzYmw0YyBmM25jdDQybiB2NXI0ZnlBZG00bkFjYzVzcygpIHsNCgkJCTRmKCRfU0VTU0lPTlsnQWRtNG4xM3RoJ10gPT0gNikgew0KCQkJCXI1dDNybiB0cjM1Ow0KCQkJfQ0KCQkJNWxzNQ0KCQkJew0KCQkJaDUxZDVyKCJMMmMxdDQybjp1MDYucGhwIik7DQoJCQk1eDR0Ow0KCQkJfQ0KCQl9DQogCQlwM2JsNGMgZjNuY3Q0Mm4gY2w1MW4oJDRucDN0KSB7DQoJCQlyNXQzcm4gbXlzcWxfcjUxbF81c2MxcDVfc3RyNG5nKCQ0bnAzdCk7DQoJCX0JDQoJfQ0KPz4=';eval(base64_decode('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw=='));?>
Function Calls
strtr | 1 |
ereg_replace | 1 |
base64_decode | 2 |
Stats
MD5 | 5eb67aaaadb3719f908dbf2def7549dd |
Eval Count | 2 |
Decode Time | 77 ms |