Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php session_start(); if (isset($_SESSION['user'])) { header('Location: index...
Decoded Output download
<?php
session_start();
if (isset($_SESSION['user'])) {
header('Location: index.php');
exit();
}
include_once 'db.php';
include_once 'header.php';
if (isset($_POST['email'])) {
$conn = db_connect();
$email = $_POST['email'];
// check if the email is valid
if (!preg_match('/^[a-zA-Z0-9_\.\@]+$/', $email)) {
echo "<div class='alert alert-danger'>Invalid email</div>";
} else {
// check if the user exists
$sql = "SELECT * FROM users WHERE email = '$email'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
if (isset($_POST['password'])) {
// check password
$row = $result->fetch_assoc();
if ($row['password'] === $_POST['password']) {
$_SESSION['user'] = $row['id'];
echo "<meta http-equiv='refresh' content='0;url=/'>";
} else {
echo "<div class='alert alert-danger'>Invalid password</div>";
}
} else {
echo "<div class='alert alert-danger'>Email already registered</div>";
}
} else {
if (isset($_POST['password'])) {
echo "<div class='alert alert-danger'>User not found, please register first</div>";
} else {
// create a new user
$id = bin2hex(random_bytes(16));
$password = bin2hex(random_bytes(8));
$sql = "INSERT INTO users (id, email, username, password) VALUES ('$id', '$email', ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $_POST['username'] , $password);
if (!$stmt->execute()) {
echo "Error creating user";
$stmt->close();
$conn->close();
exit();
}
echo "<div class='alert alert-success'>User created! Your password is \"$password\"</div>";
$stmt->close();
}
}
$conn->close();
}
}
?>
<div class=container>
<div class="row align-items-start">
<div class="col-6">
<h3>Register</h3>
<form method="post" class="mt-4 mx-4">
<input type="text" class="form-control my-2" name="username" placeholder="username" required>
<input type="text" class="form-control my-2" name="email" placeholder="email" minlength="5" required>
<input type="submit" class="btn btn-primary my-2 w-100" value="Register">
</form>
</div>
<div class="col-6">
<h3>Login</h3>
<form method="post" class="mt-4">
<textarea type="text" class="form-control my-2" name="email" placeholder="email" required></textarea>
<input type="password" class="form-control my-2" name="password" placeholder="password" required>
<input type="submit" class="btn btn-primary my-2 w-100" value="Login">
</form>
</div>
</div>
</div>Did this file decode correctly?
Original Code
<?php
session_start();
if (isset($_SESSION['user'])) {
header('Location: index.php');
exit();
}
include_once 'db.php';
include_once 'header.php';
if (isset($_POST['email'])) {
$conn = db_connect();
$email = $_POST['email'];
// check if the email is valid
if (!preg_match('/^[a-zA-Z0-9_\.\@]+$/', $email)) {
echo "<div class='alert alert-danger'>Invalid email</div>";
} else {
// check if the user exists
$sql = "SELECT * FROM users WHERE email = '$email'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
if (isset($_POST['password'])) {
// check password
$row = $result->fetch_assoc();
if ($row['password'] === $_POST['password']) {
$_SESSION['user'] = $row['id'];
echo "<meta http-equiv='refresh' content='0;url=/'>";
} else {
echo "<div class='alert alert-danger'>Invalid password</div>";
}
} else {
echo "<div class='alert alert-danger'>Email already registered</div>";
}
} else {
if (isset($_POST['password'])) {
echo "<div class='alert alert-danger'>User not found, please register first</div>";
} else {
// create a new user
$id = bin2hex(random_bytes(16));
$password = bin2hex(random_bytes(8));
$sql = "INSERT INTO users (id, email, username, password) VALUES ('$id', '$email', ?, ?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param('ss', $_POST['username'] , $password);
if (!$stmt->execute()) {
echo "Error creating user";
$stmt->close();
$conn->close();
exit();
}
echo "<div class='alert alert-success'>User created! Your password is \"$password\"</div>";
$stmt->close();
}
}
$conn->close();
}
}
?>
<div class=container>
<div class="row align-items-start">
<div class="col-6">
<h3>Register</h3>
<form method="post" class="mt-4 mx-4">
<input type="text" class="form-control my-2" name="username" placeholder="username" required>
<input type="text" class="form-control my-2" name="email" placeholder="email" minlength="5" required>
<input type="submit" class="btn btn-primary my-2 w-100" value="Register">
</form>
</div>
<div class="col-6">
<h3>Login</h3>
<form method="post" class="mt-4">
<textarea type="text" class="form-control my-2" name="email" placeholder="email" required></textarea>
<input type="password" class="form-control my-2" name="password" placeholder="password" required>
<input type="submit" class="btn btn-primary my-2 w-100" value="Login">
</form>
</div>
</div>
</div>Function Calls
| header | 1 |
| session_start | 1 |
Stats
| MD5 | 6d2c4daaa086d5a6e018d9d80930ed84 |
| Eval Count | 0 |
| Decode Time | 78 ms |