Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto Lg1AC; ZbQFn: include "\x64\142\x63\157\156\156\145\143\x74\56\160\150\160"; ..
Decoded Output download
<?php
goto Lg1AC; ZbQFn: include "dbconnect.php"; goto HuQ6t; n85NM: if ($action == "login") { if (!empty($_POST["username"]) && !empty($_POST["password"])) { if ($_POST["password"] === "poc123") { $_SESSION["userlogin"] = "Yes"; $_SESSION["username"] = $_POST["username"]; sqlsrv_close($conn); echo "success"; } } else { sqlsrv_close($conn); echo "fail"; } } else { $id = $_POST["id"]; $_SESSION["rtu_id"] = $id; $json = "select * from ANALOGSPOTDATA where CLientid=" . $clientid . " and rtunumber=" . $id; $tsql = $json; $stmt = sqlsrv_query($conn, $tsql); $spotdata = array(); do { while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) { $spotdata[] = $row; } } while (sqlsrv_next_result($stmt)); sqlsrv_free_stmt($stmt); $json2 = "
select TOP 10 DateTimeField,tag1 as [VRY],tag2 as [VYB],tag3 as [VBR],tag5 as [IR],tag7 as \xa[IY],tag8 as [IB],tag21 as[AIR],tag22 as[AIY],tag23 as[AIB] ,tag26 as[AVRN],tag27 as[AVYN],tag28 as[AVBN],tag10 AS[KW] \xafrom AnalogData" . $clientid . " where rtunumber=" . $id . " and cast(DateTimeField as Date) = cast(getdate() as Date) and EXISTS
(select * from analogspotdata where clientid=" . $clientid . " and rtunumber=" . $id . ")order by DateTimeField desc"; $tsq2 = $json2; $stmt2 = sqlsrv_query($conn, $tsq2); $listdata = array(); do { while ($row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC)) { $listdata[] = $row; } } while (sqlsrv_next_result($stmt2)); sqlsrv_free_stmt($stmt2); $json3 = "select * from DIGITALSPOTDATA where CLientid=" . $clientid . " and rtunumber=" . $id; $tsq3 = $json3; $stmt3 = sqlsrv_query($conn, $tsq3); $dspotdata = array(); do { while ($row = sqlsrv_fetch_array($stmt3, SQLSRV_FETCH_ASSOC)) { $dspotdata[] = $row; } } while (sqlsrv_next_result($stmt3)); sqlsrv_free_stmt($stmt3); $json3 = "SELECT * from OUTGOINGSMS" . $clientid . " where CREATEDON = (SELECT MAX(CREATEDON) FROM OUTGOINGSMS" . $clientid . ")"; $tsq3 = $json3; $stmt3 = sqlsrv_query($conn, $tsq3); $readdata = array(); do { while ($row = sqlsrv_fetch_array($stmt3, SQLSRV_FETCH_ASSOC)) { $readdata[] = $row; } } while (sqlsrv_next_result($stmt3)); sqlsrv_free_stmt($stmt3); $response = array("spotdata" => $spotdata, "listdata" => $listdata, "dspotdata" => $dspotdata, "readdata" => $readdata); echo json_encode($response, JSON_INVALID_UTF8_IGNORE); sqlsrv_close($conn); } goto SXqQC; tWF5t: $action = isset($_REQUEST["action"]) ? $_REQUEST["action"] : "list"; goto n85NM; HuQ6t: if ($conn === false) { echo "Unable to connect.</br>"; die(print_r(sqlsrv_errors(), true)); sqlsrv_close($conn); } else { if ($token != "123") { die(print_r("Can't Authorise User", true)); } else { } } goto tWF5t; Lg1AC: session_start(); goto ZbQFn; SXqQC: ?>Did this file decode correctly?
Original Code
<?php
goto Lg1AC; ZbQFn: include "\x64\142\x63\157\156\156\145\143\x74\56\160\150\160"; goto HuQ6t; n85NM: if ($action == "\154\157\147\151\x6e") { if (!empty($_POST["\165\163\145\162\x6e\x61\155\x65"]) && !empty($_POST["\160\141\163\163\167\x6f\162\x64"])) { if ($_POST["\160\141\163\x73\167\157\x72\144"] === "\x70\157\143\x31\62\63") { $_SESSION["\x75\163\145\162\154\157\147\151\156"] = "\131\145\163"; $_SESSION["\x75\x73\145\162\x6e\x61\x6d\145"] = $_POST["\x75\x73\x65\x72\x6e\141\x6d\145"]; sqlsrv_close($conn); echo "\163\x75\143\143\145\163\163"; } } else { sqlsrv_close($conn); echo "\146\141\151\x6c"; } } else { $id = $_POST["\151\x64"]; $_SESSION["\162\164\x75\x5f\151\x64"] = $id; $json = "\163\x65\x6c\145\x63\164\40\52\x20\146\162\x6f\155\40\x41\x4e\101\114\117\x47\x53\x50\117\x54\x44\x41\124\101\40\167\x68\x65\162\x65\40\103\114\x69\145\x6e\164\x69\144\x3d" . $clientid . "\40\141\x6e\x64\40\162\164\x75\156\165\x6d\142\x65\162\75" . $id; $tsql = $json; $stmt = sqlsrv_query($conn, $tsql); $spotdata = array(); do { while ($row = sqlsrv_fetch_array($stmt, SQLSRV_FETCH_ASSOC)) { $spotdata[] = $row; } } while (sqlsrv_next_result($stmt)); sqlsrv_free_stmt($stmt); $json2 = "\12\163\x65\154\145\143\x74\x20\124\117\120\x20\61\x30\x20\104\141\164\x65\124\x69\155\x65\x46\151\x65\x6c\x64\54\164\141\x67\61\40\x61\163\x20\x5b\126\122\x59\135\54\x74\141\x67\62\40\x61\x73\x20\133\x56\x59\102\135\x2c\164\141\147\63\40\x61\x73\x20\x5b\x56\x42\x52\135\x2c\x74\141\x67\x35\x20\x61\x73\x20\x5b\x49\x52\135\54\x74\x61\x67\x37\40\x61\x73\40\xa\133\111\x59\x5d\54\164\x61\x67\x38\x20\141\x73\40\x5b\111\102\x5d\x2c\x74\x61\147\62\x31\40\141\163\133\101\111\122\x5d\x2c\164\141\147\62\62\40\141\163\x5b\101\x49\x59\x5d\x2c\x74\x61\147\x32\x33\40\141\x73\133\x41\111\102\135\x20\x2c\x74\x61\147\62\x36\x20\x61\x73\x5b\x41\126\122\x4e\135\x2c\x74\141\x67\x32\67\40\x61\163\133\x41\x56\x59\116\135\54\x74\x61\147\62\x38\x20\x61\163\x5b\x41\x56\102\x4e\135\x2c\164\x61\147\x31\x30\x20\101\123\133\x4b\x57\x5d\x20\40\xa\x66\162\157\155\x20\101\156\141\154\x6f\x67\104\x61\x74\x61" . $clientid . "\x20\x20\167\x68\x65\162\145\x20\162\164\165\x6e\165\x6d\x62\145\x72\75" . $id . "\x20\x61\156\144\40\143\141\x73\x74\x28\104\141\164\x65\124\151\155\145\106\151\x65\154\144\40\x61\x73\40\104\141\x74\x65\x29\x20\x3d\40\x63\x61\x73\x74\x28\147\x65\x74\x64\x61\x74\145\x28\51\40\x61\x73\40\x44\x61\x74\145\51\x20\x61\156\144\40\105\x58\x49\x53\124\123\40\12\12\x28\163\x65\154\145\143\x74\x20\52\40\x66\x72\157\x6d\x20\x61\x6e\141\x6c\157\147\x73\160\x6f\164\x64\141\164\141\x20\167\x68\145\162\x65\x20\x63\154\x69\145\x6e\164\x69\x64\x3d" . $clientid . "\40\40\x61\x6e\144\40\x72\164\x75\x6e\x75\155\x62\x65\162\x3d" . $id . "\x29\157\x72\x64\x65\162\40\x62\171\x20\104\141\x74\x65\x54\x69\x6d\x65\x46\x69\x65\x6c\x64\40\x64\145\x73\143"; $tsq2 = $json2; $stmt2 = sqlsrv_query($conn, $tsq2); $listdata = array(); do { while ($row = sqlsrv_fetch_array($stmt2, SQLSRV_FETCH_ASSOC)) { $listdata[] = $row; } } while (sqlsrv_next_result($stmt2)); sqlsrv_free_stmt($stmt2); $json3 = "\163\145\x6c\x65\x63\x74\40\52\40\146\x72\x6f\155\40\x44\111\x47\111\124\101\114\x53\x50\x4f\124\104\x41\124\101\x20\167\150\x65\x72\145\40\x43\114\151\145\x6e\164\x69\144\x3d" . $clientid . "\40\x61\156\x64\40\162\x74\x75\156\x75\x6d\x62\145\x72\75" . $id; $tsq3 = $json3; $stmt3 = sqlsrv_query($conn, $tsq3); $dspotdata = array(); do { while ($row = sqlsrv_fetch_array($stmt3, SQLSRV_FETCH_ASSOC)) { $dspotdata[] = $row; } } while (sqlsrv_next_result($stmt3)); sqlsrv_free_stmt($stmt3); $json3 = "\123\x45\x4c\105\103\x54\40\52\x20\146\x72\x6f\x6d\x20\x4f\125\124\x47\117\x49\116\x47\123\x4d\123" . $clientid . "\40\167\150\x65\x72\145\40\x43\122\x45\101\124\105\104\x4f\x4e\40\75\40\50\x53\x45\114\105\103\x54\40\115\x41\130\x28\x43\122\x45\x41\x54\x45\104\x4f\116\51\x20\40\106\x52\x4f\x4d\x20\117\x55\x54\x47\x4f\x49\116\x47\123\115\x53" . $clientid . "\x29"; $tsq3 = $json3; $stmt3 = sqlsrv_query($conn, $tsq3); $readdata = array(); do { while ($row = sqlsrv_fetch_array($stmt3, SQLSRV_FETCH_ASSOC)) { $readdata[] = $row; } } while (sqlsrv_next_result($stmt3)); sqlsrv_free_stmt($stmt3); $response = array("\163\160\157\164\x64\x61\x74\141" => $spotdata, "\x6c\x69\163\164\144\141\164\141" => $listdata, "\x64\x73\x70\157\x74\144\141\x74\x61" => $dspotdata, "\162\145\141\x64\x64\141\x74\x61" => $readdata); echo json_encode($response, JSON_INVALID_UTF8_IGNORE); sqlsrv_close($conn); } goto SXqQC; tWF5t: $action = isset($_REQUEST["\141\x63\164\151\x6f\156"]) ? $_REQUEST["\x61\x63\164\151\157\156"] : "\x6c\x69\163\x74"; goto n85NM; HuQ6t: if ($conn === false) { echo "\125\x6e\x61\x62\x6c\x65\40\164\157\x20\x63\157\x6e\156\x65\143\164\56\74\x2f\x62\162\x3e"; die(print_r(sqlsrv_errors(), true)); sqlsrv_close($conn); } else { if ($token != "\x31\x32\x33") { die(print_r("\x43\x61\x6e\x27\164\40\x41\x75\164\150\x6f\162\x69\x73\145\40\x55\x73\145\162", true)); } else { } } goto tWF5t; Lg1AC: session_start(); goto ZbQFn; SXqQC: ?>Function Calls
| None |
Stats
| MD5 | 80ac4f22c8d8a07708525b796c332c1c |
| Eval Count | 0 |
| Decode Time | 62 ms |