Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval("?>".base64_decode("ZnVuY3Rpb24gY2hlY2tfbGljZW5zZSgkbGljZW5zZWtleSwkbG9jYWxrZXk..

Decoded Output download

?>b'function check_license($licensekey,$localkey="") {
	$licenserurl = "http://127.0.0.1/licenserv1/";//URL To Licenser
	$licensing_secret_key = "v7x499br"; # Unique value, should match what is set in the product configuration for MD5 Hash Verification
	$check_token = time().md5(mt_rand(1000000000,9999999999).$licensekey);
	$checkdate = date("Ymd"); # Current date
	$usersip = isset($_SERVER[\'SERVER_ADDR\']) ? $_SERVER[\'SERVER_ADDR\'] : $_SERVER[\'LOCAL_ADDR\'];
	$localkeydays = 15; # How long the local key is valid for in between remote checks
	$allowcheckfaildays = 5; # How many days to allow after local key expiry before blocking access if connection cannot be made
	$localkeyvalid = false;
	if ($localkey) {
		$localkey = str_replace("
",\'\',$localkey); # Remove the line breaks
		$localdata = substr($localkey,0,strlen($localkey)-32); # Extract License Data
		$md5hash = substr($localkey,strlen($localkey)-32); # Extract MD5 Hash
		if ($md5hash==md5($localdata.$licensing_secret_key)) {
			$localdata = strrev($localdata); # Reverse the string
			$md5hash = substr($localdata,0,32); # Extract MD5 Hash
			$localdata = substr($localdata,32); # Extract License Data
			$localdata = base64_decode($localdata);
			$localkeyresults = unserialize($localdata);
			$originalcheckdate = $localkeyresults["checkdate"];
			if ($md5hash==md5($originalcheckdate.$licensing_secret_key)) {
				$localexpiry = date("Ymd",mktime(0,0,0,date("m"),date("d")-$localkeydays,date("Y")));
				if ($originalcheckdate>$localexpiry) {
					$localkeyvalid = true;
					$results = $localkeyresults;
					$validdomains = explode(",",$results["validdomain"]);
					if (!in_array($_SERVER[\'SERVER_NAME\'], $validdomains)) {
						$localkeyvalid = false;
						$localkeyresults["status"] = "Invalid";
						$results = array();
					}
					$validips = explode(",",$results["validip"]);
					if (!in_array($usersip, $validips)) {
						$localkeyvalid = false;
						$localkeyresults["status"] = "Invalid";
						$results = array();
					}
					if ($results["validdirectory"]!=dirname(__FILE__)) {
						$localkeyvalid = false;
						$localkeyresults["status"] = "Invalid";
						$results = array();
					}
				}
			}
		}
	}
	if (!$localkeyvalid) {
		$postfields["licensekey"] = $licensekey;
		$postfields["domain"] = $_SERVER[\'SERVER_NAME\'];
		$postfields["ip"] = $usersip;
		$postfields["dir"] = dirname(__FILE__);
		if ($check_token) $postfields["check_token"] = $check_token;
		if (function_exists("curl_exec")) {
			$ch = curl_init();
			curl_setopt($ch, CURLOPT_URL, $licenserurl."checkLic.php");
			curl_setopt($ch, CURLOPT_POST, 1);
			curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
			curl_setopt($ch, CURLOPT_TIMEOUT, 30);
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
			$data = curl_exec($ch);
			curl_close($ch);
		} else {
			$fp = fsockopen($licenserurl, 80, $errno, $errstr, 5);
			if ($fp) {
				$querystring = "";
				foreach ($postfields AS $k=>$v) {
					$querystring .= "$k=".urlencode($v)."&";
				}
				$header="POST ".$licenserurl."checkLic.php HTTP/1.0
";
				$header.="Host: ".$licenserurl."
";
				$header.="Content-type: application/x-www-form-urlencoded
";
				$header.="Content-length: ".@strlen($querystring)."
";
				$header.="Connection: close

";
				$header.=$querystring;
				$data="";
				@stream_set_timeout($fp, 20);
				@fputs($fp, $header);
				$status = @socket_get_status($fp);
				while (!@feof($fp)&&$status) {
					$data .= @fgets($fp, 1024);
					$status = @socket_get_status($fp);
				}
				@fclose ($fp);
			}
		}
		if (!$data) {
			$localexpiry = date("Ymd",mktime(0,0,0,date("m"),date("d")-($localkeydays+$allowcheckfaildays),date("Y")));
			if ($originalcheckdate>$localexpiry) {
				$results = $localkeyresults;
			} else {
				$results["status"] = "Invalid";
				$results["description"] = "Remote Check Failed";
				return $results;
			}
		} else {
			preg_match_all(\'/<(.*?)>([^<]+)<\/\1>/i\', $data, $matches);
			$results = array();
			foreach ($matches[1] AS $k=>$v) {
				$results[$v] = $matches[2][$k];
			}
		}
		if (isset($results["md5hash"])) {
			echo $results["md5hash"]."<br />".md5($licensing_secret_key.$check_token);
			if ($results["md5hash"]!=md5($licensing_secret_key.$check_token)) {
				$results["status"] = "Invalid";
				$results["description"] = "MD5 Checksum Verification Failed";
				return $results;
			}
		}
		if ($results["status"]=="Active") {
			$results["checkdate"] = $checkdate;
			$data_encoded = serialize($results);
			$data_encoded = base64_encode($data_encoded);
			$data_encoded = md5($checkdate.$licensing_secret_key).$data_encoded;
			$data_encoded = strrev($data_encoded);
			$data_encoded = $data_encoded.md5($data_encoded.$licensing_secret_key);
			$data_encoded = wordwrap($data_encoded,80,"
",true);
			$results["localkey"] = $data_encoded;
		}
		$results["remotecheck"] = true;
	}
	unset($postfields,$data,$matches,$licenserurl,$licensing_secret_key,$checkdate,$usersip,$localkeydays,$allowcheckfaildays,$md5hash);
	return $results;
}'

Did this file decode correctly?

Original Code

<?php eval("?>".base64_decode("ZnVuY3Rpb24gY2hlY2tfbGljZW5zZSgkbGljZW5zZWtleSwkbG9jYWxrZXk9IiIpIHsNCgkkbGljZW5zZXJ1cmwgPSAiaHR0cDovLzEyNy4wLjAuMS9saWNlbnNlcnYxLyI7Ly9VUkwgVG8gTGljZW5zZXINCgkkbGljZW5zaW5nX3NlY3JldF9rZXkgPSAidjd4NDk5YnIiOyAjIFVuaXF1ZSB2YWx1ZSwgc2hvdWxkIG1hdGNoIHdoYXQgaXMgc2V0IGluIHRoZSBwcm9kdWN0IGNvbmZpZ3VyYXRpb24gZm9yIE1ENSBIYXNoIFZlcmlmaWNhdGlvbg0KCSRjaGVja190b2tlbiA9IHRpbWUoKS5tZDUobXRfcmFuZCgxMDAwMDAwMDAwLDk5OTk5OTk5OTkpLiRsaWNlbnNla2V5KTsNCgkkY2hlY2tkYXRlID0gZGF0ZSgiWW1kIik7ICMgQ3VycmVudCBkYXRlDQoJJHVzZXJzaXAgPSBpc3NldCgkX1NFUlZFUlsnU0VSVkVSX0FERFInXSkgPyAkX1NFUlZFUlsnU0VSVkVSX0FERFInXSA6ICRfU0VSVkVSWydMT0NBTF9BRERSJ107DQoJJGxvY2Fsa2V5ZGF5cyA9IDE1OyAjIEhvdyBsb25nIHRoZSBsb2NhbCBrZXkgaXMgdmFsaWQgZm9yIGluIGJldHdlZW4gcmVtb3RlIGNoZWNrcw0KCSRhbGxvd2NoZWNrZmFpbGRheXMgPSA1OyAjIEhvdyBtYW55IGRheXMgdG8gYWxsb3cgYWZ0ZXIgbG9jYWwga2V5IGV4cGlyeSBiZWZvcmUgYmxvY2tpbmcgYWNjZXNzIGlmIGNvbm5lY3Rpb24gY2Fubm90IGJlIG1hZGUNCgkkbG9jYWxrZXl2YWxpZCA9IGZhbHNlOw0KCWlmICgkbG9jYWxrZXkpIHsNCgkJJGxvY2Fsa2V5ID0gc3RyX3JlcGxhY2UoIlxuIiwnJywkbG9jYWxrZXkpOyAjIFJlbW92ZSB0aGUgbGluZSBicmVha3MNCgkJJGxvY2FsZGF0YSA9IHN1YnN0cigkbG9jYWxrZXksMCxzdHJsZW4oJGxvY2Fsa2V5KS0zMik7ICMgRXh0cmFjdCBMaWNlbnNlIERhdGENCgkJJG1kNWhhc2ggPSBzdWJzdHIoJGxvY2Fsa2V5LHN0cmxlbigkbG9jYWxrZXkpLTMyKTsgIyBFeHRyYWN0IE1ENSBIYXNoDQoJCWlmICgkbWQ1aGFzaD09bWQ1KCRsb2NhbGRhdGEuJGxpY2Vuc2luZ19zZWNyZXRfa2V5KSkgew0KCQkJJGxvY2FsZGF0YSA9IHN0cnJldigkbG9jYWxkYXRhKTsgIyBSZXZlcnNlIHRoZSBzdHJpbmcNCgkJCSRtZDVoYXNoID0gc3Vic3RyKCRsb2NhbGRhdGEsMCwzMik7ICMgRXh0cmFjdCBNRDUgSGFzaA0KCQkJJGxvY2FsZGF0YSA9IHN1YnN0cigkbG9jYWxkYXRhLDMyKTsgIyBFeHRyYWN0IExpY2Vuc2UgRGF0YQ0KCQkJJGxvY2FsZGF0YSA9IGJhc2U2NF9kZWNvZGUoJGxvY2FsZGF0YSk7DQoJCQkkbG9jYWxrZXlyZXN1bHRzID0gdW5zZXJpYWxpemUoJGxvY2FsZGF0YSk7DQoJCQkkb3JpZ2luYWxjaGVja2RhdGUgPSAkbG9jYWxrZXlyZXN1bHRzWyJjaGVja2RhdGUiXTsNCgkJCWlmICgkbWQ1aGFzaD09bWQ1KCRvcmlnaW5hbGNoZWNrZGF0ZS4kbGljZW5zaW5nX3NlY3JldF9rZXkpKSB7DQoJCQkJJGxvY2FsZXhwaXJ5ID0gZGF0ZSgiWW1kIixta3RpbWUoMCwwLDAsZGF0ZSgibSIpLGRhdGUoImQiKS0kbG9jYWxrZXlkYXlzLGRhdGUoIlkiKSkpOw0KCQkJCWlmICgkb3JpZ2luYWxjaGVja2RhdGU+JGxvY2FsZXhwaXJ5KSB7DQoJCQkJCSRsb2NhbGtleXZhbGlkID0gdHJ1ZTsNCgkJCQkJJHJlc3VsdHMgPSAkbG9jYWxrZXlyZXN1bHRzOw0KCQkJCQkkdmFsaWRkb21haW5zID0gZXhwbG9kZSgiLCIsJHJlc3VsdHNbInZhbGlkZG9tYWluIl0pOw0KCQkJCQlpZiAoIWluX2FycmF5KCRfU0VSVkVSWydTRVJWRVJfTkFNRSddLCAkdmFsaWRkb21haW5zKSkgew0KCQkJCQkJJGxvY2Fsa2V5dmFsaWQgPSBmYWxzZTsNCgkJCQkJCSRsb2NhbGtleXJlc3VsdHNbInN0YXR1cyJdID0gIkludmFsaWQiOw0KCQkJCQkJJHJlc3VsdHMgPSBhcnJheSgpOw0KCQkJCQl9DQoJCQkJCSR2YWxpZGlwcyA9IGV4cGxvZGUoIiwiLCRyZXN1bHRzWyJ2YWxpZGlwIl0pOw0KCQkJCQlpZiAoIWluX2FycmF5KCR1c2Vyc2lwLCAkdmFsaWRpcHMpKSB7DQoJCQkJCQkkbG9jYWxrZXl2YWxpZCA9IGZhbHNlOw0KCQkJCQkJJGxvY2Fsa2V5cmVzdWx0c1sic3RhdHVzIl0gPSAiSW52YWxpZCI7DQoJCQkJCQkkcmVzdWx0cyA9IGFycmF5KCk7DQoJCQkJCX0NCgkJCQkJaWYgKCRyZXN1bHRzWyJ2YWxpZGRpcmVjdG9yeSJdIT1kaXJuYW1lKF9fRklMRV9fKSkgew0KCQkJCQkJJGxvY2Fsa2V5dmFsaWQgPSBmYWxzZTsNCgkJCQkJCSRsb2NhbGtleXJlc3VsdHNbInN0YXR1cyJdID0gIkludmFsaWQiOw0KCQkJCQkJJHJlc3VsdHMgPSBhcnJheSgpOw0KCQkJCQl9DQoJCQkJfQ0KCQkJfQ0KCQl9DQoJfQ0KCWlmICghJGxvY2Fsa2V5dmFsaWQpIHsNCgkJJHBvc3RmaWVsZHNbImxpY2Vuc2VrZXkiXSA9ICRsaWNlbnNla2V5Ow0KCQkkcG9zdGZpZWxkc1siZG9tYWluIl0gPSAkX1NFUlZFUlsnU0VSVkVSX05BTUUnXTsNCgkJJHBvc3RmaWVsZHNbImlwIl0gPSAkdXNlcnNpcDsNCgkJJHBvc3RmaWVsZHNbImRpciJdID0gZGlybmFtZShfX0ZJTEVfXyk7DQoJCWlmICgkY2hlY2tfdG9rZW4pICRwb3N0ZmllbGRzWyJjaGVja190b2tlbiJdID0gJGNoZWNrX3Rva2VuOw0KCQlpZiAoZnVuY3Rpb25fZXhpc3RzKCJjdXJsX2V4ZWMiKSkgew0KCQkJJGNoID0gY3VybF9pbml0KCk7DQoJCQljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVJMLCAkbGljZW5zZXJ1cmwuImNoZWNrTGljLnBocCIpOw0KCQkJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1BPU1QsIDEpOw0KCQkJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1BPU1RGSUVMRFMsICRwb3N0ZmllbGRzKTsNCgkJCWN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9USU1FT1VULCAzMCk7DQoJCQljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIDEpOw0KCQkJJGRhdGEgPSBjdXJsX2V4ZWMoJGNoKTsNCgkJCWN1cmxfY2xvc2UoJGNoKTsNCgkJfSBlbHNlIHsNCgkJCSRmcCA9IGZzb2Nrb3BlbigkbGljZW5zZXJ1cmwsIDgwLCAkZXJybm8sICRlcnJzdHIsIDUpOw0KCQkJaWYgKCRmcCkgew0KCQkJCSRxdWVyeXN0cmluZyA9ICIiOw0KCQkJCWZvcmVhY2ggKCRwb3N0ZmllbGRzIEFTICRrPT4kdikgew0KCQkJCQkkcXVlcnlzdHJpbmcgLj0gIiRrPSIudXJsZW5jb2RlKCR2KS4iJiI7DQoJCQkJfQ0KCQkJCSRoZWFkZXI9IlBPU1QgIi4kbGljZW5zZXJ1cmwuImNoZWNrTGljLnBocCBIVFRQLzEuMFxyXG4iOw0KCQkJCSRoZWFkZXIuPSJIb3N0OiAiLiRsaWNlbnNlcnVybC4iXHJcbiI7DQoJCQkJJGhlYWRlci49IkNvbnRlbnQtdHlwZTogYXBwbGljYXRpb24veC13d3ctZm9ybS11cmxlbmNvZGVkXHJcbiI7DQoJCQkJJGhlYWRlci49IkNvbnRlbnQtbGVuZ3RoOiAiLkBzdHJsZW4oJHF1ZXJ5c3RyaW5nKS4iXHJcbiI7DQoJCQkJJGhlYWRlci49IkNvbm5lY3Rpb246IGNsb3NlXHJcblxyXG4iOw0KCQkJCSRoZWFkZXIuPSRxdWVyeXN0cmluZzsNCgkJCQkkZGF0YT0iIjsNCgkJCQlAc3RyZWFtX3NldF90aW1lb3V0KCRmcCwgMjApOw0KCQkJCUBmcHV0cygkZnAsICRoZWFkZXIpOw0KCQkJCSRzdGF0dXMgPSBAc29ja2V0X2dldF9zdGF0dXMoJGZwKTsNCgkJCQl3aGlsZSAoIUBmZW9mKCRmcCkmJiRzdGF0dXMpIHsNCgkJCQkJJGRhdGEgLj0gQGZnZXRzKCRmcCwgMTAyNCk7DQoJCQkJCSRzdGF0dXMgPSBAc29ja2V0X2dldF9zdGF0dXMoJGZwKTsNCgkJCQl9DQoJCQkJQGZjbG9zZSAoJGZwKTsNCgkJCX0NCgkJfQ0KCQlpZiAoISRkYXRhKSB7DQoJCQkkbG9jYWxleHBpcnkgPSBkYXRlKCJZbWQiLG1rdGltZSgwLDAsMCxkYXRlKCJtIiksZGF0ZSgiZCIpLSgkbG9jYWxrZXlkYXlzKyRhbGxvd2NoZWNrZmFpbGRheXMpLGRhdGUoIlkiKSkpOw0KCQkJaWYgKCRvcmlnaW5hbGNoZWNrZGF0ZT4kbG9jYWxleHBpcnkpIHsNCgkJCQkkcmVzdWx0cyA9ICRsb2NhbGtleXJlc3VsdHM7DQoJCQl9IGVsc2Ugew0KCQkJCSRyZXN1bHRzWyJzdGF0dXMiXSA9ICJJbnZhbGlkIjsNCgkJCQkkcmVzdWx0c1siZGVzY3JpcHRpb24iXSA9ICJSZW1vdGUgQ2hlY2sgRmFpbGVkIjsNCgkJCQlyZXR1cm4gJHJlc3VsdHM7DQoJCQl9DQoJCX0gZWxzZSB7DQoJCQlwcmVnX21hdGNoX2FsbCgnLzwoLio/KT4oW148XSspPFwvXFwxPi9pJywgJGRhdGEsICRtYXRjaGVzKTsNCgkJCSRyZXN1bHRzID0gYXJyYXkoKTsNCgkJCWZvcmVhY2ggKCRtYXRjaGVzWzFdIEFTICRrPT4kdikgew0KCQkJCSRyZXN1bHRzWyR2XSA9ICRtYXRjaGVzWzJdWyRrXTsNCgkJCX0NCgkJfQ0KCQlpZiAoaXNzZXQoJHJlc3VsdHNbIm1kNWhhc2giXSkpIHsNCgkJCWVjaG8gJHJlc3VsdHNbIm1kNWhhc2giXS4iPGJyIC8+Ii5tZDUoJGxpY2Vuc2luZ19zZWNyZXRfa2V5LiRjaGVja190b2tlbik7DQoJCQlpZiAoJHJlc3VsdHNbIm1kNWhhc2giXSE9bWQ1KCRsaWNlbnNpbmdfc2VjcmV0X2tleS4kY2hlY2tfdG9rZW4pKSB7DQoJCQkJJHJlc3VsdHNbInN0YXR1cyJdID0gIkludmFsaWQiOw0KCQkJCSRyZXN1bHRzWyJkZXNjcmlwdGlvbiJdID0gIk1ENSBDaGVja3N1bSBWZXJpZmljYXRpb24gRmFpbGVkIjsNCgkJCQlyZXR1cm4gJHJlc3VsdHM7DQoJCQl9DQoJCX0NCgkJaWYgKCRyZXN1bHRzWyJzdGF0dXMiXT09IkFjdGl2ZSIpIHsNCgkJCSRyZXN1bHRzWyJjaGVja2RhdGUiXSA9ICRjaGVja2RhdGU7DQoJCQkkZGF0YV9lbmNvZGVkID0gc2VyaWFsaXplKCRyZXN1bHRzKTsNCgkJCSRkYXRhX2VuY29kZWQgPSBiYXNlNjRfZW5jb2RlKCRkYXRhX2VuY29kZWQpOw0KCQkJJGRhdGFfZW5jb2RlZCA9IG1kNSgkY2hlY2tkYXRlLiRsaWNlbnNpbmdfc2VjcmV0X2tleSkuJGRhdGFfZW5jb2RlZDsNCgkJCSRkYXRhX2VuY29kZWQgPSBzdHJyZXYoJGRhdGFfZW5jb2RlZCk7DQoJCQkkZGF0YV9lbmNvZGVkID0gJGRhdGFfZW5jb2RlZC5tZDUoJGRhdGFfZW5jb2RlZC4kbGljZW5zaW5nX3NlY3JldF9rZXkpOw0KCQkJJGRhdGFfZW5jb2RlZCA9IHdvcmR3cmFwKCRkYXRhX2VuY29kZWQsODAsIlxuIix0cnVlKTsNCgkJCSRyZXN1bHRzWyJsb2NhbGtleSJdID0gJGRhdGFfZW5jb2RlZDsNCgkJfQ0KCQkkcmVzdWx0c1sicmVtb3RlY2hlY2siXSA9IHRydWU7DQoJfQ0KCXVuc2V0KCRwb3N0ZmllbGRzLCRkYXRhLCRtYXRjaGVzLCRsaWNlbnNlcnVybCwkbGljZW5zaW5nX3NlY3JldF9rZXksJGNoZWNrZGF0ZSwkdXNlcnNpcCwkbG9jYWxrZXlkYXlzLCRhbGxvd2NoZWNrZmFpbGRheXMsJG1kNWhhc2gpOw0KCXJldHVybiAkcmVzdWx0czsNCn0=")); ?>

Function Calls

base64_decode 1

Variables

None

Stats

MD5 86c65889342cfec7122c2ddf9c9ef9fc
Eval Count 1
Decode Time 103 ms