Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /** * WHMCS Licensing Addon - Integration Code Sample * https://www.whmcs.com/a..
Decoded Output download
<?php
/**
* WHMCS Licensing Addon - Integration Code Sample
* https://www.whmcs.com/addons/licensing-addon/
*
* The following code is a fully working code sample demonstrating how to
* perform license checks using the WHMCS Licensing Addon. It is PHP 4 and
* 5 compatible. Requires the WHMCS Licensing Addon to be used.
*
* @package WHMCS
* @author WHMCS Limited <[email protected]>
* @copyright Copyright (c) WHMCS Limited 2005-2018
* @license https://www.whmcs.com/license/ WHMCS Eula
* @version $Id$
* @link https://www.whmcs.com/
*/
/**
* If you are using this file as a template for your own module, once
* you've modified the code for your use, remove the exit above.
*/
// Replace "cloudlinuxvps-" with your own unique prefix to avoid conflicts with
// other instances of the licensing addon included within the same scope
function keypasswdcloudlinuxvps_check_license($licensekey, $localkey='') {
// -----------------------------------
// -- Configuration Values --
// -----------------------------------
// Enter the url to your WHMCS installation here
$whmcsurl = 'https://cloudlinuxvps.com/shop/';
// Must match what is specified in the MD5 Hash Verification field
// of the licensing product that will be used with this check.
$licensing_secret_key = 'keypasswdcloudlinuxvps';
// The number of days to wait between performing remote license checks
$localkeydays = 15;
// The number of days to allow failover for after local key expiry
$allowcheckfaildays = 5;
// -----------------------------------
// -- Do not edit below this line --
// -----------------------------------
$check_token = time() . md5(mt_rand(1000000000, 9999999999) . $licensekey);
$checkdate = date("Ymd");
$domain = $_SERVER['SERVER_NAME'];
$usersip = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : $_SERVER['LOCAL_ADDR'];
$dirpath = dirname(__FILE__);
$verifyfilepath = 'modules/servers/licensing/verify.php';
$localkeyvalid = false;
if ($localkey) {
$localkey = str_replace("
", '', $localkey); # Remove the line breaks
$localdata = substr($localkey, 0, strlen($localkey) - 32); # Extract License Data
$md5hash = substr($localkey, strlen($localkey) - 32); # Extract MD5 Hash
if ($md5hash == md5($localdata . $licensing_secret_key)) {
$localdata = strrev($localdata); # Reverse the string
$md5hash = substr($localdata, 0, 32); # Extract MD5 Hash
$localdata = substr($localdata, 32); # Extract License Data
$localdata = base64_decode($localdata);
$localkeyresults = json_decode($localdata, true);
$originalcheckdate = $localkeyresults['checkdate'];
if ($md5hash == md5($originalcheckdate . $licensing_secret_key)) {
$localexpiry = date("Ymd", mktime(0, 0, 0, date("m"), date("d") - $localkeydays, date("Y")));
if ($originalcheckdate > $localexpiry) {
$localkeyvalid = true;
$results = $localkeyresults;
$validdomains = explode(',', $results['validdomain']);
if (!in_array($_SERVER['SERVER_NAME'], $validdomains)) {
$localkeyvalid = false;
$localkeyresults['status'] = "Invalid";
$results = array();
}
$validips = explode(',', $results['validip']);
if (!in_array($usersip, $validips)) {
$localkeyvalid = false;
$localkeyresults['status'] = "Invalid";
$results = array();
}
$validdirs = explode(',', $results['validdirectory']);
if (!in_array($dirpath, $validdirs)) {
$localkeyvalid = false;
$localkeyresults['status'] = "Invalid";
$results = array();
}
}
}
}
}
if (!$localkeyvalid) {
$responseCode = 0;
$postfields = array(
'licensekey' => $licensekey,
'domain' => $domain,
'ip' => $usersip,
'dir' => $dirpath,
);
if ($check_token) $postfields['check_token'] = $check_token;
$query_string = '';
foreach ($postfields AS $k=>$v) {
$query_string .= $k.'='.urlencode($v).'&';
}
if (function_exists('curl_exec')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $whmcsurl . $verifyfilepath);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$data = curl_exec($ch);
$responseCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
} else {
$responseCodePattern = '/^HTTP\/\d+\.\d+\s+(\d+)/';
$fp = @fsockopen($whmcsurl, 80, $errno, $errstr, 5);
if ($fp) {
$newlinefeed = "
";
$header = "POST ".$whmcsurl . $verifyfilepath . " HTTP/1.0" . $newlinefeed;
$header .= "Host: ".$whmcsurl . $newlinefeed;
$header .= "Content-type: application/x-www-form-urlencoded" . $newlinefeed;
$header .= "Content-length: ".@strlen($query_string) . $newlinefeed;
$header .= "Connection: close" . $newlinefeed . $newlinefeed;
$header .= $query_string;
$data = $line = '';
@stream_set_timeout($fp, 20);
@fputs($fp, $header);
$status = @socket_get_status($fp);
while (!@feof($fp)&&$status) {
$line = @fgets($fp, 1024);
$patternMatches = array();
if (!$responseCode
&& preg_match($responseCodePattern, trim($line), $patternMatches)
) {
$responseCode = (empty($patternMatches[1])) ? 0 : $patternMatches[1];
}
$data .= $line;
$status = @socket_get_status($fp);
}
@fclose ($fp);
}
}
if ($responseCode != 200) {
$localexpiry = date("Ymd", mktime(0, 0, 0, date("m"), date("d") - ($localkeydays + $allowcheckfaildays), date("Y")));
if ($originalcheckdate > $localexpiry) {
$results = $localkeyresults;
} else {
$results = array();
$results['status'] = "Invalid";
$results['description'] = "Remote Check Failed";
return $results;
}
} else {
preg_match_all('/<(.*?)>([^<]+)<\/\1>/i', $data, $matches);
$results = array();
foreach ($matches[1] AS $k=>$v) {
$results[$v] = $matches[2][$k];
}
}
if (!is_array($results)) {
die("Invalid License Server Response");
}
if ($results['md5hash']) {
if ($results['md5hash'] != md5($licensing_secret_key . $check_token)) {
$results['status'] = "Invalid";
$results['description'] = "MD5 Checksum Verification Failed";
return $results;
}
}
if ($results['status'] == "Active") {
$results['checkdate'] = $checkdate;
$data_encoded = json_encode($results);
$data_encoded = base64_encode($data_encoded);
$data_encoded = md5($checkdate . $licensing_secret_key) . $data_encoded;
$data_encoded = strrev($data_encoded);
$data_encoded = $data_encoded . md5($data_encoded . $licensing_secret_key);
$data_encoded = wordwrap($data_encoded, 80, "
", true);
$results['localkey'] = $data_encoded;
}
$results['remotecheck'] = true;
}
unset($postfields,$data,$matches,$whmcsurl,$licensing_secret_key,$checkdate,$usersip,$localkeydays,$allowcheckfaildays,$md5hash);
return $results;
}
// Get the license key and local key from storage
// These are typically stored either in flat files or an SQL database
$licensekey = "whmcs-c5adf50c9a";
$localkey = '9tjIxIzNwgDMwIjI6gjOztjIlRXYkt2Ylh2YioTO6M3OicmbpNnblNWasx1cyVmdyV2ccNXZsVHZv1GX
zNWbodHXlNmc192czNWbodHXzN2bkRHacBFUNFEWcNHduVWb1N2bExFd0FWTcNnclNXVcpzQioDM4ozc
7ISey9GdjVmcpRGZpxWY2JiO0EjOztjIx4CMuAjL3ITMioTO6M3OiAXaklGbhZnI6cjOztjI0N3boxWY
j9Gbuc3d3xCdz9GasF2YvxmI6MjM6M3Oi4Wah12bkRWasFmdioTMxozc7ISeshGdu9WTiozN6M3OiUGb
jl3Yn5WasxWaiJiOyEjOztjI3ATL4ATL4ADMyIiOwEjOztjIlRXYkVWdkRHel5mI6ETM6M3OicDMtcDM
tgDMwIjI6ATM6M3OiUGdhR2ZlJnI6cjOztjIlNXYlxEI5xGa052bNByUD1ESXJiO5EjOztjIl1WYuR3Y
1R2byBnI6ETM6M3OicjI6EjOztjIklGdjVHZvJHcioTO6M3Oi02bj5ycj1Ga3BEd0FWbioDNxozc7ICb
pFWblJiO1ozc7IyUD1ESXBCd0FWTioDMxozc7ISZtFmbkVmclR3cpdWZyJiO0EjOztjIlZXa0NWQiojN
6M3OiMXd0FGdzJiO2ozc7pjMxoTY8baca0885830a33725148e94e693f3f073294c0558d38e31f844
c5adf50c9a';
// Validate the license key information
$results = keypasswdcloudlinuxvps_check_license($licensekey, $localkey);
// Raw output of results for debugging purpose
echo '<textarea cols="100" rows="20">' . print_r($results, true) . '</textarea>';
// Interpret response
switch ($results['status']) {
case "Active":
// get new local key and save it somewhere
$localkeydata = $results['localkey'];
break;
case "Invalid":
die("License key is Invalid");
break;
case "Expired":
die("License key is Expired");
break;
case "Suspended":
die("License key is Suspended");
break;
default:
die("Invalid Response");
break;
} ?>Did this file decode correctly?
Original Code
<?php
/**
* WHMCS Licensing Addon - Integration Code Sample
* https://www.whmcs.com/addons/licensing-addon/
*
* The following code is a fully working code sample demonstrating how to
* perform license checks using the WHMCS Licensing Addon. It is PHP 4 and
* 5 compatible. Requires the WHMCS Licensing Addon to be used.
*
* @package WHMCS
* @author WHMCS Limited <[email protected]>
* @copyright Copyright (c) WHMCS Limited 2005-2018
* @license https://www.whmcs.com/license/ WHMCS Eula
* @version $Id$
* @link https://www.whmcs.com/
*/
/**
* If you are using this file as a template for your own module, once
* you've modified the code for your use, remove the exit above.
*/
// Replace "cloudlinuxvps-" with your own unique prefix to avoid conflicts with
// other instances of the licensing addon included within the same scope
function keypasswdcloudlinuxvps_check_license($licensekey, $localkey='') {
// -----------------------------------
// -- Configuration Values --
// -----------------------------------
// Enter the url to your WHMCS installation here
$whmcsurl = 'https://cloudlinuxvps.com/shop/';
// Must match what is specified in the MD5 Hash Verification field
// of the licensing product that will be used with this check.
$licensing_secret_key = 'keypasswdcloudlinuxvps';
// The number of days to wait between performing remote license checks
$localkeydays = 15;
// The number of days to allow failover for after local key expiry
$allowcheckfaildays = 5;
// -----------------------------------
// -- Do not edit below this line --
// -----------------------------------
$check_token = time() . md5(mt_rand(1000000000, 9999999999) . $licensekey);
$checkdate = date("Ymd");
$domain = $_SERVER['SERVER_NAME'];
$usersip = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : $_SERVER['LOCAL_ADDR'];
$dirpath = dirname(__FILE__);
$verifyfilepath = 'modules/servers/licensing/verify.php';
$localkeyvalid = false;
if ($localkey) {
$localkey = str_replace("\n", '', $localkey); # Remove the line breaks
$localdata = substr($localkey, 0, strlen($localkey) - 32); # Extract License Data
$md5hash = substr($localkey, strlen($localkey) - 32); # Extract MD5 Hash
if ($md5hash == md5($localdata . $licensing_secret_key)) {
$localdata = strrev($localdata); # Reverse the string
$md5hash = substr($localdata, 0, 32); # Extract MD5 Hash
$localdata = substr($localdata, 32); # Extract License Data
$localdata = base64_decode($localdata);
$localkeyresults = json_decode($localdata, true);
$originalcheckdate = $localkeyresults['checkdate'];
if ($md5hash == md5($originalcheckdate . $licensing_secret_key)) {
$localexpiry = date("Ymd", mktime(0, 0, 0, date("m"), date("d") - $localkeydays, date("Y")));
if ($originalcheckdate > $localexpiry) {
$localkeyvalid = true;
$results = $localkeyresults;
$validdomains = explode(',', $results['validdomain']);
if (!in_array($_SERVER['SERVER_NAME'], $validdomains)) {
$localkeyvalid = false;
$localkeyresults['status'] = "Invalid";
$results = array();
}
$validips = explode(',', $results['validip']);
if (!in_array($usersip, $validips)) {
$localkeyvalid = false;
$localkeyresults['status'] = "Invalid";
$results = array();
}
$validdirs = explode(',', $results['validdirectory']);
if (!in_array($dirpath, $validdirs)) {
$localkeyvalid = false;
$localkeyresults['status'] = "Invalid";
$results = array();
}
}
}
}
}
if (!$localkeyvalid) {
$responseCode = 0;
$postfields = array(
'licensekey' => $licensekey,
'domain' => $domain,
'ip' => $usersip,
'dir' => $dirpath,
);
if ($check_token) $postfields['check_token'] = $check_token;
$query_string = '';
foreach ($postfields AS $k=>$v) {
$query_string .= $k.'='.urlencode($v).'&';
}
if (function_exists('curl_exec')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $whmcsurl . $verifyfilepath);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$data = curl_exec($ch);
$responseCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
} else {
$responseCodePattern = '/^HTTP\/\d+\.\d+\s+(\d+)/';
$fp = @fsockopen($whmcsurl, 80, $errno, $errstr, 5);
if ($fp) {
$newlinefeed = "\r\n";
$header = "POST ".$whmcsurl . $verifyfilepath . " HTTP/1.0" . $newlinefeed;
$header .= "Host: ".$whmcsurl . $newlinefeed;
$header .= "Content-type: application/x-www-form-urlencoded" . $newlinefeed;
$header .= "Content-length: ".@strlen($query_string) . $newlinefeed;
$header .= "Connection: close" . $newlinefeed . $newlinefeed;
$header .= $query_string;
$data = $line = '';
@stream_set_timeout($fp, 20);
@fputs($fp, $header);
$status = @socket_get_status($fp);
while (!@feof($fp)&&$status) {
$line = @fgets($fp, 1024);
$patternMatches = array();
if (!$responseCode
&& preg_match($responseCodePattern, trim($line), $patternMatches)
) {
$responseCode = (empty($patternMatches[1])) ? 0 : $patternMatches[1];
}
$data .= $line;
$status = @socket_get_status($fp);
}
@fclose ($fp);
}
}
if ($responseCode != 200) {
$localexpiry = date("Ymd", mktime(0, 0, 0, date("m"), date("d") - ($localkeydays + $allowcheckfaildays), date("Y")));
if ($originalcheckdate > $localexpiry) {
$results = $localkeyresults;
} else {
$results = array();
$results['status'] = "Invalid";
$results['description'] = "Remote Check Failed";
return $results;
}
} else {
preg_match_all('/<(.*?)>([^<]+)<\/\\1>/i', $data, $matches);
$results = array();
foreach ($matches[1] AS $k=>$v) {
$results[$v] = $matches[2][$k];
}
}
if (!is_array($results)) {
die("Invalid License Server Response");
}
if ($results['md5hash']) {
if ($results['md5hash'] != md5($licensing_secret_key . $check_token)) {
$results['status'] = "Invalid";
$results['description'] = "MD5 Checksum Verification Failed";
return $results;
}
}
if ($results['status'] == "Active") {
$results['checkdate'] = $checkdate;
$data_encoded = json_encode($results);
$data_encoded = base64_encode($data_encoded);
$data_encoded = md5($checkdate . $licensing_secret_key) . $data_encoded;
$data_encoded = strrev($data_encoded);
$data_encoded = $data_encoded . md5($data_encoded . $licensing_secret_key);
$data_encoded = wordwrap($data_encoded, 80, "\n", true);
$results['localkey'] = $data_encoded;
}
$results['remotecheck'] = true;
}
unset($postfields,$data,$matches,$whmcsurl,$licensing_secret_key,$checkdate,$usersip,$localkeydays,$allowcheckfaildays,$md5hash);
return $results;
}
// Get the license key and local key from storage
// These are typically stored either in flat files or an SQL database
$licensekey = "whmcs-c5adf50c9a";
$localkey = '9tjIxIzNwgDMwIjI6gjOztjIlRXYkt2Ylh2YioTO6M3OicmbpNnblNWasx1cyVmdyV2ccNXZsVHZv1GX
zNWbodHXlNmc192czNWbodHXzN2bkRHacBFUNFEWcNHduVWb1N2bExFd0FWTcNnclNXVcpzQioDM4ozc
7ISey9GdjVmcpRGZpxWY2JiO0EjOztjIx4CMuAjL3ITMioTO6M3OiAXaklGbhZnI6cjOztjI0N3boxWY
j9Gbuc3d3xCdz9GasF2YvxmI6MjM6M3Oi4Wah12bkRWasFmdioTMxozc7ISeshGdu9WTiozN6M3OiUGb
jl3Yn5WasxWaiJiOyEjOztjI3ATL4ATL4ADMyIiOwEjOztjIlRXYkVWdkRHel5mI6ETM6M3OicDMtcDM
tgDMwIjI6ATM6M3OiUGdhR2ZlJnI6cjOztjIlNXYlxEI5xGa052bNByUD1ESXJiO5EjOztjIl1WYuR3Y
1R2byBnI6ETM6M3OicjI6EjOztjIklGdjVHZvJHcioTO6M3Oi02bj5ycj1Ga3BEd0FWbioDNxozc7ICb
pFWblJiO1ozc7IyUD1ESXBCd0FWTioDMxozc7ISZtFmbkVmclR3cpdWZyJiO0EjOztjIlZXa0NWQiojN
6M3OiMXd0FGdzJiO2ozc7pjMxoTY8baca0885830a33725148e94e693f3f073294c0558d38e31f844
c5adf50c9a';
// Validate the license key information
$results = keypasswdcloudlinuxvps_check_license($licensekey, $localkey);
// Raw output of results for debugging purpose
echo '<textarea cols="100" rows="20">' . print_r($results, true) . '</textarea>';
// Interpret response
switch ($results['status']) {
case "Active":
// get new local key and save it somewhere
$localkeydata = $results['localkey'];
break;
case "Invalid":
die("License key is Invalid");
break;
case "Expired":
die("License key is Expired");
break;
case "Suspended":
die("License key is Suspended");
break;
default:
die("Invalid Response");
break;
}Function Calls
| time | 1 |
| mt_rand | 1 |
| keypasswdcloudlinuxvps_check_license | 1 |
Stats
| MD5 | a194e3162315e44f7c2fc04707d717c2 |
| Eval Count | 0 |
| Decode Time | 170 ms |