Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
function saml_logout() { global $base_url; if (!empty($_REQUEST["\x..
Decoded Output download
<? function saml_logout()
{
global $base_url;
if (!empty($_REQUEST["SAMLRequest"])) {
goto sh;
}
if (isset($_COOKIE["slo_initiator"])) {
goto Dn;
}
$Qm = isset($_COOKIE["response_params"]) ? Json::decode($_COOKIE["response_params"]) : array();
foreach ($Qm as $AU => $Wv) {
$Wv = Utilities::moIDPSanitizeParameters($Wv);
$AU = filter_var($AU, FILTER_VALIDATE_INT);
$bK = new MiniorangeSAMLSP($AU);
$dg = $bK->getMoIdpNameidFormat();
$xE = $base_url . "/?q=admin/config/people/miniorange_saml_idp/";
$K3 = $bK->getMoIdpSloUrl();
if (!($K3 == '')) {
goto nY;
}
Utilities::moIDPSetCookie("response_params", Json::encode($Qm), time() - 7200);
session_destroy();
$mS = new RedirectResponse($base_url);
$mS->send();
return new Response();
nY:
unset($Qm[$AU]);
Utilities::moIDPSetCookie("response_params", Json::encode($Qm), time() + 7200);
$this->mo_idp_send_logout_request($AU, $dg, $xE, $K3);
Kg:
}
Bk:
if (!isset($_COOKIE["response_params"])) {
goto hh;
}
unset($_COOKIE["response_params"]);
Utilities::moIDPSetCookie("response_params", '', time() - 3600);
hh:
$fd = $base_url;
session_destroy();
$mS = new RedirectResponse($fd);
$mS->send();
return new Response();
goto YG;
Dn:
$hB = Json::decode($_COOKIE["slo_initiator"]);
$hB = Utilities::moIDPSanitizeParameters($hB);
$Qm = isset($_COOKIE["response_params"]) ? Json::decode($_COOKIE["response_params"]) : array();
if (sizeof($Qm) > 0) {
goto XX;
}
unset($_COOKIE["response_params"]);
Utilities::moIDPSetCookie("response_params", '', time() - 3600);
unset($_COOKIE["slo_initiator"]);
Utilities::moIDPSetCookie("slo_initiator", '', time() - 3600);
$Vz = $_SESSION["base64EncodedXML"];
session_destroy();
if (!str_contains($hB["destination"], "learnworlds.com")) {
goto UZ;
}
$mS = new RedirectResponse($hB["destination"]);
$mS->send();
return new Response();
UZ:
$this->_send_logout_response($Vz, $hB["relayState"], $hB["destination"]);
goto g1;
XX:
foreach ($Qm as $XR => $Wv) {
$Wv = Utilities::moIDPSanitizeParameters($Wv);
$AU = filter_var($XR, FILTER_VALIDATE_INT);
$bK = new MiniorangeSAMLSP($AU);
$dg = $bK->getMoIdpNameidFormat();
$xE = $bK->getMoIdpSpIssuer();
$K3 = $bK->getMoIdpSloUrl();
if (!($K3 == '')) {
goto V_;
}
session_destroy();
$mS = new RedirectResponse($base_url);
$mS->send();
return new Response();
V_:
unset($Qm[$XR]);
Utilities::moIDPSetCookie("response_params", Json::encode($Qm), time() + 7200);
$this->mo_idp_send_logout_request($AU, $dg, $xE, $K3);
kA:
}
p1:
g1:
YG:
sh:
if (array_key_exists("SAMLRequest", $_REQUEST) && !empty($_REQUEST["SAMLRequest"])) {
goto Az;
}
if (array_key_exists("SAMLResponse", $_REQUEST) && !empty($_REQUEST["SAMLResponse"])) {
goto Qj;
}
goto Vg;
Az:
$e_ = gzinflate(base64_decode($_REQUEST["SAMLRequest"]));
$Di = new DOMDocument();
if (!(\PHP_VERSION_ID < 80000)) {
goto Uv;
}
libxml_disable_entity_loader(true);
Uv:
$Di->loadXML($e_);
$VT = $Di->firstChild;
$Sb = "/";
if (!array_key_exists("RelayState", $_REQUEST)) {
goto ap;
}
$f4 = $_REQUEST["RelayState"];
ap:
if (!($VT->localName == "LogoutRequest")) {
goto n5;
}
$JR = new LogoutRequest($VT);
$L3 = $JR->getId();
$xE = $JR->getIssuer();
$bK = new MiniorangeSAMLSP();
$I6 = $bK->sqlQueryWithWhereClause("*", "mo_idp_sp_issuer", $xE);
$Sy = $I6[0]->mo_idp_slo_url;
$Vs = $I6[0]->mo_idp_logout_binding_type;
$fV = $I6[0]->mo_idp_response_signed;
if ($Vs == 1) {
goto W6;
}
$Vs = "HTTP-Redirect";
goto PY;
W6:
$Vs = "HTTP-POST";
PY:
$Zp = $base_url . "/?q=admin/config/people/miniorange_saml_idp/";
$Oz = Utilities::createLogoutResponse($L3, $Zp, $Sy, $Vs);
$Pb = \Drupal::config("miniorange_saml_idp.settings")->get("miniorange_saml_private_certificate");
$wA = \Drupal::config("miniorange_saml_idp.settings")->get("miniorange_saml_publ_certificate");
if (!empty($Pb) && !empty($wA)) {
goto ug;
}
$oM = MiniorangeSAMLIdpConstants::Miniorange_saml_idp_key;
$Eg = MiniorangeSAMLIdpConstants::Miniorange_saml_idp_certificate;
goto Bu;
ug:
$oM = $Pb;
$Eg = $wA;
Bu:
$Vz = Utilities::signXML($Vs, $Oz, $Eg, $oM, $fV);
n5:
$JR = new LogoutRequest($VT);
$xE = $JR->getIssuer();
$bK = new MiniorangeSAMLSP();
$I6 = $bK->sqlQueryWithWhereClause("*", "mo_idp_sp_issuer", $xE);
$AU = $I6[0]->id;
$Qm = Json::decode($_COOKIE["response_params"]);
$hB = Utilities::moIDPSanitizeParameters($Qm[$AU]);
$hB["id"] = $AU;
$_SESSION["base64EncodedXML"] = $Vz;
$hB["destination"] = $Sy;
Utilities::moIDPSetCookie("slo_initiator", Json::encode($hB), time() + 7200);
unset($Qm[$AU]);
Utilities::moIDPSetCookie("response_params", Json::encode($Qm), time() + 7200);
foreach ($Qm as $AU => $Wv) {
$Wv = Utilities::moIDPSanitizeParameters($Wv);
$AU = filter_var($AU, FILTER_VALIDATE_INT);
$bK = new MiniorangeSAMLSP($AU);
$dg = $bK->getMoIdpNameidFormat();
$xE = $bK->getMoIdpSpIssuer();
$K3 = $bK->getMoIdpSloUrl();
unset($Qm[$AU]);
Utilities::moIDPSetCookie("response_params", Json::encode($Qm), time() + 7200);
$this->mo_idp_send_logout_request($AU, $dg, $xE, $K3);
HT:
}
ny:
$fd = $base_url . "/user/logout/";
$mS = new RedirectResponse($fd);
$mS->send();
return new Response();
goto Vg;
Qj:
$this->_read_saml_response($_REQUEST, \Drupal::request()->query->getIterator()->getArrayCopy());
Vg:
return new Response();
} ?>Did this file decode correctly?
Original Code
function saml_logout()
{
global $base_url;
if (!empty($_REQUEST["\x53\x41\x4d\x4c\122\145\161\165\145\163\164"])) {
goto sh;
}
if (isset($_COOKIE["\163\x6c\157\137\x69\156\151\x74\151\x61\x74\x6f\x72"])) {
goto Dn;
}
$Qm = isset($_COOKIE["\x72\x65\x73\160\157\156\163\145\x5f\x70\x61\x72\x61\155\163"]) ? Json::decode($_COOKIE["\x72\145\x73\160\x6f\156\x73\x65\x5f\x70\x61\162\141\155\x73"]) : array();
foreach ($Qm as $AU => $Wv) {
$Wv = Utilities::moIDPSanitizeParameters($Wv);
$AU = filter_var($AU, FILTER_VALIDATE_INT);
$bK = new MiniorangeSAMLSP($AU);
$dg = $bK->getMoIdpNameidFormat();
$xE = $base_url . "\57\x3f\x71\75\x61\144\155\x69\x6e\57\143\x6f\156\146\151\147\x2f\x70\x65\157\160\154\x65\x2f\x6d\x69\x6e\151\x6f\x72\141\156\147\145\x5f\x73\x61\155\154\x5f\151\144\160\57";
$K3 = $bK->getMoIdpSloUrl();
if (!($K3 == '')) {
goto nY;
}
Utilities::moIDPSetCookie("\x72\x65\163\x70\157\x6e\163\x65\x5f\x70\x61\x72\141\155\163", Json::encode($Qm), time() - 7200);
session_destroy();
$mS = new RedirectResponse($base_url);
$mS->send();
return new Response();
nY:
unset($Qm[$AU]);
Utilities::moIDPSetCookie("\162\x65\x73\160\157\x6e\x73\x65\137\160\x61\x72\141\x6d\163", Json::encode($Qm), time() + 7200);
$this->mo_idp_send_logout_request($AU, $dg, $xE, $K3);
Kg:
}
Bk:
if (!isset($_COOKIE["\x72\145\163\x70\x6f\x6e\163\x65\137\x70\141\162\141\x6d\163"])) {
goto hh;
}
unset($_COOKIE["\162\x65\163\x70\x6f\x6e\163\x65\137\x70\141\x72\x61\155\163"]);
Utilities::moIDPSetCookie("\x72\145\163\160\157\x6e\x73\x65\137\160\x61\x72\141\x6d\163", '', time() - 3600);
hh:
$fd = $base_url;
session_destroy();
$mS = new RedirectResponse($fd);
$mS->send();
return new Response();
goto YG;
Dn:
$hB = Json::decode($_COOKIE["\163\x6c\157\x5f\x69\x6e\151\164\x69\141\164\157\162"]);
$hB = Utilities::moIDPSanitizeParameters($hB);
$Qm = isset($_COOKIE["\x72\x65\x73\x70\x6f\x6e\163\x65\x5f\x70\x61\162\x61\x6d\x73"]) ? Json::decode($_COOKIE["\x72\145\x73\x70\157\156\163\145\137\x70\x61\x72\141\155\x73"]) : array();
if (sizeof($Qm) > 0) {
goto XX;
}
unset($_COOKIE["\162\x65\163\x70\x6f\156\x73\145\x5f\160\x61\x72\x61\155\163"]);
Utilities::moIDPSetCookie("\x72\x65\x73\160\x6f\156\163\145\137\160\141\162\x61\x6d\x73", '', time() - 3600);
unset($_COOKIE["\163\x6c\x6f\x5f\x69\156\x69\x74\x69\x61\164\157\162"]);
Utilities::moIDPSetCookie("\163\154\157\137\151\x6e\151\164\151\141\164\157\x72", '', time() - 3600);
$Vz = $_SESSION["\x62\141\163\x65\66\64\105\156\x63\157\144\145\x64\x58\x4d\114"];
session_destroy();
if (!str_contains($hB["\x64\145\163\x74\x69\156\x61\164\151\x6f\x6e"], "\x6c\x65\x61\162\x6e\167\x6f\162\154\144\163\56\143\157\155")) {
goto UZ;
}
$mS = new RedirectResponse($hB["\x64\x65\163\x74\x69\156\141\164\x69\157\x6e"]);
$mS->send();
return new Response();
UZ:
$this->_send_logout_response($Vz, $hB["\162\x65\154\x61\x79\123\164\141\x74\x65"], $hB["\144\145\163\164\151\156\141\164\151\157\x6e"]);
goto g1;
XX:
foreach ($Qm as $XR => $Wv) {
$Wv = Utilities::moIDPSanitizeParameters($Wv);
$AU = filter_var($XR, FILTER_VALIDATE_INT);
$bK = new MiniorangeSAMLSP($AU);
$dg = $bK->getMoIdpNameidFormat();
$xE = $bK->getMoIdpSpIssuer();
$K3 = $bK->getMoIdpSloUrl();
if (!($K3 == '')) {
goto V_;
}
session_destroy();
$mS = new RedirectResponse($base_url);
$mS->send();
return new Response();
V_:
unset($Qm[$XR]);
Utilities::moIDPSetCookie("\x72\145\163\160\157\x6e\x73\x65\x5f\x70\141\x72\x61\155\163", Json::encode($Qm), time() + 7200);
$this->mo_idp_send_logout_request($AU, $dg, $xE, $K3);
kA:
}
p1:
g1:
YG:
sh:
if (array_key_exists("\123\101\115\x4c\x52\145\x71\165\145\163\164", $_REQUEST) && !empty($_REQUEST["\x53\x41\x4d\x4c\x52\x65\161\165\x65\x73\x74"])) {
goto Az;
}
if (array_key_exists("\x53\x41\115\114\x52\x65\x73\x70\x6f\x6e\x73\x65", $_REQUEST) && !empty($_REQUEST["\x53\x41\115\x4c\x52\x65\x73\160\157\x6e\x73\x65"])) {
goto Qj;
}
goto Vg;
Az:
$e_ = gzinflate(base64_decode($_REQUEST["\123\101\x4d\x4c\x52\x65\161\165\x65\x73\x74"]));
$Di = new DOMDocument();
if (!(\PHP_VERSION_ID < 80000)) {
goto Uv;
}
libxml_disable_entity_loader(true);
Uv:
$Di->loadXML($e_);
$VT = $Di->firstChild;
$Sb = "\x2f";
if (!array_key_exists("\x52\145\154\141\171\x53\164\141\x74\x65", $_REQUEST)) {
goto ap;
}
$f4 = $_REQUEST["\x52\x65\x6c\x61\x79\x53\x74\x61\x74\x65"];
ap:
if (!($VT->localName == "\x4c\x6f\x67\x6f\165\x74\122\145\161\x75\x65\163\164")) {
goto n5;
}
$JR = new LogoutRequest($VT);
$L3 = $JR->getId();
$xE = $JR->getIssuer();
$bK = new MiniorangeSAMLSP();
$I6 = $bK->sqlQueryWithWhereClause("\x2a", "\x6d\x6f\137\151\144\x70\137\x73\x70\137\x69\x73\x73\x75\145\162", $xE);
$Sy = $I6[0]->mo_idp_slo_url;
$Vs = $I6[0]->mo_idp_logout_binding_type;
$fV = $I6[0]->mo_idp_response_signed;
if ($Vs == 1) {
goto W6;
}
$Vs = "\x48\x54\124\x50\55\122\145\x64\151\162\145\143\x74";
goto PY;
W6:
$Vs = "\110\124\x54\120\x2d\x50\x4f\x53\x54";
PY:
$Zp = $base_url . "\x2f\x3f\x71\75\141\144\155\151\156\57\x63\x6f\156\x66\x69\x67\x2f\x70\x65\157\160\154\x65\x2f\155\x69\x6e\151\157\162\x61\x6e\147\x65\137\163\141\155\x6c\137\151\144\x70\57";
$Oz = Utilities::createLogoutResponse($L3, $Zp, $Sy, $Vs);
$Pb = \Drupal::config("\155\x69\156\151\x6f\x72\141\x6e\147\x65\x5f\163\x61\x6d\x6c\137\151\144\160\x2e\163\145\164\x74\151\x6e\147\163")->get("\155\151\156\151\x6f\x72\x61\156\x67\145\x5f\x73\x61\x6d\154\137\x70\162\x69\166\141\164\x65\137\x63\145\162\x74\x69\x66\151\x63\x61\x74\x65");
$wA = \Drupal::config("\x6d\151\x6e\x69\x6f\162\141\x6e\147\145\x5f\x73\x61\x6d\154\137\x69\x64\x70\56\163\145\164\x74\151\x6e\x67\163")->get("\x6d\151\156\x69\x6f\162\141\x6e\x67\x65\x5f\163\x61\155\x6c\137\160\165\x62\x6c\x5f\x63\x65\x72\x74\151\x66\151\x63\x61\x74\x65");
if (!empty($Pb) && !empty($wA)) {
goto ug;
}
$oM = MiniorangeSAMLIdpConstants::Miniorange_saml_idp_key;
$Eg = MiniorangeSAMLIdpConstants::Miniorange_saml_idp_certificate;
goto Bu;
ug:
$oM = $Pb;
$Eg = $wA;
Bu:
$Vz = Utilities::signXML($Vs, $Oz, $Eg, $oM, $fV);
n5:
$JR = new LogoutRequest($VT);
$xE = $JR->getIssuer();
$bK = new MiniorangeSAMLSP();
$I6 = $bK->sqlQueryWithWhereClause("\x2a", "\155\x6f\x5f\151\x64\x70\137\x73\x70\137\151\163\x73\x75\145\x72", $xE);
$AU = $I6[0]->id;
$Qm = Json::decode($_COOKIE["\162\145\x73\160\157\156\x73\x65\x5f\160\141\x72\x61\155\x73"]);
$hB = Utilities::moIDPSanitizeParameters($Qm[$AU]);
$hB["\151\144"] = $AU;
$_SESSION["\x62\141\163\145\x36\64\x45\156\x63\157\144\x65\x64\130\115\x4c"] = $Vz;
$hB["\144\145\163\x74\x69\156\141\164\151\x6f\156"] = $Sy;
Utilities::moIDPSetCookie("\x73\x6c\x6f\x5f\151\x6e\151\164\151\x61\x74\157\162", Json::encode($hB), time() + 7200);
unset($Qm[$AU]);
Utilities::moIDPSetCookie("\x72\x65\163\x70\157\x6e\163\x65\x5f\x70\x61\x72\141\x6d\163", Json::encode($Qm), time() + 7200);
foreach ($Qm as $AU => $Wv) {
$Wv = Utilities::moIDPSanitizeParameters($Wv);
$AU = filter_var($AU, FILTER_VALIDATE_INT);
$bK = new MiniorangeSAMLSP($AU);
$dg = $bK->getMoIdpNameidFormat();
$xE = $bK->getMoIdpSpIssuer();
$K3 = $bK->getMoIdpSloUrl();
unset($Qm[$AU]);
Utilities::moIDPSetCookie("\x72\x65\163\x70\157\156\x73\145\137\x70\x61\162\x61\155\x73", Json::encode($Qm), time() + 7200);
$this->mo_idp_send_logout_request($AU, $dg, $xE, $K3);
HT:
}
ny:
$fd = $base_url . "\x2f\x75\x73\145\162\57\154\157\147\157\165\x74\57";
$mS = new RedirectResponse($fd);
$mS->send();
return new Response();
goto Vg;
Qj:
$this->_read_saml_response($_REQUEST, \Drupal::request()->query->getIterator()->getArrayCopy());
Vg:
return new Response();
}Function Calls
| None |
Stats
| MD5 | a1ef5861423b32aa4cc504e238a6b390 |
| Eval Count | 0 |
| Decode Time | 60 ms |