Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto cIBuS; wwyK9: $conn = null; goto HxMAd; DIpGP: try { $conn = new PDO($dsn, $u..
Decoded Output download
<?php
goto cIBuS; wwyK9: $conn = null; goto HxMAd; DIpGP: try { $conn = new PDO($dsn, $username, $password, $options); date_default_timezone_set("America/New_York"); $sqlCheckAccountExists = "SELECT account_name, account_email FROM user_accounts WHERE account_name=? or account_email=?"; $stmt = $conn->prepare($sqlCheckAccountExists); $stmt->execute(array($accountNameInput, $accountEmailInput)); if ($stmt->rowCount() > 0) { while ($row = $stmt->fetch()) { if ($row["account_name"] === $accountNameInput) { $msg = $row["account_name"] . " already exists."; } if ($row["account_email"] === $accountEmailInput) { $msg = $row["account_email"] . " already exists."; } } } else { function RandomToken($length = 32) { if (!isset($length) || intval($length) <= 8) { $length = 32; } if (function_exists("random_bytes")) { return bin2hex(random_bytes($length)); } if (function_exists("mcrypt_create_iv")) { return bin2hex(mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)); } if (function_exists("openssl_random_pseudo_bytes")) { return bin2hex(openssl_random_pseudo_bytes($length)); } } function Salt($originalSecureData) { return substr(strtr(base64_encode(hex2bin($originalSecureData)), "+", "."), 0, 50); } $accountKey = Salt(RandomToken(32)); $sqlCreateAccount = "INSERT INTO user_accounts (account_email,account_name,account_password,account_2fa,account_active,account_key,account_delete)\xa \x9\x9 \x9\x9\x9\x9VALUE(?,?,?,false,1,?,false);"; $createAccountStmt = $conn->prepare($sqlCreateAccount); $createAccountStmt->execute(array($accountEmailInput, $accountNameInput, $accountPasswordInput, $accountKey)); $userFolderPath = "site/users/" . $accountNameInput; $userFolderFile = "account.txt"; $pictureURL = "site/users/" . $accountNameInput . "/avatar.jpg"; if (!file_exists($userFolderPath)) { mkdir($userFolderPath, 511); $file = fopen($userFolderPath . "/" . $userFolderFile, "w"); fwrite($file, ''); fclose($file); $currentFilePath = "site/users/avatar.jpg"; copy($currentFilePath, $pictureURL); } $userAge = 0; $newUserBday = date("m/d/Y", strtotime($userBday)); $userBdayArray = explode("/", $newUserBday); $userAge = date("md", date("U", mktime(0, 0, 0, $userBdayArray[0], $userBdayArray[1], $userBdayArray[2]))) > date("md") ? date("Y") - $userBdayArray[2] - 1 : date("Y") - $userBdayArray[2]; $userGender = ''; $userLocation = ''; $sqlCreateProfile = "INSERT INTO user_profiles (user_name,user_picture,user_display_name,user_age,user_gender,user_location)
\x9 \x9 \x9\x9 \x9\x9VALUE(?,?,?,?,?,?);"; $createProfileStmt = $conn->prepare($sqlCreateProfile); $createProfileStmt->execute(array($accountNameInput, $pictureURL, $accountNameInput, $userAge, $userGender, $userLocation)); $sqlCreatePrivacy = "INSERT INTO user_privacy (user_id,user_name,user_status,user_feedback,user_marketing,user_data,user_studies,user_psych,user_proserv)
\x9\x9 \x9\x9 VALUE(1,?,1,1,1,1,1,1,1);"; $createPrivacyStmt = $conn->prepare($sqlCreatePrivacy); $createPrivacyStmt->execute(array($accountNameInput)); $confirmationLink = "http://{$_SERVER["HTTP_HOST"]}{$_SERVER["REQUEST_URI"]}" . "activate.php?id=" . $accountKey; $emailRecipient = $accountEmailInput; $emailSubject = "DreamClouds User Registration Activation Email"; $emailContent = "Welcome to DreamClouds! <a href='" . $confirmationLink . "'>Click this link to activate your account.</a>"; $emailHeaders = "From: [email protected] DreamClouds Admins"; if (mail($emailRecipient, $emailSubject, $emailContent, $emailHeaders)) { $msg = "A confirmation email has been sent."; } else { $msg = "A confirmation email could not be sent. "Welcome to DreamClouds! <a href="" . $confirmationLink . "">Click this link to activate your account.</a>""; } } } catch (PDOException $e) { $msg = "Error: " . $e->getMessage(); } goto wwyK9; cIBuS: include "config.php"; goto DIpGP; HxMAd: ?>
Did this file decode correctly?
Original Code
<?php
goto cIBuS; wwyK9: $conn = null; goto HxMAd; DIpGP: try { $conn = new PDO($dsn, $username, $password, $options); date_default_timezone_set("\101\155\x65\x72\x69\143\x61\x2f\x4e\145\167\137\131\157\162\153"); $sqlCheckAccountExists = "\123\105\114\105\x43\124\40\141\143\x63\157\165\156\164\x5f\156\x61\x6d\145\54\40\x61\143\143\157\x75\156\164\x5f\145\155\x61\151\154\x20\106\122\x4f\x4d\40\x75\x73\145\x72\x5f\141\143\143\157\x75\156\x74\163\x20\127\110\x45\122\105\40\141\x63\143\157\165\156\164\x5f\x6e\x61\x6d\145\75\77\40\x6f\x72\40\x61\143\x63\x6f\x75\x6e\164\137\145\x6d\141\x69\x6c\x3d\x3f"; $stmt = $conn->prepare($sqlCheckAccountExists); $stmt->execute(array($accountNameInput, $accountEmailInput)); if ($stmt->rowCount() > 0) { while ($row = $stmt->fetch()) { if ($row["\x61\143\143\157\165\x6e\x74\x5f\156\141\155\x65"] === $accountNameInput) { $msg = $row["\141\143\x63\x6f\x75\156\x74\x5f\x6e\x61\x6d\x65"] . "\40\x61\154\162\145\x61\x64\x79\40\145\x78\x69\x73\x74\x73\x2e"; } if ($row["\x61\143\143\157\x75\x6e\164\137\x65\x6d\141\151\154"] === $accountEmailInput) { $msg = $row["\141\143\143\x6f\x75\x6e\164\137\x65\155\x61\151\x6c"] . "\x20\141\154\x72\145\x61\x64\171\40\145\170\x69\x73\164\x73\x2e"; } } } else { function RandomToken($length = 32) { if (!isset($length) || intval($length) <= 8) { $length = 32; } if (function_exists("\x72\x61\156\x64\x6f\x6d\137\142\171\164\145\163")) { return bin2hex(random_bytes($length)); } if (function_exists("\x6d\143\162\x79\160\x74\x5f\x63\x72\145\x61\x74\145\137\x69\166")) { return bin2hex(mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)); } if (function_exists("\x6f\x70\145\156\x73\x73\154\137\x72\141\x6e\144\x6f\155\137\x70\x73\145\x75\144\157\x5f\x62\171\x74\x65\x73")) { return bin2hex(openssl_random_pseudo_bytes($length)); } } function Salt($originalSecureData) { return substr(strtr(base64_encode(hex2bin($originalSecureData)), "\x2b", "\x2e"), 0, 50); } $accountKey = Salt(RandomToken(32)); $sqlCreateAccount = "\111\116\123\x45\122\x54\x20\x49\116\124\117\40\165\163\145\162\x5f\141\143\143\x6f\165\x6e\x74\163\x20\x28\x61\x63\x63\x6f\165\156\x74\137\145\x6d\x61\151\154\x2c\141\143\x63\157\165\156\164\x5f\x6e\141\x6d\145\54\141\x63\143\x6f\x75\x6e\164\137\160\x61\163\x73\x77\x6f\x72\144\54\x61\143\143\x6f\165\x6e\x74\137\62\146\x61\54\141\x63\143\x6f\165\156\x74\x5f\141\x63\164\151\x76\x65\x2c\141\143\x63\x6f\165\156\164\137\153\145\x79\x2c\x61\x63\x63\x6f\x75\x6e\164\x5f\144\145\154\x65\164\145\51\xa\11\11\11\x9\x9\11\11\11\x9\x9\x9\x9\126\101\x4c\x55\105\x28\x3f\54\77\54\x3f\54\146\x61\x6c\x73\x65\x2c\x31\54\77\54\x66\141\154\163\x65\x29\73"; $createAccountStmt = $conn->prepare($sqlCreateAccount); $createAccountStmt->execute(array($accountEmailInput, $accountNameInput, $accountPasswordInput, $accountKey)); $userFolderPath = "\163\151\x74\145\57\165\x73\x65\162\163\x2f" . $accountNameInput; $userFolderFile = "\141\x63\143\157\x75\x6e\x74\x2e\164\x78\164"; $pictureURL = "\163\151\164\x65\57\x75\163\x65\162\163\57" . $accountNameInput . "\57\141\x76\141\x74\141\162\x2e\152\160\147"; if (!file_exists($userFolderPath)) { mkdir($userFolderPath, 511); $file = fopen($userFolderPath . "\x2f" . $userFolderFile, "\x77"); fwrite($file, ''); fclose($file); $currentFilePath = "\163\151\164\145\57\x75\163\x65\162\163\57\x61\166\x61\164\x61\x72\x2e\x6a\160\147"; copy($currentFilePath, $pictureURL); } $userAge = 0; $newUserBday = date("\x6d\57\x64\x2f\131", strtotime($userBday)); $userBdayArray = explode("\57", $newUserBday); $userAge = date("\155\x64", date("\x55", mktime(0, 0, 0, $userBdayArray[0], $userBdayArray[1], $userBdayArray[2]))) > date("\155\x64") ? date("\x59") - $userBdayArray[2] - 1 : date("\x59") - $userBdayArray[2]; $userGender = ''; $userLocation = ''; $sqlCreateProfile = "\111\116\x53\105\122\x54\x20\x49\x4e\x54\117\x20\x75\163\145\x72\137\x70\x72\x6f\x66\x69\154\145\163\40\50\x75\x73\145\162\137\x6e\141\155\145\x2c\x75\x73\x65\x72\x5f\160\x69\143\x74\165\x72\145\x2c\165\163\145\162\137\x64\151\x73\x70\154\x61\171\137\x6e\x61\x6d\145\54\165\x73\145\x72\x5f\141\147\x65\54\x75\x73\x65\162\x5f\147\145\156\x64\x65\x72\54\x75\x73\145\x72\x5f\x6c\x6f\x63\x61\164\x69\x6f\156\x29\12\x9\11\x9\11\11\11\x9\x9\11\11\x9\x9\126\x41\114\x55\105\x28\77\54\77\54\x3f\54\x3f\x2c\x3f\54\x3f\x29\73"; $createProfileStmt = $conn->prepare($sqlCreateProfile); $createProfileStmt->execute(array($accountNameInput, $pictureURL, $accountNameInput, $userAge, $userGender, $userLocation)); $sqlCreatePrivacy = "\111\x4e\x53\105\x52\124\x20\111\x4e\x54\x4f\40\x75\163\x65\162\137\160\162\x69\166\141\143\x79\40\x28\165\163\145\x72\137\x69\x64\54\x75\163\x65\162\x5f\x6e\141\155\x65\x2c\x75\x73\145\162\x5f\x73\164\141\164\165\163\54\x75\x73\x65\162\137\146\145\x65\144\x62\141\x63\x6b\x2c\x75\x73\x65\162\137\x6d\x61\162\x6b\x65\164\x69\156\x67\54\165\163\x65\162\x5f\144\141\x74\141\54\x75\x73\x65\162\137\x73\x74\165\144\x69\145\x73\54\165\163\145\x72\137\x70\163\171\143\150\54\x75\163\x65\162\137\160\x72\x6f\163\145\162\166\x29\12\11\11\11\11\x9\x9\11\11\11\x9\x9\11\126\x41\x4c\x55\x45\x28\x31\54\x3f\x2c\61\x2c\x31\54\x31\x2c\x31\54\x31\x2c\x31\x2c\61\51\73"; $createPrivacyStmt = $conn->prepare($sqlCreatePrivacy); $createPrivacyStmt->execute(array($accountNameInput)); $confirmationLink = "\150\x74\164\160\72\57\x2f{$_SERVER["\x48\x54\124\x50\137\x48\x4f\x53\x54"]}{$_SERVER["\x52\x45\x51\x55\x45\x53\124\x5f\x55\x52\111"]}" . "\141\x63\x74\151\x76\x61\164\x65\x2e\x70\150\160\x3f\x69\144\x3d" . $accountKey; $emailRecipient = $accountEmailInput; $emailSubject = "\x44\x72\145\x61\155\103\154\157\165\144\x73\40\125\163\145\162\40\122\145\x67\x69\x73\x74\162\141\164\151\157\x6e\x20\x41\x63\x74\151\x76\x61\164\151\157\156\40\105\x6d\x61\x69\x6c"; $emailContent = "\127\145\154\143\157\x6d\145\40\164\157\x20\x44\x72\x65\x61\155\x43\154\x6f\x75\x64\163\41\x20\74\141\x20\x68\x72\x65\146\75\x27" . $confirmationLink . "\x27\x3e\103\x6c\x69\x63\153\x20\164\150\151\163\x20\154\151\156\153\40\164\157\40\x61\143\164\151\x76\x61\x74\145\x20\x79\x6f\x75\x72\x20\x61\143\143\x6f\x75\156\x74\x2e\x3c\x2f\141\x3e"; $emailHeaders = "\106\x72\157\x6d\72\x20\104\157\x4e\x6f\164\x52\145\x70\x6c\171\x40\x64\x72\145\x61\155\143\154\x6f\165\144\163\56\143\x6f\155\x20\104\162\x65\141\155\x43\154\157\165\144\163\x20\101\x64\x6d\151\156\163"; if (mail($emailRecipient, $emailSubject, $emailContent, $emailHeaders)) { $msg = "\101\40\143\157\156\146\x69\x72\155\141\x74\x69\x6f\156\40\x65\x6d\x61\151\154\x20\x68\x61\x73\x20\142\x65\x65\x6e\40\163\145\156\164\56"; } else { $msg = "\101\x20\143\x6f\156\146\151\162\155\141\164\151\157\x6e\40\x65\155\141\x69\x6c\40\x63\157\165\154\144\x20\156\x6f\164\x20\x62\145\x20\163\x65\x6e\164\x2e\40\42\127\145\x6c\143\157\x6d\x65\x20\x74\x6f\x20\x44\162\145\141\x6d\x43\154\x6f\x75\x64\x73\41\40\x3c\x61\x20\150\x72\145\x66\x3d\42" . $confirmationLink . "\42\x3e\103\x6c\x69\143\x6b\x20\x74\150\151\x73\40\x6c\x69\156\153\x20\x74\x6f\x20\141\x63\x74\151\x76\x61\x74\x65\x20\x79\157\x75\x72\x20\141\x63\143\x6f\165\156\164\56\x3c\x2f\x61\76\42"; } } } catch (PDOException $e) { $msg = "\x45\162\162\x6f\162\72\x20" . $e->getMessage(); } goto wwyK9; cIBuS: include "\143\x6f\156\146\151\147\x2e\x70\x68\160"; goto DIpGP; HxMAd: ?>
Function Calls
None |
Stats
MD5 | b5e66fb5a4919dcaaae196a5c1828e6b |
Eval Count | 0 |
Decode Time | 47 ms |