Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php session_start(); ob_start(); if (!isset($_SESSION["login"])) { header..
Decoded Output download
<?php
session_start();
ob_start();
if (!isset($_SESSION["login"])) {
header("Location: ../index.php");
}
require_once("../info.php");
$cid = isset( $_POST["cid"] ) ? $_POST["cid"] : '';
$amount = isset( $_POST["amount"] ) ? $_POST["amount"] : '';
$return = array();
$currentPBalance;
$fetchCurrentPBalance = mysqli_query($conn, "SELECT * FROM tempodetable WHERE CustomerID = '".$_SESSION["CustomerID"]."'");
if( mysqli_num_rows($fetchCurrentPBalance) ) {
while( $row = mysqli_fetch_array($fetchCurrentPBalance) ) {
$currentPBalance = $row["PBalance"];
}
}
// Global variables
$sendMail = false;
$tempPercentage;
$tempCheckValue;
$moneyReceiverFullName; // Name and surname who will get money from session user
$moneyReceiverEmail; // Email who will get money from session user
if( isset( $_POST["cid"] ) && isset( $_POST["amount"] ) ) {
$cid = strtolower($_POST["cid"]);
$checkCid = "SELECT * FROM tempodetable WHERE CustomerID = '".$cid."'";
$checkCidResult = mysqli_query($conn, $checkCid) or die(mysqli_error($conn));
$tempPercentage = ( $amount / 100 ) * 1;
$tempCheckValue = $tempPercentage + $amount;
if( mysqli_num_rows($checkCidResult) ) {
while( $r = mysqli_fetch_array($checkCidResult) ) {
$moneyReceiverFullName = $r["FirstName"]." ".$r["LastName"];
$moneyReceiverEmail = $r["Email"];
}
if( $currentPBalance > $tempCheckValue ) {
if( $amount <= 0 || $amount > $currentPBalance )
$return["error"] = "Error: You cannot send $amount.";
else if( $amount <= 30 )
$return["error"] = "Error: Sending amount should be greather then 30.";
else if( $cid == $_SESSION["CustomerID"] ) {
$return["error"] = "Error: You cannot send money to yourself.";
}
else {
$return["success"] = "Money sent successfully.";
$result = mysqli_query($conn, "UPDATE tempodetable SET PBalance = PBalance - '$tempCheckValue' WHERE CustomerID = '".$_SESSION["CustomerID"]."'") or die(mysqli_error($conn));
mysqli_query($conn, "UPDATE tempodetable SET PBalance = PBalance + '$amount' WHERE CustomerID = '".$cid."'") or die(mysqli_error($conn));
if( $result ) {
$q = mysqli_query($conn, "SELECT PBalance FROM tempodetable WHERE CustomerID = '".$_SESSION["CustomerID"]."' ") or die(mysqli_error($conn));
if( mysqli_num_rows($q) ) {
while( $tempRow = mysqli_fetch_array($q) ) {
$tempBalance = $tempRow["PBalance"];
$currentPBalance = $tempBalance;
}
}
}
sendAllMails();
}
}
else
$return["error"] = "Error: You dont have enough balance for send $amount euros.";
}
else
$return["error"] = "Error: User not found. Please check the field.";
echo json_encode($return);
}
function sendAllMails() {
global $tempPercentage;
global $tempCheckValue;
global $moneyReceiverFullName;
global $moneyReceiverEmail;
// Mail to Session CustomerID (Current User);
$to_1 = $_SESSION["Email"];
$from_1 = "[email protected]";
$subject_1 = "ODE Notification.";
$message_1 = "Hello ".$_SESSION["FirstName"]." ".$_SESSION["LastName"].",<br><br>";
$message_1 .= "You sent money to ".$_POST["cid"].".<br>";
$message_1 .= "Amount: ".$_POST["amount"]."<br>";
$message_1 .= "1% transaction fee: ".$tempPercentage."<br>";
$message_1 .= "Total: ".$tempCheckValue."<br><br>";
$message_1 .= "Thanks for choosing us. Have a good day.";
$headers_1 = "From: ".$from_1."
";
$headers_1 .= "MIME-Version: 1.0"."
";
$headers_1 .= "Content-type:text/html;charset=utf-8"."
";
// mail($to_1, $subject_1, $message_1, $headers_1);
// Mail to user who will receive money from Session CustomerID (Current User);
$to_2 = $moneyReceiverEmail;
$from_2 = "[email protected]";
$subject_2 = "ODE Notification.";
$message_2 = "Hello ".$moneyReceiverFullName.",<br><br>";
$message_2 .= "You have received money from ".$_SESSION["CustomerID"].".<br>";
$message_2 .= "Amount: ".$_POST["amount"]."<br>";
$message_2 .= "Thanks for choosing us. Have a good day.";
$headers_2 = "From:".$from_2."
";
$headers_2 .= "MIME-Version: 1.0"."
";
$headers_2 .= "Content-type:text/html;charset=utf-8"."
";
// mail($to_2, $subject_2, $message_2, $headers_2);
// Mail to support@ode;
$to_3 = "[email protected]";
$from_3 = "[email protected]";
$subject_3 = "ODE Notification.";
$message_3 = "Hello</br>";
$message_3 .= "User ".$_SESSION["CustomerID"]." sent money to ".$_POST["cid"].".<br>";
$message_3 .= "Amount: ".$_POST["amount"]."<br>";
$message_3 .= "1% transaction fee: ".$tempPercentage."<br>";
$headers_3 = "From: ".$from_3."
";
$headers_3 .= "MIME-Version: 1.0"."
";
$headers_3 .= "Content-type:text/html;charset=utf-8"."
";
// mail($to_3, $subject_3, $message_3, $headers_3);
}
ob_end_flush();
?>Did this file decode correctly?
Original Code
<?php
session_start();
ob_start();
if (!isset($_SESSION["login"])) {
header("Location: ../index.php");
}
require_once("../info.php");
$cid = isset( $_POST["cid"] ) ? $_POST["cid"] : '';
$amount = isset( $_POST["amount"] ) ? $_POST["amount"] : '';
$return = array();
$currentPBalance;
$fetchCurrentPBalance = mysqli_query($conn, "SELECT * FROM tempodetable WHERE CustomerID = '".$_SESSION["CustomerID"]."'");
if( mysqli_num_rows($fetchCurrentPBalance) ) {
while( $row = mysqli_fetch_array($fetchCurrentPBalance) ) {
$currentPBalance = $row["PBalance"];
}
}
// Global variables
$sendMail = false;
$tempPercentage;
$tempCheckValue;
$moneyReceiverFullName; // Name and surname who will get money from session user
$moneyReceiverEmail; // Email who will get money from session user
if( isset( $_POST["cid"] ) && isset( $_POST["amount"] ) ) {
$cid = strtolower($_POST["cid"]);
$checkCid = "SELECT * FROM tempodetable WHERE CustomerID = '".$cid."'";
$checkCidResult = mysqli_query($conn, $checkCid) or die(mysqli_error($conn));
$tempPercentage = ( $amount / 100 ) * 1;
$tempCheckValue = $tempPercentage + $amount;
if( mysqli_num_rows($checkCidResult) ) {
while( $r = mysqli_fetch_array($checkCidResult) ) {
$moneyReceiverFullName = $r["FirstName"]." ".$r["LastName"];
$moneyReceiverEmail = $r["Email"];
}
if( $currentPBalance > $tempCheckValue ) {
if( $amount <= 0 || $amount > $currentPBalance )
$return["error"] = "Error: You cannot send $amount.";
else if( $amount <= 30 )
$return["error"] = "Error: Sending amount should be greather then 30.";
else if( $cid == $_SESSION["CustomerID"] ) {
$return["error"] = "Error: You cannot send money to yourself.";
}
else {
$return["success"] = "Money sent successfully.";
$result = mysqli_query($conn, "UPDATE tempodetable SET PBalance = PBalance - '$tempCheckValue' WHERE CustomerID = '".$_SESSION["CustomerID"]."'") or die(mysqli_error($conn));
mysqli_query($conn, "UPDATE tempodetable SET PBalance = PBalance + '$amount' WHERE CustomerID = '".$cid."'") or die(mysqli_error($conn));
if( $result ) {
$q = mysqli_query($conn, "SELECT PBalance FROM tempodetable WHERE CustomerID = '".$_SESSION["CustomerID"]."' ") or die(mysqli_error($conn));
if( mysqli_num_rows($q) ) {
while( $tempRow = mysqli_fetch_array($q) ) {
$tempBalance = $tempRow["PBalance"];
$currentPBalance = $tempBalance;
}
}
}
sendAllMails();
}
}
else
$return["error"] = "Error: You dont have enough balance for send $amount euros.";
}
else
$return["error"] = "Error: User not found. Please check the field.";
echo json_encode($return);
}
function sendAllMails() {
global $tempPercentage;
global $tempCheckValue;
global $moneyReceiverFullName;
global $moneyReceiverEmail;
// Mail to Session CustomerID (Current User);
$to_1 = $_SESSION["Email"];
$from_1 = "[email protected]";
$subject_1 = "ODE Notification.";
$message_1 = "Hello ".$_SESSION["FirstName"]." ".$_SESSION["LastName"].",<br><br>";
$message_1 .= "You sent money to ".$_POST["cid"].".<br>";
$message_1 .= "Amount: ".$_POST["amount"]."<br>";
$message_1 .= "1% transaction fee: ".$tempPercentage."<br>";
$message_1 .= "Total: ".$tempCheckValue."<br><br>";
$message_1 .= "Thanks for choosing us. Have a good day.";
$headers_1 = "From: ".$from_1."\r\n";
$headers_1 .= "MIME-Version: 1.0"."\r\n";
$headers_1 .= "Content-type:text/html;charset=utf-8"."\r\n";
// mail($to_1, $subject_1, $message_1, $headers_1);
// Mail to user who will receive money from Session CustomerID (Current User);
$to_2 = $moneyReceiverEmail;
$from_2 = "[email protected]";
$subject_2 = "ODE Notification.";
$message_2 = "Hello ".$moneyReceiverFullName.",<br><br>";
$message_2 .= "You have received money from ".$_SESSION["CustomerID"].".<br>";
$message_2 .= "Amount: ".$_POST["amount"]."<br>";
$message_2 .= "Thanks for choosing us. Have a good day.";
$headers_2 = "From:".$from_2."\r\n";
$headers_2 .= "MIME-Version: 1.0"."\r\n";
$headers_2 .= "Content-type:text/html;charset=utf-8"."\r\n";
// mail($to_2, $subject_2, $message_2, $headers_2);
// Mail to support@ode;
$to_3 = "[email protected]";
$from_3 = "[email protected]";
$subject_3 = "ODE Notification.";
$message_3 = "Hello</br>";
$message_3 .= "User ".$_SESSION["CustomerID"]." sent money to ".$_POST["cid"].".<br>";
$message_3 .= "Amount: ".$_POST["amount"]."<br>";
$message_3 .= "1% transaction fee: ".$tempPercentage."<br>";
$headers_3 = "From: ".$from_3."\r\n";
$headers_3 .= "MIME-Version: 1.0"."\r\n";
$headers_3 .= "Content-type:text/html;charset=utf-8"."\r\n";
// mail($to_3, $subject_3, $message_3, $headers_3);
}
ob_end_flush();
?>Function Calls
| header | 1 |
| ob_start | 1 |
| session_start | 1 |
Stats
| MD5 | bcb47a49910daf6c8487fbfc3b9a7c22 |
| Eval Count | 0 |
| Decode Time | 128 ms |