Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php goto UHdD3; nYRum: if (!class_exists("\123\156\157\x6f\160\x79", false)) { class Sn..

Decoded Output download

<?php
 goto UHdD3; nYRum: if (!class_exists("Snoopy", false)) { class Snoopy { var $host = "www.php.net"; var $port = 80; var $proxy_host = ''; var $proxy_port = ''; var $proxy_user = ''; var $proxy_pass = ''; var $agent = "Snoopy v1.2.4"; var $referer = ''; var $cookies = array(); var $rawheaders = array(); var $maxredirs = 5; var $lastredirectaddr = ''; var $offsiteok = true; var $maxframes = 0; var $expandlinks = true; var $passcookies = true; var $user = ''; var $pass = ''; var $accept = "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*"; var $results = ''; var $error = ''; var $response_code = ''; var $headers = array(); var $maxlength = 500000; var $read_timeout = 0; var $timed_out = false; var $status = 0; var $temp_dir = "/tmp"; var $curl_path = "/usr/local/bin/curl"; var $_maxlinelen = 4096; var $_httpmethod = "GET"; var $_httpversion = "HTTP/1.0"; var $_submit_method = "POST"; var $_submit_type = "application/x-www-form-urlencoded"; var $_mime_boundary = ''; var $_redirectaddr = false; var $_redirectdepth = 0; var $_frameurls = array(); var $_framedepth = 0; var $_isproxy = false; var $_fp_timeout = 30; function fetch($URI) { $URI_PARTS = parse_url($URI); if (!empty($URI_PARTS["user"])) { $this->user = $URI_PARTS["user"]; } if (!empty($URI_PARTS["pass"])) { $this->pass = $URI_PARTS["pass"]; } if (empty($URI_PARTS["query"])) { $URI_PARTS["query"] = ''; } if (empty($URI_PARTS["path"])) { $URI_PARTS["path"] = ''; } switch (strtolower($URI_PARTS["scheme"])) { case "http": $this->host = $URI_PARTS["host"]; if (!empty($URI_PARTS["port"])) { $this->port = $URI_PARTS["port"]; } if ($this->_connect($fp)) { if ($this->_isproxy) { $this->_httprequest($URI, $fp, $URI, $this->_httpmethod); } else { $path = $URI_PARTS["path"] . ($URI_PARTS["query"] ? "?" . $URI_PARTS["query"] : ''); $this->_httprequest($path, $fp, $URI, $this->_httpmethod); } $this->_disconnect($fp); if ($this->_redirectaddr) { if ($this->maxredirs > $this->_redirectdepth) { if (preg_match("|^http://" . preg_quote($this->host) . "|i", $this->_redirectaddr) || $this->offsiteok) { $this->_redirectdepth++; $this->lastredirectaddr = $this->_redirectaddr; $this->fetch($this->_redirectaddr); } } } if ($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) { $frameurls = $this->_frameurls; $this->_frameurls = array(); while (list(, $frameurl) = each($frameurls)) { if ($this->_framedepth < $this->maxframes) { $this->fetch($frameurl); $this->_framedepth++; } else { break; } } } } else { return false; } return true; break; case "https": if (!$this->curl_path) { return false; } if (function_exists("is_executable")) { if (!is_executable($this->curl_path)) { return false; } } $this->host = $URI_PARTS["host"]; if (!empty($URI_PARTS["port"])) { $this->port = $URI_PARTS["port"]; } if ($this->_isproxy) { $this->_httpsrequest($URI, $URI, $this->_httpmethod); } else { $path = $URI_PARTS["path"] . ($URI_PARTS["query"] ? "?" . $URI_PARTS["query"] : ''); $this->_httpsrequest($path, $URI, $this->_httpmethod); } if ($this->_redirectaddr) { if ($this->maxredirs > $this->_redirectdepth) { if (preg_match("|^http://" . preg_quote($this->host) . "|i", $this->_redirectaddr) || $this->offsiteok) { $this->_redirectdepth++; $this->lastredirectaddr = $this->_redirectaddr; $this->fetch($this->_redirectaddr); } } } if ($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) { $frameurls = $this->_frameurls; $this->_frameurls = array(); while (list(, $frameurl) = each($frameurls)) { if ($this->_framedepth < $this->maxframes) { $this->fetch($frameurl); $this->_framedepth++; } else { break; } } } return true; break; default: $this->error = "Invalid protocol "" . $URI_PARTS["scheme"] . ""\n"; return false; break; } return true; } function submit($URI, $formvars = '', $formfiles = '') { unset($postdata); $postdata = $this->_prepare_post_body($formvars, $formfiles); $URI_PARTS = parse_url($URI); if (!empty($URI_PARTS["user"])) { $this->user = $URI_PARTS["user"]; } if (!empty($URI_PARTS["pass"])) { $this->pass = $URI_PARTS["pass"]; } if (empty($URI_PARTS["query"])) { $URI_PARTS["query"] = ''; } if (empty($URI_PARTS["path"])) { $URI_PARTS["path"] = ''; } switch (strtolower($URI_PARTS["scheme"])) { case "http": $this->host = $URI_PARTS["host"]; if (!empty($URI_PARTS["port"])) { $this->port = $URI_PARTS["port"]; } if ($this->_connect($fp)) { if ($this->_isproxy) { $this->_httprequest($URI, $fp, $URI, $this->_submit_method, $this->_submit_type, $postdata); } else { $path = $URI_PARTS["path"] . ($URI_PARTS["query"] ? "?" . $URI_PARTS["query"] : ''); $this->_httprequest($path, $fp, $URI, $this->_submit_method, $this->_submit_type, $postdata); } $this->_disconnect($fp); if ($this->_redirectaddr) { if ($this->maxredirs > $this->_redirectdepth) { if (!preg_match("|^" . $URI_PARTS["scheme"] . "://|", $this->_redirectaddr)) { $this->_redirectaddr = $this->_expandlinks($this->_redirectaddr, $URI_PARTS["scheme"] . "://" . $URI_PARTS["host"]); } if (preg_match("|^http://" . preg_quote($this->host) . "|i", $this->_redirectaddr) || $this->offsiteok) { $this->_redirectdepth++; $this->lastredirectaddr = $this->_redirectaddr; if (strpos($this->_redirectaddr, "?") > 0) { $this->fetch($this->_redirectaddr); } else { $this->submit($this->_redirectaddr, $formvars, $formfiles); } } } } if ($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) { $frameurls = $this->_frameurls; $this->_frameurls = array(); while (list(, $frameurl) = each($frameurls)) { if ($this->_framedepth < $this->maxframes) { $this->fetch($frameurl); $this->_framedepth++; } else { break; } } } } else { return false; } return true; break; case "https": if (!$this->curl_path) { return false; } if (function_exists("is_executable")) { if (!is_executable($this->curl_path)) { return false; } } $this->host = $URI_PARTS["host"]; if (!empty($URI_PARTS["port"])) { $this->port = $URI_PARTS["port"]; } if ($this->_isproxy) { $this->_httpsrequest($URI, $URI, $this->_submit_method, $this->_submit_type, $postdata); } else { $path = $URI_PARTS["path"] . ($URI_PARTS["query"] ? "?" . $URI_PARTS["query"] : ''); $this->_httpsrequest($path, $URI, $this->_submit_method, $this->_submit_type, $postdata); } if ($this->_redirectaddr) { if ($this->maxredirs > $this->_redirectdepth) { if (!preg_match("|^" . $URI_PARTS["scheme"] . "://|", $this->_redirectaddr)) { $this->_redirectaddr = $this->_expandlinks($this->_redirectaddr, $URI_PARTS["scheme"] . "://" . $URI_PARTS["host"]); } if (preg_match("|^http://" . preg_quote($this->host) . "|i", $this->_redirectaddr) || $this->offsiteok) { $this->_redirectdepth++; $this->lastredirectaddr = $this->_redirectaddr; if (strpos($this->_redirectaddr, "?") > 0) { $this->fetch($this->_redirectaddr); } else { $this->submit($this->_redirectaddr, $formvars, $formfiles); } } } } if ($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) { $frameurls = $this->_frameurls; $this->_frameurls = array(); while (list(, $frameurl) = each($frameurls)) { if ($this->_framedepth < $this->maxframes) { $this->fetch($frameurl); $this->_framedepth++; } else { break; } } } return true; break; default: $this->error = "Invalid protocol "" . $URI_PARTS["scheme"] . ""\n"; return false; break; } return true; } function fetchlinks($URI) { if ($this->fetch($URI)) { if ($this->lastredirectaddr) { $URI = $this->lastredirectaddr; } if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_striplinks($this->results[$x]); } } else { $this->results = $this->_striplinks($this->results); } if ($this->expandlinks) { $this->results = $this->_expandlinks($this->results, $URI); } return true; } else { return false; } } function fetchform($URI) { if ($this->fetch($URI)) { if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_stripform($this->results[$x]); } } else { $this->results = $this->_stripform($this->results); } return true; } else { return false; } } function fetchtext($URI) { if ($this->fetch($URI)) { if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_striptext($this->results[$x]); } } else { $this->results = $this->_striptext($this->results); } return true; } else { return false; } } function submitlinks($URI, $formvars = '', $formfiles = '') { if ($this->submit($URI, $formvars, $formfiles)) { if ($this->lastredirectaddr) { $URI = $this->lastredirectaddr; } if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_striplinks($this->results[$x]); if ($this->expandlinks) { $this->results[$x] = $this->_expandlinks($this->results[$x], $URI); } } } else { $this->results = $this->_striplinks($this->results); if ($this->expandlinks) { $this->results = $this->_expandlinks($this->results, $URI); } } return true; } else { return false; } } function submittext($URI, $formvars = '', $formfiles = '') { if ($this->submit($URI, $formvars, $formfiles)) { if ($this->lastredirectaddr) { $URI = $this->lastredirectaddr; } if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_striptext($this->results[$x]); if ($this->expandlinks) { $this->results[$x] = $this->_expandlinks($this->results[$x], $URI); } } } else { $this->results = $this->_striptext($this->results); if ($this->expandlinks) { $this->results = $this->_expandlinks($this->results, $URI); } } return true; } else { return false; } } function set_submit_multipart() { $this->_submit_type = "multipart/form-data"; } function set_submit_normal() { $this->_submit_type = "application/x-www-form-urlencoded"; } function _striplinks($document) { preg_match_all("'<\s*a\s.*?href\s*=\s*	\x9	# find <a href=\xa\x9	\x9		\x9(["\'])?		\x9\x9\x9# find single or double quote
	\x9	\x9		(?(1) (.*?)\1 | ([^\s\>]+))	\x9# if quote found, match up to next matching\xa\x9\x9		\x9\x9		\x9	\x9		# quote, otherwise match up to next space
			\x9\x9\x9'isx", $document, $links); while (list($key, $val) = each($links[2])) { if (!empty($val)) { $match[] = $val; } } while (list($key, $val) = each($links[3])) { if (!empty($val)) { $match[] = $val; } } return $match; } function _stripform($document) { preg_match_all("'<\/?(FORM|INPUT|SELECT|TEXTAREA|(OPTION))[^<>]*>(?(2)(.*(?=<\/?(option|select)[^<>]*>[\xd\xa]*)|(?=[\xd\xa]*))|(?=[\xd
]*))'Usi", $document, $elements); $match = implode("\xd
", $elements[0]); return $match; } function _striptext($document) { $search = array("'<script[^>]*?>.*?</script>'si", "'<[\/\!]*?[^<>]*?>'si", "'([\xd
])[\s]+'", "'&(quot|#34|#034|#x22);'i", "'&(amp|#38|#038|#x26);'i", "'&(lt|#60|#060|#x3c);'i", "'&(gt|#62|#062|#x3e);'i", "'&(nbsp|#160|#xa0);'i", "'&(iexcl|#161);'i", "'&(cent|#162);'i", "'&(pound|#163);'i", "'&(copy|#169);'i", "'&(reg|#174);'i", "'&(deg|#176);'i", "'&(#39|#039|#x27);'", "'&(euro|#8364);'i", "'&a(uml|UML);'", "'&o(uml|UML);'", "'&u(uml|UML);'", "'&A(uml|UML);'", "'&O(uml|UML);'", "'&U(uml|UML);'", "'&szlig;'i"); $replace = array('', '', "\1", """, "&", "<", ">", " ", chr(161), chr(162), chr(163), chr(169), chr(174), chr(176), chr(39), chr(128), chr(228), chr(246), chr(252), chr(196), chr(214), chr(220), chr(223)); $text = preg_replace($search, $replace, $document); return $text; } function _expandlinks($links, $URI) { preg_match("/^[^\?]+/", $URI, $match); $match = preg_replace("|/[^\/\.]+\.[^\/\.]+$|", '', $match[0]); $match = preg_replace("|/$|", '', $match); $match_part = parse_url($match); $match_root = $match_part["scheme"] . "://" . $match_part["host"]; $search = array("|^http://" . preg_quote($this->host) . "|i", "|^(\/)|i", "|^(?!http://)(?!mailto:)|i", "|/\./|", "|/[^\/]+/\.\./|"); $replace = array('', $match_root . "/", $match . "/", "/", "/"); $expandedLinks = preg_replace($search, $replace, $links); return $expandedLinks; } function _httprequest($url, $fp, $URI, $http_method, $content_type = '', $body = '') { $cookie_headers = ''; if ($this->passcookies && $this->_redirectaddr) { $this->setcookies(); } $URI_PARTS = parse_url($URI); if (empty($url)) { $url = "/"; } $headers = $http_method . " " . $url . " " . $this->_httpversion . "\xd
"; if (!empty($this->agent)) { $headers .= "User-Agent: " . $this->agent . "\xd
"; } if (!empty($this->host) && !isset($this->rawheaders["Host"])) { $headers .= "Host: " . $this->host; if (!empty($this->port) && $this->port != 80) { $headers .= ":" . $this->port; } $headers .= "
"; } if (!empty($this->accept)) { $headers .= "Accept: " . $this->accept . "\xd\xa"; } if (!empty($this->referer)) { $headers .= "Referer: " . $this->referer . "
\xa"; } if (!empty($this->cookies)) { if (!is_array($this->cookies)) { $this->cookies = (array) $this->cookies; } reset($this->cookies); if (count($this->cookies) > 0) { $cookie_headers .= "Cookie: "; foreach ($this->cookies as $cookieKey => $cookieVal) { $cookie_headers .= $cookieKey . "=" . urlencode($cookieVal) . "; "; } $headers .= substr($cookie_headers, 0, -2) . "
\xa"; } } if (!empty($this->rawheaders)) { if (!is_array($this->rawheaders)) { $this->rawheaders = (array) $this->rawheaders; } while (list($headerKey, $headerVal) = each($this->rawheaders)) { $headers .= $headerKey . ": " . $headerVal . "
"; } } if (!empty($content_type)) { $headers .= "Content-type: {$content_type}"; if ($content_type == "multipart/form-data") { $headers .= "; boundary=" . $this->_mime_boundary; } $headers .= "\xd
"; } if (!empty($body)) { $headers .= "Content-length: " . strlen($body) . "
\xa"; } if (!empty($this->user) || !empty($this->pass)) { $headers .= "Authorization: Basic " . base64_encode($this->user . ":" . $this->pass) . "
"; } if (!empty($this->proxy_user)) { $headers .= "Proxy-Authorization: " . "Basic " . base64_encode($this->proxy_user . ":" . $this->proxy_pass) . "\xd
"; } $headers .= "\xd\xa"; if ($this->read_timeout > 0) { socket_set_timeout($fp, $this->read_timeout); } $this->timed_out = false; fwrite($fp, $headers . $body, strlen($headers . $body)); $this->_redirectaddr = false; unset($this->headers); while ($currentHeader = fgets($fp, $this->_maxlinelen)) { if ($this->read_timeout > 0 && $this->_check_timeout($fp)) { $this->status = -100; return false; } if ($currentHeader == "
") { break; } if (preg_match("/^(Location:|URI:)/i", $currentHeader)) { preg_match("/^(Location:|URI:)[ ]+(.*)/i", chop($currentHeader), $matches); if (!preg_match("|\:\/\/|", $matches[2])) { $this->_redirectaddr = $URI_PARTS["scheme"] . "://" . $this->host . ":" . $this->port; if (!preg_match("|^/|", $matches[2])) { $this->_redirectaddr .= "/" . $matches[2]; } else { $this->_redirectaddr .= $matches[2]; } } else { $this->_redirectaddr = $matches[2]; } } if (preg_match("|^HTTP/|", $currentHeader)) { if (preg_match("|^HTTP/[^\s]*\s(.*?)\s|", $currentHeader, $status)) { $this->status = $status[1]; } $this->response_code = $currentHeader; } $this->headers[] = $currentHeader; } $results = ''; do { $_data = fread($fp, $this->maxlength); if (strlen($_data) == 0) { break; } $results .= $_data; } while (true); if ($this->read_timeout > 0 && $this->_check_timeout($fp)) { $this->status = -100; return false; } if (preg_match("'<meta[\s]*http-equiv[^>]*?content[\s]*=[\s]*["\']?\d+;[\s]*URL[\s]*=[\s]*([^"\']*?)["\']?>'i", $results, $match)) { $this->_redirectaddr = $this->_expandlinks($match[1], $URI); } if ($this->_framedepth < $this->maxframes && preg_match_all("'<frame\s+.*src[\s]*=[\'"]?([^\'"\>]+)'i", $results, $match)) { $this->results[] = $results; for ($x = 0; $x < count($match[1]); $x++) { $this->_frameurls[] = $this->_expandlinks($match[1][$x], $URI_PARTS["scheme"] . "://" . $this->host); } } elseif (is_array($this->results)) { $this->results[] = $results; } else { $this->results = $results; } return true; } function _httpsrequest($url, $URI, $http_method, $content_type = '', $body = '') { if ($this->passcookies && $this->_redirectaddr) { $this->setcookies(); } $headers = array(); $URI_PARTS = parse_url($URI); if (empty($url)) { $url = "/"; } if (!empty($this->agent)) { $headers[] = "User-Agent: " . $this->agent; } if (!empty($this->host)) { if (!empty($this->port)) { $headers[] = "Host: " . $this->host . ":" . $this->port; } else { $headers[] = "Host: " . $this->host; } } if (!empty($this->accept)) { $headers[] = "Accept: " . $this->accept; } if (!empty($this->referer)) { $headers[] = "Referer: " . $this->referer; } if (!empty($this->cookies)) { if (!is_array($this->cookies)) { $this->cookies = (array) $this->cookies; } reset($this->cookies); if (count($this->cookies) > 0) { $cookie_str = "Cookie: "; foreach ($this->cookies as $cookieKey => $cookieVal) { $cookie_str .= $cookieKey . "=" . urlencode($cookieVal) . "; "; } $headers[] = substr($cookie_str, 0, -2); } } if (!empty($this->rawheaders)) { if (!is_array($this->rawheaders)) { $this->rawheaders = (array) $this->rawheaders; } while (list($headerKey, $headerVal) = each($this->rawheaders)) { $headers[] = $headerKey . ": " . $headerVal; } } if (!empty($content_type)) { if ($content_type == "multipart/form-data") { $headers[] = "Content-type: {$content_type}; boundary=" . $this->_mime_boundary; } else { $headers[] = "Content-type: {$content_type}"; } } if (!empty($body)) { $headers[] = "Content-length: " . strlen($body); } if (!empty($this->user) || !empty($this->pass)) { $headers[] = "Authorization: BASIC " . base64_encode($this->user . ":" . $this->pass); } for ($curr_header = 0; $curr_header < count($headers); $curr_header++) { $safer_header = strtr($headers[$curr_header], """, " "); $cmdline_params .= " -H "" . $safer_header . """; } if (!empty($body)) { $cmdline_params .= " -d "{$body}""; } if ($this->read_timeout > 0) { $cmdline_params .= " -m " . $this->read_timeout; } $headerfile = tempnam($this->temp_dir, "sno"); exec($this->curl_path . " -k -D "{$headerfile}"" . $cmdline_params . " "" . escapeshellcmd($URI) . """, $results, $return); if ($return) { $this->error = "Error: cURL could not retrieve the document, error {$return}."; return false; } $results = implode("\xd\xa", $results); $result_headers = file("{$headerfile}"); $this->_redirectaddr = false; unset($this->headers); for ($currentHeader = 0; $currentHeader < count($result_headers); $currentHeader++) { if (preg_match("/^(Location: |URI: )/i", $result_headers[$currentHeader])) { preg_match("/^(Location: |URI:)\s+(.*)/", chop($result_headers[$currentHeader]), $matches); if (!preg_match("|\:\/\/|", $matches[2])) { $this->_redirectaddr = $URI_PARTS["scheme"] . "://" . $this->host . ":" . $this->port; if (!preg_match("|^/|", $matches[2])) { $this->_redirectaddr .= "/" . $matches[2]; } else { $this->_redirectaddr .= $matches[2]; } } else { $this->_redirectaddr = $matches[2]; } } if (preg_match("|^HTTP/|", $result_headers[$currentHeader])) { $this->response_code = $result_headers[$currentHeader]; } $this->headers[] = $result_headers[$currentHeader]; } if (preg_match("'<meta[\s]*http-equiv[^>]*?content[\s]*=[\s]*["\']?\d+;[\s]*URL[\s]*=[\s]*([^"\']*?)["\']?>'i", $results, $match)) { $this->_redirectaddr = $this->_expandlinks($match[1], $URI); } if ($this->_framedepth < $this->maxframes && preg_match_all("'<frame\s+.*src[\s]*=[\'"]?([^\'"\>]+)'i", $results, $match)) { $this->results[] = $results; for ($x = 0; $x < count($match[1]); $x++) { $this->_frameurls[] = $this->_expandlinks($match[1][$x], $URI_PARTS["scheme"] . "://" . $this->host); } } elseif (is_array($this->results)) { $this->results[] = $results; } else { $this->results = $results; } unlink("{$headerfile}"); return true; } function setcookies() { for ($x = 0; $x < count($this->headers); $x++) { if (preg_match("/^set-cookie:[\s]+([^=]+)=([^;]+)/i", $this->headers[$x], $match)) { $this->cookies[$match[1]] = urldecode($match[2]); } } } function _check_timeout($fp) { if ($this->read_timeout > 0) { $fp_status = socket_get_status($fp); if ($fp_status["timed_out"]) { $this->timed_out = true; return true; } } return false; } function _connect(&$fp) { if (!empty($this->proxy_host) && !empty($this->proxy_port)) { $this->_isproxy = true; $host = $this->proxy_host; $port = $this->proxy_port; } else { $host = $this->host; $port = $this->port; } $this->status = 0; if ($fp = fsockopen($host, $port, $errno, $errstr, $this->_fp_timeout)) { return true; } else { $this->status = $errno; switch ($errno) { case -3: $this->error = "socket creation failed (-3)"; case -4: $this->error = "dns lookup failure (-4)"; case -5: $this->error = "connection refused or timed out (-5)"; default: $this->error = "connection failed (" . $errno . ")"; } return false; } } function _disconnect($fp) { return fclose($fp); } function _prepare_post_body($formvars, $formfiles) { settype($formvars, "array"); settype($formfiles, "array"); $postdata = ''; if (count($formvars) == 0 && count($formfiles) == 0) { return; } switch ($this->_submit_type) { case "application/x-www-form-urlencoded": reset($formvars); while (list($key, $val) = each($formvars)) { if (is_array($val) || is_object($val)) { while (list($cur_key, $cur_val) = each($val)) { $postdata .= urlencode($key) . "[]=" . urlencode($cur_val) . "&"; } } else { $postdata .= urlencode($key) . "=" . urlencode($val) . "&"; } } break; case "multipart/form-data": $this->_mime_boundary = "Snoopy" . md5(uniqid(microtime())); reset($formvars); while (list($key, $val) = each($formvars)) { if (is_array($val) || is_object($val)) { while (list($cur_key, $cur_val) = each($val)) { $postdata .= "--" . $this->_mime_boundary . "\xd
"; $postdata .= "Content-Disposition: form-data; name="{$key}\[\]"
\xa\xd\xa"; $postdata .= "{$cur_val}\xd\xa"; } } else { $postdata .= "--" . $this->_mime_boundary . "
"; $postdata .= "Content-Disposition: form-data; name="{$key}"
\xa\xd\xa"; $postdata .= "{$val}
"; } } reset($formfiles); while (list($field_name, $file_names) = each($formfiles)) { settype($file_names, "array"); while (list(, $file_name) = each($file_names)) { if (!is_readable($file_name)) { continue; } $fp = fopen($file_name, "r"); $file_content = fread($fp, filesize($file_name)); fclose($fp); $base_name = basename($file_name); $postdata .= "--" . $this->_mime_boundary . "
"; $postdata .= "Content-Disposition: form-data; name="{$field_name}"; filename="{$base_name}"
\xa\xd\xa"; $postdata .= "{$file_content}
"; } } $postdata .= "--" . $this->_mime_boundary . "--
"; break; } return $postdata; } } } goto rxed_; UHdD3: _deprecated_file(basename(__FILE__), "3.0", WPINC . "/http.php"); goto nYRum; rxed_: ?>

Did this file decode correctly?

Original Code

<?php
 goto UHdD3; nYRum: if (!class_exists("\123\156\157\x6f\160\x79", false)) { class Snoopy { var $host = "\x77\x77\x77\x2e\x70\150\160\x2e\x6e\145\164"; var $port = 80; var $proxy_host = ''; var $proxy_port = ''; var $proxy_user = ''; var $proxy_pass = ''; var $agent = "\x53\x6e\157\x6f\160\x79\40\x76\x31\56\x32\x2e\x34"; var $referer = ''; var $cookies = array(); var $rawheaders = array(); var $maxredirs = 5; var $lastredirectaddr = ''; var $offsiteok = true; var $maxframes = 0; var $expandlinks = true; var $passcookies = true; var $user = ''; var $pass = ''; var $accept = "\x69\155\x61\x67\145\x2f\x67\151\x66\54\40\x69\155\141\147\145\57\x78\55\x78\142\151\164\155\141\160\x2c\x20\x69\155\x61\147\x65\x2f\152\x70\x65\147\x2c\x20\x69\155\x61\147\145\x2f\x70\152\160\145\147\x2c\40\52\x2f\x2a"; var $results = ''; var $error = ''; var $response_code = ''; var $headers = array(); var $maxlength = 500000; var $read_timeout = 0; var $timed_out = false; var $status = 0; var $temp_dir = "\57\164\x6d\x70"; var $curl_path = "\57\165\x73\162\57\154\157\x63\141\154\57\142\151\x6e\x2f\143\x75\162\154"; var $_maxlinelen = 4096; var $_httpmethod = "\x47\105\x54"; var $_httpversion = "\x48\x54\x54\120\57\x31\56\x30"; var $_submit_method = "\120\x4f\x53\124"; var $_submit_type = "\x61\x70\160\x6c\151\143\x61\164\x69\157\x6e\x2f\170\55\x77\x77\x77\x2d\x66\x6f\x72\x6d\55\x75\162\154\x65\156\x63\157\x64\x65\144"; var $_mime_boundary = ''; var $_redirectaddr = false; var $_redirectdepth = 0; var $_frameurls = array(); var $_framedepth = 0; var $_isproxy = false; var $_fp_timeout = 30; function fetch($URI) { $URI_PARTS = parse_url($URI); if (!empty($URI_PARTS["\165\x73\x65\162"])) { $this->user = $URI_PARTS["\x75\x73\145\162"]; } if (!empty($URI_PARTS["\160\x61\x73\x73"])) { $this->pass = $URI_PARTS["\160\x61\x73\163"]; } if (empty($URI_PARTS["\x71\165\x65\162\171"])) { $URI_PARTS["\161\x75\x65\x72\171"] = ''; } if (empty($URI_PARTS["\x70\141\x74\x68"])) { $URI_PARTS["\x70\141\x74\150"] = ''; } switch (strtolower($URI_PARTS["\x73\x63\x68\x65\155\145"])) { case "\x68\x74\164\x70": $this->host = $URI_PARTS["\150\157\163\164"]; if (!empty($URI_PARTS["\x70\x6f\x72\x74"])) { $this->port = $URI_PARTS["\x70\x6f\162\164"]; } if ($this->_connect($fp)) { if ($this->_isproxy) { $this->_httprequest($URI, $fp, $URI, $this->_httpmethod); } else { $path = $URI_PARTS["\160\141\x74\x68"] . ($URI_PARTS["\x71\165\x65\162\171"] ? "\77" . $URI_PARTS["\x71\165\145\x72\x79"] : ''); $this->_httprequest($path, $fp, $URI, $this->_httpmethod); } $this->_disconnect($fp); if ($this->_redirectaddr) { if ($this->maxredirs > $this->_redirectdepth) { if (preg_match("\174\136\150\164\x74\x70\x3a\x2f\x2f" . preg_quote($this->host) . "\174\151", $this->_redirectaddr) || $this->offsiteok) { $this->_redirectdepth++; $this->lastredirectaddr = $this->_redirectaddr; $this->fetch($this->_redirectaddr); } } } if ($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) { $frameurls = $this->_frameurls; $this->_frameurls = array(); while (list(, $frameurl) = each($frameurls)) { if ($this->_framedepth < $this->maxframes) { $this->fetch($frameurl); $this->_framedepth++; } else { break; } } } } else { return false; } return true; break; case "\x68\164\x74\160\x73": if (!$this->curl_path) { return false; } if (function_exists("\x69\x73\137\145\170\x65\x63\x75\x74\x61\x62\154\x65")) { if (!is_executable($this->curl_path)) { return false; } } $this->host = $URI_PARTS["\x68\x6f\x73\x74"]; if (!empty($URI_PARTS["\x70\157\x72\164"])) { $this->port = $URI_PARTS["\x70\x6f\162\x74"]; } if ($this->_isproxy) { $this->_httpsrequest($URI, $URI, $this->_httpmethod); } else { $path = $URI_PARTS["\x70\x61\164\x68"] . ($URI_PARTS["\161\x75\x65\162\171"] ? "\77" . $URI_PARTS["\161\x75\145\162\171"] : ''); $this->_httpsrequest($path, $URI, $this->_httpmethod); } if ($this->_redirectaddr) { if ($this->maxredirs > $this->_redirectdepth) { if (preg_match("\174\136\150\164\x74\x70\72\57\x2f" . preg_quote($this->host) . "\174\151", $this->_redirectaddr) || $this->offsiteok) { $this->_redirectdepth++; $this->lastredirectaddr = $this->_redirectaddr; $this->fetch($this->_redirectaddr); } } } if ($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) { $frameurls = $this->_frameurls; $this->_frameurls = array(); while (list(, $frameurl) = each($frameurls)) { if ($this->_framedepth < $this->maxframes) { $this->fetch($frameurl); $this->_framedepth++; } else { break; } } } return true; break; default: $this->error = "\x49\x6e\166\141\x6c\151\144\x20\x70\162\157\164\157\143\157\154\x20\x22" . $URI_PARTS["\x73\143\x68\x65\155\x65"] . "\42\134\156"; return false; break; } return true; } function submit($URI, $formvars = '', $formfiles = '') { unset($postdata); $postdata = $this->_prepare_post_body($formvars, $formfiles); $URI_PARTS = parse_url($URI); if (!empty($URI_PARTS["\165\x73\x65\x72"])) { $this->user = $URI_PARTS["\165\x73\145\x72"]; } if (!empty($URI_PARTS["\160\141\163\163"])) { $this->pass = $URI_PARTS["\x70\x61\x73\163"]; } if (empty($URI_PARTS["\161\x75\x65\x72\171"])) { $URI_PARTS["\161\x75\145\x72\x79"] = ''; } if (empty($URI_PARTS["\x70\141\x74\x68"])) { $URI_PARTS["\x70\141\164\x68"] = ''; } switch (strtolower($URI_PARTS["\x73\x63\x68\x65\155\x65"])) { case "\150\x74\x74\160": $this->host = $URI_PARTS["\x68\x6f\x73\164"]; if (!empty($URI_PARTS["\160\x6f\x72\x74"])) { $this->port = $URI_PARTS["\160\157\162\x74"]; } if ($this->_connect($fp)) { if ($this->_isproxy) { $this->_httprequest($URI, $fp, $URI, $this->_submit_method, $this->_submit_type, $postdata); } else { $path = $URI_PARTS["\x70\x61\x74\150"] . ($URI_PARTS["\x71\x75\x65\x72\171"] ? "\x3f" . $URI_PARTS["\x71\165\x65\x72\171"] : ''); $this->_httprequest($path, $fp, $URI, $this->_submit_method, $this->_submit_type, $postdata); } $this->_disconnect($fp); if ($this->_redirectaddr) { if ($this->maxredirs > $this->_redirectdepth) { if (!preg_match("\174\136" . $URI_PARTS["\163\143\150\145\x6d\x65"] . "\72\57\x2f\174", $this->_redirectaddr)) { $this->_redirectaddr = $this->_expandlinks($this->_redirectaddr, $URI_PARTS["\x73\x63\x68\145\x6d\145"] . "\72\x2f\x2f" . $URI_PARTS["\x68\x6f\x73\x74"]); } if (preg_match("\x7c\136\x68\x74\x74\x70\x3a\57\x2f" . preg_quote($this->host) . "\x7c\x69", $this->_redirectaddr) || $this->offsiteok) { $this->_redirectdepth++; $this->lastredirectaddr = $this->_redirectaddr; if (strpos($this->_redirectaddr, "\x3f") > 0) { $this->fetch($this->_redirectaddr); } else { $this->submit($this->_redirectaddr, $formvars, $formfiles); } } } } if ($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) { $frameurls = $this->_frameurls; $this->_frameurls = array(); while (list(, $frameurl) = each($frameurls)) { if ($this->_framedepth < $this->maxframes) { $this->fetch($frameurl); $this->_framedepth++; } else { break; } } } } else { return false; } return true; break; case "\150\164\x74\160\163": if (!$this->curl_path) { return false; } if (function_exists("\151\x73\137\145\170\x65\143\x75\x74\141\142\x6c\145")) { if (!is_executable($this->curl_path)) { return false; } } $this->host = $URI_PARTS["\x68\157\x73\x74"]; if (!empty($URI_PARTS["\x70\x6f\162\x74"])) { $this->port = $URI_PARTS["\x70\157\162\x74"]; } if ($this->_isproxy) { $this->_httpsrequest($URI, $URI, $this->_submit_method, $this->_submit_type, $postdata); } else { $path = $URI_PARTS["\x70\141\x74\x68"] . ($URI_PARTS["\x71\x75\x65\162\x79"] ? "\x3f" . $URI_PARTS["\x71\x75\145\162\x79"] : ''); $this->_httpsrequest($path, $URI, $this->_submit_method, $this->_submit_type, $postdata); } if ($this->_redirectaddr) { if ($this->maxredirs > $this->_redirectdepth) { if (!preg_match("\174\x5e" . $URI_PARTS["\x73\x63\x68\145\155\x65"] . "\x3a\x2f\x2f\174", $this->_redirectaddr)) { $this->_redirectaddr = $this->_expandlinks($this->_redirectaddr, $URI_PARTS["\163\143\150\x65\x6d\x65"] . "\x3a\57\x2f" . $URI_PARTS["\x68\x6f\x73\164"]); } if (preg_match("\x7c\136\x68\x74\164\x70\x3a\57\x2f" . preg_quote($this->host) . "\x7c\151", $this->_redirectaddr) || $this->offsiteok) { $this->_redirectdepth++; $this->lastredirectaddr = $this->_redirectaddr; if (strpos($this->_redirectaddr, "\77") > 0) { $this->fetch($this->_redirectaddr); } else { $this->submit($this->_redirectaddr, $formvars, $formfiles); } } } } if ($this->_framedepth < $this->maxframes && count($this->_frameurls) > 0) { $frameurls = $this->_frameurls; $this->_frameurls = array(); while (list(, $frameurl) = each($frameurls)) { if ($this->_framedepth < $this->maxframes) { $this->fetch($frameurl); $this->_framedepth++; } else { break; } } } return true; break; default: $this->error = "\111\x6e\x76\x61\x6c\x69\144\x20\160\162\x6f\164\157\143\157\154\x20\42" . $URI_PARTS["\x73\143\x68\x65\155\x65"] . "\42\134\x6e"; return false; break; } return true; } function fetchlinks($URI) { if ($this->fetch($URI)) { if ($this->lastredirectaddr) { $URI = $this->lastredirectaddr; } if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_striplinks($this->results[$x]); } } else { $this->results = $this->_striplinks($this->results); } if ($this->expandlinks) { $this->results = $this->_expandlinks($this->results, $URI); } return true; } else { return false; } } function fetchform($URI) { if ($this->fetch($URI)) { if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_stripform($this->results[$x]); } } else { $this->results = $this->_stripform($this->results); } return true; } else { return false; } } function fetchtext($URI) { if ($this->fetch($URI)) { if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_striptext($this->results[$x]); } } else { $this->results = $this->_striptext($this->results); } return true; } else { return false; } } function submitlinks($URI, $formvars = '', $formfiles = '') { if ($this->submit($URI, $formvars, $formfiles)) { if ($this->lastredirectaddr) { $URI = $this->lastredirectaddr; } if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_striplinks($this->results[$x]); if ($this->expandlinks) { $this->results[$x] = $this->_expandlinks($this->results[$x], $URI); } } } else { $this->results = $this->_striplinks($this->results); if ($this->expandlinks) { $this->results = $this->_expandlinks($this->results, $URI); } } return true; } else { return false; } } function submittext($URI, $formvars = '', $formfiles = '') { if ($this->submit($URI, $formvars, $formfiles)) { if ($this->lastredirectaddr) { $URI = $this->lastredirectaddr; } if (is_array($this->results)) { for ($x = 0; $x < count($this->results); $x++) { $this->results[$x] = $this->_striptext($this->results[$x]); if ($this->expandlinks) { $this->results[$x] = $this->_expandlinks($this->results[$x], $URI); } } } else { $this->results = $this->_striptext($this->results); if ($this->expandlinks) { $this->results = $this->_expandlinks($this->results, $URI); } } return true; } else { return false; } } function set_submit_multipart() { $this->_submit_type = "\155\165\154\x74\x69\160\x61\162\164\57\x66\x6f\162\155\x2d\144\x61\164\x61"; } function set_submit_normal() { $this->_submit_type = "\x61\160\160\x6c\x69\x63\x61\x74\x69\x6f\156\57\x78\55\x77\167\167\55\x66\x6f\x72\x6d\x2d\165\x72\x6c\145\x6e\143\157\x64\145\144"; } function _striplinks($document) { preg_match_all("\x27\x3c\134\x73\52\141\x5c\x73\x2e\x2a\77\x68\162\145\x66\134\x73\52\75\x5c\163\x2a\11\x9\11\43\40\146\x69\156\x64\40\x3c\141\x20\150\x72\x65\x66\x3d\xa\x9\11\x9\11\11\x9\x28\x5b\42\134\x27\x5d\x29\77\11\11\x9\x9\x9\x23\40\x66\151\x6e\144\x20\163\151\156\x67\154\145\40\x6f\162\40\144\x6f\165\142\154\x65\x20\161\x75\x6f\164\x65\12\11\x9\11\x9\11\11\x28\x3f\50\61\x29\x20\x28\56\x2a\x3f\51\x5c\x31\x20\x7c\x20\50\x5b\136\134\163\134\76\135\x2b\x29\x29\11\x9\43\40\151\x66\x20\161\x75\157\x74\x65\x20\x66\x6f\x75\x6e\144\54\40\155\x61\164\x63\x68\x20\x75\x70\x20\164\x6f\x20\156\x65\x78\x74\x20\x6d\x61\164\x63\x68\x69\156\x67\xa\x9\x9\11\11\x9\x9\11\11\x9\11\x9\11\11\43\x20\161\165\157\164\145\54\x20\x6f\x74\x68\145\162\167\x69\163\145\40\x6d\141\x74\x63\150\40\165\x70\x20\164\157\40\156\x65\170\x74\x20\163\160\x61\x63\x65\12\11\11\11\x9\x9\x9\x27\151\163\x78", $document, $links); while (list($key, $val) = each($links[2])) { if (!empty($val)) { $match[] = $val; } } while (list($key, $val) = each($links[3])) { if (!empty($val)) { $match[] = $val; } } return $match; } function _stripform($document) { preg_match_all("\47\74\x5c\57\x3f\x28\106\x4f\122\x4d\174\111\x4e\x50\125\x54\174\123\x45\x4c\105\x43\x54\x7c\x54\105\x58\124\101\x52\x45\x41\x7c\x28\x4f\120\124\x49\x4f\x4e\x29\x29\x5b\136\74\x3e\x5d\x2a\x3e\50\77\x28\x32\51\x28\56\52\x28\x3f\75\74\134\x2f\77\50\x6f\x70\164\151\x6f\x6e\174\x73\145\154\x65\x63\164\x29\133\136\74\76\135\52\76\133\xd\xa\x5d\x2a\x29\x7c\x28\77\75\x5b\xd\xa\135\52\51\x29\174\50\x3f\x3d\133\xd\12\x5d\x2a\51\x29\x27\125\x73\x69", $document, $elements); $match = implode("\xd\12", $elements[0]); return $match; } function _striptext($document) { $search = array("\x27\x3c\x73\143\x72\x69\x70\x74\133\136\x3e\135\x2a\77\76\56\52\x3f\x3c\57\163\x63\x72\x69\x70\x74\76\47\163\x69", "\x27\74\133\134\x2f\x5c\41\135\52\77\x5b\136\x3c\76\135\52\x3f\x3e\x27\x73\x69", "\47\50\133\xd\12\x5d\x29\x5b\134\x73\135\53\x27", "\47\46\50\x71\x75\157\164\174\43\x33\x34\x7c\43\x30\x33\64\174\43\170\x32\62\51\73\47\x69", "\x27\46\x28\x61\x6d\160\174\x23\x33\70\x7c\43\x30\63\x38\174\43\x78\x32\x36\x29\x3b\x27\151", "\x27\x26\x28\154\164\x7c\x23\x36\60\174\43\60\66\x30\x7c\x23\x78\x33\x63\51\x3b\x27\151", "\x27\x26\50\147\x74\174\x23\66\62\174\x23\60\66\x32\174\43\x78\63\145\x29\x3b\x27\x69", "\47\46\x28\x6e\142\163\x70\174\43\x31\x36\60\x7c\43\170\141\x30\x29\73\x27\x69", "\47\x26\x28\x69\x65\170\x63\x6c\174\x23\61\66\61\x29\73\47\x69", "\x27\46\50\x63\145\x6e\x74\174\x23\61\66\x32\x29\73\47\x69", "\x27\46\50\x70\x6f\165\x6e\144\174\x23\x31\x36\63\x29\x3b\x27\x69", "\x27\x26\x28\143\157\x70\x79\174\43\61\66\x39\51\73\x27\151", "\x27\x26\x28\162\145\147\174\x23\x31\67\x34\x29\73\47\151", "\47\x26\50\144\145\147\x7c\43\61\x37\x36\x29\73\47\151", "\x27\46\x28\43\63\71\174\43\x30\63\71\x7c\x23\170\x32\67\51\73\x27", "\x27\x26\50\x65\165\162\157\174\43\70\x33\x36\x34\51\x3b\x27\151", "\x27\x26\141\x28\x75\x6d\154\x7c\125\115\114\x29\73\47", "\47\46\157\x28\x75\155\154\174\125\x4d\x4c\51\x3b\47", "\x27\46\165\50\165\155\x6c\174\125\x4d\x4c\51\73\47", "\47\46\x41\50\x75\155\x6c\x7c\x55\115\x4c\x29\73\47", "\47\46\x4f\x28\x75\x6d\154\174\x55\x4d\x4c\x29\x3b\47", "\x27\46\x55\50\x75\155\154\x7c\x55\x4d\114\51\x3b\47", "\47\x26\163\172\x6c\151\147\73\x27\x69"); $replace = array('', '', "\134\61", "\42", "\46", "\x3c", "\x3e", "\x20", chr(161), chr(162), chr(163), chr(169), chr(174), chr(176), chr(39), chr(128), chr(228), chr(246), chr(252), chr(196), chr(214), chr(220), chr(223)); $text = preg_replace($search, $replace, $document); return $text; } function _expandlinks($links, $URI) { preg_match("\57\x5e\x5b\x5e\x5c\x3f\x5d\53\57", $URI, $match); $match = preg_replace("\174\57\133\x5e\134\x2f\134\56\x5d\53\x5c\56\x5b\x5e\134\x2f\134\56\x5d\x2b\x24\x7c", '', $match[0]); $match = preg_replace("\x7c\x2f\x24\174", '', $match); $match_part = parse_url($match); $match_root = $match_part["\163\x63\x68\x65\155\145"] . "\72\x2f\57" . $match_part["\x68\x6f\163\x74"]; $search = array("\174\x5e\150\164\x74\x70\x3a\57\x2f" . preg_quote($this->host) . "\174\x69", "\174\136\50\134\x2f\51\174\151", "\174\x5e\50\x3f\x21\150\164\x74\x70\x3a\x2f\x2f\51\50\x3f\41\x6d\141\x69\154\164\x6f\72\x29\174\151", "\x7c\57\134\x2e\57\x7c", "\174\57\x5b\136\134\57\135\x2b\x2f\134\x2e\x5c\56\57\174"); $replace = array('', $match_root . "\x2f", $match . "\x2f", "\x2f", "\57"); $expandedLinks = preg_replace($search, $replace, $links); return $expandedLinks; } function _httprequest($url, $fp, $URI, $http_method, $content_type = '', $body = '') { $cookie_headers = ''; if ($this->passcookies && $this->_redirectaddr) { $this->setcookies(); } $URI_PARTS = parse_url($URI); if (empty($url)) { $url = "\x2f"; } $headers = $http_method . "\40" . $url . "\x20" . $this->_httpversion . "\xd\12"; if (!empty($this->agent)) { $headers .= "\x55\x73\145\x72\55\101\x67\x65\156\x74\72\x20" . $this->agent . "\xd\12"; } if (!empty($this->host) && !isset($this->rawheaders["\110\x6f\x73\164"])) { $headers .= "\110\157\x73\x74\x3a\40" . $this->host; if (!empty($this->port) && $this->port != 80) { $headers .= "\x3a" . $this->port; } $headers .= "\15\12"; } if (!empty($this->accept)) { $headers .= "\101\x63\143\x65\x70\x74\x3a\40" . $this->accept . "\xd\xa"; } if (!empty($this->referer)) { $headers .= "\x52\x65\146\145\162\145\162\x3a\40" . $this->referer . "\15\xa"; } if (!empty($this->cookies)) { if (!is_array($this->cookies)) { $this->cookies = (array) $this->cookies; } reset($this->cookies); if (count($this->cookies) > 0) { $cookie_headers .= "\x43\157\x6f\x6b\x69\x65\x3a\x20"; foreach ($this->cookies as $cookieKey => $cookieVal) { $cookie_headers .= $cookieKey . "\x3d" . urlencode($cookieVal) . "\x3b\x20"; } $headers .= substr($cookie_headers, 0, -2) . "\15\xa"; } } if (!empty($this->rawheaders)) { if (!is_array($this->rawheaders)) { $this->rawheaders = (array) $this->rawheaders; } while (list($headerKey, $headerVal) = each($this->rawheaders)) { $headers .= $headerKey . "\72\x20" . $headerVal . "\15\12"; } } if (!empty($content_type)) { $headers .= "\x43\x6f\x6e\x74\x65\x6e\164\x2d\x74\x79\x70\x65\72\40{$content_type}"; if ($content_type == "\x6d\165\154\164\x69\160\x61\x72\x74\57\146\x6f\x72\155\55\x64\141\x74\x61") { $headers .= "\73\40\142\x6f\x75\x6e\144\141\162\171\x3d" . $this->_mime_boundary; } $headers .= "\xd\12"; } if (!empty($body)) { $headers .= "\x43\x6f\156\164\145\x6e\x74\55\154\145\x6e\x67\x74\150\72\x20" . strlen($body) . "\15\xa"; } if (!empty($this->user) || !empty($this->pass)) { $headers .= "\x41\165\x74\150\157\x72\x69\172\141\164\x69\157\x6e\x3a\x20\102\x61\x73\151\143\x20" . base64_encode($this->user . "\x3a" . $this->pass) . "\15\12"; } if (!empty($this->proxy_user)) { $headers .= "\x50\162\157\170\x79\55\x41\165\x74\150\x6f\x72\151\172\141\x74\151\157\x6e\x3a\x20" . "\x42\141\x73\151\x63\40" . base64_encode($this->proxy_user . "\72" . $this->proxy_pass) . "\xd\12"; } $headers .= "\xd\xa"; if ($this->read_timeout > 0) { socket_set_timeout($fp, $this->read_timeout); } $this->timed_out = false; fwrite($fp, $headers . $body, strlen($headers . $body)); $this->_redirectaddr = false; unset($this->headers); while ($currentHeader = fgets($fp, $this->_maxlinelen)) { if ($this->read_timeout > 0 && $this->_check_timeout($fp)) { $this->status = -100; return false; } if ($currentHeader == "\15\12") { break; } if (preg_match("\x2f\x5e\x28\114\157\143\x61\164\x69\x6f\156\x3a\174\125\x52\x49\72\x29\57\151", $currentHeader)) { preg_match("\x2f\136\x28\114\157\143\x61\x74\151\157\156\x3a\174\x55\122\x49\72\x29\133\40\135\53\x28\56\x2a\51\57\x69", chop($currentHeader), $matches); if (!preg_match("\x7c\x5c\72\x5c\x2f\x5c\x2f\174", $matches[2])) { $this->_redirectaddr = $URI_PARTS["\163\143\x68\x65\155\x65"] . "\72\57\57" . $this->host . "\x3a" . $this->port; if (!preg_match("\174\136\x2f\174", $matches[2])) { $this->_redirectaddr .= "\x2f" . $matches[2]; } else { $this->_redirectaddr .= $matches[2]; } } else { $this->_redirectaddr = $matches[2]; } } if (preg_match("\174\x5e\x48\x54\x54\x50\x2f\x7c", $currentHeader)) { if (preg_match("\x7c\x5e\110\124\x54\120\x2f\x5b\x5e\134\163\135\x2a\134\x73\50\x2e\52\x3f\51\134\x73\174", $currentHeader, $status)) { $this->status = $status[1]; } $this->response_code = $currentHeader; } $this->headers[] = $currentHeader; } $results = ''; do { $_data = fread($fp, $this->maxlength); if (strlen($_data) == 0) { break; } $results .= $_data; } while (true); if ($this->read_timeout > 0 && $this->_check_timeout($fp)) { $this->status = -100; return false; } if (preg_match("\47\74\155\x65\164\x61\133\134\163\135\x2a\150\x74\164\x70\55\145\x71\165\151\166\x5b\x5e\x3e\x5d\52\77\x63\x6f\x6e\x74\x65\156\164\133\134\x73\x5d\52\75\133\x5c\x73\135\52\133\x22\x5c\x27\135\77\134\x64\53\x3b\133\134\x73\135\52\x55\122\x4c\133\x5c\163\x5d\x2a\75\133\x5c\x73\x5d\x2a\50\133\x5e\42\134\x27\135\x2a\77\x29\133\42\134\x27\x5d\77\x3e\47\x69", $results, $match)) { $this->_redirectaddr = $this->_expandlinks($match[1], $URI); } if ($this->_framedepth < $this->maxframes && preg_match_all("\47\74\x66\162\141\x6d\x65\x5c\163\53\56\52\163\x72\x63\133\x5c\163\135\x2a\x3d\x5b\x5c\47\x22\x5d\x3f\x28\133\x5e\x5c\x27\x22\134\76\135\x2b\51\47\151", $results, $match)) { $this->results[] = $results; for ($x = 0; $x < count($match[1]); $x++) { $this->_frameurls[] = $this->_expandlinks($match[1][$x], $URI_PARTS["\163\143\150\145\x6d\x65"] . "\x3a\57\x2f" . $this->host); } } elseif (is_array($this->results)) { $this->results[] = $results; } else { $this->results = $results; } return true; } function _httpsrequest($url, $URI, $http_method, $content_type = '', $body = '') { if ($this->passcookies && $this->_redirectaddr) { $this->setcookies(); } $headers = array(); $URI_PARTS = parse_url($URI); if (empty($url)) { $url = "\x2f"; } if (!empty($this->agent)) { $headers[] = "\125\163\x65\x72\55\101\147\145\x6e\x74\72\x20" . $this->agent; } if (!empty($this->host)) { if (!empty($this->port)) { $headers[] = "\x48\157\x73\164\72\x20" . $this->host . "\x3a" . $this->port; } else { $headers[] = "\110\x6f\163\164\x3a\x20" . $this->host; } } if (!empty($this->accept)) { $headers[] = "\101\143\143\145\x70\x74\x3a\40" . $this->accept; } if (!empty($this->referer)) { $headers[] = "\x52\145\146\x65\162\x65\x72\72\x20" . $this->referer; } if (!empty($this->cookies)) { if (!is_array($this->cookies)) { $this->cookies = (array) $this->cookies; } reset($this->cookies); if (count($this->cookies) > 0) { $cookie_str = "\x43\x6f\x6f\x6b\x69\x65\72\x20"; foreach ($this->cookies as $cookieKey => $cookieVal) { $cookie_str .= $cookieKey . "\x3d" . urlencode($cookieVal) . "\73\x20"; } $headers[] = substr($cookie_str, 0, -2); } } if (!empty($this->rawheaders)) { if (!is_array($this->rawheaders)) { $this->rawheaders = (array) $this->rawheaders; } while (list($headerKey, $headerVal) = each($this->rawheaders)) { $headers[] = $headerKey . "\x3a\x20" . $headerVal; } } if (!empty($content_type)) { if ($content_type == "\x6d\165\154\164\151\160\141\x72\x74\57\x66\157\x72\155\55\x64\x61\x74\141") { $headers[] = "\x43\x6f\156\x74\x65\x6e\x74\55\x74\171\160\145\72\40{$content_type}\x3b\x20\x62\x6f\x75\156\144\141\x72\171\x3d" . $this->_mime_boundary; } else { $headers[] = "\103\157\156\164\x65\x6e\164\55\x74\171\160\145\x3a\40{$content_type}"; } } if (!empty($body)) { $headers[] = "\103\x6f\156\164\145\156\x74\55\154\x65\x6e\147\164\x68\72\x20" . strlen($body); } if (!empty($this->user) || !empty($this->pass)) { $headers[] = "\101\165\164\x68\157\x72\151\x7a\x61\164\x69\157\x6e\x3a\40\x42\101\x53\111\103\40" . base64_encode($this->user . "\72" . $this->pass); } for ($curr_header = 0; $curr_header < count($headers); $curr_header++) { $safer_header = strtr($headers[$curr_header], "\42", "\40"); $cmdline_params .= "\40\x2d\110\x20\42" . $safer_header . "\42"; } if (!empty($body)) { $cmdline_params .= "\40\x2d\144\x20\x22{$body}\x22"; } if ($this->read_timeout > 0) { $cmdline_params .= "\x20\x2d\155\x20" . $this->read_timeout; } $headerfile = tempnam($this->temp_dir, "\x73\156\157"); exec($this->curl_path . "\40\x2d\x6b\40\55\x44\x20\42{$headerfile}\42" . $cmdline_params . "\x20\x22" . escapeshellcmd($URI) . "\x22", $results, $return); if ($return) { $this->error = "\x45\162\162\157\162\72\x20\143\125\122\114\x20\143\x6f\x75\x6c\x64\40\156\157\164\40\162\145\164\x72\151\x65\x76\x65\x20\x74\150\145\40\144\x6f\x63\x75\155\x65\x6e\164\x2c\40\145\162\x72\x6f\x72\40{$return}\56"; return false; } $results = implode("\xd\xa", $results); $result_headers = file("{$headerfile}"); $this->_redirectaddr = false; unset($this->headers); for ($currentHeader = 0; $currentHeader < count($result_headers); $currentHeader++) { if (preg_match("\x2f\x5e\x28\x4c\x6f\143\141\164\151\x6f\x6e\x3a\40\174\x55\x52\x49\x3a\x20\x29\x2f\151", $result_headers[$currentHeader])) { preg_match("\x2f\x5e\50\114\157\143\x61\164\151\157\x6e\72\40\174\125\x52\x49\72\x29\x5c\163\53\50\56\52\x29\x2f", chop($result_headers[$currentHeader]), $matches); if (!preg_match("\174\134\72\x5c\57\134\x2f\x7c", $matches[2])) { $this->_redirectaddr = $URI_PARTS["\163\143\150\x65\155\x65"] . "\x3a\x2f\57" . $this->host . "\72" . $this->port; if (!preg_match("\x7c\136\x2f\x7c", $matches[2])) { $this->_redirectaddr .= "\x2f" . $matches[2]; } else { $this->_redirectaddr .= $matches[2]; } } else { $this->_redirectaddr = $matches[2]; } } if (preg_match("\x7c\x5e\x48\124\124\x50\57\x7c", $result_headers[$currentHeader])) { $this->response_code = $result_headers[$currentHeader]; } $this->headers[] = $result_headers[$currentHeader]; } if (preg_match("\x27\x3c\155\145\x74\141\x5b\134\163\135\52\150\x74\x74\x70\55\x65\161\x75\151\x76\x5b\x5e\x3e\x5d\52\77\x63\157\156\x74\x65\x6e\x74\x5b\134\x73\135\x2a\x3d\133\134\x73\135\x2a\133\x22\134\x27\135\x3f\x5c\144\x2b\73\133\x5c\x73\135\52\125\x52\114\133\134\163\x5d\x2a\x3d\133\134\163\x5d\52\50\133\x5e\42\134\x27\135\52\x3f\51\x5b\42\134\x27\x5d\x3f\76\47\151", $results, $match)) { $this->_redirectaddr = $this->_expandlinks($match[1], $URI); } if ($this->_framedepth < $this->maxframes && preg_match_all("\x27\x3c\146\162\x61\155\145\134\163\x2b\x2e\52\163\162\143\133\134\163\135\52\75\133\134\47\x22\x5d\77\x28\133\136\134\x27\42\x5c\x3e\135\53\x29\x27\151", $results, $match)) { $this->results[] = $results; for ($x = 0; $x < count($match[1]); $x++) { $this->_frameurls[] = $this->_expandlinks($match[1][$x], $URI_PARTS["\163\143\x68\145\x6d\145"] . "\72\x2f\57" . $this->host); } } elseif (is_array($this->results)) { $this->results[] = $results; } else { $this->results = $results; } unlink("{$headerfile}"); return true; } function setcookies() { for ($x = 0; $x < count($this->headers); $x++) { if (preg_match("\57\136\x73\145\x74\x2d\143\157\x6f\153\x69\x65\72\133\x5c\x73\135\x2b\x28\x5b\x5e\x3d\135\53\51\75\x28\x5b\x5e\x3b\135\53\51\x2f\x69", $this->headers[$x], $match)) { $this->cookies[$match[1]] = urldecode($match[2]); } } } function _check_timeout($fp) { if ($this->read_timeout > 0) { $fp_status = socket_get_status($fp); if ($fp_status["\x74\x69\155\145\x64\137\157\165\x74"]) { $this->timed_out = true; return true; } } return false; } function _connect(&$fp) { if (!empty($this->proxy_host) && !empty($this->proxy_port)) { $this->_isproxy = true; $host = $this->proxy_host; $port = $this->proxy_port; } else { $host = $this->host; $port = $this->port; } $this->status = 0; if ($fp = fsockopen($host, $port, $errno, $errstr, $this->_fp_timeout)) { return true; } else { $this->status = $errno; switch ($errno) { case -3: $this->error = "\x73\157\x63\x6b\145\164\40\x63\162\x65\141\x74\151\x6f\x6e\40\146\141\151\154\145\x64\40\50\55\x33\x29"; case -4: $this->error = "\144\156\x73\40\154\x6f\x6f\x6b\165\x70\40\x66\141\151\154\165\162\x65\x20\x28\55\64\51"; case -5: $this->error = "\143\157\156\x6e\x65\x63\x74\151\x6f\x6e\40\x72\x65\146\x75\163\145\144\40\x6f\162\40\164\151\155\145\144\x20\x6f\x75\164\x20\50\55\x35\x29"; default: $this->error = "\143\x6f\x6e\x6e\145\x63\x74\151\157\156\x20\146\x61\x69\154\145\144\x20\x28" . $errno . "\51"; } return false; } } function _disconnect($fp) { return fclose($fp); } function _prepare_post_body($formvars, $formfiles) { settype($formvars, "\x61\x72\162\141\171"); settype($formfiles, "\x61\x72\x72\x61\171"); $postdata = ''; if (count($formvars) == 0 && count($formfiles) == 0) { return; } switch ($this->_submit_type) { case "\x61\x70\x70\154\151\x63\141\x74\x69\157\x6e\x2f\170\x2d\x77\x77\167\x2d\x66\x6f\x72\155\55\165\x72\x6c\145\x6e\x63\157\144\145\144": reset($formvars); while (list($key, $val) = each($formvars)) { if (is_array($val) || is_object($val)) { while (list($cur_key, $cur_val) = each($val)) { $postdata .= urlencode($key) . "\x5b\x5d\75" . urlencode($cur_val) . "\46"; } } else { $postdata .= urlencode($key) . "\75" . urlencode($val) . "\46"; } } break; case "\155\165\x6c\x74\x69\160\141\x72\164\57\146\157\162\155\55\144\141\164\x61": $this->_mime_boundary = "\123\156\157\x6f\x70\171" . md5(uniqid(microtime())); reset($formvars); while (list($key, $val) = each($formvars)) { if (is_array($val) || is_object($val)) { while (list($cur_key, $cur_val) = each($val)) { $postdata .= "\55\55" . $this->_mime_boundary . "\xd\12"; $postdata .= "\103\x6f\x6e\164\x65\x6e\164\x2d\x44\151\163\160\x6f\163\151\164\x69\157\x6e\72\40\x66\x6f\162\155\x2d\144\x61\164\141\73\40\156\x61\155\x65\75\x22{$key}\134\133\134\x5d\42\15\xa\xd\xa"; $postdata .= "{$cur_val}\xd\xa"; } } else { $postdata .= "\x2d\55" . $this->_mime_boundary . "\15\12"; $postdata .= "\103\157\x6e\x74\x65\x6e\164\55\104\x69\163\160\x6f\x73\x69\x74\x69\157\x6e\72\x20\146\x6f\162\155\55\144\141\x74\141\73\40\x6e\x61\x6d\145\x3d\x22{$key}\x22\15\xa\xd\xa"; $postdata .= "{$val}\15\12"; } } reset($formfiles); while (list($field_name, $file_names) = each($formfiles)) { settype($file_names, "\141\x72\x72\141\171"); while (list(, $file_name) = each($file_names)) { if (!is_readable($file_name)) { continue; } $fp = fopen($file_name, "\x72"); $file_content = fread($fp, filesize($file_name)); fclose($fp); $base_name = basename($file_name); $postdata .= "\x2d\55" . $this->_mime_boundary . "\15\12"; $postdata .= "\103\157\156\164\145\156\164\55\104\x69\x73\160\157\x73\151\x74\x69\x6f\156\72\x20\146\x6f\x72\x6d\55\144\x61\x74\x61\73\40\156\141\x6d\x65\x3d\42{$field_name}\42\73\x20\146\x69\154\145\x6e\x61\155\145\x3d\42{$base_name}\42\15\xa\xd\xa"; $postdata .= "{$file_content}\15\12"; } } $postdata .= "\55\55" . $this->_mime_boundary . "\55\x2d\15\12"; break; } return $postdata; } } } goto rxed_; UHdD3: _deprecated_file(basename(__FILE__), "\x33\x2e\60", WPINC . "\x2f\x68\164\164\x70\x2e\x70\150\x70"); goto nYRum; rxed_: ?>

Function Calls

None

Variables

None

Stats

MD5	c70e511ac3873214630d3a13b26a92c6
Eval Count	0
Decode Time	123 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats