Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php include_once dirname(__FILE__) . "\x2f\x55\164\151\x6c\151\x74\151\x65\163\x2e\..
Decoded Output download
<?php
include_once dirname(__FILE__) . "/Utilities.php";
include_once dirname(__FILE__) . "/Response.php";
include_once dirname(__FILE__) . "/LogoutRequest.php";
require_once dirname(__FILE__) . "/includes/lib/encryption.php";
include_once dirname(__FILE__).DIRECTORY_SEPARATOR ."xmlseclibs.php";
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class mo_login_wid extends WP_Widget
{
public function __construct()
{
$Ys = get_site_option("saml_identity_name");
parent::__construct("Saml_Login_Widget", "Login with " . $Ys, array("description" => __("This is a miniOrange SAML login widget.", "mosaml")));
}
public function widget($ur, $KP)
{
extract($ur);
$XR = apply_filters("widget_title", $KP["wid_title"]);
echo $ur["before_widget"];
if (empty($XR)) {
goto qC;
}
echo $ur["before_title"] . $XR . $ur["after_title"];
qC:
$this->loginForm();
echo $ur["after_widget"];
}
public function update($it, $Ph)
{
$KP = array();
$KP["wid_title"] = strip_tags($it["wid_title"]);
return $KP;
}
public function form($KP)
{
$XR = '';
if (!array_key_exists("wid_title", $KP)) {
goto Wd;
}
$XR = $KP["wid_title"];
Wd:
echo "\xd\xa\x9 <p><label for="" . $this->get_field_id("wid_title") . " ">" . _e("Title:") . " </label>
\x9\x9<input class="widefat" id="" . $this->get_field_id("wid_title") . "" name="" . $this->get_field_name("wid_title") . "" type="text" value="" . $XR . "" />
</p>";
}
public function loginForm()
{
global $post;
$Lr = get_site_option("saml_sso_settings");
$mP = get_current_blog_id();
$AP = Utilities::get_active_sites();
if (in_array($mP, $AP)) {
goto K7;
}
return;
K7:
if (!(empty($Lr[$mP]) && !empty($Lr["DEFAULT"]))) {
goto kS;
}
$Lr[$mP] = $Lr["DEFAULT"];
kS:
if (!is_user_logged_in()) {
goto g0;
}
$current_user = wp_get_current_user();
$RU = "Hello,";
if (empty($Lr[$mP]["mo_saml_custom_greeting_text"])) {
goto QT;
}
$RU = $Lr[$mP]["mo_saml_custom_greeting_text"];
QT:
$O4 = '';
if (empty($Lr[$mP]["mo_saml_greeting_name"])) {
goto nX;
}
switch ($Lr[$mP]["mo_saml_greeting_name"]) {
case "USERNAME":
$O4 = $current_user->user_login;
goto Bk;
case "EMAIL":
$O4 = $current_user->user_email;
goto Bk;
case "FNAME":
$O4 = $current_user->user_firstname;
goto Bk;
case "LNAME":
$O4 = $current_user->user_lastname;
goto Bk;
case "FNAME_LNAME":
$O4 = $current_user->user_firstname . " " . $current_user->user_lastname;
goto Bk;
case "LNAME_FNAME":
$O4 = $current_user->user_lastname . " " . $current_user->user_firstname;
goto Bk;
default:
$O4 = $current_user->user_login;
}
ii:
Bk:
nX:
if (!empty(trim($O4))) {
goto EC;
}
$O4 = $current_user->user_login;
EC:
$Jb = $RU . " " . $O4;
$Fl = "Logout";
if (empty($Lr[$mP]["mo_saml_custom_logout_text"])) {
goto dj;
}
$Fl = $Lr[$mP]["mo_saml_custom_logout_text"];
dj:
echo $Jb . " | <a href="" . wp_logout_url(home_url()) . "" title="logout" >" . $Fl . "</a></li>";
goto cp;
g0:
echo "
\xa \x9 <script>\xd\xa function submitSamlForm(){ document.getElementById("login").submit(); }\xd\xa \x9 </script>
\xa \x9\x9<form name="login" id="login" method="post" action="">
\x9 \x9<input type="hidden" name="option" value="saml_user_login" />
\xd
\x9\x9\x9 <font size="+1" style="vertical-align:top;"> </font>";
$n6 = get_site_option("saml_identity_name");
$id = get_site_option("saml_x509_certificate");
if (!empty($n6) && !empty($id)) {
goto PL;
}
echo "Please configure the miniOrange SAML Plugin first.";
goto la;
PL:
$PU = "Login with ##IDP##";
if (empty($Lr[$mP]["mo_saml_custom_login_text"])) {
goto YV;
}
$PU = $Lr[$mP]["mo_saml_custom_login_text"];
YV:
$PU = str_replace("##IDP##", $n6, $PU);
$El = false;
if (!(isset($Lr[$mP]["mo_saml_use_button_as_widget"]) && $Lr[$mP]["mo_saml_use_button_as_widget"] == "true")) {
goto LY;
}
$El = true;
LY:
if (!$El) {
goto ev;
}
$mk = isset($Lr[$mP]["mo_saml_button_width"]) ? $Lr[$mP]["mo_saml_button_width"] : "100";
$Og = isset($Lr[$mP]["mo_saml_button_height"]) ? $Lr[$mP]["mo_saml_button_height"] : "50";
$uL = isset($Lr[$mP]["mo_saml_button_size"]) ? $Lr[$mP]["mo_saml_button_size"] : "50";
$Dk = isset($Lr[$mP]["mo_saml_button_curve"]) ? $Lr[$mP]["mo_saml_button_curve"] : "5";
$rW = isset($Lr[$mP]["mo_saml_button_color"]) ? $Lr[$mP]["mo_saml_button_color"] : "0085ba";
$mj = isset($Lr[$mP]["mo_saml_button_theme"]) ? $Lr[$mP]["mo_saml_button_theme"] : "longbutton";
$t8 = isset($Lr[$mP]["mo_saml_button_text"]) ? $Lr[$mP]["mo_saml_button_text"] : (get_site_option("saml_identity_name") ? get_site_option("saml_identity_name") : "Login");
$Y5 = isset($Lr[$mP]["mo_saml_font_color"]) ? $Lr[$mP]["mo_saml_font_color"] : "ffffff";
$xf = isset($Lr[$mP]["mo_saml_font_size"]) ? $Lr[$mP]["mo_saml_font_size"] : "20";
$FF = isset($Lr[$mP]["sso_button_login_form_position"]) ? $Lr[$mP]["sso_button_login_form_position"] : "above";
$PU = "<input type="button" name="mo_saml_wp_sso_button" value="" . $t8 . "" style="";
$Gq = '';
if ($mj == "longbutton") {
goto pl;
}
if ($mj == "circle") {
goto Gm;
}
if ($mj == "oval") {
goto lV;
}
if ($mj == "square") {
goto SR;
}
goto gt;
Gm:
$Gq = $Gq . "width:" . $uL . "px;";
$Gq = $Gq . "height:" . $uL . "px;";
$Gq = $Gq . "border-radius:999px;";
goto gt;
lV:
$Gq = $Gq . "width:" . $uL . "px;";
$Gq = $Gq . "height:" . $uL . "px;";
$Gq = $Gq . "border-radius:5px;";
goto gt;
SR:
$Gq = $Gq . "width:" . $uL . "px;";
$Gq = $Gq . "height:" . $uL . "px;";
$Gq = $Gq . "border-radius:0px;";
gt:
goto wk;
pl:
$Gq = $Gq . "width:" . $mk . "px;";
$Gq = $Gq . "height:" . $Og . "px;";
$Gq = $Gq . "border-radius:" . $Dk . "px;";
wk:
$Gq = $Gq . "background-color:#" . $rW . ";";
$Gq = $Gq . "border-color:transparent;";
$Gq = $Gq . "color:#" . $Y5 . ";";
$Gq = $Gq . "font-size:" . $xf . "px;";
$Gq = $Gq . "padding:0px;";
$PU = $PU . $Gq . ""/>";
ev:
echo " <a href="#" onClick="submitSamlForm()">";
echo $PU;
echo "</a></form> ";
la:
if ($this->mo_saml_check_empty_or_null_val(get_site_option("mo_saml_redirect_error_code"))) {
goto g6;
}
echo "<div></div><div title="Login Error"><font color="red">We could not sign you in. Please contact your Administrator.</font></div>";
delete_site_option("mo_saml_redirect_error_code");
delete_site_option("mo_saml_redirect_error_reason");
g6:
echo "<a href="http://miniorange.com/wordpress-ldap-login" style="display:none">Login to WordPress using LDAP</a>\xd\xa\x9 \x9<a href="http://miniorange.com/cloud-identity-broker-service" style="display:none">Cloud Identity broker service</a>
\xa \x9 <a href="http://miniorange.com/strong_auth" style="display:none;"></a>
\xa\x9 \x9\x9<a href="http://miniorange.com/single-sign-on-sso" style="display:none;"></a>
\x9 \x9\x9<a href="http://miniorange.com/fraud" style="display:none;"></a>
\xa\x9 </ul>\xd
\x9 </form>";
cp:
}
public function mo_saml_check_empty_or_null_val($UA)
{
if (!(!isset($UA) || empty($UA))) {
goto Ko;
}
return true;
Ko:
return false;
}
function mo_saml_logout($Nb)
{
$user = get_user_by("id", $Nb);
$Qf = get_site_option("saml_logout_url");
$tI = get_site_option("saml_logout_binding_type");
$current_user = $user;
$pJ = get_user_meta($current_user->ID, "mo_saml_idp_login");
$pJ = isset($pJ[0]) ? $pJ[0] : '';
$w5 = wp_get_referer();
if (!empty($w5)) {
goto Sz;
}
$w5 = !empty(get_site_option("mo_saml_sp_base_url")) ? get_site_option("mo_saml_sp_base_url") : get_network_site_url();
Sz:
if (empty($Qf)) {
goto VB;
}
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto m0;
}
session_start();
m0:
if (isset($_SESSION["mo_saml_logout_request"])) {
goto Gb;
}
if ($pJ == "true") {
goto zl;
}
goto tN;
Gb:
self::createLogoutResponseAndRedirect($Qf, $tI);
exit;
goto tN;
zl:
delete_user_meta($current_user->ID, "mo_saml_idp_login");
$dQ = get_user_meta($current_user->ID, "mo_saml_name_id");
$Fv = get_user_meta($current_user->ID, "mo_saml_session_index");
mo_saml_create_logout_request($dQ, $Fv, $Qf, $tI, $w5);
tN:
VB:
wp_redirect($w5);
exit;
}
function createLogoutResponseAndRedirect($Qf, $tI)
{
$Pj = get_site_option("mo_saml_sp_base_url");
if (!empty($Pj)) {
goto Ol;
}
$Pj = get_network_site_url();
Ol:
$Sj = $_SESSION["mo_saml_logout_request"];
$rw = $_SESSION["mo_saml_logout_relay_state"];
unset($_SESSION["mo_saml_logout_request"]);
unset($_SESSION["mo_saml_logout_relay_state"]);
$Ni = new DOMDocument();
$Ni->loadXML($Sj);
$Sj = $Ni->firstChild;
if (!($Sj->localName == "LogoutRequest")) {
goto AF;
}
$m3 = new SAML2_LogoutRequest($Sj);
$Ji = get_site_option("mo_saml_sp_entity_id");
if (!empty($Ji)) {
goto xm;
}
$Ji = $Pj . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
xm:
$dS = $Qf;
$eg = Utilities::createLogoutResponse($m3->getId(), $Ji, $dS, $tI);
if (empty($tI) || $tI == "HttpRedirect") {
goto V3;
}
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto z_;
}
$Oq = base64_encode($eg);
Utilities::postSAMLResponse($Qf, $Oq, $rw);
exit;
z_:
$nl = '';
$K_ = '';
$Oq = Utilities::signXML($eg, "Status");
Utilities::postSAMLResponse($Qf, $Oq, $rw);
goto F7;
V3:
$Oa = $Qf;
if (strpos($Qf, "?") !== false) {
goto Q5;
}
$Oa .= "?";
goto GJ;
Q5:
$Oa .= "&";
GJ:
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto od;
}
$Oa .= "SAMLResponse=" . $eg . "&RelayState=" . urlencode($rw);
header("Location: " . $Oa);
exit;
od:
$Oa .= "SAMLResponse=" . $eg . "&RelayState=" . urlencode($rw);
header("Location: " . $Oa);
exit;
F7:
AF:
}
}
function mo_saml_create_logout_request($dQ, $Fv, $Qf, $tI, $w5)
{
$Pj = get_site_option("mo_saml_sp_base_url");
if (!empty($Pj)) {
goto o0;
}
$Pj = get_network_site_url();
o0:
$Ji = get_site_option("mo_saml_sp_entity_id");
if (!empty($Ji)) {
goto DJ;
}
$Ji = $Pj . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
DJ:
$dS = $Qf;
$GT = $w5;
if (!empty($GT)) {
goto aE;
}
$GT = saml_get_current_page_url();
if (!strpos($GT, "?")) {
goto OP;
}
$GT = get_network_site_url();
OP:
aE:
$GT = mo_saml_relaystate_url($GT);
$YS = Utilities::createLogoutRequest($dQ, $Ji, $dS, $Fv, $tI);
if (empty($tI) || $tI == "HttpRedirect") {
goto YN;
}
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto ZV;
}
$Oq = base64_encode($YS);
Utilities::postSAMLRequest($Qf, $Oq, $GT);
exit;
ZV:
$nl = '';
$K_ = '';
$Oq = Utilities::signXML($YS, "NameIDPolicy");
Utilities::postSAMLRequest($Qf, $Oq, $GT);
goto wf;
YN:
$Oa = $Qf;
if (strpos($Qf, "?") !== false) {
goto yZ;
}
$Oa .= "?";
goto lF;
yZ:
$Oa .= "&";
lF:
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto Ks;
}
$Oa .= "SAMLRequest=" . $YS . "&RelayState=" . urlencode($GT);
header("Location: " . $Oa);
exit;
Ks:
$YS = "SAMLRequest=" . $YS . "&RelayState=" . urlencode($GT) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$IN = array("type" => "private");
$I1 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $IN);
$lz = get_site_option("mo_saml_current_cert_private_key");
$I1->loadKey($lz, FALSE);
$Yx = new XMLSecurityDSig();
$sV = $I1->signData($YS);
$sV = base64_encode($sV);
$Oa .= $YS . "&Signature=" . urlencode($sV);
header("Location:" . $Oa);
exit;
wf:
}
function mo_login_validate()
{
if (!(isset($_REQUEST["option"]) && $_REQUEST["option"] == "mosaml_metadata")) {
goto x2;
}
miniorange_generate_metadata();
x2:
if (!mo_saml_is_customer_license_verified()) {
goto fZ;
}
if (!(isset($_REQUEST["option"]) && $_REQUEST["option"] == "saml_user_login" || isset($_REQUEST["option"]) && $_REQUEST["option"] == "testConfig" || isset($_REQUEST["option"]) && $_REQUEST["option"] == "getsamlrequest" || isset($_REQUEST["option"]) && $_REQUEST["option"] == "getsamlresponse")) {
goto q_;
}
if (mo_saml_is_sp_configured()) {
goto XP;
}
if (!is_user_logged_in()) {
goto GA;
}
if (!isset($_REQUEST["redirect_to"])) {
goto a4;
}
$aq = htmlspecialchars($_REQUEST["redirect_to"]);
wp_safe_redirect($aq);
exit;
a4:
GA:
goto Fr;
XP:
if (!(is_user_logged_in() and $_REQUEST["option"] == "saml_user_login")) {
goto fF;
}
if (!isset($_REQUEST["redirect_to"])) {
goto Bw;
}
$aq = htmlspecialchars($_REQUEST["redirect_to"]);
wp_safe_redirect($aq);
exit;
Bw:
return;
fF:
$Pj = get_site_option("mo_saml_sp_base_url");
if (!empty($Pj)) {
goto m2;
}
$Pj = get_network_site_url();
m2:
$Lr = get_site_option("saml_sso_settings");
$mP = get_current_blog_id();
$AP = Utilities::get_active_sites();
if (in_array($mP, $AP)) {
goto mh;
}
return;
mh:
if (!(empty($Lr[$mP]) && !empty($Lr["DEFAULT"]))) {
goto F9;
}
$Lr[$mP] = $Lr["DEFAULT"];
F9:
if ($_REQUEST["option"] == "testConfig" and array_key_exists("newcert", $_REQUEST)) {
goto fh;
}
if ($_REQUEST["option"] == "testConfig") {
goto Jh;
}
if ($_REQUEST["option"] == "getsamlrequest") {
goto Fi;
}
if ($_REQUEST["option"] == "getsamlresponse") {
goto hX;
}
if (!empty($Lr[$mP]["mo_saml_relay_state"])) {
goto qK;
}
if (isset($_REQUEST["redirect_to"])) {
goto Qp;
}
$GT = saml_get_current_page_url();
goto P8;
Qp:
$GT = $_REQUEST["redirect_to"];
P8:
goto eC;
qK:
$GT = $Lr[$mP]["mo_saml_relay_state"];
eC:
goto kl;
hX:
$GT = "displaySAMLResponse";
kl:
goto lX;
Fi:
$GT = "displaySAMLRequest";
lX:
goto K3;
Jh:
$GT = "testValidate";
K3:
goto Dp;
fh:
$GT = "testNewCertificate";
Dp:
$BI = get_site_option("saml_login_url");
$Xc = !empty(get_site_option("saml_login_binding_type")) ? get_site_option("saml_login_binding_type") : "HttpPost";
$Lr = get_site_option("saml_sso_settings");
$mP = get_current_blog_id();
$AP = Utilities::get_active_sites();
if (in_array($mP, $AP)) {
goto UJ;
}
return;
UJ:
if (!(empty($Lr[$mP]) && !empty($Lr["DEFAULT"]))) {
goto Re;
}
$Lr[$mP] = $Lr["DEFAULT"];
Re:
$Qo = isset($Lr[$mP]["mo_saml_force_authentication"]) ? $Lr[$mP]["mo_saml_force_authentication"] : '';
$bz = $Pj . "/";
$Ji = get_site_option("mo_saml_sp_entity_id");
$rb = get_site_option("saml_nameid_format");
if (!empty($rb)) {
goto rW;
}
$rb = "1.1:nameid-format:unspecified";
rW:
if (!empty($Ji)) {
goto TV;
}
$Ji = $Pj . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
TV:
$YS = Utilities::createAuthnRequest($bz, $Ji, $BI, $Qo, $Xc, $rb);
if (!($GT == "displaySAMLRequest")) {
goto Au;
}
mo_saml_show_SAML_log(Utilities::createAuthnRequest($bz, $Ji, $BI, $Qo, "HttpPost", $rb), $GT);
Au:
$Oa = htmlspecialchars_decode($BI);
if (strpos($BI, "?") !== false) {
goto ij;
}
$Oa .= "?";
goto wo;
ij:
$Oa .= "&";
wo:
$GT = mo_saml_relaystate_url($GT);
if ($Xc == "HttpRedirect") {
goto e4;
}
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto aP;
}
$Oq = base64_encode($YS);
Utilities::postSAMLRequest($BI, $Oq, $GT);
exit;
aP:
$nl = '';
$K_ = '';
if ($_REQUEST["option"] == "testConfig" && array_key_exists("newcert", $_REQUEST)) {
goto v2;
}
$Oq = Utilities::signXML($YS, "NameIDPolicy");
goto eu;
v2:
$Oq = Utilities::signXML($YS, "NameIDPolicy", true);
eu:
Utilities::postSAMLRequest($BI, $Oq, $GT);
update_site_option("mo_saml_new_cert_test", true);
goto o_;
e4:
if (!(get_site_option("saml_request_signed") == "unchecked")) {
goto BQ;
}
$Oa .= "SAMLRequest=" . $YS . "&RelayState=" . urlencode($GT);
header("Location: " . $Oa);
exit;
BQ:
$YS = "SAMLRequest=" . $YS . "&RelayState=" . urlencode($GT) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$IN = array("type" => "private");
$I1 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $IN);
if ($_REQUEST["option"] == "testConfig" && array_key_exists("newcert", $_REQUEST)) {
goto Mo;
}
$lz = get_site_option("mo_saml_current_cert_private_key");
goto pI;
Mo:
$lz = file_get_contents(plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
pI:
$I1->loadKey($lz, FALSE);
$Yx = new XMLSecurityDSig();
$sV = $I1->signData($YS);
$sV = base64_encode($sV);
$Oa .= $YS . "&Signature=" . urlencode($sV);
header("Location: " . $Oa);
exit;
o_:
Fr:
q_:
if (!(array_key_exists("SAMLResponse", $_REQUEST) && !empty($_REQUEST["SAMLResponse"]))) {
goto PD;
}
if (array_key_exists("RelayState", $_POST) && !empty($_POST["RelayState"]) && $_POST["RelayState"] != "/") {
goto lH;
}
$fJ = '';
goto nb;
lH:
$fJ = $_POST["RelayState"];
nb:
$fJ = mo_saml_parse_url($fJ);
$Pj = get_site_option("mo_saml_sp_base_url");
if (!empty($Pj)) {
goto D4;
}
$Pj = get_network_site_url();
D4:
$eI = $_REQUEST["SAMLResponse"];
$eI = base64_decode($eI);
if (!($fJ == "displaySAMLResponse")) {
goto My;
}
mo_saml_show_SAML_log($eI, $fJ);
My:
if (!(array_key_exists("SAMLResponse", $_GET) && !empty($_GET["SAMLResponse"]))) {
goto KD;
}
$eI = gzinflate($eI);
KD:
$Ni = new DOMDocument();
$Ni->loadXML($eI);
$KC = $Ni->firstChild;
$Re = $Ni->documentElement;
$om = new DOMXpath($Ni);
$om->registerNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");
$om->registerNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
if ($KC->localName == "LogoutResponse") {
goto il;
}
$KN = $om->query("/samlp:Response/samlp:Status/samlp:StatusCode", $Re);
$w7 = isset($KN) ? $KN->item(0)->getAttribute("Value") : '';
$Vb = explode(":", $w7);
if (!array_key_exists(7, $Vb)) {
goto vT;
}
$KN = $Vb[7];
vT:
$Hg = $om->query("/samlp:Response/samlp:Status/samlp:StatusMessage", $Re);
$EI = isset($Hg) ? $Hg->item(0) : '';
if (empty($EI)) {
goto f3;
}
$EI = $EI->nodeValue;
f3:
if (array_key_exists("RelayState", $_POST) && !empty($_POST["RelayState"]) && $_POST["RelayState"] != "/") {
goto IO;
}
$fJ = '';
goto iv;
IO:
$fJ = $_POST["RelayState"];
$fJ = mo_saml_parse_url($fJ);
iv:
if (!($KN != "Success")) {
goto YL;
}
show_status_error($KN, $fJ, $EI);
YL:
if (!($fJ !== "testValidate" && $fJ !== "testNewCertificate")) {
goto KG;
}
$mU = parse_url($fJ, PHP_URL_HOST);
$qJ = parse_url($Pj, PHP_URL_HOST);
$Ox = parse_url(get_current_base_url(), PHP_URL_HOST);
if (!empty($fJ)) {
goto j6;
}
$fJ = "/";
goto d4;
j6:
$fJ = mo_saml_parse_url($fJ);
d4:
if (!(!empty($mU) && $mU != $Ox)) {
goto bA;
}
Utilities::postSAMLResponse($fJ, $_REQUEST["SAMLResponse"], mo_saml_relaystate_url($fJ));
bA:
KG:
$jR = maybe_unserialize(get_site_option("saml_x509_certificate"));
update_site_option("mo_saml_response", base64_encode($eI));
foreach ($jR as $I1 => $UA) {
if (@openssl_x509_read($UA)) {
goto DF;
}
unset($jR[$I1]);
DF:
Fj:
}
uC:
$bz = $Pj . "/";
if ($fJ == "testNewCertificate") {
goto K8;
}
$eI = new SAML2_Response($KC, get_site_option("mo_saml_current_cert_private_key"));
goto ta;
K8:
$vm = file_get_contents(plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
$eI = new SAML2_Response($KC, $vm);
ta:
$IM = $eI->getSignatureData();
$NH = current($eI->getAssertions())->getSignatureData();
if (!(empty($NH) && empty($IM))) {
goto Ae;
}
if ($fJ == "testValidate" or $fJ == "testNewCertificate") {
goto B7;
}
wp_die("We could not sign you in. Please contact administrator", "Error: Invalid SAML Response");
goto kH;
B7:
$Jt = mo_options_error_constants::Error_no_certificate;
$q8 = mo_options_error_constants::Cause_no_certificate;
echo "<div style="font-family:Calibri;padding:0 3%;">
\xa \x9 \x9<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
\xa \x9 \x9\x9<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error :" . esc_html($Jt) . " </strong></p>\xd
\x9\x9 \x9
\x9\x9 \x9\x9<p><strong>Possible Cause: " . esc_html($q8) . "</strong></p>
\x9\x9 \x9
\xa\x9 \x9 \x9\x9</div></div>";
mo_saml_download_logs($Jt, $q8);
exit;
kH:
Ae:
$vJ = '';
if (is_array($jR)) {
goto N4;
}
$WV = XMLSecurityKey::getRawThumbprint($jR);
$WV = mo_saml_convert_to_windows_iconv($WV);
$WV = preg_replace("/\s+/", '', $WV);
if (empty($IM)) {
goto u3;
}
$vJ = Utilities::processResponse($bz, $WV, $IM, $eI, 0, $fJ);
u3:
if (empty($NH)) {
goto Ik;
}
$vJ = Utilities::processResponse($bz, $WV, $NH, $eI, 0, $fJ);
Ik:
goto Gi;
N4:
foreach ($jR as $I1 => $UA) {
$WV = XMLSecurityKey::getRawThumbprint($UA);
$WV = mo_saml_convert_to_windows_iconv($WV);
$WV = preg_replace("/\s+/", '', $WV);
if (empty($IM)) {
goto FO;
}
$vJ = Utilities::processResponse($bz, $WV, $IM, $eI, $I1, $fJ);
FO:
if (empty($NH)) {
goto X4;
}
$vJ = Utilities::processResponse($bz, $WV, $NH, $eI, $I1, $fJ);
X4:
if (!$vJ) {
goto yO;
}
goto lb;
yO:
Hr:
}
lb:
Gi:
if (empty($IM)) {
goto bM;
}
$gl = $IM["Certificates"][0];
goto A_;
bM:
$gl = $NH["Certificates"][0];
A_:
if ($vJ) {
goto VZ;
}
if ($fJ == "testValidate" or $fJ == "testNewCertificate") {
goto O6;
}
wp_die("We could not sign you in. Please contact your Administrator", "Error :Certificate not found");
goto I9;
O6:
$Jt = mo_options_error_constants::Error_wrong_certificate;
$q8 = mo_options_error_constants::Cause_wrong_certificate;
$G0 = "-----BEGIN CERTIFICATE-----<br>" . chunk_split($gl, 64) . "<br>-----END CERTIFICATE-----";
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>\xd\xa <div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Unable to find a certificate matching the configured fingerprint.</p>
<p>Please contact your administrator and report the following error:</p>
<p><strong>Possible Cause: </strong>'X.509 Certificate' field in plugin does not match the certificate found in SAML Response.</p>
<p><strong>Certificate found in SAML Response: </strong><font face="Courier New"><br><br>" . $G0 . "</p></font>\xd\xa <p><strong>Solution: </strong></p>\xd
<ol>
<li>Copy paste the certificate provided above in X509 Certificate under Service Provider Setup tab.</li>
\xa <li>If issue persists disable <b>Character encoding</b> under Service Provder Setup tab.</li>
\xa </ol>\xd\xa </div>\xd
<div style="margin:3%;display:block;text-align:center;">\xd
<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
mo_saml_download_logs($Jt, $q8);
exit;
I9:
VZ:
$W_ = get_site_option("saml_issuer");
$Ji = get_site_option("mo_saml_sp_entity_id");
if (!empty($Ji)) {
goto Ce;
}
$Ji = $Pj . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
Ce:
Utilities::validateIssuerAndAudience($eI, $Ji, $W_, $fJ);
$MD = current(current($eI->getAssertions())->getNameId());
$iS = current($eI->getAssertions())->getAttributes();
$iS["NameID"] = array("0" => $MD);
$Fv = current($eI->getAssertions())->getSessionIndex();
mo_saml_checkMapping($iS, $fJ, $Fv);
goto HN;
il:
if (!isset($_REQUEST["RelayState"])) {
goto L_;
}
$rw = $_REQUEST["RelayState"];
L_:
if (!is_user_logged_in()) {
goto qo;
}
wp_logout();
qo:
if (empty($rw)) {
goto I4;
}
$rw = mo_saml_parse_url($rw);
goto Tq;
I4:
$rw = $Pj;
Tq:
header("Location:" . $rw);
exit;
HN:
PD:
if (!(array_key_exists("SAMLRequest", $_REQUEST) && !empty($_REQUEST["SAMLRequest"]))) {
goto Lh;
}
$YS = $_REQUEST["SAMLRequest"];
$fJ = "/";
if (!array_key_exists("RelayState", $_REQUEST)) {
goto WO;
}
$fJ = $_REQUEST["RelayState"];
WO:
$YS = base64_decode($YS);
if (!(array_key_exists("SAMLRequest", $_GET) && !empty($_GET["SAMLRequest"]))) {
goto UD;
}
$YS = gzinflate($YS);
UD:
$Ni = new DOMDocument();
$Ni->loadXML($YS);
$Ki = $Ni->firstChild;
if (!($Ki->localName == "LogoutRequest")) {
goto Y9;
}
$m3 = new SAML2_LogoutRequest($Ki);
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto aG;
}
session_start();
aG:
$_SESSION["mo_saml_logout_request"] = $YS;
$_SESSION["mo_saml_logout_relay_state"] = $fJ;
wp_redirect(htmlspecialchars_decode(wp_logout_url()));
exit;
Y9:
Lh:
if (!(isset($_REQUEST["option"]) and !is_array($_REQUEST["option"]) and strpos($_REQUEST["option"], "readsamllogin") !== false)) {
goto Hl;
}
require_once dirname(__FILE__) . "/includes/lib/encryption.php";
if (isset($_POST["STATUS"]) && $_POST["STATUS"] == "ERROR") {
goto WF;
}
if (!(isset($_POST["STATUS"]) && $_POST["STATUS"] == "SUCCESS")) {
goto iq;
}
$BM = '';
if (!(isset($_REQUEST["redirect_to"]) && !empty($_REQUEST["redirect_to"]) && $_REQUEST["redirect_to"] != "/")) {
goto oy;
}
$BM = $_REQUEST["redirect_to"];
oy:
delete_site_option("mo_saml_redirect_error_code");
delete_site_option("mo_saml_redirect_error_reason");
try {
$T5 = get_site_option("saml_am_email");
$Xi = get_site_option("saml_am_username");
$JL = get_site_option("saml_am_first_name");
$Ww = get_site_option("saml_am_last_name");
$UT = get_site_option("saml_am_group_name");
$VP = get_site_option("saml_am_default_user_role");
$hU = get_site_option("saml_am_dont_allow_unlisted_user_role");
$pD = get_site_option("saml_am_account_matcher");
$M3 = '';
$x_ = '';
$JL = str_replace(".", "_", $JL);
$JL = str_replace(" ", "_", $JL);
if (!(!empty($JL) && array_key_exists($JL, $_POST))) {
goto HP;
}
$JL = $_POST[$JL];
HP:
$Ww = str_replace(".", "_", $Ww);
$Ww = str_replace(" ", "_", $Ww);
if (!(!empty($Ww) && array_key_exists($Ww, $_POST))) {
goto E5;
}
$Ww = $_POST[$Ww];
E5:
$Xi = str_replace(".", "_", $Xi);
$Xi = str_replace(" ", "_", $Xi);
if (!empty($Xi) && array_key_exists($Xi, $_POST)) {
goto yI;
}
$x_ = $_POST["NameID"];
goto f2;
yI:
$x_ = $_POST[$Xi];
f2:
$M3 = str_replace(".", "_", $T5);
$M3 = str_replace(" ", "_", $T5);
if (!empty($T5) && array_key_exists($T5, $_POST)) {
goto qY;
}
$M3 = $_POST["NameID"];
goto Pi;
qY:
$M3 = $_POST[$T5];
Pi:
$UT = str_replace(".", "_", $UT);
$UT = str_replace(" ", "_", $UT);
if (!(!empty($UT) && array_key_exists($UT, $_POST))) {
goto Ep;
}
$UT = $_POST[$UT];
Ep:
if (!empty($pD)) {
goto DU;
}
$pD = "email";
DU:
$I1 = get_site_option("mo_saml_customer_token");
if (!(isset($I1) || trim($I1) != '')) {
goto ow;
}
$KX = AESEncryption::decrypt_data($M3, $I1);
$M3 = $KX;
ow:
if (!(!empty($JL) && !empty($I1))) {
goto lO;
}
$sC = AESEncryption::decrypt_data($JL, $I1);
$JL = $sC;
lO:
if (!(!empty($Ww) && !empty($I1))) {
goto wT;
}
$a0 = AESEncryption::decrypt_data($Ww, $I1);
$Ww = $a0;
wT:
if (!(!empty($x_) && !empty($I1))) {
goto VC;
}
$yX = AESEncryption::decrypt_data($x_, $I1);
$x_ = $yX;
VC:
if (!(!empty($UT) && !empty($I1))) {
goto xe;
}
$jm = AESEncryption::decrypt_data($UT, $I1);
$UT = $jm;
xe:
} catch (Exception $r_) {
echo sprintf("An error occurred while processing the SAML Response.");
exit;
}
$TC = array($UT);
mo_saml_login_user($M3, $JL, $Ww, $x_, $TC, $hU, $VP, $BM, $pD);
iq:
goto yK;
WF:
update_site_option("mo_saml_redirect_error_code", $_POST["ERROR_REASON"]);
update_site_option("mo_saml_redirect_error_reason", $_POST["ERROR_MESSAGE"]);
yK:
Hl:
fZ:
}
function mo_saml_relaystate_url($fJ)
{
$WH = parse_url($fJ, PHP_URL_SCHEME);
$fJ = str_replace($WH . "://", '', $fJ);
return $fJ;
}
function mo_saml_hash_relaystate($fJ)
{
$WH = parse_url($fJ, PHP_URL_SCHEME);
$fJ = str_replace($WH . "://", '', $fJ);
$fJ = base64_encode($fJ);
$L5 = cdjsurkhh($fJ);
$fJ = $fJ . "." . $L5;
return $fJ;
}
function mo_saml_get_relaystate($fJ)
{
if (!filter_var($fJ, FILTER_VALIDATE_URL)) {
goto rm;
}
return $fJ;
rm:
$wS = strpos($fJ, ".");
if ($wS) {
goto ak;
}
wp_die("An error occured. Please contact your administrator.", "Error : Not a trusted source of the SAML response");
exit;
ak:
$rw = substr($fJ, 0, $wS);
$XT = substr($fJ, $wS + 1);
$Zo = cdjsurkhh($rw);
if (!($XT !== $Zo)) {
goto zu;
}
wp_die("An error occured. Please contact your administrator.", "Error : Not a trusted source of the SAML response");
exit;
zu:
$rw = base64_decode($rw);
return $rw;
}
function cdjsurkhh($E2)
{
$L5 = hash("sha512", $E2);
$L3 = substr($L5, 7, 14);
return $L3;
}
function mo_saml_parse_url($fJ)
{
if (!($fJ != "testValidate" && $fJ != "testNewCertificate")) {
goto Zr;
}
$Pj = get_site_option("mo_saml_sp_base_url");
if (!empty($Pj)) {
goto Us;
}
$Pj = get_network_site_url();
Us:
$WH = parse_url($Pj, PHP_URL_SCHEME);
if (filter_var($fJ, FILTER_VALIDATE_URL)) {
goto VW;
}
$fJ = $WH . "://" . $fJ;
VW:
Zr:
return $fJ;
}
function mo_saml_is_subsite($fJ)
{
$jp = parse_url($fJ, PHP_URL_HOST);
$DH = parse_url($fJ, PHP_URL_PATH);
if (is_subdomain_install()) {
goto E2;
}
$vv = strpos($DH, "/", 1) != false ? strpos($DH, "/", 1) : strlen($DH) - 1;
$DH = substr($DH, 0, $vv + 1);
$blog_id = get_blog_id_from_url($jp, $DH);
goto P1;
E2:
$blog_id = get_blog_id_from_url($jp);
P1:
if ($blog_id !== 0) {
goto Va;
}
return false;
goto Ln;
Va:
return true;
Ln:
}
function mo_saml_show_SAML_log($Ki, $Sc)
{
header("Content-Type: text/html");
$Re = new DOMDocument();
$Re->preserveWhiteSpace = false;
$Re->formatOutput = true;
$Re->loadXML($Ki);
if ($Sc == "displaySAMLRequest") {
goto zx;
}
$AG = "SAML Response";
goto o1;
zx:
$AG = "SAML Request";
o1:
$Za = $Re->saveXML();
$dO = htmlentities($Za);
$dO = rtrim($dO);
$P6 = simplexml_load_string($Za);
$FT = json_encode($P6);
$Hh = json_decode($FT);
$Nw = plugins_url("includes/css/style_settings.css?ver=4.8.40", __FILE__);
echo "<link rel='stylesheet' id='mo_saml_admin_settings_style-css' href='" . $Nw . "' type='text/css' media='all' />
\xd
<div class="mo-display-logs" ><p type="text" id="SAML_type">" . $AG . "</p></div>\xd
<div type="text" id="SAML_display" class="mo-display-block"><pre class='brush: xml;'>" . $dO . "</pre></div>
\xa<br>\xd
<div\x9 style="margin:3%;display:block;text-align:center;">\xd\xa\xd\xa<div style="margin:3%;display:block;text-align:center;" >\xd
\xd\xa</div>
\xa<button id="copy" onclick="copyDivToClipboard()" style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;" >Copy</button>
\xd\xa<input id="dwn-btn" style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Download"
\xa">\xd
</div>
\xa</div>\xd\xa\xd
\xa";
ob_end_flush();
echo "
<script>
\xa
function copyDivToClipboard() {
\xavar aux = document.createElement("input");
\xaaux.setAttribute("value", document.getElementById("SAML_display").textContent);\xd
document.body.appendChild(aux);\xd
aux.select();\xd\xadocument.execCommand("copy");
document.body.removeChild(aux);\xd\xadocument.getElementById('copy').textContent = "Copied";
\xadocument.getElementById('copy').style.background = "grey";
window.getSelection().selectAllChildren( document.getElementById( "SAML_display" ) );
\xd\xa}
function download(filename, text) {
var element = document.createElement('a');
\xaelement.setAttribute('href', 'data:Application/octet-stream;charset=utf-8,' + encodeURIComponent(text));
\xaelement.setAttribute('download', filename);
element.style.display = 'none';\xd\xadocument.body.appendChild(element);\xd
\xaelement.click();\xd
\xadocument.body.removeChild(element);\xd\xa}\xd\xa
document.getElementById("dwn-btn").addEventListener("click", function () {\xd\xa
var filename = document.getElementById("SAML_type").textContent+".xml";
\xavar node = document.getElementById("SAML_display");
htmlContent = node.innerHTML;
\xatext = node.textContent;\xd
download(filename, text);\xd\xa}, false);
\xd
\xd\xa
\xa\xd
</script>\xd\xa";
exit;
}
function mo_saml_checkMapping($iS, $fJ, $Fv)
{
try {
$T5 = get_site_option("saml_am_email");
$Xi = get_site_option("saml_am_username");
$JL = get_site_option("saml_am_first_name");
$Ww = get_site_option("saml_am_last_name");
$UT = get_site_option("saml_am_group_name");
$S9 = array();
$S9 = maybe_unserialize(get_site_option("saml_am_role_mapping"));
$pD = get_site_option("saml_am_account_matcher");
$M3 = '';
$x_ = '';
if (empty($iS)) {
goto xG;
}
if (!empty($JL) && array_key_exists($JL, $iS)) {
goto h6;
}
$JL = '';
goto tz;
h6:
$JL = $iS[$JL][0];
tz:
if (!empty($Ww) && array_key_exists($Ww, $iS)) {
goto q8;
}
$Ww = '';
goto VQ;
q8:
$Ww = $iS[$Ww][0];
VQ:
if (!empty($Xi) && array_key_exists($Xi, $iS)) {
goto o2;
}
$x_ = $iS["NameID"][0];
goto sT;
o2:
$x_ = $iS[$Xi][0];
sT:
if (!empty($T5) && array_key_exists($T5, $iS)) {
goto Mu;
}
$M3 = $iS["NameID"][0];
goto X2;
Mu:
$M3 = $iS[$T5][0];
X2:
if (!empty($UT) && array_key_exists($UT, $iS)) {
goto am;
}
$UT = array();
goto Rx;
am:
$UT = $iS[$UT];
Rx:
if (!empty($pD)) {
goto Fq;
}
$pD = "email";
Fq:
xG:
if ($fJ == "testValidate") {
goto lk;
}
if ($fJ == "testNewCertificate") {
goto Jp;
}
mo_saml_login_user($M3, $JL, $Ww, $x_, $UT, $S9, $fJ, $pD, $Fv, $iS["NameID"][0], $iS);
goto XK;
lk:
update_site_option("mo_saml_test", "Test Successful");
mo_saml_show_test_result($JL, $Ww, $M3, $UT, $iS, $fJ);
goto XK;
Jp:
update_site_option("mo_saml_test_new_cert", "Test successful");
mo_saml_show_test_result($JL, $Ww, $M3, $UT, $iS, $fJ);
XK:
} catch (Exception $r_) {
echo sprintf("An error occurred while processing the SAML Response.");
exit;
}
}
function mo_saml_show_test_result($JL, $Ww, $M3, $UT, $iS, $fJ)
{
echo "<div style="font-family:Calibri;padding:0 3%;">";
if (!empty($M3)) {
goto af;
}
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;">TEST FAILED</div>
<div style="color: #a94442;font-size:14pt; margin-bottom:20px;">WARNING: Some Attributes Did Not Match.</div>
\xa <div style="display:block;text-align:center;margin-bottom:4%;"><img style="width:15%;"src="" . plugin_dir_url(__FILE__) . "images/wrong.png"></div>";
goto Op;
af:
update_site_option("mo_saml_test_config_attrs", $iS);
echo "<div style="color: #3c763d;
\xa background-color: #dff0d8; padding:2%;margin-bottom:20px;text-align:center; border:1px solid #AEDB9A; font-size:18pt;">TEST SUCCESSFUL</div>
\xa <div style="display:block;text-align:center;margin-bottom:4%;"><img style="width:15%;"src="" . plugin_dir_url(__FILE__) . "images/green_check.png"></div>";
Op:
$VU = $fJ == "testNewCertificate" ? "display:none" : '';
$q0 = get_site_option("saml_am_account_matcher") ? get_site_option("saml_am_account_matcher") : "email";
if (!($q0 == "email" && !filter_var($iS["NameID"][0], FILTER_VALIDATE_EMAIL))) {
goto iV;
}
echo "<p><font color="#FF0000" style="font-size:14pt">(Warning: The NameID value is not a valid Email ID)</font></p>";
iV:
echo "<span style="font-size:14pt;"><b>Hello</b>, " . $M3 . "</span><br/><p style="font-weight:bold;font-size:14pt;margin-left:1%;">ATTRIBUTES RECEIVED:</p>\xd
<table style="border-collapse:collapse;border-spacing:0; display:table;width:100%; font-size:14pt;background-color:#EDEDED;">\xd\xa <tr style="text-align:center;"><td style="font-weight:bold;border:2px solid #949090;padding:2%;">ATTRIBUTE NAME</td><td style="font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;">ATTRIBUTE VALUE</td></tr>";
if (!empty($iS)) {
goto SK;
}
echo "No Attributes Received.";
goto Qk;
SK:
foreach ($iS as $I1 => $UA) {
echo "<tr><td style='font-weight:bold;border:2px solid #949090;padding:2%;'>" . $I1 . "</td><td style='padding:2%;border:2px solid #949090; word-wrap:break-word;'>" . implode("<hr/>", $UA) . "</td></tr>";
DT:
}
Vx:
Qk:
echo "</table></div>";
echo "<div style="margin:3%;display:block;text-align:center;">
<input style="padding:1%;width:250px;background: #0091CD none repeat scroll 0% 0%;\xd\xa cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space:\xd
nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;" . $VU . ""\xd\xa type="button" value="Configure Attribute/Role Mapping" onClick="close_and_redirect();">
\xa <input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>\xd
<script>\xd\xa\xd
function close_and_redirect(){
\xa window.opener.redirect_to_attribute_mapping();\xd
self.close();
\xa }\xd\xa \xd\xa function refreshParent() {
\xa window.opener.location.reload();
\xa }\xd\xa </script>";
exit;
}
function mo_saml_convert_to_windows_iconv($WV)
{
$wN = get_site_option("mo_saml_encoding_enabled");
if (!($wN !== "checked")) {
goto p_;
}
return $WV;
p_:
return iconv("UTF-8", "CP1252//IGNORE", $WV);
}
function mo_saml_login_user($M3, $JL, $Ww, $x_, $UT, $S9, $fJ, $pD, $Fv = '', $dQ = '', $iS = null)
{
do_action("mo_abr_filter_login", $iS);
$x_ = mo_saml_sanitize_username($x_);
if (get_site_option("mo_saml_disable_role_mapping")) {
goto j1;
}
check_if_user_allowed_to_login_due_to_role_restriction($UT);
j1:
$Pj = get_site_option("mo_saml_sp_base_url");
mo_saml_restrict_users_based_on_domain($M3);
if (!empty($S9)) {
goto q0;
}
$S9["DEFAULT"]["default_role"] = "subscriber";
$S9["DEFAULT"]["dont_allow_unlisted_user"] = '';
$S9["DEFAULT"]["dont_create_user"] = '';
$S9["DEFAULT"]["keep_existing_users_role"] = '';
$S9["DEFAULT"]["mo_saml_dont_allow_user_tologin_create_with_given_groups"] = '';
$S9["DEFAULT"]["mo_saml_restrict_users_with_groups"] = '';
q0:
global $wpdb;
$vF = get_current_blog_id();
$iX = "unchecked";
if (!empty($Pj)) {
goto AJ;
}
$Pj = get_network_site_url();
AJ:
if (email_exists($M3) || username_exists($x_)) {
goto PE;
}
$DX = Utilities::get_active_sites();
$WK = get_site_option("mo_apply_role_mapping_for_sites");
if (!get_site_option("mo_saml_disable_role_mapping")) {
goto Hu;
}
$Rv = wp_generate_password(12, false);
$Nb = wpmu_create_user($x_, $Rv, $M3);
goto tg;
Hu:
$Nb = mo_saml_assign_roles_to_new_user($DX, $WK, $S9, $UT, $x_, $M3);
tg:
switch_to_blog($vF);
if (!empty($Nb)) {
goto cq;
}
if (!get_site_option("mo_saml_disable_role_mapping")) {
goto Wi;
}
wp_die("We could not sign you in. Please contact administrator", "Login Failed!");
goto ig;
Wi:
$dI = get_site_option("mo_saml_account_creation_disabled_msg");
if (!empty($dI)) {
goto Km;
}
$dI = "We could not sign you in. Please contact your Administrator.";
Km:
wp_die($dI, "Error: Not a WordPress Member");
ig:
cq:
$user = get_user_by("id", $Nb);
mo_saml_map_basic_attributes($user, $JL, $Ww, $iS);
mo_saml_map_custom_attributes($Nb, $iS);
$Op = mo_saml_get_redirect_url($Pj, $fJ);
do_action("miniorange_post_authenticate_user_login", $user, null, $Op, true);
mo_saml_set_auth_cookie($user, $Fv, $dQ, true);
do_action("mo_saml_attributes", $x_, $M3, $JL, $Ww, $UT, null, true);
goto W4;
PE:
if (email_exists($M3)) {
goto Fu;
}
$user = get_user_by("login", $x_);
goto Jt;
Fu:
$user = get_user_by("email", $M3);
Jt:
$Nb = $user->ID;
if (!(!empty($M3) and strcasecmp($M3, $user->user_email) != 0)) {
goto ku;
}
$Nb = wp_update_user(array("ID" => $Nb, "user_email" => $M3));
ku:
mo_saml_map_basic_attributes($user, $JL, $Ww, $iS);
mo_saml_map_custom_attributes($Nb, $iS);
$DX = Utilities::get_active_sites();
$WK = get_site_option("mo_apply_role_mapping_for_sites");
if (get_site_option("mo_saml_disable_role_mapping")) {
goto uo;
}
foreach ($DX as $blog_id) {
switch_to_blog($blog_id);
$user = get_user_by("id", $Nb);
$wf = '';
if ($WK) {
goto EV;
}
$wf = $blog_id;
goto Ul;
EV:
$wf = 0;
Ul:
if (empty($S9)) {
goto zz;
}
if (!empty($S9[$wf])) {
goto d8;
}
if (!empty($S9["DEFAULT"])) {
goto dx;
}
$VP = "subscriber";
$hU = '';
$iX = '';
$S8 = '';
goto jr;
dx:
$VP = isset($S9["DEFAULT"]["default_role"]) ? $S9["DEFAULT"]["default_role"] : "subscriber";
$hU = isset($S9["DEFAULT"]["dont_allow_unlisted_user"]) ? $S9["DEFAULT"]["dont_allow_unlisted_user"] : '';
$iX = isset($S9["DEFAULT"]["dont_create_user"]) ? $S9["DEFAULT"]["dont_create_user"] : '';
$S8 = isset($S9["DEFAULT"]["keep_existing_users_role"]) ? $S9["DEFAULT"]["keep_existing_users_role"] : '';
jr:
goto dL;
d8:
$VP = isset($S9[$wf]["default_role"]) ? $S9[$wf]["default_role"] : '';
$hU = isset($S9[$wf]["dont_allow_unlisted_user"]) ? $S9[$wf]["dont_allow_unlisted_user"] : '';
$iX = isset($S9[$wf]["dont_create_user"]) ? $S9[$wf]["dont_create_user"] : '';
$S8 = isset($S9[$wf]["keep_existing_users_role"]) ? $S9[$wf]["keep_existing_users_role"] : '';
dL:
zz:
if (!is_user_member_of_blog($Nb, $blog_id)) {
goto xY;
}
if (isset($S8) && $S8 == "checked") {
goto bl;
}
$z0 = assign_roles_to_user($user, $S9, $blog_id, $UT, $wf);
goto M9;
bl:
$z0 = false;
M9:
if (is_administrator_user($user)) {
goto aH;
}
if (isset($S8) && $S8 == "checked") {
goto lI;
}
if ($z0 !== true && !empty($hU) && $hU == "checked") {
goto nI;
}
if ($z0 !== true && !empty($VP) && $VP !== "false") {
goto SL;
}
if ($z0 !== true && is_user_member_of_blog($Nb, $blog_id)) {
goto HL;
}
goto Sc;
lI:
goto Sc;
nI:
$Nb = wp_update_user(array("ID" => $Nb, "role" => false));
goto Sc;
SL:
$Nb = wp_update_user(array("ID" => $Nb, "role" => $VP));
goto Sc;
HL:
$GD = get_site_option("default_role");
$Nb = wp_update_user(array("ID" => $Nb, "role" => $GD));
Sc:
aH:
goto kp;
xY:
$aN = TRUE;
$Lr = get_site_option("saml_sso_settings");
if (!empty($Lr[$blog_id])) {
goto MV;
}
$Lr[$blog_id] = $Lr["DEFAULT"];
MV:
if (empty($S9)) {
goto lM;
}
if (array_key_exists($wf, $S9)) {
goto xx;
}
if (!array_key_exists("DEFAULT", $S9)) {
goto yx;
}
$GL = get_saml_roles_to_assign($S9, $wf, $UT);
if (!(empty($GL) && strcmp($S9["DEFAULT"]["dont_create_user"], "checked") == 0)) {
goto Ve;
}
$aN = FALSE;
Ve:
yx:
goto UL;
xx:
$GL = get_saml_roles_to_assign($S9, $wf, $UT);
if (!(empty($GL) && strcmp($S9[$wf]["dont_create_user"], "checked") == 0)) {
goto fx;
}
$aN = FALSE;
fx:
UL:
lM:
if (!$aN) {
goto c8;
}
add_user_to_blog($blog_id, $Nb, false);
$z0 = assign_roles_to_user($user, $S9, $blog_id, $UT, $wf);
if ($z0 !== true && !empty($hU) && $hU == "checked") {
goto sV;
}
if ($z0 !== true && !empty($VP) && $VP !== "false") {
goto NK;
}
if ($z0 !== true) {
goto Fw;
}
goto v5;
sV:
$Nb = wp_update_user(array("ID" => $Nb, "role" => false));
goto v5;
NK:
$Nb = wp_update_user(array("ID" => $Nb, "role" => $VP));
goto v5;
Fw:
$GD = get_site_option("default_role");
$Nb = wp_update_user(array("ID" => $Nb, "role" => $GD));
v5:
c8:
kp:
Xg:
}
zp:
uo:
switch_to_blog($vF);
if ($Nb) {
goto pe;
}
wp_die("Invalid user. Please try again.");
pe:
$user = get_user_by("id", $Nb);
mo_saml_set_auth_cookie($user, $Fv, $dQ, true);
do_action("mo_saml_attributes", $x_, $M3, $JL, $Ww, $UT);
W4:
mo_saml_post_login_redirection($Pj, $fJ);
}
function mo_saml_add_user_to_blog($M3, $x_, $blog_id = 0)
{
if (email_exists($M3)) {
goto YB;
}
if (!empty($x_)) {
goto Ab;
}
$Nb = mo_saml_create_user($M3, $M3, $blog_id);
goto MX;
Ab:
$Nb = mo_saml_create_user($x_, $M3, $blog_id);
MX:
goto xN;
YB:
$user = get_user_by("email", $M3);
$Nb = $user->ID;
if (empty($blog_id)) {
goto R0;
}
add_user_to_blog($blog_id, $Nb, false);
R0:
xN:
return $Nb;
}
function mo_saml_create_user($x_, $M3, $blog_id)
{
$hh = wp_generate_password(10, false);
if (username_exists($x_)) {
goto ZZ;
}
$Nb = wp_create_user($x_, $hh, $M3);
goto bh;
ZZ:
$user = get_user_by("login", $x_);
$Nb = $user->ID;
if (!$blog_id) {
goto rV;
}
add_user_to_blog($blog_id, $Nb, false);
rV:
bh:
if (!is_wp_error($Nb)) {
goto Dj;
}
echo "<strong>ERROR</strong>: Empty User Name and Email. Please contact your administrator.";
exit;
Dj:
return $Nb;
}
function mo_saml_assign_roles_to_new_user($DX, $WK, $S9, $UT, $x_, $M3)
{
global $wpdb;
$user = NULL;
$Sx = false;
foreach ($DX as $blog_id) {
$Ub = TRUE;
$wf = '';
if ($WK) {
goto i6;
}
$wf = $blog_id;
goto qz;
i6:
$wf = 0;
qz:
$Lr = get_site_option("saml_sso_settings");
if (!empty($Lr[$blog_id])) {
goto mI;
}
$Lr[$blog_id] = $Lr["DEFAULT"];
mI:
if (empty($S9)) {
goto Kx;
}
if (!empty($S9[$wf])) {
goto yo;
}
if (!empty($S9["DEFAULT"])) {
goto TK;
}
$VP = "subscriber";
$hU = '';
$S8 = '';
$GL = '';
goto y9;
TK:
$VP = isset($S9["DEFAULT"]["default_role"]) ? $S9["DEFAULT"]["default_role"] : '';
$hU = isset($S9["DEFAULT"]["dont_allow_unlisted_user"]) ? $S9["DEFAULT"]["dont_allow_unlisted_user"] : '';
$S8 = array_key_exists("keep_existing_users_role", $S9["DEFAULT"]) ? $S9["DEFAULT"]["keep_existing_users_role"] : '';
$GL = get_saml_roles_to_assign($S9, $wf, $UT);
if (!(empty($GL) && strcmp($S9["DEFAULT"]["dont_create_user"], "checked") == 0)) {
goto WD;
}
$Ub = FALSE;
WD:
y9:
goto cL;
yo:
$VP = isset($S9[$wf]["default_role"]) ? $S9[$wf]["default_role"] : '';
$hU = isset($S9[$wf]["dont_allow_unlisted_user"]) ? $S9[$wf]["dont_allow_unlisted_user"] : '';
$S8 = array_key_exists("keep_existing_users_role", $S9[$wf]) ? $S9[$wf]["keep_existing_users_role"] : '';
$GL = get_saml_roles_to_assign($S9, $wf, $UT);
if (!(empty($GL) && strcmp($S9[$wf]["dont_create_user"], "checked") == 0)) {
goto VJ;
}
$Ub = FALSE;
VJ:
cL:
Kx:
if (!$Ub) {
goto bG;
}
$Nb = NULL;
switch_to_blog($blog_id);
$Nb = mo_saml_add_user_to_blog($M3, $x_, $blog_id);
$user = get_user_by("id", $Nb);
$z0 = assign_roles_to_user($user, $S9, $blog_id, $UT, $wf);
if ($z0 !== true && !empty($hU) && $hU == "checked") {
goto Rz;
}
if ($z0 !== true && !empty($VP) && $VP !== "false") {
goto pE;
}
if ($z0 !== true) {
goto I6;
}
goto ml;
Rz:
$Nb = wp_update_user(array("ID" => $Nb, "role" => false));
goto ml;
pE:
$Nb = wp_update_user(array("ID" => $Nb, "role" => $VP));
goto ml;
I6:
$GD = get_site_option("default_role");
$Nb = wp_update_user(array("ID" => $Nb, "role" => $GD));
ml:
$yG = $user->{$wpdb->prefix . "capabilities"};
if (isset($wp_roles)) {
goto YF;
}
$wp_roles = new WP_Roles($wf);
YF:
bG:
Mh:
}
UH:
if (!empty($user)) {
goto Ii;
}
return;
goto a8;
Ii:
return $user->ID;
a8:
}
function mo_saml_sanitize_username($x_)
{
$YW = sanitize_user($x_, true);
$cS = apply_filters("pre_user_login", $YW);
$x_ = trim($cS);
return $x_;
}
function mo_saml_map_basic_attributes($user, $JL, $Ww, $iS)
{
$Nb = $user->ID;
if (empty($JL)) {
goto cc;
}
$Nb = wp_update_user(array("ID" => $Nb, "first_name" => $JL));
cc:
if (empty($Ww)) {
goto u8;
}
$Nb = wp_update_user(array("ID" => $Nb, "last_name" => $Ww));
u8:
if (is_null($iS)) {
goto WJ;
}
update_user_meta($Nb, "mo_saml_user_attributes", $iS);
$Ql = get_site_option("saml_am_display_name");
if (empty($Ql)) {
goto id;
}
if (strcmp($Ql, "USERNAME") == 0) {
goto uk;
}
if (strcmp($Ql, "FNAME") == 0 && !empty($JL)) {
goto vA;
}
if (strcmp($Ql, "LNAME") == 0 && !empty($Ww)) {
goto IH;
}
if (strcmp($Ql, "FNAME_LNAME") == 0 && !empty($Ww) && !empty($JL)) {
goto Su;
}
if (!(strcmp($Ql, "LNAME_FNAME") == 0 && !empty($Ww) && !empty($JL))) {
goto U_;
}
$Nb = wp_update_user(array("ID" => $Nb, "display_name" => $Ww . " " . $JL));
U_:
goto wa;
Su:
$Nb = wp_update_user(array("ID" => $Nb, "display_name" => $JL . " " . $Ww));
wa:
goto jH;
IH:
$Nb = wp_update_user(array("ID" => $Nb, "display_name" => $Ww));
jH:
goto Jm;
vA:
$Nb = wp_update_user(array("ID" => $Nb, "display_name" => $JL));
Jm:
goto pY;
uk:
$Nb = wp_update_user(array("ID" => $Nb, "display_name" => $user->user_login));
pY:
id:
WJ:
}
function mo_saml_map_custom_attributes($Nb, $iS)
{
if (!get_site_option("mo_saml_custom_attrs_mapping")) {
goto cW;
}
$cE = maybe_unserialize(get_site_option("mo_saml_custom_attrs_mapping"));
foreach ($cE as $I1 => $UA) {
if (!array_key_exists($UA, $iS)) {
goto KJ;
}
$Vq = false;
if (!(count($iS[$UA]) == 1)) {
goto Z7;
}
$Vq = true;
Z7:
if (!$Vq) {
goto SN;
}
update_user_meta($Nb, $I1, $iS[$UA][0]);
goto Yq;
SN:
$UU = array();
foreach ($iS[$UA] as $Jz) {
array_push($UU, $Jz);
fH:
}
xi:
update_user_meta($Nb, $I1, $UU);
Yq:
KJ:
Kd:
}
EE:
cW:
}
function mo_saml_restrict_users_based_on_domain($M3)
{
$ok = get_site_option("mo_saml_enable_domain_restriction_login");
if (!$ok) {
goto IZ;
}
$OH = get_site_option("saml_am_email_domains");
$D0 = explode(";", $OH);
$Vd = explode("@", $M3);
$TX = array_key_exists("1", $Vd) ? $Vd[1] : '';
$U5 = get_site_option("mo_saml_allow_deny_user_with_domain");
$dI = get_site_option("mo_saml_restricted_domain_error_msg");
if (!empty($dI)) {
goto k_;
}
$dI = "You are not allowed to login. Please contact your Administrator.";
k_:
if (!empty($U5) && $U5 == "deny") {
goto vM;
}
if (in_array($TX, $D0)) {
goto IQ;
}
wp_die($dI, "Permission Denied Error - 2");
IQ:
goto pm;
vM:
if (!in_array($TX, $D0)) {
goto Da;
}
wp_die($dI, "Permission Denied Error - 1");
Da:
pm:
IZ:
}
function mo_saml_set_auth_cookie($user, $Fv, $dQ, $M2)
{
$Nb = $user->ID;
do_action("wp_login", $user->user_login, $user);
if (empty($Fv)) {
goto SH;
}
update_user_meta($Nb, "mo_saml_session_index", $Fv);
SH:
if (empty($dQ)) {
goto p3;
}
update_user_meta($Nb, "mo_saml_name_id", $dQ);
p3:
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto I5;
}
session_start();
I5:
$_SESSION["mo_saml"]["logged_in_with_idp"] = TRUE;
update_user_meta($Nb, "mo_saml_idp_login", "true");
wp_set_current_user($Nb);
$Ln = false;
$Ln = apply_filters("mo_remember_me", $Ln);
wp_set_auth_cookie($Nb, $Ln);
if (!$M2) {
goto na;
}
do_action("user_register", $Nb);
na:
}
function mo_saml_post_login_redirection($Pj, $fJ)
{
$aq = mo_saml_get_redirect_url($Pj, $fJ);
wp_redirect($aq);
exit;
}
function mo_saml_get_redirect_url($Pj, $fJ)
{
$Op = '';
$Lr = get_site_option("saml_sso_settings");
$mP = get_current_blog_id();
if (!(empty($Lr[$mP]) && !empty($Lr["DEFAULT"]))) {
goto Zv;
}
$Lr[$mP] = $Lr["DEFAULT"];
Zv:
$eE = isset($Lr[$mP]["mo_saml_relay_state"]) ? $Lr[$mP]["mo_saml_relay_state"] : '';
if (!empty($eE)) {
goto i9;
}
if (!empty($fJ)) {
goto Wq;
}
$Op = $Pj;
goto eG;
Wq:
$Op = $fJ;
eG:
goto MU;
i9:
$Op = $eE;
MU:
return $Op;
}
function check_if_user_allowed_to_login($user, $Pj)
{
$Nb = $user->ID;
global $wpdb;
if (get_user_meta($Nb, "mo_saml_user_type", true)) {
goto Pg;
}
if (get_site_option("mo_saml_usr_lmt")) {
goto VM;
}
update_user_meta($Nb, "mo_saml_user_type", "sso_user");
goto Lo;
VM:
$I1 = get_site_option("mo_saml_customer_token");
$Sh = AESEncryption::decrypt_data(get_site_option("mo_saml_usr_lmt"), $I1);
$X2 = "SELECT COUNT(*) FROM " . $wpdb->prefix . "usermeta WHERE meta_key='mo_saml_user_type'";
$Gm = $wpdb->get_var($X2);
if ($Gm >= $Sh) {
goto cd;
}
update_user_meta($Nb, "mo_saml_user_type", "sso_user");
goto eA;
cd:
if (get_site_option("user_alert_email_sent")) {
goto uu;
}
$N3 = new Customersaml();
$N3->mo_saml_send_user_exceeded_alert_email($Sh, $this);
uu:
if (is_administrator_user($user)) {
goto Bs;
}
wp_redirect($Pj);
exit;
goto ag;
Bs:
update_user_meta($Nb, "mo_saml_user_type", "sso_user");
ag:
eA:
Lo:
Pg:
}
function check_if_user_allowed_to_login_due_to_role_restriction($UT)
{
$S9 = maybe_unserialize(get_site_option("saml_am_role_mapping"));
$DX = Utilities::get_active_sites();
$WK = get_site_option("mo_apply_role_mapping_for_sites");
if ($S9) {
goto XC;
}
$S9 = array();
XC:
if (array_key_exists("DEFAULT", $S9)) {
goto vp;
}
$S9["DEFAULT"] = array();
vp:
foreach ($DX as $blog_id) {
if ($WK) {
goto t0;
}
$wf = $blog_id;
goto NR;
t0:
$wf = 0;
NR:
if (isset($S9[$wf])) {
goto wu;
}
$eQ = $S9["DEFAULT"];
goto xC;
wu:
$eQ = $S9[$wf];
xC:
if (empty($eQ)) {
goto P_;
}
$DY = isset($eQ["mo_saml_dont_allow_user_tologin_create_with_given_groups"]) ? $eQ["mo_saml_dont_allow_user_tologin_create_with_given_groups"] : '';
if (!($DY == "checked")) {
goto VP;
}
if (empty($UT)) {
goto xH;
}
$CY = $eQ["mo_saml_restrict_users_with_groups"];
$S7 = explode(";", $CY);
foreach ($S7 as $yo) {
foreach ($UT as $nk) {
$nk = trim($nk);
if (!(!empty($nk) && $nk == $yo)) {
goto eR;
}
wp_die("You are not authorized to login. Please contact your administrator.", "Error");
eR:
is:
}
DM:
uS:
}
Xp:
xH:
VP:
P_:
Zt:
}
rt:
}
function assign_roles_to_user($user, $S9, $blog_id, $UT, $wf)
{
$z0 = false;
if (!(!empty($UT) && !empty($S9) && !is_administrator_user($user) && is_user_member_of_blog($user->ID, $blog_id))) {
goto ES;
}
if (!empty($S9[$wf])) {
goto Kf;
}
if (empty($S9["DEFAULT"])) {
goto TY;
}
$eQ = $S9["DEFAULT"];
TY:
goto y4;
Kf:
$eQ = $S9[$wf];
y4:
if (empty($eQ)) {
goto ja;
}
$user->set_role(false);
$KJ = '';
$C2 = false;
unset($eQ["default_role"]);
unset($eQ["dont_create_user"]);
unset($eQ["dont_allow_unlisted_user"]);
unset($eQ["keep_existing_users_role"]);
unset($eQ["mo_saml_dont_allow_user_tologin_create_with_given_groups"]);
unset($eQ["mo_saml_restrict_users_with_groups"]);
foreach ($eQ as $Ek => $wd) {
$S7 = explode(";", $wd);
foreach ($S7 as $yo) {
if (!(!empty($yo) && in_array($yo, $UT))) {
goto fR;
}
$z0 = true;
$user->add_role($Ek);
fR:
EL:
}
eP:
o7:
}
y3:
ja:
ES:
$ze = get_site_option("mo_saml_super_admin_role_mapping");
$mG = array();
if (empty($ze)) {
goto uG;
}
$mG = explode(";", $ze);
uG:
if (!(!empty($UT) && !empty($mG))) {
goto YW1;
}
foreach ($mG as $yo) {
if (!in_array($yo, $UT)) {
goto kNy;
}
grant_super_admin($user->ID);
kNy:
PYy:
}
rs:
YW1:
return $z0;
}
function get_saml_roles_to_assign($S9, $blog_id, $UT)
{
$GL = array();
if (!(!empty($UT) && !empty($S9))) {
goto l93;
}
if (!empty($S9[$blog_id])) {
goto KZ9;
}
if (empty($S9["DEFAULT"])) {
goto b1x;
}
$eQ = $S9["DEFAULT"];
b1x:
goto CS6;
KZ9:
$eQ = $S9[$blog_id];
CS6:
if (empty($eQ)) {
goto iDw;
}
unset($eQ["default_role"]);
unset($eQ["dont_create_user"]);
unset($eQ["dont_allow_unlisted_user"]);
unset($eQ["keep_existing_users_role"]);
unset($eQ["mo_saml_dont_allow_user_tologin_create_with_given_groups"]);
unset($eQ["mo_saml_restrict_users_with_groups"]);
foreach ($eQ as $Ek => $wd) {
$S7 = explode(";", $wd);
foreach ($S7 as $yo) {
if (!(!empty($yo) and in_array($yo, $UT))) {
goto iNK;
}
array_push($GL, $Ek);
iNK:
jwb:
}
aQm:
KPU:
}
fCJ:
iDw:
l93:
return $GL;
}
function is_administrator_user($user)
{
$jK = $user->roles;
if (!is_null($jK) && in_array("administrator", $jK)) {
goto Z7p;
}
return false;
goto MG3;
Z7p:
return true;
MG3:
}
function mo_saml_is_customer_registered()
{
$UK = get_site_option("mo_saml_admin_email");
$zA = get_site_option("mo_saml_admin_customer_key");
if (!$UK || !$zA || !is_numeric(trim($zA))) {
goto LRJ;
}
return 1;
goto Bn_;
LRJ:
return 0;
Bn_:
}
function mo_saml_is_customer_license_verified()
{
$I1 = get_site_option("mo_saml_customer_token");
$dn = AESEncryption::decrypt_data(get_site_option("t_site_status"), $I1);
$rS = get_site_option("sml_lk");
$UK = get_site_option("mo_saml_admin_email");
$zA = get_site_option("mo_saml_admin_customer_key");
$yk = AESEncryption::decrypt_data(get_site_option("no_sbs"), $I1);
$zV = false;
if (!get_site_option("no_sbs")) {
goto QGx;
}
$Kx = Utilities::get_sites();
$zV = $yk < count($Kx);
QGx:
if ($dn != "true" && !$rS || !$UK || !$zA || !is_numeric(trim($zA)) || $zV) {
goto Qn8;
}
return 1;
goto B3G;
Qn8:
return 0;
B3G:
}
function show_status_error($KO, $fJ)
{
if ($fJ == "testValidate" or $fJ == "testNewCertificate") {
goto fDU;
}
wp_die("We could not sign you in. Please contact your Administrator.", "Error: Invalid SAML Response Status");
goto QOA;
fDU:
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
\xa <div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong> Invalid SAML Response Status.</p>\xd\xa <p><strong>Causes</strong>: Identity Provider has sent '" . esc_html($KO) . "' status code in SAML Response. </p>\xd
<p><strong>Reason</strong>: " . get_status_message(esc_html($KO)) . "</p><br>";
if (empty($cj)) {
goto u_h;
}
echo "<p><strong>Status Message in the SAML Response:</strong> <br/>" . esc_html($cj) . "</p><br>";
u_h:
echo "
</div>
\xa\xd
<div style="margin:3%;display:block;text-align:center;">
\xa <div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
exit;
QOA:
}
function addLink($KL, $iy)
{
$hy = "<a href="" . $iy . "">" . $KL . "</a>";
return $hy;
}
function get_status_message($KO)
{
switch ($KO) {
case "Requester":
return "The request could not be performed due to an error on the part of the requester.";
goto oqu;
case "Responder":
return "The request could not be performed due to an error on the part of the SAML responder or SAML authority.";
goto oqu;
case "VersionMismatch":
return "The SAML responder could not process the request because the version of the request message was incorrect.";
goto oqu;
default:
return "Unknown";
}
ypO:
oqu:
}
function saml_get_current_page_url()
{
$C8 = $_SERVER["HTTP_HOST"];
if (!(substr($C8, -1) == "/")) {
goto sLv;
}
$C8 = substr($C8, 0, -1);
sLv:
$W7 = $_SERVER["REQUEST_URI"];
if (!(substr($W7, 0, 1) == "/")) {
goto SBR;
}
$W7 = substr($W7, 1);
SBR:
$d_ = isset($_SERVER["HTTPS"]) && strcasecmp($_SERVER["HTTPS"], "on") == 0;
$rw = "http" . ($d_ ? "s" : '') . "://" . $C8 . "/" . $W7;
return $rw;
}
function get_network_site_url()
{
$Nw = network_site_url();
if (!(substr($Nw, -1) == "/")) {
goto Rl8;
}
$Nw = substr($Nw, 0, -1);
Rl8:
return $Nw;
}
function get_current_base_url()
{
return sprintf("%s://%s/", isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] != "off" ? "https" : "http", $_SERVER["HTTP_HOST"]);
}
add_action("widgets_init", function () {
register_widget("mo_login_wid");
});
add_action("init", "mo_login_validate");
?>Did this file decode correctly?
Original Code
<?php
include_once dirname(__FILE__) . "\x2f\x55\164\151\x6c\151\x74\151\x65\163\x2e\x70\150\x70";
include_once dirname(__FILE__) . "\x2f\x52\145\163\160\x6f\156\x73\x65\x2e\x70\150\160";
include_once dirname(__FILE__) . "\x2f\x4c\x6f\x67\x6f\x75\x74\122\x65\161\x75\x65\x73\x74\x2e\x70\150\160";
require_once dirname(__FILE__) . "\57\151\x6e\x63\154\165\x64\145\163\57\x6c\151\142\x2f\x65\x6e\x63\162\171\160\164\151\x6f\156\x2e\x70\150\x70";
include_once dirname(__FILE__).DIRECTORY_SEPARATOR ."\x78\155\154\x73\145\143\154\x69\142\163\56\x70\x68\x70";
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class mo_login_wid extends WP_Widget
{
public function __construct()
{
$Ys = get_site_option("\163\x61\x6d\x6c\137\151\x64\145\x6e\164\151\x74\171\137\156\x61\x6d\x65");
parent::__construct("\x53\141\155\154\x5f\114\157\147\151\x6e\137\127\x69\144\x67\x65\164", "\114\157\x67\x69\x6e\x20\x77\x69\164\x68\x20" . $Ys, array("\144\145\163\143\x72\x69\x70\x74\151\x6f\x6e" => __("\x54\150\151\x73\40\x69\163\x20\x61\40\155\x69\156\151\x4f\162\x61\156\x67\145\x20\123\x41\115\114\x20\154\157\x67\151\156\40\x77\151\144\147\145\164\x2e", "\155\157\x73\141\x6d\x6c")));
}
public function widget($ur, $KP)
{
extract($ur);
$XR = apply_filters("\x77\x69\x64\147\x65\164\x5f\x74\151\x74\x6c\x65", $KP["\167\151\x64\x5f\164\x69\164\x6c\145"]);
echo $ur["\142\145\146\x6f\162\145\137\x77\x69\x64\x67\145\164"];
if (empty($XR)) {
goto qC;
}
echo $ur["\142\145\x66\x6f\162\145\137\164\x69\x74\x6c\145"] . $XR . $ur["\141\146\x74\x65\162\137\164\x69\x74\x6c\145"];
qC:
$this->loginForm();
echo $ur["\x61\x66\x74\145\162\x5f\x77\151\144\x67\x65\164"];
}
public function update($it, $Ph)
{
$KP = array();
$KP["\x77\151\x64\x5f\164\x69\x74\154\x65"] = strip_tags($it["\x77\x69\144\137\164\151\x74\x6c\145"]);
return $KP;
}
public function form($KP)
{
$XR = '';
if (!array_key_exists("\x77\x69\x64\137\164\151\x74\154\145", $KP)) {
goto Wd;
}
$XR = $KP["\167\151\144\137\x74\151\x74\x6c\x65"];
Wd:
echo "\xd\xa\x9\11\x3c\x70\x3e\x3c\x6c\x61\x62\x65\x6c\x20\146\x6f\162\75\42" . $this->get_field_id("\x77\x69\x64\x5f\x74\x69\x74\x6c\x65") . "\x20\x22\76" . _e("\124\151\164\x6c\x65\x3a") . "\40\74\x2f\154\x61\x62\x65\154\76\15\12\11\x9\x9\x3c\x69\x6e\x70\x75\x74\x20\143\x6c\x61\163\163\75\42\167\x69\x64\145\x66\x61\164\x22\x20\x69\144\x3d\42" . $this->get_field_id("\167\x69\x64\x5f\164\x69\164\x6c\x65") . "\x22\x20\x6e\141\155\x65\x3d\42" . $this->get_field_name("\167\x69\144\137\x74\151\164\154\145") . "\42\40\x74\171\x70\x65\75\x22\164\x65\x78\x74\42\x20\166\x61\x6c\x75\145\x3d\x22" . $XR . "\42\40\x2f\x3e\15\12\11\11\74\x2f\160\76";
}
public function loginForm()
{
global $post;
$Lr = get_site_option("\163\x61\x6d\154\137\163\163\x6f\x5f\163\x65\164\164\151\x6e\147\163");
$mP = get_current_blog_id();
$AP = Utilities::get_active_sites();
if (in_array($mP, $AP)) {
goto K7;
}
return;
K7:
if (!(empty($Lr[$mP]) && !empty($Lr["\104\105\106\101\125\x4c\x54"]))) {
goto kS;
}
$Lr[$mP] = $Lr["\104\x45\106\101\125\x4c\x54"];
kS:
if (!is_user_logged_in()) {
goto g0;
}
$current_user = wp_get_current_user();
$RU = "\110\145\154\154\157\54";
if (empty($Lr[$mP]["\155\157\137\163\141\155\154\x5f\143\165\163\x74\x6f\x6d\x5f\x67\162\145\145\x74\x69\x6e\147\137\164\x65\x78\164"])) {
goto QT;
}
$RU = $Lr[$mP]["\155\157\137\163\x61\x6d\x6c\137\x63\165\x73\164\157\x6d\x5f\x67\x72\x65\x65\164\x69\156\x67\x5f\x74\145\x78\x74"];
QT:
$O4 = '';
if (empty($Lr[$mP]["\x6d\157\137\163\141\x6d\154\x5f\x67\162\145\x65\164\151\156\147\137\156\141\155\145"])) {
goto nX;
}
switch ($Lr[$mP]["\155\157\137\163\141\x6d\154\137\147\162\145\x65\x74\151\x6e\x67\137\x6e\x61\155\145"]) {
case "\x55\x53\x45\x52\116\101\x4d\105":
$O4 = $current_user->user_login;
goto Bk;
case "\105\115\x41\x49\x4c":
$O4 = $current_user->user_email;
goto Bk;
case "\106\x4e\x41\115\x45":
$O4 = $current_user->user_firstname;
goto Bk;
case "\114\x4e\101\x4d\x45":
$O4 = $current_user->user_lastname;
goto Bk;
case "\x46\116\x41\x4d\x45\x5f\114\x4e\101\x4d\105":
$O4 = $current_user->user_firstname . "\40" . $current_user->user_lastname;
goto Bk;
case "\114\116\101\x4d\x45\x5f\x46\116\101\115\105":
$O4 = $current_user->user_lastname . "\x20" . $current_user->user_firstname;
goto Bk;
default:
$O4 = $current_user->user_login;
}
ii:
Bk:
nX:
if (!empty(trim($O4))) {
goto EC;
}
$O4 = $current_user->user_login;
EC:
$Jb = $RU . "\x20" . $O4;
$Fl = "\114\x6f\147\157\x75\x74";
if (empty($Lr[$mP]["\x6d\x6f\x5f\x73\x61\x6d\154\x5f\x63\x75\163\x74\x6f\x6d\137\x6c\157\x67\x6f\165\x74\137\x74\145\x78\x74"])) {
goto dj;
}
$Fl = $Lr[$mP]["\x6d\x6f\x5f\163\x61\155\x6c\137\x63\x75\163\164\157\155\137\x6c\x6f\147\157\x75\164\137\164\x65\x78\x74"];
dj:
echo $Jb . "\40\x7c\x20\x3c\141\x20\150\x72\x65\146\x3d\x22" . wp_logout_url(home_url()) . "\x22\40\x74\151\x74\154\145\x3d\42\154\x6f\x67\157\165\164\42\40\x3e" . $Fl . "\x3c\57\141\x3e\74\57\154\151\x3e";
goto cp;
g0:
echo "\15\xa\11\x9\11\74\163\143\162\x69\160\164\x3e\xd\xa\11\11\11\11\146\165\x6e\x63\x74\x69\157\156\x20\163\x75\x62\155\x69\x74\123\x61\x6d\x6c\106\x6f\x72\x6d\50\x29\173\x20\144\x6f\143\165\x6d\x65\x6e\164\x2e\x67\145\x74\x45\x6c\145\155\x65\x6e\x74\102\x79\111\x64\x28\x22\x6c\157\x67\151\x6e\42\51\x2e\x73\165\142\155\x69\x74\x28\x29\x3b\40\175\xd\xa\11\x9\11\x3c\57\x73\x63\162\x69\160\164\x3e\15\xa\11\x9\x9\74\x66\x6f\x72\x6d\40\x6e\x61\x6d\145\x3d\x22\154\x6f\x67\151\x6e\42\x20\x69\144\x3d\42\x6c\x6f\x67\151\156\42\x20\x6d\145\164\150\157\x64\75\x22\x70\x6f\x73\x74\42\40\141\143\164\x69\x6f\x6e\x3d\42\42\x3e\15\12\x9\11\11\x9\x3c\151\156\x70\165\x74\x20\x74\171\x70\x65\75\x22\x68\151\144\x64\x65\156\42\40\156\141\x6d\x65\75\42\x6f\x70\x74\x69\x6f\156\42\40\x76\141\154\x75\x65\x3d\42\163\x61\155\x6c\137\x75\x73\145\162\x5f\154\157\x67\151\x6e\x22\40\x2f\x3e\15\12\xd\12\x9\x9\x9\11\x3c\146\157\x6e\x74\x20\163\151\x7a\x65\x3d\x22\x2b\x31\42\x20\163\x74\171\x6c\x65\x3d\42\166\x65\x72\x74\x69\143\x61\154\x2d\x61\x6c\x69\147\156\72\164\x6f\x70\73\x22\76\40\x3c\57\x66\x6f\x6e\164\76";
$n6 = get_site_option("\x73\x61\155\x6c\137\151\144\x65\x6e\x74\x69\x74\171\137\156\x61\155\x65");
$id = get_site_option("\x73\x61\155\x6c\137\170\x35\60\71\x5f\143\x65\x72\164\x69\x66\x69\x63\141\164\145");
if (!empty($n6) && !empty($id)) {
goto PL;
}
echo "\x50\154\145\x61\x73\145\40\x63\157\156\146\x69\x67\165\x72\x65\40\164\150\145\40\x6d\151\156\x69\x4f\x72\141\x6e\x67\x65\40\x53\101\115\114\x20\x50\154\165\x67\151\156\40\146\151\x72\x73\164\x2e";
goto la;
PL:
$PU = "\x4c\157\147\x69\156\40\167\x69\x74\x68\40\43\x23\x49\x44\x50\x23\x23";
if (empty($Lr[$mP]["\x6d\x6f\137\x73\141\155\154\x5f\143\165\163\x74\157\155\x5f\x6c\x6f\147\x69\x6e\x5f\x74\x65\170\x74"])) {
goto YV;
}
$PU = $Lr[$mP]["\x6d\157\x5f\163\x61\x6d\154\x5f\x63\165\163\164\157\155\x5f\x6c\x6f\x67\x69\156\x5f\164\x65\x78\164"];
YV:
$PU = str_replace("\43\x23\111\x44\x50\x23\43", $n6, $PU);
$El = false;
if (!(isset($Lr[$mP]["\155\x6f\137\163\x61\155\x6c\x5f\x75\x73\145\137\142\x75\164\x74\x6f\x6e\137\141\163\x5f\x77\151\x64\147\x65\164"]) && $Lr[$mP]["\x6d\x6f\x5f\163\141\x6d\x6c\x5f\x75\x73\145\137\142\x75\164\164\x6f\x6e\x5f\141\163\137\167\151\144\147\145\164"] == "\164\162\165\x65")) {
goto LY;
}
$El = true;
LY:
if (!$El) {
goto ev;
}
$mk = isset($Lr[$mP]["\x6d\157\x5f\163\x61\155\x6c\x5f\x62\x75\164\164\157\156\137\x77\x69\144\x74\x68"]) ? $Lr[$mP]["\155\x6f\x5f\163\141\155\154\x5f\x62\x75\164\x74\x6f\x6e\x5f\167\151\x64\x74\150"] : "\61\60\x30";
$Og = isset($Lr[$mP]["\x6d\157\137\163\141\155\x6c\x5f\x62\x75\164\x74\x6f\156\x5f\x68\145\x69\x67\x68\164"]) ? $Lr[$mP]["\155\157\137\163\141\155\154\x5f\x62\x75\x74\164\x6f\156\x5f\150\x65\x69\147\x68\164"] : "\65\60";
$uL = isset($Lr[$mP]["\x6d\157\x5f\163\141\x6d\154\x5f\x62\x75\x74\x74\x6f\x6e\x5f\163\x69\x7a\x65"]) ? $Lr[$mP]["\x6d\x6f\x5f\x73\x61\155\154\x5f\142\x75\x74\164\x6f\x6e\137\163\151\172\145"] : "\x35\60";
$Dk = isset($Lr[$mP]["\155\x6f\x5f\163\x61\155\x6c\137\142\x75\164\x74\x6f\x6e\x5f\143\165\162\x76\145"]) ? $Lr[$mP]["\155\157\x5f\x73\x61\x6d\x6c\137\x62\x75\x74\x74\x6f\156\137\x63\165\x72\x76\145"] : "\x35";
$rW = isset($Lr[$mP]["\155\157\x5f\x73\141\x6d\x6c\x5f\142\165\164\164\x6f\156\x5f\x63\x6f\154\x6f\x72"]) ? $Lr[$mP]["\x6d\x6f\x5f\163\x61\x6d\154\137\x62\x75\164\164\x6f\x6e\x5f\x63\157\154\157\x72"] : "\x30\x30\70\x35\142\x61";
$mj = isset($Lr[$mP]["\155\x6f\137\163\x61\155\x6c\137\x62\165\164\164\x6f\x6e\137\164\150\145\x6d\x65"]) ? $Lr[$mP]["\155\157\137\163\x61\x6d\x6c\137\142\x75\164\x74\157\x6e\x5f\164\150\145\155\145"] : "\x6c\157\x6e\147\x62\165\164\164\x6f\156";
$t8 = isset($Lr[$mP]["\x6d\157\137\163\x61\155\154\137\142\x75\164\x74\157\156\x5f\x74\145\x78\x74"]) ? $Lr[$mP]["\155\x6f\137\163\141\155\x6c\x5f\142\165\164\164\157\x6e\x5f\164\x65\170\164"] : (get_site_option("\x73\x61\155\154\137\151\144\x65\156\164\151\164\171\137\x6e\141\x6d\145") ? get_site_option("\x73\141\155\x6c\x5f\151\x64\145\x6e\164\151\x74\x79\137\x6e\x61\155\145") : "\114\x6f\x67\151\156");
$Y5 = isset($Lr[$mP]["\x6d\x6f\x5f\x73\141\x6d\x6c\137\146\x6f\156\x74\137\143\157\154\157\162"]) ? $Lr[$mP]["\x6d\157\137\163\141\x6d\154\137\x66\157\x6e\x74\x5f\x63\x6f\154\x6f\162"] : "\x66\x66\146\x66\146\x66";
$xf = isset($Lr[$mP]["\x6d\157\137\x73\141\155\154\137\146\x6f\x6e\164\137\x73\151\172\145"]) ? $Lr[$mP]["\x6d\157\137\x73\141\x6d\x6c\137\146\157\x6e\x74\x5f\163\x69\x7a\145"] : "\62\x30";
$FF = isset($Lr[$mP]["\x73\x73\x6f\x5f\x62\x75\164\164\157\156\x5f\154\157\x67\151\156\137\x66\x6f\162\x6d\137\160\157\x73\151\164\x69\157\156"]) ? $Lr[$mP]["\163\x73\x6f\x5f\x62\165\164\164\157\x6e\x5f\x6c\x6f\x67\151\156\x5f\146\157\x72\x6d\137\160\157\x73\x69\x74\151\157\156"] : "\x61\142\157\x76\145";
$PU = "\x3c\151\156\160\165\164\40\164\x79\x70\145\75\x22\142\165\x74\x74\157\156\42\x20\156\x61\x6d\145\75\42\x6d\157\137\x73\x61\155\x6c\137\167\x70\137\163\x73\157\x5f\x62\165\164\x74\157\x6e\x22\x20\166\x61\154\x75\x65\x3d\x22" . $t8 . "\x22\40\x73\164\171\x6c\145\75\x22";
$Gq = '';
if ($mj == "\154\157\x6e\x67\x62\165\x74\x74\157\156") {
goto pl;
}
if ($mj == "\143\151\162\143\154\145") {
goto Gm;
}
if ($mj == "\x6f\166\x61\154") {
goto lV;
}
if ($mj == "\163\x71\165\141\162\x65") {
goto SR;
}
goto gt;
Gm:
$Gq = $Gq . "\167\151\144\x74\150\72" . $uL . "\x70\x78\x3b";
$Gq = $Gq . "\x68\x65\x69\147\x68\164\72" . $uL . "\160\x78\73";
$Gq = $Gq . "\142\x6f\x72\144\145\162\x2d\x72\x61\x64\x69\x75\x73\72\71\71\71\x70\170\x3b";
goto gt;
lV:
$Gq = $Gq . "\167\151\144\x74\150\72" . $uL . "\x70\x78\73";
$Gq = $Gq . "\x68\145\x69\147\x68\x74\72" . $uL . "\160\170\x3b";
$Gq = $Gq . "\142\x6f\162\144\x65\x72\55\x72\x61\144\x69\165\163\x3a\x35\x70\x78\73";
goto gt;
SR:
$Gq = $Gq . "\x77\151\x64\164\x68\x3a" . $uL . "\160\170\x3b";
$Gq = $Gq . "\x68\x65\151\147\x68\x74\x3a" . $uL . "\160\x78\73";
$Gq = $Gq . "\x62\x6f\x72\144\145\x72\55\x72\x61\x64\151\165\x73\x3a\60\160\170\x3b";
gt:
goto wk;
pl:
$Gq = $Gq . "\x77\151\144\x74\150\x3a" . $mk . "\160\170\73";
$Gq = $Gq . "\x68\x65\151\147\150\x74\x3a" . $Og . "\x70\170\73";
$Gq = $Gq . "\x62\157\162\x64\x65\x72\55\x72\x61\x64\151\x75\163\72" . $Dk . "\160\170\x3b";
wk:
$Gq = $Gq . "\x62\141\143\x6b\147\162\x6f\165\x6e\x64\55\x63\x6f\154\157\162\x3a\x23" . $rW . "\x3b";
$Gq = $Gq . "\142\157\162\x64\145\162\x2d\143\157\x6c\157\x72\72\x74\x72\141\156\163\x70\x61\x72\x65\156\x74\73";
$Gq = $Gq . "\143\x6f\x6c\x6f\x72\x3a\x23" . $Y5 . "\73";
$Gq = $Gq . "\146\x6f\156\164\x2d\163\151\x7a\145\72" . $xf . "\x70\170\x3b";
$Gq = $Gq . "\160\141\x64\144\x69\156\x67\72\x30\x70\170\73";
$PU = $PU . $Gq . "\x22\x2f\x3e";
ev:
echo "\40\74\x61\x20\150\x72\145\x66\75\42\x23\x22\40\157\156\x43\x6c\x69\x63\x6b\x3d\x22\163\165\x62\155\x69\164\x53\141\x6d\x6c\106\x6f\x72\155\50\x29\x22\76";
echo $PU;
echo "\x3c\57\x61\76\74\57\146\x6f\162\155\x3e\40";
la:
if ($this->mo_saml_check_empty_or_null_val(get_site_option("\x6d\x6f\x5f\x73\x61\x6d\x6c\x5f\162\145\144\x69\162\x65\143\x74\137\145\162\162\157\162\137\x63\x6f\x64\145"))) {
goto g6;
}
echo "\74\x64\x69\166\x3e\74\x2f\x64\151\166\x3e\x3c\x64\151\x76\40\164\151\x74\x6c\145\75\x22\x4c\x6f\x67\x69\x6e\x20\x45\162\162\157\162\x22\76\74\x66\x6f\x6e\x74\x20\143\157\x6c\157\162\75\x22\162\x65\x64\x22\76\127\x65\x20\x63\x6f\165\154\144\40\x6e\157\164\x20\x73\151\147\x6e\40\x79\157\165\40\151\156\x2e\40\x50\154\x65\141\163\145\x20\x63\157\x6e\164\141\143\x74\x20\x79\157\x75\162\40\101\144\155\151\156\x69\x73\x74\162\141\x74\157\162\x2e\74\x2f\146\157\156\164\x3e\74\x2f\x64\x69\166\76";
delete_site_option("\155\x6f\137\x73\141\x6d\x6c\x5f\162\145\x64\151\x72\x65\143\x74\x5f\145\x72\x72\x6f\x72\137\x63\x6f\x64\x65");
delete_site_option("\x6d\157\137\x73\x61\x6d\x6c\x5f\x72\x65\x64\151\162\x65\x63\164\137\x65\162\x72\x6f\x72\x5f\162\x65\141\x73\x6f\156");
g6:
echo "\74\141\40\x68\162\x65\146\x3d\x22\x68\x74\x74\160\72\x2f\x2f\155\x69\x6e\x69\157\x72\141\156\x67\x65\56\143\x6f\155\x2f\167\157\x72\x64\x70\162\x65\x73\163\x2d\154\x64\141\160\55\x6c\157\x67\151\156\x22\x20\163\x74\171\x6c\145\75\x22\144\x69\x73\160\154\x61\171\72\x6e\x6f\x6e\x65\x22\76\x4c\157\147\x69\156\x20\x74\x6f\x20\127\x6f\x72\144\x50\162\145\163\x73\x20\x75\163\x69\156\x67\40\x4c\104\x41\x50\74\57\x61\x3e\xd\xa\x9\11\11\x9\74\x61\x20\x68\162\145\x66\x3d\42\150\164\x74\x70\72\57\x2f\x6d\151\x6e\151\157\x72\141\156\x67\x65\x2e\x63\157\155\x2f\143\x6c\157\165\x64\x2d\151\x64\145\156\164\x69\164\x79\55\x62\162\x6f\153\x65\x72\55\163\x65\162\x76\151\143\145\x22\40\x73\164\171\x6c\x65\75\x22\144\x69\x73\x70\x6c\141\171\x3a\156\x6f\156\x65\42\76\x43\x6c\157\x75\144\x20\111\x64\145\156\164\151\164\x79\40\x62\162\x6f\x6b\x65\162\x20\163\145\162\166\151\x63\x65\x3c\x2f\141\x3e\15\xa\11\11\x9\11\74\141\40\150\x72\x65\x66\75\42\x68\x74\x74\160\72\x2f\57\x6d\x69\x6e\x69\x6f\x72\x61\x6e\x67\x65\x2e\143\x6f\x6d\57\x73\x74\162\x6f\x6e\x67\x5f\141\x75\x74\x68\x22\x20\163\x74\171\x6c\145\75\42\x64\x69\x73\x70\154\141\171\72\156\x6f\x6e\x65\x3b\x22\x3e\x3c\x2f\x61\x3e\15\xa\x9\11\x9\x9\x3c\141\40\150\162\x65\x66\x3d\x22\150\x74\164\160\72\57\57\155\151\x6e\151\157\162\141\156\147\145\x2e\x63\x6f\x6d\x2f\x73\x69\x6e\x67\154\x65\55\163\x69\147\x6e\x2d\157\156\x2d\x73\163\x6f\42\40\x73\x74\x79\154\145\x3d\42\x64\x69\x73\x70\154\x61\171\x3a\156\157\156\x65\x3b\42\76\x3c\x2f\141\76\15\12\x9\11\x9\x9\74\x61\x20\x68\162\145\146\x3d\42\x68\164\x74\160\72\57\57\x6d\x69\x6e\x69\x6f\162\x61\x6e\147\x65\x2e\143\157\x6d\57\x66\x72\x61\165\x64\x22\x20\163\x74\x79\x6c\145\75\x22\x64\x69\163\x70\x6c\x61\171\x3a\x6e\157\156\x65\73\x22\76\x3c\x2f\141\76\15\12\15\xa\x9\11\11\x3c\57\x75\x6c\x3e\xd\12\x9\11\74\57\x66\157\x72\x6d\x3e";
cp:
}
public function mo_saml_check_empty_or_null_val($UA)
{
if (!(!isset($UA) || empty($UA))) {
goto Ko;
}
return true;
Ko:
return false;
}
function mo_saml_logout($Nb)
{
$user = get_user_by("\x69\x64", $Nb);
$Qf = get_site_option("\163\x61\155\x6c\x5f\x6c\x6f\x67\x6f\165\x74\137\x75\162\154");
$tI = get_site_option("\x73\x61\155\154\x5f\x6c\x6f\147\x6f\165\164\137\x62\151\x6e\x64\x69\x6e\x67\137\164\171\x70\145");
$current_user = $user;
$pJ = get_user_meta($current_user->ID, "\155\x6f\137\x73\141\155\154\x5f\x69\144\160\137\154\x6f\147\x69\x6e");
$pJ = isset($pJ[0]) ? $pJ[0] : '';
$w5 = wp_get_referer();
if (!empty($w5)) {
goto Sz;
}
$w5 = !empty(get_site_option("\155\x6f\137\x73\141\x6d\154\137\x73\x70\137\x62\x61\163\145\x5f\x75\162\x6c")) ? get_site_option("\155\x6f\x5f\x73\141\155\x6c\x5f\x73\160\137\x62\x61\163\145\x5f\165\162\154") : get_network_site_url();
Sz:
if (empty($Qf)) {
goto VB;
}
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto m0;
}
session_start();
m0:
if (isset($_SESSION["\x6d\157\x5f\163\141\x6d\x6c\137\x6c\157\x67\x6f\x75\x74\137\162\145\x71\165\x65\x73\x74"])) {
goto Gb;
}
if ($pJ == "\x74\x72\x75\145") {
goto zl;
}
goto tN;
Gb:
self::createLogoutResponseAndRedirect($Qf, $tI);
exit;
goto tN;
zl:
delete_user_meta($current_user->ID, "\155\x6f\x5f\x73\141\155\x6c\x5f\151\x64\160\x5f\154\x6f\147\x69\x6e");
$dQ = get_user_meta($current_user->ID, "\155\x6f\x5f\163\141\155\154\x5f\x6e\141\x6d\x65\137\151\144");
$Fv = get_user_meta($current_user->ID, "\x6d\157\x5f\x73\x61\155\154\137\x73\145\x73\163\x69\157\x6e\x5f\151\156\x64\x65\170");
mo_saml_create_logout_request($dQ, $Fv, $Qf, $tI, $w5);
tN:
VB:
wp_redirect($w5);
exit;
}
function createLogoutResponseAndRedirect($Qf, $tI)
{
$Pj = get_site_option("\x6d\157\137\163\x61\x6d\x6c\x5f\163\160\137\x62\x61\x73\145\137\165\x72\x6c");
if (!empty($Pj)) {
goto Ol;
}
$Pj = get_network_site_url();
Ol:
$Sj = $_SESSION["\155\x6f\137\x73\x61\x6d\x6c\137\154\157\x67\157\x75\164\x5f\x72\x65\161\165\x65\163\164"];
$rw = $_SESSION["\x6d\x6f\x5f\163\x61\155\x6c\137\x6c\x6f\147\x6f\x75\x74\137\162\x65\154\x61\x79\x5f\x73\x74\141\x74\145"];
unset($_SESSION["\155\x6f\137\163\x61\155\x6c\137\x6c\x6f\147\x6f\x75\x74\137\x72\x65\161\x75\145\x73\x74"]);
unset($_SESSION["\x6d\157\x5f\163\x61\155\154\137\154\157\147\157\x75\x74\x5f\x72\145\x6c\141\x79\x5f\x73\164\x61\164\x65"]);
$Ni = new DOMDocument();
$Ni->loadXML($Sj);
$Sj = $Ni->firstChild;
if (!($Sj->localName == "\114\x6f\x67\157\165\x74\x52\x65\161\x75\x65\x73\x74")) {
goto AF;
}
$m3 = new SAML2_LogoutRequest($Sj);
$Ji = get_site_option("\155\x6f\137\x73\x61\x6d\x6c\137\163\160\137\x65\x6e\x74\x69\164\x79\137\x69\x64");
if (!empty($Ji)) {
goto xm;
}
$Ji = $Pj . "\x2f\167\160\x2d\143\x6f\156\x74\145\x6e\x74\x2f\160\154\x75\147\151\x6e\163\x2f\x6d\x69\x6e\x69\157\162\x61\156\x67\145\x2d\163\x61\x6d\x6c\55\x32\60\x2d\163\151\x6e\147\154\x65\55\x73\x69\x67\x6e\55\157\x6e\x2f";
xm:
$dS = $Qf;
$eg = Utilities::createLogoutResponse($m3->getId(), $Ji, $dS, $tI);
if (empty($tI) || $tI == "\110\x74\164\160\x52\145\x64\x69\162\x65\x63\x74") {
goto V3;
}
if (!(get_site_option("\163\x61\x6d\154\x5f\162\145\x71\165\145\163\x74\137\x73\x69\x67\x6e\x65\144") == "\165\156\143\x68\145\143\x6b\x65\144")) {
goto z_;
}
$Oq = base64_encode($eg);
Utilities::postSAMLResponse($Qf, $Oq, $rw);
exit;
z_:
$nl = '';
$K_ = '';
$Oq = Utilities::signXML($eg, "\123\164\x61\164\x75\x73");
Utilities::postSAMLResponse($Qf, $Oq, $rw);
goto F7;
V3:
$Oa = $Qf;
if (strpos($Qf, "\77") !== false) {
goto Q5;
}
$Oa .= "\x3f";
goto GJ;
Q5:
$Oa .= "\46";
GJ:
if (!(get_site_option("\163\x61\x6d\154\x5f\162\x65\x71\x75\145\163\164\137\163\x69\x67\156\145\144") == "\x75\156\143\x68\145\143\x6b\x65\x64")) {
goto od;
}
$Oa .= "\123\101\115\114\122\x65\x73\160\x6f\156\x73\x65\75" . $eg . "\46\x52\145\154\x61\x79\x53\164\x61\164\x65\75" . urlencode($rw);
header("\x4c\x6f\x63\141\164\151\157\x6e\x3a\x20" . $Oa);
exit;
od:
$Oa .= "\x53\101\115\114\122\145\163\x70\x6f\156\163\145\x3d" . $eg . "\x26\x52\x65\154\141\x79\123\164\x61\x74\x65\75" . urlencode($rw);
header("\114\x6f\143\x61\x74\151\157\156\x3a\x20" . $Oa);
exit;
F7:
AF:
}
}
function mo_saml_create_logout_request($dQ, $Fv, $Qf, $tI, $w5)
{
$Pj = get_site_option("\155\x6f\x5f\x73\141\x6d\x6c\137\163\x70\x5f\142\141\163\145\x5f\165\162\x6c");
if (!empty($Pj)) {
goto o0;
}
$Pj = get_network_site_url();
o0:
$Ji = get_site_option("\155\x6f\137\x73\141\x6d\154\x5f\x73\160\137\x65\156\164\x69\x74\171\x5f\x69\x64");
if (!empty($Ji)) {
goto DJ;
}
$Ji = $Pj . "\57\x77\160\55\x63\157\x6e\164\x65\156\x74\57\160\x6c\x75\x67\x69\156\163\x2f\x6d\x69\x6e\151\157\162\x61\x6e\x67\145\x2d\163\x61\155\154\55\x32\60\x2d\163\x69\156\147\x6c\x65\x2d\x73\x69\x67\156\x2d\x6f\156\x2f";
DJ:
$dS = $Qf;
$GT = $w5;
if (!empty($GT)) {
goto aE;
}
$GT = saml_get_current_page_url();
if (!strpos($GT, "\77")) {
goto OP;
}
$GT = get_network_site_url();
OP:
aE:
$GT = mo_saml_relaystate_url($GT);
$YS = Utilities::createLogoutRequest($dQ, $Ji, $dS, $Fv, $tI);
if (empty($tI) || $tI == "\x48\x74\x74\160\x52\145\x64\151\x72\x65\143\x74") {
goto YN;
}
if (!(get_site_option("\x73\141\155\x6c\x5f\x72\x65\x71\165\145\163\164\x5f\163\151\147\156\x65\x64") == "\165\x6e\x63\150\x65\143\153\x65\x64")) {
goto ZV;
}
$Oq = base64_encode($YS);
Utilities::postSAMLRequest($Qf, $Oq, $GT);
exit;
ZV:
$nl = '';
$K_ = '';
$Oq = Utilities::signXML($YS, "\x4e\x61\155\x65\111\104\120\157\x6c\151\x63\171");
Utilities::postSAMLRequest($Qf, $Oq, $GT);
goto wf;
YN:
$Oa = $Qf;
if (strpos($Qf, "\x3f") !== false) {
goto yZ;
}
$Oa .= "\x3f";
goto lF;
yZ:
$Oa .= "\46";
lF:
if (!(get_site_option("\163\x61\x6d\154\137\162\x65\161\x75\x65\163\164\137\x73\x69\147\156\145\144") == "\x75\x6e\143\x68\x65\x63\x6b\x65\144")) {
goto Ks;
}
$Oa .= "\x53\101\x4d\x4c\122\x65\x71\x75\145\x73\x74\75" . $YS . "\x26\122\145\154\141\171\x53\164\141\x74\x65\75" . urlencode($GT);
header("\x4c\x6f\x63\x61\164\151\x6f\156\x3a\x20" . $Oa);
exit;
Ks:
$YS = "\x53\x41\115\x4c\x52\x65\161\x75\145\163\164\x3d" . $YS . "\x26\x52\145\x6c\x61\171\x53\x74\141\x74\145\x3d" . urlencode($GT) . "\x26\x53\151\147\x41\154\x67\75" . urlencode(XMLSecurityKey::RSA_SHA256);
$IN = array("\164\171\x70\x65" => "\160\162\151\166\141\164\x65");
$I1 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $IN);
$lz = get_site_option("\x6d\157\x5f\x73\x61\x6d\x6c\137\143\x75\x72\162\x65\156\164\x5f\143\145\162\x74\x5f\160\162\x69\x76\141\x74\145\x5f\x6b\145\x79");
$I1->loadKey($lz, FALSE);
$Yx = new XMLSecurityDSig();
$sV = $I1->signData($YS);
$sV = base64_encode($sV);
$Oa .= $YS . "\x26\x53\151\147\x6e\x61\164\165\x72\145\75" . urlencode($sV);
header("\x4c\157\143\141\164\151\x6f\x6e\72" . $Oa);
exit;
wf:
}
function mo_login_validate()
{
if (!(isset($_REQUEST["\157\x70\164\151\x6f\x6e"]) && $_REQUEST["\157\160\164\x69\x6f\156"] == "\155\x6f\163\x61\x6d\x6c\137\x6d\145\164\x61\x64\x61\164\141")) {
goto x2;
}
miniorange_generate_metadata();
x2:
if (!mo_saml_is_customer_license_verified()) {
goto fZ;
}
if (!(isset($_REQUEST["\157\160\x74\151\157\156"]) && $_REQUEST["\x6f\160\164\151\x6f\x6e"] == "\163\141\x6d\x6c\x5f\x75\163\x65\162\x5f\154\157\147\x69\x6e" || isset($_REQUEST["\x6f\160\164\151\157\156"]) && $_REQUEST["\x6f\160\x74\x69\x6f\156"] == "\x74\145\x73\164\103\157\156\x66\x69\147" || isset($_REQUEST["\157\160\164\151\157\156"]) && $_REQUEST["\x6f\160\164\x69\x6f\156"] == "\x67\145\164\x73\x61\x6d\x6c\x72\145\x71\165\145\163\164" || isset($_REQUEST["\157\160\164\151\157\156"]) && $_REQUEST["\x6f\x70\x74\151\157\156"] == "\147\x65\164\x73\x61\155\154\x72\145\163\160\157\156\163\x65")) {
goto q_;
}
if (mo_saml_is_sp_configured()) {
goto XP;
}
if (!is_user_logged_in()) {
goto GA;
}
if (!isset($_REQUEST["\x72\145\x64\x69\x72\145\x63\164\x5f\164\157"])) {
goto a4;
}
$aq = htmlspecialchars($_REQUEST["\x72\145\x64\x69\x72\145\143\x74\137\164\x6f"]);
wp_safe_redirect($aq);
exit;
a4:
GA:
goto Fr;
XP:
if (!(is_user_logged_in() and $_REQUEST["\x6f\160\x74\x69\x6f\x6e"] == "\x73\141\x6d\x6c\x5f\165\x73\x65\162\x5f\x6c\x6f\x67\x69\156")) {
goto fF;
}
if (!isset($_REQUEST["\162\145\x64\151\x72\145\143\164\x5f\x74\157"])) {
goto Bw;
}
$aq = htmlspecialchars($_REQUEST["\162\x65\x64\151\162\145\x63\x74\x5f\164\x6f"]);
wp_safe_redirect($aq);
exit;
Bw:
return;
fF:
$Pj = get_site_option("\x6d\157\137\x73\141\x6d\154\x5f\163\x70\x5f\x62\x61\x73\145\x5f\x75\162\154");
if (!empty($Pj)) {
goto m2;
}
$Pj = get_network_site_url();
m2:
$Lr = get_site_option("\163\x61\x6d\x6c\x5f\x73\163\157\137\x73\145\x74\164\x69\156\x67\163");
$mP = get_current_blog_id();
$AP = Utilities::get_active_sites();
if (in_array($mP, $AP)) {
goto mh;
}
return;
mh:
if (!(empty($Lr[$mP]) && !empty($Lr["\x44\x45\x46\x41\x55\x4c\124"]))) {
goto F9;
}
$Lr[$mP] = $Lr["\104\105\x46\101\x55\x4c\x54"];
F9:
if ($_REQUEST["\157\160\164\x69\157\x6e"] == "\x74\x65\163\x74\103\x6f\156\x66\151\147" and array_key_exists("\156\145\x77\143\x65\x72\x74", $_REQUEST)) {
goto fh;
}
if ($_REQUEST["\157\x70\x74\151\157\156"] == "\x74\145\x73\x74\x43\x6f\156\x66\x69\147") {
goto Jh;
}
if ($_REQUEST["\157\160\164\x69\x6f\x6e"] == "\x67\x65\164\x73\141\x6d\154\x72\145\x71\165\x65\163\x74") {
goto Fi;
}
if ($_REQUEST["\157\x70\164\x69\157\156"] == "\147\145\x74\163\x61\155\154\162\145\163\160\x6f\156\163\x65") {
goto hX;
}
if (!empty($Lr[$mP]["\x6d\x6f\x5f\163\141\x6d\x6c\x5f\x72\145\x6c\x61\171\x5f\163\164\141\x74\145"])) {
goto qK;
}
if (isset($_REQUEST["\162\x65\144\151\x72\x65\143\164\x5f\x74\x6f"])) {
goto Qp;
}
$GT = saml_get_current_page_url();
goto P8;
Qp:
$GT = $_REQUEST["\x72\x65\144\x69\x72\x65\143\x74\x5f\164\157"];
P8:
goto eC;
qK:
$GT = $Lr[$mP]["\155\x6f\x5f\163\x61\x6d\154\137\162\145\x6c\x61\x79\137\163\x74\x61\x74\x65"];
eC:
goto kl;
hX:
$GT = "\x64\151\163\x70\x6c\x61\171\x53\101\x4d\114\122\145\163\x70\x6f\x6e\163\x65";
kl:
goto lX;
Fi:
$GT = "\x64\x69\x73\x70\154\141\x79\x53\x41\x4d\x4c\122\x65\x71\165\145\163\x74";
lX:
goto K3;
Jh:
$GT = "\164\x65\x73\x74\126\x61\x6c\x69\x64\141\164\x65";
K3:
goto Dp;
fh:
$GT = "\x74\145\163\x74\116\x65\x77\x43\x65\162\x74\151\146\151\143\141\x74\x65";
Dp:
$BI = get_site_option("\163\141\x6d\154\x5f\154\x6f\x67\x69\156\x5f\165\162\x6c");
$Xc = !empty(get_site_option("\x73\141\155\154\x5f\x6c\x6f\147\x69\156\137\142\x69\x6e\144\151\x6e\147\x5f\164\x79\x70\145")) ? get_site_option("\x73\x61\x6d\x6c\x5f\x6c\157\x67\x69\x6e\x5f\142\151\x6e\144\x69\x6e\x67\x5f\164\171\160\145") : "\110\x74\164\x70\x50\x6f\163\164";
$Lr = get_site_option("\163\x61\155\154\x5f\163\x73\157\x5f\163\x65\x74\164\x69\156\147\x73");
$mP = get_current_blog_id();
$AP = Utilities::get_active_sites();
if (in_array($mP, $AP)) {
goto UJ;
}
return;
UJ:
if (!(empty($Lr[$mP]) && !empty($Lr["\104\x45\x46\101\x55\x4c\x54"]))) {
goto Re;
}
$Lr[$mP] = $Lr["\104\105\x46\x41\x55\114\124"];
Re:
$Qo = isset($Lr[$mP]["\155\157\x5f\x73\141\155\154\137\x66\157\162\x63\x65\137\x61\165\164\150\145\x6e\164\151\143\x61\164\151\157\156"]) ? $Lr[$mP]["\155\x6f\137\163\x61\155\154\137\146\157\x72\x63\x65\x5f\141\165\164\150\145\x6e\x74\151\143\141\x74\x69\157\x6e"] : '';
$bz = $Pj . "\x2f";
$Ji = get_site_option("\x6d\157\137\163\x61\155\154\137\x73\x70\137\x65\156\x74\151\164\171\137\x69\x64");
$rb = get_site_option("\163\x61\155\154\137\156\141\155\x65\151\144\137\146\x6f\x72\x6d\x61\x74");
if (!empty($rb)) {
goto rW;
}
$rb = "\x31\x2e\61\72\156\x61\x6d\x65\x69\x64\x2d\x66\x6f\x72\155\x61\164\72\x75\156\x73\x70\x65\143\151\146\x69\145\144";
rW:
if (!empty($Ji)) {
goto TV;
}
$Ji = $Pj . "\57\167\x70\x2d\143\157\156\x74\145\x6e\164\57\160\x6c\x75\x67\x69\x6e\163\x2f\155\151\156\151\x6f\162\141\x6e\147\145\55\163\x61\x6d\154\x2d\62\60\55\x73\x69\x6e\147\x6c\145\x2d\x73\151\147\156\55\x6f\156\57";
TV:
$YS = Utilities::createAuthnRequest($bz, $Ji, $BI, $Qo, $Xc, $rb);
if (!($GT == "\x64\151\x73\160\x6c\x61\171\x53\101\x4d\114\122\145\161\165\x65\163\164")) {
goto Au;
}
mo_saml_show_SAML_log(Utilities::createAuthnRequest($bz, $Ji, $BI, $Qo, "\110\164\x74\x70\120\157\163\x74", $rb), $GT);
Au:
$Oa = htmlspecialchars_decode($BI);
if (strpos($BI, "\77") !== false) {
goto ij;
}
$Oa .= "\77";
goto wo;
ij:
$Oa .= "\x26";
wo:
$GT = mo_saml_relaystate_url($GT);
if ($Xc == "\x48\x74\164\160\x52\x65\144\151\x72\145\143\x74") {
goto e4;
}
if (!(get_site_option("\x73\x61\x6d\154\x5f\x72\x65\x71\x75\145\x73\164\x5f\163\151\x67\x6e\x65\144") == "\x75\156\143\150\x65\143\153\145\144")) {
goto aP;
}
$Oq = base64_encode($YS);
Utilities::postSAMLRequest($BI, $Oq, $GT);
exit;
aP:
$nl = '';
$K_ = '';
if ($_REQUEST["\157\x70\164\x69\157\x6e"] == "\x74\145\163\x74\x43\x6f\156\x66\151\147" && array_key_exists("\156\x65\167\x63\x65\x72\164", $_REQUEST)) {
goto v2;
}
$Oq = Utilities::signXML($YS, "\116\141\155\x65\x49\104\120\157\154\151\143\171");
goto eu;
v2:
$Oq = Utilities::signXML($YS, "\x4e\141\x6d\145\x49\104\120\157\x6c\x69\143\x79", true);
eu:
Utilities::postSAMLRequest($BI, $Oq, $GT);
update_site_option("\x6d\x6f\x5f\163\141\155\154\137\x6e\145\167\137\143\145\x72\164\x5f\164\145\x73\164", true);
goto o_;
e4:
if (!(get_site_option("\163\141\155\x6c\x5f\162\x65\161\165\x65\x73\164\137\163\151\147\156\145\x64") == "\165\x6e\x63\x68\x65\143\153\145\144")) {
goto BQ;
}
$Oa .= "\123\101\x4d\114\x52\x65\x71\165\145\163\x74\x3d" . $YS . "\x26\122\x65\x6c\x61\x79\123\x74\x61\x74\145\75" . urlencode($GT);
header("\x4c\157\143\x61\x74\x69\x6f\156\72\40" . $Oa);
exit;
BQ:
$YS = "\123\x41\x4d\114\122\x65\x71\165\x65\163\x74\x3d" . $YS . "\x26\122\x65\x6c\x61\x79\123\x74\x61\164\145\x3d" . urlencode($GT) . "\46\x53\x69\147\x41\154\147\x3d" . urlencode(XMLSecurityKey::RSA_SHA256);
$IN = array("\164\171\160\x65" => "\x70\162\151\166\141\164\x65");
$I1 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $IN);
if ($_REQUEST["\157\x70\x74\151\157\156"] == "\x74\x65\x73\164\103\157\156\x66\x69\x67" && array_key_exists("\156\145\x77\x63\145\162\164", $_REQUEST)) {
goto Mo;
}
$lz = get_site_option("\155\x6f\137\163\141\x6d\154\137\x63\165\162\x72\x65\156\164\x5f\x63\x65\x72\x74\x5f\x70\162\151\x76\141\164\145\x5f\x6b\x65\x79");
goto pI;
Mo:
$lz = file_get_contents(plugin_dir_path(__FILE__) . "\162\145\x73\x6f\x75\x72\143\x65\163" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
pI:
$I1->loadKey($lz, FALSE);
$Yx = new XMLSecurityDSig();
$sV = $I1->signData($YS);
$sV = base64_encode($sV);
$Oa .= $YS . "\46\x53\151\x67\x6e\141\x74\x75\x72\145\75" . urlencode($sV);
header("\114\157\x63\141\x74\151\157\x6e\72\40" . $Oa);
exit;
o_:
Fr:
q_:
if (!(array_key_exists("\123\101\115\x4c\122\x65\x73\160\x6f\156\163\x65", $_REQUEST) && !empty($_REQUEST["\123\101\115\114\x52\145\x73\160\157\x6e\163\145"]))) {
goto PD;
}
if (array_key_exists("\x52\145\154\x61\171\x53\x74\x61\x74\145", $_POST) && !empty($_POST["\122\145\x6c\x61\171\123\164\141\x74\145"]) && $_POST["\122\145\154\x61\x79\123\164\x61\x74\145"] != "\57") {
goto lH;
}
$fJ = '';
goto nb;
lH:
$fJ = $_POST["\122\x65\154\x61\171\x53\x74\141\164\x65"];
nb:
$fJ = mo_saml_parse_url($fJ);
$Pj = get_site_option("\155\x6f\137\163\x61\x6d\x6c\x5f\x73\x70\x5f\142\141\163\145\x5f\165\x72\154");
if (!empty($Pj)) {
goto D4;
}
$Pj = get_network_site_url();
D4:
$eI = $_REQUEST["\x53\x41\115\x4c\x52\x65\163\x70\x6f\156\163\x65"];
$eI = base64_decode($eI);
if (!($fJ == "\144\151\163\160\154\141\x79\x53\101\115\114\122\x65\163\160\x6f\x6e\163\x65")) {
goto My;
}
mo_saml_show_SAML_log($eI, $fJ);
My:
if (!(array_key_exists("\123\101\x4d\x4c\122\145\163\160\x6f\x6e\x73\145", $_GET) && !empty($_GET["\x53\x41\x4d\114\122\x65\163\x70\157\x6e\x73\x65"]))) {
goto KD;
}
$eI = gzinflate($eI);
KD:
$Ni = new DOMDocument();
$Ni->loadXML($eI);
$KC = $Ni->firstChild;
$Re = $Ni->documentElement;
$om = new DOMXpath($Ni);
$om->registerNamespace("\x73\141\x6d\x6c\160", "\x75\162\156\x3a\157\x61\163\151\163\72\x6e\141\155\x65\163\x3a\164\143\x3a\x53\x41\115\x4c\x3a\62\x2e\60\x3a\x70\x72\157\x74\x6f\x63\157\x6c");
$om->registerNamespace("\x73\141\155\x6c", "\x75\x72\156\72\157\x61\163\x69\x73\x3a\156\141\x6d\145\163\72\164\143\x3a\x53\101\x4d\114\x3a\62\x2e\60\x3a\x61\x73\163\145\162\164\151\x6f\x6e");
if ($KC->localName == "\114\157\x67\157\165\x74\x52\x65\163\160\x6f\x6e\163\145") {
goto il;
}
$KN = $om->query("\x2f\x73\x61\x6d\154\160\x3a\x52\x65\163\x70\157\156\x73\x65\57\x73\x61\155\154\x70\72\123\164\141\164\165\x73\57\163\141\155\154\x70\72\x53\164\x61\164\x75\163\103\x6f\x64\x65", $Re);
$w7 = isset($KN) ? $KN->item(0)->getAttribute("\x56\141\154\165\x65") : '';
$Vb = explode("\72", $w7);
if (!array_key_exists(7, $Vb)) {
goto vT;
}
$KN = $Vb[7];
vT:
$Hg = $om->query("\57\163\141\155\154\x70\x3a\122\145\x73\x70\157\156\163\x65\57\x73\x61\155\x6c\x70\x3a\123\164\141\164\165\x73\x2f\163\141\x6d\x6c\160\x3a\x53\x74\141\x74\x75\x73\115\x65\163\x73\141\x67\145", $Re);
$EI = isset($Hg) ? $Hg->item(0) : '';
if (empty($EI)) {
goto f3;
}
$EI = $EI->nodeValue;
f3:
if (array_key_exists("\122\x65\x6c\141\171\123\164\141\164\145", $_POST) && !empty($_POST["\122\145\x6c\141\171\x53\164\141\164\145"]) && $_POST["\122\145\154\x61\171\123\x74\141\164\145"] != "\57") {
goto IO;
}
$fJ = '';
goto iv;
IO:
$fJ = $_POST["\122\145\x6c\x61\x79\123\x74\141\164\x65"];
$fJ = mo_saml_parse_url($fJ);
iv:
if (!($KN != "\123\x75\143\143\145\163\163")) {
goto YL;
}
show_status_error($KN, $fJ, $EI);
YL:
if (!($fJ !== "\164\x65\163\164\x56\141\154\x69\144\x61\164\145" && $fJ !== "\164\145\x73\164\116\145\167\x43\145\162\x74\151\x66\151\143\141\164\145")) {
goto KG;
}
$mU = parse_url($fJ, PHP_URL_HOST);
$qJ = parse_url($Pj, PHP_URL_HOST);
$Ox = parse_url(get_current_base_url(), PHP_URL_HOST);
if (!empty($fJ)) {
goto j6;
}
$fJ = "\57";
goto d4;
j6:
$fJ = mo_saml_parse_url($fJ);
d4:
if (!(!empty($mU) && $mU != $Ox)) {
goto bA;
}
Utilities::postSAMLResponse($fJ, $_REQUEST["\123\101\115\114\x52\x65\x73\x70\157\156\x73\x65"], mo_saml_relaystate_url($fJ));
bA:
KG:
$jR = maybe_unserialize(get_site_option("\x73\x61\x6d\154\x5f\170\65\x30\71\137\x63\145\162\164\x69\x66\x69\143\141\164\145"));
update_site_option("\155\157\137\x73\x61\x6d\x6c\137\x72\x65\163\160\157\x6e\x73\145", base64_encode($eI));
foreach ($jR as $I1 => $UA) {
if (@openssl_x509_read($UA)) {
goto DF;
}
unset($jR[$I1]);
DF:
Fj:
}
uC:
$bz = $Pj . "\57";
if ($fJ == "\164\x65\163\x74\116\145\167\x43\x65\162\x74\x69\x66\151\143\x61\164\145") {
goto K8;
}
$eI = new SAML2_Response($KC, get_site_option("\155\x6f\x5f\x73\x61\155\x6c\x5f\143\165\x72\162\x65\156\164\x5f\143\x65\x72\x74\137\x70\162\151\166\x61\164\x65\x5f\153\x65\x79"));
goto ta;
K8:
$vm = file_get_contents(plugin_dir_path(__FILE__) . "\162\x65\x73\157\165\162\x63\145\x73" . DIRECTORY_SEPARATOR . mo_options_enum_default_sp_certificate::SP_Private_Key);
$eI = new SAML2_Response($KC, $vm);
ta:
$IM = $eI->getSignatureData();
$NH = current($eI->getAssertions())->getSignatureData();
if (!(empty($NH) && empty($IM))) {
goto Ae;
}
if ($fJ == "\164\x65\163\164\126\x61\154\x69\144\x61\164\x65" or $fJ == "\x74\x65\x73\x74\116\x65\167\x43\145\162\164\151\x66\x69\143\x61\164\x65") {
goto B7;
}
wp_die("\127\x65\40\x63\x6f\x75\154\144\40\x6e\157\164\x20\163\151\147\x6e\x20\171\157\x75\x20\x69\156\56\x20\120\154\145\141\x73\145\x20\143\157\x6e\164\141\143\x74\x20\x61\144\x6d\x69\156\x69\x73\x74\x72\x61\x74\x6f\x72", "\105\162\x72\x6f\x72\x3a\x20\111\156\166\141\x6c\x69\144\40\x53\101\x4d\114\40\x52\x65\163\x70\x6f\x6e\x73\x65");
goto kH;
B7:
$Jt = mo_options_error_constants::Error_no_certificate;
$q8 = mo_options_error_constants::Cause_no_certificate;
echo "\x3c\144\151\x76\40\163\164\171\x6c\x65\75\42\146\x6f\x6e\164\55\146\x61\155\151\x6c\171\72\x43\x61\x6c\151\142\x72\x69\73\160\x61\x64\x64\151\156\x67\x3a\60\40\63\x25\73\42\x3e\15\xa\11\x9\11\11\11\x9\74\x64\x69\x76\x20\x73\164\x79\154\x65\75\42\x63\x6f\154\157\162\x3a\x20\43\141\x39\64\64\64\62\x3b\x62\x61\x63\x6b\147\x72\x6f\x75\x6e\144\55\x63\x6f\x6c\157\x72\72\x20\x23\x66\62\x64\x65\x64\x65\73\160\x61\144\144\151\x6e\147\72\40\x31\x35\x70\170\x3b\155\141\x72\x67\151\x6e\55\x62\157\164\164\157\155\72\40\x32\x30\160\x78\73\164\x65\170\164\55\x61\154\x69\147\x6e\x3a\143\x65\x6e\x74\x65\x72\x3b\x62\157\x72\x64\x65\x72\72\x31\160\x78\40\x73\157\x6c\x69\144\x20\43\x45\x36\x42\x33\x42\x32\x3b\146\157\x6e\x74\x2d\163\151\172\x65\72\61\x38\x70\164\x3b\x22\76\40\x45\x52\x52\x4f\x52\x3c\57\144\151\166\x3e\15\xa\11\11\x9\11\x9\x9\x3c\144\x69\166\x20\163\164\x79\x6c\x65\75\x22\143\x6f\154\157\162\72\40\x23\x61\x39\64\x34\x34\x32\x3b\x66\x6f\156\164\55\163\151\172\145\x3a\x31\x34\160\164\73\40\155\x61\x72\147\x69\156\55\142\157\164\x74\x6f\155\72\62\60\160\170\73\42\x3e\74\160\x3e\74\x73\164\x72\x6f\x6e\147\x3e\105\162\162\x6f\x72\40\40\72" . esc_html($Jt) . "\40\x3c\x2f\x73\164\162\x6f\156\147\x3e\x3c\x2f\x70\76\xd\12\11\x9\x9\11\x9\11\15\12\11\x9\x9\11\x9\x9\x3c\160\x3e\74\x73\x74\x72\x6f\x6e\x67\76\120\x6f\x73\163\151\x62\x6c\145\x20\x43\141\165\x73\x65\x3a\x20" . esc_html($q8) . "\x3c\57\163\164\162\x6f\x6e\x67\76\x3c\57\160\x3e\15\12\11\x9\x9\11\x9\11\15\xa\x9\11\x9\11\x9\x9\74\x2f\144\151\166\76\74\x2f\x64\x69\x76\76";
mo_saml_download_logs($Jt, $q8);
exit;
kH:
Ae:
$vJ = '';
if (is_array($jR)) {
goto N4;
}
$WV = XMLSecurityKey::getRawThumbprint($jR);
$WV = mo_saml_convert_to_windows_iconv($WV);
$WV = preg_replace("\57\x5c\163\53\x2f", '', $WV);
if (empty($IM)) {
goto u3;
}
$vJ = Utilities::processResponse($bz, $WV, $IM, $eI, 0, $fJ);
u3:
if (empty($NH)) {
goto Ik;
}
$vJ = Utilities::processResponse($bz, $WV, $NH, $eI, 0, $fJ);
Ik:
goto Gi;
N4:
foreach ($jR as $I1 => $UA) {
$WV = XMLSecurityKey::getRawThumbprint($UA);
$WV = mo_saml_convert_to_windows_iconv($WV);
$WV = preg_replace("\57\134\x73\x2b\x2f", '', $WV);
if (empty($IM)) {
goto FO;
}
$vJ = Utilities::processResponse($bz, $WV, $IM, $eI, $I1, $fJ);
FO:
if (empty($NH)) {
goto X4;
}
$vJ = Utilities::processResponse($bz, $WV, $NH, $eI, $I1, $fJ);
X4:
if (!$vJ) {
goto yO;
}
goto lb;
yO:
Hr:
}
lb:
Gi:
if (empty($IM)) {
goto bM;
}
$gl = $IM["\103\x65\162\164\151\x66\151\143\x61\x74\x65\x73"][0];
goto A_;
bM:
$gl = $NH["\103\145\x72\x74\x69\x66\x69\x63\141\164\x65\x73"][0];
A_:
if ($vJ) {
goto VZ;
}
if ($fJ == "\x74\x65\x73\x74\x56\x61\x6c\x69\x64\141\x74\x65" or $fJ == "\164\145\163\164\116\145\x77\103\x65\162\164\x69\146\x69\143\x61\x74\145") {
goto O6;
}
wp_die("\x57\145\x20\143\x6f\x75\x6c\144\40\156\x6f\x74\40\163\x69\147\x6e\x20\171\x6f\165\x20\151\156\x2e\x20\x50\154\x65\x61\163\145\40\x63\157\x6e\x74\x61\x63\164\40\171\157\x75\162\x20\101\x64\155\151\156\151\x73\164\x72\141\x74\157\162", "\x45\162\162\x6f\162\x20\72\103\x65\x72\x74\151\146\151\x63\141\x74\145\40\156\x6f\164\40\x66\157\x75\156\144");
goto I9;
O6:
$Jt = mo_options_error_constants::Error_wrong_certificate;
$q8 = mo_options_error_constants::Cause_wrong_certificate;
$G0 = "\55\x2d\x2d\55\x2d\x42\x45\107\x49\x4e\40\103\105\x52\x54\x49\x46\111\103\101\x54\105\x2d\55\55\x2d\55\x3c\142\x72\76" . chunk_split($gl, 64) . "\74\x62\162\76\x2d\x2d\x2d\x2d\55\x45\x4e\104\x20\103\105\x52\x54\111\x46\111\103\x41\124\105\55\55\55\x2d\x2d";
echo "\74\144\151\x76\x20\163\x74\171\154\x65\x3d\x22\x66\157\x6e\x74\x2d\x66\x61\x6d\151\154\171\72\x43\x61\154\151\x62\x72\151\x3b\160\x61\x64\144\151\x6e\x67\x3a\x30\x20\x33\45\73\x22\x3e";
echo "\x3c\x64\x69\x76\x20\x73\x74\x79\x6c\x65\75\x22\143\x6f\154\157\162\72\40\43\x61\71\x34\64\64\62\x3b\142\141\x63\153\147\x72\157\x75\156\144\55\143\x6f\154\x6f\x72\72\40\43\146\62\x64\145\144\x65\x3b\160\x61\x64\144\151\x6e\147\x3a\40\x31\x35\160\x78\73\x6d\x61\x72\x67\151\156\55\x62\157\164\x74\157\155\72\x20\62\60\160\x78\x3b\164\145\170\164\55\141\x6c\x69\147\x6e\x3a\x63\x65\156\x74\145\x72\73\x62\157\162\144\145\162\72\x31\160\x78\40\x73\x6f\154\151\144\x20\x23\105\66\102\63\x42\62\x3b\x66\157\156\164\x2d\x73\151\x7a\x65\72\61\x38\160\x74\73\42\x3e\40\x45\x52\122\117\x52\x3c\x2f\144\x69\166\x3e\xd\xa\40\x20\40\40\x20\x20\40\x20\40\40\x20\40\40\40\40\x20\x20\x20\40\x20\40\x20\x20\x20\x3c\144\151\x76\x20\163\x74\171\x6c\145\75\42\143\x6f\x6c\x6f\x72\x3a\x20\43\x61\x39\64\x34\64\x32\x3b\146\x6f\156\164\55\x73\151\x7a\145\72\x31\x34\x70\164\73\40\x6d\x61\x72\x67\x69\x6e\55\142\157\164\164\157\x6d\72\x32\60\x70\x78\x3b\42\76\x3c\x70\x3e\x3c\163\164\162\157\156\147\76\x45\162\x72\157\162\72\40\74\57\163\164\x72\x6f\156\147\76\125\x6e\x61\x62\154\x65\x20\x74\x6f\x20\146\x69\x6e\x64\x20\141\40\143\145\x72\164\151\x66\x69\x63\141\164\x65\x20\155\141\164\x63\150\x69\x6e\x67\40\x74\x68\x65\40\x63\x6f\156\146\151\x67\x75\x72\x65\144\x20\x66\x69\156\x67\x65\x72\x70\162\x69\x6e\164\56\74\x2f\160\76\15\12\40\40\40\x20\40\40\40\x20\40\40\x20\40\x20\40\x20\x20\40\40\x20\x20\40\40\40\x20\x20\x20\x20\x20\x3c\x70\x3e\x50\154\145\x61\x73\x65\x20\x63\157\x6e\164\x61\x63\164\x20\171\x6f\x75\x72\40\x61\144\x6d\x69\x6e\x69\x73\x74\162\x61\x74\157\162\x20\141\x6e\x64\x20\x72\145\160\x6f\x72\x74\x20\x74\150\145\x20\x66\x6f\x6c\154\157\x77\151\x6e\x67\40\x65\x72\162\x6f\x72\72\x3c\x2f\160\76\15\12\40\x20\40\x20\40\x20\40\40\x20\40\40\x20\x20\x20\40\x20\x20\40\40\40\40\x20\x20\40\x20\40\x20\x20\74\160\76\x3c\163\x74\x72\157\x6e\x67\x3e\x50\157\163\163\151\x62\154\145\x20\x43\x61\165\x73\145\x3a\40\x3c\57\x73\164\162\x6f\x6e\147\x3e\47\130\56\x35\x30\71\x20\x43\x65\x72\164\x69\146\151\x63\x61\x74\145\47\x20\146\151\145\154\144\40\151\x6e\x20\160\x6c\x75\147\151\x6e\x20\144\157\x65\163\40\156\x6f\x74\x20\x6d\x61\x74\x63\150\x20\164\x68\x65\x20\143\x65\x72\x74\151\x66\x69\143\141\x74\145\40\x66\157\x75\x6e\144\40\x69\x6e\40\x53\x41\115\x4c\40\122\x65\163\160\157\156\x73\145\x2e\x3c\x2f\x70\76\15\12\40\x20\x20\x20\40\x20\x20\x20\x20\x20\x20\40\40\40\40\40\40\40\40\40\40\40\40\x20\40\x20\40\x20\74\160\x3e\x3c\163\164\x72\x6f\156\147\76\x43\x65\x72\x74\151\x66\151\x63\141\164\x65\x20\x66\157\x75\156\x64\x20\x69\x6e\40\x53\x41\x4d\x4c\x20\122\145\163\160\157\x6e\163\145\x3a\x20\x3c\57\x73\164\x72\157\x6e\x67\76\x3c\146\x6f\156\x74\40\146\x61\x63\x65\75\x22\x43\157\165\162\x69\145\162\x20\x4e\145\x77\x22\76\x3c\142\162\76\74\142\162\76" . $G0 . "\x3c\57\160\x3e\x3c\x2f\146\x6f\156\164\76\xd\xa\x20\40\40\40\x20\x20\x20\40\x20\40\x20\x20\x20\x20\x20\40\40\40\x20\40\x20\x20\x20\x20\40\x20\40\x20\x3c\160\x3e\74\163\164\162\x6f\x6e\147\76\123\x6f\154\165\164\151\x6f\x6e\72\x20\74\x2f\x73\x74\162\157\x6e\x67\76\x3c\57\160\76\xd\12\x20\x20\x20\40\40\x20\x20\x20\x20\40\x20\x20\x20\40\x20\x20\x20\x20\x20\40\x20\40\40\40\x20\x20\x20\40\74\157\154\76\15\12\x20\40\40\40\x20\40\x20\40\40\x20\40\40\40\x20\40\40\x20\40\x20\40\40\x20\40\40\40\40\40\x20\40\40\40\x3c\x6c\x69\76\103\157\x70\x79\x20\160\x61\x73\164\145\x20\164\x68\145\40\x63\x65\x72\x74\x69\x66\151\x63\x61\164\145\40\160\162\157\x76\151\144\145\x64\40\x61\x62\x6f\x76\145\x20\151\x6e\x20\130\x35\60\71\x20\x43\145\x72\x74\151\x66\x69\x63\141\x74\x65\40\x75\156\144\145\x72\x20\123\145\x72\166\x69\x63\145\x20\120\x72\x6f\166\151\x64\x65\162\x20\x53\x65\x74\165\160\40\164\141\x62\x2e\x3c\57\154\151\x3e\15\xa\x20\x20\40\x20\x20\40\40\40\x20\x20\x20\x20\40\x20\x20\x20\x20\40\x20\40\x20\40\x20\x20\x20\40\x20\40\40\x20\x20\x3c\154\151\76\111\146\x20\151\x73\163\165\x65\x20\160\145\162\x73\151\163\x74\x73\x20\144\151\x73\x61\142\x6c\145\x20\x3c\142\x3e\x43\150\x61\x72\141\143\164\145\162\40\x65\x6e\143\x6f\144\151\156\147\x3c\57\142\x3e\x20\x75\156\x64\145\162\40\x53\145\162\166\151\x63\x65\x20\120\162\157\x76\144\x65\x72\x20\123\x65\164\165\x70\40\164\x61\142\x2e\74\x2f\x6c\151\76\15\xa\x20\x20\40\40\40\40\40\x20\40\x20\x20\40\40\x20\x20\40\40\40\40\40\x20\40\x20\x20\40\40\40\x20\x3c\x2f\x6f\154\76\xd\xa\x20\40\40\40\40\40\40\40\40\x20\x20\40\x20\40\40\40\x20\x20\40\x20\40\40\x20\40\40\x20\40\40\x3c\x2f\144\151\166\x3e\xd\12\x20\x20\40\40\40\40\x20\40\x20\40\40\40\x20\x20\x20\40\x20\40\40\x20\x20\x20\x20\x20\x3c\x64\x69\x76\40\163\164\x79\x6c\145\75\42\x6d\141\162\x67\151\x6e\72\63\x25\x3b\x64\151\x73\160\154\141\171\x3a\x62\x6c\157\143\x6b\73\164\x65\170\x74\55\141\x6c\151\x67\x6e\72\143\145\156\164\x65\162\x3b\x22\x3e\xd\12\40\40\40\40\40\40\x20\x20\40\40\x20\x20\x20\40\x20\40\x20\40\40\40\40\x20\40\x20\40\x20\x20\40\40\40\40\40\74\144\151\x76\40\x73\164\171\154\x65\x3d\42\155\x61\162\147\151\156\x3a\x33\45\73\x64\x69\163\160\x6c\141\x79\x3a\x62\154\157\x63\x6b\73\164\x65\x78\x74\55\141\x6c\x69\147\x6e\72\x63\145\156\x74\x65\x72\x3b\42\x3e\x3c\151\x6e\160\165\x74\x20\x73\x74\x79\x6c\145\x3d\42\160\141\x64\x64\x69\x6e\x67\72\x31\45\73\167\x69\x64\164\x68\x3a\61\x30\x30\x70\170\73\x62\141\143\153\147\x72\157\x75\156\144\x3a\40\43\x30\x30\x39\x31\x43\104\x20\156\x6f\156\145\40\x72\145\160\x65\141\164\40\x73\143\162\x6f\x6c\x6c\40\60\x25\x20\60\x25\73\143\165\x72\163\x6f\162\72\40\x70\157\x69\156\164\145\x72\73\x66\x6f\156\164\55\x73\x69\x7a\x65\72\x31\x35\x70\170\73\142\157\x72\x64\x65\x72\55\x77\x69\144\x74\150\72\40\x31\160\x78\x3b\x62\157\x72\144\x65\x72\x2d\163\164\x79\x6c\145\x3a\40\163\x6f\x6c\151\144\73\142\x6f\162\x64\x65\x72\x2d\162\141\x64\151\165\x73\72\x20\x33\160\x78\73\x77\x68\151\164\145\x2d\163\160\141\143\x65\72\40\x6e\x6f\x77\162\x61\x70\73\142\157\170\x2d\x73\x69\x7a\151\156\147\72\x20\x62\157\162\144\145\162\x2d\x62\x6f\x78\x3b\142\157\x72\x64\145\162\55\143\x6f\x6c\x6f\x72\x3a\40\x23\x30\60\x37\63\101\x41\x3b\142\157\170\55\x73\150\141\x64\157\167\x3a\x20\x30\x70\x78\x20\61\x70\170\x20\60\160\170\x20\x72\x67\142\x61\x28\x31\62\60\x2c\40\x32\x30\x30\54\x20\x32\63\60\54\40\60\56\x36\51\40\151\156\163\145\164\73\x63\157\154\157\x72\x3a\40\x23\x46\x46\x46\73\42\164\171\x70\x65\x3d\x22\x62\165\x74\x74\157\x6e\x22\40\166\x61\154\165\x65\75\42\x44\x6f\x6e\x65\x22\x20\157\156\103\x6c\x69\143\153\x3d\x22\163\x65\x6c\x66\56\x63\154\157\x73\x65\x28\x29\73\42\76\74\57\144\x69\x76\x3e";
mo_saml_download_logs($Jt, $q8);
exit;
I9:
VZ:
$W_ = get_site_option("\x73\x61\x6d\x6c\137\x69\x73\163\165\x65\x72");
$Ji = get_site_option("\155\157\137\163\x61\x6d\154\137\x73\160\x5f\145\x6e\x74\151\164\x79\137\151\144");
if (!empty($Ji)) {
goto Ce;
}
$Ji = $Pj . "\x2f\167\x70\x2d\x63\x6f\x6e\x74\x65\x6e\164\57\x70\x6c\165\147\x69\156\163\57\x6d\x69\156\151\x6f\162\141\156\147\x65\x2d\x73\x61\x6d\154\55\x32\x30\55\x73\x69\156\x67\154\x65\x2d\x73\151\x67\156\55\x6f\156\57";
Ce:
Utilities::validateIssuerAndAudience($eI, $Ji, $W_, $fJ);
$MD = current(current($eI->getAssertions())->getNameId());
$iS = current($eI->getAssertions())->getAttributes();
$iS["\x4e\141\155\x65\111\x44"] = array("\60" => $MD);
$Fv = current($eI->getAssertions())->getSessionIndex();
mo_saml_checkMapping($iS, $fJ, $Fv);
goto HN;
il:
if (!isset($_REQUEST["\122\x65\154\141\171\x53\164\141\x74\x65"])) {
goto L_;
}
$rw = $_REQUEST["\x52\x65\154\x61\x79\123\x74\141\x74\145"];
L_:
if (!is_user_logged_in()) {
goto qo;
}
wp_logout();
qo:
if (empty($rw)) {
goto I4;
}
$rw = mo_saml_parse_url($rw);
goto Tq;
I4:
$rw = $Pj;
Tq:
header("\114\x6f\x63\141\x74\x69\x6f\x6e\x3a" . $rw);
exit;
HN:
PD:
if (!(array_key_exists("\x53\x41\x4d\114\x52\145\161\x75\145\163\164", $_REQUEST) && !empty($_REQUEST["\x53\x41\x4d\114\x52\x65\161\165\x65\x73\164"]))) {
goto Lh;
}
$YS = $_REQUEST["\x53\101\x4d\114\x52\145\x71\x75\145\x73\164"];
$fJ = "\x2f";
if (!array_key_exists("\x52\x65\154\141\x79\x53\164\141\x74\x65", $_REQUEST)) {
goto WO;
}
$fJ = $_REQUEST["\x52\x65\154\x61\171\x53\x74\141\164\145"];
WO:
$YS = base64_decode($YS);
if (!(array_key_exists("\x53\101\115\114\x52\x65\x71\165\145\163\x74", $_GET) && !empty($_GET["\x53\x41\115\x4c\122\x65\x71\x75\145\x73\x74"]))) {
goto UD;
}
$YS = gzinflate($YS);
UD:
$Ni = new DOMDocument();
$Ni->loadXML($YS);
$Ki = $Ni->firstChild;
if (!($Ki->localName == "\x4c\x6f\147\157\x75\164\x52\x65\161\x75\x65\x73\x74")) {
goto Y9;
}
$m3 = new SAML2_LogoutRequest($Ki);
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto aG;
}
session_start();
aG:
$_SESSION["\155\157\137\x73\141\155\x6c\x5f\154\157\147\x6f\x75\164\137\162\x65\x71\165\145\x73\x74"] = $YS;
$_SESSION["\155\x6f\x5f\x73\x61\x6d\154\x5f\154\x6f\x67\x6f\x75\x74\x5f\x72\x65\154\141\x79\x5f\163\x74\141\x74\x65"] = $fJ;
wp_redirect(htmlspecialchars_decode(wp_logout_url()));
exit;
Y9:
Lh:
if (!(isset($_REQUEST["\157\x70\164\x69\x6f\156"]) and !is_array($_REQUEST["\157\160\x74\151\157\x6e"]) and strpos($_REQUEST["\157\x70\164\151\x6f\156"], "\162\x65\141\144\163\141\x6d\154\154\x6f\x67\151\x6e") !== false)) {
goto Hl;
}
require_once dirname(__FILE__) . "\57\151\156\143\x6c\165\x64\145\163\x2f\154\x69\142\x2f\145\156\x63\x72\171\160\x74\151\x6f\x6e\x2e\160\150\x70";
if (isset($_POST["\x53\124\x41\124\x55\123"]) && $_POST["\x53\x54\101\124\125\123"] == "\105\x52\x52\x4f\x52") {
goto WF;
}
if (!(isset($_POST["\x53\124\x41\x54\125\123"]) && $_POST["\123\124\x41\124\x55\x53"] == "\x53\125\x43\x43\x45\123\x53")) {
goto iq;
}
$BM = '';
if (!(isset($_REQUEST["\x72\x65\x64\x69\162\x65\x63\x74\x5f\x74\157"]) && !empty($_REQUEST["\x72\x65\144\151\162\x65\x63\164\x5f\x74\157"]) && $_REQUEST["\162\145\144\x69\162\x65\143\164\137\x74\x6f"] != "\57")) {
goto oy;
}
$BM = $_REQUEST["\162\145\144\x69\x72\145\143\164\x5f\x74\x6f"];
oy:
delete_site_option("\x6d\157\x5f\163\x61\x6d\x6c\x5f\x72\x65\144\x69\162\145\x63\x74\x5f\145\162\162\157\162\137\x63\x6f\x64\x65");
delete_site_option("\x6d\157\x5f\163\x61\155\x6c\x5f\x72\145\x64\x69\x72\x65\143\164\137\145\x72\162\157\x72\137\x72\145\141\x73\x6f\156");
try {
$T5 = get_site_option("\x73\141\155\x6c\x5f\x61\155\137\145\x6d\x61\x69\x6c");
$Xi = get_site_option("\x73\141\x6d\154\x5f\141\155\x5f\165\x73\x65\162\156\141\155\x65");
$JL = get_site_option("\163\x61\x6d\154\137\141\155\x5f\x66\151\162\x73\164\x5f\x6e\141\155\x65");
$Ww = get_site_option("\x73\141\x6d\154\137\x61\155\x5f\x6c\x61\163\x74\137\x6e\141\x6d\145");
$UT = get_site_option("\x73\141\x6d\154\137\141\155\x5f\x67\162\x6f\x75\160\x5f\x6e\141\x6d\x65");
$VP = get_site_option("\x73\141\x6d\x6c\137\x61\155\x5f\x64\145\146\x61\x75\x6c\164\x5f\x75\x73\145\x72\137\162\x6f\154\x65");
$hU = get_site_option("\163\141\155\154\137\141\x6d\x5f\144\157\x6e\x74\137\141\x6c\x6c\157\167\137\165\x6e\154\x69\163\x74\145\x64\x5f\165\x73\x65\x72\137\162\157\154\145");
$pD = get_site_option("\x73\141\x6d\154\x5f\141\x6d\x5f\x61\143\x63\x6f\165\156\x74\137\155\141\x74\143\x68\x65\162");
$M3 = '';
$x_ = '';
$JL = str_replace("\x2e", "\137", $JL);
$JL = str_replace("\40", "\x5f", $JL);
if (!(!empty($JL) && array_key_exists($JL, $_POST))) {
goto HP;
}
$JL = $_POST[$JL];
HP:
$Ww = str_replace("\56", "\137", $Ww);
$Ww = str_replace("\40", "\137", $Ww);
if (!(!empty($Ww) && array_key_exists($Ww, $_POST))) {
goto E5;
}
$Ww = $_POST[$Ww];
E5:
$Xi = str_replace("\x2e", "\x5f", $Xi);
$Xi = str_replace("\x20", "\x5f", $Xi);
if (!empty($Xi) && array_key_exists($Xi, $_POST)) {
goto yI;
}
$x_ = $_POST["\x4e\141\x6d\145\111\104"];
goto f2;
yI:
$x_ = $_POST[$Xi];
f2:
$M3 = str_replace("\x2e", "\x5f", $T5);
$M3 = str_replace("\40", "\x5f", $T5);
if (!empty($T5) && array_key_exists($T5, $_POST)) {
goto qY;
}
$M3 = $_POST["\x4e\141\x6d\x65\111\104"];
goto Pi;
qY:
$M3 = $_POST[$T5];
Pi:
$UT = str_replace("\56", "\x5f", $UT);
$UT = str_replace("\x20", "\137", $UT);
if (!(!empty($UT) && array_key_exists($UT, $_POST))) {
goto Ep;
}
$UT = $_POST[$UT];
Ep:
if (!empty($pD)) {
goto DU;
}
$pD = "\x65\x6d\x61\x69\x6c";
DU:
$I1 = get_site_option("\x6d\x6f\x5f\x73\141\x6d\x6c\x5f\x63\x75\x73\x74\x6f\x6d\x65\x72\137\x74\x6f\153\x65\x6e");
if (!(isset($I1) || trim($I1) != '')) {
goto ow;
}
$KX = AESEncryption::decrypt_data($M3, $I1);
$M3 = $KX;
ow:
if (!(!empty($JL) && !empty($I1))) {
goto lO;
}
$sC = AESEncryption::decrypt_data($JL, $I1);
$JL = $sC;
lO:
if (!(!empty($Ww) && !empty($I1))) {
goto wT;
}
$a0 = AESEncryption::decrypt_data($Ww, $I1);
$Ww = $a0;
wT:
if (!(!empty($x_) && !empty($I1))) {
goto VC;
}
$yX = AESEncryption::decrypt_data($x_, $I1);
$x_ = $yX;
VC:
if (!(!empty($UT) && !empty($I1))) {
goto xe;
}
$jm = AESEncryption::decrypt_data($UT, $I1);
$UT = $jm;
xe:
} catch (Exception $r_) {
echo sprintf("\x41\156\x20\145\x72\x72\x6f\162\x20\x6f\143\143\165\x72\x72\145\144\x20\x77\150\x69\x6c\145\40\160\x72\157\x63\x65\163\163\x69\156\147\40\164\150\145\40\123\x41\115\x4c\40\x52\145\x73\x70\x6f\156\163\x65\x2e");
exit;
}
$TC = array($UT);
mo_saml_login_user($M3, $JL, $Ww, $x_, $TC, $hU, $VP, $BM, $pD);
iq:
goto yK;
WF:
update_site_option("\155\157\x5f\x73\x61\155\154\137\x72\x65\x64\151\162\x65\x63\164\137\145\162\x72\157\162\137\x63\x6f\x64\145", $_POST["\x45\x52\x52\x4f\122\x5f\x52\x45\101\x53\117\116"]);
update_site_option("\x6d\x6f\137\x73\141\x6d\154\x5f\x72\x65\144\x69\162\145\x63\x74\137\145\162\162\x6f\x72\x5f\x72\x65\x61\x73\x6f\156", $_POST["\x45\x52\122\117\122\x5f\x4d\105\123\x53\x41\x47\x45"]);
yK:
Hl:
fZ:
}
function mo_saml_relaystate_url($fJ)
{
$WH = parse_url($fJ, PHP_URL_SCHEME);
$fJ = str_replace($WH . "\72\57\x2f", '', $fJ);
return $fJ;
}
function mo_saml_hash_relaystate($fJ)
{
$WH = parse_url($fJ, PHP_URL_SCHEME);
$fJ = str_replace($WH . "\72\x2f\57", '', $fJ);
$fJ = base64_encode($fJ);
$L5 = cdjsurkhh($fJ);
$fJ = $fJ . "\x2e" . $L5;
return $fJ;
}
function mo_saml_get_relaystate($fJ)
{
if (!filter_var($fJ, FILTER_VALIDATE_URL)) {
goto rm;
}
return $fJ;
rm:
$wS = strpos($fJ, "\x2e");
if ($wS) {
goto ak;
}
wp_die("\101\156\40\x65\x72\162\157\x72\40\157\x63\x63\165\x72\145\x64\x2e\x20\x50\x6c\145\x61\x73\145\x20\143\x6f\156\164\x61\143\x74\x20\171\x6f\x75\x72\x20\141\144\x6d\x69\x6e\151\x73\x74\162\x61\164\x6f\x72\x2e", "\105\x72\x72\157\162\x20\72\x20\x4e\x6f\164\x20\141\x20\x74\162\165\x73\x74\145\x64\40\x73\x6f\165\x72\x63\145\40\157\146\x20\164\150\145\x20\123\x41\x4d\114\x20\x72\x65\163\x70\x6f\156\x73\x65");
exit;
ak:
$rw = substr($fJ, 0, $wS);
$XT = substr($fJ, $wS + 1);
$Zo = cdjsurkhh($rw);
if (!($XT !== $Zo)) {
goto zu;
}
wp_die("\x41\x6e\40\x65\162\162\157\x72\x20\157\143\143\x75\x72\145\x64\56\40\x50\x6c\145\x61\x73\x65\x20\143\x6f\x6e\164\141\x63\x74\40\171\157\x75\162\x20\141\144\155\151\x6e\x69\x73\x74\162\x61\164\157\x72\x2e", "\x45\162\x72\157\162\x20\x3a\40\116\x6f\x74\x20\141\x20\x74\x72\165\x73\x74\x65\144\x20\x73\157\165\x72\x63\x65\40\157\146\40\x74\x68\x65\x20\123\101\x4d\x4c\x20\x72\145\163\x70\x6f\156\x73\x65");
exit;
zu:
$rw = base64_decode($rw);
return $rw;
}
function cdjsurkhh($E2)
{
$L5 = hash("\163\x68\x61\65\61\x32", $E2);
$L3 = substr($L5, 7, 14);
return $L3;
}
function mo_saml_parse_url($fJ)
{
if (!($fJ != "\164\145\163\x74\126\141\154\x69\x64\x61\164\145" && $fJ != "\x74\x65\163\x74\x4e\x65\x77\103\x65\162\164\151\146\x69\143\141\x74\145")) {
goto Zr;
}
$Pj = get_site_option("\x6d\x6f\137\163\141\155\154\137\163\160\x5f\x62\141\163\145\x5f\165\x72\x6c");
if (!empty($Pj)) {
goto Us;
}
$Pj = get_network_site_url();
Us:
$WH = parse_url($Pj, PHP_URL_SCHEME);
if (filter_var($fJ, FILTER_VALIDATE_URL)) {
goto VW;
}
$fJ = $WH . "\x3a\x2f\57" . $fJ;
VW:
Zr:
return $fJ;
}
function mo_saml_is_subsite($fJ)
{
$jp = parse_url($fJ, PHP_URL_HOST);
$DH = parse_url($fJ, PHP_URL_PATH);
if (is_subdomain_install()) {
goto E2;
}
$vv = strpos($DH, "\57", 1) != false ? strpos($DH, "\x2f", 1) : strlen($DH) - 1;
$DH = substr($DH, 0, $vv + 1);
$blog_id = get_blog_id_from_url($jp, $DH);
goto P1;
E2:
$blog_id = get_blog_id_from_url($jp);
P1:
if ($blog_id !== 0) {
goto Va;
}
return false;
goto Ln;
Va:
return true;
Ln:
}
function mo_saml_show_SAML_log($Ki, $Sc)
{
header("\x43\x6f\156\164\x65\156\x74\55\x54\171\x70\145\72\40\x74\x65\170\164\x2f\150\x74\x6d\x6c");
$Re = new DOMDocument();
$Re->preserveWhiteSpace = false;
$Re->formatOutput = true;
$Re->loadXML($Ki);
if ($Sc == "\144\x69\x73\x70\154\x61\x79\x53\x41\115\x4c\122\x65\x71\x75\x65\163\x74") {
goto zx;
}
$AG = "\123\x41\115\x4c\x20\x52\x65\163\x70\157\156\x73\x65";
goto o1;
zx:
$AG = "\123\101\x4d\x4c\x20\122\x65\161\165\x65\163\x74";
o1:
$Za = $Re->saveXML();
$dO = htmlentities($Za);
$dO = rtrim($dO);
$P6 = simplexml_load_string($Za);
$FT = json_encode($P6);
$Hh = json_decode($FT);
$Nw = plugins_url("\x69\156\x63\154\x75\144\145\x73\57\143\163\163\57\x73\164\171\154\145\x5f\163\145\x74\x74\151\156\147\163\56\x63\x73\163\x3f\x76\x65\162\75\64\56\x38\56\64\60", __FILE__);
echo "\74\x6c\x69\x6e\x6b\40\x72\145\154\75\x27\x73\x74\x79\x6c\145\x73\150\145\x65\164\47\x20\x69\144\x3d\x27\x6d\157\137\163\141\x6d\x6c\x5f\141\x64\155\151\x6e\137\x73\145\164\x74\x69\156\147\x73\x5f\x73\164\171\154\145\x2d\143\x73\163\47\40\x20\150\x72\x65\x66\75\x27" . $Nw . "\x27\x20\164\x79\160\145\x3d\47\164\145\x78\164\x2f\x63\163\163\x27\x20\x6d\145\x64\x69\141\75\x27\141\x6c\154\x27\40\57\76\15\12\xd\12\74\x64\x69\166\40\x63\x6c\141\x73\x73\x3d\42\155\157\x2d\144\151\x73\x70\154\141\x79\x2d\x6c\157\x67\x73\x22\x20\76\74\x70\x20\164\171\160\x65\x3d\42\164\x65\170\164\42\x20\40\40\151\x64\x3d\x22\x53\101\115\x4c\x5f\x74\x79\x70\145\42\76" . $AG . "\74\x2f\160\x3e\74\x2f\x64\151\166\x3e\xd\12\15\12\x3c\x64\x69\166\40\x74\171\x70\x65\x3d\x22\164\145\170\164\x22\40\151\144\75\x22\x53\x41\115\114\137\144\151\x73\x70\x6c\141\171\42\x20\x63\154\x61\x73\x73\75\x22\155\x6f\55\x64\x69\x73\x70\154\x61\171\55\x62\154\x6f\143\153\42\76\74\160\x72\145\40\143\x6c\x61\x73\x73\x3d\x27\x62\162\x75\163\x68\x3a\x20\170\x6d\154\73\47\x3e" . $dO . "\74\x2f\x70\162\x65\x3e\x3c\57\144\151\166\76\15\xa\x3c\142\x72\76\xd\12\x3c\144\151\x76\x9\x20\163\164\171\154\x65\x3d\x22\155\141\x72\147\x69\x6e\72\x33\x25\x3b\144\x69\163\x70\154\x61\171\72\142\154\x6f\x63\x6b\x3b\x74\145\170\x74\55\141\154\x69\147\156\x3a\143\145\156\164\145\162\73\x22\76\xd\xa\xd\xa\x3c\144\x69\x76\x20\163\x74\171\x6c\145\x3d\42\x6d\141\162\x67\x69\x6e\x3a\x33\45\73\x64\151\163\x70\x6c\141\171\x3a\x62\x6c\x6f\x63\x6b\73\x74\x65\x78\x74\55\141\x6c\151\147\x6e\72\143\145\x6e\x74\x65\x72\x3b\42\40\x3e\xd\12\xd\xa\74\x2f\x64\151\x76\76\15\xa\74\142\165\x74\164\x6f\156\40\151\144\x3d\x22\143\157\x70\x79\42\40\157\156\143\x6c\151\143\x6b\x3d\x22\143\x6f\x70\171\x44\x69\166\124\157\x43\x6c\151\160\142\x6f\141\162\144\x28\51\42\x20\40\163\164\171\154\x65\x3d\x22\x70\x61\x64\144\x69\x6e\147\x3a\x31\x25\73\x77\151\144\164\150\72\61\60\x30\160\x78\73\x62\141\143\153\x67\x72\157\165\x6e\x64\72\x20\43\60\60\x39\x31\103\x44\x20\x6e\157\x6e\145\40\x72\145\160\145\x61\164\40\163\143\x72\x6f\x6c\154\40\60\x25\40\x30\45\73\x63\x75\x72\163\157\x72\x3a\40\x70\157\151\x6e\164\145\x72\73\x66\157\x6e\x74\x2d\163\151\172\x65\72\61\65\x70\x78\x3b\x62\x6f\x72\144\145\x72\55\x77\151\144\164\150\72\40\x31\x70\x78\x3b\x62\x6f\162\x64\x65\x72\x2d\x73\x74\171\x6c\145\72\40\x73\157\154\151\144\73\x62\157\x72\144\x65\162\x2d\x72\x61\144\x69\x75\x73\72\40\63\160\170\73\167\150\x69\164\x65\x2d\163\160\x61\143\x65\72\x20\156\157\x77\x72\141\160\x3b\142\157\170\x2d\x73\151\x7a\x69\x6e\x67\x3a\x20\x62\157\162\144\145\162\x2d\x62\157\170\x3b\x62\157\162\144\x65\x72\55\143\x6f\154\157\162\x3a\40\43\x30\60\x37\63\101\x41\x3b\x62\157\x78\55\x73\150\141\144\157\x77\72\x20\x30\x70\x78\x20\61\160\170\x20\x30\160\170\40\162\x67\x62\x61\50\x31\x32\60\x2c\x20\62\60\x30\x2c\40\62\x33\60\54\40\x30\x2e\66\x29\40\x69\156\x73\x65\164\x3b\x63\157\154\x6f\x72\72\x20\43\106\106\x46\x3b\x22\40\x3e\x43\x6f\x70\x79\74\x2f\142\165\164\164\157\x6e\76\15\12\x26\x6e\x62\163\160\73\xd\xa\74\x69\x6e\160\x75\x74\x20\151\x64\x3d\42\144\167\x6e\55\142\x74\156\42\40\x73\x74\x79\x6c\x65\x3d\x22\x70\141\x64\144\151\156\147\x3a\61\x25\x3b\167\151\144\164\150\72\x31\60\x30\160\x78\x3b\142\x61\143\x6b\x67\162\x6f\x75\x6e\144\72\x20\x23\x30\60\x39\x31\x43\x44\40\156\157\156\145\40\x72\x65\x70\x65\x61\164\x20\163\143\x72\157\154\x6c\40\60\45\40\x30\x25\x3b\x63\165\x72\163\x6f\x72\72\40\x70\157\x69\156\x74\x65\162\x3b\146\157\156\164\x2d\x73\151\x7a\x65\72\61\x35\x70\x78\73\x62\x6f\162\144\145\162\x2d\167\151\x64\x74\x68\72\x20\x31\x70\x78\x3b\x62\157\162\144\145\x72\55\x73\164\x79\x6c\x65\72\x20\x73\157\x6c\x69\144\x3b\x62\x6f\x72\x64\145\x72\x2d\162\x61\x64\151\x75\163\x3a\40\x33\160\x78\x3b\x77\150\x69\164\x65\55\x73\160\141\143\145\72\x20\156\x6f\167\162\141\x70\73\x62\157\x78\x2d\163\x69\172\x69\156\147\x3a\x20\142\157\162\144\145\162\55\142\157\x78\73\x62\x6f\162\144\x65\x72\x2d\143\157\x6c\157\162\72\40\43\60\60\x37\x33\101\x41\73\142\157\x78\x2d\163\x68\141\x64\157\x77\72\40\x30\x70\x78\40\61\160\x78\x20\60\160\170\40\162\x67\x62\141\50\x31\62\x30\x2c\x20\62\60\x30\54\x20\x32\x33\x30\x2c\x20\x30\56\x36\x29\x20\x69\156\x73\x65\164\73\x63\157\154\157\x72\72\x20\x23\106\106\x46\x3b\x22\x74\x79\160\145\75\42\142\165\164\x74\x6f\156\42\x20\166\141\x6c\x75\145\75\42\x44\x6f\x77\156\x6c\x6f\x61\144\42\x20\15\xa\x22\x3e\xd\12\x3c\x2f\x64\151\x76\x3e\15\xa\x3c\x2f\x64\151\x76\76\xd\xa\xd\12\15\xa";
ob_end_flush();
echo "\15\12\74\x73\143\x72\x69\x70\x74\x3e\15\xa\15\12\x66\165\x6e\x63\164\x69\x6f\156\40\x63\x6f\x70\x79\104\x69\166\x54\157\x43\x6c\151\160\142\157\x61\162\x64\50\x29\40\x7b\15\xa\x76\x61\x72\40\x61\x75\170\x20\75\40\x64\157\x63\x75\x6d\145\x6e\164\x2e\143\162\145\x61\164\x65\105\x6c\x65\155\145\156\164\x28\x22\151\x6e\x70\x75\164\x22\51\73\15\xa\141\165\170\56\163\145\x74\101\x74\164\x72\151\x62\165\x74\145\50\x22\166\x61\154\165\145\42\x2c\x20\x64\157\x63\x75\155\x65\156\x74\56\147\x65\164\x45\x6c\145\x6d\x65\x6e\164\102\171\x49\x64\x28\x22\123\101\115\114\x5f\144\151\x73\160\154\x61\x79\x22\51\56\164\145\170\164\x43\157\156\164\145\156\164\x29\x3b\xd\12\x64\x6f\143\165\x6d\145\x6e\164\56\x62\157\x64\171\x2e\x61\160\160\145\x6e\x64\x43\x68\151\154\x64\50\x61\165\170\51\73\xd\12\141\x75\170\x2e\163\145\x6c\145\x63\x74\50\51\73\xd\xa\x64\x6f\x63\165\155\x65\x6e\164\56\x65\x78\x65\x63\x43\x6f\155\155\x61\x6e\144\x28\42\x63\x6f\160\x79\x22\51\73\15\12\x64\x6f\x63\x75\x6d\145\156\x74\56\x62\x6f\x64\171\56\162\x65\155\x6f\x76\145\103\x68\151\x6c\144\x28\x61\x75\170\51\73\xd\xa\x64\157\x63\x75\x6d\x65\x6e\x74\56\x67\x65\x74\105\x6c\145\x6d\145\x6e\x74\102\x79\x49\x64\50\47\143\157\160\171\x27\51\56\x74\145\170\x74\103\157\156\164\145\156\x74\40\x3d\x20\42\x43\157\160\151\145\x64\x22\73\15\xa\144\x6f\143\165\x6d\x65\156\x74\x2e\x67\x65\164\x45\154\x65\155\145\156\164\x42\x79\x49\144\x28\x27\x63\x6f\160\171\x27\51\x2e\x73\164\171\x6c\145\56\x62\x61\x63\x6b\x67\162\157\165\156\x64\40\x3d\x20\x22\x67\x72\145\x79\42\x3b\15\12\167\151\156\144\157\167\56\147\145\164\123\145\x6c\x65\143\x74\x69\x6f\156\50\x29\56\x73\145\154\145\143\x74\101\154\x6c\x43\x68\x69\154\144\162\x65\156\50\x20\144\x6f\143\165\155\145\x6e\x74\x2e\147\145\164\105\154\x65\x6d\145\x6e\164\102\x79\111\x64\x28\x20\42\x53\x41\115\114\x5f\x64\151\163\160\154\141\x79\42\40\51\40\x29\73\15\12\xd\xa\x7d\15\12\15\12\x66\165\156\x63\x74\151\157\x6e\40\144\x6f\167\156\x6c\x6f\x61\x64\50\x66\151\x6c\145\156\x61\x6d\x65\x2c\40\x74\145\170\x74\x29\40\173\15\12\166\141\x72\40\x65\x6c\145\155\145\156\164\40\75\x20\144\157\143\x75\x6d\145\x6e\164\56\x63\x72\145\x61\x74\x65\x45\154\145\x6d\145\156\x74\x28\x27\141\47\51\73\15\xa\145\154\145\x6d\145\x6e\x74\x2e\x73\145\164\x41\164\x74\162\x69\142\165\164\145\50\47\150\x72\145\x66\x27\x2c\40\x27\x64\141\164\x61\x3a\x41\160\x70\x6c\151\143\x61\164\151\x6f\x6e\57\x6f\x63\x74\x65\164\x2d\x73\164\162\145\141\x6d\73\x63\x68\141\162\163\x65\x74\75\165\164\146\x2d\70\x2c\x27\40\53\x20\145\156\x63\x6f\x64\145\125\122\x49\103\x6f\155\x70\157\156\x65\x6e\x74\x28\164\x65\170\164\51\51\x3b\15\xa\x65\154\145\x6d\145\156\164\x2e\x73\145\164\x41\x74\x74\x72\x69\x62\165\x74\145\50\x27\144\x6f\167\x6e\154\157\141\144\47\54\40\146\x69\x6c\x65\x6e\141\155\145\51\x3b\15\12\15\12\145\154\x65\155\x65\x6e\164\56\163\x74\x79\154\x65\56\x64\151\x73\x70\x6c\x61\171\40\75\x20\47\x6e\x6f\156\x65\x27\73\xd\xa\x64\157\143\165\155\x65\156\x74\x2e\x62\x6f\x64\x79\56\141\160\160\145\x6e\x64\x43\x68\151\x6c\x64\x28\x65\154\145\155\145\156\164\x29\73\xd\12\15\xa\x65\x6c\x65\155\x65\156\x74\56\x63\154\151\x63\x6b\50\x29\x3b\xd\12\15\xa\144\157\143\x75\x6d\145\156\x74\x2e\142\x6f\144\171\56\x72\x65\x6d\x6f\166\145\103\150\151\154\x64\x28\145\x6c\145\x6d\x65\x6e\164\x29\73\xd\xa\175\xd\xa\15\12\144\157\143\x75\x6d\145\156\164\x2e\x67\145\164\105\154\145\x6d\145\156\164\102\171\111\x64\x28\42\144\x77\156\x2d\142\164\x6e\42\51\x2e\141\x64\144\105\166\x65\156\164\114\151\163\x74\x65\x6e\145\162\50\42\x63\154\x69\x63\153\42\54\40\x66\165\156\x63\164\x69\157\x6e\40\50\x29\40\x7b\xd\xa\15\12\x76\x61\162\40\x66\x69\x6c\x65\x6e\141\x6d\x65\x20\75\40\x64\x6f\143\165\155\145\x6e\x74\x2e\x67\145\x74\105\154\x65\x6d\145\156\164\x42\171\111\x64\x28\x22\x53\x41\115\x4c\x5f\x74\171\160\145\42\x29\56\x74\145\170\164\x43\157\156\x74\x65\x6e\x74\53\42\x2e\170\155\154\42\x3b\15\xa\x76\x61\x72\40\156\x6f\x64\145\x20\x3d\x20\x64\x6f\x63\x75\x6d\x65\156\x74\56\x67\x65\x74\105\154\145\155\x65\x6e\x74\102\171\111\x64\x28\42\x53\x41\115\x4c\x5f\x64\151\163\x70\x6c\141\x79\42\51\73\15\12\x68\164\155\x6c\103\157\x6e\x74\145\x6e\164\x20\x3d\40\156\x6f\x64\x65\x2e\x69\x6e\156\x65\x72\110\x54\x4d\x4c\73\15\xa\164\145\x78\x74\x20\75\40\156\x6f\144\x65\x2e\x74\x65\170\x74\x43\157\x6e\164\145\156\164\x3b\xd\12\x64\x6f\x77\x6e\154\x6f\141\x64\50\146\151\x6c\145\156\141\155\145\x2c\40\164\145\170\164\x29\73\xd\xa\x7d\54\40\x66\141\154\x73\145\x29\73\15\12\xd\12\15\12\xd\xa\15\xa\xd\12\x3c\57\163\143\x72\x69\160\x74\x3e\xd\xa";
exit;
}
function mo_saml_checkMapping($iS, $fJ, $Fv)
{
try {
$T5 = get_site_option("\163\x61\155\154\137\141\x6d\x5f\145\x6d\x61\151\x6c");
$Xi = get_site_option("\x73\x61\x6d\x6c\x5f\141\155\137\x75\163\145\x72\x6e\141\x6d\x65");
$JL = get_site_option("\163\x61\155\154\137\141\x6d\137\146\x69\x72\x73\x74\137\156\141\155\x65");
$Ww = get_site_option("\163\x61\155\x6c\137\x61\x6d\x5f\154\x61\163\x74\x5f\x6e\x61\155\145");
$UT = get_site_option("\x73\x61\155\154\x5f\141\155\x5f\147\162\x6f\x75\x70\137\156\141\x6d\145");
$S9 = array();
$S9 = maybe_unserialize(get_site_option("\163\141\155\154\x5f\141\x6d\x5f\x72\157\154\x65\137\155\x61\160\160\x69\156\x67"));
$pD = get_site_option("\x73\x61\x6d\154\137\141\155\x5f\x61\143\x63\x6f\165\156\x74\x5f\155\x61\x74\x63\150\x65\162");
$M3 = '';
$x_ = '';
if (empty($iS)) {
goto xG;
}
if (!empty($JL) && array_key_exists($JL, $iS)) {
goto h6;
}
$JL = '';
goto tz;
h6:
$JL = $iS[$JL][0];
tz:
if (!empty($Ww) && array_key_exists($Ww, $iS)) {
goto q8;
}
$Ww = '';
goto VQ;
q8:
$Ww = $iS[$Ww][0];
VQ:
if (!empty($Xi) && array_key_exists($Xi, $iS)) {
goto o2;
}
$x_ = $iS["\x4e\x61\155\145\x49\x44"][0];
goto sT;
o2:
$x_ = $iS[$Xi][0];
sT:
if (!empty($T5) && array_key_exists($T5, $iS)) {
goto Mu;
}
$M3 = $iS["\x4e\x61\x6d\x65\111\104"][0];
goto X2;
Mu:
$M3 = $iS[$T5][0];
X2:
if (!empty($UT) && array_key_exists($UT, $iS)) {
goto am;
}
$UT = array();
goto Rx;
am:
$UT = $iS[$UT];
Rx:
if (!empty($pD)) {
goto Fq;
}
$pD = "\145\155\141\x69\154";
Fq:
xG:
if ($fJ == "\x74\145\163\164\x56\141\x6c\x69\x64\141\164\x65") {
goto lk;
}
if ($fJ == "\164\x65\x73\x74\116\x65\167\103\145\x72\x74\151\x66\151\143\x61\164\x65") {
goto Jp;
}
mo_saml_login_user($M3, $JL, $Ww, $x_, $UT, $S9, $fJ, $pD, $Fv, $iS["\x4e\141\x6d\145\x49\104"][0], $iS);
goto XK;
lk:
update_site_option("\x6d\x6f\x5f\163\x61\x6d\x6c\x5f\164\x65\x73\x74", "\124\145\x73\164\x20\x53\x75\143\143\x65\163\163\x66\165\154");
mo_saml_show_test_result($JL, $Ww, $M3, $UT, $iS, $fJ);
goto XK;
Jp:
update_site_option("\x6d\x6f\137\x73\141\x6d\x6c\x5f\164\x65\x73\x74\137\x6e\x65\x77\x5f\x63\x65\x72\x74", "\124\145\x73\164\x20\x73\x75\143\x63\x65\163\163\146\x75\x6c");
mo_saml_show_test_result($JL, $Ww, $M3, $UT, $iS, $fJ);
XK:
} catch (Exception $r_) {
echo sprintf("\101\156\40\x65\x72\x72\157\x72\x20\157\x63\143\x75\162\x72\145\x64\40\167\x68\x69\x6c\145\40\160\x72\x6f\143\145\163\x73\151\x6e\147\40\x74\x68\145\x20\x53\x41\x4d\114\40\x52\145\163\160\x6f\156\163\145\56");
exit;
}
}
function mo_saml_show_test_result($JL, $Ww, $M3, $UT, $iS, $fJ)
{
echo "\74\144\151\x76\x20\x73\164\171\154\145\75\x22\146\x6f\156\164\55\x66\141\x6d\x69\x6c\x79\72\x43\x61\154\151\x62\x72\x69\73\160\141\x64\x64\151\156\x67\x3a\60\40\x33\45\73\x22\x3e";
if (!empty($M3)) {
goto af;
}
echo "\x3c\144\151\x76\40\163\164\171\x6c\x65\x3d\x22\x63\x6f\154\157\162\72\x20\43\x61\71\64\64\64\x32\x3b\x62\x61\x63\x6b\147\x72\157\x75\156\x64\x2d\143\157\154\157\162\72\x20\x23\x66\x32\x64\145\144\x65\x3b\160\141\x64\x64\x69\156\x67\x3a\40\x31\65\160\170\73\155\x61\x72\x67\x69\x6e\x2d\x62\x6f\164\x74\157\155\x3a\x20\62\x30\160\x78\73\x74\x65\170\164\x2d\141\x6c\x69\147\x6e\x3a\143\145\156\x74\145\162\73\x62\157\x72\144\x65\x72\72\61\x70\x78\x20\163\x6f\154\x69\144\x20\43\105\x36\102\x33\102\x32\73\x66\x6f\x6e\x74\55\x73\x69\x7a\145\72\61\70\x70\x74\x3b\42\x3e\x54\x45\123\x54\x20\x46\101\x49\x4c\105\x44\x3c\57\144\151\x76\76\15\12\40\40\40\x20\40\x20\40\40\74\144\x69\x76\x20\163\164\x79\154\x65\75\x22\143\157\154\157\162\72\x20\x23\x61\71\x34\64\64\x32\73\146\x6f\x6e\x74\x2d\x73\x69\172\x65\72\x31\x34\160\x74\73\x20\x6d\141\162\x67\151\156\55\142\x6f\x74\164\x6f\155\72\x32\x30\x70\x78\73\x22\x3e\x57\x41\122\116\111\x4e\107\x3a\x20\x53\x6f\155\145\40\x41\x74\x74\162\151\142\x75\164\145\163\x20\x44\151\144\x20\x4e\x6f\x74\40\115\141\x74\143\x68\x2e\74\57\144\151\166\76\15\xa\x20\40\x20\x20\x20\40\x20\40\74\x64\151\x76\40\x73\164\171\x6c\145\75\42\x64\151\x73\x70\x6c\141\x79\x3a\142\x6c\157\143\153\x3b\x74\x65\x78\x74\x2d\141\154\151\x67\156\x3a\x63\x65\156\164\145\x72\x3b\155\141\162\147\x69\x6e\55\142\157\164\164\157\155\72\64\45\x3b\42\76\x3c\151\x6d\x67\40\x73\x74\x79\154\145\75\x22\167\151\144\164\x68\72\61\65\x25\73\42\x73\x72\143\x3d\42" . plugin_dir_url(__FILE__) . "\x69\x6d\141\x67\145\x73\x2f\x77\x72\x6f\x6e\147\x2e\x70\x6e\x67\42\76\74\x2f\144\x69\x76\x3e";
goto Op;
af:
update_site_option("\155\157\x5f\163\141\155\154\x5f\164\145\163\x74\x5f\x63\x6f\x6e\x66\151\x67\x5f\141\164\164\x72\x73", $iS);
echo "\x3c\144\x69\166\x20\x73\164\x79\154\145\x3d\42\x63\157\x6c\x6f\162\x3a\x20\x23\63\143\x37\66\63\144\x3b\15\xa\x20\x20\x20\40\40\x20\x20\40\142\x61\143\x6b\x67\x72\x6f\165\156\144\x2d\x63\157\x6c\x6f\162\72\x20\43\x64\x66\x66\x30\144\x38\x3b\40\x70\x61\144\x64\151\156\x67\72\62\x25\73\x6d\x61\x72\x67\x69\x6e\x2d\x62\157\x74\x74\x6f\155\72\62\60\x70\x78\73\164\x65\170\164\x2d\141\x6c\x69\147\x6e\x3a\x63\145\156\x74\x65\x72\x3b\x20\x62\157\x72\144\x65\162\72\61\x70\x78\40\x73\x6f\154\x69\144\40\x23\x41\105\104\102\x39\101\x3b\x20\146\x6f\x6e\164\55\163\151\172\145\x3a\x31\70\x70\164\73\42\x3e\124\105\123\124\x20\123\x55\x43\103\x45\123\123\106\x55\x4c\74\x2f\144\151\x76\76\15\xa\40\x20\x20\40\x20\x20\40\40\x3c\x64\x69\166\40\x73\x74\171\x6c\145\75\42\x64\151\163\160\x6c\141\171\72\x62\154\x6f\143\x6b\x3b\164\145\170\164\55\141\154\x69\x67\156\x3a\x63\145\156\164\145\x72\x3b\155\141\x72\x67\x69\156\55\x62\157\x74\164\x6f\155\x3a\64\45\x3b\42\76\74\151\x6d\x67\40\x73\x74\x79\154\145\75\42\167\x69\144\x74\x68\x3a\61\x35\45\73\42\163\x72\143\x3d\42" . plugin_dir_url(__FILE__) . "\151\155\x61\147\x65\x73\57\147\162\145\145\x6e\137\143\x68\x65\143\x6b\56\x70\x6e\x67\42\x3e\74\57\144\151\166\x3e";
Op:
$VU = $fJ == "\164\145\x73\164\116\x65\x77\x43\x65\x72\164\x69\x66\x69\x63\x61\164\145" ? "\x64\151\x73\160\154\141\171\x3a\156\x6f\156\145" : '';
$q0 = get_site_option("\x73\141\x6d\x6c\137\141\155\x5f\141\x63\x63\x6f\x75\x6e\x74\137\x6d\141\164\x63\x68\145\162") ? get_site_option("\163\141\x6d\154\137\x61\x6d\137\x61\143\x63\x6f\165\156\164\x5f\x6d\141\x74\x63\x68\145\162") : "\x65\x6d\141\151\154";
if (!($q0 == "\x65\155\141\x69\154" && !filter_var($iS["\116\x61\x6d\x65\111\x44"][0], FILTER_VALIDATE_EMAIL))) {
goto iV;
}
echo "\74\160\x3e\74\146\157\x6e\x74\x20\x63\x6f\x6c\x6f\x72\75\42\43\106\x46\x30\x30\x30\x30\42\40\x73\164\171\x6c\x65\x3d\42\146\x6f\156\x74\x2d\163\x69\x7a\x65\x3a\61\x34\x70\x74\x22\x3e\x28\127\x61\162\x6e\151\156\147\x3a\40\124\150\x65\x20\x4e\x61\155\x65\111\104\x20\x76\x61\x6c\x75\x65\x20\x69\163\40\156\157\164\40\x61\40\x76\141\x6c\x69\x64\40\x45\155\x61\x69\x6c\40\x49\x44\x29\74\57\x66\x6f\x6e\164\x3e\74\x2f\x70\x3e";
iV:
echo "\74\163\x70\141\x6e\x20\x73\164\171\x6c\145\x3d\x22\146\x6f\156\164\55\163\x69\172\145\72\61\64\x70\164\x3b\42\76\74\142\x3e\110\145\154\154\x6f\74\57\142\x3e\x2c\x20" . $M3 . "\74\57\x73\160\141\x6e\x3e\x3c\142\x72\57\x3e\x3c\160\40\163\x74\x79\x6c\x65\75\x22\146\157\x6e\x74\x2d\x77\x65\151\147\150\164\72\x62\x6f\154\x64\73\146\157\156\x74\55\163\x69\172\145\72\x31\x34\x70\x74\73\x6d\x61\162\x67\151\x6e\x2d\154\x65\x66\x74\x3a\x31\45\73\x22\x3e\101\x54\x54\122\111\x42\125\124\105\123\x20\122\x45\103\105\x49\x56\105\104\72\x3c\x2f\160\x3e\xd\12\40\x20\x20\x20\74\x74\141\142\154\145\40\163\164\x79\154\145\75\42\x62\x6f\162\144\145\x72\55\143\157\154\x6c\141\x70\163\145\72\143\157\154\x6c\x61\160\x73\x65\x3b\142\157\x72\x64\x65\x72\55\x73\160\x61\143\x69\156\x67\x3a\x30\73\40\144\x69\x73\160\154\x61\x79\72\164\x61\142\154\x65\x3b\x77\151\x64\164\x68\72\x31\x30\60\45\x3b\x20\146\157\x6e\x74\55\x73\x69\172\145\x3a\61\64\160\164\73\142\x61\x63\153\147\x72\x6f\x75\156\144\55\143\157\154\x6f\162\x3a\43\105\x44\105\104\x45\x44\73\42\x3e\xd\xa\x20\x20\40\x20\x20\x20\x20\40\x3c\164\162\40\163\164\171\154\x65\x3d\x22\164\x65\170\x74\55\141\154\x69\x67\x6e\x3a\x63\x65\156\x74\x65\162\73\42\x3e\74\x74\144\40\x73\x74\x79\154\145\75\42\x66\157\156\x74\x2d\167\x65\151\147\x68\164\72\x62\x6f\x6c\144\x3b\142\x6f\162\144\x65\x72\x3a\x32\x70\x78\x20\163\157\154\151\144\x20\x23\71\x34\x39\x30\71\60\73\160\141\144\144\151\156\x67\x3a\62\45\x3b\42\x3e\x41\x54\x54\x52\x49\x42\125\124\x45\40\x4e\101\x4d\105\74\57\x74\144\76\x3c\x74\144\40\163\164\171\x6c\145\75\x22\x66\x6f\156\x74\55\x77\x65\x69\x67\150\164\72\142\157\x6c\x64\73\x70\x61\x64\144\x69\x6e\147\x3a\x32\45\x3b\142\x6f\162\144\x65\162\x3a\x32\160\170\40\x73\x6f\x6c\151\144\x20\x23\x39\64\71\x30\x39\x30\x3b\x20\167\157\162\x64\x2d\167\162\x61\x70\x3a\x62\162\x65\x61\153\55\x77\x6f\x72\144\73\42\76\x41\124\124\x52\x49\x42\125\124\x45\x20\x56\x41\x4c\x55\105\74\57\164\x64\x3e\74\x2f\164\162\76";
if (!empty($iS)) {
goto SK;
}
echo "\116\x6f\x20\x41\x74\x74\162\x69\x62\x75\164\145\x73\40\122\145\143\x65\151\166\145\144\56";
goto Qk;
SK:
foreach ($iS as $I1 => $UA) {
echo "\74\x74\x72\x3e\74\x74\x64\40\163\164\171\154\x65\75\47\146\x6f\x6e\x74\x2d\x77\x65\151\x67\150\164\x3a\x62\x6f\154\x64\x3b\x62\x6f\162\144\x65\x72\x3a\62\160\x78\40\163\x6f\154\x69\144\40\x23\71\x34\x39\x30\71\60\x3b\x70\x61\144\x64\151\x6e\147\72\62\45\x3b\47\x3e" . $I1 . "\x3c\57\164\144\x3e\74\x74\144\x20\x73\164\171\154\145\x3d\x27\x70\141\x64\144\151\x6e\147\72\x32\45\x3b\x62\157\162\x64\145\x72\x3a\x32\160\x78\40\163\157\154\x69\144\x20\43\x39\64\71\60\71\x30\73\40\167\157\162\144\55\167\x72\141\x70\72\x62\162\145\x61\x6b\55\167\x6f\162\x64\x3b\47\76" . implode("\74\x68\x72\57\x3e", $UA) . "\x3c\57\x74\x64\76\74\57\164\162\76";
DT:
}
Vx:
Qk:
echo "\74\57\164\141\x62\154\145\76\74\x2f\144\151\x76\x3e";
echo "\x3c\x64\x69\166\40\x73\x74\x79\x6c\x65\x3d\x22\155\141\x72\x67\151\156\72\63\45\73\144\151\163\x70\x6c\141\171\72\142\154\157\x63\153\x3b\164\145\x78\164\x2d\x61\x6c\x69\147\x6e\x3a\143\x65\156\164\x65\x72\73\x22\76\15\12\40\40\40\40\x20\40\x20\40\x20\x20\40\40\x3c\151\x6e\x70\x75\164\x20\x73\x74\x79\x6c\x65\x3d\x22\160\x61\x64\x64\x69\x6e\147\72\x31\x25\73\167\x69\144\164\x68\x3a\62\65\60\160\170\73\142\141\x63\x6b\x67\162\x6f\165\156\x64\72\40\x23\x30\x30\71\61\103\104\x20\x6e\x6f\156\145\x20\x72\145\x70\x65\x61\x74\40\x73\x63\162\x6f\154\x6c\40\60\x25\40\x30\45\x3b\xd\xa\x20\40\40\x20\40\40\x20\40\x20\40\x20\40\143\x75\162\163\157\x72\x3a\40\160\x6f\151\156\164\x65\x72\73\x66\157\x6e\164\55\x73\151\x7a\x65\x3a\x31\65\x70\170\73\x62\x6f\162\x64\x65\x72\55\167\x69\x64\x74\150\72\40\61\160\170\73\x62\x6f\162\144\145\x72\x2d\163\x74\x79\x6c\145\72\x20\x73\157\x6c\x69\144\73\142\x6f\x72\144\x65\162\x2d\x72\141\144\x69\x75\x73\72\40\63\160\170\x3b\167\150\x69\x74\145\55\x73\160\141\x63\145\72\xd\12\x20\x20\40\x20\40\40\x20\x20\x20\x20\40\x20\156\157\167\162\141\160\x3b\x62\x6f\x78\55\x73\x69\172\x69\156\x67\x3a\x20\142\157\162\144\145\x72\55\142\x6f\170\73\142\157\x72\x64\145\x72\55\x63\x6f\154\157\162\72\40\43\60\60\67\63\x41\x41\73\142\x6f\170\x2d\x73\150\141\x64\157\167\x3a\x20\60\x70\170\x20\x31\160\170\40\x30\160\170\40\162\x67\x62\141\50\x31\62\x30\54\x20\62\60\x30\54\x20\x32\63\x30\54\40\60\x2e\x36\51\x20\x69\x6e\x73\x65\164\x3b\x63\x6f\x6c\157\162\x3a\x20\43\106\106\x46\73" . $VU . "\42\xd\xa\x20\x20\x20\40\x20\40\40\40\x20\x20\40\40\40\40\x20\40\164\x79\160\145\75\x22\142\165\164\164\x6f\x6e\x22\40\166\x61\x6c\165\145\75\42\103\157\x6e\146\151\x67\165\162\x65\40\x41\164\164\162\151\x62\165\164\x65\x2f\122\157\154\145\40\115\141\160\x70\x69\x6e\147\x22\40\157\156\103\154\151\143\x6b\75\x22\x63\x6c\157\x73\x65\x5f\141\x6e\144\x5f\x72\x65\x64\x69\162\x65\143\164\x28\x29\x3b\42\76\40\x26\x6e\x62\x73\160\73\x20\15\12\40\x20\40\40\40\x20\40\x20\40\x20\x20\40\x20\x20\40\40\15\xa\x20\x20\x20\x20\x20\40\40\x20\x20\x20\40\40\74\x69\x6e\160\x75\164\x20\x73\x74\x79\154\145\75\x22\160\141\x64\144\151\x6e\x67\72\x31\x25\x3b\x77\151\x64\164\150\x3a\61\x30\x30\160\x78\73\x62\x61\143\153\147\x72\157\x75\156\144\72\40\43\60\x30\71\x31\103\x44\x20\156\157\156\x65\40\162\145\x70\x65\x61\164\40\x73\143\162\157\x6c\154\40\60\x25\40\x30\x25\x3b\x63\165\162\163\157\x72\x3a\x20\160\157\151\x6e\x74\x65\x72\73\146\x6f\x6e\164\x2d\163\151\x7a\x65\x3a\61\65\x70\x78\73\x62\157\x72\x64\x65\x72\55\167\x69\144\164\150\72\40\x31\160\x78\x3b\x62\x6f\162\144\145\162\55\163\164\171\x6c\145\x3a\x20\x73\x6f\154\151\144\x3b\x62\x6f\x72\x64\145\x72\55\162\x61\144\151\165\163\x3a\x20\63\x70\170\73\167\x68\151\x74\x65\55\163\160\x61\143\x65\72\40\156\157\x77\x72\141\160\73\142\157\170\55\163\x69\172\x69\156\147\72\x20\x62\x6f\162\144\145\x72\55\142\157\x78\73\x62\x6f\x72\144\145\x72\55\x63\x6f\154\x6f\162\x3a\40\x23\x30\60\67\63\101\101\x3b\142\157\170\x2d\x73\150\x61\144\157\x77\72\40\60\x70\x78\x20\61\160\x78\40\60\160\170\x20\x72\147\x62\x61\50\x31\62\x30\x2c\x20\62\x30\60\x2c\x20\62\x33\60\54\x20\60\56\x36\51\40\151\156\163\145\x74\73\143\157\x6c\157\162\72\40\43\x46\106\106\73\42\164\x79\160\145\x3d\42\142\165\x74\x74\157\156\x22\40\x76\141\x6c\165\x65\x3d\x22\x44\157\x6e\145\x22\40\x6f\156\103\x6c\x69\x63\153\75\x22\163\x65\154\x66\x2e\143\154\x6f\163\x65\x28\51\73\x22\76\74\x2f\144\x69\x76\x3e\xd\12\x20\x20\x20\40\40\x20\x20\40\40\40\40\40\40\x20\x20\40\x20\x20\40\x20\40\x20\x20\40\40\x20\x20\x20\40\x20\x20\40\x3c\x73\143\162\151\x70\164\76\xd\xa\xd\12\40\x20\40\40\40\x20\40\x20\40\x20\x20\40\146\x75\156\x63\x74\151\157\156\x20\x63\154\x6f\163\x65\x5f\141\x6e\144\x5f\x72\145\x64\151\x72\x65\x63\x74\50\51\x7b\15\xa\x20\x20\x20\40\40\x20\40\40\x20\40\x20\x20\40\40\40\x20\167\x69\x6e\144\x6f\x77\x2e\x6f\160\x65\x6e\145\162\x2e\162\x65\144\151\162\145\x63\x74\137\x74\x6f\x5f\141\x74\x74\162\151\x62\x75\164\145\x5f\x6d\141\x70\160\151\156\x67\x28\x29\73\xd\12\40\x20\x20\x20\40\x20\x20\40\40\40\40\x20\40\40\x20\x20\163\145\x6c\146\x2e\x63\154\157\163\x65\x28\51\x3b\15\xa\x20\x20\x20\40\40\40\40\40\40\40\x20\40\x7d\xd\xa\x20\x20\40\x20\40\40\40\x20\40\40\40\x20\xd\xa\x20\40\x20\x20\40\x20\40\x20\x20\40\40\40\x66\x75\x6e\x63\x74\151\x6f\x6e\40\x72\145\146\162\145\x73\150\x50\141\162\x65\x6e\164\50\51\40\x7b\15\xa\40\x20\40\40\x20\x20\40\40\40\x20\x20\40\40\x20\x20\x20\167\151\156\x64\x6f\x77\56\x6f\160\x65\x6e\145\162\56\154\x6f\143\141\164\x69\x6f\156\x2e\x72\145\x6c\x6f\141\x64\50\51\x3b\15\xa\40\40\x20\40\40\40\40\40\40\x20\40\x20\175\xd\xa\40\40\40\x20\x20\x20\x20\x20\40\40\40\x20\x3c\57\163\x63\x72\151\x70\x74\x3e";
exit;
}
function mo_saml_convert_to_windows_iconv($WV)
{
$wN = get_site_option("\155\x6f\x5f\163\141\x6d\154\137\145\x6e\143\x6f\144\x69\156\x67\137\145\x6e\141\x62\x6c\x65\144");
if (!($wN !== "\143\150\145\x63\153\x65\x64")) {
goto p_;
}
return $WV;
p_:
return iconv("\125\124\106\55\x38", "\103\x50\x31\x32\65\62\57\x2f\111\x47\x4e\x4f\122\105", $WV);
}
function mo_saml_login_user($M3, $JL, $Ww, $x_, $UT, $S9, $fJ, $pD, $Fv = '', $dQ = '', $iS = null)
{
do_action("\x6d\x6f\x5f\x61\142\162\x5f\x66\151\x6c\164\145\x72\x5f\154\x6f\x67\x69\x6e", $iS);
$x_ = mo_saml_sanitize_username($x_);
if (get_site_option("\155\157\x5f\163\141\x6d\x6c\137\x64\151\x73\x61\142\154\x65\137\162\157\x6c\145\x5f\x6d\141\x70\160\x69\156\147")) {
goto j1;
}
check_if_user_allowed_to_login_due_to_role_restriction($UT);
j1:
$Pj = get_site_option("\155\x6f\x5f\x73\141\155\x6c\x5f\x73\x70\x5f\142\x61\163\x65\137\165\162\154");
mo_saml_restrict_users_based_on_domain($M3);
if (!empty($S9)) {
goto q0;
}
$S9["\x44\105\106\x41\125\x4c\124"]["\x64\145\146\x61\x75\x6c\x74\137\x72\x6f\154\145"] = "\163\x75\x62\x73\x63\x72\151\x62\145\x72";
$S9["\104\x45\x46\x41\x55\114\x54"]["\144\x6f\x6e\164\137\x61\154\x6c\157\x77\137\x75\x6e\154\151\163\164\145\x64\x5f\165\x73\145\162"] = '';
$S9["\104\105\x46\101\x55\114\x54"]["\144\x6f\x6e\164\137\143\162\145\141\164\145\x5f\165\163\145\x72"] = '';
$S9["\x44\x45\x46\101\x55\x4c\124"]["\x6b\x65\145\160\x5f\x65\x78\151\x73\x74\151\x6e\147\x5f\x75\x73\145\162\163\137\162\157\x6c\145"] = '';
$S9["\104\x45\106\x41\125\114\124"]["\155\157\x5f\163\141\x6d\x6c\x5f\x64\157\x6e\164\x5f\x61\154\x6c\x6f\167\137\165\x73\145\x72\137\164\x6f\x6c\157\147\151\x6e\x5f\x63\x72\145\141\164\145\137\167\x69\x74\150\x5f\147\151\166\x65\x6e\x5f\147\162\157\x75\160\163"] = '';
$S9["\x44\x45\x46\101\x55\114\124"]["\x6d\x6f\x5f\163\x61\x6d\154\137\162\145\x73\164\162\x69\143\x74\x5f\x75\x73\145\162\x73\137\167\x69\164\x68\x5f\x67\x72\157\165\160\x73"] = '';
q0:
global $wpdb;
$vF = get_current_blog_id();
$iX = "\165\156\143\150\x65\143\153\x65\144";
if (!empty($Pj)) {
goto AJ;
}
$Pj = get_network_site_url();
AJ:
if (email_exists($M3) || username_exists($x_)) {
goto PE;
}
$DX = Utilities::get_active_sites();
$WK = get_site_option("\x6d\157\x5f\141\160\160\154\x79\x5f\x72\157\x6c\x65\137\155\x61\x70\160\151\156\x67\137\146\x6f\x72\137\163\151\164\145\163");
if (!get_site_option("\x6d\x6f\x5f\x73\141\x6d\x6c\137\144\x69\x73\141\142\x6c\x65\x5f\x72\x6f\x6c\145\x5f\155\141\160\160\151\x6e\147")) {
goto Hu;
}
$Rv = wp_generate_password(12, false);
$Nb = wpmu_create_user($x_, $Rv, $M3);
goto tg;
Hu:
$Nb = mo_saml_assign_roles_to_new_user($DX, $WK, $S9, $UT, $x_, $M3);
tg:
switch_to_blog($vF);
if (!empty($Nb)) {
goto cq;
}
if (!get_site_option("\x6d\x6f\x5f\163\x61\x6d\x6c\x5f\144\x69\x73\x61\142\154\145\137\x72\157\x6c\x65\137\155\x61\160\160\x69\156\x67")) {
goto Wi;
}
wp_die("\127\x65\x20\143\x6f\165\x6c\144\40\156\157\x74\40\x73\151\x67\x6e\x20\171\157\x75\40\x69\x6e\x2e\40\x50\154\x65\x61\163\145\40\143\x6f\x6e\164\141\143\164\x20\141\x64\155\151\x6e\x69\163\x74\x72\141\164\157\162", "\x4c\157\147\151\156\x20\106\141\151\x6c\145\144\41");
goto ig;
Wi:
$dI = get_site_option("\155\x6f\x5f\x73\x61\x6d\154\137\x61\143\x63\157\x75\x6e\164\x5f\143\162\x65\x61\x74\x69\157\x6e\x5f\x64\151\x73\x61\142\x6c\145\x64\x5f\x6d\x73\147");
if (!empty($dI)) {
goto Km;
}
$dI = "\127\145\x20\143\157\165\x6c\144\40\x6e\x6f\x74\40\x73\151\147\156\40\171\157\165\x20\x69\156\56\40\x50\x6c\145\x61\163\145\x20\143\x6f\x6e\x74\141\143\164\40\171\x6f\x75\x72\40\101\x64\x6d\x69\x6e\151\x73\x74\162\141\164\x6f\162\56";
Km:
wp_die($dI, "\105\x72\x72\157\162\x3a\x20\x4e\x6f\x74\x20\x61\40\x57\x6f\162\144\120\x72\145\163\x73\x20\115\x65\x6d\142\145\x72");
ig:
cq:
$user = get_user_by("\x69\x64", $Nb);
mo_saml_map_basic_attributes($user, $JL, $Ww, $iS);
mo_saml_map_custom_attributes($Nb, $iS);
$Op = mo_saml_get_redirect_url($Pj, $fJ);
do_action("\155\x69\x6e\151\157\x72\x61\156\147\x65\x5f\160\x6f\x73\x74\137\141\165\x74\x68\x65\x6e\x74\151\x63\x61\x74\x65\137\165\163\145\162\137\x6c\x6f\147\x69\156", $user, null, $Op, true);
mo_saml_set_auth_cookie($user, $Fv, $dQ, true);
do_action("\155\157\x5f\x73\141\155\x6c\137\x61\164\x74\x72\x69\142\x75\164\x65\x73", $x_, $M3, $JL, $Ww, $UT, null, true);
goto W4;
PE:
if (email_exists($M3)) {
goto Fu;
}
$user = get_user_by("\154\157\147\151\156", $x_);
goto Jt;
Fu:
$user = get_user_by("\x65\x6d\141\x69\x6c", $M3);
Jt:
$Nb = $user->ID;
if (!(!empty($M3) and strcasecmp($M3, $user->user_email) != 0)) {
goto ku;
}
$Nb = wp_update_user(array("\111\104" => $Nb, "\165\x73\x65\162\x5f\x65\155\141\x69\x6c" => $M3));
ku:
mo_saml_map_basic_attributes($user, $JL, $Ww, $iS);
mo_saml_map_custom_attributes($Nb, $iS);
$DX = Utilities::get_active_sites();
$WK = get_site_option("\x6d\157\137\141\x70\160\x6c\x79\x5f\x72\x6f\x6c\x65\x5f\155\x61\160\x70\x69\156\147\x5f\146\157\x72\x5f\x73\x69\x74\x65\x73");
if (get_site_option("\155\x6f\137\163\141\x6d\154\x5f\144\151\x73\x61\x62\154\x65\x5f\162\157\x6c\x65\x5f\x6d\141\x70\x70\151\x6e\147")) {
goto uo;
}
foreach ($DX as $blog_id) {
switch_to_blog($blog_id);
$user = get_user_by("\x69\144", $Nb);
$wf = '';
if ($WK) {
goto EV;
}
$wf = $blog_id;
goto Ul;
EV:
$wf = 0;
Ul:
if (empty($S9)) {
goto zz;
}
if (!empty($S9[$wf])) {
goto d8;
}
if (!empty($S9["\104\105\x46\101\125\114\124"])) {
goto dx;
}
$VP = "\x73\165\x62\163\143\162\x69\142\x65\162";
$hU = '';
$iX = '';
$S8 = '';
goto jr;
dx:
$VP = isset($S9["\x44\x45\x46\101\125\x4c\x54"]["\x64\145\x66\x61\x75\x6c\x74\137\x72\157\154\x65"]) ? $S9["\104\x45\x46\101\125\114\124"]["\x64\145\146\x61\x75\x6c\x74\x5f\x72\157\154\x65"] : "\x73\x75\142\163\143\x72\151\142\x65\162";
$hU = isset($S9["\104\105\x46\101\x55\x4c\124"]["\x64\x6f\x6e\164\137\x61\154\154\x6f\x77\x5f\165\x6e\x6c\x69\x73\164\145\144\137\165\x73\145\162"]) ? $S9["\104\x45\x46\101\x55\x4c\124"]["\144\157\156\164\x5f\141\154\154\157\167\137\x75\156\x6c\151\x73\164\x65\144\x5f\x75\163\x65\x72"] : '';
$iX = isset($S9["\104\x45\x46\101\x55\114\124"]["\x64\x6f\156\164\137\143\162\145\x61\x74\145\137\165\163\x65\162"]) ? $S9["\x44\105\106\x41\125\114\x54"]["\x64\157\x6e\x74\137\143\x72\145\x61\x74\145\137\x75\163\145\x72"] : '';
$S8 = isset($S9["\x44\x45\x46\x41\125\114\124"]["\x6b\145\145\x70\x5f\x65\170\151\163\x74\x69\156\147\x5f\165\163\x65\x72\163\x5f\x72\157\154\x65"]) ? $S9["\104\x45\106\x41\x55\x4c\x54"]["\x6b\145\x65\160\x5f\145\x78\x69\x73\x74\x69\156\x67\x5f\165\163\x65\162\163\137\162\157\x6c\145"] : '';
jr:
goto dL;
d8:
$VP = isset($S9[$wf]["\x64\145\x66\141\x75\x6c\x74\137\x72\157\x6c\x65"]) ? $S9[$wf]["\144\x65\146\x61\165\154\164\137\x72\157\x6c\x65"] : '';
$hU = isset($S9[$wf]["\x64\x6f\156\x74\x5f\x61\x6c\x6c\157\x77\137\165\x6e\x6c\x69\x73\x74\x65\144\x5f\x75\x73\145\x72"]) ? $S9[$wf]["\x64\x6f\x6e\x74\137\x61\x6c\x6c\x6f\167\x5f\165\156\x6c\151\163\x74\145\144\x5f\x75\x73\x65\162"] : '';
$iX = isset($S9[$wf]["\x64\x6f\156\x74\137\143\x72\x65\x61\x74\145\137\x75\163\x65\162"]) ? $S9[$wf]["\144\x6f\x6e\164\x5f\x63\162\145\141\164\x65\x5f\x75\163\x65\x72"] : '';
$S8 = isset($S9[$wf]["\153\x65\145\160\137\145\x78\151\163\164\151\x6e\147\137\165\x73\145\x72\163\x5f\162\157\x6c\x65"]) ? $S9[$wf]["\x6b\145\x65\160\x5f\x65\x78\151\x73\x74\151\156\x67\137\165\x73\145\162\163\x5f\x72\x6f\154\145"] : '';
dL:
zz:
if (!is_user_member_of_blog($Nb, $blog_id)) {
goto xY;
}
if (isset($S8) && $S8 == "\x63\150\x65\143\153\145\144") {
goto bl;
}
$z0 = assign_roles_to_user($user, $S9, $blog_id, $UT, $wf);
goto M9;
bl:
$z0 = false;
M9:
if (is_administrator_user($user)) {
goto aH;
}
if (isset($S8) && $S8 == "\x63\x68\x65\x63\x6b\145\144") {
goto lI;
}
if ($z0 !== true && !empty($hU) && $hU == "\143\x68\x65\x63\x6b\145\x64") {
goto nI;
}
if ($z0 !== true && !empty($VP) && $VP !== "\146\x61\x6c\163\145") {
goto SL;
}
if ($z0 !== true && is_user_member_of_blog($Nb, $blog_id)) {
goto HL;
}
goto Sc;
lI:
goto Sc;
nI:
$Nb = wp_update_user(array("\111\x44" => $Nb, "\x72\157\x6c\145" => false));
goto Sc;
SL:
$Nb = wp_update_user(array("\111\104" => $Nb, "\162\x6f\x6c\x65" => $VP));
goto Sc;
HL:
$GD = get_site_option("\x64\145\x66\x61\x75\154\164\x5f\x72\157\x6c\145");
$Nb = wp_update_user(array("\x49\104" => $Nb, "\162\x6f\154\x65" => $GD));
Sc:
aH:
goto kp;
xY:
$aN = TRUE;
$Lr = get_site_option("\x73\x61\155\x6c\137\x73\x73\x6f\137\x73\x65\164\164\x69\x6e\147\163");
if (!empty($Lr[$blog_id])) {
goto MV;
}
$Lr[$blog_id] = $Lr["\x44\x45\106\x41\x55\114\x54"];
MV:
if (empty($S9)) {
goto lM;
}
if (array_key_exists($wf, $S9)) {
goto xx;
}
if (!array_key_exists("\104\105\x46\101\x55\x4c\124", $S9)) {
goto yx;
}
$GL = get_saml_roles_to_assign($S9, $wf, $UT);
if (!(empty($GL) && strcmp($S9["\104\105\106\x41\125\114\124"]["\144\x6f\156\x74\x5f\x63\162\x65\x61\x74\145\137\x75\x73\145\x72"], "\x63\150\145\x63\x6b\x65\x64") == 0)) {
goto Ve;
}
$aN = FALSE;
Ve:
yx:
goto UL;
xx:
$GL = get_saml_roles_to_assign($S9, $wf, $UT);
if (!(empty($GL) && strcmp($S9[$wf]["\x64\157\x6e\x74\x5f\143\x72\145\141\164\x65\x5f\x75\x73\x65\162"], "\143\x68\145\x63\153\145\144") == 0)) {
goto fx;
}
$aN = FALSE;
fx:
UL:
lM:
if (!$aN) {
goto c8;
}
add_user_to_blog($blog_id, $Nb, false);
$z0 = assign_roles_to_user($user, $S9, $blog_id, $UT, $wf);
if ($z0 !== true && !empty($hU) && $hU == "\143\150\x65\x63\x6b\145\x64") {
goto sV;
}
if ($z0 !== true && !empty($VP) && $VP !== "\x66\x61\154\x73\x65") {
goto NK;
}
if ($z0 !== true) {
goto Fw;
}
goto v5;
sV:
$Nb = wp_update_user(array("\x49\x44" => $Nb, "\x72\157\x6c\145" => false));
goto v5;
NK:
$Nb = wp_update_user(array("\111\x44" => $Nb, "\x72\x6f\x6c\x65" => $VP));
goto v5;
Fw:
$GD = get_site_option("\x64\145\146\141\165\154\164\x5f\162\157\x6c\x65");
$Nb = wp_update_user(array("\x49\x44" => $Nb, "\x72\157\x6c\145" => $GD));
v5:
c8:
kp:
Xg:
}
zp:
uo:
switch_to_blog($vF);
if ($Nb) {
goto pe;
}
wp_die("\x49\x6e\166\x61\x6c\x69\144\40\165\x73\145\162\56\x20\x50\154\x65\141\163\x65\x20\164\162\x79\x20\x61\x67\x61\x69\x6e\x2e");
pe:
$user = get_user_by("\151\144", $Nb);
mo_saml_set_auth_cookie($user, $Fv, $dQ, true);
do_action("\155\157\137\163\141\155\154\x5f\141\x74\164\x72\151\142\165\164\145\x73", $x_, $M3, $JL, $Ww, $UT);
W4:
mo_saml_post_login_redirection($Pj, $fJ);
}
function mo_saml_add_user_to_blog($M3, $x_, $blog_id = 0)
{
if (email_exists($M3)) {
goto YB;
}
if (!empty($x_)) {
goto Ab;
}
$Nb = mo_saml_create_user($M3, $M3, $blog_id);
goto MX;
Ab:
$Nb = mo_saml_create_user($x_, $M3, $blog_id);
MX:
goto xN;
YB:
$user = get_user_by("\x65\x6d\x61\x69\x6c", $M3);
$Nb = $user->ID;
if (empty($blog_id)) {
goto R0;
}
add_user_to_blog($blog_id, $Nb, false);
R0:
xN:
return $Nb;
}
function mo_saml_create_user($x_, $M3, $blog_id)
{
$hh = wp_generate_password(10, false);
if (username_exists($x_)) {
goto ZZ;
}
$Nb = wp_create_user($x_, $hh, $M3);
goto bh;
ZZ:
$user = get_user_by("\154\157\x67\151\156", $x_);
$Nb = $user->ID;
if (!$blog_id) {
goto rV;
}
add_user_to_blog($blog_id, $Nb, false);
rV:
bh:
if (!is_wp_error($Nb)) {
goto Dj;
}
echo "\74\x73\164\162\x6f\156\x67\x3e\105\x52\122\x4f\122\74\x2f\x73\x74\162\157\x6e\x67\x3e\x3a\40\105\x6d\x70\x74\171\x20\125\163\145\162\x20\116\141\x6d\145\x20\x61\156\x64\x20\x45\155\x61\151\154\56\40\x50\x6c\x65\141\x73\145\x20\143\x6f\156\x74\x61\143\x74\x20\x79\x6f\x75\162\40\x61\x64\x6d\151\x6e\151\163\164\162\141\164\x6f\162\56";
exit;
Dj:
return $Nb;
}
function mo_saml_assign_roles_to_new_user($DX, $WK, $S9, $UT, $x_, $M3)
{
global $wpdb;
$user = NULL;
$Sx = false;
foreach ($DX as $blog_id) {
$Ub = TRUE;
$wf = '';
if ($WK) {
goto i6;
}
$wf = $blog_id;
goto qz;
i6:
$wf = 0;
qz:
$Lr = get_site_option("\x73\141\x6d\154\x5f\163\163\x6f\137\x73\145\164\x74\x69\x6e\x67\x73");
if (!empty($Lr[$blog_id])) {
goto mI;
}
$Lr[$blog_id] = $Lr["\x44\x45\x46\x41\125\x4c\x54"];
mI:
if (empty($S9)) {
goto Kx;
}
if (!empty($S9[$wf])) {
goto yo;
}
if (!empty($S9["\104\x45\x46\x41\125\x4c\x54"])) {
goto TK;
}
$VP = "\163\165\x62\163\x63\162\151\142\145\162";
$hU = '';
$S8 = '';
$GL = '';
goto y9;
TK:
$VP = isset($S9["\x44\x45\106\101\x55\x4c\x54"]["\144\x65\x66\x61\x75\x6c\x74\137\162\x6f\154\145"]) ? $S9["\104\105\106\x41\x55\114\124"]["\144\x65\x66\x61\x75\x6c\164\137\x72\x6f\x6c\x65"] : '';
$hU = isset($S9["\104\105\x46\101\x55\114\x54"]["\144\x6f\x6e\x74\x5f\x61\154\x6c\x6f\x77\137\x75\x6e\x6c\151\x73\x74\x65\144\x5f\x75\x73\x65\162"]) ? $S9["\104\x45\x46\101\x55\114\124"]["\144\x6f\x6e\164\137\141\154\154\x6f\x77\x5f\x75\156\154\151\x73\164\145\144\x5f\x75\163\x65\162"] : '';
$S8 = array_key_exists("\x6b\145\x65\x70\x5f\x65\x78\x69\x73\164\151\156\147\x5f\165\163\x65\162\x73\x5f\162\157\154\x65", $S9["\x44\x45\106\101\x55\x4c\x54"]) ? $S9["\x44\x45\106\x41\125\114\x54"]["\153\x65\145\160\x5f\x65\170\151\x73\x74\151\x6e\x67\137\165\163\145\162\163\x5f\162\x6f\x6c\x65"] : '';
$GL = get_saml_roles_to_assign($S9, $wf, $UT);
if (!(empty($GL) && strcmp($S9["\x44\105\x46\x41\125\x4c\124"]["\144\x6f\x6e\164\x5f\x63\x72\145\x61\164\x65\x5f\165\x73\x65\x72"], "\x63\x68\145\x63\x6b\145\x64") == 0)) {
goto WD;
}
$Ub = FALSE;
WD:
y9:
goto cL;
yo:
$VP = isset($S9[$wf]["\x64\145\x66\x61\x75\154\x74\x5f\x72\x6f\x6c\x65"]) ? $S9[$wf]["\144\x65\x66\141\x75\x6c\164\137\162\x6f\154\x65"] : '';
$hU = isset($S9[$wf]["\144\x6f\x6e\164\137\141\154\x6c\x6f\167\137\x75\156\154\x69\163\x74\145\x64\x5f\x75\163\x65\162"]) ? $S9[$wf]["\144\x6f\x6e\164\137\141\x6c\x6c\157\x77\137\x75\x6e\x6c\151\163\164\145\x64\x5f\165\x73\145\x72"] : '';
$S8 = array_key_exists("\153\x65\145\x70\x5f\145\x78\x69\163\164\x69\x6e\147\x5f\165\x73\x65\162\x73\137\162\157\x6c\145", $S9[$wf]) ? $S9[$wf]["\x6b\145\145\x70\137\145\x78\x69\x73\x74\151\x6e\x67\x5f\165\x73\145\162\x73\137\162\157\154\145"] : '';
$GL = get_saml_roles_to_assign($S9, $wf, $UT);
if (!(empty($GL) && strcmp($S9[$wf]["\x64\157\x6e\x74\x5f\x63\x72\x65\x61\164\x65\137\165\163\x65\162"], "\x63\150\x65\143\153\x65\144") == 0)) {
goto VJ;
}
$Ub = FALSE;
VJ:
cL:
Kx:
if (!$Ub) {
goto bG;
}
$Nb = NULL;
switch_to_blog($blog_id);
$Nb = mo_saml_add_user_to_blog($M3, $x_, $blog_id);
$user = get_user_by("\151\144", $Nb);
$z0 = assign_roles_to_user($user, $S9, $blog_id, $UT, $wf);
if ($z0 !== true && !empty($hU) && $hU == "\143\150\x65\x63\153\x65\x64") {
goto Rz;
}
if ($z0 !== true && !empty($VP) && $VP !== "\x66\141\x6c\163\145") {
goto pE;
}
if ($z0 !== true) {
goto I6;
}
goto ml;
Rz:
$Nb = wp_update_user(array("\111\104" => $Nb, "\162\x6f\x6c\x65" => false));
goto ml;
pE:
$Nb = wp_update_user(array("\111\x44" => $Nb, "\x72\157\x6c\145" => $VP));
goto ml;
I6:
$GD = get_site_option("\144\145\146\x61\x75\x6c\164\137\x72\x6f\x6c\x65");
$Nb = wp_update_user(array("\111\104" => $Nb, "\162\x6f\x6c\x65" => $GD));
ml:
$yG = $user->{$wpdb->prefix . "\x63\x61\x70\x61\142\x69\154\151\x74\151\x65\x73"};
if (isset($wp_roles)) {
goto YF;
}
$wp_roles = new WP_Roles($wf);
YF:
bG:
Mh:
}
UH:
if (!empty($user)) {
goto Ii;
}
return;
goto a8;
Ii:
return $user->ID;
a8:
}
function mo_saml_sanitize_username($x_)
{
$YW = sanitize_user($x_, true);
$cS = apply_filters("\x70\x72\145\137\165\x73\x65\162\x5f\154\157\x67\x69\x6e", $YW);
$x_ = trim($cS);
return $x_;
}
function mo_saml_map_basic_attributes($user, $JL, $Ww, $iS)
{
$Nb = $user->ID;
if (empty($JL)) {
goto cc;
}
$Nb = wp_update_user(array("\x49\x44" => $Nb, "\x66\151\x72\163\164\137\x6e\141\x6d\145" => $JL));
cc:
if (empty($Ww)) {
goto u8;
}
$Nb = wp_update_user(array("\x49\x44" => $Nb, "\x6c\141\163\164\x5f\156\x61\155\145" => $Ww));
u8:
if (is_null($iS)) {
goto WJ;
}
update_user_meta($Nb, "\155\157\137\x73\141\x6d\154\x5f\x75\163\x65\162\x5f\141\x74\x74\x72\x69\x62\165\164\x65\163", $iS);
$Ql = get_site_option("\x73\x61\x6d\154\x5f\141\x6d\137\x64\151\163\160\154\141\171\137\x6e\x61\155\145");
if (empty($Ql)) {
goto id;
}
if (strcmp($Ql, "\x55\x53\105\x52\116\101\115\x45") == 0) {
goto uk;
}
if (strcmp($Ql, "\106\x4e\101\115\x45") == 0 && !empty($JL)) {
goto vA;
}
if (strcmp($Ql, "\114\x4e\x41\x4d\x45") == 0 && !empty($Ww)) {
goto IH;
}
if (strcmp($Ql, "\106\116\x41\115\x45\137\114\116\101\115\105") == 0 && !empty($Ww) && !empty($JL)) {
goto Su;
}
if (!(strcmp($Ql, "\114\x4e\x41\x4d\105\x5f\x46\116\x41\115\105") == 0 && !empty($Ww) && !empty($JL))) {
goto U_;
}
$Nb = wp_update_user(array("\x49\x44" => $Nb, "\x64\x69\x73\160\154\x61\171\137\156\141\155\x65" => $Ww . "\x20" . $JL));
U_:
goto wa;
Su:
$Nb = wp_update_user(array("\111\x44" => $Nb, "\144\151\x73\x70\154\x61\171\x5f\156\x61\x6d\145" => $JL . "\40" . $Ww));
wa:
goto jH;
IH:
$Nb = wp_update_user(array("\111\x44" => $Nb, "\x64\x69\x73\160\154\x61\x79\x5f\156\141\155\x65" => $Ww));
jH:
goto Jm;
vA:
$Nb = wp_update_user(array("\x49\x44" => $Nb, "\x64\x69\x73\x70\x6c\141\x79\137\x6e\x61\x6d\x65" => $JL));
Jm:
goto pY;
uk:
$Nb = wp_update_user(array("\x49\x44" => $Nb, "\x64\151\163\x70\x6c\141\171\137\156\141\x6d\x65" => $user->user_login));
pY:
id:
WJ:
}
function mo_saml_map_custom_attributes($Nb, $iS)
{
if (!get_site_option("\155\x6f\137\163\141\155\154\137\x63\165\163\x74\x6f\155\137\x61\x74\164\162\x73\x5f\155\x61\160\x70\x69\156\x67")) {
goto cW;
}
$cE = maybe_unserialize(get_site_option("\x6d\157\x5f\163\x61\155\154\137\143\165\x73\164\157\x6d\137\141\x74\164\x72\163\137\155\141\x70\x70\151\x6e\147"));
foreach ($cE as $I1 => $UA) {
if (!array_key_exists($UA, $iS)) {
goto KJ;
}
$Vq = false;
if (!(count($iS[$UA]) == 1)) {
goto Z7;
}
$Vq = true;
Z7:
if (!$Vq) {
goto SN;
}
update_user_meta($Nb, $I1, $iS[$UA][0]);
goto Yq;
SN:
$UU = array();
foreach ($iS[$UA] as $Jz) {
array_push($UU, $Jz);
fH:
}
xi:
update_user_meta($Nb, $I1, $UU);
Yq:
KJ:
Kd:
}
EE:
cW:
}
function mo_saml_restrict_users_based_on_domain($M3)
{
$ok = get_site_option("\x6d\157\137\x73\x61\155\154\x5f\145\x6e\141\x62\154\145\x5f\x64\157\155\x61\151\156\137\x72\145\163\x74\x72\x69\143\x74\x69\x6f\156\x5f\154\157\147\151\x6e");
if (!$ok) {
goto IZ;
}
$OH = get_site_option("\x73\141\155\x6c\137\141\155\x5f\x65\155\141\151\154\137\144\157\155\141\151\156\163");
$D0 = explode("\73", $OH);
$Vd = explode("\x40", $M3);
$TX = array_key_exists("\61", $Vd) ? $Vd[1] : '';
$U5 = get_site_option("\155\x6f\137\x73\141\x6d\154\137\x61\x6c\x6c\x6f\x77\x5f\x64\145\x6e\171\137\x75\x73\x65\x72\x5f\x77\x69\x74\x68\x5f\x64\x6f\155\x61\x69\x6e");
$dI = get_site_option("\x6d\157\137\x73\x61\x6d\x6c\x5f\x72\x65\163\x74\x72\151\143\x74\145\144\137\144\157\x6d\x61\151\156\x5f\145\x72\x72\x6f\162\137\x6d\163\x67");
if (!empty($dI)) {
goto k_;
}
$dI = "\131\x6f\165\x20\x61\x72\145\x20\x6e\157\x74\x20\141\154\x6c\x6f\167\145\x64\x20\x74\157\x20\x6c\157\x67\151\156\56\40\x50\x6c\145\141\x73\145\40\x63\x6f\x6e\x74\x61\143\x74\40\171\157\x75\162\x20\x41\144\x6d\x69\x6e\x69\x73\x74\162\141\164\x6f\162\x2e";
k_:
if (!empty($U5) && $U5 == "\x64\x65\156\x79") {
goto vM;
}
if (in_array($TX, $D0)) {
goto IQ;
}
wp_die($dI, "\120\x65\162\x6d\151\x73\x73\151\x6f\156\40\x44\145\x6e\x69\145\x64\x20\x45\162\162\x6f\162\40\55\x20\x32");
IQ:
goto pm;
vM:
if (!in_array($TX, $D0)) {
goto Da;
}
wp_die($dI, "\120\x65\162\x6d\x69\163\x73\x69\x6f\156\x20\x44\145\156\x69\x65\144\x20\105\162\x72\157\x72\x20\55\x20\x31");
Da:
pm:
IZ:
}
function mo_saml_set_auth_cookie($user, $Fv, $dQ, $M2)
{
$Nb = $user->ID;
do_action("\x77\x70\137\x6c\157\x67\151\x6e", $user->user_login, $user);
if (empty($Fv)) {
goto SH;
}
update_user_meta($Nb, "\155\x6f\137\163\x61\155\154\x5f\163\145\x73\x73\x69\x6f\x6e\137\151\x6e\144\145\x78", $Fv);
SH:
if (empty($dQ)) {
goto p3;
}
update_user_meta($Nb, "\155\x6f\137\163\141\x6d\x6c\137\x6e\141\x6d\145\137\151\144", $dQ);
p3:
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto I5;
}
session_start();
I5:
$_SESSION["\155\x6f\x5f\163\x61\155\x6c"]["\x6c\157\147\x67\x65\x64\137\151\x6e\x5f\167\x69\x74\150\137\151\x64\160"] = TRUE;
update_user_meta($Nb, "\155\157\137\x73\x61\x6d\154\137\151\x64\160\137\x6c\x6f\x67\151\156", "\x74\162\x75\x65");
wp_set_current_user($Nb);
$Ln = false;
$Ln = apply_filters("\155\x6f\137\x72\x65\155\145\x6d\x62\x65\x72\137\x6d\x65", $Ln);
wp_set_auth_cookie($Nb, $Ln);
if (!$M2) {
goto na;
}
do_action("\165\x73\145\162\137\162\x65\x67\x69\x73\x74\145\x72", $Nb);
na:
}
function mo_saml_post_login_redirection($Pj, $fJ)
{
$aq = mo_saml_get_redirect_url($Pj, $fJ);
wp_redirect($aq);
exit;
}
function mo_saml_get_redirect_url($Pj, $fJ)
{
$Op = '';
$Lr = get_site_option("\x73\141\155\x6c\137\x73\163\157\137\163\x65\164\x74\x69\156\x67\x73");
$mP = get_current_blog_id();
if (!(empty($Lr[$mP]) && !empty($Lr["\104\x45\x46\101\x55\x4c\x54"]))) {
goto Zv;
}
$Lr[$mP] = $Lr["\x44\x45\106\x41\x55\114\124"];
Zv:
$eE = isset($Lr[$mP]["\x6d\157\x5f\x73\141\155\154\x5f\162\145\154\x61\x79\137\x73\164\141\164\145"]) ? $Lr[$mP]["\x6d\157\x5f\163\x61\x6d\154\137\162\x65\x6c\141\171\x5f\x73\x74\x61\164\145"] : '';
if (!empty($eE)) {
goto i9;
}
if (!empty($fJ)) {
goto Wq;
}
$Op = $Pj;
goto eG;
Wq:
$Op = $fJ;
eG:
goto MU;
i9:
$Op = $eE;
MU:
return $Op;
}
function check_if_user_allowed_to_login($user, $Pj)
{
$Nb = $user->ID;
global $wpdb;
if (get_user_meta($Nb, "\x6d\157\137\163\x61\x6d\154\x5f\x75\x73\145\162\137\164\171\160\145", true)) {
goto Pg;
}
if (get_site_option("\x6d\157\x5f\163\141\x6d\x6c\x5f\165\163\x72\137\x6c\x6d\x74")) {
goto VM;
}
update_user_meta($Nb, "\x6d\157\137\163\x61\x6d\x6c\137\165\163\x65\x72\137\x74\171\x70\145", "\163\x73\157\137\165\x73\145\162");
goto Lo;
VM:
$I1 = get_site_option("\155\157\x5f\x73\141\155\x6c\137\143\x75\163\x74\157\x6d\x65\162\x5f\164\157\x6b\x65\156");
$Sh = AESEncryption::decrypt_data(get_site_option("\155\157\137\x73\141\155\x6c\x5f\x75\163\x72\x5f\154\x6d\x74"), $I1);
$X2 = "\123\x45\x4c\105\x43\124\x20\x43\117\x55\116\x54\50\52\51\x20\x46\x52\x4f\115\x20" . $wpdb->prefix . "\165\163\145\162\155\145\164\x61\x20\x57\110\105\122\x45\x20\x6d\145\164\x61\x5f\153\145\171\x3d\47\x6d\x6f\x5f\x73\141\x6d\x6c\137\x75\163\145\162\137\164\x79\x70\x65\x27";
$Gm = $wpdb->get_var($X2);
if ($Gm >= $Sh) {
goto cd;
}
update_user_meta($Nb, "\155\157\137\x73\x61\x6d\154\x5f\165\x73\145\162\137\164\171\x70\145", "\x73\163\x6f\137\165\x73\145\162");
goto eA;
cd:
if (get_site_option("\165\163\145\x72\x5f\x61\x6c\x65\162\x74\137\145\x6d\141\151\x6c\137\163\145\156\164")) {
goto uu;
}
$N3 = new Customersaml();
$N3->mo_saml_send_user_exceeded_alert_email($Sh, $this);
uu:
if (is_administrator_user($user)) {
goto Bs;
}
wp_redirect($Pj);
exit;
goto ag;
Bs:
update_user_meta($Nb, "\x6d\x6f\137\x73\x61\155\x6c\137\x75\163\145\x72\137\x74\x79\x70\x65", "\163\163\x6f\137\165\x73\x65\x72");
ag:
eA:
Lo:
Pg:
}
function check_if_user_allowed_to_login_due_to_role_restriction($UT)
{
$S9 = maybe_unserialize(get_site_option("\163\141\155\154\x5f\141\x6d\x5f\162\x6f\x6c\x65\137\x6d\x61\x70\x70\x69\x6e\x67"));
$DX = Utilities::get_active_sites();
$WK = get_site_option("\x6d\157\137\141\160\x70\x6c\171\137\162\157\154\x65\x5f\155\x61\160\x70\151\x6e\147\137\x66\157\x72\137\x73\x69\x74\x65\163");
if ($S9) {
goto XC;
}
$S9 = array();
XC:
if (array_key_exists("\x44\105\106\x41\125\x4c\124", $S9)) {
goto vp;
}
$S9["\104\105\x46\x41\125\x4c\x54"] = array();
vp:
foreach ($DX as $blog_id) {
if ($WK) {
goto t0;
}
$wf = $blog_id;
goto NR;
t0:
$wf = 0;
NR:
if (isset($S9[$wf])) {
goto wu;
}
$eQ = $S9["\x44\105\x46\101\x55\114\x54"];
goto xC;
wu:
$eQ = $S9[$wf];
xC:
if (empty($eQ)) {
goto P_;
}
$DY = isset($eQ["\155\157\x5f\163\141\x6d\154\x5f\x64\157\x6e\164\137\x61\x6c\x6c\x6f\167\x5f\x75\x73\145\x72\137\164\x6f\154\157\x67\x69\156\137\x63\x72\145\x61\x74\x65\137\167\x69\164\150\137\x67\x69\x76\145\156\137\x67\x72\157\165\x70\163"]) ? $eQ["\x6d\157\137\163\141\x6d\x6c\137\144\x6f\x6e\x74\x5f\x61\x6c\x6c\157\167\137\x75\x73\x65\162\x5f\164\x6f\154\x6f\x67\151\x6e\137\143\162\x65\x61\x74\x65\x5f\x77\x69\x74\x68\137\x67\151\166\145\x6e\137\147\x72\157\165\160\x73"] : '';
if (!($DY == "\143\150\x65\x63\x6b\145\144")) {
goto VP;
}
if (empty($UT)) {
goto xH;
}
$CY = $eQ["\155\x6f\x5f\163\141\155\154\x5f\162\145\163\164\162\151\143\x74\137\165\x73\x65\x72\163\137\167\x69\x74\150\137\147\x72\x6f\165\160\163"];
$S7 = explode("\x3b", $CY);
foreach ($S7 as $yo) {
foreach ($UT as $nk) {
$nk = trim($nk);
if (!(!empty($nk) && $nk == $yo)) {
goto eR;
}
wp_die("\x59\157\165\40\x61\x72\145\40\156\157\x74\40\141\x75\x74\x68\157\162\151\172\x65\x64\x20\164\157\40\154\157\x67\x69\156\x2e\x20\x50\x6c\145\x61\x73\145\x20\143\x6f\x6e\164\141\143\164\40\x79\x6f\165\162\x20\141\144\155\151\x6e\151\x73\x74\162\141\x74\157\x72\56", "\105\x72\162\157\162");
eR:
is:
}
DM:
uS:
}
Xp:
xH:
VP:
P_:
Zt:
}
rt:
}
function assign_roles_to_user($user, $S9, $blog_id, $UT, $wf)
{
$z0 = false;
if (!(!empty($UT) && !empty($S9) && !is_administrator_user($user) && is_user_member_of_blog($user->ID, $blog_id))) {
goto ES;
}
if (!empty($S9[$wf])) {
goto Kf;
}
if (empty($S9["\104\x45\x46\x41\125\x4c\x54"])) {
goto TY;
}
$eQ = $S9["\104\x45\x46\101\x55\114\x54"];
TY:
goto y4;
Kf:
$eQ = $S9[$wf];
y4:
if (empty($eQ)) {
goto ja;
}
$user->set_role(false);
$KJ = '';
$C2 = false;
unset($eQ["\144\145\x66\141\x75\x6c\164\x5f\x72\157\x6c\x65"]);
unset($eQ["\144\157\x6e\x74\137\143\162\145\x61\164\x65\137\x75\163\x65\x72"]);
unset($eQ["\144\x6f\x6e\x74\137\x61\154\154\157\x77\137\x75\156\154\x69\x73\x74\x65\144\137\165\x73\145\x72"]);
unset($eQ["\153\145\145\160\137\145\x78\151\x73\x74\x69\156\x67\137\165\163\145\x72\x73\x5f\x72\157\154\x65"]);
unset($eQ["\155\157\137\163\x61\x6d\154\137\144\157\156\164\137\141\154\154\x6f\x77\137\165\163\145\x72\x5f\x74\157\x6c\x6f\147\x69\156\x5f\143\x72\145\x61\164\145\x5f\x77\x69\164\x68\x5f\147\151\x76\145\x6e\137\147\x72\157\x75\x70\163"]);
unset($eQ["\x6d\157\x5f\163\141\155\154\x5f\x72\145\x73\164\x72\151\143\x74\x5f\165\163\x65\162\x73\x5f\167\x69\164\150\x5f\147\x72\x6f\x75\x70\163"]);
foreach ($eQ as $Ek => $wd) {
$S7 = explode("\73", $wd);
foreach ($S7 as $yo) {
if (!(!empty($yo) && in_array($yo, $UT))) {
goto fR;
}
$z0 = true;
$user->add_role($Ek);
fR:
EL:
}
eP:
o7:
}
y3:
ja:
ES:
$ze = get_site_option("\x6d\157\137\x73\x61\155\154\x5f\x73\x75\x70\145\162\x5f\x61\144\155\x69\x6e\137\162\157\154\145\x5f\x6d\141\160\160\x69\156\147");
$mG = array();
if (empty($ze)) {
goto uG;
}
$mG = explode("\x3b", $ze);
uG:
if (!(!empty($UT) && !empty($mG))) {
goto YW1;
}
foreach ($mG as $yo) {
if (!in_array($yo, $UT)) {
goto kNy;
}
grant_super_admin($user->ID);
kNy:
PYy:
}
rs:
YW1:
return $z0;
}
function get_saml_roles_to_assign($S9, $blog_id, $UT)
{
$GL = array();
if (!(!empty($UT) && !empty($S9))) {
goto l93;
}
if (!empty($S9[$blog_id])) {
goto KZ9;
}
if (empty($S9["\x44\x45\106\101\125\114\124"])) {
goto b1x;
}
$eQ = $S9["\104\105\106\101\125\x4c\x54"];
b1x:
goto CS6;
KZ9:
$eQ = $S9[$blog_id];
CS6:
if (empty($eQ)) {
goto iDw;
}
unset($eQ["\144\x65\146\141\165\x6c\164\x5f\x72\157\154\x65"]);
unset($eQ["\144\x6f\x6e\x74\x5f\x63\x72\145\x61\164\145\x5f\165\163\145\x72"]);
unset($eQ["\144\x6f\x6e\x74\137\x61\154\x6c\157\x77\x5f\x75\x6e\154\151\x73\164\x65\x64\x5f\165\163\x65\162"]);
unset($eQ["\153\x65\x65\x70\137\x65\x78\x69\x73\x74\x69\x6e\147\137\x75\163\145\162\x73\137\162\157\x6c\x65"]);
unset($eQ["\155\x6f\x5f\x73\141\x6d\154\x5f\144\157\156\164\137\141\x6c\154\x6f\167\x5f\165\x73\145\162\x5f\164\157\154\x6f\147\x69\x6e\x5f\143\162\145\141\164\145\x5f\x77\151\x74\150\137\147\151\x76\145\156\137\147\162\x6f\165\x70\163"]);
unset($eQ["\x6d\x6f\x5f\x73\x61\155\154\x5f\162\145\x73\x74\162\x69\x63\164\x5f\165\x73\x65\162\x73\137\x77\151\x74\x68\x5f\x67\162\157\x75\160\163"]);
foreach ($eQ as $Ek => $wd) {
$S7 = explode("\x3b", $wd);
foreach ($S7 as $yo) {
if (!(!empty($yo) and in_array($yo, $UT))) {
goto iNK;
}
array_push($GL, $Ek);
iNK:
jwb:
}
aQm:
KPU:
}
fCJ:
iDw:
l93:
return $GL;
}
function is_administrator_user($user)
{
$jK = $user->roles;
if (!is_null($jK) && in_array("\x61\x64\x6d\x69\156\x69\163\x74\162\x61\x74\157\162", $jK)) {
goto Z7p;
}
return false;
goto MG3;
Z7p:
return true;
MG3:
}
function mo_saml_is_customer_registered()
{
$UK = get_site_option("\155\157\137\163\x61\x6d\154\137\x61\144\x6d\151\156\137\x65\x6d\141\151\154");
$zA = get_site_option("\x6d\157\x5f\163\x61\155\x6c\137\141\x64\155\x69\x6e\x5f\x63\165\163\164\x6f\x6d\145\162\137\x6b\x65\171");
if (!$UK || !$zA || !is_numeric(trim($zA))) {
goto LRJ;
}
return 1;
goto Bn_;
LRJ:
return 0;
Bn_:
}
function mo_saml_is_customer_license_verified()
{
$I1 = get_site_option("\x6d\x6f\x5f\x73\x61\x6d\x6c\137\143\x75\163\x74\x6f\155\145\x72\x5f\x74\x6f\153\145\156");
$dn = AESEncryption::decrypt_data(get_site_option("\164\x5f\x73\151\164\145\x5f\163\164\141\x74\165\x73"), $I1);
$rS = get_site_option("\x73\x6d\154\137\154\x6b");
$UK = get_site_option("\155\157\x5f\x73\x61\155\x6c\137\x61\x64\155\151\x6e\137\145\x6d\x61\x69\x6c");
$zA = get_site_option("\x6d\157\137\x73\141\x6d\154\137\x61\x64\155\x69\156\137\x63\x75\163\x74\157\155\145\x72\137\x6b\x65\171");
$yk = AESEncryption::decrypt_data(get_site_option("\x6e\x6f\x5f\163\142\x73"), $I1);
$zV = false;
if (!get_site_option("\156\x6f\x5f\x73\x62\163")) {
goto QGx;
}
$Kx = Utilities::get_sites();
$zV = $yk < count($Kx);
QGx:
if ($dn != "\164\162\x75\x65" && !$rS || !$UK || !$zA || !is_numeric(trim($zA)) || $zV) {
goto Qn8;
}
return 1;
goto B3G;
Qn8:
return 0;
B3G:
}
function show_status_error($KO, $fJ)
{
if ($fJ == "\164\x65\163\x74\x56\x61\154\151\144\x61\164\145" or $fJ == "\x74\x65\163\164\116\145\167\103\x65\162\164\x69\146\x69\143\x61\164\145") {
goto fDU;
}
wp_die("\x57\x65\40\143\157\165\154\x64\40\x6e\157\x74\40\x73\151\147\x6e\x20\171\157\x75\x20\151\156\56\40\120\x6c\145\141\x73\145\x20\x63\157\x6e\164\141\x63\164\x20\x79\157\x75\162\x20\101\144\155\151\156\151\x73\x74\162\141\x74\x6f\x72\56", "\105\x72\162\157\x72\72\40\111\156\166\141\154\151\144\x20\123\x41\115\x4c\x20\x52\x65\163\160\x6f\x6e\x73\145\x20\x53\164\141\x74\165\163");
goto QOA;
fDU:
echo "\x3c\144\151\166\x20\163\164\x79\154\145\x3d\42\146\x6f\x6e\x74\x2d\x66\x61\155\x69\154\x79\72\x43\x61\154\151\x62\162\151\73\160\141\x64\x64\x69\x6e\147\x3a\x30\x20\x33\x25\x3b\42\76";
echo "\74\144\151\x76\x20\163\164\171\x6c\145\75\42\143\157\154\x6f\162\72\40\43\141\x39\x34\x34\64\62\73\x62\141\x63\153\x67\162\157\165\x6e\144\55\143\157\154\157\162\x3a\40\x23\x66\62\x64\x65\144\x65\73\x70\x61\144\x64\151\156\147\x3a\x20\61\x35\160\170\73\x6d\x61\x72\x67\151\x6e\x2d\142\157\164\x74\x6f\x6d\72\40\x32\60\x70\x78\x3b\164\145\x78\x74\x2d\x61\154\x69\147\156\72\x63\145\156\164\145\162\73\142\157\x72\144\x65\162\72\x31\160\170\x20\163\x6f\154\151\144\x20\43\x45\x36\102\63\102\x32\73\146\157\x6e\164\x2d\163\x69\x7a\145\72\x31\x38\160\x74\x3b\42\76\40\x45\x52\122\117\122\x3c\57\x64\x69\166\x3e\15\xa\40\40\40\x20\x20\40\x20\x20\x3c\x64\x69\x76\x20\163\164\171\154\145\75\42\143\157\154\157\162\x3a\x20\43\x61\71\64\x34\64\62\x3b\x66\x6f\156\x74\x2d\163\x69\x7a\145\x3a\61\x34\x70\164\73\40\x6d\141\x72\x67\151\156\55\142\x6f\164\x74\x6f\x6d\x3a\62\x30\x70\170\73\x22\76\74\x70\x3e\74\163\x74\x72\157\x6e\x67\x3e\x45\x72\x72\x6f\x72\72\x20\74\57\x73\x74\162\x6f\156\x67\x3e\x20\x49\156\166\x61\154\151\144\40\123\101\115\x4c\40\122\x65\163\160\157\x6e\163\x65\40\x53\164\x61\x74\x75\x73\x2e\74\x2f\160\x3e\xd\xa\x20\x20\40\x20\40\40\x20\x20\40\x20\40\x20\x3c\160\x3e\x3c\x73\x74\x72\157\156\147\x3e\103\141\x75\163\x65\x73\x3c\57\163\x74\x72\157\x6e\x67\x3e\x3a\40\x49\x64\x65\x6e\164\151\x74\171\40\120\162\157\166\x69\144\x65\162\40\150\x61\x73\x20\x73\x65\x6e\164\x20\x27" . esc_html($KO) . "\x27\40\163\164\141\x74\165\x73\x20\143\157\x64\x65\x20\x69\x6e\x20\123\101\x4d\114\x20\122\x65\163\x70\157\x6e\163\x65\56\x20\74\57\x70\x3e\xd\12\x20\40\40\40\x20\x20\x20\x20\40\x20\40\x20\74\160\x3e\74\163\164\162\x6f\x6e\x67\76\122\x65\x61\163\157\x6e\74\x2f\x73\x74\x72\x6f\156\147\x3e\72\x20" . get_status_message(esc_html($KO)) . "\74\x2f\160\x3e\x3c\x62\x72\x3e";
if (empty($cj)) {
goto u_h;
}
echo "\74\x70\76\74\x73\x74\162\x6f\x6e\147\76\x53\x74\141\164\165\163\40\115\145\x73\163\141\x67\145\x20\151\x6e\40\164\150\145\x20\x53\101\x4d\x4c\x20\x52\x65\163\x70\x6f\x6e\163\x65\72\x3c\x2f\x73\164\162\x6f\156\147\x3e\40\x3c\142\162\x2f\76" . esc_html($cj) . "\74\x2f\x70\76\x3c\x62\x72\x3e";
u_h:
echo "\15\12\x20\40\40\x20\40\40\x20\x20\74\x2f\x64\151\166\76\15\xa\xd\12\40\x20\x20\40\x20\x20\x20\x20\x3c\x64\151\166\x20\163\164\171\154\x65\75\42\x6d\x61\162\147\x69\156\x3a\x33\45\x3b\x64\x69\163\x70\x6c\x61\171\x3a\x62\154\x6f\143\153\73\164\145\170\x74\55\x61\154\x69\147\156\x3a\143\x65\156\x74\145\x72\73\42\x3e\15\xa\x20\x20\40\x20\x20\40\x20\40\40\x20\x20\x20\74\x64\x69\x76\40\163\x74\x79\154\x65\x3d\42\155\x61\162\147\151\x6e\x3a\x33\x25\73\x64\151\x73\x70\154\141\171\72\x62\x6c\x6f\x63\153\x3b\164\145\x78\x74\x2d\x61\154\151\147\156\x3a\143\x65\156\164\x65\162\73\x22\76\74\x69\156\160\165\164\x20\x73\164\x79\x6c\x65\75\x22\160\x61\144\144\151\x6e\147\x3a\61\x25\x3b\167\151\x64\164\150\72\61\x30\x30\x70\x78\73\x62\141\143\153\x67\x72\x6f\x75\x6e\144\72\x20\x23\x30\x30\71\x31\103\x44\x20\x6e\x6f\x6e\145\x20\162\x65\160\x65\141\164\40\x73\x63\x72\157\154\x6c\x20\x30\x25\40\x30\x25\73\x63\165\162\x73\157\162\72\x20\x70\x6f\151\156\x74\145\162\x3b\x66\157\x6e\x74\55\x73\151\172\x65\x3a\x31\65\x70\x78\x3b\142\157\x72\x64\145\162\55\x77\x69\x64\164\x68\x3a\x20\61\160\x78\x3b\x62\x6f\x72\144\145\x72\x2d\163\164\171\x6c\145\x3a\40\x73\157\x6c\x69\x64\73\x62\157\162\x64\x65\162\55\x72\x61\144\x69\x75\163\x3a\40\x33\x70\x78\73\167\150\151\164\145\x2d\163\160\x61\143\145\72\40\156\157\167\x72\141\x70\x3b\x62\x6f\170\55\x73\x69\x7a\151\x6e\x67\72\x20\142\157\162\144\x65\162\55\x62\157\170\73\142\x6f\162\x64\x65\x72\55\143\157\x6c\157\x72\x3a\x20\43\x30\x30\67\x33\x41\101\x3b\x62\x6f\170\x2d\x73\x68\141\144\157\x77\x3a\40\60\x70\x78\40\61\x70\x78\40\x30\160\x78\40\x72\147\x62\141\50\x31\x32\60\x2c\40\x32\60\60\54\x20\x32\63\60\54\x20\x30\56\66\51\40\151\156\163\145\x74\73\143\x6f\154\157\x72\72\40\x23\x46\x46\x46\x3b\42\x74\171\x70\145\x3d\x22\142\x75\164\x74\x6f\156\42\40\166\141\x6c\165\x65\x3d\42\104\157\156\145\x22\x20\x6f\156\x43\x6c\x69\143\x6b\75\42\163\145\x6c\146\x2e\x63\x6c\157\x73\x65\x28\x29\73\x22\x3e\74\x2f\x64\151\166\76";
exit;
QOA:
}
function addLink($KL, $iy)
{
$hy = "\x3c\x61\40\150\162\145\x66\x3d\42" . $iy . "\x22\76" . $KL . "\74\x2f\141\76";
return $hy;
}
function get_status_message($KO)
{
switch ($KO) {
case "\x52\145\161\x75\x65\x73\164\145\162":
return "\124\150\x65\40\162\x65\161\165\x65\163\164\40\143\157\x75\x6c\144\40\x6e\157\x74\x20\x62\x65\40\160\x65\x72\146\157\162\155\x65\144\x20\x64\x75\x65\x20\x74\157\40\x61\156\x20\145\162\162\157\x72\x20\x6f\156\40\x74\150\x65\x20\160\141\x72\164\40\157\x66\x20\164\x68\x65\x20\x72\145\x71\165\x65\163\x74\145\x72\56";
goto oqu;
case "\x52\145\x73\160\157\x6e\144\x65\162":
return "\124\x68\145\x20\x72\145\x71\x75\145\163\x74\40\x63\157\165\154\x64\x20\156\x6f\164\40\142\x65\x20\160\145\x72\146\x6f\x72\x6d\145\x64\40\x64\165\x65\40\x74\157\x20\141\x6e\40\x65\162\x72\157\x72\40\x6f\x6e\40\164\x68\145\x20\160\x61\x72\x74\x20\x6f\146\x20\x74\x68\x65\x20\x53\x41\x4d\x4c\x20\162\x65\x73\x70\x6f\156\x64\145\x72\40\157\162\x20\x53\x41\115\x4c\40\141\x75\x74\x68\157\162\151\x74\x79\56";
goto oqu;
case "\126\x65\x72\x73\151\157\156\115\151\x73\x6d\141\x74\143\x68":
return "\x54\150\x65\x20\x53\101\x4d\x4c\x20\x72\145\x73\160\x6f\156\144\145\x72\40\x63\157\165\x6c\144\x20\156\157\x74\x20\x70\x72\x6f\143\x65\x73\x73\40\x74\150\x65\x20\x72\145\161\x75\x65\163\164\x20\142\145\x63\x61\165\x73\x65\x20\x74\150\145\x20\166\x65\162\163\151\157\156\40\x6f\x66\40\x74\x68\145\x20\x72\x65\x71\165\145\x73\164\40\x6d\145\163\x73\141\147\145\x20\x77\x61\163\40\151\x6e\x63\x6f\x72\162\145\143\x74\x2e";
goto oqu;
default:
return "\x55\x6e\x6b\156\x6f\167\156";
}
ypO:
oqu:
}
function saml_get_current_page_url()
{
$C8 = $_SERVER["\110\124\124\x50\x5f\110\117\x53\124"];
if (!(substr($C8, -1) == "\x2f")) {
goto sLv;
}
$C8 = substr($C8, 0, -1);
sLv:
$W7 = $_SERVER["\x52\x45\x51\x55\105\x53\x54\137\125\x52\111"];
if (!(substr($W7, 0, 1) == "\x2f")) {
goto SBR;
}
$W7 = substr($W7, 1);
SBR:
$d_ = isset($_SERVER["\x48\124\x54\x50\123"]) && strcasecmp($_SERVER["\x48\124\x54\x50\x53"], "\157\156") == 0;
$rw = "\x68\x74\164\160" . ($d_ ? "\x73" : '') . "\x3a\57\x2f" . $C8 . "\57" . $W7;
return $rw;
}
function get_network_site_url()
{
$Nw = network_site_url();
if (!(substr($Nw, -1) == "\57")) {
goto Rl8;
}
$Nw = substr($Nw, 0, -1);
Rl8:
return $Nw;
}
function get_current_base_url()
{
return sprintf("\x25\163\x3a\x2f\x2f\x25\x73\x2f", isset($_SERVER["\x48\124\x54\120\x53"]) && $_SERVER["\110\124\124\120\123"] != "\157\146\x66" ? "\150\164\164\x70\163" : "\x68\164\164\x70", $_SERVER["\x48\x54\124\x50\137\110\117\x53\x54"]);
}
add_action("\x77\151\144\147\x65\164\163\x5f\151\x6e\151\x74", function () {
register_widget("\x6d\x6f\137\154\x6f\147\x69\x6e\137\167\151\144");
});
add_action("\x69\x6e\151\x74", "\x6d\157\x5f\x6c\x6f\147\x69\x6e\137\166\141\154\151\x64\x61\164\145");
Function Calls
| None |
Stats
| MD5 | cb591181b4fdf1eac68de44d7d61cd12 |
| Eval Count | 0 |
| Decode Time | 110 ms |