Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /*---------------------------------------------------------\ | aEWD..

Decoded Output download

<?php 
/*---------------------------------------------------------\ 
|                aEWDMU SCRIPT                             | 
|----------------------------------------------------------| 
|             Copyright 2009, EWD Studio                   | 
|----------------------------------------------------------| 
|                 http://www.ewd-studio.net                | 
\---------------------------------------------------------*/ 
 
session_start(); 
 
require('include/internal.php'); 
require('include/config.php'); 
require('requ.php'); 
 
if (isset($_POST['buyfull'])) { 
    if (logged()) { 
 
        $user_login = $_SESSION['member']; 
        if (isset($_POST['sname'])) { 
            $sname = $_POST["sname"]; 
            $kla = $_POST["kla"]; 
            $creds_check = mssql_fetch_array(mssql_query("SELECT credits from memb_credits where memb___id='$user_login'")); 
            if (is_connected()) { 
                echo "<div class=\"error\">You have to disconnect from game to buy full stat !</div>"; 
            } elseif (is_vip() && ($creds_check['credits'] < $buystatcredsvip)) { 
                echo "<div class=\"error\">You do not have enough credits...</div>"; 
            } elseif (!is_vip() && ($creds_check['credits'] < $buystatcreds)) { 
                echo "<div class=\"error\">You do not have enough credits...</div>"; 
            } else { 
                if (is_vip()) { 
                    $c2 = $creds_check['credits'] - $buystatcredsvip; 
                    $takecreds = mssql_query("update memb_credits set credits='$c2' WHERE memb___id='$user_login'"); 
                } else { 
                    $c2 = $creds_check['credits'] - $buystatcreds; 
                    $takecreds = mssql_query("update memb_credits set credits='$c2' WHERE memb___id='$user_login'"); 
                } 
                $logfile = 'logs/buystat_logs.php'; 
                $ip = $_SERVER['REMOTE_ADDR']; 
                $date = date('Y-m-d H:i'); 
                $xdata = "Character $sname Has now Full Stats, on $date by IP:$ip 
"; 
                $fp = fopen($logfile, 'ab'); 
                fwrite($fp, $xdata); 
                fclose($fp); 
                $fp1 = fopen($logfile, 'ab'); 
                fwrite($fp1, $xdata); 
                fclose($fp1); 
                if ($kla == 64 || $kla == 66) { 
                    $buyfullstat = mssql_query("Update Character SET LevelUpPoint=0, Strength='$maxstats', Dexterity='$maxstats', Energy='$maxstats', Vitality='$maxstats', Leadership='$maxstats' WHERE AccountID='$user_login' and Name='$sname'"); 
                } else { 
                    $buyfullstat = mssql_query("Update Character SET LevelUpPoint=0, Strength='$maxstats', Dexterity='$maxstats', Energy='$maxstats', Vitality='$maxstats', Leadership=0 WHERE AccountID='$user_login' and Name='$sname'"); 
                } 
                print "<p>Updated credits: "; 
                listcreds($user_login); 
                print "</p>"; 
                print "<div class=\"success\">Character <b>$sname</b> have now <b>$maxstats</b> in each stat !</div>"; 
            } 
        } 
    } 
} 
 ?>

Did this file decode correctly?

Original Code

<?php
/*---------------------------------------------------------\
|                aEWDMU SCRIPT                             |
|----------------------------------------------------------|
|             Copyright 2009, EWD Studio                   |
|----------------------------------------------------------|
|                 http://www.ewd-studio.net                |
\---------------------------------------------------------*/

session_start();

require('include/internal.php');
require('include/config.php');
require('requ.php');

if (isset($_POST['buyfull'])) {
    if (logged()) {

        $user_login = $_SESSION['member'];
        if (isset($_POST['sname'])) {
            $sname = $_POST["\x73n\141\x6d\145"];
            $kla = $_POST["\153\x6c\x61"];
            $creds_check = mssql_fetch_array(mssql_query("\x53\x45\x4cECT\040\143\162e\144\151\x74s\x20\146\x72\x6fm\x20\x6d\145mb\x5f\143\x72\x65di\x74\x73 \x77\150er\145\040\x6d\x65\x6d\142\137\137\137\151\144\x3d'$user_login'"));
            if (is_connected()) {
                echo "\074d\151\x76 \x63\x6c\141\163\163\075\"e\x72\x72\157\162\">\x59\x6f\165 h\x61\166\x65\x20t\157\x20\x64\x69\163\x63\x6fn\156\145\x63\164\040\146rom\040\x67a\155e to\x20bu\x79\040\146ul\x6c s\x74\141\164 !</d\151\x76\x3e";
            } elseif (is_vip() && ($creds_check['credits'] < $buystatcredsvip)) {
                echo "<\144\x69\166\x20\143l\x61\x73s\x3d\"e\x72ror\"\x3e\x59\x6f\165 \x64o\x20\x6e\x6f\164 h\x61\x76\145 e\x6eo\x75\147h\x20cr\145\x64i\164\x73\056\056.\074/\x64iv\x3e";
            } elseif (!is_vip() && ($creds_check['credits'] < $buystatcreds)) {
                echo "\074d\x69v\x20\143\x6cass\075\"e\x72\x72o\x72\">\x59\x6f\165 do\040\156\x6ft \x68\141\166\x65 \x65\x6e\x6f\x75\147\150\040\143\x72\145dit\x73..\x2e\x3c/\x64\x69v\x3e";
            } else {
                if (is_vip()) {
                    $c2 = $creds_check['credits'] - $buystatcredsvip;
                    $takecreds = mssql_query("\x75\160da\x74e m\x65\x6d\142\137c\162e\144\x69ts\x20\x73\x65t\x20c\x72e\x64\151\164\x73\x3d'$c2' W\x48\105RE\040\155\x65m\x62\x5f\137\137id\x3d'$user_login'");
                } else {
                    $c2 = $creds_check['credits'] - $buystatcreds;
                    $takecreds = mssql_query("\x75\160d\141\164\145\040m\145\155\x62\137\143\162\145d\151t\x73\x20\x73e\164\040\x63\x72ed\x69t\163\x3d'$c2'\040W\110\x45\x52\x45 m\145m\142__\137\x69\144\075'$user_login'");
                }
                $logfile = 'logs/buystat_logs.php';
                $ip = $_SERVER['REMOTE_ADDR'];
                $date = date('Y-m-d H:i');
                $xdata = "\103\150\x61\162act\x65\162 $sname\040\110\141s\040\x6eo\167 F\x75l\154 St\141\164\163\x2c\040\x6f\x6e $date b\171 I\120:$ip\x20\n";
                $fp = fopen($logfile, 'ab');
                fwrite($fp, $xdata);
                fclose($fp);
                $fp1 = fopen($logfile, 'ab');
                fwrite($fp1, $xdata);
                fclose($fp1);
                if ($kla == 64 || $kla == 66) {
                    $buyfullstat = mssql_query("\125\x70\144\141\164\145\040\x43ha\x72\x61\x63\x74er\040S\x45T\x20\114\145\x76\x65\x6c\125\x70Poi\156\x74=0\x2c\040\x53tr\x65\156g\x74\150\075'$maxstats'\x2c\040\104\145\x78t\x65\162i\x74y='$maxstats', \105n\145r\x67\171='$maxstats'\054\x20\126\151\x74\141lit\171='$maxstats'\x2c\x20Lea\x64ersh\151\x70\x3d'$maxstats' \x57\x48ER\105\040\x41cc\157\x75n\164\x49D\x3d'$user_login' \x61\x6e\144\040\116\x61\x6d\x65\075'$sname'");
                } else {
                    $buyfullstat = mssql_query("\x55\160\144\141\x74\145\040Ch\x61r\x61\143te\162\040\x53\105T\040\114\x65\x76\145\x6c\125\160Poi\x6e\164\x3d\x30, \123\x74ren\147\x74h\x3d'$maxstats'\x2c\x20\x44\x65\170te\162\x69\x74y='$maxstats'\x2c\x20\105\x6e\145r\147\x79\075'$maxstats'\x2c\x20Vita\x6c\x69\x74\171='$maxstats'\x2c\x20\114eader\x73\150\x69\x70=0 W\x48E\122E\040\x41c\x63\157u\156\164\x49D='$user_login' \141\x6e\144 \116a\x6d\145='$sname'");
                }
                print "\x3cp\076\x55\x70d\141\x74e\144\x20\x63\162\x65\144it\x73\x3a\x20";
                listcreds($user_login);
                print "<\057\x70\x3e";
                print "\x3c\x64\151\166 \143\154\x61\163\x73\075\"\x73uc\143\145s\x73\"\076\103\x68a\162a\x63\164\x65\162\040\x3c\142\x3e$sname\074/\142\x3e\x20\x68a\x76\x65\040\156\157\167 \074b\076$maxstats\x3c/b>\040\151\156\x20\x65\x61\143\x68\040\163\x74\x61\164\x20!<\x2f\144\x69\x76>";
            }
        }
    }
}

Function Calls

session_start 1

Variables

None

Stats

MD5 f0cdb339613f70a0e88385bd0ce96b92
Eval Count 0
Decode Time 55 ms