Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace miniorangedev\craftsinglesignon\controllers; use miniorangedev\cra..
Decoded Output download
<?php
namespace miniorangedev\craftsinglesignon\controllers;
use miniorangedev\craftsinglesignon\Craftsinglesignon;
use craft\helpers\UrlHelper;
use craft\elements\User;
use miniorangedev\craftsinglesignon\controllers\ResourcesController;
use Craft;
use craft\web\Controller;
class LoginController extends Controller
{
protected array|int|bool $allowAnonymous = ["index", "callback", "test_config", "saml", "samllogin"];
public function actionIndex()
{
$jp = ResourcesController::actionDatadb();
$tJ = @$jp["oauthsettings"] ?: null;
$El = @$tJ["client_id"] ?: null;
$Ux = @$tJ["scope"] ?: null;
$M_ = @$tJ["authorization_url"] ?: null;
$aT = @$tJ["app_provider"] ?: null;
$tP = @$tJ["callback_url"] ?: null;
if (!isset($_GET["test_config"])) {
goto fM;
}
$jp["test_config"] = 1;
$Zb = Craft::$app->sites->currentSite->name;
$A3 = Craft::$app->version > 4 ? getenv("CRAFT_DB_TABLE_PREFIX") : getenv("DB_TABLE_PREFIX");
Craft::$app->db->createCommand()->update($A3 . "mologin_config", ["options" => json_encode($jp)], ["name" => $Zb])->execute();
fM:
if (isset($_REQUEST["code"])) {
goto Pb;
}
$uV = $M_ . "?redirect_uri=" . $tP . "&response_type=code&client_id=" . $El . "&scope=" . $Ux . "&state=" . $aT;
header("Location:" . $uV);
exit;
Pb:
}
public function actionCallback()
{
$FU = Craft::$app->request->getQueryParam("code");
$jp = ResourcesController::actionDatadb() != null ? ResourcesController::actionDatadb() : array();
$tJ = @$jp["oauthsettings"] ?: null;
$mW = @$jp["oauthattribute"] ?: null;
$El = @$tJ["client_id"] ?: null;
$oZ = @$tJ["client_secret"] ?: null;
$HE = @$tJ["oauth_token_api"] ?: null;
$In = @$tJ["user_info_api"] ?: null;
$OJ = @$mW["username_attribute"] ?: null;
$sh = @$mW["email_attribute"] ?: null;
$Fd = @$mW["custom_attr_count"] ?: 0;
$A1 = @$mW["custom_attributes"] ?: null;
$tP = @$tJ["callback_url"] ?: null;
$nL = "authorization_code";
$Sr = array();
$jf = array();
$hb = curl_init($HE);
curl_setopt($hb, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($hb, CURLOPT_ENCODING, '');
curl_setopt($hb, CURLOPT_RETURNTRANSFER, true);
curl_setopt($hb, CURLOPT_AUTOREFERER, true);
curl_setopt($hb, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($hb, CURLOPT_MAXREDIRS, 10);
curl_setopt($hb, CURLOPT_POST, true);
curl_setopt($hb, CURLOPT_HTTPHEADER, array("Accept: application/json"));
curl_setopt($hb, CURLOPT_POSTFIELDS, "redirect_uri=" . urlencode($tP) . "&grant_type=" . $nL . "&client_id=" . $El . "&client_secret=" . $oZ . "&code=" . $FU);
$Yi = curl_exec($hb);
if (curl_error($hb)) {
goto Iy;
}
if (is_array(json_decode($Yi, true))) {
goto kq;
}
exit("Invalid response received getting access_token from url " . $HE);
kq:
goto Z9;
Iy:
exit(curl_error($hb));
Z9:
$Yi = json_decode($Yi, true);
if (isset($Yi["error_description"])) {
goto kt;
}
if (isset($Yi["error"])) {
goto gs;
}
if ($In == null && isset($Yi["id_token"])) {
goto wp;
}
if (isset($Yi["access_token"])) {
goto fq;
}
exit("Invalid response received from OAuth Provider. Contact your administrator for more details.");
goto cw;
fq:
$g_ = $Yi["access_token"];
cw:
goto s3;
wp:
$VP = $this->decodeJWT($Yi["id_token"]);
$T_ = gettype(@$VP[$OJ]) == "string" ? @$VP[$OJ] ?: null : (@$VP[$OJ][0] ?: null);
$cG = gettype(@$VP[$sh]) == "string" ? @$VP[$sh] ?: null : (@$VP[$sh][0] ?: null);
$bt = 1;
hr:
if (!($bt <= $Fd)) {
goto G5;
}
$jf[$A1["custom_attribute" . strval($bt)]] = @$VP[$A1["custom_attribute_value" . strval($bt)]] ?: null;
t5:
$bt++;
goto hr;
G5:
s3:
goto YV;
gs:
exit($Yi["error"]);
YV:
goto BY;
kt:
exit($Yi["error_description"]);
BY:
if (!isset($g_)) {
goto HO;
}
$hb = curl_init($In . "?access_token=" . $g_);
curl_setopt($hb, CURLOPT_RETURNTRANSFER, true);
if (empty($Qd)) {
goto Gq;
}
curl_setopt($hb, CURLOPT_HTTPHEADER, $Qd);
Gq:
curl_setopt($hb, CURLOPT_POST, false);
curl_setopt($hb, CURLOPT_VERBOSE, true);
curl_setopt($hb, CURLOPT_SSL_VERIFYPEER, false);
$HC = curl_exec($hb);
if (!curl_error($hb)) {
goto u2;
}
exit(curl_error($hb));
u2:
if (is_array(json_decode($HC, true))) {
goto U2;
}
exit("Invalid response received getting access_token from url " . $In);
U2:
$Sr = json_decode($HC, true);
curl_close($hb);
if (isset($Sr["error_description"])) {
goto QC;
}
if (isset($Sr["error"])) {
goto Qy;
}
if (isset($Sr)) {
goto VA;
}
exit("Invalid response received from OAuth Provider. Contact your administrator for more details.");
goto K0;
VA:
$T_ = gettype(@$Sr[$OJ]) == "string" ? @$Sr[$OJ] ?: null : (@$Sr[$OJ][0] ?: null);
$cG = gettype(@$Sr[$sh]) == "string" ? @$Sr[$sh] ?: null : (@$Sr[$sh][0] ?: null);
$bt = 1;
mS:
if (!($bt <= $Fd)) {
goto QT;
}
$jf[$A1["custom_attribute" . strval($bt)]] = @$Sr[$A1["custom_attribute_value" . strval($bt)]] ?: null;
sk:
$bt++;
goto mS;
QT:
K0:
goto wq;
Qy:
exit($Sr["error"]);
wq:
goto YT;
QC:
exit($Sr["error_description"]);
YT:
HO:
if (!isset($jp["test_config"])) {
goto Go;
}
$jp["test_config"] = null;
$Zb = Craft::$app->sites->currentSite->name;
$A3 = Craft::$app->version > 4 ? getenv("CRAFT_DB_TABLE_PREFIX") : getenv("DB_TABLE_PREFIX");
Craft::$app->db->createCommand()->update($A3 . "mologin_config", ["options" => json_encode($jp)], ["name" => $Zb])->execute();
self::actionTest_config($Sr);
Go:
self::actionLogin_flow($jp, $T_, $cG, $Fd, $A1, $jf);
}
private function decodeJWT($HM)
{
$IM = explode(".", $HM);
if (!(count($IM) !== 3)) {
goto wC;
}
exit("Invalid JWT format");
wC:
list($K1, $jo, $RC) = $IM;
$vt = json_decode(base64_decode($K1), true);
$w2 = json_decode(base64_decode($jo), true);
if (!(!$vt || !$w2)) {
goto qy;
}
exit("Invalid JWT data");
qy:
return $w2;
}
public static function actionLogin_flow($jp, $T_ = null, $cG = null, $Fd, $A1, $jf)
{
$user = new User();
$fI = User::find()->email($cG)->all();
$k3 = @$jp["customsettings"] ?: null;
$qs = @$jp["oauthsettings"]["noreg"] ?: null;
if (!(isset($fI[0]["admin"]) && $fI[0]["admin"] == 1)) {
goto Da;
}
exit("No Email Address Return!");
Da:
if (empty($fI)) {
goto QH;
}
$user = User::find()->username($T_)->one();
if (!$user) {
goto sl;
}
$bt = 1;
v1:
if (!($bt <= $Fd)) {
goto gx;
}
$user->setFieldValue($A1["custom_attribute" . strval($bt)], $jf[$A1["custom_attribute" . strval($bt)]]);
Dy:
$bt++;
goto v1;
gx:
Craft::$app->getElements()->saveElement($user, false);
sl:
goto Ru;
QH:
if (!Craft::$app->getUser()->getIdentity()) {
goto sP;
}
return;
sP:
$user->username = $T_;
$user->email = $cG;
$user->active = true;
$user->slug = "mologin";
if (!$user->validate(null, false)) {
goto ln;
}
$bt = 1;
TC:
if (!($bt <= $Fd)) {
goto RL;
}
$user->setFieldValue($A1["custom_attribute" . strval($bt)], $jf[$A1["custom_attribute" . strval($bt)]]);
kX:
$bt++;
goto TC;
RL:
Craft::$app->getElements()->saveElement($user, false);
if (isset($k3["grouphandle"])) {
goto rl;
}
$tl = @$k3["userRole"] ?: array("accessCp");
Craft::$app->userPermissions->saveUserPermissions($user->id, $tl);
goto WC;
rl:
foreach ($k3["grouphandle"] as $KO) {
$xJ = Craft::$app->userGroups->getGroupByHandle($KO);
Craft::$app->users->assignUserToGroups($user->id, [$xJ->id]);
CV:
}
q3:
WC:
ln:
Ru:
$fI = User::find()->email($cG)->all();
if (isset($fI)) {
goto Sz;
}
exit("Error in login!");
goto fE;
Sz:
Craft::$app->getUser()->login($fI[0]);
$UE = @$k3["redirect_url"] ?: UrlHelper::cpUrl("dashboard");
Craft::$app->getResponse()->redirect($UE);
fE:
}
public static function actionTest_config($Sr)
{
$OE = "<div style="color: #3c763d; background-color: #dff0d8; padding:2%; margin-bottom:20px; text-align:center; border:1px solid #AEDB9A; font-size:18pt;">TEST SUCCESSFUL</div>";
$Ff = "<center><table style='width: 80%;'>";
$Ff .= "<tr><th>Key</th><th>Value</th></tr>";
foreach ($Sr as $Zz => $jE) {
$Ff .= "<tr>";
$Ff .= "<td>{$Zz}</td>";
$Ff .= "<td>";
if (is_array($jE)) {
goto Pv;
}
$Ff .= "<strong>{$jE}</strong>";
goto k1;
Pv:
if (empty($jE)) {
goto BW;
}
$Ff .= self::actionTest_config($jE);
BW:
k1:
$Ff .= "</td></tr>";
xr:
}
am:
$Ff .= "</table></center>
<style>\xa table, th, td {
border: 1px solid black;
border-collapse: collapse;
padding: 10px;\xa font-size: 15px;\xa }\xa </style>";
echo $OE .= $Ff;
exit;
}
}
?>Did this file decode correctly?
Original Code
<?php
namespace miniorangedev\craftsinglesignon\controllers;
use miniorangedev\craftsinglesignon\Craftsinglesignon;
use craft\helpers\UrlHelper;
use craft\elements\User;
use miniorangedev\craftsinglesignon\controllers\ResourcesController;
use Craft;
use craft\web\Controller;
class LoginController extends Controller
{
protected array|int|bool $allowAnonymous = ["\151\x6e\144\145\170", "\143\141\x6c\154\142\141\x63\x6b", "\x74\x65\x73\164\137\x63\157\x6e\146\x69\x67", "\163\x61\155\x6c", "\x73\141\155\x6c\x6c\x6f\x67\x69\156"];
public function actionIndex()
{
$jp = ResourcesController::actionDatadb();
$tJ = @$jp["\157\141\165\164\150\163\x65\164\164\x69\x6e\x67\x73"] ?: null;
$El = @$tJ["\x63\x6c\151\x65\x6e\164\x5f\x69\144"] ?: null;
$Ux = @$tJ["\163\x63\157\x70\x65"] ?: null;
$M_ = @$tJ["\x61\165\x74\x68\157\x72\x69\x7a\x61\x74\151\x6f\156\137\x75\x72\154"] ?: null;
$aT = @$tJ["\x61\x70\x70\137\x70\162\157\x76\x69\x64\145\x72"] ?: null;
$tP = @$tJ["\x63\141\x6c\x6c\142\x61\x63\x6b\x5f\x75\x72\154"] ?: null;
if (!isset($_GET["\x74\145\x73\164\x5f\x63\157\156\x66\x69\x67"])) {
goto fM;
}
$jp["\164\x65\x73\x74\x5f\x63\157\x6e\146\151\147"] = 1;
$Zb = Craft::$app->sites->currentSite->name;
$A3 = Craft::$app->version > 4 ? getenv("\103\x52\101\x46\124\137\x44\102\x5f\x54\101\102\x4c\105\x5f\120\122\105\x46\111\130") : getenv("\104\x42\137\124\101\102\114\105\x5f\120\122\x45\x46\x49\130");
Craft::$app->db->createCommand()->update($A3 . "\x6d\x6f\154\x6f\147\x69\156\137\x63\157\156\146\151\x67", ["\x6f\160\164\x69\157\x6e\163" => json_encode($jp)], ["\x6e\141\155\145" => $Zb])->execute();
fM:
if (isset($_REQUEST["\x63\157\x64\145"])) {
goto Pb;
}
$uV = $M_ . "\x3f\x72\x65\144\x69\162\145\x63\x74\137\x75\x72\151\x3d" . $tP . "\x26\x72\x65\163\x70\x6f\156\163\145\137\164\171\x70\145\75\143\x6f\x64\145\46\x63\154\x69\145\x6e\x74\137\x69\144\75" . $El . "\46\x73\143\157\160\145\75" . $Ux . "\46\x73\x74\x61\x74\x65\75" . $aT;
header("\114\x6f\143\x61\164\151\157\156\x3a" . $uV);
exit;
Pb:
}
public function actionCallback()
{
$FU = Craft::$app->request->getQueryParam("\143\157\144\x65");
$jp = ResourcesController::actionDatadb() != null ? ResourcesController::actionDatadb() : array();
$tJ = @$jp["\x6f\141\165\164\x68\163\x65\x74\x74\151\156\147\x73"] ?: null;
$mW = @$jp["\x6f\x61\165\x74\x68\x61\164\x74\x72\151\x62\x75\164\145"] ?: null;
$El = @$tJ["\x63\x6c\x69\145\156\164\137\x69\144"] ?: null;
$oZ = @$tJ["\143\x6c\x69\x65\x6e\164\137\163\x65\143\162\x65\164"] ?: null;
$HE = @$tJ["\157\141\x75\164\x68\x5f\164\x6f\153\x65\x6e\x5f\x61\160\x69"] ?: null;
$In = @$tJ["\165\163\x65\x72\137\151\156\x66\x6f\137\141\x70\x69"] ?: null;
$OJ = @$mW["\165\x73\145\162\x6e\x61\x6d\x65\x5f\x61\x74\x74\x72\x69\x62\165\164\x65"] ?: null;
$sh = @$mW["\145\x6d\141\151\x6c\x5f\141\x74\x74\x72\x69\x62\x75\x74\x65"] ?: null;
$Fd = @$mW["\143\165\163\164\157\155\137\141\x74\164\162\137\143\157\165\x6e\164"] ?: 0;
$A1 = @$mW["\x63\x75\163\164\157\x6d\137\141\164\x74\162\151\x62\165\x74\x65\x73"] ?: null;
$tP = @$tJ["\x63\x61\x6c\x6c\x62\141\x63\153\x5f\x75\x72\154"] ?: null;
$nL = "\141\x75\164\150\x6f\162\x69\x7a\x61\164\x69\x6f\x6e\x5f\143\x6f\144\145";
$Sr = array();
$jf = array();
$hb = curl_init($HE);
curl_setopt($hb, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($hb, CURLOPT_ENCODING, '');
curl_setopt($hb, CURLOPT_RETURNTRANSFER, true);
curl_setopt($hb, CURLOPT_AUTOREFERER, true);
curl_setopt($hb, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($hb, CURLOPT_MAXREDIRS, 10);
curl_setopt($hb, CURLOPT_POST, true);
curl_setopt($hb, CURLOPT_HTTPHEADER, array("\101\x63\143\x65\160\x74\72\40\x61\x70\x70\154\x69\143\141\164\x69\157\x6e\57\152\x73\x6f\156"));
curl_setopt($hb, CURLOPT_POSTFIELDS, "\162\145\x64\151\x72\x65\x63\x74\137\165\162\151\x3d" . urlencode($tP) . "\x26\x67\x72\x61\156\164\x5f\164\171\160\x65\75" . $nL . "\x26\143\154\x69\145\156\164\x5f\151\144\x3d" . $El . "\46\143\x6c\x69\145\x6e\x74\x5f\163\x65\x63\x72\145\x74\x3d" . $oZ . "\x26\143\157\144\x65\75" . $FU);
$Yi = curl_exec($hb);
if (curl_error($hb)) {
goto Iy;
}
if (is_array(json_decode($Yi, true))) {
goto kq;
}
exit("\x49\156\166\141\x6c\151\144\x20\162\x65\163\x70\157\156\x73\145\40\x72\145\x63\x65\151\166\x65\x64\40\147\145\164\164\x69\x6e\147\x20\141\x63\143\145\163\x73\x5f\164\157\153\145\156\x20\146\162\x6f\155\x20\x75\x72\x6c\40" . $HE);
kq:
goto Z9;
Iy:
exit(curl_error($hb));
Z9:
$Yi = json_decode($Yi, true);
if (isset($Yi["\x65\162\162\x6f\x72\137\x64\x65\163\143\162\151\x70\x74\x69\x6f\156"])) {
goto kt;
}
if (isset($Yi["\x65\x72\x72\157\162"])) {
goto gs;
}
if ($In == null && isset($Yi["\151\x64\137\x74\157\x6b\145\x6e"])) {
goto wp;
}
if (isset($Yi["\x61\143\143\x65\x73\x73\x5f\x74\x6f\153\145\156"])) {
goto fq;
}
exit("\x49\x6e\x76\x61\x6c\151\144\40\x72\x65\x73\160\157\156\163\145\40\x72\x65\143\x65\151\166\x65\x64\x20\146\x72\x6f\155\x20\x4f\x41\165\x74\150\x20\120\162\x6f\x76\x69\144\145\162\x2e\x20\103\x6f\x6e\x74\141\x63\x74\40\171\x6f\165\x72\x20\x61\x64\x6d\x69\x6e\x69\x73\164\162\x61\164\x6f\x72\40\146\157\x72\40\155\x6f\x72\x65\x20\x64\145\x74\141\151\154\163\x2e");
goto cw;
fq:
$g_ = $Yi["\141\x63\x63\x65\163\x73\x5f\164\x6f\153\x65\156"];
cw:
goto s3;
wp:
$VP = $this->decodeJWT($Yi["\151\x64\137\x74\x6f\x6b\145\x6e"]);
$T_ = gettype(@$VP[$OJ]) == "\x73\x74\162\x69\x6e\x67" ? @$VP[$OJ] ?: null : (@$VP[$OJ][0] ?: null);
$cG = gettype(@$VP[$sh]) == "\x73\164\162\151\156\x67" ? @$VP[$sh] ?: null : (@$VP[$sh][0] ?: null);
$bt = 1;
hr:
if (!($bt <= $Fd)) {
goto G5;
}
$jf[$A1["\143\x75\x73\x74\157\x6d\x5f\141\x74\164\x72\x69\142\x75\164\145" . strval($bt)]] = @$VP[$A1["\x63\x75\x73\164\157\x6d\x5f\x61\164\164\x72\x69\x62\165\x74\x65\x5f\166\x61\x6c\x75\145" . strval($bt)]] ?: null;
t5:
$bt++;
goto hr;
G5:
s3:
goto YV;
gs:
exit($Yi["\145\162\x72\x6f\162"]);
YV:
goto BY;
kt:
exit($Yi["\x65\162\162\157\x72\x5f\x64\x65\x73\143\x72\151\x70\x74\151\157\156"]);
BY:
if (!isset($g_)) {
goto HO;
}
$hb = curl_init($In . "\x3f\x61\x63\x63\145\x73\163\x5f\164\157\153\145\156\x3d" . $g_);
curl_setopt($hb, CURLOPT_RETURNTRANSFER, true);
if (empty($Qd)) {
goto Gq;
}
curl_setopt($hb, CURLOPT_HTTPHEADER, $Qd);
Gq:
curl_setopt($hb, CURLOPT_POST, false);
curl_setopt($hb, CURLOPT_VERBOSE, true);
curl_setopt($hb, CURLOPT_SSL_VERIFYPEER, false);
$HC = curl_exec($hb);
if (!curl_error($hb)) {
goto u2;
}
exit(curl_error($hb));
u2:
if (is_array(json_decode($HC, true))) {
goto U2;
}
exit("\x49\x6e\166\141\x6c\151\x64\x20\x72\145\163\x70\157\156\163\x65\40\162\145\x63\145\x69\166\145\x64\x20\147\145\164\164\151\x6e\147\x20\x61\143\143\x65\163\163\137\x74\x6f\x6b\145\x6e\x20\x66\x72\157\x6d\x20\x75\162\154\40" . $In);
U2:
$Sr = json_decode($HC, true);
curl_close($hb);
if (isset($Sr["\145\x72\x72\157\162\x5f\144\x65\163\x63\x72\x69\160\x74\151\157\x6e"])) {
goto QC;
}
if (isset($Sr["\x65\x72\162\x6f\x72"])) {
goto Qy;
}
if (isset($Sr)) {
goto VA;
}
exit("\x49\x6e\166\141\x6c\151\144\40\x72\x65\x73\x70\157\x6e\163\x65\40\162\x65\x63\x65\x69\166\x65\x64\x20\x66\162\x6f\x6d\40\x4f\x41\165\164\150\x20\x50\x72\x6f\166\x69\x64\x65\x72\x2e\x20\103\x6f\x6e\164\141\x63\164\x20\x79\157\x75\x72\40\x61\144\x6d\x69\x6e\x69\163\164\x72\x61\164\x6f\x72\x20\146\157\162\x20\x6d\x6f\162\x65\x20\x64\145\x74\x61\x69\x6c\x73\56");
goto K0;
VA:
$T_ = gettype(@$Sr[$OJ]) == "\x73\164\x72\x69\x6e\x67" ? @$Sr[$OJ] ?: null : (@$Sr[$OJ][0] ?: null);
$cG = gettype(@$Sr[$sh]) == "\163\x74\x72\x69\156\x67" ? @$Sr[$sh] ?: null : (@$Sr[$sh][0] ?: null);
$bt = 1;
mS:
if (!($bt <= $Fd)) {
goto QT;
}
$jf[$A1["\143\x75\163\x74\157\155\x5f\141\x74\x74\162\x69\142\x75\x74\x65" . strval($bt)]] = @$Sr[$A1["\143\165\x73\164\157\x6d\137\141\164\164\x72\x69\142\165\x74\x65\x5f\166\141\x6c\165\x65" . strval($bt)]] ?: null;
sk:
$bt++;
goto mS;
QT:
K0:
goto wq;
Qy:
exit($Sr["\145\x72\x72\x6f\162"]);
wq:
goto YT;
QC:
exit($Sr["\x65\x72\x72\x6f\162\x5f\x64\145\x73\143\162\x69\x70\164\x69\157\x6e"]);
YT:
HO:
if (!isset($jp["\164\145\x73\x74\x5f\x63\x6f\x6e\x66\151\x67"])) {
goto Go;
}
$jp["\164\145\163\x74\x5f\143\x6f\156\146\151\x67"] = null;
$Zb = Craft::$app->sites->currentSite->name;
$A3 = Craft::$app->version > 4 ? getenv("\103\122\101\106\124\x5f\x44\102\137\x54\x41\x42\114\x45\x5f\120\122\x45\x46\111\130") : getenv("\x44\102\x5f\124\x41\x42\x4c\x45\x5f\120\x52\105\x46\x49\130");
Craft::$app->db->createCommand()->update($A3 . "\155\157\154\157\x67\x69\156\137\143\x6f\x6e\146\151\x67", ["\157\160\164\x69\157\156\x73" => json_encode($jp)], ["\156\141\155\x65" => $Zb])->execute();
self::actionTest_config($Sr);
Go:
self::actionLogin_flow($jp, $T_, $cG, $Fd, $A1, $jf);
}
private function decodeJWT($HM)
{
$IM = explode("\x2e", $HM);
if (!(count($IM) !== 3)) {
goto wC;
}
exit("\111\156\x76\141\x6c\151\144\40\112\x57\124\x20\146\157\162\155\141\164");
wC:
list($K1, $jo, $RC) = $IM;
$vt = json_decode(base64_decode($K1), true);
$w2 = json_decode(base64_decode($jo), true);
if (!(!$vt || !$w2)) {
goto qy;
}
exit("\111\156\166\141\x6c\151\x64\x20\112\127\124\40\x64\x61\164\x61");
qy:
return $w2;
}
public static function actionLogin_flow($jp, $T_ = null, $cG = null, $Fd, $A1, $jf)
{
$user = new User();
$fI = User::find()->email($cG)->all();
$k3 = @$jp["\x63\165\163\x74\157\x6d\x73\145\x74\x74\151\x6e\x67\163"] ?: null;
$qs = @$jp["\x6f\141\165\164\x68\x73\145\164\x74\x69\x6e\147\x73"]["\x6e\157\x72\x65\147"] ?: null;
if (!(isset($fI[0]["\x61\x64\x6d\x69\156"]) && $fI[0]["\x61\x64\155\x69\x6e"] == 1)) {
goto Da;
}
exit("\x4e\157\40\x45\155\141\151\154\40\101\144\x64\162\x65\x73\x73\40\122\x65\x74\x75\162\x6e\x21");
Da:
if (empty($fI)) {
goto QH;
}
$user = User::find()->username($T_)->one();
if (!$user) {
goto sl;
}
$bt = 1;
v1:
if (!($bt <= $Fd)) {
goto gx;
}
$user->setFieldValue($A1["\143\x75\x73\164\157\x6d\x5f\141\x74\x74\x72\151\x62\165\164\x65" . strval($bt)], $jf[$A1["\143\165\163\164\x6f\x6d\x5f\141\x74\164\x72\x69\142\165\x74\x65" . strval($bt)]]);
Dy:
$bt++;
goto v1;
gx:
Craft::$app->getElements()->saveElement($user, false);
sl:
goto Ru;
QH:
if (!Craft::$app->getUser()->getIdentity()) {
goto sP;
}
return;
sP:
$user->username = $T_;
$user->email = $cG;
$user->active = true;
$user->slug = "\155\x6f\x6c\x6f\147\151\156";
if (!$user->validate(null, false)) {
goto ln;
}
$bt = 1;
TC:
if (!($bt <= $Fd)) {
goto RL;
}
$user->setFieldValue($A1["\143\165\163\x74\x6f\155\x5f\141\x74\164\x72\151\x62\165\164\145" . strval($bt)], $jf[$A1["\143\x75\163\x74\x6f\x6d\x5f\141\x74\164\162\151\x62\x75\164\145" . strval($bt)]]);
kX:
$bt++;
goto TC;
RL:
Craft::$app->getElements()->saveElement($user, false);
if (isset($k3["\x67\162\157\x75\x70\x68\141\x6e\x64\x6c\x65"])) {
goto rl;
}
$tl = @$k3["\x75\163\x65\162\x52\157\x6c\x65"] ?: array("\x61\x63\143\145\163\163\103\160");
Craft::$app->userPermissions->saveUserPermissions($user->id, $tl);
goto WC;
rl:
foreach ($k3["\147\162\157\165\x70\150\141\x6e\x64\x6c\x65"] as $KO) {
$xJ = Craft::$app->userGroups->getGroupByHandle($KO);
Craft::$app->users->assignUserToGroups($user->id, [$xJ->id]);
CV:
}
q3:
WC:
ln:
Ru:
$fI = User::find()->email($cG)->all();
if (isset($fI)) {
goto Sz;
}
exit("\x45\x72\x72\x6f\162\40\151\x6e\40\x6c\x6f\x67\x69\x6e\x21");
goto fE;
Sz:
Craft::$app->getUser()->login($fI[0]);
$UE = @$k3["\162\145\x64\x69\x72\145\143\x74\x5f\x75\162\x6c"] ?: UrlHelper::cpUrl("\x64\x61\x73\150\x62\157\x61\x72\144");
Craft::$app->getResponse()->redirect($UE);
fE:
}
public static function actionTest_config($Sr)
{
$OE = "\x3c\144\151\x76\40\x73\164\x79\154\x65\75\x22\143\157\154\x6f\x72\x3a\x20\x23\63\143\67\x36\x33\x64\x3b\40\x62\x61\x63\153\x67\162\157\x75\156\x64\55\x63\157\154\157\162\x3a\40\x23\144\146\146\x30\144\70\x3b\x20\x70\x61\x64\144\x69\156\x67\72\x32\45\73\x20\155\141\x72\x67\x69\x6e\55\142\x6f\x74\164\157\155\72\x32\60\160\x78\x3b\x20\x74\145\170\x74\x2d\141\x6c\151\x67\156\x3a\x63\145\x6e\164\x65\x72\73\x20\142\157\162\x64\145\x72\x3a\61\x70\170\40\163\x6f\x6c\151\x64\x20\x23\101\105\104\102\71\101\x3b\40\146\157\x6e\x74\x2d\163\151\172\145\x3a\x31\x38\160\164\x3b\42\76\x54\105\x53\x54\x20\x53\x55\x43\103\105\x53\123\x46\125\114\x3c\57\x64\x69\x76\x3e";
$Ff = "\x3c\143\145\x6e\164\x65\x72\76\x3c\x74\x61\142\154\145\40\163\x74\171\x6c\x65\x3d\47\167\151\x64\164\150\72\40\x38\60\x25\73\x27\x3e";
$Ff .= "\74\164\x72\76\74\164\x68\76\x4b\x65\171\74\57\x74\x68\76\74\x74\x68\76\126\x61\154\165\x65\x3c\57\164\x68\x3e\x3c\57\164\162\x3e";
foreach ($Sr as $Zz => $jE) {
$Ff .= "\74\x74\x72\76";
$Ff .= "\x3c\x74\144\76{$Zz}\x3c\x2f\164\144\76";
$Ff .= "\74\164\x64\x3e";
if (is_array($jE)) {
goto Pv;
}
$Ff .= "\x3c\163\164\162\157\156\x67\76{$jE}\74\x2f\163\x74\162\157\x6e\147\76";
goto k1;
Pv:
if (empty($jE)) {
goto BW;
}
$Ff .= self::actionTest_config($jE);
BW:
k1:
$Ff .= "\x3c\x2f\x74\x64\x3e\74\57\x74\162\76";
xr:
}
am:
$Ff .= "\74\x2f\x74\x61\142\154\x65\x3e\x3c\57\x63\x65\x6e\164\145\x72\x3e\12\x20\x20\40\x20\x20\x20\x20\40\40\40\40\40\x3c\x73\x74\x79\x6c\x65\x3e\xa\x20\40\x20\40\x20\40\40\x20\40\x20\40\x20\40\x20\40\x20\164\141\142\154\x65\54\x20\164\x68\x2c\40\x74\144\x20\173\12\40\x20\40\x20\x20\40\40\40\40\x20\x20\40\x20\40\40\40\40\40\40\40\142\157\x72\x64\145\162\72\40\61\x70\x78\40\x73\157\x6c\151\144\x20\142\x6c\141\143\x6b\x3b\12\40\40\x20\x20\40\x20\40\x20\x20\40\40\40\x20\x20\x20\40\x20\x20\40\x20\142\x6f\162\144\x65\x72\x2d\x63\x6f\154\x6c\141\x70\163\x65\x3a\40\143\x6f\154\154\141\160\163\145\73\12\40\x20\40\x20\x20\x20\x20\x20\x20\40\40\40\x20\x20\x20\x20\x20\x20\x20\40\160\x61\144\144\x69\x6e\x67\x3a\40\61\60\x70\170\73\xa\40\40\40\x20\40\40\x20\x20\x20\x20\x20\40\40\40\x20\x20\40\x20\x20\40\146\157\x6e\164\55\x73\x69\x7a\x65\x3a\x20\x31\x35\160\x78\73\xa\40\40\x20\40\x20\40\x20\x20\x20\x20\x20\x20\40\x20\40\40\175\xa\x20\40\40\40\x20\40\x20\40\x20\x20\x20\40\x3c\57\x73\x74\x79\154\x65\76";
echo $OE .= $Ff;
exit;
}
}
Function Calls
| None |
Stats
| MD5 | f3a5c778e792b9ab3142fa7662ab88ef |
| Eval Count | 0 |
| Decode Time | 59 ms |