Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php include_once dirname(__FILE__) . "\x2f\x55\164\x69\154\151\x74\151\145\x73\56\1..
Decoded Output download
<?php
include_once dirname(__FILE__) . "/Utilities.php";
include_once dirname(__FILE__) . "/Response.php";
include_once dirname(__FILE__) . "/LogoutRequest.php";
require_once dirname(__FILE__) . "/includes/lib/encryption.php";
class mo_login_wid extends WP_Widget
{
public function __construct()
{
$z3 = get_site_option("saml_identity_name");
parent::__construct("Saml_Login_Widget", "Login with " . $z3, array("description" => __("This is a miniOrange SAML login widget.", "mosaml"), "customize_selective_refresh" => true));
}
public function widget($hp, $WK)
{
extract($hp);
$DQ = apply_filters("widget_title", $WK["wid_title"]);
echo $hp["before_widget"];
if (empty($DQ)) {
goto kQ;
}
echo $hp["before_title"] . $DQ . $hp["after_title"];
kQ:
$this->loginForm();
echo $hp["after_widget"];
}
public function update($Mf, $Gt)
{
$WK = array();
$WK["wid_title"] = strip_tags($Mf["wid_title"]);
return $WK;
}
public function form($WK)
{
$DQ = '';
if (!array_key_exists("wid_title", $WK)) {
goto L_;
}
$DQ = $WK["wid_title"];
L_:
echo "\xa\x9\x9<p><label for="" . $this->get_field_id("wid_title") . " ">" . _e("Title:") . " </label>\xa \x9 <input class="widefat" id="" . $this->get_field_id("wid_title") . "" name="" . $this->get_field_name("wid_title") . "" type="text" value="" . $DQ . "" />\xa\x9 </p>";
}
public function loginForm()
{
global $ig;
if (!is_user_logged_in()) {
goto b0;
}
$current_user = wp_get_current_user();
$dG = "Hello," . $current_user->display_name;
echo $dG . " | <a href="" . wp_logout_url(site_url()) . "" title="logout" >Logout</a></li>";
goto kO;
b0:
echo "\xa \x9 <script>\xa\x9 \x9 function submitSamlForm(){ document.getElementById("login").submit(); }
\x9 </script>\xa <form name="login" id="login" method="post" action="">\xa \x9 <input type="hidden" name="option" value="saml_user_login" />\xa\xa \x9\x9\x9<font size="+1" style="vertical-align:top;"> </font>";
$Ry = get_site_option("saml_identity_name");
$RC = get_site_option("saml_x509_certificate");
if (!empty($Ry) && !empty($RC)) {
goto eL;
}
echo "Please configure the miniOrange SAML Plugin first.";
goto aX;
eL:
if (get_site_option("mo_saml_enable_cloud_broker") == "false") {
goto Hv;
}
echo "<a href="" . get_site_option("mo_saml_host_name") . "/moas/rest/saml/request?id=" . get_site_option("mo_saml_admin_customer_key") . "&returnurl= " . urlencode(site_url() . "/?option=readsamllogin") . "">Login with " . $Ry . "</a>";
goto au;
Hv:
echo "<a href="#" onClick="submitSamlForm()">Login with " . $Ry . "</a></form>";
au:
aX:
if ($this->mo_saml_check_empty_or_null_val(get_site_option("mo_saml_redirect_error_code"))) {
goto mq;
}
echo "<div></div><div title="Login Error"><font color="red">We could not sign you in. Please contact your Administrator.</font></div>";
delete_site_option("mo_saml_redirect_error_code");
delete_site_option("mo_saml_redirect_error_reason");
mq:
echo "<a href="http://miniorange.com/wordpress-ldap-login" style="display:none">Login to WordPress using LDAP</a>\xa \x9 <a href="http://miniorange.com/cloud-identity-broker-service" style="display:none">Cloud Identity broker service</a>\xa \x9<a href="http://miniorange.com/strong_auth" style="display:none;"></a>
\x9 \x9 <a href="http://miniorange.com/single-sign-on-sso" style="display:none;"></a>\xa \x9 <a href="http://miniorange.com/fraud" style="display:none;"></a>
\xa </ul>
</form>";
kO:
}
public function mo_saml_check_empty_or_null_val($Vz)
{
if (!(!isset($Vz) || empty($Vz))) {
goto IK;
}
return true;
IK:
return false;
}
function mo_saml_logout()
{
if (!is_user_logged_in()) {
goto M3;
}
$Uq = get_site_option("saml_logout_url");
$RG = get_site_option("saml_logout_binding_type");
if (empty($Uq)) {
goto WG;
}
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto pu;
}
session_start();
pu:
if (isset($_SESSION["mo_saml_logout_request"])) {
goto ut;
}
if (isset($_SESSION["mo_saml"]["logged_in_with_idp"])) {
goto xg;
}
goto Z6;
ut:
self::createLogoutResponseAndRedirect($Uq, $RG);
die;
goto Z6;
xg:
unset($_SESSION["mo_saml"]);
$current_user = wp_get_current_user();
$dp = get_user_meta($current_user->ID, "mo_saml_name_id");
$VA = get_user_meta($current_user->ID, "mo_saml_session_index");
$tT = get_site_option("mo_saml_sp_base_url");
if (!empty($tT)) {
goto D7;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "/")) {
goto eo;
}
$tT = substr($tT, 0, -1);
eo:
D7:
$FF = get_site_option("mo_saml_sp_entity_id");
if (!empty($FF)) {
goto bo;
}
$FF = $tT . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
bo:
$Cb = $Uq;
$uW = saml_get_current_page_url();
if (!strpos($uW, "?")) {
goto aF;
}
$uW = site_url();
aF:
$Dg = Utilities::createLogoutRequest($dp, $VA, $FF, $Cb, $RG);
if (empty($RG) || $RG == "HTTP-Redirect") {
goto TY;
}
$sB = plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "sp-key.key";
$oM = plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "sp-certificate.crt";
$NK = Utilities::signXML($Dg, $oM, $sB, "NameID");
Utilities::postSAMLRequest($Uq, $NK, $uW);
goto yL;
TY:
$Dg = "SAMLRequest=" . $Dg . "&RelayState=" . urlencode($uW) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$jk = array("type" => "private");
$M3 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $jk);
$t3 = plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "sp-key.key";
$M3->loadKey($t3, TRUE);
$eT = new XMLSecurityDSig();
$Gw = $M3->signData($Dg);
$Gw = base64_encode($Gw);
$p9 = $Uq;
if (strpos($Uq, "?") !== false) {
goto Y2;
}
$p9 .= "?";
goto sC;
Y2:
$p9 .= "&";
sC:
$p9 .= $Dg . "&Signature=" . urlencode($Gw);
header("Location:" . $p9);
die;
yL:
Z6:
WG:
M3:
}
function createLogoutResponseAndRedirect($Uq, $RG)
{
$tT = get_site_option("mo_saml_sp_base_url");
if (!empty($tT)) {
goto V6;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "/")) {
goto wf;
}
$tT = substr($tT, 0, -1);
wf:
V6:
$wy = $_SESSION["mo_saml_logout_request"];
$us = $_SESSION["mo_saml_logout_relay_state"];
unset($_SESSION["mo_saml_logout_request"]);
unset($_SESSION["mo_saml_logout_relay_state"]);
$UO = new DOMDocument();
$UO->loadXML($wy);
$wy = $UO->firstChild;
if (!($wy->localName == "LogoutRequest")) {
goto Rx;
}
$l8 = new SAML2_LogoutRequest($wy);
$FF = get_site_option("mo_saml_sp_entity_id");
if (!empty($FF)) {
goto su;
}
$FF = $tT . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
su:
$Cb = $Uq;
$nh = Utilities::createLogoutResponse($l8->getId(), $FF, $Cb, $RG);
if (empty($RG) || $RG == "HTTP-Redirect") {
goto Ah;
}
$sB = plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "sp-key.key";
$oM = plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "sp-certificate.crt";
$NK = Utilities::signXML($nh, $oM, $sB, "Status");
Utilities::postSAMLResponse($Uq, $NK, $us);
goto yN;
Ah:
$p9 = $Uq;
if (strpos($Uq, "?") !== false) {
goto nW;
}
$p9 .= "?";
goto x7;
nW:
$p9 .= "&";
x7:
$p9 .= "SAMLResponse=" . $nh . "&RelayState=" . urlencode($us);
header("Location: " . $p9);
die;
yN:
Rx:
}
}
function plugin_settings_script_widget()
{
wp_enqueue_script("jquery");
wp_enqueue_script("mo_saml_admin_settings_script_widget", plugins_url("includes/js/settings.js", __FILE__));
}
function plugin_settings_style_widget()
{
wp_enqueue_style("mo_saml_admin_settings_style", plugins_url("includes/css/jquery.ui.css", __FILE__));
}
function mo_login_validate()
{
if (!(isset($_REQUEST["option"]) && $_REQUEST["option"] == "mosaml_metadata")) {
goto E6;
}
miniorange_generate_metadata();
E6:
if (!mo_saml_is_customer_license_verified()) {
goto yJ;
}
if (!(isset($_REQUEST["option"]) && $_REQUEST["option"] == "saml_user_login" || isset($_REQUEST["option"]) && $_REQUEST["option"] == "testConfig")) {
goto lN;
}
if (!(is_user_logged_in() && $_REQUEST["option"] != "testConfig")) {
goto TZ;
}
return;
TZ:
if (!mo_saml_is_sp_configured()) {
goto J5;
}
$tT = get_site_option("mo_saml_sp_base_url");
if (!empty($tT)) {
goto mw;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "/")) {
goto sN;
}
$tT = substr($tT, 0, -1);
sN:
mw:
if ($_REQUEST["option"] == "testConfig") {
goto NM;
}
if (isset($_REQUEST["redirect_to"])) {
goto nv;
}
$uW = saml_get_current_page_url();
goto WY;
nv:
$uW = $_REQUEST["redirect_to"];
WY:
goto ny;
NM:
$uW = "testValidate";
ny:
$mb = get_site_option("saml_login_url");
$U4 = get_site_option("saml_login_binding_type");
$k2 = get_site_option("mo_saml_force_authentication");
$iS = $tT . "/";
$FF = get_site_option("mo_saml_sp_entity_id");
if (!empty($FF)) {
goto lf;
}
$FF = $tT . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
lf:
$Dg = Utilities::createAuthnRequest($iS, $FF, $mb, $k2, $U4);
if (empty($U4) || $U4 == "HTTP-Redirect") {
goto sK;
}
$sB = plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "sp-key.key";
$oM = plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "sp-certificate.crt";
$NK = Utilities::signXML($Dg, $oM, $sB, "NameIDPolicy");
Utilities::postSAMLRequest($mb, $NK, $uW);
goto Sc;
sK:
$Dg = "SAMLRequest=" . $Dg . "&RelayState=" . urlencode($uW) . "&SigAlg=" . urlencode(XMLSecurityKey::RSA_SHA256);
$jk = array("type" => "private");
$M3 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $jk);
$t3 = plugin_dir_path(__FILE__) . "resources" . DIRECTORY_SEPARATOR . "sp-key.key";
$M3->loadKey($t3, TRUE);
$eT = new XMLSecurityDSig();
$Gw = $M3->signData($Dg);
$Gw = base64_encode($Gw);
$p9 = $mb;
if (strpos($mb, "?") !== false) {
goto y0;
}
$p9 .= "?";
goto zN;
y0:
$p9 .= "&";
zN:
$p9 .= $Dg . "&Signature=" . urlencode($Gw);
header("Location: " . $p9);
die;
Sc:
J5:
lN:
if (!(array_key_exists("SAMLResponse", $_REQUEST) && !empty($_REQUEST["SAMLResponse"]))) {
goto S6;
}
$tT = get_site_option("mo_saml_sp_base_url");
if (!empty($tT)) {
goto zY;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "/")) {
goto XW;
}
$tT = substr($tT, 0, -1);
XW:
zY:
$OQ = $_REQUEST["SAMLResponse"];
$us = empty($_REQUEST["RelayState"]) ? '' : $_REQUEST["RelayState"];
$OQ = base64_decode($OQ);
if (!(array_key_exists("SAMLResponse", $_GET) && !empty($_GET["SAMLResponse"]))) {
goto M5;
}
$OQ = gzinflate($OQ);
M5:
$UO = new DOMDocument();
$UO->loadXML($OQ);
$FV = $UO->firstChild;
$pA = $UO->documentElement;
$Mj = new DOMXpath($UO);
$Mj->registerNamespace("samlp", "urn:oasis:names:tc:SAML:2.0:protocol");
$Mj->registerNamespace("saml", "urn:oasis:names:tc:SAML:2.0:assertion");
if ($FV->localName == "LogoutResponse") {
goto rI;
}
$Ct = $Mj->query("/samlp:Response/samlp:Status/samlp:StatusCode", $pA);
$If = isset($Ct) ? $Ct->item(0)->getAttribute("Value") : '';
$Sy = explode(":", $If);
if (!array_key_exists(7, $Sy)) {
goto aY;
}
$Ct = $Sy[7];
aY:
$a9 = $Mj->query("/samlp:Response/samlp:Status/samlp:StatusMessage", $pA);
$nD = isset($a9) ? $a9->item(0) : '';
if (empty($nD)) {
goto vJ;
}
$nD = $nD->nodeValue;
vJ:
if (array_key_exists("RelayState", $_POST) && !empty($_POST["RelayState"]) && $_POST["RelayState"] != "/") {
goto Nh;
}
$d0 = '';
goto oV;
Nh:
$d0 = $_POST["RelayState"];
oV:
if (!($Ct != "Success")) {
goto Ky;
}
show_status_error($Ct, $d0, $nD);
Ky:
$f1 = maybe_unserialize(get_site_option("saml_x509_certificate"));
foreach ($f1 as $M3 => $Vz) {
if (@openssl_x509_read($Vz)) {
goto qp;
}
unset($vv[$M3]);
qp:
bd:
}
TT:
$iS = $tT . "/";
$OQ = new SAML2_Response($FV);
$yt = $OQ->getSignatureData();
$Eo = current($OQ->getAssertions())->getSignatureData();
if (!(empty($Eo) && empty($yt))) {
goto AD;
}
if ($d0 == "testValidate") {
goto WA;
}
wp_die("We could not sign you in. Please contact administrator", "Error: Invalid SAML Response");
goto Gy;
WA:
echo "<div style="font-family:Calibri;padding:0 3%;">
\x9 \x9 <div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>\xa\x9\x9 <div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Unable to find a certificate .</p>\xa \x9 \x9\x9<p>Please contact your administrator and report the following error:</p>\xa\x9\x9\x9 <p><strong>Possible Cause: </strong>No signature found in SAML Response or Assertion. Please sign at least one of them.</p>\xa\xa\x9\x9\x9 </div>\xa\x9\x9 \x9\x9<div style="margin:3%;display:block;text-align:center;">\xa \x9\x9\x9 <form action="index.php">
\x9\x9 \x9\x9\x9\x9\x9<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
die;
Gy:
AD:
if (is_array($f1)) {
goto x0;
}
$vv = XMLSecurityKey::getRawThumbprint($f1);
$vv = iconv("UTF-8", "CP1252//IGNORE", $vv);
$vv = preg_replace("/\s+/", '', $vv);
if (empty($yt)) {
goto uM;
}
$T9 = Utilities::processResponse($iS, $vv, $yt, $OQ, 0, $d0);
uM:
if (empty($Eo)) {
goto hY;
}
$T9 = Utilities::processResponse($iS, $vv, $Eo, $OQ, 0, $d0);
hY:
goto Co;
x0:
foreach ($f1 as $M3 => $Vz) {
$vv = XMLSecurityKey::getRawThumbprint($Vz);
$vv = iconv("UTF-8", "CP1252//IGNORE", $vv);
$vv = preg_replace("/\s+/", '', $vv);
if (empty($yt)) {
goto lt;
}
$T9 = Utilities::processResponse($iS, $vv, $yt, $OQ, $M3, $d0);
lt:
if (empty($Eo)) {
goto k2;
}
$T9 = Utilities::processResponse($iS, $vv, $Eo, $OQ, $M3, $d0);
k2:
if (!$T9) {
goto xP;
}
goto pP;
xP:
Z0:
}
pP:
Co:
if (empty($yt)) {
goto fs;
}
$XF = $yt["Certificates"][0];
goto em;
fs:
$XF = $Eo["Certificates"][0];
em:
if ($T9) {
goto kV;
}
if ($d0 == "testValidate") {
goto GB;
}
wp_die("We could not sign you in. Please contact your Administrator", "Error :Certificate not found");
goto bt;
GB:
$VQ = "-----BEGIN CERTIFICATE-----<br>" . chunk_split($XF, 64) . "<br>-----END CERTIFICATE-----";
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
\x9\x9\x9 \x9<div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong>Unable to find a certificate matching the configured fingerprint.</p>\xa \x9\x9\x9 \x9\x9\x9<p>Please contact your administrator and report the following error:</p>
\x9 \x9 \x9\x9\x9<p><strong>Possible Cause: </strong>'X.509 Certificate' field in plugin does not match the certificate found in SAML Response.</p>\xa\x9 \x9\x9 \x9\x9 <p><strong>Certificate found in SAML Response: </strong><font face="Courier New"><br><br>" . $VQ . "</p></font>\xa \x9</div>
\x9 <div style="margin:3%;display:block;text-align:center;">\xa\x9\x9 \x9\x9\x9\x9 \x9<form action="index.php">\xa\x9\x9\x9\x9\x9 \x9\x9<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
die;
bt:
kV:
$C4 = get_site_option("saml_issuer");
$FF = get_site_option("mo_saml_sp_entity_id");
if (!empty($FF)) {
goto pL;
}
$FF = $tT . "/wp-content/plugins/miniorange-saml-20-single-sign-on/";
pL:
Utilities::validateIssuerAndAudience($OQ, $FF, $C4);
$Aj = current(current($OQ->getAssertions())->getNameId());
$f6 = current($OQ->getAssertions())->getAttributes();
$f6["NameID"] = array("0" => $Aj);
$VA = current($OQ->getAssertions())->getSessionIndex();
mo_saml_checkMapping($f6, $d0, $VA);
goto gd;
rI:
wp_logout();
if (!empty($us)) {
goto zw;
}
$us = $tT;
zw:
header("Location:" . $us);
die;
gd:
S6:
if (!(array_key_exists("SAMLRequest", $_REQUEST) && !empty($_REQUEST["SAMLRequest"]))) {
goto O7;
}
$Dg = $_REQUEST["SAMLRequest"];
$d0 = "/";
if (!array_key_exists("RelayState", $_REQUEST)) {
goto Db;
}
$d0 = $_REQUEST["RelayState"];
Db:
$Dg = base64_decode($Dg);
if (!(array_key_exists("SAMLRequest", $_GET) && !empty($_GET["SAMLRequest"]))) {
goto Au;
}
$Dg = gzinflate($Dg);
Au:
$UO = new DOMDocument();
$UO->loadXML($Dg);
$XS = $UO->firstChild;
if (!($XS->localName == "LogoutRequest")) {
goto sY;
}
$l8 = new SAML2_LogoutRequest($XS);
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto YH;
}
session_start();
YH:
$_SESSION["mo_saml_logout_request"] = $Dg;
$_SESSION["mo_saml_logout_relay_state"] = $d0;
wp_logout();
sY:
O7:
if (!(isset($_REQUEST["option"]) and strpos($_REQUEST["option"], "readsamllogin") !== false)) {
goto NN;
}
require_once dirname(__FILE__) . "/includes/lib/encryption.php";
if (isset($_POST["STATUS"]) && $_POST["STATUS"] == "ERROR") {
goto qs;
}
if (!(isset($_POST["STATUS"]) && $_POST["STATUS"] == "SUCCESS")) {
goto eQ;
}
$Ni = '';
if (!(isset($_REQUEST["redirect_to"]) && !empty($_REQUEST["redirect_to"]) && $_REQUEST["redirect_to"] != "/")) {
goto bX;
}
$Ni = $_REQUEST["redirect_to"];
bX:
delete_site_option("mo_saml_redirect_error_code");
delete_site_option("mo_saml_redirect_error_reason");
try {
$hG = get_site_option("saml_am_email");
$oi = get_site_option("saml_am_username");
$YS = get_site_option("saml_am_first_name");
$R1 = get_site_option("saml_am_last_name");
$hh = get_site_option("saml_am_group_name");
$YQ = get_site_option("saml_am_default_user_role");
$F9 = get_site_option("saml_am_dont_allow_unlisted_user_role");
$aQ = get_site_option("saml_am_account_matcher");
$xv = '';
$d8 = '';
$YS = str_replace(".", "_", $YS);
$YS = str_replace(" ", "_", $YS);
if (!(!empty($YS) && array_key_exists($YS, $_POST))) {
goto RE;
}
$YS = $_POST[$YS];
RE:
$R1 = str_replace(".", "_", $R1);
$R1 = str_replace(" ", "_", $R1);
if (!(!empty($R1) && array_key_exists($R1, $_POST))) {
goto dc;
}
$R1 = $_POST[$R1];
dc:
$oi = str_replace(".", "_", $oi);
$oi = str_replace(" ", "_", $oi);
if (!empty($oi) && array_key_exists($oi, $_POST)) {
goto gx;
}
$d8 = $_POST["NameID"];
goto RP;
gx:
$d8 = $_POST[$oi];
RP:
$xv = str_replace(".", "_", $hG);
$xv = str_replace(" ", "_", $hG);
if (!empty($hG) && array_key_exists($hG, $_POST)) {
goto hC;
}
$xv = $_POST["NameID"];
goto j1;
hC:
$xv = $_POST[$hG];
j1:
$hh = str_replace(".", "_", $hh);
$hh = str_replace(" ", "_", $hh);
if (!(!empty($hh) && array_key_exists($hh, $_POST))) {
goto Di;
}
$hh = $_POST[$hh];
Di:
if (!empty($aQ)) {
goto KQ;
}
$aQ = "email";
KQ:
$M3 = get_site_option("mo_saml_customer_token");
if (!(isset($M3) || trim($M3) != '')) {
goto H_;
}
$ug = AESEncryption::decrypt_data($xv, $M3);
$xv = $ug;
H_:
if (!(!empty($YS) && !empty($M3))) {
goto pq;
}
$Pc = AESEncryption::decrypt_data($YS, $M3);
$YS = $Pc;
pq:
if (!(!empty($R1) && !empty($M3))) {
goto xp;
}
$Fo = AESEncryption::decrypt_data($R1, $M3);
$R1 = $Fo;
xp:
if (!(!empty($d8) && !empty($M3))) {
goto At;
}
$KF = AESEncryption::decrypt_data($d8, $M3);
$d8 = $KF;
At:
if (!(!empty($hh) && !empty($M3))) {
goto NS;
}
$Wm = AESEncryption::decrypt_data($hh, $M3);
$hh = $Wm;
NS:
} catch (Exception $pZ) {
echo sprintf("An error occurred while processing the SAML Response.");
die;
}
$dI = array($hh);
mo_saml_login_user($xv, $YS, $R1, $d8, $dI, $F9, $YQ, $Ni, $aQ);
eQ:
goto YL;
qs:
update_site_option("mo_saml_redirect_error_code", $_POST["ERROR_REASON"]);
update_site_option("mo_saml_redirect_error_reason", $_POST["ERROR_MESSAGE"]);
YL:
NN:
yJ:
}
function mo_saml_checkMapping($f6, $d0, $VA)
{
try {
$hG = get_site_option("saml_am_email");
$oi = get_site_option("saml_am_username");
$YS = get_site_option("saml_am_first_name");
$R1 = get_site_option("saml_am_last_name");
$hh = get_site_option("saml_am_group_name");
$ci = array();
$ci = get_site_option("saml_am_role_mapping");
$aQ = get_site_option("saml_am_account_matcher");
$xv = '';
$d8 = '';
if (empty($f6)) {
goto Y3;
}
if (!empty($YS) && array_key_exists($YS, $f6)) {
goto fR;
}
$YS = '';
goto CK;
fR:
$YS = $f6[$YS][0];
CK:
if (!empty($R1) && array_key_exists($R1, $f6)) {
goto BX;
}
$R1 = '';
goto Rk;
BX:
$R1 = $f6[$R1][0];
Rk:
if (!empty($oi) && array_key_exists($oi, $f6)) {
goto SQ;
}
$d8 = $f6["NameID"][0];
goto av;
SQ:
$d8 = $f6[$oi][0];
av:
if (!empty($hG) && array_key_exists($hG, $f6)) {
goto YK;
}
$xv = $f6["NameID"][0];
goto KK;
YK:
$xv = $f6[$hG][0];
KK:
if (!empty($hh) && array_key_exists($hh, $f6)) {
goto yr;
}
$hh = array();
goto vf;
yr:
$hh = $f6[$hh];
vf:
if (!empty($aQ)) {
goto ze;
}
$aQ = "email";
ze:
Y3:
if ($d0 == "testValidate") {
goto Ca;
}
mo_saml_login_user($xv, $YS, $R1, $d8, $hh, $ci, $d0, $aQ, $VA, $f6["NameID"][0], $f6);
goto sj;
Ca:
mo_saml_show_test_result($YS, $R1, $xv, $hh, $f6);
sj:
} catch (Exception $pZ) {
echo sprintf("An error occurred while processing the SAML Response.");
die;
}
}
function mo_saml_show_test_result($YS, $R1, $xv, $hh, $f6)
{
echo "<div style="font-family:Calibri;padding:0 3%;">";
if (!empty($xv)) {
goto jZ;
}
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;">TEST FAILED</div>
\x9\x9 \x9\x9\x9<div style="color: #a94442;font-size:14pt; margin-bottom:20px;">WARNING: Some Attributes Did Not Match.</div>\xa\x9\x9\x9\x9 \x9<div style="display:block;text-align:center;margin-bottom:4%;"><img style="width:15%;"src="" . plugin_dir_url(__FILE__) . "images/wrong.png"></div>";
goto dy;
jZ:
echo "<div style="color: #3c763d;
\x9\x9\x9 \x9 background-color: #dff0d8; padding:2%;margin-bottom:20px;text-align:center; border:1px solid #AEDB9A; font-size:18pt;">TEST SUCCESSFUL</div>
\x9\x9\x9 \x9 <div style="display:block;text-align:center;margin-bottom:4%;"><img style="width:15%;"src="" . plugin_dir_url(__FILE__) . "images/green_check.png"></div>";
dy:
echo "<span style="font-size:14pt;"><b>Hello</b>, " . $xv . "</span><br/><p style="font-weight:bold;font-size:14pt;margin-left:1%;">ATTRIBUTES RECEIVED:</p>\xa\x9\x9\x9 \x9<table style="border-collapse:collapse;border-spacing:0; display:table;width:100%; font-size:14pt;background-color:#EDEDED;">\xa\x9 \x9\x9 <tr style="text-align:center;"><td style="font-weight:bold;border:2px solid #949090;padding:2%;">ATTRIBUTE NAME</td><td style="font-weight:bold;padding:2%;border:2px solid #949090; word-wrap:break-word;">ATTRIBUTE VALUE</td></tr>";
if (!empty($f6)) {
goto LA;
}
echo "No Attributes Received.";
goto xt;
LA:
foreach ($f6 as $M3 => $Vz) {
echo "<tr><td style='font-weight:bold;border:2px solid #949090;padding:2%;'>" . $M3 . "</td><td style='padding:2%;border:2px solid #949090; word-wrap:break-word;'>" . implode("<hr/>", $Vz) . "</td></tr>";
oB:
}
Wo:
xt:
echo "</table></div>";
echo "<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
die;
}
function mo_saml_login_user($xv, $YS, $R1, $d8, $hh, $ci, $d0, $aQ, $VA = '', $dp = '', $f6 = null)
{
$tT = get_site_option("mo_saml_sp_base_url");
global $wpdb;
$w1 = get_current_blog_id();
$cn = "unchecked";
if (!empty($tT)) {
goto Qi;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "/")) {
goto rg;
}
$tT = substr($tT, 0, -1);
rg:
Qi:
if ($aQ == "username" && username_exists($d8)) {
goto N7;
}
if (email_exists($xv) || username_exists($d8)) {
goto z9;
}
if (!username_exists($d8) && !email_exists($xv)) {
goto Zr;
}
goto RB;
N7:
$user = get_user_by("login", $d8);
$cO = $user->ID;
if (empty($YS)) {
goto pE;
}
$cO = wp_update_user(array("ID" => $cO, "first_name" => $YS));
pE:
if (empty($R1)) {
goto Wk;
}
$cO = wp_update_user(array("ID" => $cO, "last_name" => $R1));
Wk:
if (empty($xv)) {
goto tI;
}
$cO = wp_update_user(array("ID" => $cO, "user_email" => $xv));
tI:
if (!get_site_option("mo_saml_custom_attrs_mapping")) {
goto dJ;
}
$qa = get_site_option("mo_saml_custom_attrs_mapping");
foreach ($qa as $M3 => $Vz) {
if (!array_key_exists($Vz, $f6)) {
goto nu;
}
$OP = $f6[$Vz][0];
update_user_meta($cO, $M3, $OP);
nu:
PZ:
}
TH:
dJ:
$nP = $wpdb->get_col("SELECT blog_id FROM {$wpdb->blogs}");
$ZS = get_site_option("mo_apply_role_mapping_for_sites");
foreach ($nP as $blog_id) {
switch_to_blog($blog_id);
$user = get_user_by("id", $cO);
$yb = '';
if ($ZS) {
goto a7;
}
$yb = $blog_id;
goto rk;
a7:
$yb = 0;
rk:
if (empty($ci)) {
goto Uh;
}
if (!empty($ci[$yb])) {
goto nq;
}
if (empty($ci["DEFAULT"])) {
goto GJ;
}
$YQ = $ci["DEFAULT"]["default_role"];
$F9 = $ci["DEFAULT"]["dont_allow_unlisted_user"];
$cn = $ci["DEFAULT"]["dont_create_user"];
$uM = $ci["DEFAULT"]["keep_existing_users_role"];
GJ:
goto jC;
nq:
$YQ = $ci[$yb]["default_role"];
$F9 = $ci[$yb]["dont_allow_unlisted_user"];
$cn = $ci[$yb]["dont_create_user"];
$uM = array_key_exists("keep_existing_users_role", $ci[$yb]) ? $ci[$yb]["keep_existing_users_role"] : '';
jC:
Uh:
if (!is_user_member_of_blog($cO, $blog_id)) {
goto rR;
}
if (isset($uM) && $uM == "checked") {
goto di;
}
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
goto X_;
di:
$Xp = false;
X_:
if (!(!is_administrator_user($user) && !empty($cn) && $cn == "unchecked")) {
goto mI;
}
if (isset($uM) && $uM == "checked") {
goto zM;
}
if ($Xp !== true && !empty($F9) && $F9 == "checked") {
goto FM;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "false") {
goto cx;
}
if ($Xp !== true && is_user_member_of_blog($cO, $blog_id)) {
goto A4;
}
goto gi;
zM:
goto gi;
FM:
$cO = wp_update_user(array("ID" => $cO, "role" => false));
goto gi;
cx:
$cO = wp_update_user(array("ID" => $cO, "role" => $YQ));
goto gi;
A4:
$lD = get_option("default_role");
$cO = wp_update_user(array("ID" => $cO, "role" => $lD));
gi:
mI:
goto my;
rR:
$Ap = TRUE;
if (empty($ci)) {
goto rM;
}
if (array_key_exists($yb, $ci)) {
goto q3;
}
if (!array_key_exists("DEFAULT", $ci)) {
goto e5;
}
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci["DEFAULT"]["dont_create_user"], "checked") == 0)) {
goto OB;
}
$Ap = FALSE;
OB:
e5:
goto ml;
q3:
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci[$yb]["dont_create_user"], "checked") == 0)) {
goto SB;
}
$Ap = FALSE;
SB:
ml:
rM:
$UF = get_site_option("enable_saml_sso_for_sites");
if (!(!empty($UF) && !in_array($blog_id, $UF))) {
goto gC;
}
$Ap = FALSE;
gC:
if (!$Ap) {
goto E0;
}
add_user_to_blog($blog_id, $cO, false);
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
if ($Xp !== true && !empty($F9) && $F9 == "checked") {
goto pg;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "false") {
goto m4;
}
if ($Xp !== true) {
goto rA;
}
goto wv;
pg:
$cO = wp_update_user(array("ID" => $cO, "role" => false));
goto wv;
m4:
$cO = wp_update_user(array("ID" => $cO, "role" => $YQ));
goto wv;
rA:
$lD = get_option("default_role");
$cO = wp_update_user(array("ID" => $cO, "role" => $lD));
wv:
E0:
my:
zW:
}
d7:
switch_to_blog($w1);
if (is_null($f6)) {
goto eg;
}
update_user_meta($cO, "mo_saml_user_attributes", $f6);
$W4 = get_site_option("saml_am_display_name");
if (empty($W4)) {
goto QM;
}
if (strcmp($W4, "USERNAME") == 0) {
goto ZP;
}
if (strcmp($W4, "FNAME") == 0 && !empty($YS)) {
goto Jj;
}
if (strcmp($W4, "LNAME") == 0 && !empty($R1)) {
goto nR;
}
if (strcmp($W4, "FNAME_LNAME") == 0 && !empty($R1) && !empty($YS)) {
goto wN;
}
if (!(strcmp($W4, "LNAME_FNAME") == 0 && !empty($R1) && !empty($YS))) {
goto oz;
}
$cO = wp_update_user(array("ID" => $cO, "display_name" => $R1 . " " . $YS));
oz:
goto nZ;
wN:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $YS . " " . $R1));
nZ:
goto F_;
nR:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $R1));
F_:
goto ST;
Jj:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $YS));
ST:
goto Xt;
ZP:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $user->user_login));
Xt:
QM:
eg:
wp_set_current_user($cO);
wp_set_auth_cookie($cO, true);
if (empty($VA)) {
goto R2;
}
update_user_meta($cO, "mo_saml_session_index", $VA);
R2:
if (empty($dp)) {
goto QQ;
}
update_user_meta($cO, "mo_saml_name_id", $dp);
QQ:
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto KD;
}
session_start();
KD:
$_SESSION["mo_saml"]["logged_in_with_idp"] = TRUE;
$Dp = get_site_option("mo_saml_relay_state");
if (!empty($Dp)) {
goto lr;
}
if (!empty($d0)) {
goto TU;
}
wp_redirect($tT);
goto H6;
lr:
wp_redirect($Dp);
goto H6;
TU:
wp_redirect($d0);
H6:
die;
goto RB;
z9:
if (email_exists($xv)) {
goto jU;
}
$user = get_user_by("login", $d8);
goto DQ;
jU:
$user = get_user_by("email", $xv);
DQ:
$cO = $user->ID;
if (empty($YS)) {
goto SZ;
}
$cO = wp_update_user(array("ID" => $cO, "first_name" => $YS));
SZ:
if (empty($R1)) {
goto ie;
}
$cO = wp_update_user(array("ID" => $cO, "last_name" => $R1));
ie:
if (!get_site_option("mo_saml_custom_attrs_mapping")) {
goto NH;
}
$qa = get_site_option("mo_saml_custom_attrs_mapping");
foreach ($qa as $M3 => $Vz) {
if (!array_key_exists($Vz, $f6)) {
goto Pv;
}
$OP = $f6[$Vz][0];
update_user_meta($cO, $M3, $OP);
Pv:
Tp:
}
pf:
NH:
$nP = $wpdb->get_col("SELECT blog_id FROM {$wpdb->blogs}");
$ZS = get_site_option("mo_apply_role_mapping_for_sites");
foreach ($nP as $blog_id) {
switch_to_blog($blog_id);
$user = get_user_by("id", $cO);
$yb = '';
if ($ZS) {
goto cQ;
}
$yb = $blog_id;
goto Va;
cQ:
$yb = 0;
Va:
if (empty($ci)) {
goto mp;
}
if (!empty($ci[$yb])) {
goto X0;
}
if (empty($ci["DEFAULT"])) {
goto Pt;
}
$YQ = $ci["DEFAULT"]["default_role"];
$F9 = $ci["DEFAULT"]["dont_allow_unlisted_user"];
$cn = $ci["DEFAULT"]["dont_create_user"];
$uM = $ci["DEFAULT"]["keep_existing_users_role"];
Pt:
goto Dj;
X0:
$YQ = $ci[$yb]["default_role"];
$F9 = $ci[$yb]["dont_allow_unlisted_user"];
$cn = $ci[$yb]["dont_create_user"];
$uM = array_key_exists("keep_existing_users_role", $ci[$yb]) ? $ci[$yb]["keep_existing_users_role"] : '';
Dj:
mp:
if (!is_user_member_of_blog($cO, $blog_id)) {
goto oK;
}
if (isset($uM) && $uM == "checked") {
goto ja;
}
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
goto DL;
ja:
$Xp = false;
DL:
if (!(!is_administrator_user($user) && !empty($cn) && $cn == "unchecked")) {
goto nk;
}
if (isset($uM) && $uM == "checked") {
goto sx;
}
if ($Xp !== true && !empty($F9) && $F9 == "checked") {
goto Sr;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "false") {
goto hn;
}
if ($Xp !== true && is_user_member_of_blog($cO, $blog_id)) {
goto ET;
}
goto Uw;
sx:
goto Uw;
Sr:
$cO = wp_update_user(array("ID" => $cO, "role" => false));
goto Uw;
hn:
$cO = wp_update_user(array("ID" => $cO, "role" => $YQ));
goto Uw;
ET:
$lD = get_option("default_role");
$cO = wp_update_user(array("ID" => $cO, "role" => $lD));
Uw:
nk:
goto ID;
oK:
$Ap = TRUE;
if (empty($ci)) {
goto X2;
}
if (array_key_exists($yb, $ci)) {
goto Jf;
}
if (!array_key_exists("DEFAULT", $ci)) {
goto tB;
}
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci["DEFAULT"]["dont_create_user"], "checked") == 0)) {
goto yK;
}
$Ap = FALSE;
yK:
tB:
goto gZ;
Jf:
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci[$yb]["dont_create_user"], "checked") == 0)) {
goto DD;
}
$Ap = FALSE;
DD:
gZ:
X2:
$UF = get_site_option("enable_saml_sso_for_sites");
if (!(!empty($UF) && !in_array($blog_id, $UF))) {
goto dM;
}
$Ap = FALSE;
dM:
if (!$Ap) {
goto ob;
}
add_user_to_blog($blog_id, $cO, false);
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
if ($Xp !== true && !empty($F9) && $F9 == "checked") {
goto pl;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "false") {
goto N8;
}
if ($Xp !== true) {
goto Lm;
}
goto ZH;
pl:
$cO = wp_update_user(array("ID" => $cO, "role" => false));
goto ZH;
N8:
$cO = wp_update_user(array("ID" => $cO, "role" => $YQ));
goto ZH;
Lm:
$lD = get_option("default_role");
$cO = wp_update_user(array("ID" => $cO, "role" => $lD));
ZH:
ob:
ID:
gr:
}
Pw:
switch_to_blog($w1);
if (is_null($f6)) {
goto dB;
}
update_user_meta($cO, "mo_saml_user_attributes", $f6);
$W4 = get_site_option("saml_am_display_name");
if (empty($W4)) {
goto LY;
}
if (strcmp($W4, "USERNAME") == 0) {
goto bU;
}
if (strcmp($W4, "FNAME") == 0 && !empty($YS)) {
goto IO;
}
if (strcmp($W4, "LNAME") == 0 && !empty($R1)) {
goto mP;
}
if (strcmp($W4, "FNAME_LNAME") == 0 && !empty($R1) && !empty($YS)) {
goto K9;
}
if (!(strcmp($W4, "LNAME_FNAME") == 0 && !empty($R1) && !empty($YS))) {
goto Vv;
}
$cO = wp_update_user(array("ID" => $cO, "display_name" => $R1 . " " . $YS));
Vv:
goto Aq;
K9:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $YS . " " . $R1));
Aq:
goto Jl;
mP:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $R1));
Jl:
goto ZM;
IO:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $YS));
ZM:
goto iC;
bU:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $user->user_login));
iC:
LY:
dB:
wp_set_current_user($cO);
wp_set_auth_cookie($cO, true);
if (empty($VA)) {
goto a5;
}
update_user_meta($cO, "mo_saml_session_index", $VA);
a5:
if (empty($dp)) {
goto eb;
}
update_user_meta($cO, "mo_saml_name_id", $dp);
eb:
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto n9;
}
session_start();
n9:
$_SESSION["mo_saml"]["logged_in_with_idp"] = TRUE;
$Dp = get_site_option("mo_saml_relay_state");
if (!empty($Dp)) {
goto VT;
}
if (!empty($d0)) {
goto sD;
}
wp_redirect($tT);
goto xU;
VT:
wp_redirect($Dp);
goto xU;
sD:
wp_redirect($d0);
xU:
die;
goto RB;
Zr:
$wK = NULL;
$nP = $wpdb->get_col("SELECT blog_id FROM {$wpdb->blogs}");
$ZS = get_site_option("mo_apply_role_mapping_for_sites");
foreach ($nP as $blog_id) {
$qV = TRUE;
$yb = '';
if ($ZS) {
goto A_;
}
$yb = $blog_id;
goto Ev;
A_:
$yb = 0;
Ev:
if (empty($ci)) {
goto LH;
}
if (!empty($ci[$yb])) {
goto zQ;
}
if (empty($ci["DEFAULT"])) {
goto aW;
}
$YQ = $ci["DEFAULT"]["default_role"];
$F9 = $ci["DEFAULT"]["dont_allow_unlisted_user"];
$uM = $ci["DEFAULT"]["keep_existing_users_role"];
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci["DEFAULT"]["dont_create_user"], "checked") == 0)) {
goto Ar;
}
$qV = FALSE;
Ar:
aW:
goto oE;
zQ:
$YQ = $ci[$yb]["default_role"];
$F9 = $ci[$yb]["dont_allow_unlisted_user"];
$uM = array_key_exists("keep_existing_users_role", $ci[$yb]) ? $ci[$yb]["keep_existing_users_role"] : '';
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci[$yb]["dont_create_user"], "checked") == 0)) {
goto GT;
}
$qV = FALSE;
GT:
oE:
LH:
$UF = get_site_option("enable_saml_sso_for_sites");
if (!(!empty($UF) && !in_array($blog_id, $UF))) {
goto Zb;
}
$qV = FALSE;
Zb:
if (!$qV) {
goto tE;
}
$cO = NULL;
switch_to_blog($blog_id);
if (email_exists($xv)) {
goto s3;
}
$t7 = wp_generate_password(10, false);
if (!empty($d8)) {
goto Z4;
}
if (username_exists($xv)) {
goto tZ;
}
$cO = wp_create_user($xv, $t7, $xv);
goto MV;
tZ:
$user = get_user_by("login", $xv);
$cO = $user->ID;
add_user_to_blog($blog_id, $cO, false);
MV:
if (!is_wp_error($cO)) {
goto bh;
}
echo "<strong>ERROR</strong>: Empty User Name and Email. Please contact your administrator.";
die;
bh:
goto v0;
Z4:
if (username_exists($d8)) {
goto Be;
}
$cO = wp_create_user($d8, $t7, $xv);
goto q_;
Be:
$user = get_user_by("login", $d8);
$cO = $user->ID;
add_user_to_blog($blog_id, $cO, false);
q_:
if (!is_wp_error($cO)) {
goto Gs;
}
echo "<strong>ERROR</strong>: Empty User Name and Email. Please contact your administrator.";
die;
Gs:
v0:
goto Cq;
s3:
$user = get_user_by("email", $xv);
$cO = $user->ID;
add_user_to_blog($blog_id, $cO, false);
Cq:
$user = get_user_by("id", $cO);
$wK = $user;
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
if ($Xp !== true && !empty($F9) && $F9 == "checked") {
goto nL;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "false") {
goto o7;
}
if ($Xp !== true) {
goto XC;
}
goto Yf;
nL:
$cO = wp_update_user(array("ID" => $cO, "role" => false));
goto Yf;
o7:
$cO = wp_update_user(array("ID" => $cO, "role" => $YQ));
goto Yf;
XC:
$lD = get_option("default_role");
$cO = wp_update_user(array("ID" => $cO, "role" => $lD));
Yf:
$su = $user->{$wpdb->prefix . "capabilities"};
if (isset($hE)) {
goto Gx;
}
$hE = new WP_Roles();
Gx:
if (empty($YS)) {
goto GQ;
}
$cO = wp_update_user(array("ID" => $cO, "first_name" => $YS));
GQ:
if (empty($R1)) {
goto E4;
}
$cO = wp_update_user(array("ID" => $cO, "last_name" => $R1));
E4:
if (is_null($f6)) {
goto OZ;
}
update_user_meta($cO, "mo_saml_user_attributes", $f6);
$W4 = get_site_option("saml_am_display_name");
if (empty($W4)) {
goto Ce;
}
if (strcmp($W4, "USERNAME") == 0) {
goto i4;
}
if (strcmp($W4, "FNAME") == 0 && !empty($YS)) {
goto Mt;
}
if (strcmp($W4, "LNAME") == 0 && !empty($R1)) {
goto GP;
}
if (strcmp($W4, "FNAME_LNAME") == 0 && !empty($R1) && !empty($YS)) {
goto y8;
}
if (!(strcmp($W4, "LNAME_FNAME") == 0 && !empty($R1) && !empty($YS))) {
goto yz;
}
$cO = wp_update_user(array("ID" => $cO, "display_name" => $R1 . " " . $YS));
yz:
goto KH;
y8:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $YS . " " . $R1));
KH:
goto at;
GP:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $R1));
at:
goto e2;
Mt:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $YS));
e2:
goto V5;
i4:
$cO = wp_update_user(array("ID" => $cO, "display_name" => $user->user_login));
V5:
Ce:
OZ:
tE:
Ds:
}
IN:
switch_to_blog($w1);
if ($wK !== NULL) {
goto r0;
}
wp_die("We could not sign you in. Please contact administrator", "Login Failed!");
goto uC;
r0:
$cO = $wK->ID;
wp_set_current_user($cO);
wp_set_auth_cookie($cO, true);
if (empty($VA)) {
goto hE;
}
update_user_meta($cO, "mo_saml_session_index", $VA);
hE:
if (empty($dp)) {
goto wh;
}
update_user_meta($cO, "mo_saml_name_id", $dp);
wh:
if (!get_site_option("mo_saml_custom_attrs_mapping")) {
goto ui;
}
$qa = get_site_option("mo_saml_custom_attrs_mapping");
foreach ($qa as $M3 => $Vz) {
if (!array_key_exists($Vz, $f6)) {
goto pG;
}
$OP = $f6[$Vz][0];
update_user_meta($cO, $M3, $OP);
pG:
JH:
}
Zp:
ui:
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto l8;
}
session_start();
l8:
$_SESSION["mo_saml"]["logged_in_with_idp"] = TRUE;
uC:
$Dp = get_site_option("mo_saml_relay_state");
if (!empty($Dp)) {
goto xu;
}
if (!empty($d0)) {
goto T3;
}
wp_redirect($tT);
goto jK;
xu:
wp_redirect($Dp);
goto jK;
T3:
wp_redirect($d0);
jK:
die;
RB:
}
function check_if_user_allowed_to_login($user, $tT)
{
$cO = $user->ID;
global $wpdb;
if (get_user_meta($cO, "mo_saml_user_type", true)) {
goto ib;
}
if (get_site_option("mo_saml_usr_lmt")) {
goto dp;
}
update_user_meta($cO, "mo_saml_user_type", "sso_user");
goto g4;
dp:
$M3 = get_site_option("mo_saml_customer_token");
$D7 = AESEncryption::decrypt_data(get_site_option("mo_saml_usr_lmt"), $M3);
$lm = "SELECT COUNT(*) FROM " . $wpdb->prefix . "usermeta WHERE meta_key='mo_saml_user_type'";
$Wt = $wpdb->get_var($lm);
if ($Wt >= $D7) {
goto Pl;
}
update_user_meta($cO, "mo_saml_user_type", "sso_user");
goto Z_;
Pl:
if (get_site_option("user_alert_email_sent")) {
goto Sq;
}
$kh = new Customersaml();
$kh->mo_saml_send_user_exceeded_alert_email($D7);
Sq:
if (is_administrator_user($user)) {
goto Ag;
}
wp_redirect($tT);
die;
goto UJ;
Ag:
update_user_meta($cO, "mo_saml_user_type", "sso_user");
UJ:
Z_:
g4:
ib:
}
function assign_roles_to_user($user, $ci, $blog_id, $hh, $yb)
{
$Xp = false;
if (!(!empty($hh) && !empty($ci) && !is_administrator_user($user) && !is_super_admin($user->ID) && is_user_member_of_blog($user->ID, $blog_id))) {
goto BH;
}
if (!empty($ci[$yb])) {
goto nr;
}
if (empty($ci["DEFAULT"])) {
goto mo;
}
$user->set_role(false);
$U3 = '';
$nr = false;
unset($ci["DEFAULT"]["default_role"]);
unset($ci["DEFAULT"]["dont_create_user"]);
unset($ci["DEFAULT"]["dont_allow_unlisted_user"]);
foreach ($ci["DEFAULT"] as $ag => $xf) {
$Po = explode(";", $xf);
foreach ($Po as $Ue) {
if (!in_array($Ue, $hh)) {
goto MC;
}
$Xp = true;
$user->add_role($ag);
MC:
ha:
}
b_:
Xh:
}
Rl:
mo:
goto hr;
nr:
$user->set_role(false);
$U3 = '';
$nr = false;
unset($ci[$yb]["default_role"]);
unset($ci[$yb]["dont_create_user"]);
unset($ci[$yb]["dont_allow_unlisted_user"]);
foreach ($ci[$yb] as $ag => $xf) {
$Po = explode(";", $xf);
foreach ($Po as $Ue) {
if (!in_array($Ue, $hh)) {
goto NK;
}
$Xp = true;
$user->add_role($ag);
NK:
af:
}
iF1:
zg:
}
TX:
hr:
BH:
$gW = get_site_option("mo_saml_super_admin_role_mapping");
$t_ = explode(";", $gW);
if (!(!empty($hh) && !empty($t_))) {
goto s5;
}
foreach ($t_ as $Ue) {
if (!in_array($Ue, $hh)) {
goto wK;
}
grant_super_admin($user->ID);
wK:
i0:
}
Ru:
s5:
return $Xp;
}
function get_saml_roles_to_assign($ci, $blog_id, $hh)
{
$Ml = array();
if (!(!empty($hh) && !empty($ci))) {
goto N0;
}
if (!empty($ci[$blog_id])) {
goto nQ;
}
if (empty($ci["DEFAULT"])) {
goto DJ;
}
unset($ci["DEFAULT"]["default_role"]);
unset($ci["DEFAULT"]["dont_create_user"]);
unset($ci["DEFAULT"]["dont_allow_unlisted_user"]);
foreach ($ci["DEFAULT"] as $ag => $xf) {
$Po = explode(";", $xf);
foreach ($Po as $Ue) {
if (!in_array($Ue, $hh)) {
goto OI;
}
array_push($Ml, $ag);
OI:
A9:
}
Wm:
RV:
}
ra:
DJ:
goto MM;
nQ:
unset($ci[$blog_id]["default_role"]);
unset($ci[$blog_id]["dont_create_user"]);
unset($ci[$blog_id]["dont_allow_unlisted_user"]);
foreach ($ci[$blog_id] as $ag => $xf) {
$Po = explode(";", $xf);
foreach ($Po as $Ue) {
if (!in_array($Ue, $hh)) {
goto BD;
}
array_push($Ml, $ag);
BD:
l1:
}
KP:
Hi:
}
HC:
MM:
N0:
return $Ml;
}
function is_administrator_user($user)
{
$Zz = $user->roles;
if (!is_null($Zz) && in_array("administrator", $Zz)) {
goto io;
}
return false;
goto Lr;
io:
return true;
Lr:
}
function mo_saml_is_customer_registered()
{
$y9 = get_site_option("mo_saml_admin_email");
$Tm = get_site_option("mo_saml_admin_customer_key");
if (!$y9 || !$Tm || !is_numeric(trim($Tm))) {
goto Po;
}
return 1;
goto GA;
Po:
return 0;
GA:
}
function mo_saml_is_customer_license_verified()
{
$M3 = get_site_option("mo_saml_customer_token");
$It = AESEncryption::decrypt_data(get_site_option("t_site_status"), $M3);
$cI = get_site_option("sml_lk");
$y9 = get_site_option("mo_saml_admin_email");
$Tm = get_site_option("mo_saml_admin_customer_key");
$Bx = AESEncryption::decrypt_data(get_site_option("no_sbs"), $M3);
$jF = false;
if (!get_site_option("no_sbs")) {
goto Ga;
}
$dD = Utilities::get_sites();
$jF = $Bx < count($dD);
Ga:
if ($It != "true" && !$cI || !$y9 || !$Tm || !is_numeric(trim($Tm)) || $jF) {
goto Hq;
}
return 1;
goto sS;
Hq:
return 0;
sS:
}
function show_status_error($xB, $d0)
{
$xB = strip_tags($xB);
$d0 = strip_tags($d0);
if ($d0 == "testValidate") {
goto o5;
}
wp_die("We could not sign you in. Please contact your Administrator.", "Error: Invalid SAML Response Status");
goto K2;
o5:
echo "<div style="font-family:Calibri;padding:0 3%;">";
echo "<div style="color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;"> ERROR</div>
\x9\x9 \x9\x9\x9 <div style="color: #a94442;font-size:14pt; margin-bottom:20px;"><p><strong>Error: </strong> Invalid SAML Response Status.</p>
\x9 \x9 <p><strong>Causes</strong>: Identity Provider has sent '" . $xB . "' status code in SAML Response. </p>
\x9 \x9 \x9 \x9 <p><strong>Reason</strong>: " . get_status_message($xB) . "</p><br>";
if (empty($Jv)) {
goto w1;
}
echo "<p><strong>Status Message in the SAML Response:</strong> <br/>" . $Jv . "</p><br>";
w1:
echo "\xa \x9\x9 \x9 </div>
\xa\x9 \x9 \x9 <div style="margin:3%;display:block;text-align:center;">\xa\x9 \x9\x9\x9 \x9\x9<div style="margin:3%;display:block;text-align:center;"><input style="padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;"type="button" value="Done" onClick="self.close();"></div>";
die;
K2:
}
function get_status_message($xB)
{
switch ($xB) {
case "Requester":
return "The request could not be performed due to an error on the part of the requester.";
goto gD;
case "Responder":
return "The request could not be performed due to an error on the part of the SAML responder or SAML authority.";
goto gD;
case "VersionMismatch":
return "The SAML responder could not process the request because the version of the request message was incorrect.";
goto gD;
default:
return "Unknown";
}
bA:
gD:
}
function saml_get_current_page_url()
{
$Mx = $_SERVER["HTTP_HOST"];
if (!(substr($Mx, -1) == "/")) {
goto rF;
}
$Mx = substr($Mx, 0, -1);
rF:
$lw = $_SERVER["REQUEST_URI"];
if (!(substr($lw, 0, 1) == "/")) {
goto py;
}
$lw = substr($lw, 1);
py:
$QR = isset($_SERVER["HTTPS"]) && strcasecmp($_SERVER["HTTPS"], "on") == 0;
$us = "http" . ($QR ? "s" : '') . "://" . $Mx . "/" . $lw;
return $us;
}
add_action("widgets_init", function () {
register_widget("mo_login_wid");
});
add_action("wp_enqueue_scripts", "plugin_settings_style_widget");
add_action("wp_enqueue_scripts", "plugin_settings_script_widget");
add_action("init", "mo_login_validate");
?>
Did this file decode correctly?
Original Code
<?php
include_once dirname(__FILE__) . "\x2f\x55\164\x69\154\151\x74\151\145\x73\56\160\x68\160";
include_once dirname(__FILE__) . "\57\122\145\163\x70\157\156\x73\145\56\160\150\160";
include_once dirname(__FILE__) . "\57\114\157\x67\157\165\164\122\x65\x71\x75\x65\163\x74\56\160\x68\160";
require_once dirname(__FILE__) . "\57\151\x6e\143\154\165\144\x65\x73\57\154\x69\x62\57\145\156\x63\x72\171\x70\164\151\157\x6e\56\x70\x68\x70";
class mo_login_wid extends WP_Widget
{
public function __construct()
{
$z3 = get_site_option("\163\x61\155\x6c\x5f\151\x64\x65\x6e\164\x69\x74\x79\137\x6e\x61\x6d\x65");
parent::__construct("\123\x61\155\154\x5f\114\x6f\x67\x69\156\x5f\x57\151\144\x67\145\164", "\114\x6f\x67\151\156\x20\x77\x69\x74\x68\x20" . $z3, array("\144\x65\163\x63\162\x69\160\x74\x69\157\x6e" => __("\124\x68\x69\163\40\x69\x73\40\141\40\x6d\x69\x6e\151\117\x72\141\156\x67\145\40\123\101\x4d\114\x20\x6c\157\x67\151\156\40\167\x69\144\147\x65\x74\x2e", "\155\x6f\x73\141\x6d\154"), "\x63\x75\x73\x74\157\155\x69\x7a\x65\137\163\145\x6c\x65\x63\x74\151\166\145\137\162\145\146\x72\145\x73\x68" => true));
}
public function widget($hp, $WK)
{
extract($hp);
$DQ = apply_filters("\167\151\x64\x67\x65\x74\x5f\x74\x69\164\x6c\x65", $WK["\x77\151\144\x5f\164\151\164\x6c\x65"]);
echo $hp["\142\x65\146\x6f\x72\145\137\x77\x69\144\147\x65\164"];
if (empty($DQ)) {
goto kQ;
}
echo $hp["\142\145\146\x6f\x72\x65\x5f\x74\151\x74\x6c\145"] . $DQ . $hp["\x61\x66\164\x65\x72\x5f\164\x69\164\x6c\145"];
kQ:
$this->loginForm();
echo $hp["\141\x66\x74\x65\x72\137\x77\x69\x64\147\x65\164"];
}
public function update($Mf, $Gt)
{
$WK = array();
$WK["\167\151\x64\137\x74\x69\164\154\x65"] = strip_tags($Mf["\x77\x69\144\x5f\164\151\164\x6c\145"]);
return $WK;
}
public function form($WK)
{
$DQ = '';
if (!array_key_exists("\167\x69\144\x5f\164\x69\164\154\x65", $WK)) {
goto L_;
}
$DQ = $WK["\x77\151\x64\137\164\151\x74\154\x65"];
L_:
echo "\xa\x9\x9\x3c\160\x3e\x3c\154\141\x62\x65\154\x20\x66\157\x72\x3d\42" . $this->get_field_id("\x77\x69\144\137\x74\151\164\x6c\145") . "\x20\x22\76" . _e("\124\x69\164\x6c\x65\72") . "\40\74\x2f\x6c\141\142\x65\x6c\x3e\xa\11\x9\11\x3c\x69\x6e\x70\165\x74\x20\143\x6c\x61\163\163\75\42\x77\x69\x64\145\146\141\x74\x22\40\151\144\x3d\x22" . $this->get_field_id("\x77\151\x64\x5f\164\x69\164\x6c\145") . "\x22\40\156\x61\155\x65\75\42" . $this->get_field_name("\167\x69\x64\x5f\x74\151\164\x6c\x65") . "\x22\x20\164\x79\x70\x65\x3d\42\164\145\x78\x74\42\40\166\x61\x6c\x75\x65\x3d\x22" . $DQ . "\x22\40\x2f\76\xa\x9\11\74\57\x70\76";
}
public function loginForm()
{
global $ig;
if (!is_user_logged_in()) {
goto b0;
}
$current_user = wp_get_current_user();
$dG = "\x48\145\x6c\x6c\157\54" . $current_user->display_name;
echo $dG . "\40\x7c\40\74\x61\40\150\x72\145\x66\x3d\42" . wp_logout_url(site_url()) . "\x22\40\x74\151\164\x6c\x65\x3d\x22\154\157\x67\157\x75\x74\x22\40\76\x4c\157\x67\x6f\165\x74\x3c\x2f\x61\x3e\x3c\57\154\151\x3e";
goto kO;
b0:
echo "\xa\11\x9\11\x3c\163\143\162\151\x70\164\76\xa\x9\11\x9\11\146\x75\156\143\x74\x69\x6f\x6e\x20\x73\x75\x62\155\x69\x74\x53\141\155\154\106\157\162\x6d\50\x29\x7b\40\x64\157\x63\x75\155\x65\156\x74\56\147\x65\x74\105\154\x65\155\145\x6e\x74\102\x79\111\144\x28\42\154\x6f\x67\x69\156\42\x29\x2e\163\165\x62\155\151\164\50\x29\x3b\40\x7d\12\11\x9\11\74\x2f\x73\x63\x72\151\x70\164\x3e\xa\11\11\11\x3c\x66\157\162\155\x20\156\x61\x6d\145\x3d\42\154\x6f\x67\151\156\x22\40\x69\144\75\42\154\x6f\x67\151\x6e\42\x20\x6d\x65\164\150\x6f\144\75\42\160\x6f\x73\x74\42\x20\141\143\x74\x69\x6f\156\75\x22\42\x3e\xa\11\x9\11\11\x3c\151\156\x70\165\164\x20\x74\171\x70\145\x3d\42\x68\x69\x64\x64\x65\x6e\x22\40\156\x61\x6d\145\x3d\42\157\x70\164\151\x6f\156\42\x20\166\141\154\165\x65\75\x22\x73\x61\155\x6c\x5f\x75\163\145\162\137\154\x6f\147\x69\x6e\42\x20\57\x3e\xa\xa\11\x9\x9\x9\74\x66\157\x6e\x74\40\x73\151\172\x65\x3d\42\53\61\x22\x20\x73\164\171\x6c\x65\x3d\42\166\145\x72\x74\151\x63\141\154\x2d\141\154\x69\147\x6e\72\x74\157\x70\73\x22\x3e\40\x3c\57\x66\x6f\156\164\x3e";
$Ry = get_site_option("\x73\141\x6d\154\137\151\144\x65\156\164\x69\164\171\137\x6e\x61\x6d\x65");
$RC = get_site_option("\163\x61\x6d\x6c\137\170\65\x30\71\x5f\x63\x65\162\x74\x69\x66\151\x63\141\164\x65");
if (!empty($Ry) && !empty($RC)) {
goto eL;
}
echo "\120\154\x65\141\x73\x65\x20\143\157\x6e\146\x69\147\x75\x72\145\x20\x74\x68\145\x20\155\x69\156\151\x4f\x72\x61\x6e\x67\x65\40\x53\x41\115\114\40\x50\x6c\165\147\151\156\x20\146\x69\162\x73\x74\x2e";
goto aX;
eL:
if (get_site_option("\x6d\157\x5f\163\x61\x6d\154\x5f\145\x6e\x61\142\154\x65\137\x63\154\x6f\165\144\137\142\x72\157\153\145\x72") == "\x66\141\154\x73\x65") {
goto Hv;
}
echo "\74\141\40\150\162\145\x66\x3d\42" . get_site_option("\155\x6f\137\163\x61\155\x6c\137\x68\x6f\x73\x74\137\156\x61\x6d\x65") . "\57\155\x6f\x61\x73\57\x72\x65\163\164\57\163\141\155\x6c\x2f\162\x65\161\x75\145\163\x74\x3f\151\144\75" . get_site_option("\x6d\x6f\137\163\141\155\x6c\137\x61\x64\155\x69\156\x5f\x63\x75\x73\x74\157\155\145\162\x5f\x6b\x65\x79") . "\x26\x72\145\164\165\162\156\165\x72\x6c\75\x20" . urlencode(site_url() . "\x2f\77\157\160\164\x69\x6f\156\75\162\145\x61\144\163\141\x6d\154\x6c\x6f\147\x69\x6e") . "\42\x3e\114\157\x67\x69\156\x20\167\x69\164\150\40" . $Ry . "\74\57\141\x3e";
goto au;
Hv:
echo "\x3c\x61\x20\150\x72\x65\146\x3d\x22\x23\42\40\157\156\103\x6c\151\x63\x6b\x3d\42\163\x75\x62\x6d\151\164\123\x61\x6d\154\x46\157\162\x6d\x28\51\42\76\x4c\x6f\147\151\x6e\x20\x77\x69\164\x68\x20" . $Ry . "\x3c\x2f\x61\x3e\74\x2f\x66\x6f\x72\x6d\x3e";
au:
aX:
if ($this->mo_saml_check_empty_or_null_val(get_site_option("\x6d\x6f\137\163\x61\x6d\x6c\x5f\162\145\x64\151\162\145\143\x74\137\x65\x72\162\157\x72\x5f\x63\157\x64\145"))) {
goto mq;
}
echo "\x3c\144\x69\166\x3e\74\x2f\144\x69\x76\x3e\74\x64\151\x76\x20\164\151\164\x6c\145\75\42\x4c\157\147\x69\156\x20\105\162\x72\157\162\x22\x3e\x3c\x66\x6f\156\x74\40\x63\157\154\157\x72\75\x22\x72\x65\144\x22\x3e\127\x65\x20\x63\157\x75\154\x64\40\x6e\157\x74\x20\x73\151\x67\156\x20\171\157\165\40\151\x6e\x2e\40\120\154\x65\x61\x73\145\x20\x63\157\x6e\164\x61\143\x74\x20\171\x6f\165\162\40\101\144\155\151\156\151\163\164\162\141\x74\157\x72\56\74\57\x66\157\x6e\164\76\74\57\x64\x69\x76\x3e";
delete_site_option("\155\157\137\x73\141\155\x6c\x5f\x72\x65\144\x69\x72\145\x63\164\x5f\x65\x72\162\x6f\x72\x5f\143\157\x64\145");
delete_site_option("\155\157\x5f\163\x61\155\154\137\x72\x65\x64\151\162\x65\143\164\x5f\145\162\162\x6f\162\137\162\x65\141\163\157\x6e");
mq:
echo "\x3c\141\40\x68\x72\145\x66\x3d\x22\x68\164\164\160\72\57\x2f\x6d\151\x6e\151\x6f\162\141\x6e\147\x65\x2e\143\157\155\x2f\167\157\162\144\160\x72\145\163\x73\x2d\154\144\141\x70\55\154\157\x67\x69\156\42\x20\163\164\171\154\x65\x3d\x22\x64\151\x73\x70\154\x61\171\72\x6e\x6f\x6e\145\42\76\114\157\x67\x69\156\x20\x74\157\x20\x57\x6f\x72\144\x50\162\x65\163\x73\40\x75\x73\151\x6e\147\40\114\104\101\120\74\x2f\141\x3e\xa\11\11\x9\11\74\141\x20\150\x72\x65\x66\75\42\150\x74\164\x70\72\x2f\x2f\155\x69\x6e\x69\157\162\x61\156\x67\x65\56\x63\157\155\x2f\143\x6c\157\x75\144\55\151\x64\145\x6e\164\151\164\x79\55\142\x72\x6f\x6b\x65\x72\55\x73\x65\162\166\151\143\x65\x22\x20\163\x74\171\x6c\x65\75\x22\144\x69\163\160\x6c\141\x79\72\156\157\x6e\x65\42\x3e\x43\x6c\x6f\165\144\40\x49\x64\145\156\x74\x69\164\171\x20\142\162\157\153\x65\x72\40\x73\x65\162\x76\x69\143\x65\x3c\x2f\141\x3e\xa\11\11\11\x9\x3c\141\x20\150\162\145\146\x3d\x22\150\164\164\x70\72\57\x2f\155\151\156\151\x6f\x72\x61\156\147\145\56\x63\157\155\57\x73\164\x72\157\156\x67\x5f\141\x75\x74\150\x22\40\x73\164\171\154\x65\x3d\x22\x64\151\163\160\x6c\141\x79\x3a\x6e\157\156\145\73\42\76\x3c\57\x61\76\12\x9\11\x9\11\74\x61\x20\150\162\145\x66\75\42\x68\164\164\x70\x3a\x2f\57\x6d\151\156\151\157\162\x61\x6e\x67\x65\x2e\143\x6f\x6d\x2f\x73\x69\156\147\154\x65\x2d\x73\x69\147\x6e\x2d\x6f\x6e\55\163\163\x6f\42\x20\x73\164\x79\154\x65\75\x22\x64\151\163\160\154\141\171\x3a\156\x6f\x6e\x65\x3b\x22\76\74\57\141\76\xa\11\11\x9\11\x3c\x61\40\x68\162\145\x66\x3d\x22\x68\x74\164\x70\72\57\x2f\155\x69\x6e\x69\x6f\162\141\x6e\x67\145\56\x63\x6f\x6d\x2f\146\162\141\165\144\42\x20\163\164\x79\x6c\145\75\x22\144\151\x73\x70\154\141\171\72\156\157\x6e\x65\73\x22\x3e\x3c\57\x61\76\12\xa\11\11\11\x3c\57\x75\154\76\12\11\11\74\x2f\x66\157\162\155\76";
kO:
}
public function mo_saml_check_empty_or_null_val($Vz)
{
if (!(!isset($Vz) || empty($Vz))) {
goto IK;
}
return true;
IK:
return false;
}
function mo_saml_logout()
{
if (!is_user_logged_in()) {
goto M3;
}
$Uq = get_site_option("\x73\141\155\154\137\x6c\x6f\147\157\x75\x74\137\165\162\154");
$RG = get_site_option("\163\x61\x6d\154\137\154\x6f\147\157\x75\x74\x5f\x62\x69\x6e\x64\151\156\147\x5f\164\171\160\145");
if (empty($Uq)) {
goto WG;
}
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto pu;
}
session_start();
pu:
if (isset($_SESSION["\155\157\x5f\x73\x61\x6d\154\137\x6c\157\147\157\165\164\x5f\162\x65\161\x75\145\163\164"])) {
goto ut;
}
if (isset($_SESSION["\x6d\157\x5f\163\141\155\154"]["\x6c\x6f\x67\147\x65\x64\137\x69\156\137\167\x69\164\150\137\x69\x64\160"])) {
goto xg;
}
goto Z6;
ut:
self::createLogoutResponseAndRedirect($Uq, $RG);
die;
goto Z6;
xg:
unset($_SESSION["\155\x6f\x5f\x73\141\155\x6c"]);
$current_user = wp_get_current_user();
$dp = get_user_meta($current_user->ID, "\x6d\x6f\x5f\x73\141\155\154\x5f\x6e\141\x6d\145\137\151\x64");
$VA = get_user_meta($current_user->ID, "\155\157\137\x73\x61\155\x6c\137\163\145\163\x73\151\x6f\x6e\137\x69\x6e\x64\x65\170");
$tT = get_site_option("\x6d\x6f\137\x73\141\x6d\x6c\x5f\163\x70\x5f\x62\141\163\145\137\x75\x72\154");
if (!empty($tT)) {
goto D7;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "\57")) {
goto eo;
}
$tT = substr($tT, 0, -1);
eo:
D7:
$FF = get_site_option("\155\x6f\137\163\141\155\154\137\163\160\x5f\145\x6e\164\x69\x74\171\137\151\144");
if (!empty($FF)) {
goto bo;
}
$FF = $tT . "\x2f\x77\160\x2d\143\x6f\156\164\x65\156\164\57\x70\154\165\147\151\x6e\x73\57\x6d\151\x6e\151\157\162\141\156\x67\x65\55\x73\141\155\154\55\62\x30\55\x73\x69\x6e\x67\x6c\145\x2d\163\151\x67\156\55\x6f\156\57";
bo:
$Cb = $Uq;
$uW = saml_get_current_page_url();
if (!strpos($uW, "\x3f")) {
goto aF;
}
$uW = site_url();
aF:
$Dg = Utilities::createLogoutRequest($dp, $VA, $FF, $Cb, $RG);
if (empty($RG) || $RG == "\x48\124\124\120\55\x52\x65\x64\x69\162\x65\143\164") {
goto TY;
}
$sB = plugin_dir_path(__FILE__) . "\x72\145\163\157\165\x72\x63\x65\163" . DIRECTORY_SEPARATOR . "\x73\160\x2d\153\x65\171\x2e\153\x65\x79";
$oM = plugin_dir_path(__FILE__) . "\162\145\x73\157\x75\x72\143\x65\x73" . DIRECTORY_SEPARATOR . "\x73\x70\x2d\143\145\162\164\x69\146\x69\143\x61\164\145\56\143\x72\x74";
$NK = Utilities::signXML($Dg, $oM, $sB, "\116\x61\x6d\x65\x49\104");
Utilities::postSAMLRequest($Uq, $NK, $uW);
goto yL;
TY:
$Dg = "\123\x41\x4d\x4c\122\145\161\x75\145\163\x74\x3d" . $Dg . "\46\x52\145\x6c\x61\171\x53\x74\x61\164\145\x3d" . urlencode($uW) . "\46\x53\x69\x67\101\x6c\147\75" . urlencode(XMLSecurityKey::RSA_SHA256);
$jk = array("\x74\171\160\x65" => "\x70\162\x69\x76\141\164\x65");
$M3 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $jk);
$t3 = plugin_dir_path(__FILE__) . "\162\x65\163\x6f\x75\162\143\145\x73" . DIRECTORY_SEPARATOR . "\163\160\55\153\145\x79\56\x6b\x65\x79";
$M3->loadKey($t3, TRUE);
$eT = new XMLSecurityDSig();
$Gw = $M3->signData($Dg);
$Gw = base64_encode($Gw);
$p9 = $Uq;
if (strpos($Uq, "\x3f") !== false) {
goto Y2;
}
$p9 .= "\x3f";
goto sC;
Y2:
$p9 .= "\46";
sC:
$p9 .= $Dg . "\46\x53\x69\x67\x6e\141\164\x75\162\x65\75" . urlencode($Gw);
header("\x4c\157\143\141\x74\x69\157\156\x3a" . $p9);
die;
yL:
Z6:
WG:
M3:
}
function createLogoutResponseAndRedirect($Uq, $RG)
{
$tT = get_site_option("\155\157\x5f\x73\141\x6d\154\137\x73\x70\137\x62\141\163\x65\137\165\x72\x6c");
if (!empty($tT)) {
goto V6;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "\x2f")) {
goto wf;
}
$tT = substr($tT, 0, -1);
wf:
V6:
$wy = $_SESSION["\155\157\137\x73\x61\155\154\x5f\154\x6f\147\157\165\164\x5f\162\x65\161\x75\145\163\164"];
$us = $_SESSION["\155\x6f\x5f\163\141\155\x6c\137\x6c\157\x67\x6f\165\164\x5f\x72\x65\154\141\171\137\x73\164\x61\x74\x65"];
unset($_SESSION["\x6d\x6f\x5f\163\141\155\154\x5f\154\x6f\x67\157\x75\x74\137\162\145\x71\165\x65\x73\x74"]);
unset($_SESSION["\155\x6f\x5f\x73\x61\155\154\x5f\x6c\x6f\x67\157\x75\x74\x5f\x72\x65\x6c\x61\171\x5f\x73\164\x61\164\145"]);
$UO = new DOMDocument();
$UO->loadXML($wy);
$wy = $UO->firstChild;
if (!($wy->localName == "\x4c\x6f\147\x6f\165\x74\x52\145\x71\x75\x65\x73\164")) {
goto Rx;
}
$l8 = new SAML2_LogoutRequest($wy);
$FF = get_site_option("\155\157\137\x73\141\x6d\x6c\x5f\163\x70\x5f\x65\156\x74\151\x74\171\x5f\x69\x64");
if (!empty($FF)) {
goto su;
}
$FF = $tT . "\57\167\x70\55\143\x6f\156\x74\x65\156\164\57\160\154\165\x67\151\156\x73\57\155\151\156\151\157\162\x61\156\x67\145\x2d\x73\141\x6d\154\x2d\62\x30\x2d\x73\x69\156\x67\154\x65\55\163\151\147\x6e\55\x6f\x6e\57";
su:
$Cb = $Uq;
$nh = Utilities::createLogoutResponse($l8->getId(), $FF, $Cb, $RG);
if (empty($RG) || $RG == "\110\124\x54\x50\x2d\122\145\x64\151\162\x65\143\x74") {
goto Ah;
}
$sB = plugin_dir_path(__FILE__) . "\162\x65\163\157\x75\162\x63\145\x73" . DIRECTORY_SEPARATOR . "\163\x70\x2d\x6b\145\x79\56\153\x65\x79";
$oM = plugin_dir_path(__FILE__) . "\x72\x65\163\x6f\165\x72\x63\145\163" . DIRECTORY_SEPARATOR . "\x73\160\x2d\x63\x65\162\x74\151\146\151\x63\141\164\x65\56\x63\162\164";
$NK = Utilities::signXML($nh, $oM, $sB, "\x53\x74\x61\x74\x75\163");
Utilities::postSAMLResponse($Uq, $NK, $us);
goto yN;
Ah:
$p9 = $Uq;
if (strpos($Uq, "\77") !== false) {
goto nW;
}
$p9 .= "\x3f";
goto x7;
nW:
$p9 .= "\46";
x7:
$p9 .= "\123\101\115\114\x52\x65\163\x70\x6f\x6e\163\145\75" . $nh . "\46\122\145\x6c\x61\171\x53\164\141\x74\145\x3d" . urlencode($us);
header("\114\157\x63\141\164\151\157\x6e\72\40" . $p9);
die;
yN:
Rx:
}
}
function plugin_settings_script_widget()
{
wp_enqueue_script("\152\161\165\145\x72\171");
wp_enqueue_script("\155\157\137\163\141\155\x6c\137\141\144\x6d\x69\x6e\x5f\x73\145\164\x74\x69\x6e\147\163\137\163\143\162\x69\x70\x74\137\x77\151\144\147\x65\164", plugins_url("\x69\x6e\143\154\165\144\x65\x73\57\x6a\163\x2f\163\x65\x74\164\151\x6e\147\x73\x2e\x6a\x73", __FILE__));
}
function plugin_settings_style_widget()
{
wp_enqueue_style("\x6d\157\137\x73\141\155\154\137\x61\144\x6d\x69\x6e\137\163\145\164\164\151\156\147\x73\x5f\x73\164\171\x6c\x65", plugins_url("\151\x6e\x63\x6c\x75\x64\x65\x73\57\143\163\163\57\x6a\x71\x75\145\162\x79\56\x75\151\56\143\x73\163", __FILE__));
}
function mo_login_validate()
{
if (!(isset($_REQUEST["\157\160\x74\151\157\156"]) && $_REQUEST["\157\x70\x74\151\157\156"] == "\155\x6f\x73\x61\x6d\x6c\x5f\155\145\164\x61\144\141\164\x61")) {
goto E6;
}
miniorange_generate_metadata();
E6:
if (!mo_saml_is_customer_license_verified()) {
goto yJ;
}
if (!(isset($_REQUEST["\x6f\x70\164\151\x6f\x6e"]) && $_REQUEST["\157\x70\164\x69\x6f\156"] == "\x73\141\x6d\154\x5f\165\x73\145\x72\x5f\154\x6f\x67\151\x6e" || isset($_REQUEST["\x6f\x70\164\x69\157\156"]) && $_REQUEST["\x6f\160\164\151\x6f\x6e"] == "\x74\x65\x73\164\103\x6f\156\146\x69\147")) {
goto lN;
}
if (!(is_user_logged_in() && $_REQUEST["\x6f\x70\x74\151\x6f\x6e"] != "\x74\145\163\164\103\157\x6e\146\x69\x67")) {
goto TZ;
}
return;
TZ:
if (!mo_saml_is_sp_configured()) {
goto J5;
}
$tT = get_site_option("\155\157\137\163\141\155\x6c\x5f\x73\160\x5f\x62\x61\x73\x65\x5f\x75\x72\x6c");
if (!empty($tT)) {
goto mw;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "\57")) {
goto sN;
}
$tT = substr($tT, 0, -1);
sN:
mw:
if ($_REQUEST["\x6f\x70\164\151\157\156"] == "\x74\145\x73\164\x43\157\x6e\146\151\x67") {
goto NM;
}
if (isset($_REQUEST["\162\145\144\151\x72\145\143\x74\137\x74\x6f"])) {
goto nv;
}
$uW = saml_get_current_page_url();
goto WY;
nv:
$uW = $_REQUEST["\x72\145\x64\x69\162\x65\x63\x74\137\164\x6f"];
WY:
goto ny;
NM:
$uW = "\x74\145\x73\x74\x56\x61\154\151\x64\141\x74\145";
ny:
$mb = get_site_option("\x73\141\155\x6c\x5f\x6c\x6f\147\x69\156\x5f\x75\162\x6c");
$U4 = get_site_option("\x73\141\x6d\x6c\x5f\154\x6f\147\151\156\x5f\x62\151\156\x64\x69\156\147\137\x74\171\160\x65");
$k2 = get_site_option("\155\157\x5f\x73\141\x6d\154\x5f\x66\157\x72\x63\145\x5f\141\x75\x74\x68\x65\x6e\x74\151\x63\141\x74\151\x6f\x6e");
$iS = $tT . "\x2f";
$FF = get_site_option("\x6d\x6f\137\x73\x61\155\154\137\x73\x70\x5f\x65\156\x74\x69\164\171\137\151\144");
if (!empty($FF)) {
goto lf;
}
$FF = $tT . "\57\x77\160\55\143\157\x6e\164\x65\156\164\x2f\x70\x6c\x75\147\x69\156\x73\57\155\x69\x6e\151\157\x72\x61\x6e\147\145\55\163\141\155\x6c\x2d\62\x30\55\x73\x69\156\x67\x6c\x65\x2d\163\x69\x67\x6e\55\x6f\156\57";
lf:
$Dg = Utilities::createAuthnRequest($iS, $FF, $mb, $k2, $U4);
if (empty($U4) || $U4 == "\x48\124\124\x50\55\x52\145\x64\x69\162\145\143\x74") {
goto sK;
}
$sB = plugin_dir_path(__FILE__) . "\162\x65\163\157\x75\x72\143\145\x73" . DIRECTORY_SEPARATOR . "\163\160\x2d\x6b\x65\x79\x2e\x6b\145\x79";
$oM = plugin_dir_path(__FILE__) . "\x72\x65\163\157\x75\162\x63\145\x73" . DIRECTORY_SEPARATOR . "\163\x70\x2d\143\145\162\x74\151\x66\x69\143\141\x74\x65\56\143\162\164";
$NK = Utilities::signXML($Dg, $oM, $sB, "\x4e\x61\x6d\145\x49\x44\x50\x6f\x6c\151\x63\171");
Utilities::postSAMLRequest($mb, $NK, $uW);
goto Sc;
sK:
$Dg = "\123\x41\x4d\x4c\x52\x65\x71\x75\x65\x73\x74\x3d" . $Dg . "\x26\x52\145\154\x61\x79\x53\164\141\x74\x65\x3d" . urlencode($uW) . "\x26\x53\151\147\101\x6c\x67\x3d" . urlencode(XMLSecurityKey::RSA_SHA256);
$jk = array("\164\x79\x70\145" => "\x70\x72\x69\x76\141\x74\145");
$M3 = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $jk);
$t3 = plugin_dir_path(__FILE__) . "\162\x65\163\x6f\165\x72\143\145\163" . DIRECTORY_SEPARATOR . "\163\x70\x2d\153\x65\x79\56\153\x65\x79";
$M3->loadKey($t3, TRUE);
$eT = new XMLSecurityDSig();
$Gw = $M3->signData($Dg);
$Gw = base64_encode($Gw);
$p9 = $mb;
if (strpos($mb, "\x3f") !== false) {
goto y0;
}
$p9 .= "\77";
goto zN;
y0:
$p9 .= "\x26";
zN:
$p9 .= $Dg . "\46\123\151\147\156\x61\x74\165\162\x65\75" . urlencode($Gw);
header("\114\157\x63\x61\x74\151\157\x6e\x3a\x20" . $p9);
die;
Sc:
J5:
lN:
if (!(array_key_exists("\123\101\x4d\114\x52\x65\163\x70\157\156\163\145", $_REQUEST) && !empty($_REQUEST["\123\101\115\x4c\x52\145\163\x70\x6f\156\x73\145"]))) {
goto S6;
}
$tT = get_site_option("\155\x6f\137\x73\141\155\x6c\x5f\163\x70\x5f\142\x61\163\x65\137\165\x72\x6c");
if (!empty($tT)) {
goto zY;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "\x2f")) {
goto XW;
}
$tT = substr($tT, 0, -1);
XW:
zY:
$OQ = $_REQUEST["\123\101\x4d\114\x52\145\x73\160\x6f\156\x73\x65"];
$us = empty($_REQUEST["\122\145\154\141\x79\x53\x74\141\x74\145"]) ? '' : $_REQUEST["\122\145\154\x61\x79\x53\x74\141\x74\145"];
$OQ = base64_decode($OQ);
if (!(array_key_exists("\123\101\115\x4c\x52\145\163\x70\x6f\156\163\x65", $_GET) && !empty($_GET["\x53\x41\x4d\114\122\145\x73\x70\157\156\x73\x65"]))) {
goto M5;
}
$OQ = gzinflate($OQ);
M5:
$UO = new DOMDocument();
$UO->loadXML($OQ);
$FV = $UO->firstChild;
$pA = $UO->documentElement;
$Mj = new DOMXpath($UO);
$Mj->registerNamespace("\163\x61\155\x6c\160", "\165\162\156\72\x6f\x61\163\151\163\x3a\x6e\x61\x6d\145\x73\72\x74\143\72\x53\101\x4d\114\x3a\x32\56\x30\72\x70\162\x6f\164\x6f\x63\x6f\x6c");
$Mj->registerNamespace("\163\x61\x6d\x6c", "\x75\x72\x6e\72\157\141\163\151\x73\x3a\x6e\141\x6d\x65\163\72\164\143\72\123\101\x4d\x4c\72\x32\x2e\x30\72\x61\x73\163\x65\162\164\x69\157\156");
if ($FV->localName == "\114\157\147\x6f\165\164\x52\145\163\160\x6f\x6e\x73\145") {
goto rI;
}
$Ct = $Mj->query("\x2f\163\141\155\154\x70\x3a\122\145\163\x70\157\x6e\163\145\57\x73\141\155\x6c\160\72\x53\x74\141\x74\x75\163\x2f\x73\141\155\x6c\x70\x3a\x53\164\141\164\165\x73\x43\157\144\x65", $pA);
$If = isset($Ct) ? $Ct->item(0)->getAttribute("\126\141\x6c\165\x65") : '';
$Sy = explode("\x3a", $If);
if (!array_key_exists(7, $Sy)) {
goto aY;
}
$Ct = $Sy[7];
aY:
$a9 = $Mj->query("\57\163\x61\155\x6c\160\x3a\122\x65\x73\160\x6f\156\163\x65\x2f\163\x61\155\x6c\x70\x3a\123\164\x61\x74\165\163\57\163\x61\x6d\x6c\160\x3a\x53\x74\x61\164\x75\x73\115\x65\x73\163\141\x67\x65", $pA);
$nD = isset($a9) ? $a9->item(0) : '';
if (empty($nD)) {
goto vJ;
}
$nD = $nD->nodeValue;
vJ:
if (array_key_exists("\x52\x65\154\141\x79\123\164\141\164\x65", $_POST) && !empty($_POST["\122\145\x6c\x61\171\123\x74\141\164\x65"]) && $_POST["\122\x65\x6c\x61\x79\x53\x74\141\164\145"] != "\57") {
goto Nh;
}
$d0 = '';
goto oV;
Nh:
$d0 = $_POST["\x52\145\154\x61\171\123\164\141\x74\145"];
oV:
if (!($Ct != "\123\x75\143\143\x65\x73\163")) {
goto Ky;
}
show_status_error($Ct, $d0, $nD);
Ky:
$f1 = maybe_unserialize(get_site_option("\x73\141\155\x6c\x5f\170\65\60\x39\x5f\x63\145\162\164\x69\x66\x69\x63\141\x74\x65"));
foreach ($f1 as $M3 => $Vz) {
if (@openssl_x509_read($Vz)) {
goto qp;
}
unset($vv[$M3]);
qp:
bd:
}
TT:
$iS = $tT . "\x2f";
$OQ = new SAML2_Response($FV);
$yt = $OQ->getSignatureData();
$Eo = current($OQ->getAssertions())->getSignatureData();
if (!(empty($Eo) && empty($yt))) {
goto AD;
}
if ($d0 == "\164\x65\163\164\x56\141\154\x69\x64\141\x74\x65") {
goto WA;
}
wp_die("\127\x65\x20\x63\x6f\x75\154\x64\x20\x6e\x6f\164\x20\x73\151\x67\156\x20\x79\157\165\40\151\156\56\x20\x50\x6c\x65\141\x73\x65\40\x63\157\156\164\141\x63\x74\40\141\x64\155\x69\156\151\163\x74\x72\x61\x74\157\162", "\x45\162\162\x6f\x72\x3a\40\x49\156\166\x61\x6c\151\x64\x20\123\101\x4d\114\40\122\x65\163\x70\x6f\156\x73\145");
goto Gy;
WA:
echo "\x3c\x64\x69\166\x20\x73\x74\171\x6c\x65\x3d\x22\146\x6f\156\x74\55\x66\x61\155\x69\x6c\171\x3a\x43\x61\x6c\x69\142\162\151\x3b\x70\141\x64\144\x69\156\147\x3a\60\x20\63\x25\73\x22\76\12\11\x9\11\x9\11\11\74\144\x69\x76\40\x73\x74\x79\x6c\145\x3d\42\x63\x6f\154\157\162\x3a\40\43\141\71\64\64\x34\62\73\x62\x61\143\153\147\162\157\165\x6e\144\55\143\157\x6c\x6f\162\72\x20\x23\146\62\144\145\144\145\73\x70\141\144\144\x69\156\x67\72\x20\x31\x35\x70\170\x3b\155\x61\x72\x67\x69\156\55\x62\x6f\164\x74\x6f\155\72\40\62\60\160\170\73\164\x65\x78\x74\x2d\x61\x6c\151\147\156\72\143\x65\x6e\164\145\x72\73\x62\157\x72\x64\145\x72\72\61\160\x78\40\163\x6f\x6c\x69\144\x20\x23\105\x36\x42\63\x42\x32\x3b\x66\157\x6e\164\x2d\163\151\172\145\72\61\70\160\x74\x3b\x22\76\40\105\122\x52\117\122\74\57\144\151\166\76\xa\x9\x9\11\11\11\11\x3c\144\151\166\x20\x73\164\x79\x6c\x65\75\42\143\157\x6c\157\162\72\40\x23\141\x39\64\x34\x34\x32\x3b\x66\x6f\x6e\164\x2d\x73\x69\x7a\145\72\61\64\x70\164\73\40\x6d\x61\x72\147\x69\156\55\142\157\164\x74\157\155\x3a\62\x30\x70\170\73\x22\x3e\74\160\76\x3c\x73\164\162\157\x6e\147\x3e\105\162\x72\157\162\x3a\x20\74\x2f\163\x74\x72\x6f\156\x67\x3e\x55\x6e\141\x62\x6c\x65\40\164\157\x20\146\x69\156\x64\x20\x61\x20\143\145\x72\x74\151\x66\151\143\x61\164\145\x20\x2e\x3c\57\x70\x3e\xa\11\11\x9\11\11\x9\x9\x3c\x70\76\x50\x6c\x65\141\x73\x65\40\x63\x6f\156\164\x61\x63\x74\40\x79\157\165\x72\40\141\x64\155\x69\x6e\x69\x73\164\162\x61\164\x6f\x72\40\x61\156\144\40\x72\145\160\157\162\x74\40\164\x68\145\40\x66\157\154\154\157\x77\x69\x6e\147\40\x65\162\162\x6f\x72\72\x3c\x2f\160\x3e\xa\x9\x9\x9\11\11\11\11\74\160\x3e\74\x73\x74\x72\157\156\x67\76\120\157\x73\163\151\142\154\145\x20\x43\x61\x75\163\x65\72\x20\x3c\57\163\x74\162\157\156\x67\x3e\116\x6f\x20\x73\x69\x67\x6e\141\164\x75\162\145\x20\146\157\165\156\144\40\151\156\40\x53\101\x4d\x4c\40\122\145\x73\160\x6f\156\x73\145\x20\157\162\x20\x41\x73\163\145\x72\x74\151\157\x6e\56\x20\x50\x6c\145\x61\163\145\x20\163\151\147\156\40\141\164\40\x6c\145\x61\163\x74\x20\x6f\x6e\145\40\x6f\146\40\x74\x68\145\x6d\56\x3c\x2f\160\76\xa\xa\x9\x9\x9\11\11\11\x3c\x2f\x64\151\166\76\xa\x9\x9\11\11\x9\x9\74\144\x69\x76\x20\x73\x74\x79\154\x65\75\42\155\141\x72\x67\x69\156\x3a\63\45\73\144\x69\163\x70\154\141\x79\x3a\142\154\x6f\143\153\73\164\x65\x78\164\55\x61\154\x69\147\156\72\143\145\156\x74\x65\x72\x3b\x22\76\xa\11\x9\x9\x9\11\11\11\74\x66\157\162\155\40\141\143\164\151\x6f\156\75\42\x69\x6e\144\x65\x78\56\x70\x68\x70\42\x3e\12\x9\x9\11\x9\x9\x9\x9\x9\x3c\144\x69\166\x20\x73\x74\x79\x6c\145\75\42\155\x61\x72\x67\151\156\x3a\x33\x25\73\144\151\163\160\x6c\x61\171\72\x62\x6c\157\x63\x6b\73\164\x65\x78\164\55\x61\x6c\151\x67\x6e\72\x63\x65\156\164\145\162\73\42\x3e\x3c\x69\156\x70\x75\164\40\x73\164\x79\154\145\75\x22\x70\x61\x64\x64\x69\x6e\x67\72\x31\x25\73\167\x69\x64\164\150\x3a\x31\60\60\x70\x78\73\142\x61\x63\x6b\147\162\x6f\x75\156\144\72\x20\43\x30\60\x39\x31\x43\x44\x20\156\157\x6e\x65\x20\162\145\x70\x65\x61\164\40\163\143\162\157\x6c\154\x20\60\45\40\60\45\73\x63\165\x72\163\157\x72\x3a\40\x70\157\x69\x6e\x74\145\x72\73\x66\157\x6e\164\x2d\x73\151\x7a\x65\72\x31\65\160\x78\x3b\142\157\x72\144\145\x72\55\167\x69\x64\164\150\x3a\40\61\160\x78\x3b\142\x6f\x72\144\145\x72\55\163\164\171\x6c\x65\x3a\x20\x73\157\x6c\151\x64\x3b\142\157\162\x64\x65\x72\x2d\162\x61\144\151\165\163\x3a\x20\63\160\170\73\x77\150\x69\164\x65\55\163\x70\x61\x63\x65\72\x20\x6e\x6f\167\x72\141\160\73\142\x6f\x78\x2d\163\151\172\151\156\147\72\x20\142\157\162\144\x65\162\x2d\142\157\x78\x3b\142\x6f\x72\144\x65\x72\x2d\x63\157\x6c\x6f\162\72\x20\43\x30\60\67\x33\101\101\x3b\142\x6f\x78\x2d\163\150\x61\144\157\x77\72\x20\60\x70\170\x20\x31\x70\170\x20\60\160\x78\40\x72\147\142\x61\50\x31\x32\60\x2c\40\62\x30\x30\x2c\x20\x32\63\x30\54\40\60\56\x36\51\x20\x69\x6e\163\x65\164\73\x63\x6f\154\157\162\x3a\40\x23\x46\x46\x46\x3b\x22\164\171\160\145\75\x22\142\x75\164\x74\157\156\x22\40\166\141\154\x75\x65\x3d\x22\x44\157\156\x65\x22\40\157\156\103\x6c\151\143\153\75\x22\163\145\154\146\x2e\x63\x6c\157\x73\145\50\x29\x3b\42\76\74\x2f\x64\151\x76\x3e";
die;
Gy:
AD:
if (is_array($f1)) {
goto x0;
}
$vv = XMLSecurityKey::getRawThumbprint($f1);
$vv = iconv("\x55\124\x46\55\x38", "\103\x50\61\62\x35\62\x2f\x2f\x49\107\x4e\117\x52\x45", $vv);
$vv = preg_replace("\57\134\163\53\57", '', $vv);
if (empty($yt)) {
goto uM;
}
$T9 = Utilities::processResponse($iS, $vv, $yt, $OQ, 0, $d0);
uM:
if (empty($Eo)) {
goto hY;
}
$T9 = Utilities::processResponse($iS, $vv, $Eo, $OQ, 0, $d0);
hY:
goto Co;
x0:
foreach ($f1 as $M3 => $Vz) {
$vv = XMLSecurityKey::getRawThumbprint($Vz);
$vv = iconv("\125\x54\106\x2d\x38", "\x43\120\x31\62\x35\x32\57\x2f\111\x47\116\117\x52\x45", $vv);
$vv = preg_replace("\57\134\x73\x2b\57", '', $vv);
if (empty($yt)) {
goto lt;
}
$T9 = Utilities::processResponse($iS, $vv, $yt, $OQ, $M3, $d0);
lt:
if (empty($Eo)) {
goto k2;
}
$T9 = Utilities::processResponse($iS, $vv, $Eo, $OQ, $M3, $d0);
k2:
if (!$T9) {
goto xP;
}
goto pP;
xP:
Z0:
}
pP:
Co:
if (empty($yt)) {
goto fs;
}
$XF = $yt["\x43\145\162\164\151\x66\151\143\x61\x74\145\x73"][0];
goto em;
fs:
$XF = $Eo["\x43\145\162\x74\151\x66\151\x63\141\x74\x65\x73"][0];
em:
if ($T9) {
goto kV;
}
if ($d0 == "\x74\x65\163\164\126\141\154\151\x64\141\164\145") {
goto GB;
}
wp_die("\127\x65\x20\143\x6f\165\154\144\40\x6e\157\x74\40\x73\x69\x67\156\x20\x79\157\165\x20\x69\x6e\56\x20\120\x6c\x65\141\x73\145\40\143\x6f\x6e\x74\141\143\x74\40\x79\157\x75\x72\40\x41\x64\x6d\151\156\x69\163\164\x72\141\164\x6f\x72", "\105\x72\x72\157\162\x20\x3a\x43\x65\x72\x74\151\x66\151\x63\141\x74\145\x20\156\157\x74\x20\x66\x6f\165\x6e\144");
goto bt;
GB:
$VQ = "\55\55\55\55\x2d\102\x45\107\111\x4e\40\x43\105\122\124\x49\x46\x49\x43\101\x54\105\x2d\55\x2d\55\55\x3c\142\162\76" . chunk_split($XF, 64) . "\74\142\162\76\55\55\x2d\x2d\55\105\x4e\x44\40\103\x45\x52\124\111\x46\x49\103\x41\124\x45\x2d\x2d\55\x2d\x2d";
echo "\x3c\x64\x69\x76\x20\163\164\171\154\145\75\42\x66\x6f\x6e\x74\x2d\x66\x61\x6d\x69\x6c\171\72\x43\141\x6c\x69\x62\162\151\x3b\160\x61\x64\x64\x69\156\x67\x3a\60\x20\63\45\x3b\42\x3e";
echo "\74\x64\151\x76\x20\x73\x74\x79\154\x65\75\x22\x63\x6f\x6c\157\x72\72\x20\43\x61\71\64\64\64\62\73\x62\141\143\x6b\147\x72\x6f\165\156\x64\x2d\x63\157\x6c\x6f\162\x3a\40\x23\x66\62\x64\145\144\145\x3b\160\141\x64\x64\151\156\147\72\x20\61\x35\x70\x78\x3b\x6d\141\x72\x67\151\156\55\x62\x6f\164\164\x6f\x6d\x3a\x20\x32\60\x70\x78\x3b\164\145\170\x74\55\x61\x6c\x69\147\156\x3a\143\145\156\164\x65\162\x3b\x62\x6f\x72\x64\x65\x72\72\x31\x70\170\40\x73\x6f\154\x69\x64\x20\x23\x45\66\x42\63\102\x32\x3b\146\x6f\156\164\55\x73\151\172\x65\x3a\x31\x38\160\164\73\x22\76\x20\105\x52\x52\x4f\122\74\x2f\x64\151\x76\x3e\12\x9\x9\x9\11\11\11\11\x9\x3c\144\151\166\x20\163\164\171\154\145\x3d\x22\x63\x6f\154\157\x72\x3a\40\x23\x61\71\x34\64\x34\x32\x3b\x66\x6f\x6e\x74\x2d\163\151\172\x65\x3a\61\64\160\164\x3b\x20\x6d\x61\x72\147\x69\156\55\142\x6f\x74\x74\157\x6d\x3a\62\x30\x70\x78\73\x22\x3e\74\160\76\74\163\x74\162\157\156\x67\76\105\x72\162\x6f\162\x3a\40\74\x2f\x73\164\162\x6f\156\x67\76\125\156\141\x62\154\x65\x20\x74\x6f\x20\146\151\x6e\x64\x20\141\x20\x63\x65\x72\x74\151\146\151\143\141\164\145\40\x6d\x61\164\143\150\x69\156\147\40\164\150\145\40\x63\x6f\x6e\146\151\147\x75\162\145\x64\x20\x66\151\x6e\147\145\x72\x70\162\x69\156\164\56\x3c\57\160\x3e\xa\11\x9\x9\x9\11\11\x9\x9\x9\74\x70\x3e\120\154\145\141\163\145\40\143\157\x6e\x74\141\x63\164\x20\x79\157\x75\162\40\x61\144\x6d\x69\156\151\x73\164\162\141\164\157\162\40\x61\x6e\x64\40\162\145\160\x6f\x72\164\40\164\150\x65\x20\x66\x6f\x6c\x6c\157\x77\x69\156\147\40\145\162\x72\x6f\162\72\74\x2f\x70\76\12\x9\11\x9\11\11\11\x9\x9\x9\74\x70\x3e\x3c\x73\x74\x72\157\156\147\x3e\120\157\163\x73\151\x62\154\x65\x20\103\141\x75\x73\145\x3a\x20\x3c\57\163\x74\162\157\156\147\x3e\x27\130\x2e\x35\x30\x39\40\103\145\162\164\x69\146\x69\x63\141\x74\145\x27\40\x66\151\145\x6c\x64\40\151\156\x20\x70\x6c\165\x67\x69\156\40\x64\x6f\145\163\40\x6e\x6f\x74\40\x6d\141\164\143\150\x20\164\x68\x65\x20\143\145\x72\x74\x69\x66\x69\143\141\164\145\40\146\x6f\x75\156\144\40\151\x6e\x20\x53\x41\x4d\114\x20\x52\145\x73\x70\157\x6e\x73\x65\x2e\74\57\160\76\xa\x9\11\11\x9\x9\11\x9\x9\11\x3c\160\76\x3c\163\164\x72\x6f\x6e\x67\76\103\145\162\x74\x69\x66\151\143\141\x74\x65\40\146\x6f\x75\156\x64\x20\x69\156\40\123\101\115\x4c\40\122\x65\163\x70\x6f\156\x73\x65\72\40\x3c\x2f\x73\164\162\x6f\156\147\76\74\x66\157\x6e\x74\x20\146\x61\x63\x65\x3d\x22\x43\x6f\165\162\151\145\162\40\x4e\x65\167\x22\x3e\74\x62\162\76\74\x62\x72\76" . $VQ . "\74\x2f\160\76\74\57\146\157\156\164\x3e\xa\11\11\11\11\11\11\11\x9\74\57\x64\x69\166\76\12\11\11\11\11\11\x9\11\11\74\144\x69\x76\40\x73\x74\x79\x6c\x65\x3d\x22\155\141\x72\x67\x69\x6e\x3a\63\x25\x3b\x64\151\x73\160\x6c\x61\x79\x3a\142\154\157\143\153\73\x74\145\x78\x74\x2d\141\x6c\x69\x67\x6e\72\x63\x65\156\164\145\x72\x3b\42\76\xa\x9\x9\11\x9\x9\x9\x9\11\x9\x3c\146\157\162\x6d\40\x61\143\x74\x69\x6f\x6e\x3d\x22\151\156\144\x65\170\x2e\160\150\x70\x22\x3e\xa\x9\x9\x9\x9\x9\11\11\11\x9\x9\74\144\151\x76\40\x73\164\x79\x6c\x65\75\42\x6d\141\x72\x67\x69\x6e\72\x33\x25\x3b\x64\151\163\x70\x6c\141\x79\72\x62\x6c\157\143\x6b\x3b\x74\x65\x78\x74\55\141\154\x69\x67\156\x3a\x63\145\156\x74\x65\x72\73\x22\76\x3c\151\x6e\x70\x75\x74\x20\x73\x74\x79\154\x65\x3d\x22\x70\141\x64\x64\151\156\147\x3a\x31\x25\x3b\167\151\144\x74\150\x3a\x31\60\x30\160\x78\x3b\x62\141\x63\153\147\x72\157\x75\x6e\144\x3a\x20\x23\60\x30\71\61\x43\104\40\x6e\x6f\x6e\x65\x20\162\x65\x70\145\x61\164\x20\163\143\162\x6f\x6c\154\x20\x30\45\40\60\45\x3b\x63\x75\162\x73\x6f\x72\72\40\160\x6f\x69\x6e\x74\x65\162\x3b\x66\x6f\156\164\55\163\x69\172\x65\72\61\x35\160\170\x3b\142\157\x72\144\x65\162\x2d\167\151\x64\164\150\x3a\x20\x31\160\x78\x3b\x62\x6f\x72\144\145\162\x2d\163\x74\x79\154\x65\72\x20\163\157\x6c\x69\x64\x3b\x62\x6f\162\144\145\x72\55\x72\141\144\x69\x75\x73\x3a\x20\63\x70\x78\73\x77\x68\x69\x74\x65\55\163\160\141\x63\x65\72\40\156\157\x77\162\x61\160\73\142\x6f\x78\55\x73\151\x7a\x69\156\x67\x3a\40\142\x6f\162\144\145\x72\55\142\157\x78\x3b\x62\157\162\144\x65\162\55\x63\157\x6c\157\162\x3a\40\43\60\60\x37\x33\x41\x41\x3b\x62\157\x78\x2d\x73\150\x61\x64\x6f\167\x3a\40\x30\x70\x78\x20\61\x70\x78\40\60\x70\x78\x20\162\147\142\141\x28\x31\x32\x30\54\40\x32\x30\60\x2c\x20\62\63\60\54\x20\x30\56\x36\51\x20\151\156\x73\x65\164\x3b\x63\x6f\x6c\157\x72\72\x20\x23\106\x46\106\73\x22\164\x79\x70\145\x3d\42\x62\165\x74\164\157\x6e\42\x20\x76\x61\154\x75\x65\75\42\x44\x6f\156\x65\42\40\157\156\103\154\151\143\x6b\x3d\42\x73\145\x6c\x66\x2e\143\154\x6f\x73\x65\x28\51\73\x22\x3e\x3c\57\144\x69\166\x3e";
die;
bt:
kV:
$C4 = get_site_option("\163\141\x6d\x6c\137\x69\163\163\x75\145\x72");
$FF = get_site_option("\155\157\x5f\163\x61\x6d\154\x5f\163\x70\137\145\x6e\164\x69\164\171\x5f\151\x64");
if (!empty($FF)) {
goto pL;
}
$FF = $tT . "\x2f\167\160\55\x63\157\156\x74\145\156\x74\57\x70\154\165\x67\x69\156\x73\57\155\151\x6e\151\x6f\162\141\x6e\147\145\x2d\x73\x61\155\x6c\x2d\x32\60\55\x73\x69\156\x67\154\145\x2d\163\x69\147\x6e\55\157\x6e\57";
pL:
Utilities::validateIssuerAndAudience($OQ, $FF, $C4);
$Aj = current(current($OQ->getAssertions())->getNameId());
$f6 = current($OQ->getAssertions())->getAttributes();
$f6["\116\141\155\x65\x49\x44"] = array("\60" => $Aj);
$VA = current($OQ->getAssertions())->getSessionIndex();
mo_saml_checkMapping($f6, $d0, $VA);
goto gd;
rI:
wp_logout();
if (!empty($us)) {
goto zw;
}
$us = $tT;
zw:
header("\114\157\x63\141\x74\x69\157\156\72" . $us);
die;
gd:
S6:
if (!(array_key_exists("\x53\101\115\114\x52\145\x71\165\145\163\164", $_REQUEST) && !empty($_REQUEST["\123\101\x4d\x4c\x52\145\161\x75\x65\x73\164"]))) {
goto O7;
}
$Dg = $_REQUEST["\x53\101\115\x4c\x52\x65\161\165\145\x73\164"];
$d0 = "\57";
if (!array_key_exists("\x52\x65\x6c\x61\x79\x53\164\141\x74\x65", $_REQUEST)) {
goto Db;
}
$d0 = $_REQUEST["\x52\145\154\x61\x79\123\x74\141\x74\x65"];
Db:
$Dg = base64_decode($Dg);
if (!(array_key_exists("\x53\101\x4d\x4c\122\x65\161\x75\x65\163\164", $_GET) && !empty($_GET["\x53\101\115\x4c\122\145\x71\x75\x65\163\164"]))) {
goto Au;
}
$Dg = gzinflate($Dg);
Au:
$UO = new DOMDocument();
$UO->loadXML($Dg);
$XS = $UO->firstChild;
if (!($XS->localName == "\x4c\157\x67\x6f\165\x74\x52\145\x71\165\x65\x73\164")) {
goto sY;
}
$l8 = new SAML2_LogoutRequest($XS);
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto YH;
}
session_start();
YH:
$_SESSION["\x6d\157\x5f\163\141\x6d\x6c\x5f\x6c\x6f\147\x6f\x75\164\137\162\x65\x71\165\145\x73\x74"] = $Dg;
$_SESSION["\x6d\157\137\163\141\x6d\x6c\x5f\154\x6f\147\x6f\x75\x74\x5f\x72\145\154\x61\171\x5f\x73\164\141\x74\x65"] = $d0;
wp_logout();
sY:
O7:
if (!(isset($_REQUEST["\157\160\164\x69\157\156"]) and strpos($_REQUEST["\157\160\x74\151\157\156"], "\162\x65\141\x64\x73\141\155\x6c\x6c\x6f\147\x69\x6e") !== false)) {
goto NN;
}
require_once dirname(__FILE__) . "\57\151\156\143\154\x75\144\145\x73\x2f\154\151\142\x2f\x65\x6e\143\x72\171\x70\164\151\157\156\x2e\x70\x68\x70";
if (isset($_POST["\x53\x54\101\x54\x55\123"]) && $_POST["\123\124\101\124\x55\x53"] == "\105\122\122\x4f\122") {
goto qs;
}
if (!(isset($_POST["\123\x54\101\x54\x55\x53"]) && $_POST["\x53\124\x41\x54\125\123"] == "\x53\125\x43\103\105\x53\x53")) {
goto eQ;
}
$Ni = '';
if (!(isset($_REQUEST["\162\x65\144\x69\162\x65\x63\x74\137\x74\157"]) && !empty($_REQUEST["\162\145\x64\x69\162\x65\143\164\x5f\x74\x6f"]) && $_REQUEST["\162\x65\x64\151\162\x65\x63\164\137\x74\157"] != "\57")) {
goto bX;
}
$Ni = $_REQUEST["\162\x65\144\x69\162\x65\x63\164\x5f\x74\157"];
bX:
delete_site_option("\155\x6f\x5f\163\141\x6d\x6c\137\x72\145\144\x69\x72\145\143\x74\137\x65\162\x72\x6f\162\137\143\157\x64\x65");
delete_site_option("\155\157\137\x73\141\155\154\x5f\x72\x65\144\x69\162\x65\143\x74\x5f\145\162\162\157\x72\x5f\x72\x65\x61\x73\157\156");
try {
$hG = get_site_option("\163\x61\155\x6c\137\141\x6d\x5f\x65\x6d\x61\x69\x6c");
$oi = get_site_option("\163\x61\x6d\x6c\x5f\141\155\x5f\165\163\x65\x72\156\x61\x6d\x65");
$YS = get_site_option("\163\x61\155\x6c\x5f\141\155\x5f\x66\151\162\163\x74\x5f\156\141\155\145");
$R1 = get_site_option("\x73\141\x6d\x6c\x5f\141\155\137\x6c\141\x73\x74\137\156\x61\155\145");
$hh = get_site_option("\163\141\x6d\154\x5f\x61\x6d\137\x67\162\x6f\165\160\137\156\x61\x6d\145");
$YQ = get_site_option("\163\141\x6d\154\137\141\x6d\x5f\x64\x65\x66\x61\165\x6c\164\137\165\x73\145\162\137\x72\x6f\154\x65");
$F9 = get_site_option("\x73\x61\x6d\154\137\x61\x6d\137\x64\x6f\156\x74\x5f\x61\154\x6c\157\x77\x5f\x75\x6e\x6c\x69\163\x74\145\144\x5f\x75\163\x65\162\x5f\162\x6f\154\x65");
$aQ = get_site_option("\x73\141\x6d\154\137\141\x6d\137\x61\x63\143\157\165\156\x74\137\x6d\141\x74\143\150\145\x72");
$xv = '';
$d8 = '';
$YS = str_replace("\56", "\x5f", $YS);
$YS = str_replace("\x20", "\137", $YS);
if (!(!empty($YS) && array_key_exists($YS, $_POST))) {
goto RE;
}
$YS = $_POST[$YS];
RE:
$R1 = str_replace("\56", "\137", $R1);
$R1 = str_replace("\40", "\x5f", $R1);
if (!(!empty($R1) && array_key_exists($R1, $_POST))) {
goto dc;
}
$R1 = $_POST[$R1];
dc:
$oi = str_replace("\x2e", "\x5f", $oi);
$oi = str_replace("\40", "\x5f", $oi);
if (!empty($oi) && array_key_exists($oi, $_POST)) {
goto gx;
}
$d8 = $_POST["\x4e\x61\x6d\145\111\104"];
goto RP;
gx:
$d8 = $_POST[$oi];
RP:
$xv = str_replace("\56", "\137", $hG);
$xv = str_replace("\x20", "\137", $hG);
if (!empty($hG) && array_key_exists($hG, $_POST)) {
goto hC;
}
$xv = $_POST["\116\141\155\145\x49\x44"];
goto j1;
hC:
$xv = $_POST[$hG];
j1:
$hh = str_replace("\56", "\x5f", $hh);
$hh = str_replace("\x20", "\137", $hh);
if (!(!empty($hh) && array_key_exists($hh, $_POST))) {
goto Di;
}
$hh = $_POST[$hh];
Di:
if (!empty($aQ)) {
goto KQ;
}
$aQ = "\x65\x6d\x61\x69\154";
KQ:
$M3 = get_site_option("\x6d\x6f\137\163\x61\x6d\154\137\143\165\163\164\157\155\x65\x72\x5f\x74\157\153\x65\x6e");
if (!(isset($M3) || trim($M3) != '')) {
goto H_;
}
$ug = AESEncryption::decrypt_data($xv, $M3);
$xv = $ug;
H_:
if (!(!empty($YS) && !empty($M3))) {
goto pq;
}
$Pc = AESEncryption::decrypt_data($YS, $M3);
$YS = $Pc;
pq:
if (!(!empty($R1) && !empty($M3))) {
goto xp;
}
$Fo = AESEncryption::decrypt_data($R1, $M3);
$R1 = $Fo;
xp:
if (!(!empty($d8) && !empty($M3))) {
goto At;
}
$KF = AESEncryption::decrypt_data($d8, $M3);
$d8 = $KF;
At:
if (!(!empty($hh) && !empty($M3))) {
goto NS;
}
$Wm = AESEncryption::decrypt_data($hh, $M3);
$hh = $Wm;
NS:
} catch (Exception $pZ) {
echo sprintf("\101\156\40\145\x72\x72\157\x72\x20\x6f\x63\143\165\162\x72\145\x64\40\167\150\x69\154\145\x20\x70\162\157\x63\x65\163\x73\x69\x6e\147\x20\164\x68\x65\40\123\x41\115\x4c\x20\x52\x65\163\x70\x6f\x6e\x73\145\x2e");
die;
}
$dI = array($hh);
mo_saml_login_user($xv, $YS, $R1, $d8, $dI, $F9, $YQ, $Ni, $aQ);
eQ:
goto YL;
qs:
update_site_option("\x6d\x6f\x5f\x73\x61\155\x6c\x5f\162\x65\x64\151\162\x65\143\164\137\x65\x72\162\x6f\162\x5f\143\x6f\144\145", $_POST["\105\122\122\x4f\122\137\x52\105\x41\123\117\116"]);
update_site_option("\155\x6f\x5f\x73\x61\x6d\x6c\x5f\162\145\x64\151\162\x65\x63\164\137\145\x72\x72\157\x72\x5f\162\145\141\x73\x6f\x6e", $_POST["\x45\122\x52\x4f\x52\x5f\x4d\105\123\x53\101\107\x45"]);
YL:
NN:
yJ:
}
function mo_saml_checkMapping($f6, $d0, $VA)
{
try {
$hG = get_site_option("\x73\141\x6d\x6c\x5f\141\x6d\137\x65\155\141\151\x6c");
$oi = get_site_option("\x73\x61\x6d\x6c\137\x61\x6d\x5f\x75\163\x65\x72\156\x61\155\x65");
$YS = get_site_option("\x73\141\x6d\x6c\137\x61\x6d\x5f\146\x69\162\163\x74\x5f\x6e\141\x6d\x65");
$R1 = get_site_option("\x73\x61\155\154\137\141\x6d\x5f\154\x61\x73\164\137\156\x61\x6d\145");
$hh = get_site_option("\163\141\x6d\x6c\137\141\x6d\x5f\147\x72\157\x75\160\x5f\156\141\155\145");
$ci = array();
$ci = get_site_option("\x73\141\x6d\154\137\x61\155\137\162\157\154\x65\137\155\141\160\160\x69\156\147");
$aQ = get_site_option("\x73\141\155\154\x5f\141\x6d\137\141\143\x63\157\165\156\x74\137\155\141\164\x63\150\x65\x72");
$xv = '';
$d8 = '';
if (empty($f6)) {
goto Y3;
}
if (!empty($YS) && array_key_exists($YS, $f6)) {
goto fR;
}
$YS = '';
goto CK;
fR:
$YS = $f6[$YS][0];
CK:
if (!empty($R1) && array_key_exists($R1, $f6)) {
goto BX;
}
$R1 = '';
goto Rk;
BX:
$R1 = $f6[$R1][0];
Rk:
if (!empty($oi) && array_key_exists($oi, $f6)) {
goto SQ;
}
$d8 = $f6["\116\141\x6d\145\x49\x44"][0];
goto av;
SQ:
$d8 = $f6[$oi][0];
av:
if (!empty($hG) && array_key_exists($hG, $f6)) {
goto YK;
}
$xv = $f6["\x4e\141\x6d\145\x49\x44"][0];
goto KK;
YK:
$xv = $f6[$hG][0];
KK:
if (!empty($hh) && array_key_exists($hh, $f6)) {
goto yr;
}
$hh = array();
goto vf;
yr:
$hh = $f6[$hh];
vf:
if (!empty($aQ)) {
goto ze;
}
$aQ = "\x65\x6d\x61\x69\154";
ze:
Y3:
if ($d0 == "\164\145\163\164\x56\141\154\151\144\141\164\x65") {
goto Ca;
}
mo_saml_login_user($xv, $YS, $R1, $d8, $hh, $ci, $d0, $aQ, $VA, $f6["\116\x61\155\145\111\x44"][0], $f6);
goto sj;
Ca:
mo_saml_show_test_result($YS, $R1, $xv, $hh, $f6);
sj:
} catch (Exception $pZ) {
echo sprintf("\x41\x6e\40\145\162\x72\157\x72\x20\157\x63\x63\165\x72\162\145\x64\x20\x77\150\x69\x6c\x65\x20\160\x72\157\143\145\x73\163\x69\156\147\40\x74\150\x65\x20\x53\x41\x4d\114\40\122\x65\x73\160\157\x6e\163\x65\56");
die;
}
}
function mo_saml_show_test_result($YS, $R1, $xv, $hh, $f6)
{
echo "\x3c\x64\x69\166\40\163\164\x79\x6c\x65\75\42\146\x6f\x6e\x74\55\x66\x61\155\x69\154\171\x3a\103\141\154\151\x62\162\x69\x3b\160\x61\x64\144\x69\x6e\x67\72\60\x20\63\45\x3b\x22\x3e";
if (!empty($xv)) {
goto jZ;
}
echo "\x3c\x64\151\x76\x20\x73\x74\171\154\x65\75\42\143\x6f\x6c\x6f\x72\x3a\x20\x23\141\x39\64\64\64\62\x3b\x62\x61\x63\153\147\x72\157\x75\156\x64\x2d\143\157\154\x6f\162\72\40\43\146\62\144\x65\x64\145\73\x70\x61\144\144\151\156\147\x3a\40\61\x35\x70\x78\x3b\155\141\x72\147\151\x6e\55\x62\157\164\164\157\x6d\x3a\x20\62\60\160\170\x3b\164\145\170\x74\55\141\154\x69\x67\156\72\x63\145\x6e\164\145\x72\73\142\x6f\162\144\145\162\x3a\61\x70\170\40\163\157\x6c\151\144\x20\x23\x45\66\x42\63\102\x32\x3b\146\157\x6e\164\55\x73\x69\172\145\x3a\x31\70\x70\x74\73\x22\76\124\x45\123\x54\x20\106\101\111\114\x45\x44\x3c\x2f\x64\x69\x76\x3e\12\x9\x9\11\x9\x9\x9\74\144\x69\x76\x20\x73\164\171\x6c\x65\75\x22\143\157\154\157\162\72\x20\43\141\x39\x34\x34\64\x32\x3b\146\157\x6e\164\x2d\163\151\172\x65\x3a\x31\x34\x70\x74\x3b\x20\155\141\x72\x67\x69\156\x2d\142\x6f\164\x74\157\155\72\62\60\160\170\73\x22\x3e\127\x41\122\116\x49\x4e\x47\72\40\123\x6f\155\145\x20\x41\x74\x74\162\151\x62\165\164\x65\x73\40\104\x69\x64\40\x4e\x6f\164\40\115\141\x74\x63\150\x2e\74\57\x64\151\166\76\xa\x9\x9\x9\x9\11\x9\x3c\x64\x69\x76\40\163\164\171\154\x65\x3d\42\x64\151\163\x70\x6c\x61\x79\72\x62\154\x6f\x63\153\73\x74\x65\170\x74\55\141\154\151\147\x6e\x3a\x63\x65\156\164\145\x72\x3b\155\x61\x72\147\x69\x6e\55\x62\x6f\164\164\x6f\155\72\x34\45\x3b\42\x3e\74\151\155\147\40\163\164\171\154\x65\x3d\42\167\x69\x64\164\150\72\61\65\x25\x3b\42\x73\x72\143\75\42" . plugin_dir_url(__FILE__) . "\151\x6d\141\x67\145\x73\x2f\x77\x72\x6f\156\x67\x2e\x70\x6e\147\x22\x3e\x3c\57\144\151\x76\76";
goto dy;
jZ:
echo "\x3c\x64\151\x76\x20\163\x74\171\154\145\75\42\143\x6f\154\157\162\72\x20\x23\63\x63\x37\x36\63\144\73\12\x9\x9\x9\11\x9\11\x62\x61\143\x6b\x67\x72\157\165\156\x64\x2d\x63\157\154\x6f\162\x3a\x20\43\144\146\146\x30\x64\70\x3b\40\x70\x61\144\144\x69\x6e\147\x3a\62\45\x3b\x6d\x61\x72\x67\x69\156\x2d\x62\157\x74\164\x6f\155\72\62\60\160\170\x3b\164\145\x78\164\x2d\141\x6c\151\147\x6e\72\143\145\x6e\x74\x65\x72\73\x20\142\157\x72\144\x65\x72\72\61\x70\170\x20\163\157\x6c\x69\144\40\x23\101\105\x44\102\x39\x41\73\x20\146\157\x6e\x74\x2d\x73\x69\172\145\x3a\61\x38\x70\164\x3b\x22\x3e\124\105\123\124\40\x53\x55\103\103\x45\123\x53\106\x55\114\x3c\x2f\x64\x69\x76\x3e\12\x9\x9\x9\11\x9\11\74\x64\151\166\40\163\164\171\154\145\75\42\x64\x69\163\160\154\x61\x79\72\x62\x6c\x6f\x63\x6b\x3b\x74\145\170\164\x2d\141\x6c\151\147\156\72\x63\x65\156\164\x65\162\x3b\155\141\162\147\151\x6e\x2d\x62\157\164\164\157\x6d\72\x34\x25\x3b\42\x3e\x3c\151\155\147\x20\163\164\171\x6c\x65\75\42\x77\151\144\x74\150\72\x31\65\45\x3b\x22\x73\162\143\x3d\42" . plugin_dir_url(__FILE__) . "\x69\155\x61\x67\x65\x73\x2f\x67\162\145\145\156\x5f\143\x68\x65\143\153\x2e\160\156\147\42\76\74\x2f\x64\x69\x76\x3e";
dy:
echo "\74\x73\x70\141\x6e\x20\x73\164\171\154\145\75\42\x66\x6f\156\164\x2d\163\x69\172\145\72\61\64\160\164\73\x22\76\x3c\x62\76\x48\145\x6c\x6c\157\74\x2f\142\76\54\40" . $xv . "\74\57\163\160\141\156\x3e\x3c\142\x72\x2f\76\x3c\x70\x20\163\x74\x79\154\x65\x3d\42\146\157\x6e\164\x2d\x77\145\151\x67\x68\164\x3a\142\157\154\x64\73\146\x6f\x6e\164\55\163\151\172\x65\x3a\x31\64\x70\164\x3b\155\141\162\147\x69\156\55\x6c\x65\x66\x74\72\x31\x25\x3b\x22\76\101\124\124\122\x49\102\125\x54\105\x53\x20\x52\x45\103\x45\111\126\x45\104\x3a\74\57\160\x3e\xa\x9\x9\x9\11\x9\x3c\x74\141\142\154\145\x20\163\164\x79\x6c\x65\75\x22\x62\157\162\x64\145\x72\x2d\143\157\154\x6c\x61\160\163\x65\72\x63\157\x6c\x6c\x61\x70\163\145\x3b\x62\x6f\x72\x64\145\x72\55\x73\x70\x61\x63\151\x6e\147\x3a\x30\73\40\144\151\x73\160\x6c\x61\171\x3a\x74\141\142\x6c\145\73\167\151\x64\164\150\72\x31\x30\x30\45\x3b\x20\146\157\x6e\164\x2d\x73\x69\x7a\145\x3a\x31\64\160\164\x3b\142\141\x63\x6b\147\x72\157\x75\x6e\x64\55\x63\x6f\x6c\157\x72\x3a\x23\105\x44\105\x44\x45\x44\73\42\x3e\xa\x9\11\x9\x9\11\11\74\x74\162\x20\x73\x74\x79\x6c\145\x3d\42\164\145\x78\x74\55\141\154\x69\147\x6e\x3a\143\145\156\x74\x65\x72\x3b\42\x3e\x3c\164\x64\40\x73\164\x79\x6c\x65\x3d\x22\x66\157\x6e\x74\55\x77\x65\151\x67\x68\164\x3a\142\157\154\144\73\142\157\x72\144\145\x72\72\x32\x70\170\40\163\x6f\154\151\144\x20\x23\x39\x34\71\60\71\x30\73\x70\141\x64\x64\151\156\147\x3a\x32\45\x3b\42\x3e\101\x54\124\122\x49\102\x55\124\105\x20\x4e\x41\x4d\105\74\x2f\164\x64\76\74\x74\144\x20\x73\x74\171\x6c\145\75\x22\146\x6f\x6e\x74\x2d\167\145\151\147\x68\x74\72\x62\x6f\154\x64\73\x70\141\x64\144\151\x6e\x67\72\x32\x25\73\x62\157\x72\144\x65\162\72\x32\x70\170\x20\x73\157\x6c\x69\x64\x20\x23\71\64\x39\x30\71\60\x3b\40\167\x6f\162\x64\x2d\167\162\x61\x70\x3a\142\x72\x65\x61\153\x2d\167\157\x72\x64\73\42\x3e\101\124\124\x52\111\102\125\x54\105\40\126\x41\114\x55\105\74\57\x74\144\x3e\74\x2f\164\x72\76";
if (!empty($f6)) {
goto LA;
}
echo "\116\x6f\x20\x41\164\164\162\151\142\x75\164\145\163\40\122\x65\x63\x65\151\166\145\144\x2e";
goto xt;
LA:
foreach ($f6 as $M3 => $Vz) {
echo "\74\x74\x72\76\74\x74\144\x20\x73\x74\x79\154\145\75\x27\x66\157\156\x74\x2d\167\x65\x69\147\x68\x74\x3a\x62\x6f\154\x64\x3b\142\157\x72\x64\x65\x72\72\x32\160\x78\x20\163\x6f\154\151\x64\40\43\71\x34\x39\x30\71\x30\73\160\141\x64\x64\151\156\x67\x3a\x32\x25\73\47\76" . $M3 . "\74\57\x74\144\x3e\x3c\x74\144\x20\163\164\x79\x6c\x65\x3d\x27\160\141\144\144\151\156\147\x3a\62\45\73\142\157\x72\x64\145\162\x3a\x32\x70\x78\40\x73\x6f\x6c\151\144\40\x23\71\64\x39\60\71\60\x3b\40\x77\157\x72\x64\55\x77\x72\141\160\x3a\142\x72\x65\x61\153\55\167\157\162\x64\73\47\x3e" . implode("\x3c\x68\x72\x2f\x3e", $Vz) . "\x3c\57\164\144\76\x3c\57\x74\162\76";
oB:
}
Wo:
xt:
echo "\x3c\57\x74\x61\x62\x6c\x65\x3e\74\57\x64\151\166\x3e";
echo "\x3c\144\x69\166\40\x73\x74\x79\154\x65\75\x22\155\x61\162\147\x69\x6e\x3a\63\45\x3b\144\x69\x73\160\154\141\171\72\x62\x6c\157\x63\153\x3b\x74\x65\x78\164\x2d\x61\x6c\151\147\156\x3a\x63\145\156\x74\145\162\x3b\42\x3e\74\x69\x6e\160\165\164\x20\x73\x74\x79\154\x65\x3d\x22\x70\x61\x64\144\151\x6e\x67\72\61\x25\x3b\x77\151\x64\x74\x68\72\x31\60\60\160\170\73\x62\x61\143\153\147\x72\x6f\165\x6e\144\x3a\40\x23\60\x30\71\x31\103\104\x20\156\157\x6e\x65\40\162\x65\x70\145\141\164\40\x73\143\x72\x6f\x6c\x6c\x20\60\45\x20\x30\45\73\x63\165\x72\x73\x6f\162\x3a\40\x70\157\x69\x6e\x74\145\162\73\x66\157\x6e\164\x2d\x73\x69\x7a\145\72\61\65\160\x78\x3b\142\x6f\x72\144\x65\x72\x2d\167\x69\144\164\x68\72\40\x31\160\x78\73\142\157\x72\144\145\x72\55\163\x74\171\154\x65\72\40\163\157\154\151\144\73\x62\157\x72\144\x65\162\x2d\162\x61\144\151\x75\163\x3a\x20\63\x70\x78\x3b\167\150\x69\x74\145\55\x73\x70\x61\x63\x65\72\40\x6e\x6f\x77\162\141\x70\x3b\142\157\x78\x2d\x73\151\x7a\151\156\147\x3a\x20\x62\157\x72\x64\145\x72\x2d\x62\x6f\170\73\142\157\x72\x64\x65\x72\x2d\143\157\154\157\162\x3a\40\x23\x30\60\x37\63\101\x41\73\142\157\x78\55\x73\150\x61\144\157\x77\72\x20\x30\x70\170\40\x31\160\170\x20\60\160\170\40\162\x67\x62\141\x28\61\x32\60\x2c\x20\62\x30\x30\54\40\62\x33\x30\54\x20\x30\56\66\x29\x20\x69\x6e\x73\x65\x74\73\x63\157\x6c\157\x72\x3a\40\43\x46\106\x46\73\x22\164\171\160\145\75\x22\142\165\x74\x74\x6f\x6e\42\x20\166\141\x6c\165\145\75\42\104\x6f\156\x65\x22\40\x6f\x6e\x43\154\151\143\153\75\42\163\145\x6c\146\56\x63\x6c\157\163\x65\x28\51\x3b\x22\76\x3c\x2f\x64\x69\166\76";
die;
}
function mo_saml_login_user($xv, $YS, $R1, $d8, $hh, $ci, $d0, $aQ, $VA = '', $dp = '', $f6 = null)
{
$tT = get_site_option("\155\157\137\163\141\x6d\x6c\137\163\x70\137\x62\141\x73\145\137\x75\x72\x6c");
global $wpdb;
$w1 = get_current_blog_id();
$cn = "\x75\156\x63\150\x65\143\153\145\144";
if (!empty($tT)) {
goto Qi;
}
$tT = network_site_url();
if (!(substr($tT, -1) == "\57")) {
goto rg;
}
$tT = substr($tT, 0, -1);
rg:
Qi:
if ($aQ == "\x75\163\x65\162\156\141\155\145" && username_exists($d8)) {
goto N7;
}
if (email_exists($xv) || username_exists($d8)) {
goto z9;
}
if (!username_exists($d8) && !email_exists($xv)) {
goto Zr;
}
goto RB;
N7:
$user = get_user_by("\154\157\147\151\156", $d8);
$cO = $user->ID;
if (empty($YS)) {
goto pE;
}
$cO = wp_update_user(array("\x49\104" => $cO, "\x66\x69\162\x73\164\x5f\156\x61\155\145" => $YS));
pE:
if (empty($R1)) {
goto Wk;
}
$cO = wp_update_user(array("\x49\x44" => $cO, "\x6c\x61\163\x74\137\156\x61\155\145" => $R1));
Wk:
if (empty($xv)) {
goto tI;
}
$cO = wp_update_user(array("\x49\x44" => $cO, "\165\163\x65\162\137\x65\155\x61\151\x6c" => $xv));
tI:
if (!get_site_option("\x6d\157\x5f\x73\141\x6d\154\137\143\165\x73\x74\157\x6d\137\x61\164\164\162\163\137\x6d\x61\x70\160\151\x6e\x67")) {
goto dJ;
}
$qa = get_site_option("\155\x6f\x5f\163\x61\155\154\x5f\143\165\x73\164\x6f\x6d\x5f\141\x74\x74\x72\163\x5f\x6d\141\160\160\x69\x6e\147");
foreach ($qa as $M3 => $Vz) {
if (!array_key_exists($Vz, $f6)) {
goto nu;
}
$OP = $f6[$Vz][0];
update_user_meta($cO, $M3, $OP);
nu:
PZ:
}
TH:
dJ:
$nP = $wpdb->get_col("\123\x45\114\x45\x43\x54\40\x62\x6c\157\147\137\151\144\40\106\x52\x4f\115\40{$wpdb->blogs}");
$ZS = get_site_option("\155\x6f\x5f\141\x70\x70\x6c\x79\137\162\157\154\x65\x5f\x6d\x61\x70\160\x69\x6e\147\x5f\146\x6f\162\x5f\163\x69\164\145\x73");
foreach ($nP as $blog_id) {
switch_to_blog($blog_id);
$user = get_user_by("\151\144", $cO);
$yb = '';
if ($ZS) {
goto a7;
}
$yb = $blog_id;
goto rk;
a7:
$yb = 0;
rk:
if (empty($ci)) {
goto Uh;
}
if (!empty($ci[$yb])) {
goto nq;
}
if (empty($ci["\104\x45\x46\x41\x55\x4c\124"])) {
goto GJ;
}
$YQ = $ci["\104\105\106\x41\x55\x4c\x54"]["\x64\x65\146\141\165\154\164\137\x72\157\154\x65"];
$F9 = $ci["\x44\105\106\101\125\114\124"]["\144\157\x6e\x74\137\141\x6c\154\x6f\x77\137\165\x6e\154\151\x73\x74\145\144\137\x75\163\x65\x72"];
$cn = $ci["\104\105\x46\x41\125\114\x54"]["\x64\157\x6e\x74\137\143\162\x65\141\x74\x65\x5f\165\163\x65\x72"];
$uM = $ci["\x44\x45\x46\x41\x55\x4c\x54"]["\153\x65\x65\160\137\145\170\151\163\164\x69\x6e\147\x5f\165\163\x65\162\163\x5f\x72\157\x6c\145"];
GJ:
goto jC;
nq:
$YQ = $ci[$yb]["\144\145\x66\x61\x75\154\x74\137\x72\157\x6c\x65"];
$F9 = $ci[$yb]["\144\157\156\164\x5f\141\154\x6c\157\x77\137\x75\156\x6c\151\163\164\145\144\137\x75\x73\145\x72"];
$cn = $ci[$yb]["\x64\157\x6e\x74\137\143\162\145\x61\164\145\137\x75\163\x65\162"];
$uM = array_key_exists("\153\145\x65\x70\x5f\145\170\x69\x73\x74\x69\x6e\147\x5f\165\x73\x65\x72\x73\137\162\x6f\154\145", $ci[$yb]) ? $ci[$yb]["\x6b\x65\145\x70\137\145\x78\151\163\x74\151\x6e\x67\x5f\165\163\x65\x72\163\137\162\x6f\x6c\145"] : '';
jC:
Uh:
if (!is_user_member_of_blog($cO, $blog_id)) {
goto rR;
}
if (isset($uM) && $uM == "\x63\150\145\x63\x6b\x65\144") {
goto di;
}
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
goto X_;
di:
$Xp = false;
X_:
if (!(!is_administrator_user($user) && !empty($cn) && $cn == "\x75\156\143\x68\x65\143\153\x65\x64")) {
goto mI;
}
if (isset($uM) && $uM == "\x63\x68\x65\x63\153\145\144") {
goto zM;
}
if ($Xp !== true && !empty($F9) && $F9 == "\x63\x68\145\143\x6b\x65\x64") {
goto FM;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "\x66\x61\x6c\163\145") {
goto cx;
}
if ($Xp !== true && is_user_member_of_blog($cO, $blog_id)) {
goto A4;
}
goto gi;
zM:
goto gi;
FM:
$cO = wp_update_user(array("\111\104" => $cO, "\x72\157\x6c\x65" => false));
goto gi;
cx:
$cO = wp_update_user(array("\111\x44" => $cO, "\x72\157\154\x65" => $YQ));
goto gi;
A4:
$lD = get_option("\144\x65\x66\141\165\x6c\x74\x5f\162\x6f\154\x65");
$cO = wp_update_user(array("\111\x44" => $cO, "\162\157\154\145" => $lD));
gi:
mI:
goto my;
rR:
$Ap = TRUE;
if (empty($ci)) {
goto rM;
}
if (array_key_exists($yb, $ci)) {
goto q3;
}
if (!array_key_exists("\104\105\x46\x41\x55\x4c\124", $ci)) {
goto e5;
}
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci["\104\x45\106\101\125\114\124"]["\x64\x6f\156\164\137\x63\x72\x65\141\x74\145\x5f\x75\163\x65\x72"], "\143\150\145\x63\153\145\144") == 0)) {
goto OB;
}
$Ap = FALSE;
OB:
e5:
goto ml;
q3:
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci[$yb]["\x64\157\x6e\164\137\x63\162\x65\141\164\145\x5f\x75\163\x65\x72"], "\143\x68\145\x63\153\x65\144") == 0)) {
goto SB;
}
$Ap = FALSE;
SB:
ml:
rM:
$UF = get_site_option("\145\x6e\141\x62\154\x65\137\163\141\x6d\x6c\x5f\x73\x73\x6f\x5f\x66\157\x72\x5f\x73\x69\x74\145\163");
if (!(!empty($UF) && !in_array($blog_id, $UF))) {
goto gC;
}
$Ap = FALSE;
gC:
if (!$Ap) {
goto E0;
}
add_user_to_blog($blog_id, $cO, false);
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
if ($Xp !== true && !empty($F9) && $F9 == "\143\150\x65\143\153\145\144") {
goto pg;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "\x66\x61\154\x73\145") {
goto m4;
}
if ($Xp !== true) {
goto rA;
}
goto wv;
pg:
$cO = wp_update_user(array("\x49\x44" => $cO, "\x72\157\x6c\x65" => false));
goto wv;
m4:
$cO = wp_update_user(array("\111\104" => $cO, "\162\157\x6c\x65" => $YQ));
goto wv;
rA:
$lD = get_option("\x64\x65\146\141\x75\x6c\x74\137\x72\x6f\154\145");
$cO = wp_update_user(array("\111\104" => $cO, "\162\x6f\154\x65" => $lD));
wv:
E0:
my:
zW:
}
d7:
switch_to_blog($w1);
if (is_null($f6)) {
goto eg;
}
update_user_meta($cO, "\x6d\x6f\x5f\x73\x61\155\x6c\137\x75\163\145\162\x5f\x61\164\x74\162\151\x62\165\164\x65\163", $f6);
$W4 = get_site_option("\x73\141\x6d\x6c\137\141\155\x5f\x64\151\x73\160\154\x61\x79\137\x6e\x61\x6d\145");
if (empty($W4)) {
goto QM;
}
if (strcmp($W4, "\125\123\x45\122\x4e\x41\x4d\105") == 0) {
goto ZP;
}
if (strcmp($W4, "\x46\116\x41\x4d\105") == 0 && !empty($YS)) {
goto Jj;
}
if (strcmp($W4, "\x4c\x4e\101\x4d\x45") == 0 && !empty($R1)) {
goto nR;
}
if (strcmp($W4, "\106\116\x41\x4d\x45\137\x4c\116\101\115\105") == 0 && !empty($R1) && !empty($YS)) {
goto wN;
}
if (!(strcmp($W4, "\114\x4e\101\x4d\x45\x5f\x46\x4e\x41\x4d\105") == 0 && !empty($R1) && !empty($YS))) {
goto oz;
}
$cO = wp_update_user(array("\111\104" => $cO, "\x64\x69\x73\x70\154\141\171\x5f\156\x61\x6d\145" => $R1 . "\40" . $YS));
oz:
goto nZ;
wN:
$cO = wp_update_user(array("\111\x44" => $cO, "\144\151\163\160\x6c\141\x79\137\156\x61\x6d\x65" => $YS . "\x20" . $R1));
nZ:
goto F_;
nR:
$cO = wp_update_user(array("\x49\x44" => $cO, "\144\151\x73\x70\x6c\141\171\x5f\156\x61\x6d\145" => $R1));
F_:
goto ST;
Jj:
$cO = wp_update_user(array("\111\x44" => $cO, "\x64\151\x73\x70\154\141\171\x5f\x6e\141\155\145" => $YS));
ST:
goto Xt;
ZP:
$cO = wp_update_user(array("\x49\104" => $cO, "\x64\151\163\x70\x6c\141\171\x5f\x6e\141\155\x65" => $user->user_login));
Xt:
QM:
eg:
wp_set_current_user($cO);
wp_set_auth_cookie($cO, true);
if (empty($VA)) {
goto R2;
}
update_user_meta($cO, "\x6d\x6f\x5f\163\141\x6d\154\137\x73\145\x73\x73\151\x6f\156\137\x69\x6e\144\x65\x78", $VA);
R2:
if (empty($dp)) {
goto QQ;
}
update_user_meta($cO, "\155\157\137\x73\141\x6d\x6c\x5f\156\141\x6d\x65\137\x69\x64", $dp);
QQ:
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto KD;
}
session_start();
KD:
$_SESSION["\x6d\x6f\137\x73\141\155\154"]["\x6c\x6f\147\147\x65\144\x5f\151\x6e\x5f\x77\x69\x74\150\137\x69\x64\160"] = TRUE;
$Dp = get_site_option("\155\x6f\x5f\x73\x61\x6d\154\137\162\x65\154\141\x79\x5f\163\x74\141\164\145");
if (!empty($Dp)) {
goto lr;
}
if (!empty($d0)) {
goto TU;
}
wp_redirect($tT);
goto H6;
lr:
wp_redirect($Dp);
goto H6;
TU:
wp_redirect($d0);
H6:
die;
goto RB;
z9:
if (email_exists($xv)) {
goto jU;
}
$user = get_user_by("\154\x6f\147\151\156", $d8);
goto DQ;
jU:
$user = get_user_by("\145\x6d\141\151\x6c", $xv);
DQ:
$cO = $user->ID;
if (empty($YS)) {
goto SZ;
}
$cO = wp_update_user(array("\x49\104" => $cO, "\x66\151\x72\x73\164\x5f\156\x61\x6d\145" => $YS));
SZ:
if (empty($R1)) {
goto ie;
}
$cO = wp_update_user(array("\111\x44" => $cO, "\154\x61\163\x74\137\x6e\141\x6d\x65" => $R1));
ie:
if (!get_site_option("\155\x6f\x5f\163\141\x6d\154\137\x63\165\163\164\x6f\155\137\141\164\164\162\x73\x5f\x6d\141\160\x70\151\x6e\x67")) {
goto NH;
}
$qa = get_site_option("\155\x6f\x5f\x73\141\x6d\154\x5f\x63\165\163\164\157\x6d\x5f\x61\164\x74\x72\x73\x5f\155\141\160\x70\x69\156\x67");
foreach ($qa as $M3 => $Vz) {
if (!array_key_exists($Vz, $f6)) {
goto Pv;
}
$OP = $f6[$Vz][0];
update_user_meta($cO, $M3, $OP);
Pv:
Tp:
}
pf:
NH:
$nP = $wpdb->get_col("\x53\x45\x4c\105\x43\x54\40\142\154\x6f\x67\x5f\151\x64\40\x46\122\x4f\115\40{$wpdb->blogs}");
$ZS = get_site_option("\155\157\x5f\141\x70\x70\154\x79\137\x72\157\154\145\137\x6d\141\160\160\151\x6e\147\x5f\x66\x6f\162\137\x73\151\x74\145\x73");
foreach ($nP as $blog_id) {
switch_to_blog($blog_id);
$user = get_user_by("\151\144", $cO);
$yb = '';
if ($ZS) {
goto cQ;
}
$yb = $blog_id;
goto Va;
cQ:
$yb = 0;
Va:
if (empty($ci)) {
goto mp;
}
if (!empty($ci[$yb])) {
goto X0;
}
if (empty($ci["\x44\x45\x46\x41\125\114\x54"])) {
goto Pt;
}
$YQ = $ci["\x44\x45\x46\101\x55\114\x54"]["\144\x65\x66\141\x75\x6c\164\137\162\157\154\145"];
$F9 = $ci["\x44\105\106\101\125\x4c\x54"]["\x64\x6f\156\x74\x5f\x61\x6c\x6c\157\x77\137\165\156\154\151\x73\x74\x65\144\x5f\x75\163\145\162"];
$cn = $ci["\x44\x45\106\101\x55\x4c\x54"]["\x64\157\x6e\x74\137\x63\162\145\x61\x74\145\x5f\x75\x73\x65\x72"];
$uM = $ci["\104\x45\106\101\125\114\x54"]["\x6b\x65\x65\160\137\145\170\x69\x73\164\x69\156\147\137\x75\x73\x65\x72\x73\x5f\x72\x6f\x6c\x65"];
Pt:
goto Dj;
X0:
$YQ = $ci[$yb]["\144\x65\146\141\x75\154\164\137\x72\157\154\145"];
$F9 = $ci[$yb]["\x64\x6f\x6e\164\137\x61\154\154\x6f\167\137\165\156\154\x69\x73\164\145\144\137\165\163\x65\x72"];
$cn = $ci[$yb]["\144\x6f\156\164\x5f\x63\x72\x65\x61\164\145\x5f\165\x73\x65\x72"];
$uM = array_key_exists("\x6b\x65\x65\160\137\145\170\151\163\x74\151\156\x67\137\165\163\145\x72\x73\137\162\157\x6c\x65", $ci[$yb]) ? $ci[$yb]["\x6b\x65\x65\x70\x5f\145\x78\151\163\x74\x69\x6e\147\137\x75\163\145\x72\163\137\x72\x6f\x6c\x65"] : '';
Dj:
mp:
if (!is_user_member_of_blog($cO, $blog_id)) {
goto oK;
}
if (isset($uM) && $uM == "\x63\150\145\x63\153\145\144") {
goto ja;
}
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
goto DL;
ja:
$Xp = false;
DL:
if (!(!is_administrator_user($user) && !empty($cn) && $cn == "\165\156\x63\x68\x65\x63\153\x65\x64")) {
goto nk;
}
if (isset($uM) && $uM == "\143\150\x65\143\153\145\x64") {
goto sx;
}
if ($Xp !== true && !empty($F9) && $F9 == "\x63\x68\145\x63\153\145\144") {
goto Sr;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "\x66\x61\154\163\x65") {
goto hn;
}
if ($Xp !== true && is_user_member_of_blog($cO, $blog_id)) {
goto ET;
}
goto Uw;
sx:
goto Uw;
Sr:
$cO = wp_update_user(array("\111\104" => $cO, "\162\x6f\154\145" => false));
goto Uw;
hn:
$cO = wp_update_user(array("\111\104" => $cO, "\x72\157\x6c\145" => $YQ));
goto Uw;
ET:
$lD = get_option("\x64\x65\146\x61\165\154\164\x5f\162\x6f\x6c\145");
$cO = wp_update_user(array("\111\x44" => $cO, "\x72\157\x6c\x65" => $lD));
Uw:
nk:
goto ID;
oK:
$Ap = TRUE;
if (empty($ci)) {
goto X2;
}
if (array_key_exists($yb, $ci)) {
goto Jf;
}
if (!array_key_exists("\104\105\106\101\x55\114\x54", $ci)) {
goto tB;
}
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci["\104\105\106\101\x55\x4c\124"]["\144\157\x6e\x74\137\x63\162\x65\141\x74\x65\137\x75\163\x65\x72"], "\x63\x68\x65\x63\x6b\145\x64") == 0)) {
goto yK;
}
$Ap = FALSE;
yK:
tB:
goto gZ;
Jf:
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci[$yb]["\x64\157\156\x74\137\x63\162\x65\141\164\145\137\165\163\145\x72"], "\143\x68\x65\143\x6b\x65\x64") == 0)) {
goto DD;
}
$Ap = FALSE;
DD:
gZ:
X2:
$UF = get_site_option("\x65\156\141\x62\x6c\145\x5f\163\141\x6d\x6c\x5f\x73\x73\157\137\x66\x6f\162\137\163\151\x74\145\163");
if (!(!empty($UF) && !in_array($blog_id, $UF))) {
goto dM;
}
$Ap = FALSE;
dM:
if (!$Ap) {
goto ob;
}
add_user_to_blog($blog_id, $cO, false);
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
if ($Xp !== true && !empty($F9) && $F9 == "\143\x68\145\x63\x6b\x65\144") {
goto pl;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "\146\141\154\163\145") {
goto N8;
}
if ($Xp !== true) {
goto Lm;
}
goto ZH;
pl:
$cO = wp_update_user(array("\111\x44" => $cO, "\x72\157\x6c\145" => false));
goto ZH;
N8:
$cO = wp_update_user(array("\111\x44" => $cO, "\162\x6f\x6c\145" => $YQ));
goto ZH;
Lm:
$lD = get_option("\144\x65\146\x61\165\154\164\137\x72\x6f\154\x65");
$cO = wp_update_user(array("\x49\x44" => $cO, "\162\x6f\x6c\145" => $lD));
ZH:
ob:
ID:
gr:
}
Pw:
switch_to_blog($w1);
if (is_null($f6)) {
goto dB;
}
update_user_meta($cO, "\155\x6f\137\163\141\x6d\154\137\165\163\145\x72\137\141\x74\x74\162\151\142\165\x74\x65\x73", $f6);
$W4 = get_site_option("\x73\141\155\x6c\x5f\141\x6d\x5f\144\x69\x73\x70\154\141\x79\x5f\156\x61\155\145");
if (empty($W4)) {
goto LY;
}
if (strcmp($W4, "\x55\x53\105\122\x4e\101\115\105") == 0) {
goto bU;
}
if (strcmp($W4, "\x46\x4e\x41\x4d\x45") == 0 && !empty($YS)) {
goto IO;
}
if (strcmp($W4, "\x4c\x4e\x41\x4d\x45") == 0 && !empty($R1)) {
goto mP;
}
if (strcmp($W4, "\x46\116\101\115\105\137\114\116\101\x4d\105") == 0 && !empty($R1) && !empty($YS)) {
goto K9;
}
if (!(strcmp($W4, "\114\116\101\x4d\105\137\x46\x4e\x41\115\105") == 0 && !empty($R1) && !empty($YS))) {
goto Vv;
}
$cO = wp_update_user(array("\x49\x44" => $cO, "\144\151\163\160\154\141\171\x5f\156\x61\x6d\145" => $R1 . "\40" . $YS));
Vv:
goto Aq;
K9:
$cO = wp_update_user(array("\x49\104" => $cO, "\x64\x69\x73\160\154\141\171\137\x6e\x61\x6d\x65" => $YS . "\x20" . $R1));
Aq:
goto Jl;
mP:
$cO = wp_update_user(array("\111\x44" => $cO, "\144\x69\x73\160\154\x61\x79\137\156\x61\x6d\x65" => $R1));
Jl:
goto ZM;
IO:
$cO = wp_update_user(array("\x49\x44" => $cO, "\144\x69\163\160\x6c\141\171\137\x6e\141\155\x65" => $YS));
ZM:
goto iC;
bU:
$cO = wp_update_user(array("\x49\104" => $cO, "\144\151\x73\x70\x6c\x61\x79\x5f\x6e\141\x6d\145" => $user->user_login));
iC:
LY:
dB:
wp_set_current_user($cO);
wp_set_auth_cookie($cO, true);
if (empty($VA)) {
goto a5;
}
update_user_meta($cO, "\155\x6f\x5f\x73\141\155\154\137\163\145\163\163\x69\x6f\x6e\137\x69\x6e\144\145\170", $VA);
a5:
if (empty($dp)) {
goto eb;
}
update_user_meta($cO, "\155\157\137\x73\141\155\x6c\x5f\x6e\141\155\145\x5f\x69\x64", $dp);
eb:
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto n9;
}
session_start();
n9:
$_SESSION["\155\x6f\137\x73\x61\155\x6c"]["\x6c\157\x67\147\145\x64\x5f\x69\156\x5f\x77\x69\164\x68\137\151\x64\x70"] = TRUE;
$Dp = get_site_option("\155\x6f\137\163\x61\x6d\x6c\x5f\x72\x65\x6c\x61\171\137\x73\x74\141\164\145");
if (!empty($Dp)) {
goto VT;
}
if (!empty($d0)) {
goto sD;
}
wp_redirect($tT);
goto xU;
VT:
wp_redirect($Dp);
goto xU;
sD:
wp_redirect($d0);
xU:
die;
goto RB;
Zr:
$wK = NULL;
$nP = $wpdb->get_col("\x53\105\114\x45\x43\124\x20\142\154\157\x67\x5f\151\x64\x20\x46\x52\x4f\115\40{$wpdb->blogs}");
$ZS = get_site_option("\x6d\x6f\137\x61\x70\160\154\171\x5f\162\157\x6c\x65\x5f\x6d\141\x70\x70\x69\x6e\x67\x5f\146\157\162\137\163\x69\164\x65\163");
foreach ($nP as $blog_id) {
$qV = TRUE;
$yb = '';
if ($ZS) {
goto A_;
}
$yb = $blog_id;
goto Ev;
A_:
$yb = 0;
Ev:
if (empty($ci)) {
goto LH;
}
if (!empty($ci[$yb])) {
goto zQ;
}
if (empty($ci["\x44\105\x46\101\x55\x4c\124"])) {
goto aW;
}
$YQ = $ci["\x44\105\106\101\x55\114\x54"]["\x64\x65\x66\141\165\x6c\164\x5f\x72\157\x6c\x65"];
$F9 = $ci["\x44\x45\x46\x41\125\114\x54"]["\x64\157\x6e\164\x5f\x61\154\154\157\x77\137\x75\x6e\154\x69\163\x74\145\x64\x5f\x75\163\x65\162"];
$uM = $ci["\104\x45\106\x41\125\114\x54"]["\x6b\x65\145\160\137\x65\170\151\163\164\x69\x6e\147\137\165\x73\145\162\x73\x5f\x72\157\x6c\x65"];
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci["\x44\105\x46\x41\125\x4c\124"]["\x64\x6f\x6e\x74\x5f\143\162\145\x61\164\145\x5f\x75\163\x65\x72"], "\143\x68\x65\x63\x6b\x65\144") == 0)) {
goto Ar;
}
$qV = FALSE;
Ar:
aW:
goto oE;
zQ:
$YQ = $ci[$yb]["\x64\145\x66\x61\165\x6c\164\x5f\162\x6f\x6c\x65"];
$F9 = $ci[$yb]["\144\157\x6e\x74\137\x61\154\x6c\x6f\x77\137\165\156\x6c\x69\x73\164\x65\144\137\x75\x73\x65\x72"];
$uM = array_key_exists("\153\145\x65\x70\137\x65\170\x69\x73\164\x69\156\147\x5f\x75\163\145\x72\163\137\162\157\x6c\145", $ci[$yb]) ? $ci[$yb]["\153\x65\x65\160\x5f\145\170\x69\x73\x74\x69\156\x67\x5f\x75\x73\x65\x72\163\137\x72\157\154\145"] : '';
$Ml = get_saml_roles_to_assign($ci, $yb, $hh);
if (!(empty($Ml) && strcmp($ci[$yb]["\x64\x6f\156\x74\x5f\143\x72\145\141\x74\145\x5f\165\x73\145\162"], "\x63\150\x65\x63\153\145\x64") == 0)) {
goto GT;
}
$qV = FALSE;
GT:
oE:
LH:
$UF = get_site_option("\145\156\141\x62\x6c\x65\x5f\163\x61\x6d\x6c\137\163\163\x6f\x5f\146\157\162\x5f\x73\151\x74\145\x73");
if (!(!empty($UF) && !in_array($blog_id, $UF))) {
goto Zb;
}
$qV = FALSE;
Zb:
if (!$qV) {
goto tE;
}
$cO = NULL;
switch_to_blog($blog_id);
if (email_exists($xv)) {
goto s3;
}
$t7 = wp_generate_password(10, false);
if (!empty($d8)) {
goto Z4;
}
if (username_exists($xv)) {
goto tZ;
}
$cO = wp_create_user($xv, $t7, $xv);
goto MV;
tZ:
$user = get_user_by("\154\x6f\147\x69\x6e", $xv);
$cO = $user->ID;
add_user_to_blog($blog_id, $cO, false);
MV:
if (!is_wp_error($cO)) {
goto bh;
}
echo "\x3c\163\164\x72\x6f\x6e\x67\x3e\105\x52\x52\x4f\122\x3c\x2f\x73\x74\x72\x6f\x6e\x67\76\72\x20\105\x6d\x70\164\171\x20\125\163\145\x72\40\116\x61\155\x65\40\x61\156\144\x20\x45\x6d\141\151\154\x2e\x20\120\x6c\x65\141\x73\145\40\x63\x6f\156\x74\141\x63\164\x20\171\157\165\x72\x20\x61\x64\x6d\x69\x6e\151\x73\164\162\141\x74\157\162\56";
die;
bh:
goto v0;
Z4:
if (username_exists($d8)) {
goto Be;
}
$cO = wp_create_user($d8, $t7, $xv);
goto q_;
Be:
$user = get_user_by("\154\x6f\x67\151\x6e", $d8);
$cO = $user->ID;
add_user_to_blog($blog_id, $cO, false);
q_:
if (!is_wp_error($cO)) {
goto Gs;
}
echo "\x3c\x73\x74\x72\x6f\156\147\x3e\x45\x52\122\117\122\74\x2f\x73\164\x72\x6f\x6e\x67\x3e\x3a\x20\x45\x6d\160\x74\171\x20\125\x73\145\162\40\116\141\x6d\145\40\x61\x6e\x64\40\x45\x6d\141\x69\x6c\56\x20\x50\x6c\145\x61\163\x65\40\143\x6f\156\164\141\143\164\x20\x79\x6f\x75\x72\x20\141\144\155\151\x6e\x69\163\x74\162\x61\x74\x6f\x72\x2e";
die;
Gs:
v0:
goto Cq;
s3:
$user = get_user_by("\145\x6d\141\151\154", $xv);
$cO = $user->ID;
add_user_to_blog($blog_id, $cO, false);
Cq:
$user = get_user_by("\x69\144", $cO);
$wK = $user;
$Xp = assign_roles_to_user($user, $ci, $blog_id, $hh, $yb);
if ($Xp !== true && !empty($F9) && $F9 == "\143\x68\145\x63\x6b\x65\x64") {
goto nL;
}
if ($Xp !== true && !empty($YQ) && $YQ !== "\x66\x61\x6c\x73\145") {
goto o7;
}
if ($Xp !== true) {
goto XC;
}
goto Yf;
nL:
$cO = wp_update_user(array("\111\x44" => $cO, "\x72\x6f\x6c\x65" => false));
goto Yf;
o7:
$cO = wp_update_user(array("\111\x44" => $cO, "\162\157\x6c\145" => $YQ));
goto Yf;
XC:
$lD = get_option("\144\145\x66\x61\x75\x6c\x74\137\162\157\x6c\145");
$cO = wp_update_user(array("\111\104" => $cO, "\162\x6f\154\x65" => $lD));
Yf:
$su = $user->{$wpdb->prefix . "\x63\x61\x70\x61\142\151\x6c\151\164\x69\145\x73"};
if (isset($hE)) {
goto Gx;
}
$hE = new WP_Roles();
Gx:
if (empty($YS)) {
goto GQ;
}
$cO = wp_update_user(array("\111\x44" => $cO, "\x66\151\162\x73\164\x5f\156\141\155\145" => $YS));
GQ:
if (empty($R1)) {
goto E4;
}
$cO = wp_update_user(array("\111\104" => $cO, "\154\x61\x73\x74\137\x6e\141\x6d\145" => $R1));
E4:
if (is_null($f6)) {
goto OZ;
}
update_user_meta($cO, "\x6d\x6f\137\163\x61\x6d\154\137\165\163\x65\162\137\x61\164\x74\x72\151\142\x75\164\x65\x73", $f6);
$W4 = get_site_option("\163\141\155\x6c\x5f\141\155\x5f\144\151\x73\160\154\141\171\137\156\141\155\x65");
if (empty($W4)) {
goto Ce;
}
if (strcmp($W4, "\125\x53\x45\122\x4e\x41\115\x45") == 0) {
goto i4;
}
if (strcmp($W4, "\x46\116\101\x4d\105") == 0 && !empty($YS)) {
goto Mt;
}
if (strcmp($W4, "\x4c\116\101\115\105") == 0 && !empty($R1)) {
goto GP;
}
if (strcmp($W4, "\x46\116\x41\x4d\105\137\114\x4e\101\115\105") == 0 && !empty($R1) && !empty($YS)) {
goto y8;
}
if (!(strcmp($W4, "\114\116\x41\x4d\x45\x5f\106\x4e\101\x4d\105") == 0 && !empty($R1) && !empty($YS))) {
goto yz;
}
$cO = wp_update_user(array("\111\104" => $cO, "\x64\151\163\160\x6c\141\x79\x5f\x6e\141\x6d\x65" => $R1 . "\x20" . $YS));
yz:
goto KH;
y8:
$cO = wp_update_user(array("\x49\104" => $cO, "\x64\x69\163\160\154\141\171\137\156\x61\x6d\x65" => $YS . "\40" . $R1));
KH:
goto at;
GP:
$cO = wp_update_user(array("\111\x44" => $cO, "\144\x69\x73\160\154\x61\x79\x5f\x6e\x61\155\145" => $R1));
at:
goto e2;
Mt:
$cO = wp_update_user(array("\111\104" => $cO, "\x64\x69\163\x70\x6c\141\171\x5f\x6e\141\155\x65" => $YS));
e2:
goto V5;
i4:
$cO = wp_update_user(array("\x49\104" => $cO, "\x64\x69\163\160\154\141\171\x5f\x6e\141\155\145" => $user->user_login));
V5:
Ce:
OZ:
tE:
Ds:
}
IN:
switch_to_blog($w1);
if ($wK !== NULL) {
goto r0;
}
wp_die("\x57\145\40\x63\x6f\165\x6c\144\x20\x6e\x6f\164\40\163\x69\x67\156\40\171\157\x75\40\151\156\56\x20\120\x6c\x65\x61\x73\145\x20\x63\157\x6e\164\141\x63\164\40\141\x64\x6d\x69\x6e\x69\163\x74\162\x61\164\157\x72", "\x4c\157\147\151\156\x20\106\x61\151\154\x65\x64\x21");
goto uC;
r0:
$cO = $wK->ID;
wp_set_current_user($cO);
wp_set_auth_cookie($cO, true);
if (empty($VA)) {
goto hE;
}
update_user_meta($cO, "\155\x6f\137\163\141\155\154\137\163\x65\x73\163\151\x6f\x6e\137\151\156\x64\145\x78", $VA);
hE:
if (empty($dp)) {
goto wh;
}
update_user_meta($cO, "\155\x6f\137\x73\x61\x6d\x6c\x5f\x6e\141\x6d\145\137\151\144", $dp);
wh:
if (!get_site_option("\x6d\157\x5f\x73\141\155\x6c\137\143\165\x73\x74\157\x6d\137\141\164\164\x72\163\137\155\141\160\160\151\156\147")) {
goto ui;
}
$qa = get_site_option("\155\x6f\x5f\163\141\x6d\154\137\x63\x75\x73\164\x6f\155\x5f\x61\164\164\162\163\x5f\x6d\141\160\x70\151\156\x67");
foreach ($qa as $M3 => $Vz) {
if (!array_key_exists($Vz, $f6)) {
goto pG;
}
$OP = $f6[$Vz][0];
update_user_meta($cO, $M3, $OP);
pG:
JH:
}
Zp:
ui:
if (!(!session_id() || session_id() == '' || !isset($_SESSION))) {
goto l8;
}
session_start();
l8:
$_SESSION["\x6d\x6f\137\x73\141\155\154"]["\154\157\x67\x67\145\x64\x5f\151\156\x5f\167\151\x74\x68\x5f\151\x64\160"] = TRUE;
uC:
$Dp = get_site_option("\155\157\137\163\x61\155\x6c\x5f\x72\x65\x6c\x61\171\137\163\164\x61\164\x65");
if (!empty($Dp)) {
goto xu;
}
if (!empty($d0)) {
goto T3;
}
wp_redirect($tT);
goto jK;
xu:
wp_redirect($Dp);
goto jK;
T3:
wp_redirect($d0);
jK:
die;
RB:
}
function check_if_user_allowed_to_login($user, $tT)
{
$cO = $user->ID;
global $wpdb;
if (get_user_meta($cO, "\x6d\x6f\137\x73\141\155\x6c\x5f\165\x73\x65\x72\137\x74\x79\160\x65", true)) {
goto ib;
}
if (get_site_option("\155\x6f\137\x73\x61\155\x6c\x5f\165\x73\162\137\x6c\x6d\164")) {
goto dp;
}
update_user_meta($cO, "\x6d\157\x5f\163\x61\155\x6c\x5f\x75\x73\x65\x72\137\164\171\x70\x65", "\x73\x73\x6f\137\165\x73\145\x72");
goto g4;
dp:
$M3 = get_site_option("\x6d\157\137\163\141\x6d\x6c\x5f\x63\x75\163\x74\x6f\155\145\162\137\x74\x6f\153\x65\156");
$D7 = AESEncryption::decrypt_data(get_site_option("\155\157\137\x73\x61\155\154\x5f\x75\163\162\x5f\154\155\x74"), $M3);
$lm = "\x53\x45\114\105\103\124\x20\103\117\x55\116\124\50\x2a\x29\40\x46\122\x4f\115\40" . $wpdb->prefix . "\x75\163\x65\x72\155\145\x74\141\40\127\x48\x45\x52\105\40\155\x65\x74\141\x5f\153\145\x79\75\47\x6d\157\x5f\x73\141\x6d\154\x5f\165\x73\x65\162\x5f\164\x79\x70\145\47";
$Wt = $wpdb->get_var($lm);
if ($Wt >= $D7) {
goto Pl;
}
update_user_meta($cO, "\155\157\137\x73\141\x6d\154\x5f\165\163\x65\162\x5f\x74\171\x70\x65", "\x73\163\157\137\x75\x73\x65\x72");
goto Z_;
Pl:
if (get_site_option("\165\163\x65\162\137\x61\154\145\x72\x74\137\x65\x6d\x61\x69\x6c\x5f\x73\145\156\164")) {
goto Sq;
}
$kh = new Customersaml();
$kh->mo_saml_send_user_exceeded_alert_email($D7);
Sq:
if (is_administrator_user($user)) {
goto Ag;
}
wp_redirect($tT);
die;
goto UJ;
Ag:
update_user_meta($cO, "\x6d\157\x5f\163\x61\155\x6c\137\x75\x73\145\x72\x5f\164\171\160\x65", "\x73\163\x6f\x5f\x75\163\x65\x72");
UJ:
Z_:
g4:
ib:
}
function assign_roles_to_user($user, $ci, $blog_id, $hh, $yb)
{
$Xp = false;
if (!(!empty($hh) && !empty($ci) && !is_administrator_user($user) && !is_super_admin($user->ID) && is_user_member_of_blog($user->ID, $blog_id))) {
goto BH;
}
if (!empty($ci[$yb])) {
goto nr;
}
if (empty($ci["\104\x45\106\x41\125\114\124"])) {
goto mo;
}
$user->set_role(false);
$U3 = '';
$nr = false;
unset($ci["\104\x45\106\x41\x55\x4c\x54"]["\x64\145\x66\141\165\x6c\x74\137\162\x6f\154\x65"]);
unset($ci["\x44\x45\106\x41\125\x4c\x54"]["\x64\157\x6e\x74\137\143\162\x65\141\164\x65\137\165\163\x65\x72"]);
unset($ci["\x44\105\x46\101\x55\114\124"]["\144\x6f\156\164\137\x61\154\154\x6f\167\137\x75\x6e\154\151\x73\x74\x65\x64\x5f\165\x73\x65\162"]);
foreach ($ci["\104\x45\106\101\125\x4c\124"] as $ag => $xf) {
$Po = explode("\73", $xf);
foreach ($Po as $Ue) {
if (!in_array($Ue, $hh)) {
goto MC;
}
$Xp = true;
$user->add_role($ag);
MC:
ha:
}
b_:
Xh:
}
Rl:
mo:
goto hr;
nr:
$user->set_role(false);
$U3 = '';
$nr = false;
unset($ci[$yb]["\x64\145\x66\141\165\x6c\164\137\162\157\x6c\x65"]);
unset($ci[$yb]["\144\x6f\x6e\164\x5f\143\162\x65\x61\x74\145\137\x75\163\145\x72"]);
unset($ci[$yb]["\x64\x6f\156\x74\x5f\x61\154\154\x6f\x77\137\165\156\x6c\151\163\x74\145\144\x5f\165\x73\x65\x72"]);
foreach ($ci[$yb] as $ag => $xf) {
$Po = explode("\x3b", $xf);
foreach ($Po as $Ue) {
if (!in_array($Ue, $hh)) {
goto NK;
}
$Xp = true;
$user->add_role($ag);
NK:
af:
}
iF1:
zg:
}
TX:
hr:
BH:
$gW = get_site_option("\x6d\157\137\163\141\x6d\x6c\x5f\163\165\x70\x65\x72\x5f\x61\144\x6d\x69\156\137\x72\157\x6c\145\x5f\x6d\141\160\160\151\x6e\x67");
$t_ = explode("\73", $gW);
if (!(!empty($hh) && !empty($t_))) {
goto s5;
}
foreach ($t_ as $Ue) {
if (!in_array($Ue, $hh)) {
goto wK;
}
grant_super_admin($user->ID);
wK:
i0:
}
Ru:
s5:
return $Xp;
}
function get_saml_roles_to_assign($ci, $blog_id, $hh)
{
$Ml = array();
if (!(!empty($hh) && !empty($ci))) {
goto N0;
}
if (!empty($ci[$blog_id])) {
goto nQ;
}
if (empty($ci["\x44\105\x46\x41\125\x4c\124"])) {
goto DJ;
}
unset($ci["\x44\105\x46\x41\x55\x4c\124"]["\144\145\146\141\165\x6c\x74\137\162\x6f\x6c\x65"]);
unset($ci["\x44\105\106\101\125\114\x54"]["\x64\157\x6e\x74\x5f\x63\162\145\x61\164\x65\x5f\165\163\145\162"]);
unset($ci["\x44\x45\x46\x41\x55\114\124"]["\144\157\156\x74\137\141\x6c\x6c\x6f\x77\x5f\x75\x6e\x6c\151\163\x74\x65\x64\x5f\165\163\x65\x72"]);
foreach ($ci["\104\105\x46\101\x55\x4c\124"] as $ag => $xf) {
$Po = explode("\x3b", $xf);
foreach ($Po as $Ue) {
if (!in_array($Ue, $hh)) {
goto OI;
}
array_push($Ml, $ag);
OI:
A9:
}
Wm:
RV:
}
ra:
DJ:
goto MM;
nQ:
unset($ci[$blog_id]["\x64\145\x66\141\x75\154\x74\137\x72\x6f\x6c\145"]);
unset($ci[$blog_id]["\144\157\x6e\164\x5f\143\162\x65\141\164\x65\x5f\165\x73\x65\162"]);
unset($ci[$blog_id]["\x64\x6f\x6e\x74\x5f\x61\154\x6c\x6f\167\x5f\x75\156\154\151\163\164\x65\144\137\x75\x73\x65\x72"]);
foreach ($ci[$blog_id] as $ag => $xf) {
$Po = explode("\x3b", $xf);
foreach ($Po as $Ue) {
if (!in_array($Ue, $hh)) {
goto BD;
}
array_push($Ml, $ag);
BD:
l1:
}
KP:
Hi:
}
HC:
MM:
N0:
return $Ml;
}
function is_administrator_user($user)
{
$Zz = $user->roles;
if (!is_null($Zz) && in_array("\x61\144\155\x69\x6e\x69\163\x74\x72\x61\164\157\162", $Zz)) {
goto io;
}
return false;
goto Lr;
io:
return true;
Lr:
}
function mo_saml_is_customer_registered()
{
$y9 = get_site_option("\155\x6f\137\163\141\155\154\137\x61\144\x6d\x69\x6e\137\x65\x6d\141\x69\x6c");
$Tm = get_site_option("\x6d\157\137\163\141\155\154\x5f\x61\144\x6d\x69\x6e\137\143\x75\x73\x74\157\155\x65\162\x5f\153\145\x79");
if (!$y9 || !$Tm || !is_numeric(trim($Tm))) {
goto Po;
}
return 1;
goto GA;
Po:
return 0;
GA:
}
function mo_saml_is_customer_license_verified()
{
$M3 = get_site_option("\x6d\157\137\x73\141\155\x6c\x5f\143\x75\x73\164\x6f\x6d\145\x72\137\x74\157\153\145\156");
$It = AESEncryption::decrypt_data(get_site_option("\164\137\163\x69\164\x65\137\163\164\x61\x74\165\163"), $M3);
$cI = get_site_option("\163\x6d\x6c\137\x6c\153");
$y9 = get_site_option("\155\x6f\137\x73\141\x6d\x6c\137\141\x64\x6d\x69\x6e\x5f\145\155\141\151\x6c");
$Tm = get_site_option("\155\x6f\x5f\163\x61\155\x6c\137\x61\x64\x6d\x69\156\x5f\143\x75\x73\x74\157\155\145\x72\137\x6b\x65\x79");
$Bx = AESEncryption::decrypt_data(get_site_option("\156\157\x5f\163\142\163"), $M3);
$jF = false;
if (!get_site_option("\x6e\x6f\x5f\163\142\x73")) {
goto Ga;
}
$dD = Utilities::get_sites();
$jF = $Bx < count($dD);
Ga:
if ($It != "\164\x72\165\145" && !$cI || !$y9 || !$Tm || !is_numeric(trim($Tm)) || $jF) {
goto Hq;
}
return 1;
goto sS;
Hq:
return 0;
sS:
}
function show_status_error($xB, $d0)
{
$xB = strip_tags($xB);
$d0 = strip_tags($d0);
if ($d0 == "\x74\145\x73\164\126\141\x6c\151\144\141\x74\x65") {
goto o5;
}
wp_die("\x57\145\40\x63\157\x75\x6c\x64\x20\156\x6f\164\40\163\x69\147\156\x20\x79\x6f\x75\40\x69\156\x2e\x20\120\154\145\141\163\x65\x20\143\157\156\x74\x61\x63\164\40\171\157\165\162\40\x41\144\155\151\156\151\x73\x74\162\141\x74\x6f\162\56", "\x45\x72\162\x6f\x72\72\x20\x49\156\166\x61\x6c\151\144\40\123\x41\x4d\114\40\122\x65\x73\160\157\156\163\145\40\123\164\x61\164\165\163");
goto K2;
o5:
echo "\x3c\144\151\166\40\163\164\x79\154\145\x3d\42\146\x6f\156\x74\x2d\x66\141\155\x69\154\171\72\x43\141\x6c\151\142\162\x69\x3b\x70\141\x64\144\151\x6e\147\72\x30\x20\x33\x25\x3b\42\76";
echo "\74\x64\x69\166\x20\163\x74\171\x6c\145\x3d\42\x63\x6f\154\x6f\x72\x3a\40\43\141\x39\64\64\x34\62\x3b\142\x61\x63\x6b\147\x72\157\165\x6e\x64\55\x63\157\154\157\x72\72\40\43\x66\62\x64\x65\x64\145\x3b\160\x61\144\x64\151\156\147\72\40\x31\x35\x70\170\73\155\141\162\147\x69\x6e\55\142\x6f\164\x74\157\x6d\x3a\40\x32\60\160\170\73\164\x65\170\x74\55\x61\154\x69\x67\x6e\72\143\x65\156\x74\x65\162\73\x62\157\x72\144\x65\x72\x3a\x31\160\x78\x20\163\157\154\x69\144\40\43\105\66\x42\x33\102\x32\73\x66\x6f\156\x74\55\x73\151\172\145\72\61\x38\160\164\x3b\x22\76\x20\x45\122\x52\x4f\x52\x3c\57\x64\x69\166\76\12\x9\x9\11\x9\x9\x9\11\74\x64\151\166\x20\x73\x74\171\x6c\145\75\x22\143\x6f\x6c\x6f\162\x3a\40\x23\x61\71\64\64\64\x32\73\x66\x6f\156\x74\x2d\163\x69\x7a\145\72\61\x34\x70\x74\73\x20\x6d\x61\x72\x67\x69\156\x2d\142\x6f\164\164\x6f\155\x3a\62\x30\160\170\x3b\42\x3e\74\160\x3e\74\163\x74\x72\157\156\147\x3e\x45\x72\162\x6f\x72\72\x20\74\x2f\x73\x74\x72\157\156\x67\76\x20\111\156\x76\141\154\151\x64\40\123\101\x4d\114\40\x52\x65\x73\x70\157\x6e\163\145\x20\x53\x74\141\x74\165\163\56\x3c\57\x70\76\12\11\11\x9\11\x9\11\11\11\x3c\x70\x3e\x3c\x73\164\x72\157\x6e\x67\76\x43\141\165\x73\x65\x73\x3c\57\163\x74\x72\157\156\x67\76\72\40\x49\144\145\x6e\164\x69\x74\171\40\120\162\157\x76\151\x64\145\x72\40\x68\141\x73\40\163\x65\156\164\40\x27" . $xB . "\x27\40\x73\164\x61\x74\165\163\40\143\157\144\x65\x20\x69\x6e\40\123\x41\115\114\40\122\x65\x73\160\x6f\x6e\x73\145\56\x20\x3c\x2f\160\x3e\12\x9\11\x9\11\x9\11\x9\11\74\160\x3e\x3c\x73\x74\x72\x6f\x6e\147\x3e\x52\145\141\x73\157\x6e\x3c\x2f\x73\x74\x72\x6f\156\147\x3e\x3a\40" . get_status_message($xB) . "\x3c\x2f\160\76\74\142\x72\x3e";
if (empty($Jv)) {
goto w1;
}
echo "\x3c\x70\76\x3c\x73\x74\162\157\156\147\76\x53\x74\x61\164\x75\x73\40\115\145\163\x73\x61\x67\x65\40\151\156\x20\x74\x68\145\x20\x53\101\115\x4c\x20\122\x65\x73\160\x6f\x6e\163\145\x3a\74\57\x73\x74\x72\157\156\x67\x3e\x20\74\x62\x72\57\76" . $Jv . "\x3c\x2f\x70\x3e\74\142\x72\x3e";
w1:
echo "\xa\11\x9\x9\11\x9\11\11\74\57\144\151\166\x3e\12\xa\x9\11\11\x9\11\x9\11\74\x64\x69\x76\x20\163\164\x79\x6c\x65\75\x22\155\x61\162\x67\x69\156\72\x33\x25\73\144\151\163\160\154\141\171\72\142\x6c\157\143\153\x3b\164\x65\x78\x74\x2d\x61\154\x69\147\x6e\x3a\143\x65\156\x74\x65\x72\73\42\x3e\xa\x9\11\x9\x9\x9\11\x9\x9\74\x64\151\x76\40\163\x74\171\154\145\75\42\155\141\x72\147\151\156\72\63\45\x3b\144\151\163\x70\154\141\171\x3a\142\x6c\x6f\x63\x6b\73\164\145\170\x74\x2d\141\154\x69\x67\156\x3a\x63\145\156\x74\x65\162\x3b\42\x3e\74\x69\x6e\x70\165\164\40\163\164\x79\154\x65\x3d\42\x70\x61\x64\x64\x69\156\147\72\61\x25\73\x77\x69\x64\x74\150\x3a\x31\x30\60\160\170\x3b\x62\141\x63\153\x67\162\x6f\x75\156\144\x3a\x20\x23\60\60\x39\61\x43\104\x20\156\x6f\x6e\x65\40\162\x65\160\145\141\164\40\x73\x63\x72\x6f\x6c\154\x20\x30\x25\40\x30\x25\73\x63\165\162\x73\157\x72\x3a\40\x70\x6f\151\x6e\x74\145\x72\73\x66\157\156\x74\x2d\x73\x69\x7a\145\72\61\65\x70\170\73\142\157\x72\x64\x65\x72\55\x77\x69\144\164\150\x3a\40\x31\160\170\x3b\142\157\162\144\x65\162\55\163\x74\x79\x6c\x65\x3a\40\x73\x6f\x6c\x69\144\73\142\x6f\162\x64\x65\x72\55\x72\141\x64\151\165\163\x3a\x20\63\x70\170\x3b\x77\x68\x69\164\x65\55\x73\160\x61\143\x65\x3a\x20\x6e\157\x77\x72\x61\x70\x3b\x62\x6f\x78\55\x73\151\x7a\151\156\x67\72\40\x62\157\162\144\x65\162\x2d\142\157\x78\x3b\142\x6f\162\x64\x65\x72\x2d\x63\157\154\x6f\162\72\40\43\x30\x30\67\x33\x41\x41\x3b\142\x6f\x78\x2d\163\x68\x61\x64\157\x77\72\x20\60\x70\170\x20\x31\160\170\x20\60\160\170\x20\x72\x67\142\x61\50\61\62\60\54\40\62\x30\60\x2c\x20\62\63\60\x2c\x20\x30\x2e\x36\51\40\151\x6e\x73\145\164\73\x63\x6f\154\x6f\x72\x3a\x20\x23\x46\x46\x46\x3b\x22\x74\171\x70\145\x3d\x22\142\165\164\164\x6f\156\x22\x20\x76\x61\154\x75\145\75\x22\x44\157\156\x65\42\x20\157\x6e\103\154\151\143\153\x3d\42\x73\x65\154\146\x2e\x63\154\157\163\145\50\51\x3b\42\x3e\x3c\x2f\x64\x69\x76\76";
die;
K2:
}
function get_status_message($xB)
{
switch ($xB) {
case "\x52\x65\161\165\145\163\x74\145\162":
return "\x54\x68\145\x20\x72\145\x71\x75\x65\163\x74\40\143\157\x75\x6c\x64\40\156\157\x74\x20\x62\x65\40\160\145\162\x66\157\x72\x6d\145\x64\40\144\165\145\x20\164\157\40\141\156\x20\x65\x72\x72\x6f\x72\40\x6f\156\x20\164\x68\x65\x20\x70\141\x72\x74\x20\x6f\146\40\164\x68\145\x20\162\145\161\x75\x65\163\x74\145\x72\x2e";
goto gD;
case "\122\145\163\x70\x6f\156\144\x65\x72":
return "\x54\x68\145\x20\162\x65\x71\165\145\163\x74\40\143\x6f\x75\x6c\x64\x20\156\157\164\x20\142\x65\40\160\145\x72\146\157\162\155\x65\144\40\144\165\145\x20\164\x6f\x20\141\x6e\40\x65\162\162\x6f\162\40\157\156\40\164\150\x65\40\x70\141\162\x74\x20\157\146\x20\164\150\x65\40\x53\101\115\x4c\x20\162\145\163\x70\157\156\x64\x65\x72\40\x6f\162\40\x53\x41\115\x4c\x20\x61\165\x74\150\157\x72\x69\x74\x79\56";
goto gD;
case "\x56\x65\162\163\151\157\156\x4d\151\x73\155\x61\164\x63\150":
return "\x54\x68\x65\40\x53\101\x4d\x4c\x20\162\145\163\160\x6f\156\144\145\x72\x20\x63\x6f\x75\154\x64\x20\x6e\x6f\x74\x20\160\x72\157\143\x65\x73\163\40\x74\x68\145\40\162\145\x71\165\145\163\164\40\x62\x65\143\x61\x75\x73\x65\40\164\150\x65\40\x76\145\x72\x73\151\157\x6e\x20\x6f\x66\40\164\150\x65\x20\162\x65\161\165\145\x73\164\x20\155\x65\x73\163\141\147\x65\40\167\x61\163\x20\x69\x6e\143\x6f\x72\162\x65\143\x74\56";
goto gD;
default:
return "\x55\x6e\153\156\157\x77\x6e";
}
bA:
gD:
}
function saml_get_current_page_url()
{
$Mx = $_SERVER["\x48\x54\x54\120\x5f\x48\117\123\x54"];
if (!(substr($Mx, -1) == "\57")) {
goto rF;
}
$Mx = substr($Mx, 0, -1);
rF:
$lw = $_SERVER["\122\x45\x51\x55\105\123\x54\137\125\122\111"];
if (!(substr($lw, 0, 1) == "\x2f")) {
goto py;
}
$lw = substr($lw, 1);
py:
$QR = isset($_SERVER["\x48\124\124\120\x53"]) && strcasecmp($_SERVER["\x48\x54\x54\120\x53"], "\157\x6e") == 0;
$us = "\150\x74\x74\x70" . ($QR ? "\163" : '') . "\x3a\x2f\x2f" . $Mx . "\x2f" . $lw;
return $us;
}
add_action("\x77\x69\x64\147\145\x74\163\137\151\156\x69\x74", function () {
register_widget("\155\157\137\154\x6f\147\x69\156\x5f\x77\151\144");
});
add_action("\x77\x70\x5f\x65\156\161\165\x65\x75\x65\x5f\x73\x63\x72\151\x70\x74\163", "\x70\154\165\x67\151\156\x5f\x73\145\164\x74\151\x6e\147\163\137\x73\x74\171\154\145\137\x77\x69\x64\x67\145\164");
add_action("\167\160\137\145\x6e\161\165\x65\165\145\137\163\x63\162\151\x70\x74\x73", "\160\154\x75\x67\x69\156\137\x73\145\x74\164\x69\x6e\147\163\137\163\x63\x72\x69\160\164\137\x77\151\144\x67\145\164");
add_action("\151\x6e\151\164", "\155\157\x5f\x6c\x6f\147\151\x6e\x5f\x76\x61\154\151\x64\141\164\145");
?>
Function Calls
None |
Stats
MD5 | f449f6bf4228a19f89ab246d14deac30 |
Eval Count | 0 |
Decode Time | 148 ms |