Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


use WHMCS\Database\Capsule;

if (!defined("WHMCS"))
    die("This file cannot be accessed directly");

function get_hooks_language_setting() {
    $result = Capsule::table('tblticketspamcheckdashboardsettings')->select('language')->first();
    return $result ? $result->language : 'en';
}

if (!function_exists('load_translation')) {
    function load_translation($language) {
        $filePath = _DIR_ . "/translations/{$language}.php";
        if (file_exists($filePath)) {
            return include_once $filePath;
        }
        return include_once _DIR_ . "/translations/en.php";
    }
}

$language = get_hooks_language_setting();
$translations = load_translation($language);

create_spam_reports_table();

function create_spam_reports_table() {
    if (!Capsule::schema()->hasTable('tblticketspamcheckspamreports')) {
        Capsule::schema()->create('tblticketspamcheckspamreports', function ($table) {
            $table->increments('id');
            $table->integer('client_id')->unsigned();
            $table->string('client_name');
            $table->string('client_email');
            $table->integer('ticket_id')->unsigned();
            $table->string('reason');
            $table->timestamps();
        });
    }
}

add_hook('TicketOpen', 1, function($vars) use ($translations) {
    $userId = $vars['userid'];
    $ticketId = $vars['ticketid'];

    $maxTickets = get_option('ticketspam_max_tickets') ?: 5;
    $timeLimit = get_option('ticketspam_time_limit') ?: 300;
    $noReplyEmail = get_option('ticketspam_no_reply_email') ?: '';

    $currentTime = time();
    $ticketCount = Capsule::table('tbltickets')
        ->where('userid', $userId)
        ->where('status', 'Open')
        ->where('date', '>=', date('Y-m-d H:i:s', $currentTime - $timeLimit))
        ->count();

    if ($ticketCount >= $maxTickets) {
        Capsule::table('tbltickets')->where('id', $ticketId)->update(['status' => 'Closed']);

        $userInfo = Capsule::table('tblclients')->where('id', $userId)->first();
        $email = $userInfo->email;
        $name = $userInfo->firstname . ' ' . $userInfo->lastname;

        sendEmail($email, $ticketId, $noReplyEmail, $translations);
        add_to_spam_reports($userId, $name, $email, $ticketId);

    }
});

function get_option($option) {
    $result = Capsule::table('tbladdonmodules')
        ->where('module', 'ticketspamcheck')
        ->where('setting', $option)
        ->first();
    return $result ? $result->value : '';
}

function sendEmail($toEmail, $ticketId, $noReplyEmail, $translations) {
    $subject = str_replace('{ticketId}', $ticketId, $translations['subject']);
    $message = str_replace('{ticketId}', $ticketId, $translations['message']);

    $headers = "From: {$noReplyEmail}\r\n";
    $headers .= "Reply-To: {$noReplyEmail}\r\n";
    $headers .= "Content-Type: text/plain; charset=UTF-8\r\n";

    mail($toEmail, $subject, $message, $headers);
}

function add_to_spam_reports($clientId, $clientName, $clientEmail, $ticketId) {
    Capsule::table('tblticketspamcheckspamreports')->insert([
        'client_id' => $clientId,
        'client_name' => $clientName,
        'client_email' => $clientEmail,
        'ticket_id' => $ticketId,
        'reason' => 'Exceeded maximum number of open tickets',
        'created_at' => date('Y-m-d H:i:s'),
        'updated_at' => date('Y-m-d H:i:s'),
    ]);
}


© 2023 Quttera Ltd. All rights reserved.