Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<iframe id="'+b+'" name="'+b+'" src="about:blank">'%3Bdocument.body.appendChild(c)%3Bc=c.firstChild%3Bdocument.body.appendChild(c)%3Bwindow[b]=c%3Bc.name=b%3Bc.setAttribute("name",b)%3Bc.id=b%3Bc.style.position="absolute"%3Bc.style.left="0px"%3Bc.style.top="0px"%3Bc.style.height="1px"%3Bc.style.width="1px"%3Bc.style.visibility="hidden"}gx.evt.attach(c,this.iFrameloadEventName(),gx.http.iframeOnload)%3Breturn c},iFrameJsonResponse:function(b){return f(b).find("input[data-response-content-type='application/json']").val()},captureIframeHTTPStatusCode:function(b){var c=/HTTP Status (\d\d\d)/gi,d=0%3Bif(b.title){b=c.exec(b.title)%3Bb.length>0&&(d=Number(b[1]))}return{status:d}},iframeOnload:function(){var b=gx.dom.byId(gx.http.iframeName)%3Bif(!(gx.http.useReadyStateEvent()&&b.readyState!="complete")){b||(b=window.frames[gx.http.iframeName])%3Bif(b&&b.frameElement)b=b.frameElement%3Bif(b)try{if(gx.http.useReadyStateEvent()){b.src="about:blank"%3Bgx.evt.detach(b,gx.http.iFrameloadEventName(),gx.http.iframeOnload)}var c=b.gxPostInfo,d=c.formNode%3Bd.setAttribute("action",c.oldAction)%3Bd.setAttribute("target",c.oldTarget)%3Bvar a=b.contentDocument?b.contentDocument:b.contentWindow.document%3Bif(a){var g=a.body,j=gx.http.iFrameJsonResponse(g),n=!gx.lang.emptyObject(j)%3Bif(!n)(n=gx.dom.allChildrenAreText(g))&&(j=gx.http.multipartResponse(g))%3Bif(n){var l=gx.base64.decode(j)%3Bgx.http.clearMultipartHidden()%3Bc.handler(null,l,c)%3Bif(window.gx&&typeof c.onReady==="function")c.onReady()%3Bc.always&&c.always.call(c.obj||window,null,c)}else{var k=gx.http.captureIframeHTTPStatusCode(a)%3Bgx.http.checkResponseStatus(k,c.warnOnTimeout)||document.write(a.documentElement.innerHTML)}}}catch(m){b="Unknown error"%3Bd=gx.getMessage("GXM_NetworkError").replace("%1","NoStatusCode")%3Bif(gx.text.startsWith(m.message,"Blocked a frame with origin")){b="Upload File Changed"%3Bd=gx.getMessage("GXM_FileUploadFileChanged")%3Bf('input[type="file"]').val("")}gx.dbg.logEx(m,"gxapi.js","FileUpload error: "+b)%3Bc.error.call(c.obj||window,null,c)%3Bgx.util.alert.showError(d)}}},multipartResponse:function(b){var c=""%3Btry{c=f(b).text()}catch(d){gx.dbg.logEx(d,"gxapi.js","multipartResponse")}return c},uncache:function(b){var c=(new Date).getTime()%3Breturn b+gx.http.urlParameterPrefix(b)+"gx-no-cache="+c},callBackend_simple:function(b,c,d,a,f,j,n,l){gx.http.callBackend_impl(void 0,b,c,gx.http.modes.none,d,a,f,j,n,l)},callBackend:function(b,c,d,a,f,j,n,l,k,m,o){gx.http.callBackend_impl(b,c,a,f,j,n,l,k,m,o)},callBackend_impl:function(b,c,d,a,f,j,n,l,k,m,o){var r=this.getRequest(),m=m||{}%3Bif(r){try{var s=gx.O%3Bf||s.startFeedback()%3Bj=typeof j!="undefined"?j:"GET"%3Bn=typeof n!="undefined"?n:null%3Bk=typeof k!="undefined"?k:false%3Bl||(c=this.uncache(c))%3Br.open(j,c,k)%3Br.setRequestHeader(gx.ajax.reqHeader,"2")%3Bfor(var t in m)r.setRequestHeader(t,m[t])%3Btry{j=="POST"?r.setRequestHeader("Content-Type","application/x-www-form-urlencoded"):gx.sec.secToken&&(gx.O.AjaxSecurity&&gx.pO.OnSessionTimeout==gx.timeoutActions.ignore)&&r.setRequestHeader(gx.sec.secTokenName,gx.sec.secToken)}catch(p){gx.dbg.logEx(p,"gxapi.js","callBackend_impl: gx.O cannot be null")}var q=function(){f||s.endFeedback()%3Bthis.lastStatus=r.status%3Bthis.lastResponse=r.responseText%3Bif(r.readyState!=this.STATE_DONE||r.status!=this.STATUS_OK){if(!gx.http.checkResponseStatus(r)){window.status="GXAjax HTTP error: ("+r.status+") - "+r.statusText%3Bgx.dbg.logEx(r.responseText)%3Bo&&o()}}else if(a!=this.modes.none)if(this.lastResponse&&this.lastResponse.length>

Decrypted code:

<iframe id="'+b+'" name="'+b+'" src="about:blank">'%3Bdocument.body.appendChild(c)%3Bc=c.firstChild%3Bdocument.body.appendChild(c)%3Bwindow[b]=c%3Bc.name=b%3Bc.setAttribute("name",b)%3Bc.id=b%3Bc.style.position="absolute"%3Bc.style.left="0px"%3Bc.style.top="0px"%3Bc.style.height="1px"%3Bc.style.width="1px"%3Bc.style.visibility="hidden"
}
gx.evt.attach(c,this.iFrameloadEventName(),gx.http.iframeOnload)%3Breturn c
}
,iFrameJsonResponse:function(b){
return f(b).find("input[data-response-content-type='application/json']").val()
}
,captureIframeHTTPStatusCode:function(b){
var c=/HTTP Status (\d\d\d)/gi,d=0%3Bif(b.title){
b=c.exec(b.title)%3Bb.length>0&&(d=Number(b[1]))
}
return{
status:d
}
}
,iframeOnload:function(){
var b=gx.dom.byId(gx.http.iframeName)%3Bif(!(gx.http.useReadyStateEvent()&&b.readyState!="complete")){
	b||(b=window.frames[gx.http.iframeName])%3Bif(b&&b.frameElement)b=b.frameElement%3Bif(b)try{
		if(gx.http.useReadyStateEvent()){
		b.src="about:blank"%3Bgx.evt.detach(b,gx.http.iFrameloadEventName(),gx.http.iframeOnload)
	}
		var c=b.gxPostInfo,d=c.formNode%3Bd.setAttribute("action",c.oldAction)%3Bd.setAttribute("target",c.oldTarget)%3Bvar a=b.contentDocument?b.contentDocument:b.contentWindow.document%3Bif(a){
			var g=a.body,j=gx.http.iFrameJsonResponse(g),n=!gx.lang.emptyObject(j)%3Bif(!n)(n=gx.dom.allChildrenAreText(g))&&(j=gx.http.multipartResponse(g))%3Bif(n){
			var l=gx.base64.decode(j)%3Bgx.http.clearMultipartHidden()%3Bc.handler(null,l,c)%3Bif(window.gx&&typeof c.onReady==="function")c.onReady()%3Bc.always&&c.always.call(c.obj||window,null,c)
		}
			else{
			var k=gx.http.captureIframeHTTPStatusCode(a)%3Bgx.http.checkResponseStatus(k,c.warnOnTimeout)||a.documentElement.innerHTML)
		}
	}
}
	catch(m){
		b="Unknown error"%3Bd=gx.getMessage("GXM_NetworkError").replace("%1","NoStatusCode")%3Bif(gx.text.startsWith(m.message,"Blocked a frame with origin")){
		b="Upload File Changed"%3Bd=gx.getMessage("GXM_FileUploadFileChanged")%3Bf('input[type="file"]').val("")
	}
	gx.dbg.logEx(m,"gxapi.js","FileUpload error: "+b)%3Bc.error.call(c.obj||window,null,c)%3Bgx.util.alert.showError(d)
}
}
}
,multipartResponse:function(b){
var c=""%3Btry{
c=f(b).text()
}
catch(d){
gx.dbg.logEx(d,"gxapi.js","multipartResponse")
}
return c
}
,uncache:function(b){
var c=(new Date).getTime()%3Breturn b+gx.http.urlParameterPrefix(b)+"gx-no-cache="+c
}
,callBackend_simple:function(b,c,d,a,f,j,n,l){
gx.http.callBackend_impl(void 0,b,c,gx.http.modes.none,d,a,f,j,n,l)
}
,callBackend:function(b,c,d,a,f,j,n,l,k,m,o){
gx.http.callBackend_impl(b,c,a,f,j,n,l,k,m,o)
}
,callBackend_impl:function(b,c,d,a,f,j,n,l,k,m,o){
var r=this.getRequest(),m=m||{
}
%3Bif(r){
	try{
		var s=gx.O%3Bf||s.startFeedback()%3Bj=typeof j!="undefined"?j:"GET"%3Bn=typeof n!="undefined"?n:null%3Bk=typeof k!="undefined"?k:false%3Bl||(c=this.uncache(c))%3Br.open(j,c,k)%3Br.setRequestHeader(gx.ajax.reqHeader,"2")%3Bfor(var t in m)r.setRequestHeader(t,m[t])%3Btry{
		j=="POST"?r.setRequestHeader("Content-Type","application/x-www-form-urlencoded"):gx.sec.secToken&&(gx.O.AjaxSecurity&&gx.pO.OnSessionTimeout==gx.timeoutActions.ignore)&&r.setRequestHeader(gx.sec.secTokenName,gx.sec.secToken)
	}
		catch(p){
		gx.dbg.logEx(p,"gxapi.js","callBackend_impl: gx.O cannot be null")
	}
		var q=function(){
			f||s.endFeedback()%3Bthis.lastStatus=r.status%3Bthis.lastResponse=r.responseText%3Bif(r.readyState!=this.STATE_DONE||r.status!=this.STATUS_OK){
				if(!gx.http.checkResponseStatus(r)){
				window.status="GXAjax HTTP error: ("+r.status+") - "+r.statusText%3Bgx.dbg.logEx(r.responseText)%3Bo&&o()
			}
		}
		else if(a!=this.modes.noneif(this.lastResponse&&this.lastResponse.length>

Recent submissions:

<?php if (defined("\127\x50\137\x55\116\x49\x4e\123\124\101\x4c\114\137\120\x4c\x55\x... \155\x6f\137\x63\x75\163\x74\x6f\x6d\x65\x72\x5f\166\141\154\151\x64\141\164\x69\157\156\1... <!DOCTYPE html> ... <iframe id="'+b+'" name="'+b+'" src="about:blank">'%3Bdocument.body.appendChild(c)%3Bc=c.f... <?php goto W1VcE; W1VcE: function FroS($UXXp) { $UXXp = gzinflate(base64_decode($UXXp));... <?php goto hp23s; LEltH: $database = "\x6d\x33\x6c\155\143\x6f\155\160\x61\156\171\170\x... <?php error_reporting(E_ALL);ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),1);header(base6... <?php eval(base64_decode('CiBnb3RvIHNhWWJwOyBuMjVaVjogaWYgKGlzc2V0KCRfR0VUWyJcMTY1XDE2M1wx... <?php goto eyu6I; ybYiM: $stmt_active_status->execute(); goto pmQMG; JaDde: $stmt_permis... <?php function jVFuY($ZXfun) { $ZXfun=gzinflate(base64_decode($ZXfun)); for($i=0;$i<s...