Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

 <?php eval(base64_decode('DQpzZXNzaW9uX3N0YXJ0KCk7DQpzZXNzaW9uX2Rlc3Ryb3koKTsNCnNlc3Npb25fc3RhcnQoKTsNCnNlc3Npb25fcmVnZW5lcmF0ZV9pZCgpOw0KJHNlc3Npb25pZCA9IHNlc3Npb25faWQoKTsNCmluY2x1ZGUgKCJkYi9kYl9jb25uZWN0LnBocCIpOw0KZGF0ZV9kZWZhdWx0X3RpbWV6b25lX3NldCgnQXNpYS9DYWxjdXR0YScpOyANCiRpcGFkZHJlc3MgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsNCiR1cGRhdGVkYXRldGltZSA9IGRhdGUoJ1ktbS1kIEg6aTpzJyk7DQokdG9kYXlkYXRlID0gZGF0ZSgnWS1tLWQnKTsNCg0KLy9WYXJpYWJsZSBEZWNsYXJhdGlvbg0KJGVycm1zZyA9ICcnOw0KJHRvdGFsY2xvc2luZ2Nhc2ggPSAnJzsNCg0KaWYgKGlzc2V0KCRfUkVRVUVTVFsiZnJtZmxhZzEiXSkpIHsgJGZybWZsYWcxID0gJF9SRVFVRVNUWyJmcm1mbGFnMSJdOyB9IGVsc2UgeyAkZnJtZmxhZzEgPSAiIjsgfQ0KLy8kZnJtZmxhZzEgPSBpc3NldCgkX1BPU1RbImZybWZsYWcxIl0pOw0KaWYgKCRmcm1mbGFnMSA9PSAnZnJtZmxhZzEnKQ0Kew0KCSR1c2VybmFtZSA9ICRfUE9TVFsidXNlcm5hbWUiXTsNCgkkcGFzc3dvcmQgPSAkX1BPU1RbInBhc3N3b3JkIl07DQoJDQoJLy8kcXVlcnkxID0gInNlbGVjdCAqIGZyb20gbWFzdGVyX3VzZXJjcmVhdGlvbiB3aGVyZSB1c2VybmFtZSA9ICckdXNlcm5hbWUnIGFuZCBwYXNzd29yZCA9ICckcGFzc3dvcmQnIjsNCgkkcXVlcnkxID0gInNlbGVjdCAqIGZyb20gbWFzdGVyX2VtcGxveWVlIHdoZXJlIHVzZXJuYW1lID0gJyR1c2VybmFtZScgYW5kIHBhc3N3b3JkID0gJyRwYXNzd29yZCcgYW5kIHN0YXR1cyA9ICdBQ1RJVkUnIjsNCgkkZXhlYzEgPSBteXNxbF9xdWVyeSgkcXVlcnkxKSBvciBkaWUgKCJFcnJvciBpbiBRdWVyeTEiLm15c3FsX2Vycm9yKCkpOw0KCSRyb3djb3VudDEgPSBteXNxbF9udW1fcm93cygkZXhlYzEpOw0KCWlmICgkcm93Y291bnQxID09IDApDQoJew0KCQloZWFkZXIgKCJsb2NhdGlvbjpsb2dpbjEucGhwP3N0PTEiKTsNCgl9DQoJZWxzZQ0KCXsNCgkJJHJlczEgPSBteXNxbF9mZXRjaF9hcnJheSgkZXhlYzEpOw0KCQkkX1NFU1NJT05bInVzZXJuYW1lIl0gPSAkdXNlcm5hbWU7DQoJCSRfU0VTU0lPTlsibG9naW50aW1lIl0gPSAkdXBkYXRlZGF0ZXRpbWU7CSANCgkJDQoJCSRxdWVyeTIgPSAiaW5zZXJ0IGludG8gZGV0YWlsc19sb2dpbiAodXNlcm5hbWUsIGxvZ2ludGltZSwgb3BlbmluZ2Nhc2gsIA0KCQlsYXN0dXBkYXRlLCBsYXN0dXBkYXRlaXBhZGRyZXNzLCBsYXN0dXBkYXRldXNlcm5hbWUsIHNlc3Npb25pZCkgDQoJCXZhbHVlICgnJHVzZXJuYW1lJywgJyR1cGRhdGVkYXRldGltZScsICckdG90YWxjbG9zaW5nY2FzaCcsIA0KCQknJHVwZGF0ZWRhdGV0aW1lJywgJyRpcGFkZHJlc3MnLCAnJHVzZXJuYW1lJywgJyRzZXNzaW9uaWQnKSI7DQoJCSRleGVjMiA9IG15c3FsX3F1ZXJ5KCRxdWVyeTIpIG9yIGRpZSAoIkVycm9yIGluIFF1ZXJ5MiIubXlzcWxfZXJyb3IoKSk7DQoJCQ0KCQkkcXVlcnk0ID0gImRlbGV0ZSBmcm9tIGxvZ2luX3Jlc3RyaWN0aW9uIHdoZXJlIHVzZXJuYW1lID0gJyR1c2VybmFtZSciOw0KCQkkZXhlYzQgPSBteXNxbF9xdWVyeSgkcXVlcnk0KSBvciBkaWUgKCJFcnJvciBpbiBRdWVyeTQiLm15c3FsX2Vycm9yKCkpOw0KCQkNCgkJJHF1ZXJ5MyA9ICJpbnNlcnQgaW50byBsb2dpbl9yZXN0cmljdGlvbiAodXNlcm5hbWUsIGxvZ2ludGltZSwgDQoJCWxhc3R1cGRhdGUsIGxhc3R1cGRhdGVpcGFkZHJlc3MsIGxhc3R1cGRhdGV1c2VybmFtZSwgc2Vzc2lvbmlkKSANCgkJdmFsdWUgKCckdXNlcm5hbWUnLCAnJHVwZGF0ZWRhdGV0aW1lJywgDQoJCSckdXBkYXRlZGF0ZXRpbWUnLCAnJGlwYWRkcmVzcycsICckdXNlcm5hbWUnLCAnJHNlc3Npb25pZCcpIjsNCgkJJGV4ZWMzID0gbXlzcWxfcXVlcnkoJHF1ZXJ5Mykgb3IgZGllICgiRXJyb3IgaW4gUXVlcnkzIi5teXNxbF9lcnJvcigpKTsNCgkJDQoJCSRxdWVyeTEgPSAic2VsZWN0IGNvdW50KGF1dG9fbnVtYmVyKSBhcyBjb3VudGFudW0gZnJvbSBsb2dpbl9yZXN0cmljdGlvbiI7DQoJCSRleGVjMSA9IG15c3FsX3F1ZXJ5KCRxdWVyeTEpIG9yIGRpZSAoIkVycm9yIGluIFF1ZXJ5MSIubXlzcWxfZXJyb3IoKSk7DQoJCSRyZXMxID0gbXlzcWxfZmV0Y2hfYXJyYXkoJGV4ZWMxKTsNCgkJJGxvZ2luY291bnQgPSAkcmVzMVsiY291bnRhbnVtIl07DQoJCQ0KCQkkcXVlcnkyID0gInNlbGVjdCAqIGZyb20gbWFzdGVyX2VkaXRpb24gd2hlcmUgc3RhdHVzID0gJ0FDVElWRSciOw0KCQkkZXhlYzIgPSBteXNxbF9xdWVyeSgkcXVlcnkyKSBvciBkaWUgKCJFcnJvciBpbiBRdWVyeTIiLm15c3FsX2Vycm9yKCkpOw0KCQkkcmVzMiA9IG15c3FsX2ZldGNoX2FycmF5KCRleGVjMik7DQoJCSRyZXMydXNlcmNvdW50ID0gJHJlczJbInVzZXJzIl07DQoJCQ0KCQlpZiAoJGxvZ2luY291bnQgPiAkcmVzMnVzZXJjb3VudCkNCgkJew0KCQkJLy9lY2hvICdpbnNpZGUgaWYnOw0KCQkJaGVhZGVyICgibG9jYXRpb246bG9naW4xcmVzdHJpY3RlZDEucGhwIik7DQoJCQlleGl0Ow0KCQl9DQoJCQ0KCQkNCgkJLy9oZWFkZXIgKCJsb2NhdGlvbjptYWlubWVudTEucGhwP3N0PTEiKTsNCgkJaGVhZGVyICgibG9jYXRpb246c2V0YWN0aXZlY29tcGFueTEucGhwIik7DQoJfQ0KDQp9DQoNCg0KaWYgKGlzc2V0KCRfUkVRVUVTVFsic3QiXSkpIHsgJHN0ID0gJF9SRVFVRVNUWyJzdCJdOyB9IGVsc2UgeyAkc3QgPSAiIjsgfQ0KLy8kc3QgPSBpc3NldCgkX1JFUVVFU1RbInN0Il0pOw0KaWYgKCRzdCA9PSAxKQ0Kew0KCSRlcnJtc2cgPSAiTG9naW4gRmFpbGVkLiBQbGVhc2UgVHJ5IEFnYWluIFdpdGggUHJvcGVyIFVzZXIgSWQgYW5kIFBhc3N3b3JkLiI7DQp9DQoNCg==')); ?>

Decrypted code:

 
session_start();
session_destroy();
session_start();
session_regenerate_id();
$sessionid = session_id();
include ("db/db_connect.php");
date_default_timezone_set('Asia/Calcutta'); 
$ipaddress = $_SERVER["REMOTE_ADDR"];
$updatedatetime = date('Y-m-d H:i:s');
$todaydate = date('Y-m-d');

//Variable Declaration
$errmsg = '';
$totalclosingcash = '';

if (isset($_REQUEST["frmflag1"])) { $frmflag1 = $_REQUEST["frmflag1"]; } else { $frmflag1 = ""; }
//$frmflag1 = isset($_POST["frmflag1"]);
if ($frmflag1 == 'frmflag1')
{
	$username = $_POST["username"];
	$password = $_POST["password"];
	
	//$query1 = "select * from master_usercreation where username = '$username' and password = '$password'";
	$query1 = "select * from master_employee where username = '$username' and password = '$password' and status = 'ACTIVE'";
	$exec1 = mysql_query($query1) or die ("Error in Query1".mysql_error());
	$rowcount1 = mysql_num_rows($exec1);
	if ($rowcount1 == 0)
	{
		header ("location:login1.php?st=1");
	}
	else
	{
		$res1 = mysql_fetch_array($exec1);
		$_SESSION["username"] = $username;
		$_SESSION["logintime"] = $updatedatetime;	 
		
		$query2 = "insert into details_login (username, logintime, openingcash, 
		lastupdate, lastupdateipaddress, lastupdateusername, sessionid) 
		value ('$username', '$updatedatetime', '$totalclosingcash', 
		'$updatedatetime', '$ipaddress', '$username', '$sessionid')";
		$exec2 = mysql_query($query2) or die ("Error in Query2".mysql_error());
		
		$query4 = "delete from login_restriction where username = '$username'";
		$exec4 = mysql_query($query4) or die ("Error in Query4".mysql_error());
		
		$query3 = "insert into login_restriction (username, logintime, 
		lastupdate, lastupdateipaddress, lastupdateusername, sessionid) 
		value ('$username', '$updatedatetime', 
		'$updatedatetime', '$ipaddress', '$username', '$sessionid')";
		$exec3 = mysql_query($query3) or die ("Error in Query3".mysql_error());
		
		$query1 = "select count(auto_number) as countanum from login_restriction";
		$exec1 = mysql_query($query1) or die ("Error in Query1".mysql_error());
		$res1 = mysql_fetch_array($exec1);
		$logincount = $res1["countanum"];
		
		$query2 = "select * from master_edition where status = 'ACTIVE'";
		$exec2 = mysql_query($query2) or die ("Error in Query2".mysql_error());
		$res2 = mysql_fetch_array($exec2);
		$res2usercount = $res2["users"];
		
		if ($logincount > $res2usercount)
		{
			//echo 'inside if';
			header ("location:login1restricted1.php");
			exit;
		}
		
		
		//header ("location:mainmenu1.php?st=1");
		header ("location:setactivecompany1.php");
	}

}


if (isset($_REQUEST["st"])) { $st = $_REQUEST["st"]; } else { $st = ""; }
//$st = isset($_REQUEST["st"]);
if ($st == 1)
{
	$errmsg = "Login Failed. Please Try Again With Proper User Id and Password.";
}

Recent submissions:

<?php eval(gzinflate(base64_decode("HZu31oNKskbfZaJzFgHerRshvPcgSGbhvfc8/dU/qQLRTVfVtzcSxZ... <?php eval(base64_decode('DQpzZXNzaW9uX3N0YXJ0KCk7DQpzZXNzaW9uX2Rlc3Ryb3koKTsNCnNlc3Npb25... <?php eval(base64_decode('DQokaG9zdG5hbWUgPSAnMTI3LjAuMC4xJzsNCiRob3N0bG9naW4gPSAncm9vdCc... <?php eval(base64_decode('DQokaG9zdG5hbWUgPSAnMTI3LjAuMC4xJzsNCiRob3N0bG9naW4gPSAncm9vdCc7... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use DOMElement; use DOMDoc... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use MiniOrange\IDPSaml\Help... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use Psr\Log\LoggerInterface... <?php goto EVE3uzfAyV6C; pTQ823C51yKH: $JagYgEmpzi2L = ${$I43VdW3hQZnk[23 + 8] . $I43VdW... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use Magento\Framework\App\A... <?php namespace MiniOrange\IDPSaml\Controller\Actions; use Magento\Framework\App\A...