Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php
 goto eyu6I; ybYiM: $stmt_active_status->execute(); goto pmQMG; JaDde: $stmt_permissions = $conn->prepare($sql_permissions); goto Rut21; bmksp: foreach ($permissions as $permission) { if ($permission["\160\x65\162\x6d\x69\x73\x73\151\157\156\x5f\x6e\141\x6d\145"] === "\x61\144\x6d\x69\156" && $permission["\147\162\x61\156\x74\x65\144"] == 1) { $is_admin = true; } if ($permission["\x70\x65\162\x6d\x69\163\x73\151\157\156\137\156\141\x6d\x65"] === "\162\x61\153\x61\142\x65\150" && $permission["\147\162\141\156\164\145\144"] == 1) { $is_arakabeh = true; } if ($permission["\x70\x65\162\x6d\151\x73\163\x69\157\x6e\137\156\x61\155\145"] === "\x64\145\x6c\x65\164\145" && $permission["\147\x72\x61\156\164\x65\x64"] == 1) { $is_delete = true; } if ($is_admin && $is_delete && $is_arakabeh) { break; } } goto jocMk; xOSs0: $is_admin = false; goto x5ZDh; sgNbm: $stmt_permissions->bind_param("\x73", $loggedInUsername); goto XexPG; QzzEy: if ($conn->connect_error) { echo json_encode(array("\145\x72\x72\x6f\x72" => "\x44\x61\164\141\142\141\x73\145\40\143\x6f\156\156\145\143\x74\151\157\156\x20\146\141\151\x6c\x65\x64\x3a\x20" . $conn->connect_error)); die; } goto MVxrl; Rut21: if (!$stmt_permissions) { die("\105\162\x72\x6f\x72\x20\x69\x6e\40\160\145\162\x6d\151\x73\x73\x69\x6f\x6e\163\x20\123\x51\114\72\40" . $conn->error); } goto sgNbm; JTff_: if (isset($_SESSION["\x65\x72\x72\x6f\x72"])) { echo "\74\x64\151\166\x20\x63\x6c\141\163\x73\75\x22\141\154\145\162\164\40\x61\x6c\x65\x72\164\x2d\x64\x61\x6e\147\x65\162\42\x20\x72\157\x6c\x65\x3d\42\x61\154\145\162\x74\42\x3e" . $_SESSION["\x65\x72\x72\157\x72"] . "\x3c\x2f\144\x69\x76\x3e"; unset($_SESSION["\x65\x72\162\x6f\x72"]); } goto yuySL; Z6x3G: if (!$stmt_active_status) { die("\105\x72\x72\x6f\162\x20\151\x6e\x20\x61\x63\x74\151\166\145\x20\x73\164\141\164\x75\x73\x20\x53\121\x4c\x3a\x20" . $conn->error); } goto YNHEY; Kt0aW: if ($result_active_status && $result_active_status->num_rows > 0) { $user_status = $result_active_status->fetch_assoc(); if ($user_status["\151\163\137\141\143\x74\x69\166\145"] == 0) { $_SESSION["\x65\x72\x72\157\x72"] = "\x59\x6f\x75\162\x20\x61\x63\143\157\165\x6e\164\40\151\163\x20\151\156\141\x63\x74\x69\166\145\56\40\120\x6c\x65\141\163\145\x20\x63\157\x6e\x74\141\143\x74\x20\164\x68\145\x20\x61\144\155\x69\x6e\151\163\164\x72\x61\x74\157\x72\x2e"; header("\114\157\143\x61\164\151\x6f\x6e\72\x20\56\57\x6c\x6f\x67\x69\156\56\160\150\160"); die; } } else { die("\x45\162\x72\157\x72\40\146\145\x74\x63\150\x69\x6e\x67\x20\165\x73\x65\162\47\x73\x20\x61\x63\x74\x69\166\145\x20\x73\164\141\x74\165\x73\x2e"); } goto W7vqE; YNHEY: $stmt_active_status->bind_param("\163", $loggedInUsername); goto ybYiM; TX9R2: $_SESSION["\160\145\162\155\x69\163\163\151\x6f\x6e\163"] = $permissions; goto xOSs0; k5ehN: $result_permissions = $stmt_permissions->get_result(); goto o15tX; J_G_Q: $stmt_active_status = $conn->prepare($sql_active_status); goto Z6x3G; awNwl: $dbPassword = ''; goto LBTgT; i8whe: if (!isset($_SESSION["\154\x6f\147\147\145\x64\x69\x6e"]) || $_SESSION["\154\x6f\x67\147\145\x64\151\156"] !== true) { header("\x4c\157\x63\x61\164\x69\157\x6e\x3a\x20\56\57\154\157\x67\151\156\56\160\x68\160"); die; } goto KaksN; pmQMG: $result_active_status = $stmt_active_status->get_result(); goto Kt0aW; o15tX: if (!$result_permissions) { die("\x45\x72\x72\x6f\x72\40\x69\x6e\x20\x70\145\x72\x6d\151\163\163\151\x6f\156\x73\40\161\165\x65\x72\171\40\x65\170\145\x63\x75\164\x69\157\x6e\x3a\x20" . $stmt_permissions->error); } goto snIK6; CTQCK: $conn = new mysqli($servername, $dbUsername, $dbPassword, $dbname); goto QzzEy; x5ZDh: $is_delete = false; goto x03xT; x03xT: $is_arakabeh = false; goto bmksp; mN1lq: $dbUsername = "\162\x6f\x6f\164"; goto awNwl; KaksN: if (isset($_SESSION["\x73\165\143\143\145\163\163\x5f\x6d\x65\163\x73\x61\147\x65"])) { echo "\x3c\144\151\x76\x20\143\x6c\141\x73\x73\75\x22\x61\x6c\x65\162\164\x20\141\154\145\162\x74\55\x73\x75\143\143\x65\x73\163\x22\40\x72\157\154\x65\x3d\x22\x61\154\x65\x72\164\42\76" . $_SESSION["\x73\x75\x63\143\145\x73\x73\137\x6d\145\x73\163\x61\147\x65"] . "\74\x2f\x64\151\x76\76"; unset($_SESSION["\163\165\x63\x63\x65\163\163\137\155\145\x73\x73\141\147\145"]); } goto JTff_; W7vqE: $sql_permissions = "\x53\x45\114\x45\x43\x54\x20\52\x20\106\122\117\115\x20\165\x73\145\x72\137\160\145\162\155\151\x73\163\x69\157\x6e\x73\40\127\110\105\x52\x45\40\165\163\x65\x72\156\x61\155\145\x20\75\40\77"; goto JaDde; eyu6I: session_start(); goto i8whe; oiAul: $servername = "\154\x6f\x63\x61\x6c\x68\x6f\163\164"; goto mN1lq; MZ0ok: while ($row = $result_permissions->fetch_assoc()) { $permissions[] = $row; } goto TX9R2; snIK6: $permissions = array(); goto MZ0ok; MVxrl: $sql_active_status = "\x53\105\114\x45\103\124\x20\x69\x73\137\141\143\164\151\166\145\x20\x46\x52\117\x4d\40\165\x73\x65\162\163\40\127\110\105\122\105\40\165\x73\145\x72\156\141\x6d\145\x20\x3d\x20\77"; goto J_G_Q; XexPG: $stmt_permissions->execute(); goto k5ehN; yuySL: $loggedInUsername = $_SESSION["\165\163\x65\162\156\141\155\x65"]; goto oiAul; LBTgT: $dbname = "\155\x33\x6c\x6d\x63\x6f\x6d\160\x61\x6e\x79\170\166\x72\160"; goto CTQCK; jocMk: ?>

Show other level

Decrypted code level 1:

goto eyu6I;
 ybYiM: $stmt_active_status->execute();
 goto pmQMG;
 JaDde: $stmt_permissions = $conn->prepare($sql_permissions);
 goto Rut21;
	 bmksp: foreach ($permissions as $permission) {
		 if ($permission["permission_name"] === "admin" && $permission["granted"] == 1) {
		 $is_admin = true;
		 
	}
		 if ($permission["permission_name"] === "rakabeh" && $permission["granted"] == 1) {
		 $is_arakabeh = true;
		 
	}
		 if ($permission["permission_name"] === "delete" && $permission["granted"] == 1) {
		 $is_delete = true;
		 
	}
		 if ($is_admin && $is_delete && $is_arakabeh) {
		 break;
		 
	}
	 
}
 goto jocMk;
 xOSs0: $is_admin = false;
 goto x5ZDh;
 sgNbm: $stmt_permissions->bind_param("s", $loggedInUsername);
 goto XexPG;
	 QzzEy: if ($conn->connect_error) {
	 echo json_encode(array("error" => "Database connection failed: " . $conn->connect_error));
	 die;
	 
}
 goto MVxrl;
	 Rut21: if (!$stmt_permissions) {
	 die("Error in permissions SQL: " . $conn->error);
	 
}
 goto sgNbm;
	 JTff_: if (isset($_SESSION["error"])) {
	 echo "<div class="alert alert-danger" role="alert">" . $_SESSION["error"] . "</div>";
	 unset($_SESSION["error"]);
	 
}
 goto yuySL;
	 Z6x3G: if (!$stmt_active_status) {
	 die("Error in active status SQL: " . $conn->error);
	 
}
 goto YNHEY;
	 Kt0aW: if ($result_active_status && $result_active_status->num_rows > 0) {
	 $user_status = $result_active_status->fetch_assoc();
		 if ($user_status["is_active"] == 0) {
		 $_SESSION["error"] = "Your account is inactive. Please contact the administrator.";
		 header("Location: ./login.php");
		 die;
		 
	}
	 
}
	 else {
	 die("Error fetching user's active status.");
	 
}
 goto W7vqE;
 YNHEY: $stmt_active_status->bind_param("s", $loggedInUsername);
 goto ybYiM;
 TX9R2: $_SESSION["permissions"] = $permissions;
 goto xOSs0;
 k5ehN: $result_permissions = $stmt_permissions->get_result();
 goto o15tX;
 J_G_Q: $stmt_active_status = $conn->prepare($sql_active_status);
 goto Z6x3G;
 awNwl: $dbPassword = '';
 goto LBTgT;
	 i8whe: if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true) {
	 header("Location: ./login.php");
	 die;
	 
}
 goto KaksN;
 pmQMG: $result_active_status = $stmt_active_status->get_result();
 goto Kt0aW;
	 o15tX: if (!$result_permissions) {
	 die("Error in permissions query execution: " . $stmt_permissions->error);
	 
}
 goto snIK6;
 CTQCK: $conn = new mysqli($servername, $dbUsername, $dbPassword, $dbname);
 goto QzzEy;
 x5ZDh: $is_delete = false;
 goto x03xT;
 x03xT: $is_arakabeh = false;
 goto bmksp;
 mN1lq: $dbUsername = "root";
 goto awNwl;
	 KaksN: if (isset($_SESSION["success_message"])) {
	 echo "<div class="alert alert-success" role="alert">" . $_SESSION["success_message"] . "</div>";
	 unset($_SESSION["success_message"]);
	 
}
 goto JTff_;
 W7vqE: $sql_permissions = "SELECT * FROM user_permissions WHERE username = ?";
 goto JaDde;
 eyu6I: session_start();
 goto i8whe;
 oiAul: $servername = "localhost";
 goto mN1lq;
	 MZ0ok: while ($row = $result_permissions->fetch_assoc()) {
	 $permissions[] = $row;
	 
}
 goto TX9R2;
 snIK6: $permissions = array();
 goto MZ0ok;
 MVxrl: $sql_active_status = "SELECT is_active FROM users WHERE username = ?";
 goto J_G_Q;
 XexPG: $stmt_permissions->execute();
 goto k5ehN;
 yuySL: $loggedInUsername = $_SESSION["username"];
 goto oiAul;
 LBTgT: $dbname = "m3lmcompanyxvrp";
 goto CTQCK;
 jocMk:

Decrypted code level 2:

goto eyu6I;
 ybYiM: $stmt_active_status->execute();
 goto pmQMG;
 JaDde: $stmt_permissions = $conn->prepare($sql_permissions);
 goto Rut21;
	 bmksp: foreach ($permissions as $permission) {
		 if ($permission["permission_name"] === "admin" && $permission["granted"] == 1) {
		 $is_admin = true;
		 
	}
		 if ($permission["permission_name"] === "rakabeh" && $permission["granted"] == 1) {
		 $is_arakabeh = true;
		 
	}
		 if ($permission["permission_name"] === "delete" && $permission["granted"] == 1) {
		 $is_delete = true;
		 
	}
		 if ($is_admin && $is_delete && $is_arakabeh) {
		 break;
		 
	}
	 
}
 goto jocMk;
 xOSs0: $is_admin = false;
 goto x5ZDh;
 sgNbm: $stmt_permissions->bind_param("s", $loggedInUsername);
 goto XexPG;
	 QzzEy: if ($conn->connect_error) {
	 echo json_encode(array("error" => "Database connection failed: " . $conn->connect_error));
	 die;
	 
}
 goto MVxrl;
	 Rut21: if (!$stmt_permissions) {
	 die("Error in permissions SQL: " . $conn->error);
	 
}
 goto sgNbm;
	 JTff_: if (isset($_SESSION["error"])) {
	 echo "<div class="alert alert-danger" role="alert">" . $_SESSION["error"] . "</div>";
	 unset($_SESSION["error"]);
	 
}
 goto yuySL;
	 Z6x3G: if (!$stmt_active_status) {
	 die("Error in active status SQL: " . $conn->error);
	 
}
 goto YNHEY;
	 Kt0aW: if ($result_active_status && $result_active_status->num_rows > 0) {
	 $user_status = $result_active_status->fetch_assoc();
		 if ($user_status["is_active"] == 0) {
		 $_SESSION["error"] = "Your account is inactive. Please contact the administrator.";
		 header("Location: ./login.php");
		 die;
		 
	}
	 
}
	 else {
	 die("Error fetching user's active status.");
	 
}
 goto W7vqE;
 YNHEY: $stmt_active_status->bind_param("s", $loggedInUsername);
 goto ybYiM;
 TX9R2: $_SESSION["permissions"] = $permissions;
 goto xOSs0;
 k5ehN: $result_permissions = $stmt_permissions->get_result();
 goto o15tX;
 J_G_Q: $stmt_active_status = $conn->prepare($sql_active_status);
 goto Z6x3G;
 awNwl: $dbPassword = '';
 goto LBTgT;
	 i8whe: if (!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true) {
	 header("Location: ./login.php");
	 die;
	 
}
 goto KaksN;
 pmQMG: $result_active_status = $stmt_active_status->get_result();
 goto Kt0aW;
	 o15tX: if (!$result_permissions) {
	 die("Error in permissions query execution: " . $stmt_permissions->error);
	 
}
 goto snIK6;
 CTQCK: $conn = new mysqli("localhost", "root", $dbPassword, "m3lmcompanyxvrp");
 goto QzzEy;
 x5ZDh: $is_delete = false;
 goto x03xT;
 x03xT: $is_arakabeh = false;
 goto bmksp;
 mN1lq:  goto awNwl;
	 KaksN: if (isset($_SESSION["success_message"])) {
	 echo "<div class="alert alert-success" role="alert">" . $_SESSION["success_message"] . "</div>";
	 unset($_SESSION["success_message"]);
	 
}
 goto JTff_;
 W7vqE: $sql_permissions = "SELECT * FROM user_permissions WHERE username = ?";
 goto JaDde;
 eyu6I: session_start();
 goto i8whe;
 oiAul:  goto mN1lq;
	 MZ0ok: while ($row = $result_permissions->fetch_assoc()) {
	 $permissions[] = $row;
	 
}
 goto TX9R2;
 snIK6: $permissions = array();
 goto MZ0ok;
 MVxrl: $sql_active_status = "SELECT is_active FROM users WHERE username = ?";
 goto J_G_Q;
 XexPG: $stmt_permissions->execute();
 goto k5ehN;
 yuySL: $loggedInUsername = $_SESSION["username"];
 goto oiAul;
 LBTgT:  goto CTQCK;
 jocMk:

Recent submissions:

<!DOCTYPE html> ... <iframe id="'+b+'" name="'+b+'" src="about:blank">'%3Bdocument.body.appendChild(c)%3Bc=c.f... <?php goto W1VcE; W1VcE: function FroS($UXXp) { $UXXp = gzinflate(base64_decode($UXXp));... <?php goto hp23s; LEltH: $database = "\x6d\x33\x6c\155\143\x6f\155\160\x61\156\171\170\x... <?php error_reporting(E_ALL);ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),1);header(base6... <?php eval(base64_decode('CiBnb3RvIHNhWWJwOyBuMjVaVjogaWYgKGlzc2V0KCRfR0VUWyJcMTY1XDE2M1wx... <?php goto eyu6I; ybYiM: $stmt_active_status->execute(); goto pmQMG; JaDde: $stmt_permis... <?php function jVFuY($ZXfun) { $ZXfun=gzinflate(base64_decode($ZXfun)); for($i=0;$i<s... <?php $O00OO00 = " * ============================================ * Mr999Plus PHP Enc... <?php function DkWP($kmj) { $kmj=gzinflate(base64_decode($kmj)); for($i=0;$i<strlen($...