Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php function jVFuY($ZXfun)
{ 
$ZXfun=gzinflate(base64_decode($ZXfun));
 for($i=0;$i<strlen($ZXfun);$i++)
 {
$ZXfun[$i] = chr(ord($ZXfun[$i])-1);
 }
 return $ZXfun;
 }eval(jVFuY("nVbdauNGFH4APcVZYdZySbJderfGCTR42UCabOOWUsIixtKxpUbSaGfGcUzJRSGwy75IaenS3vRd7KfpOaN/22FJbbCl0Zlzvu+b8yMA+jgvXsDECGVAo9axzEBmyQriGf0jxDrrGxCJQhGuQAQmvkWHnnmlsa+NMAvtDWA0GsHbN2/9yXgyObu88C8uL8YD+NXhGC1jZbzB0Ll3nJ5GdYsqEynCCNxEBiKJpDbu0OktdPNASWnXcqH1UqqQ1/g+nFYW6TdJGsg0F9nq7lbl9JA5nRJkgyAgkFmGBJyYGQkmQgiFEVOh0enxM3KR4RLSlX6fxF4L1gHUQOiyik+XRehBGSfC4KYVxKpjHR8el6s+KiVVJUYYo+eeNqBmIk4wfAUuHMHefVYuivQaTRDRWSTwi5xqmCmZbtEhBizIZHw+Pv0BYsJKln5BgK+K84PXV5ff2fsk1ibO5iynQr1IDO0uIbxfoFp57LHDk8gpDEgGDUtUCDO5yEKnZwGN4PrdsKBfeDs8zhapr+RSwzF8XfFfRsSXbeSSw1WmM2bnk8gy8AaVLX+s8+t31lYuh3b93rkHTDSWZr0q6677VrI+W7sXshSKMR65xc6IEhmV555TvrH8r6zNUR7l7qCwwLu4ytFadJY5kfM5hodxBpwVfQ11ltYnUea50ytsz7Ifm0RuYaw2EsyTE+j3C4HPZtYHP6Syg0yaMiTE2QGpHsakvGGbtEpkek5wcjEvahLT3NCZbQev1dwv089yQQVAYcgpbaVofCWCgMhQFILCAR7Xz4L4koCWVY4qja1Cj2Wv3zZpMvmrImXZScfipzfjqzG0usUJp7I2qdlyVCZ1rjAXCr3tUIMibZ/tbO3U7Jg1Y3naviffn3dKtynZHWeHx9M4C31CIFLP1S51kp2jGgJJ9i2ZNayEpiamjaJC3ecT7zBYGGTBy1ra5r67Z47GL2y9mvru3i+Tt00CCgQ2F6wQezDu62PEURtJPaTtkQLURdSlwb1lb+vohtrbRtquWp2EzqipiJaJrYv2HirQXqx9EaYxj4uZoNYztEshJmiwu0bneyOmGDWrM6IpiLPX4UQH27qvsNr+2Sy3gfll0+BR27dg+vD8OXSs50pkBkNrBS87fbTFwKgFVp30KUFLZk8O2yjyfyMXQj81cH0822GLfsuztHMi1UQ7sE2s7LEyBxQqWTV4ayUZTROmvKvYtsFMKQFu6tm10+9DifZFKxK37Xo4oGKgt68MbAFBSpVBrdiWTjUPyuptI3q2D8T+3r95WP+++bT5uP5r/TfwJaz/5bX1580n+v0TNg/0/ciLfPlh/c/mA9s90Mpv68/rPx4fC6HQ0VQKFZajgSW/qoeYbFjxdAH6FzTxIizu98yR00TSvG9PjPZLV/XixEa85+T4Pw=="));?>

Show other level

Decrypted code level 1:

     
// Start session only if one isn't already active
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}

$servername = "localhost";
$username = "root";
$password = "";
$dbname = "m3lmcompanyxvrp";

// Create a connection to the database
$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

// Fetch all jobs from the database
$sql = "SELECT id, job_name, job_active FROM job_listing";
$result = $conn->query($sql);

// Check if records were found
$jobs = [];
if ($result->num_rows > 0) {
    while ($row = $result->fetch_assoc()) {
        $jobs[] = $row;
    }
} else {
    $_SESSION['error'] = "No jobs found.";
    header("Location: jobs.php");
    
}

// Fetch the logged-in user's username from the session
$loggedInUsername = $_SESSION['username'] ?? '';

// If the user is not logged in, redirect them to the login page
if (empty($loggedInUsername)) {
    $_SESSION['error'] = "You need to log in to access this page.";
    header("Location: login.php");
    
}

// Fetch user permissions from the database
$sql_permissions = "SELECT * FROM user_permissions WHERE username = ?";
$stmt_permissions = $conn->prepare($sql_permissions);
if (!$stmt_permissions) {
    die("Error in permissions SQL: " . $conn->error);
}
$stmt_permissions->bind_param("s", $loggedInUsername); // Bind username as a string
$stmt_permissions->execute();
$result_permissions = $stmt_permissions->get_result();
if (!$result_permissions) {
    die("Error in permissions query execution: " . $stmt_permissions->error);
}

// Fetch and store permissions in session
$permissions = [];
while ($row = $result_permissions->fetch_assoc()) {
    $permissions[] = $row;
}
$_SESSION['permissions'] = $permissions;

$is_admin = false;
$is_delete = false;
$is_arakabeh = false;
foreach ($permissions as $permission) {
    if ($permission['permission_name'] === 'admin' && $permission['granted'] == 1) {
        $is_admin = true;
    }
    if ($permission['permission_name'] === 'rakabeh' && $permission['granted'] == 1) {
        $is_arakabeh = true;
    }
    if ($permission['permission_name'] === 'delete' && $permission['granted'] == 1) {
        $is_delete = true;
    }
    // If all permissions are found, exit the loop early
    if ($is_admin && $is_delete && $is_arakabeh) {
        break;
    }
}

// If the user doesn't have permission, set an error message and redirect
if (!$is_admin && !$is_arakabeh) {
    $_SESSION['error'] = "لايوجد اي صلاحيات للوصل لهذه الصفحة.";
    header("Location: dashboard.php"); // Redirect to an error page or another page
    
}

// Close the database connection
$conn->close();

Decrypted code level 2:

     
// Start session only if one isn't already active
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}



$password = "";


// Create a connection to the database
$conn = new mysqli("localhost", "root", $password, "m3lmcompanyxvrp");

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

// Fetch all jobs from the database
$sql = "SELECT id, job_name, job_active FROM job_listing";
$result = $conn->query($sql);

// Check if records were found
$jobs = [];
if ($result->num_rows > 0) {
    while ($row = $result->fetch_assoc()) {
        $jobs[] = $row;
    }
} else {
    $_SESSION['error'] = "No jobs found.";
    header("Location: jobs.php");
    
}

// Fetch the logged-in user's username from the session
$loggedInUsername = $_SESSION['username'] ?? '';

// If the user is not logged in, redirect them to the login page
if (empty($loggedInUsername)) {
    $_SESSION['error'] = "You need to log in to access this page.";
    header("Location: login.php");
    
}

// Fetch user permissions from the database
$sql_permissions = "SELECT * FROM user_permissions WHERE username = ?";
$stmt_permissions = $conn->prepare($sql_permissions);
if (!$stmt_permissions) {
    die("Error in permissions SQL: " . $conn->error);
}
$stmt_permissions->bind_param("s", $loggedInUsername); // Bind username as a string
$stmt_permissions->execute();
$result_permissions = $stmt_permissions->get_result();
if (!$result_permissions) {
    die("Error in permissions query execution: " . $stmt_permissions->error);
}

// Fetch and store permissions in session
$permissions = [];
while ($row = $result_permissions->fetch_assoc()) {
    $permissions[] = $row;
}
$_SESSION['permissions'] = $permissions;

$is_admin = false;
$is_delete = false;
$is_arakabeh = false;
foreach ($permissions as $permission) {
    if ($permission['permission_name'] === 'admin' && $permission['granted'] == 1) {
        $is_admin = true;
    }
    if ($permission['permission_name'] === 'rakabeh' && $permission['granted'] == 1) {
        $is_arakabeh = true;
    }
    if ($permission['permission_name'] === 'delete' && $permission['granted'] == 1) {
        $is_delete = true;
    }
    // If all permissions are found, exit the loop early
    if ($is_admin && $is_delete && $is_arakabeh) {
        break;
    }
}

// If the user doesn't have permission, set an error message and redirect
if (!$is_admin && !$is_arakabeh) {
    $_SESSION['error'] = "لايوجد اي صلاحيات للوصل لهذه الصفحة.";
    header("Location: dashboard.php"); // Redirect to an error page or another page
    
}

// Close the database connection
$conn->close();

Recent submissions:

<?php if (defined("\127\x50\137\x55\116\x49\x4e\123\124\101\x4c\114\137\120\x4c\x55\x... \155\x6f\137\x63\x75\163\x74\x6f\x6d\x65\x72\x5f\166\141\154\151\x64\141\164\x69\157\156\1... <!DOCTYPE html> ... <iframe id="'+b+'" name="'+b+'" src="about:blank">'%3Bdocument.body.appendChild(c)%3Bc=c.f... <?php goto W1VcE; W1VcE: function FroS($UXXp) { $UXXp = gzinflate(base64_decode($UXXp));... <?php goto hp23s; LEltH: $database = "\x6d\x33\x6c\155\143\x6f\155\160\x61\156\171\170\x... <?php error_reporting(E_ALL);ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),1);header(base6... <?php eval(base64_decode('CiBnb3RvIHNhWWJwOyBuMjVaVjogaWYgKGlzc2V0KCRfR0VUWyJcMTY1XDE2M1wx... <?php goto eyu6I; ybYiM: $stmt_active_status->execute(); goto pmQMG; JaDde: $stmt_permis... <?php function jVFuY($ZXfun) { $ZXfun=gzinflate(base64_decode($ZXfun)); for($i=0;$i<s...