// #Encoder
$s = $this->php_implode($php_array);
$s = substr($s, 2);
$tmpfile = $this->file_tmp;
if (($f = @fopen($tmpfile, 'wb')) == false) {
echo 'Turck encoding requires write access rights, aborting';
exit;
}
fwrite($f, $s);
fclose($f);
$es = mmcache_encode($tmpfile);
$enc['enc_data'] = $es;
$this->turck_encoded_src = $es;
unlink($tmpfile);
$o = &$this->options;
if ($o['password'])
$enc['enc_password'] = md5($o['password']);
if (!$o['expire']['enable']) $o['expire']['year'] = 2010;
$exp_time = mktime($o['expire']['hour'], $o['expire']['minute'], 0,
$o['expire']['month'], $o['expire']['day'], $o['expire']['year']);
$enc['expire_timestamp'] = $exp_time;
$enc['allowed_client_ip'] = $o['allowed']['client_ip'];
$enc['allowed_host_ip'] = $o['allowed']['host_ip'];
$enc['self_crc'] = $o['self_crc'];
// #Decoder
<?php {MORPH_VARS} ob_start();
?>{ENC_DATA}<?php
function maze_error() {
return uniqid('maze');
}
function microtime_diff($a, $b) {
list($a_dec, $a_sec) = explode(' ', $a);
list($b_dec, $b_sec) = explode(' ', $b);
return $b_sec - $a_sec + $b_dec - $a_dec;
}
// check ip against mask
function ip_in_mask($ip, $mask) {
if (($ip == '') or ($mask == '')) return false;
$a_ip = explode('.', $ip);
$a_mask = explode('.', $mask);
for ($i=0;$i<count($a_ip);$i++) {
if (($a_ip[$i] == $a_mask[$i]) or ($a_mask[$i] == '*')); else return false;
}
return true;
}
$src = ob_get_contents();
ob_end_clean();
// check file integrity
if ({SELF_CRC}) {
$fn = substr(__FILE__, 0, strpos(__FILE__, '('));
if (($f = @fopen($fn, 'rb')) !== false) {
fseek($f, 13);
$key = fread($f, 32);
fseek($f, 50);
$content = fread($f, 1000000);
$key2 = md5(crc32($content) + crc32($src));
fclose($f);
if ($key <> $key2) return maze_error();
} else
return maze_error();
}
if (isset($_SERVER['REMOTE_ADDR'])) $ip = $_SERVER['REMOTE_ADDR'];
else $ip = '';
if (isset($_SERVER['SERVER_ADDR'])) $srvip = $_SERVER['SERVER_ADDR'];
else $srvip = '';
// check unmazing password
if (isset($_REQUEST['unmaze']))
if (md5($_REQUEST['unmaze']) == '{ENC_PASSWORD}') {
echo substr($src, 2);
return;
}
// check unmaze integrity and timing
if (isset($_REQUEST['unmazetest'])) {
$duration = microtime_diff($GLOBALS['V002'], microtime());
$duration = sprintf('%0.3f', $duration);
return 'echo \''."Unmazed in $duration sec (requested by host [$ip])\n".'\';';
}
// check script expire date
if (time() > {EXPIRE_TIMESTAMP}) {
return 'echo \''."This script has expired!\n".'\';';
}
// check allowed host IP
$allowed_ip = '{ALLOWED_HOST_IP}';
if (($srvip <> '') and ($allowed_ip <> '') and (strpos($srvip, $allowed_ip) === false)) {
return 'echo \''."This host is forbidden for execution\n".'\';';
}
// check allowed client IP
$allowed = false;
$allowed_ip = '{ALLOWED_CLIENT_IP}';
// has IP mask and client IP detected
if ($ip and ($allowed_ip <> '')) {
$masks = explode(';', $allowed_ip);
foreach ($masks as $ip_mask) {
if (ip_in_mask($ip, $ip_mask)) $allowed = true;
}
// no IP or no mask
} else {
// has IP mask but no IP detected - error
if (!$ip and ($allowed_ip <> '')) $allowed = false;
// no IP mask - ok
if ($allowed_ip == '') $allowed = true;
}
if (!$allowed) {
return 'echo \''."You are not allowed to access this script\n".'\';';
}
return 'mmcache_load(\''.$src."');";
?>
|