Array("GET"), "\$_POST" => Array("POST"), "\$_COOKIE" => Array("Cookie"), "\$_REQUEST" => Array("ANY")); $_ENV["_AAS17"] = Array( "mysql_query" => Array( "SQL_Query", Array(1), false, "database=mysql" ), "sesam_query" => Array("SQL_Query", Array(1), false), "db2_exec" => Array("SQL_Query", Array(2), false), "pg_query_params" => Array("SQL_Query", Array(1,2), false, "database=pg"), "pg_query" => Array("SQL_Query", Array(1,2), false, "database=pg"), "pg_prepare" => Array("SQL_Query", Array(2,3), false, "database=pg"), "pg_send_prepare" => Array("SQL_Query", Array(3), false, "database=pg"), "pg_send_query_params" => Array("SQL_Query", Array(2), false, "database=pg"), "pg_send_query" => Array("SQL_Query", Array(1,2), false, "database=pg"), "sqlite_array_query" => Array("SQL_Query", Array(1,2), false, "database=sqlite"), "sqlite_query" => Array("SQL_Query", Array(1,2), false, "database=sqlite"), "sqlite_single_query" => Array("SQL_Query", Array(1,2), false, "database=sqlite"), "sqlite_unbuffered_query" => Array("SQL_Query", Array(1,2), false, "database=sqlite"), "mysql_unbuffered_query" => Array("SQL_Query", Array(1), false, "database=mysql"), "sqlite_exec" => Array("SQL_Query", Array(1,2), false, "database=sqlite"), "mysqli_query" => Array("SQL_Query", Array(2), false, "database=mysql"), "mysqli_prepare" => Array("SQL_Query", Array(2), false, "database=mysql"), "mssql_query" => Array("SQL_Query", Array(1), false, "database=mssql"), "mysqli_stmt_prepare" => Array("SQL_Query", Array(2), false, "database=mysql"), "maxdb_stmt_prepare" => Array("SQL_Query", Array(2), false), "ingres_query" => Array("SQL_Query", Array(1), false), "maxdb_prepare" => Array("SQL_Query", Array(2), false), "ifx_query" => Array("SQL_Query", Array(1), false), "ifx_prepare" => Array("SQL_Query", Array(1), false), "oci_parse" => Array("SQL_Query", Array(1), false, "database=oracle"), "ora_parse" => Array("SQL_Query", Array(1), false, "database=oracle"), "ociparse" => Array("SQL_Query", Array(1), false, "database=oracle"), "ibase_query" => Array("SQL_Query", Array(2), false), "ibase_prepare" => Array("SQL_Query", Array(1,2,3), false), "msql_query" => Array("SQL_Query", Array(1), false), "maxdb_real_query" => Array("SQL_Query", Array(2), false), "dbx_query" => Array("SQL_Query", Array(2), false), "ora_do" => Array("SQL_Query", Array(2), false, "database=oracle"), "odbc_prepare" => Array("SQL_Query", Array(2), false), "odbc_exec" => Array("SQL_Query", Array(2), false), "sybase_query" => Array("SQL_Query", Array(1), false, "database=sybase"), "fopen" => Array("", Array(), "_AAS18"), "readfile" => Array("File_Open", Array(1,2), false), "file" => Array("File_Open", Array(1), false), "file_get_contents" => Array("File_Open", Array(1), false), "highlight_file" => Array("File_Open", Array(1), false), "file_put_contents" => Array("Create_File", Array(1), false), "file_exists" => Array("", Array(), "_AAS19"), "is_file" => Array("", Array(), "_AAS19"), "system" => Array("Sys_Command", Array(1), false), "exec" => Array("Sys_Command", Array(1), false), "shell_exec" => Array("Sys_Command", Array(1), false), "passthru" => Array("Sys_Command", Array(1), false), "popen" => Array("Sys_Command", Array(1), false), "mail" => Array("Send_Mail", Array(1,2,3,4), false), "header" => Array("Set_Header", Array(1), "_AAS20"), "set_error_handler" => Array("", Array(), "_AAS21"), "get_included_files" => Array("", Array(), "_AAS22"), "unserialize" => Array("Unserialize", Array(1), false), "curl_exec" => Array("", Array(), "_AAS23"), "unlink" => Array("Delete_File", Array(1), false), "mkdir" => Array("Create_File", Array(1), false), "move_uploaded_file" => Array("", Array(), "_AAS24"), "rmdir" => Array("Delete_File", Array(1), false), "create_function" => Array("Create_Function", Array(1,2), false), "fwrite" => Array("", Array(), "_AAS25"), "fputs" => Array("", Array(), "_AAS25"), "fprintf" => Array("", Array(), "_AAS25") ); $_ENV["_AAS26"] = Array( "query" => Array("SQL_Query", Array(1), false, Array("MySQLi", "PDO"), "database=mysql"), ); $_ENV["_AAS27"] = Array(); $_ENV["_AAS28"] = dirname($_SERVER["SCRIPT_FILENAME"]) . "/"; $_ENV["_AAS29"] = $_SERVER["SCRIPT_FILENAME"]; $_ENV["_AAS30"] = basename(__FILE__); if (!function_exists("sys_get_temp_dir")){ if ( !empty($_ENV["TMP"]) ){ $_ENV["_AAS31"] = realpath( $_ENV["TMP"] ); } else if ( !empty($_ENV["TMPDIR"]) ){ $_ENV["_AAS31"] = realpath( $_ENV["TMPDIR"] ); } else if ( !empty($_ENV["TEMP"]) ){ $_ENV["_AAS31"] = realpath( $_ENV["TEMP"] ); } else { $_AAS32 = tempnam( md5(uniqid(rand(), false)), "" ); if ( $_AAS32 ){ $_AAS33 = realpath( dirname($_AAS32) ); unlink( $_AAS32 ); $_ENV["_AAS31"] = $_AAS33; } else { $_ENV["_AAS31"] = false; } } } else { $_ENV["_AAS31"] = sys_get_temp_dir(); } if($_ENV["_AAS31"]){ $_ENV["_AAS31"] = str_replace("\\", "/", $_ENV["_AAS31"]); if(substr($_ENV["_AAS31"], -1) !== "/")$_ENV["_AAS31"] .= "/"; } $_ENV["_AAS34"] = (bool)$_ENV["_AAS31"]; $_ENV["_AAS35"] = intval(ini_get("error_reporting")); $_ENV["_AAS36"] = array ( E_ERROR => "Error", E_WARNING => "Warning", E_PARSE => "Parsing Error", E_NOTICE => "Notice", E_CORE_ERROR => "Core Error", E_CORE_WARNING => "Core Warning", E_COMPILE_ERROR => "Compile Error", E_COMPILE_WARNING => "Compile Warning", E_USER_ERROR => "User Error", E_USER_WARNING => "User Warning", E_USER_NOTICE => "User Notice", E_STRICT => "Runtime Notice", E_RECOVERABLE_ERROR => "Catchable Fatal Error" ); } function _AAS37($_AAS38, $_AAS39, $_AAS40, $_AAS41) { if ($_AAS38 != E_NOTICE && $_AAS38 != E_STRICT && $_AAS38 != E_WARNING && $_AAS38 != E_RECOVERABLE_ERROR) { _AAS42("Error: " . $_AAS39 . " Type: " . $_ENV['_AAS36'][$_AAS38] . " Line $_AAS41, File $_AAS40"); _AAS43(); } if ($_AAS38 == E_USER_ERROR || $_AAS38 == E_ERROR) _AAS43(); if (is_array($_ENV['_AAS12']) && count($_ENV['_AAS12']) > 0) { if (is_string($_ENV['_AAS12'][0]) && function_exists($_ENV['_AAS12'][0])) { if (!isset($_ENV['_AAS12'][1]) || ($_ENV['_AAS12'][1] & $_AAS38 != 0)) { $_AAS44 = func_get_args(); _AAS45($_ENV['_AAS12'][0], $_AAS44); } } elseif (is_array($_ENV['_AAS12'][0]) && is_object($_ENV['_AAS12'][0][0])) { if (!isset($_ENV['_AAS12'][1]) || ($_ENV['_AAS12'][1] & $_AAS38 != 0)) { $_AAS44 = func_get_args(); call_user_func_array(array($_ENV['_AAS12'][0][0], $_ENV['_AAS12'][0][1]), $_AAS44); } } } else if (($_AAS38 & $_ENV["_AAS35"]) != 0) { switch ($_AAS38) { case E_USER_ERROR: case E_RECOVERABLE_ERROR: case E_ERROR: echo "Fatal error: $_AAS39 in " . $_ENV['_AAS29'] . " on line $_AAS41
\n"; break; case E_USER_WARNING: case E_WARNING: echo "Warning: $_AAS39 in " . $_ENV['_AAS29'] . " on line $_AAS41
\n"; break; case E_USER_NOTICE: case E_NOTICE: case E_STRICT: break; default: echo "Unknown error type $_AAS38: $_AAS39 in " . $_ENV['_AAS29'] . " on line $_AAS41
\n"; break; } } return true; } function _AAS45($_AAS46, $_AAS47) { switch (count($_AAS47)) { case 0: return $_AAS46(); break; case 1: return $_AAS46($_AAS47[0]); break; case 2: return $_AAS46($_AAS47[0], $_AAS47[1]); break; case 3: return $_AAS46($_AAS47[0], $_AAS47[1], $_AAS47[2]); break; case 4: return $_AAS46($_AAS47[0], $_AAS47[1], $_AAS47[2], $_AAS47[3]); break; case 5: return $_AAS46($_AAS47[0], $_AAS47[1], $_AAS47[2], $_AAS47[3], $_AAS47[4]); break; default: return call_user_func_array($_AAS46, $_AAS47); break; } } function _AAS48($_AAS49 = null) { global $__ACUNETIX_TestForGlobalOverwrite; if (isset($__ACUNETIX_TestForGlobalOverwrite) && $__ACUNETIX_TestForGlobalOverwrite === "ACUNETIX_TestForGlobalOverwrite") { _AAS50("Global_Overwrite", "Global variable has been overwritten", $_ENV['_AAS29'], -1, ""); } _AAS43(); _AAS42("Exiting ..."); $_AAS51 = ""; while (($_AAS52 = ob_get_clean()) !== false) { $_AAS51 .= $_AAS52; } $_AAS51 .= $_AAS49; header("Content-Length: " . _AAS53($_AAS51), true); echo $_AAS51; if ($_ENV['_AAS11'] !== false) { fclose($_ENV['_AAS11']); } die(); } function _AAS54($_AAS38, $_AAS39) { } function _AAS55($_AAS56, $_AAS57, $_AAS58, $_AAS59, $_AAS60, $_AAS61) { _AAS50("PHP_File_Include", "$_AAS61", $_AAS56, $_AAS57, "\"$_AAS60\" was called."); if (strpos($_AAS61, "acu_phpaspect.php") !== false || strpos($_AAS61, _AAS7) !== false || strpos($_AAS61, _AAS8) !== false ) return ""; $_AAS51 = false; if (($_AAS62 = realpath($_AAS61)) === false || !file_exists($_AAS62)) { set_error_handler("_AAS54"); $_AAS51 = @file_get_contents($_AAS61, true); restore_error_handler(); if ($_AAS51 !== false) { $_AAS63 = explode(PATH_SEPARATOR, ini_get("include_path")); $_AAS64 = $_AAS61; foreach ($_AAS63 as $_AAS65) { if (($_AAS62 = realpath("$_AAS65/$_AAS64")) !== false && file_exists($_AAS62)) { break; } } } else { $_AAS66 = true; if ($_AAS61[0] !== "." && $_AAS61[0] !== "/" && $_AAS61[0] !== "\\") { $_AAS62 = realpath(dirname($_AAS56) . "/" . $_AAS61); if ($_AAS62 !== false && file_exists($_AAS62)) $_AAS66 = false; } if ($_AAS66) { _AAS50("Include_Error", "$_AAS61", $_AAS56, $_AAS57, "Acunetix sensor failed to find file \"$_AAS61\" included by \"$_AAS60\" from file \"$_AAS56\"."); if ($_AAS58) { _AAS48("File not found $_AAS61"); } else { return ""; } } } } $_AAS62 = str_replace("\\", "/", $_AAS62); if ($_AAS51 === false) $_AAS51 = @file_get_contents($_AAS62, true); _AAS42("$_AAS56 on line $_AAS57 included $_AAS61 by $_AAS60 real path: $_AAS62"); $_AAS67 = in_array($_AAS62, $_ENV['_AAS15']); if ($_AAS59 && $_AAS67) { return ""; } elseif (!$_AAS67) { array_push($_ENV['_AAS15'], $_AAS62); } $_ENV['_AAS68'] = $_AAS62; $_AAS69 = new _AAS70($_AAS62); $_AAS69->_AAS71($_AAS51); $_AAS72 = $_AAS69->_AAS73; unset($_AAS69); return $_AAS72; } function _AAS74($_AAS61, $_AAS75, $_AAS76) { $_AAS72 = ""; if (is_array($_AAS76) && count($_AAS76) >= 1) { _AAS50("PHP_Code_Eval", $_AAS76[0], $_AAS61, $_AAS75); $_AAS69 = new _AAS70($_AAS61, "", false, true); $_AAS69->_AAS71($_AAS76[0]); $_AAS72 = $_AAS69->_AAS73; unset($_AAS69); } return $_AAS72; } function _AAS19($_AAS61, $_AAS75, $_AAS60, $_AAS77) { if (is_array($_AAS77) && count($_AAS77) == 1 && (strpos($_AAS77[0], _AAS7 . 'FILE') !== false || strpos($_AAS77[0], _AAS8 . 'FILE') !== false)) { if (strpos($_AAS77[0], _AAS7 . 'FILECREATE') !== false || strpos($_AAS77[0], _AAS8 . 'FILECREATE') !== false) return false; else return true; } else { return _AAS45($_AAS60, $_AAS77); } } function _AAS23($_AAS61, $_AAS75, $_AAS60, $_AAS77) { if (count($_AAS77) > 0 && is_resource($_AAS77[0]) && defined("CURLINFO_EFFECTIVE_URL")) { $_AAS78 = curl_getinfo($_AAS77[0], CURLINFO_EFFECTIVE_URL); $_AAS79 = _AAS80(); if ($_AAS79 != "") $_AAS81 = Array("\"$_AAS60\" was called.\r\n$_AAS79"); else $_AAS81 = Array("\"$_AAS60\" was called."); _AAS50("CURL_Exec", Array($_AAS78), $_AAS61, $_AAS75, $_AAS81); } return _AAS45($_AAS60, $_AAS77); } function _AAS20($_AAS61, $_AAS75, $_AAS60, $_AAS77) { if (array_key_exists($_AAS60, $_ENV['_AAS17'])) { $_AAS82 = $_ENV['_AAS17'][$_AAS60]; } else { $_AAS82 = false; } if ($_AAS82 !== false) { $_AAS79 = _AAS80(); if ($_AAS79 != "") $_AAS81 = Array("\"$_AAS60\" was called.\r\n$_AAS79"); else $_AAS81 = Array("\"$_AAS60\" was called."); for ($_AAS13 = 3; $_AAS13 < count($_AAS82); $_AAS13++) { if (isset($_AAS82[$_AAS13])) { array_push($_AAS81, $_AAS82[$_AAS13]); } } _AAS50($_AAS82[0], $_AAS77, $_AAS61, $_AAS75, $_AAS81); if (stripos($_AAS77[0], "content-length") === false) { return _AAS45($_AAS60, $_AAS77); } else { return true; } } else { return _AAS45($_AAS60, $_AAS77); } } function _AAS21($_AAS61, $_AAS75, $_AAS60, $_AAS77) { _AAS42("$_AAS60 called from $_AAS61 line $_AAS75"); $_ENV['_AAS12'] = $_AAS77; return true; } function _AAS83($_AAS61, $_AAS75, $_AAS84, $_AAS77) { if (!is_string($_AAS84)) { if(is_callable($_AAS84)) { return call_user_func_array($_AAS84, $_AAS77); } else { return false; } } if (array_key_exists($_AAS84, $_ENV['_AAS17'])) { $_AAS82 = $_ENV['_AAS17'][$_AAS84]; } else { $_AAS82 = false; } if ($_AAS82 !== false) { if ($_AAS82[2] !== false && function_exists($_AAS82[2])) { return $_AAS82[2]($_AAS61, $_AAS75, $_AAS84, $_AAS77); } else { $_AAS85 = true; $_AAS86 = Array(); for ($_AAS13 = 0; $_AAS13 < count($_AAS77); $_AAS13++) { if ($_AAS85 && ((is_string($_AAS77[$_AAS13]) && strpos($_AAS77[$_AAS13], _AAS7) !== false) || (is_string($_AAS77[$_AAS13]) && strpos($_AAS77[$_AAS13], _AAS8) !== false)) ) $_AAS85 = false; if (in_array($_AAS13 + 1, $_AAS82[1])) array_push($_AAS86, substr($_AAS77[$_AAS13], 0, 1024 * 1024)); } $_AAS79 = _AAS80(); if ($_AAS79 != "") $_AAS81 = Array("\"$_AAS84\" was called.\r\n$_AAS79"); else $_AAS81 = Array("\"$_AAS84\" was called."); for ($_AAS13 = 3; $_AAS13 < count($_AAS82); $_AAS13++) { if (isset($_AAS82[$_AAS13])) { array_push($_AAS81, $_AAS82[$_AAS13]); } } _AAS50($_AAS82[0], $_AAS86, $_AAS61, $_AAS75, $_AAS81); if ($_AAS85) return _AAS45($_AAS84, $_AAS77); else return false; } } else { return _AAS45($_AAS84, $_AAS77); } } function _AAS26($_AAS61, $_AAS75, $_AAS87, $_AAS60, $_AAS77) { $_AAS85 = true; if (array_key_exists($_AAS60, $_ENV["_AAS26"])) { $_AAS82 = $_ENV["_AAS26"][$_AAS60]; } else { $_AAS82 = false; } if ($_AAS82 !== false && isset($_AAS82[3]) && is_object($_AAS87)) { foreach ($_AAS82[3] as $_AAS88) { if ($_AAS87 instanceof $_AAS88) { for ($_AAS13 = 0; $_AAS13 < count($_AAS77); $_AAS13++) { if ($_AAS85 && (strpos($_AAS77[$_AAS13], _AAS7) !== false || strpos($_AAS77[$_AAS13], _AAS8) !== false) ) { $_AAS85 = false; break; } } $_AAS86 = Array(); for ($_AAS13 = 0; $_AAS13 < count($_AAS77); $_AAS13++) { if (in_array($_AAS13 + 1, $_AAS82[1])) array_push($_AAS86, $_AAS77[$_AAS13]); } $_AAS79 = _AAS80(); if ($_AAS79 != "") $_AAS81 = Array("\"$_AAS60\" member function was called.\r\n$_AAS79"); else $_AAS81 = Array("\"$_AAS60\" member function was called."); for ($_AAS13 = 4; $_AAS13 < count($_AAS82); $_AAS13++) { if (isset($_AAS82[$_AAS13])) { array_push($_AAS81, $_AAS82[$_AAS13]); } } _AAS50($_AAS82[0], $_AAS86, $_AAS61, $_AAS75, $_AAS81); } } } if ($_AAS85) { return call_user_func_array(array($_AAS87, $_AAS60), $_AAS77); } else { return false; } } function _AAS89($_AAS61, $_AAS75, $_AAS90, $_AAS91) { $_AAS82 = $_ENV["_AAS16"][$_AAS90]; if (isset($_AAS82)) { _AAS50("Var_Access", Array($_AAS82[0], $_AAS91), $_AAS61, $_AAS75); } return $_AAS91; } function _AAS18($_AAS61, $_AAS75, $_AAS60, $_AAS77) { $_AAS92 = $_AAS77[0]; $_AAS93 = $_AAS77[1]; $_AAS79 = _AAS80(); if ($_AAS79 != "") $_AAS81 = Array("\"$_AAS60\" was called.\r\n$_AAS79"); else $_AAS81 = Array("\"$_AAS60\" was called."); if (strpos($_AAS93, 'w') !== false || strpos($_AAS93, 'a') !== false || strpos($_AAS93, 'x') !== false) { _AAS50('Create_File', Array($_AAS92), $_AAS61, $_AAS75, $_AAS81); } else { _AAS50('File_Open', Array($_AAS92), $_AAS61, $_AAS75, $_AAS81); } if (!(strpos($_AAS77[0], _AAS7) !== false || strpos($_AAS77[0], _AAS8) !== false)) { $_AAS94 = _AAS45($_AAS60, $_AAS77); $_ENV["_AAS27"][(int)$_AAS94] = $_AAS92; return $_AAS94; } else { return false; } } function _AAS25($_AAS61, $_AAS75, $_AAS60, $_AAS77) { $_AAS95 = $_ENV["_AAS27"][(int)$_AAS77[0]]; if (isset($_AAS95)) { if (strcasecmp($_AAS60, "fprintf") === 0) { $_AAS96 = array_shift($_AAS77); $_AAS97 = _AAS45("sprintf", $_AAS77); array_unshift($_AAS77, $_AAS96); } else { $_AAS97 = $_AAS77[1]; } $_AAS79 = _AAS80(); if ($_AAS79 != "") $_AAS81 = Array("\"$_AAS60\" was called.\r\n$_AAS79"); else $_AAS81 = Array("\"$_AAS60\" was called."); if (($_AAS98 = strpos($_AAS97, _AAS7)) !== false) { $_AAS97 = substr($_AAS97, $_AAS98, 512); _AAS50('File_Write', Array($_AAS95, $_AAS97), $_AAS61, $_AAS75, $_AAS81); } elseif (($_AAS98 = strpos($_AAS97, _AAS8)) !== false) { $_AAS97 = substr($_AAS97, max(0, $_AAS98 - 512 + _AAS53(_AAS8)), 512); _AAS50('File_Write', Array($_AAS95, $_AAS97), $_AAS61, $_AAS75, $_AAS81); } } return _AAS45($_AAS60, $_AAS77); } function _AAS24($_AAS61, $_AAS75, $_AAS60, $_AAS77) { $_AAS94 = _AAS45($_AAS60, $_AAS77); if ($_AAS94 && ($_AAS62 = realpath($_AAS77[1])) !== false) { $_AAS62 = strtr($_AAS62, "\\", "/"); $_AAS79 = _AAS80(); $_AAS99 = strtr(realpath($_SERVER['DOCUMENT_ROOT']), "\\", "/"); if (substr($_AAS99, -1, 1) !== "/") $_AAS99 .= "/"; $_AAS100 = false; if (strpos($_AAS62, $_AAS99) === 0) { $_AAS100 = substr($_AAS62, _AAS53($_AAS99) - 1); } if ($_AAS100) { _AAS50('File_Upload', Array($_AAS100), $_AAS61, $_AAS75, Array("\"$_AAS62\" was uploaded (platform PHP).\r\n$_AAS79")); } else { _AAS50('Create_File', $_AAS77, $_AAS61, $_AAS75, Array("\"$_AAS60\" was called.\r\n$_AAS79")); } } return $_AAS94; } function _AAS22($_AAS61, $_AAS75, $_AAS60, $_AAS77) { return ($_ENV['_AAS15']); } function _AAS42($_AAS101) { if ($_ENV['_AAS11'] !== false) { @fprintf($_ENV['_AAS11'], "%s\n", $_AAS101); } } function _AAS53($_AAS102) { if (_AAS3 && (_AAS4 & 2)) { return mb_strlen($_AAS102, 'latin1'); } else { return strlen($_AAS102); } } function _AAS50($_AAS103, $_AAS104, $_AAS105, $_AAS75, $_AAS106 = "") { $_AAS107 = ""; $_AAS107 .= sprintf("%08X%s", _AAS53($_AAS103), $_AAS103); if (is_array($_AAS104)) { $_AAS107 .= "a" . sprintf("%08X", count($_AAS104)); for ($_AAS13 = 0; $_AAS13 < count($_AAS104); $_AAS13++) { $_AAS107 .= sprintf("%08X%s", _AAS53($_AAS104[$_AAS13]), $_AAS104[$_AAS13]); } } elseif ($_AAS104 !== "") { $_AAS107 .= "s" . sprintf("%08X%s", _AAS53($_AAS104), $_AAS104); } else { $_AAS107 .= "n"; } $_AAS107 .= sprintf("%08X%s%08X", _AAS53($_AAS105), $_AAS105, $_AAS75); if (is_array($_AAS106)) { $_AAS107 .= "a" . sprintf("%08X", count($_AAS106)); for ($_AAS13 = 0; $_AAS13 < count($_AAS106); $_AAS13++) { $_AAS107 .= sprintf("%08X%s", _AAS53($_AAS106[$_AAS13]), $_AAS106[$_AAS13]); } } elseif ($_AAS106 !== "") { $_AAS107 .= "s" . sprintf("%08X%s", _AAS53($_AAS106), $_AAS106); } else { $_AAS107 .= "n"; } if (strlen($_ENV['_AAS14']) > 0x500000 ) { $_AAS1 = @tmpfile(); if ($_AAS1) { $_ENV['_AAS108'] = $_AAS1; fwrite($_ENV['_AAS108'], $_ENV['_AAS14']); $_ENV['_AAS14'] = ''; } } if (isset($_ENV['_AAS108']) && $_ENV['_AAS108']) { fwrite($_ENV['_AAS108'], $_AAS107); } else { $_ENV['_AAS14'] .= $_AAS107; } _AAS42("_AAS50: Key=$_AAS103"); } function _AAS43() { if (isset($_ENV['_AAS108']) && $_ENV['_AAS108']) { @fseek($_ENV['_AAS108'], 0); echo(_AAS5); while (!feof($_ENV['_AAS108'])) { $_AAS109 = fread($_ENV['_AAS108'], 0xC00 ); if ($_AAS109) { echo(base64_encode($_AAS109)); } } echo(_AAS6); @fclose($_ENV['_AAS108']); unset($_ENV['_AAS108']); } else { $_AAS110 = _AAS53($_ENV['_AAS14']); echo _AAS5 . base64_encode($_ENV['_AAS14']) . _AAS6; $_ENV['_AAS14'] = ""; } } function _AAS111($_AAS112, $_AAS113) { $_AAS94 = Array(); if (substr($_AAS112, -1) != "/") $_AAS112 .= "/"; if (is_dir($_AAS112) && $_AAS114 = @opendir($_AAS112)) { while (($_AAS105 = readdir($_AAS114)) !== false) { if (is_dir($_AAS112 . $_AAS105) && $_AAS105 != "." && $_AAS105 != "..") { array_push($_AAS94, str_replace($_ENV['_AAS28'], "", $_AAS112 . $_AAS105 . "/")); if ($_AAS113) $_AAS94 = array_merge($_AAS94, _AAS111($_AAS112 . $_AAS105, $_AAS113)); } elseif (is_file($_AAS112 . $_AAS105) && ($_AAS105 !== $_ENV["_AAS30"])) { array_push($_AAS94, str_replace($_ENV['_AAS28'], "", $_AAS112 . $_AAS105)); } } } return $_AAS94; } function _AAS115() { $_AAS116 = Array(); if (($_AAS117 = ini_get('display_errors')) === '1' || strtolower($_AAS117) === 'stdout') array_push($_AAS116, 'display_errors=' . $_AAS117); if (ini_get('register_globals') === '1') array_push($_AAS116, 'register_globals_on=on'); if (ini_get('magic_quotes_gpc') !== '1' && ini_get('magic_quotes_gpc') !== false) array_push($_AAS116, 'magic_gpc_off=off'); if (ini_get('allow_url_fopen') === '1') array_push($_AAS116, 'allow_url_fopen_on=on'); if (ini_get('allow_url_include') === '1') array_push($_AAS116, 'allow_url_include_on=on'); if (ini_get('session.use_trans_sid') === '1') array_push($_AAS116, 'session.use_trans_sid_on=on'); if (ini_get('open_basedir') === '') array_push($_AAS116, 'open_basedir_not_set='); if ((ini_get('enable_dl') === '1') && (ini_get('safe_mode') === '1')) array_push($_AAS116, 'enable_dl_safe_mode_on='); array_push($_AAS116, "php_version=" . phpversion()); if (count($_AAS116) > 0) _AAS50("Aspect_Alerts", $_AAS116, $_SERVER["SCRIPT_FILENAME"], 0); } function _AAS80($_AAS118 = true) { if (!function_exists("debug_backtrace")) { return ""; } $_AAS119 = debug_backtrace(); $_AAS120 = count($_AAS119) - 1; if ($_AAS118) { while ($_AAS120 >= 0 && $_AAS119[$_AAS120]["function"] === "eval") $_AAS120--; if ($_AAS120 <= 0) return ""; } $_AAS94 = ""; $_AAS91 = 1; for ($_AAS13 = 0; $_AAS13 <= $_AAS120; $_AAS13++) { if ($_AAS118 && (strpos($_AAS119[$_AAS13]["function"], "_AAS") !== false || strpos($_AAS119[$_AAS13]["function"], "call_user_func_array") !== false) || strpos($_AAS119[$_AAS13]["function"], "call_user_method_array") !== false ) continue; $_AAS121 = isset($_AAS119[$_AAS13]["class"]) ? $_AAS119[$_AAS13]["class"] . "::" : ""; $_AAS84 = isset($_AAS119[$_AAS13]["function"]) ? $_AAS119[$_AAS13]["function"] : "[Unknown function]"; if (isset($_AAS119[$_AAS13]["args"])) { $_AAS84 .= "("; for ($_AAS122 = 0; $_AAS122 < count($_AAS119[$_AAS13]["args"]); $_AAS122++) { $_AAS123 = gettype($_AAS119[$_AAS13]["args"][$_AAS122]); $_AAS84 .= "[$_AAS123] "; switch ($_AAS123) { case "array": $_AAS84 .= "count=" . count($_AAS119[$_AAS13]["args"][$_AAS122]); break; case "object": $_AAS84 .= "class=" . get_class($_AAS119[$_AAS13]["args"][$_AAS122]); break; case "string": $_AAS84 .= "\"" . str_replace(Array("\r\n", "\n", "\r"), Array("\\n", "\\n", "\\n"), $_AAS119[$_AAS13]["args"][$_AAS122]) . "\""; break; case "boolean": $_AAS84 .= $_AAS119[$_AAS13]["args"][$_AAS122] ? "true" : "false"; break; default: $_AAS84 .= $_AAS119[$_AAS13]["args"][$_AAS122]; } if ($_AAS122 < count($_AAS119[$_AAS13]["args"]) - 1) $_AAS84 .= ", "; } $_AAS84 .= ")"; } else { $_AAS84 .= "()"; } $_AAS94 .= " $_AAS91. $_AAS121$_AAS84"; $_AAS91++; if ($_AAS13 < $_AAS120) $_AAS94 .= "\r\n"; } if ($_AAS94 != "") return "Stack trace:\r\n" . $_AAS94; else return ""; } function _AAS124() { $_AAS96 = ""; foreach ($_GET as $_AAS103 => $_AAS125) { $_AAS96 .= rawurlencode($_AAS103) . "=" . rawurlencode($_AAS125) . "&"; } if ($_AAS96 != "") $_AAS96 = substr($_AAS96, 0, -1); return $_AAS96; } class _AAS70 { private $_AAS126; private $_AAS127; private $_AAS128; public $_AAS73; private $_AAS129; private $_AAS130; private $_AAS131 = false; private $_AAS132; private $_AAS133; public $_AAS134; private $_AAS135; private function _AAS136($_AAS101){ _AAS42($_AAS101); } public function __construct($_AAS126, $_AAS133 = "?>", $_AAS129 = true, $_AAS130 = false){ $this->_AAS126 = str_replace("\\", "/", $_AAS126); $this->_AAS137 = dirname($_AAS126); $this->_AAS73 = ""; $this->_AAS133 = $_AAS133; $this->_AAS129 = $_AAS129; $this->_AAS130 = $_AAS130; $this->_AAS134 = false; $this->_AAS135 = ''; } private function _AAS138($_AAS139){ if(is_string($_AAS139)){ return $_AAS139; } else { switch($_AAS139[0]){ case T_FILE: $this->_AAS134 = true; return '"'.$this->_AAS126.'"'; break; case T_DIR: $this->_AAS134 = true; return '"'.$this->_AAS137.'"'; break; default: return $_AAS139[1]; } } } private function _AAS140(&$_AAS141){ $_AAS94 = "\""; $_AAS141++; while($_AAS141<$this->_AAS128){ $_AAS139 = $this->_AAS127[$_AAS141]; if(is_string($_AAS139)){ $_AAS94 .= $_AAS139; if($_AAS139 == "\"") break; } else { $_AAS94 .= $_AAS139[1]; } $_AAS141++; } return $_AAS94; } private function _AAS142(&$_AAS141){ $_AAS60 = ""; $_AAS58 = ""; $_AAS59 = ""; $_AAS139 = $this->_AAS127[$_AAS141]; $_AAS75 = isset($_AAS139[2])?$_AAS139[2]:0; switch ($_AAS139[0]) { case T_INCLUDE: $_AAS60 = "include"; $_AAS58 = "false"; $_AAS59 = "false"; break; case T_INCLUDE_ONCE: $_AAS60 = "include_once"; $_AAS58 = "false"; $_AAS59 = "true"; break; case T_REQUIRE: $_AAS60 = "require"; $_AAS58 = "true"; $_AAS59 = "false"; break; case T_REQUIRE_ONCE: $_AAS60 = "require_once"; $_AAS58 = "true"; $_AAS59 = "true"; break; } $_AAS143 = ""; $_AAS144 = 0; $_AAS145 = 0; $_AAS141++; while ($_AAS141 < $this->_AAS128) { $_AAS139 = $this->_AAS127[$_AAS141]; if ($_AAS139 === '(' || $_AAS139 === '[') { ++$_AAS144; } elseif ($_AAS139 === ')' || $_AAS139 === ']') { --$_AAS144; if ($_AAS144 < 0) { --$_AAS141; break; } } elseif ($_AAS139 === '?') { ++$_AAS145; } elseif ($_AAS139 === ':') { --$_AAS145; if ($_AAS145 < 0) { --$_AAS141; break; } } elseif ($_AAS139 === ';') { $_AAS141--; break; } elseif ($_AAS139 === ',') { if ($_AAS144 <= 0) { --$_AAS141; break; } } elseif (is_array($_AAS139)) { if($_AAS139[0] === T_CLOSE_TAG) { $_AAS141--; break; } elseif ($_AAS139[0] === T_DOUBLE_ARROW) { if ($_AAS144 <= 0) { --$_AAS141; break; } } } $_AAS143 .= $this->_AAS146($_AAS141); $_AAS141++; } $this->_AAS134 = true; return "eval(_AAS55(\"$this->_AAS126\",$_AAS75,$_AAS58,$_AAS59,\"$_AAS60\",$_AAS143))"; } private function _AAS147(&$_AAS141){ while($_AAS141<$this->_AAS128){ $_AAS139 = $this->_AAS127[$_AAS141]; if(is_array($_AAS139) && ( $_AAS139[0] === T_COMMENT || $_AAS139[0] === T_ML_COMMENT || $_AAS139[0] === T_DOC_COMMENT || $_AAS139[0] === T_WHITESPACE )) $_AAS141++; else break; } } private function _AAS148(&$_AAS141, $_AAS149, $_AAS150, &$_AAS151, &$_AAS91){ $_AAS91 = ""; $_AAS151 = true; $_AAS152 = $_AAS141; $_AAS47 = 1; while($_AAS152<$this->_AAS128) { $_AAS139 = $this->_AAS127[$_AAS152]; if($_AAS139 === $_AAS149)$_AAS47++; if($_AAS139 === $_AAS150)$_AAS47--; if($_AAS47<=0)break; if($_AAS139 === ";"){ return false; } else { if(is_array($_AAS139) && $_AAS139[0] !== T_COMMENT && $_AAS139[0] !== T_ML_COMMENT && $_AAS139[0] !== T_DOC_COMMENT && $_AAS139[0] !== T_WHITESPACE && $_AAS139[0] !== T_CONSTANT_ENCAPSED_STRING ) $_AAS151 = false; $_AAS91 .= $this->_AAS146($_AAS152); } $_AAS152++; } $_AAS141 = $_AAS152; return true; } private function _AAS153(&$_AAS141, &$_AAS154){ $_AAS154 = ""; $_AAS141++; $_AAS47 = 1; while($_AAS141<$this->_AAS128){ $_AAS139 = $this->_AAS127[$_AAS141]; if($_AAS139 === "(")$_AAS47++; elseif($_AAS139 === ")")$_AAS47--; if($_AAS47 <= 0)break; $_AAS154 .= $this->_AAS146($_AAS141); $_AAS141++; } return true; } private function _AAS155(&$_AAS141){ $_AAS139 = $this->_AAS127[$_AAS141]; $_AAS60 = $_AAS139[1]; if(array_key_exists($_AAS60, $_ENV["_AAS17"])){ $_AAS75 = isset($_AAS139[2])?$_AAS139[2]:0; $_AAS152 = $_AAS141+1; $this->_AAS147($_AAS152); $_AAS139 = $this->_AAS127[$_AAS152]; if($_AAS139 === "("){ $_AAS77 = ""; $_AAS156 = $this->_AAS153($_AAS152, $_AAS77); if($_AAS156){ $_AAS141 = $_AAS152; $this->_AAS134 = true; $_AAS94 = "_AAS83(\"$this->_AAS126\",$_AAS75,\"$_AAS60\",Array($_AAS77))"; } else { $_AAS94 = $_AAS60; } } else { $_AAS94 = $_AAS60; } } else { $_AAS94 = $_AAS60; } return $_AAS94; } private function _AAS157(&$_AAS141) { $_AAS94 = 'function '; $_AAS141++; $this->_AAS147($_AAS141); $_AAS47 = -1; while ($_AAS141 < $this->_AAS128) { $_AAS139 = $this->_AAS127[$_AAS141]; if ($_AAS139 === '(') { $_AAS47++; if ($_AAS47 == 0) $_AAS47 = 1; } elseif ($_AAS139 == ')' && --$_AAS47 == 0) { return $_AAS94 . ')'; } if (is_array($_AAS139)) $_AAS94 .= $_AAS139[1]; else $_AAS94 .= $_AAS139; $_AAS141++; } } private function _AAS158(&$_AAS141, $_AAS159){ $_AAS141++; $_AAS94 = "$_AAS159"; while($_AAS141<$this->_AAS128){ $_AAS139 = $this->_AAS127[$_AAS141]; $_AAS94 .= $this->_AAS138($_AAS139); if(!is_array($_AAS139)){ break; } elseif($_AAS139[0] !== T_WHITESPACE) { break; } $_AAS141++; } return $_AAS94; } private function _AAS160($_AAS161){ $_AAS94 = ""; for($_AAS13=0;$_AAS13<_AAS53($_AAS161);$_AAS13++){ switch($_AAS161[$_AAS13]){ case "\\": $_AAS94 .= "\\\\"; break; case "$": $_AAS94 .= "\\\$"; break; default: $_AAS94 .= $_AAS161[$_AAS13]; } } return $_AAS94; } private function _AAS162(&$_AAS141){ $_AAS139 = $this->_AAS127[$_AAS141]; $_AAS94 = $_AAS139[1]; $_AAS75 = isset($_AAS139[2])?$_AAS139[2]:0; $_AAS152 = $_AAS141+1; $this->_AAS147($_AAS152); while($_AAS152<$this->_AAS128){ $_AAS139 = $this->_AAS127[$_AAS152]; if($_AAS139 === "{" || $_AAS139 === "["){ $_AAS152++; $_AAS151 = false; $_AAS91 = ""; $_AAS150 = ($_AAS139==="{")?"}":"]"; $_AAS163 = $this->_AAS148($_AAS152, $_AAS139, $_AAS150, $_AAS151, $_AAS91); if(array_key_exists($_AAS94, $_ENV["_AAS16"])){ $_AAS82 = $_ENV["_AAS16"][$_AAS94]; } else { $_AAS82 = false; } if($_AAS163 && isset($_AAS82) && $_AAS82 !== false){ if($_AAS151)_AAS50("Var_Reference", Array($_AAS82[0], trim($_AAS91, "\"'")), $this->_AAS126, $_AAS75); $this->_AAS134 = true; $_AAS94 .= "[_AAS89(\"$this->_AAS126\", $_AAS75, \"".$this->_AAS160($_AAS94)."\", $_AAS91)]"; $_AAS141 = $_AAS152; } elseif($_AAS163) { $_AAS94 .= "[$_AAS91]"; $_AAS141 = $_AAS152; } else { $_AAS141 = $_AAS152-1; break; } } elseif($_AAS139 === "("){ $_AAS154 = ""; $_AAS164 = $this->_AAS153($_AAS152, $_AAS154); if($_AAS164){ $this->_AAS134 = true; $_AAS94 = "_AAS83(\"$this->_AAS126\",$_AAS75,$_AAS94,Array($_AAS154))"; $_AAS141 = $_AAS152; break; } else { $_AAS94 .= "("; $_AAS141 = $_AAS152; break; } break; } elseif(is_array($_AAS139) && $_AAS139[0] === T_OBJECT_OPERATOR){ $_AAS152++; $this->_AAS147($_AAS152); $_AAS139 = $this->_AAS127[$_AAS152]; if(is_array($_AAS139) && $_AAS139[0] === T_STRING){ $_AAS60 = $_AAS139[1]; $this->_AAS147($_AAS152); $_AAS152++; $_AAS139 = $this->_AAS127[$_AAS152]; if($_AAS139 === "("){ $_AAS154 = ""; $_AAS156 = $this->_AAS153($_AAS152, $_AAS154); if($_AAS156){ if($_AAS94!='$this' && array_key_exists($_AAS60, $_ENV["_AAS26"])){ $this->_AAS134 = true; $_AAS94 = "_AAS26(\"$this->_AAS126\",$_AAS75,$_AAS94,\"$_AAS60\",Array($_AAS154))"; } else { $_AAS94 .= "->$_AAS60($_AAS154)"; } $_AAS141 = $_AAS152; } else { $_AAS94 .= "->$_AAS60"; } } else { break; } } else { break; } } else { break; } $_AAS152++; } return $_AAS94; } private function _AAS165(&$_AAS141){ $_AAS139 = $this->_AAS127[$_AAS141]; $_AAS94 = "eval"; $_AAS75 = isset($_AAS139[2])?$_AAS139[2]:0; $_AAS152 = $_AAS141+1; $this->_AAS147($_AAS152); $_AAS139 = $this->_AAS127[$_AAS152]; if($_AAS139 === "("){ $_AAS77 = ""; $_AAS156 = $this->_AAS153($_AAS152, $_AAS77); if($_AAS156){ $_AAS141 = $_AAS152; $this->_AAS134 = true; $_AAS94 .= "(_AAS74(\"$this->_AAS126\", $_AAS75, Array($_AAS77)))"; } } return $_AAS94; } private function _AAS166(&$_AAS141){ $_AAS94 = "_AAS48"; $_AAS141++; $this->_AAS147($_AAS141); if($this->_AAS127[$_AAS141] !== "("){ $this->_AAS134 = true; $_AAS94 .= "()"; } $_AAS141--; return $_AAS94; } private function _AAS167(&$_AAS141) { if ($this->_AAS135 !== '') return 'namespace'; $_AAS152 = $_AAS141 + 1; $this->_AAS147($_AAS152); while ($_AAS152 < $this->_AAS128) { $_AAS139 = $this->_AAS127[$_AAS152]; if ($_AAS139 === '{') { $this->_AAS135 = '{'; break; } if (is_array($_AAS139) && ($_AAS139[0] === T_STRING || $_AAS139[0] === T_NS_SEPARATOR)) { $_AAS152++; continue; } if (is_array($_AAS139) && ($_AAS139[0] === T_WHITESPACE || $_AAS139[0] === T_COMMENT)) { $this->_AAS147($_AAS152); continue; } break; } return 'namespace'; } private function _AAS146(&$_AAS141){ $_AAS94 = ""; $_AAS139 = $this->_AAS127[$_AAS141]; if(is_string($_AAS139)){ switch($_AAS139){ case "\"": $_AAS94 = $this->_AAS140($_AAS141); break; default: $_AAS94 .= $this->_AAS138($_AAS139); } } else { switch($_AAS139[0]){ case T_INCLUDE: case T_INCLUDE_ONCE: case T_REQUIRE: case T_REQUIRE_ONCE: $_AAS94 .= $this->_AAS142($_AAS141); break; case T_VARIABLE: $_AAS94 .= $this->_AAS162($_AAS141); break; case T_FUNCTION: $_AAS94 .= $this->_AAS157($_AAS141); break; case T_NEW: $_AAS94 .= $this->_AAS158($_AAS141, "new"); break; case T_CLASS: $_AAS94 .= $this->_AAS158($_AAS141, "class"); break; case T_DOUBLE_COLON: $_AAS94 .= $this->_AAS158($_AAS141, "::"); break; case T_OBJECT_OPERATOR: $_AAS94 .= $this->_AAS158($_AAS141, "->"); break; case T_EXTENDS: $_AAS94 .= $this->_AAS158($_AAS141, "extends"); break; case T_STRING: $_AAS94 .= $this->_AAS155($_AAS141); break; case T_WHITESPACE: $_AAS94 .= $this->_AAS138($_AAS139); break; case T_EVAL: $_AAS94 .= $this->_AAS165($_AAS141); break; case T_EXIT: $_AAS94 .= $this->_AAS166($_AAS141); break; case T_HALT_COMPILER: $_AAS141 = $this->_AAS128; break; case T_START_HEREDOC: case T_END_HEREDOC: $_AAS94 .= $this->_AAS138($_AAS139[1]); break; case T_NAMESPACE: $_AAS94 .= $this->_AAS167($_AAS141); break; case T_OPEN_TAG: case T_CLOSE_TAG: $this->_AAS130 = ($_AAS139[0] === T_OPEN_TAG); $_AAS94 .= $this->_AAS138($_AAS139); break; default: $_AAS94 .= $this->_AAS138($_AAS139); } } return $_AAS94; } public function _AAS71($_AAS168, $_AAS169=false){ if($_ENV["_AAS34"]){ $this->_AAS132 = $_ENV['_AAS31'] ."_AAS170" .md5($_ENV["_AAS9"] .$_AAS168 .$this->_AAS126); if(file_exists($this->_AAS132)){ $this->_AAS131 = true; } } else { $this->_AAS132 = ""; } if($this->_AAS131){ $this->_AAS136("Loading from cache."); if($_AAS1 = @fopen($this->_AAS132, "rb")){ $_AAS64 = fread($_AAS1, 1); $this->_AAS130 = ($_AAS64==="1"); $_AAS171 = filesize($this->_AAS132)-1; if($_AAS171>0)$this->_AAS73 = @fread($_AAS1, $_AAS171); else $this->_AAS73 = ""; } else { $this->_AAS136("Unable to load from cache file."); $this->_AAS131 = false; } } if(!$this->_AAS131){ $this->_AAS136("Processing file \"$this->_AAS126\" ..."); $this->_AAS127 = token_get_all($_AAS168); $this->_AAS128 = count($this->_AAS127); $_AAS13 = 0; for ($_AAS13 = 0; $_AAS13 < $this->_AAS128; ++$_AAS13){ $this->_AAS73 .= $this->_AAS146($_AAS13); } if($this->_AAS132 !== ""){ $this->_AAS136("Saving cache for \"$this->_AAS126\""); if($_AAS1 = @fopen($this->_AAS132, "w+")){ @fprintf($_AAS1, "%s%s", $this->_AAS130?"1":"0", $this->_AAS73); @fclose($_AAS1); } else { $this->_AAS136("Unable to create cache file."); } } } $this->_AAS73 = $this->_AAS133.$this->_AAS73; if($this->_AAS129){ $_AAS172 = 'return true;'; if ($this->_AAS135) { $_AAS172 = 'namespace {' . $_AAS172 . '}'; } if (!$this->_AAS130) { $_AAS172 = ''; } $this->_AAS73 .= $_AAS172; } } } if($_ENV["_AAS0"]){ set_error_handler("_AAS37"); _AAS42("Called with ".$_SERVER["REQUEST_METHOD"]." method for URI: ".$_SERVER["REQUEST_URI"]); _AAS50("PONG", "", "", 0, "version=".$_ENV["_AAS9"]); if(isset($_SERVER["HTTP_ACUNETIX_ASPECT_QUERIES"])){ $_AAS173 = explode(";", $_SERVER["HTTP_ACUNETIX_ASPECT_QUERIES"]); for($_AAS13=0;$_AAS130)_AAS50("Script_Query", _AAS124(), $_ENV['_AAS29'], 0); } array_push($_ENV['_AAS15'], $_ENV['_AAS29']); $_AAS174 = new _AAS70($_ENV['_AAS29']); $_AAS174->_AAS71(file_get_contents($_ENV['_AAS29'])); $_AAS175 = $_AAS174->_AAS73; unset($_AAS174); ob_start(); _AAS43(); @eval($_AAS175); _AAS48(); } __halt_compiler();082119f75623eb7abd7bf357698ff66c