Found this in a broken websites I worked on a couple of years ago. A very dangerous piece of code. It’s a first stage malware dropper.
It appears that it was used to install WSO remote webshell. Joomla’s weblink module vulnerability to MySQL injection was exploited to compromise system.