3v4l.org

run code in 150+ php & hhvm versions
Bugs & Features
<?php class Renderer { function render(array $_data) { // normally you'd have some file you'd render from... $_data = $this->escapeData($_data); extract($_data, EXTR_SKIP); return <<<LIST {$foo}\n {$bar}\n {$baz}\n {$htmlSafe}\n LIST; } private function escapeData(array $data) { $safe = []; foreach ($data as $var => $value) { if (is_array($value)) { $safe[$var] = $this->escapeData($value); } else { if ($value instanceof HtmlSafeString) { $safe[$var] = (string) $value; } else { $safe[$var] = htmlspecialchars($value); } } } return $safe; } } class HtmlSafeString { private $str; function __construct($string) { $this->str = $string; } function __toString() { return $this->str; } } $renderer = new Renderer(); $unsafe = [ 'foo' => '<script>alert("xss");</script>', 'bar' => '<b>something</b>', 'baz' => '<i>foo</i>', 'htmlSafe' => new HtmlSafeString('<b>got through</b>') ]; echo $renderer->render($unsafe);
based on NIYeF
Output for 5.4.0 - 7.1.0
&lt;script&gt;alert(&quot;xss&quot;);&lt;/script&gt; &lt;b&gt;something&lt;/b&gt; &lt;i&gt;foo&lt;/i&gt; <b>got through</b>
Output for 5.1.0 - 5.1.1, 5.1.3 - 5.3.29
Parse error: syntax error, unexpected '[' in /in/1Ksi4 on line 19
Process exited with code 255.
Output for 5.1.2
Parse error: syntax error, unexpected '[' in /in/1Ksi4 on line 20
Process exited with code 255.
Output for 5.0.0 - 5.0.5
Parse error: parse error, unexpected T_ARRAY, expecting '&' or T_VARIABLE in /in/1Ksi4 on line 5
Process exited with code 255.
Output for 4.4.2 - 4.4.9
Parse error: syntax error, unexpected T_ARRAY, expecting ')' in /in/1Ksi4 on line 5
Process exited with code 255.
Output for 4.3.0 - 4.3.1, 4.3.5 - 4.4.1
Parse error: parse error, unexpected T_ARRAY, expecting ')' in /in/1Ksi4 on line 5
Process exited with code 255.
Output for 4.3.2 - 4.3.4
Parse error: parse error, expecting `')'' in /in/1Ksi4 on line 5
Process exited with code 255.