3v4l.org

run code in 300+ PHP versions simultaneously
<?php // Challenge: make this terrible code safe if((count($_POST) > 0) && (strlen($_POST['password']) == 0 || strlen($_POST['username']) == 0)){ echo "Please enter username and password".PHP_EOL; exit(); } try{ $pdo = new PDO('sqlite::memorytest:'); } catch(PDOException $e){ echo $e->getMessage(); } $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_SILENT); $pdo->exec("DROP TABLE IF EXISTS users"); $pdo->exec("CREATE TABLE users (username VARCHAR(255), password VARCHAR(255))"); $rootPassword = password_hash("secret", PASSWORD_DEFAULT); $pdo->exec("INSERT INTO users (username, password) VALUES ('root', '$rootPassword');"); $statement = $pdo->prepare("SELECT password FROM users WHERE username = ? LIMIT 1"); if($statement->execute(array($_POST['username']))){ $row = $statement->fetchAll(); if(password_verify($_POST['password'], $row[0]['password'])){ echo "Access granted to $username!<br />\n"; exit(); } else{ echo "Access denied for $username!<br>\n"; } } ?> <!DOCTYPE html> <html lang="en"> <head> <title>Challenge 4</title> </head> <body> <form method="post"> <input type="text" name="username" placeholder="username" /> <input type="password" name="password" placeholder="password" /> <input type="submit" value="Submit" /> </form> </body> </html>
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 46) Position 1 = 4, Position 2 = 15
Branch analysis from position: 4
2 jumps found. (Code = 47) Position 1 = 9, Position 2 = 14
Branch analysis from position: 9
2 jumps found. (Code = 43) Position 1 = 16, Position 2 = 18
Branch analysis from position: 16
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 18
1 jumps found. (Code = 42) Position 1 = 27
Branch analysis from position: 27
2 jumps found. (Code = 43) Position 1 = 59, Position 2 = 81
Branch analysis from position: 59
2 jumps found. (Code = 43) Position 1 = 71, Position 2 = 77
Branch analysis from position: 71
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 77
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 81
Branch analysis from position: 14
Branch analysis from position: 15
Found catch point at position: 23
Branch analysis from position: 23
2 jumps found. (Code = 107) Position 1 = 24, Position 2 = -2
Branch analysis from position: 24
2 jumps found. (Code = 43) Position 1 = 59, Position 2 = 81
Branch analysis from position: 59
Branch analysis from position: 81
filename:       /in/1aGo0
function name:  (null)
number of ops:  83
compiled vars:  !0 = $pdo, !1 = $e, !2 = $rootPassword, !3 = $statement, !4 = $row, !5 = $username
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    5     0  E >   FETCH_R                      global              ~6      '_POST'
          1        COUNT                                            ~7      ~6
          2        IS_SMALLER                                       ~8      0, ~7
          3      > JMPZ_EX                                          ~8      ~8, ->15
          4    >   FETCH_R                      global              ~9      '_POST'
          5        FETCH_DIM_R                                      ~10     ~9, 'password'
          6        STRLEN                                           ~11     ~10
          7        IS_EQUAL                                         ~12     ~11, 0
          8      > JMPNZ_EX                                         ~12     ~12, ->14
          9    >   FETCH_R                      global              ~13     '_POST'
         10        FETCH_DIM_R                                      ~14     ~13, 'username'
         11        STRLEN                                           ~15     ~14
         12        IS_EQUAL                                         ~16     ~15, 0
         13        BOOL                                             ~12     ~16
         14    >   BOOL                                             ~8      ~12
         15    > > JMPZ                                                     ~8, ->18
    6    16    >   ECHO                                                     'Please+enter+username+and+password%0A'
    7    17      > EXIT                                                     
   11    18    >   NEW                                              $17     'PDO'
         19        SEND_VAL_EX                                              'sqlite%3A%3Amemorytest%3A'
         20        DO_FCALL                                      0          
         21        ASSIGN                                                   !0, $17
         22      > JMP                                                      ->27
   13    23  E > > CATCH                                       last         'PDOException'
   14    24    >   INIT_METHOD_CALL                                         !1, 'getMessage'
         25        DO_FCALL                                      0  $20     
         26        ECHO                                                     $20
   16    27    >   INIT_METHOD_CALL                                         !0, 'setAttribute'
         28        SEND_VAL_EX                                              3
         29        SEND_VAL_EX                                              0
         30        DO_FCALL                                      0          
   18    31        INIT_METHOD_CALL                                         !0, 'exec'
         32        SEND_VAL_EX                                              'DROP+TABLE+IF+EXISTS+users'
         33        DO_FCALL                                      0          
   19    34        INIT_METHOD_CALL                                         !0, 'exec'
         35        SEND_VAL_EX                                              'CREATE+TABLE+users+%28username+VARCHAR%28255%29%2C+password+VARCHAR%28255%29%29'
         36        DO_FCALL                                      0          
   21    37        INIT_FCALL                                               'password_hash'
         38        SEND_VAL                                                 'secret'
         39        SEND_VAL                                                 '2y'
         40        DO_ICALL                                         $24     
         41        ASSIGN                                                   !2, $24
   23    42        INIT_METHOD_CALL                                         !0, 'exec'
         43        ROPE_INIT                                     3  ~27     'INSERT+INTO+users+%28username%2C+password%29+VALUES+%28%27root%27%2C+%27'
         44        ROPE_ADD                                      1  ~27     ~27, !2
         45        ROPE_END                                      2  ~26     ~27, '%27%29%3B'
         46        SEND_VAL_EX                                              ~26
         47        DO_FCALL                                      0          
   25    48        INIT_METHOD_CALL                                         !0, 'prepare'
         49        SEND_VAL_EX                                              'SELECT+password+FROM+users+WHERE+username+%3D+%3F+LIMIT+1'
         50        DO_FCALL                                      0  $30     
         51        ASSIGN                                                   !3, $30
   26    52        INIT_METHOD_CALL                                         !3, 'execute'
         53        FETCH_R                      global              ~32     '_POST'
         54        FETCH_DIM_R                                      ~33     ~32, 'username'
         55        INIT_ARRAY                                       ~34     ~33
         56        SEND_VAL_EX                                              ~34
         57        DO_FCALL                                      0  $35     
         58      > JMPZ                                                     $35, ->81
   27    59    >   INIT_METHOD_CALL                                         !3, 'fetchAll'
         60        DO_FCALL                                      0  $36     
         61        ASSIGN                                                   !4, $36
   28    62        INIT_FCALL                                               'password_verify'
         63        FETCH_R                      global              ~38     '_POST'
         64        FETCH_DIM_R                                      ~39     ~38, 'password'
         65        SEND_VAL                                                 ~39
         66        FETCH_DIM_R                                      ~40     !4, 0
         67        FETCH_DIM_R                                      ~41     ~40, 'password'
         68        SEND_VAL                                                 ~41
         69        DO_ICALL                                         $42     
         70      > JMPZ                                                     $42, ->77
   29    71    >   ROPE_INIT                                     3  ~44     'Access+granted+to+'
         72        ROPE_ADD                                      1  ~44     ~44, !5
         73        ROPE_END                                      2  ~43     ~44, '%21%3Cbr+%2F%3E%0A'
         74        ECHO                                                     ~43
   30    75      > EXIT                                                     
         76*       JMP                                                      ->81
   33    77    >   ROPE_INIT                                     3  ~47     'Access+denied+for+'
         78        ROPE_ADD                                      1  ~47     ~47, !5
         79        ROPE_END                                      2  ~46     ~47, '%21%3Cbr%3E%0A'
         80        ECHO                                                     ~46
   37    81    >   ECHO                                                     '%3C%21DOCTYPE+html%3E%0A%3Chtml+lang%3D%22en%22%3E%0A%09%3Chead%3E%0A%09%09%3Ctitle%3EChallenge+4%3C%2Ftitle%3E%0A%09%3C%2Fhead%3E%0A%0A%09%3Cbody%3E%0A%0A%09%3Cform+method%3D%22post%22%3E%0A%09%09%3Cinput+type%3D%22text%22+name%3D%22username%22+placeholder%3D%22username%22+%2F%3E%0A%09%09%3Cinput+type%3D%22password%22+name%3D%22password%22+placeholder%3D%22password%22+%2F%3E%0A%09%09%3Cinput+type%3D%22submit%22+value%3D%22Submit%22+%2F%3E%0A%09%3C%2Fform%3E%0A%0A%09%3C%2Fbody%3E%0A%3C%2Fhtml%3E'
   52    82      > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0

preferences:
146.9 ms | 1404 KiB | 17 Q