3v4l.org

run code in 300+ PHP versions simultaneously
<?php // uncomment these to see what happens in different situations. // note that this only handles file security; it DOES NOT stop me from reading your files, or vice-versa. $_GET = ['user' => '__adrian', 'file' => 'foo.txt']; //$_GET = ['user' => '__adrian', 'file' => 'remote-file-inclusion.exe']; //$_GET = ['user' => 'UnicornTek', 'file' => 'filesystems-tutorial.pdf']; //$_GET = ['user' => 'UnicornTek', 'file' => 'bar.txt']; $allowed_files = [ '__adrian' => [ 'foo.txt', 'bar.png' ], 'UnicornTek' => [ 'filesystems-turoial.pdf', 'remote-file-inclusion.exe' ] ]; if (! isset($allowed_files[$_GET['user']]) || ! in_array($_GET['file'], $allowed_files[$_GET['user']])) { throw new Exception("File Not Found: {$_GET['user']}/{$_GET['file']}"); } readfile("/path/to/users/{$_GET['user']}/{$_GET['file']}");
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 47) Position 1 = 8, Position 2 = 19
Branch analysis from position: 8
2 jumps found. (Code = 43) Position 1 = 20, Position 2 = 32
Branch analysis from position: 20
1 jumps found. (Code = 108) Position 1 = -2
Branch analysis from position: 32
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 19
filename:       /in/1bm4p
function name:  (null)
number of ops:  44
compiled vars:  !0 = $allowed_files
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    6     0  E >   FETCH_W                      global              $1      '_GET'
          1        ASSIGN                                                   $1, <array>
   12     2        ASSIGN                                                   !0, <array>
   23     3        FETCH_R                      global              ~4      '_GET'
          4        FETCH_DIM_R                                      ~5      ~4, 'user'
          5        ISSET_ISEMPTY_DIM_OBJ                         0  ~6      !0, ~5
          6        BOOL_NOT                                         ~7      ~6
          7      > JMPNZ_EX                                         ~7      ~7, ->19
          8    >   INIT_FCALL                                               'in_array'
          9        FETCH_R                      global              ~8      '_GET'
         10        FETCH_DIM_R                                      ~9      ~8, 'file'
         11        SEND_VAL                                                 ~9
         12        FETCH_R                      global              ~10     '_GET'
         13        FETCH_DIM_R                                      ~11     ~10, 'user'
         14        FETCH_DIM_R                                      ~12     !0, ~11
         15        SEND_VAL                                                 ~12
         16        DO_ICALL                                         $13     
         17        BOOL_NOT                                         ~14     $13
         18        BOOL                                             ~7      ~14
         19    > > JMPZ                                                     ~7, ->32
   24    20    >   NEW                                              $15     'Exception'
         21        ROPE_INIT                                     4  ~21     'File+Not+Found%3A+'
         22        FETCH_R                      global              ~16     '_GET'
         23        FETCH_DIM_R                                      ~17     ~16, 'user'
         24        ROPE_ADD                                      1  ~21     ~21, ~17
         25        ROPE_ADD                                      2  ~21     ~21, '%2F'
         26        FETCH_R                      global              ~18     '_GET'
         27        FETCH_DIM_R                                      ~19     ~18, 'file'
         28        ROPE_END                                      3  ~20     ~21, ~19
         29        SEND_VAL_EX                                              ~20
         30        DO_FCALL                                      0          
         31      > THROW                                         0          $15
   27    32    >   INIT_FCALL                                               'readfile'
         33        ROPE_INIT                                     4  ~29     '%2Fpath%2Fto%2Fusers%2F'
         34        FETCH_R                      global              ~24     '_GET'
         35        FETCH_DIM_R                                      ~25     ~24, 'user'
         36        ROPE_ADD                                      1  ~29     ~29, ~25
         37        ROPE_ADD                                      2  ~29     ~29, '%2F'
         38        FETCH_R                      global              ~26     '_GET'
         39        FETCH_DIM_R                                      ~27     ~26, 'file'
         40        ROPE_END                                      3  ~28     ~29, ~27
         41        SEND_VAL                                                 ~28
         42        DO_ICALL                                                 
         43      > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0


preferences:
153.19 ms | 1392 KiB | 17 Q