3v4l.org

run code in 150+ php & hhvm versions
Bugs & Features
<?php $str = "<script>alert(/xss/)aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa</script>"; $obj1 = unserialize($str);
based on S1oam
Output for 4.3.2 - 5.6.28, 7.0.0 - 7.1.0
Notice: unserialize(): Error at offset 0 of 66 bytes in /in/HfOuD on line 4
Output for hhvm-3.10.0 - 3.12.0
Notice: Unable to unserialize: [<script>alert(/xss/)aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa</script>]. Expected ':' but got 's'. in /in/HfOuD on line 4
Output for 4.3.0 - 4.3.1
Notice: unserialize() [http://www.php.net/function.unserialize]: Error at offset 0 of 66 bytes in /in/HfOuD on line 4