3v4l.org

run code in 300+ PHP versions simultaneously
<?php session_start(); $before = $_SESSION['before']; if($before == 'http://medalwars.url.ph/'){ if($_SERVER['REQUEST_METHOD'] == 'POST'){ $username = $_POST['username']; $password = $_POST['password']; }else{ $_SESSION['foutcode'] = 'foutcode 001'; header("location: $before"); exit(); } require_once 'db_config.php'; $sql = "SELECT username, password FROM users WHERE username = '$username' AND password = '$password'"; if(!mysql_query($sql)){ $_SESSION['foutcode'] = 'foutcode 004'; header("location: $before"); exit(); } $mysqli = new mysqli($db['host'], $db['user'], $db['pass'], $db['dbname']); $result = $mysqli->query($sql); $row = $result->fetch_assoc(); if($username == htmlentities($row['username']) AND $password == htmlentities($row['password'])){ $_SESSION['logged_in'] = 'true'; $_SESSION['gebruiker'] = $username; $_SESSION['foutcode'] = 'foutcode 011'; header("location: /ingame"); exit(); }else{ $_SESSION['foutcode'] = 'foutcode 008'; header("location: $before"); exit(); } }elseif($before == 'http://medalwars.url.ph/create_account/'){ if($_SERVER['REQUEST_METHOD'] == 'POST'){ $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $email = $_POST['e-mail']; }else{ $_SESSION['foutcode'] = 'foutcode 001'; header("location: $before"); exit(); } require_once 'db_config.php'; $ip = $_SERVER['REMOTE_ADDR']; $sql = "INSERT INTO users (username, password, ip, email) VALUES (\"$username\",\"$password\",\"$ip\",\"$email\")"; if(!mysql_query($sql)){ $_SESSION['foutcode'] = 'foutcode 004'; header("location: $before"); exit(); }else{ $mysqli = new mysqli($db['host'], $db['user'], $db['pass'], $db['dbname']); $query = mysql_query($sql, $mysqli); $_SESSION['logged_in'] = 'create'; $_SESSION['gebruiker'] = $username; $naam_verzender = 'MedalWars'; $email_verzender = 'noreply@medalwars.url.ph'; $onderwerp = 'Accountregistratie MedalWars'; $headers = "From: ".$naam_verzender." <".$email_verzender."> "; $bericht = " Beste $username, Hierbij ontvangt u de bevestiging voor het aanmaken van uw account. Uw inloggegevens zijn: Gebruikersnaam: $username. Wachtwoord: $password. Let op: u ontvangt deze gegevens eenmalig per e-mail. Als u uw wachtwoord vergeet zullen wij deze niet via e-mail verstrekken. Bewaar deze e-mail dus goed. Geef ook wijzigingen van uw e-mailadres tijdig aan onder instellingen op de website. Wij hopen dat u veel plezier zult hebben met het spelen van dit spel. mvg, Het MedalWars team - www.medalwars.url.ph "; mail($email, $onderwerp, $bericht, $headers); header("location: $before"); exit(); } }elseif($before == ''){ $_SESSION['foutcode'] = 'foutcode 009'; header("location: http://medalwars.url.ph/"); }else{ $_SESSION['foutcode'] = 'foutcode 010'; header("location: http://medalwars.url.ph/"); } ?>
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 7, Position 2 = 107
Branch analysis from position: 7
2 jumps found. (Code = 43) Position 1 = 11, Position 2 = 18
Branch analysis from position: 11
1 jumps found. (Code = 42) Position 1 = 27
Branch analysis from position: 27
2 jumps found. (Code = 43) Position 1 = 39, Position 2 = 48
Branch analysis from position: 39
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 48
2 jumps found. (Code = 46) Position 1 = 76, Position 2 = 82
Branch analysis from position: 76
2 jumps found. (Code = 43) Position 1 = 83, Position 2 = 97
Branch analysis from position: 83
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 97
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 82
Branch analysis from position: 18
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 107
2 jumps found. (Code = 43) Position 1 = 109, Position 2 = 219
Branch analysis from position: 109
2 jumps found. (Code = 43) Position 1 = 113, Position 2 = 126
Branch analysis from position: 113
1 jumps found. (Code = 42) Position 1 = 135
Branch analysis from position: 135
2 jumps found. (Code = 43) Position 1 = 154, Position 2 = 164
Branch analysis from position: 154
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 164
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 126
1 jumps found. (Code = 79) Position 1 = -2
Branch analysis from position: 219
2 jumps found. (Code = 43) Position 1 = 221, Position 2 = 228
Branch analysis from position: 221
1 jumps found. (Code = 42) Position 1 = 234
Branch analysis from position: 234
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 228
1 jumps found. (Code = 62) Position 1 = -2
filename:       /in/IQgF1
function name:  (null)
number of ops:  235
compiled vars:  !0 = $before, !1 = $username, !2 = $password, !3 = $sql, !4 = $mysqli, !5 = $db, !6 = $result, !7 = $row, !8 = $password2, !9 = $email, !10 = $ip, !11 = $query, !12 = $naam_verzender, !13 = $email_verzender, !14 = $onderwerp, !15 = $headers, !16 = $bericht
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    2     0  E >   INIT_FCALL                                               'session_start'
          1        DO_ICALL                                                 
    3     2        FETCH_R                      global              ~18     '_SESSION'
          3        FETCH_DIM_R                                      ~19     ~18, 'before'
          4        ASSIGN                                                   !0, ~19
    4     5        IS_EQUAL                                                 !0, 'http%3A%2F%2Fmedalwars.url.ph%2F'
          6      > JMPZ                                                     ~21, ->107
    5     7    >   FETCH_R                      global              ~22     '_SERVER'
          8        FETCH_DIM_R                                      ~23     ~22, 'REQUEST_METHOD'
          9        IS_EQUAL                                                 ~23, 'POST'
         10      > JMPZ                                                     ~24, ->18
    6    11    >   FETCH_R                      global              ~25     '_POST'
         12        FETCH_DIM_R                                      ~26     ~25, 'username'
         13        ASSIGN                                                   !1, ~26
    7    14        FETCH_R                      global              ~28     '_POST'
         15        FETCH_DIM_R                                      ~29     ~28, 'password'
         16        ASSIGN                                                   !2, ~29
         17      > JMP                                                      ->27
    9    18    >   FETCH_W                      global              $31     '_SESSION'
         19        ASSIGN_DIM                                               $31, 'foutcode'
         20        OP_DATA                                                  'foutcode+001'
   10    21        INIT_FCALL                                               'header'
         22        NOP                                                      
         23        FAST_CONCAT                                      ~33     'location%3A+', !0
         24        SEND_VAL                                                 ~33
         25        DO_ICALL                                                 
   11    26      > EXIT                                                     
   13    27    >   INCLUDE_OR_EVAL                                          'db_config.php', REQUIRE_ONCE
   14    28        ROPE_INIT                                     5  ~37     'SELECT+username%2C+password+FROM+users+WHERE+username+%3D+%27'
         29        ROPE_ADD                                      1  ~37     ~37, !1
         30        ROPE_ADD                                      2  ~37     ~37, '%27+AND+password+%3D+%27'
         31        ROPE_ADD                                      3  ~37     ~37, !2
         32        ROPE_END                                      4  ~36     ~37, '%27'
         33        ASSIGN                                                   !3, ~36
   15    34        INIT_FCALL_BY_NAME                                       'mysql_query'
         35        SEND_VAR_EX                                              !3
         36        DO_FCALL                                      0  $41     
         37        BOOL_NOT                                         ~42     $41
         38      > JMPZ                                                     ~42, ->48
   16    39    >   FETCH_W                      global              $43     '_SESSION'
         40        ASSIGN_DIM                                               $43, 'foutcode'
         41        OP_DATA                                                  'foutcode+004'
   17    42        INIT_FCALL                                               'header'
         43        NOP                                                      
         44        FAST_CONCAT                                      ~45     'location%3A+', !0
         45        SEND_VAL                                                 ~45
         46        DO_ICALL                                                 
   18    47      > EXIT                                                     
   20    48    >   NEW                                              $47     'mysqli'
         49        CHECK_FUNC_ARG                                           
         50        FETCH_DIM_FUNC_ARG                               $48     !5, 'host'
         51        SEND_FUNC_ARG                                            $48
         52        CHECK_FUNC_ARG                                           
         53        FETCH_DIM_FUNC_ARG                               $49     !5, 'user'
         54        SEND_FUNC_ARG                                            $49
         55        CHECK_FUNC_ARG                                           
         56        FETCH_DIM_FUNC_ARG                               $50     !5, 'pass'
         57        SEND_FUNC_ARG                                            $50
         58        CHECK_FUNC_ARG                                           
         59        FETCH_DIM_FUNC_ARG                               $51     !5, 'dbname'
         60        SEND_FUNC_ARG                                            $51
         61        DO_FCALL                                      0          
         62        ASSIGN                                                   !4, $47
   21    63        INIT_METHOD_CALL                                         !4, 'query'
         64        SEND_VAR_EX                                              !3
         65        DO_FCALL                                      0  $54     
         66        ASSIGN                                                   !6, $54
   22    67        INIT_METHOD_CALL                                         !6, 'fetch_assoc'
         68        DO_FCALL                                      0  $56     
         69        ASSIGN                                                   !7, $56
   23    70        INIT_FCALL                                               'htmlentities'
         71        FETCH_DIM_R                                      ~58     !7, 'username'
         72        SEND_VAL                                                 ~58
         73        DO_ICALL                                         $59     
         74        IS_EQUAL                                         ~60     !1, $59
         75      > JMPZ_EX                                          ~60     ~60, ->82
         76    >   INIT_FCALL                                               'htmlentities'
         77        FETCH_DIM_R                                      ~61     !7, 'password'
         78        SEND_VAL                                                 ~61
         79        DO_ICALL                                         $62     
         80        IS_EQUAL                                         ~63     !2, $62
         81        BOOL                                             ~60     ~63
         82    > > JMPZ                                                     ~60, ->97
   24    83    >   FETCH_W                      global              $64     '_SESSION'
         84        ASSIGN_DIM                                               $64, 'logged_in'
         85        OP_DATA                                                  'true'
   25    86        FETCH_W                      global              $66     '_SESSION'
         87        ASSIGN_DIM                                               $66, 'gebruiker'
         88        OP_DATA                                                  !1
   26    89        FETCH_W                      global              $68     '_SESSION'
         90        ASSIGN_DIM                                               $68, 'foutcode'
         91        OP_DATA                                                  'foutcode+011'
   27    92        INIT_FCALL                                               'header'
         93        SEND_VAL                                                 'location%3A+%2Fingame'
         94        DO_ICALL                                                 
   28    95      > EXIT                                                     
         96*       JMP                                                      ->106
   30    97    >   FETCH_W                      global              $71     '_SESSION'
         98        ASSIGN_DIM                                               $71, 'foutcode'
         99        OP_DATA                                                  'foutcode+008'
   31   100        INIT_FCALL                                               'header'
        101        NOP                                                      
        102        FAST_CONCAT                                      ~73     'location%3A+', !0
        103        SEND_VAL                                                 ~73
        104        DO_ICALL                                                 
   32   105      > EXIT                                                     
        106*       JMP                                                      ->234
   34   107    >   IS_EQUAL                                                 !0, 'http%3A%2F%2Fmedalwars.url.ph%2Fcreate_account%2F'
        108      > JMPZ                                                     ~75, ->219
   35   109    >   FETCH_R                      global              ~76     '_SERVER'
        110        FETCH_DIM_R                                      ~77     ~76, 'REQUEST_METHOD'
        111        IS_EQUAL                                                 ~77, 'POST'
        112      > JMPZ                                                     ~78, ->126
   36   113    >   FETCH_R                      global              ~79     '_POST'
        114        FETCH_DIM_R                                      ~80     ~79, 'username'
        115        ASSIGN                                                   !1, ~80
   37   116        FETCH_R                      global              ~82     '_POST'
        117        FETCH_DIM_R                                      ~83     ~82, 'password'
        118        ASSIGN                                                   !2, ~83
   38   119        FETCH_R                      global              ~85     '_POST'
        120        FETCH_DIM_R                                      ~86     ~85, 'password2'
        121        ASSIGN                                                   !8, ~86
   39   122        FETCH_R                      global              ~88     '_POST'
        123        FETCH_DIM_R                                      ~89     ~88, 'e-mail'
        124        ASSIGN                                                   !9, ~89
        125      > JMP                                                      ->135
   41   126    >   FETCH_W                      global              $91     '_SESSION'
        127        ASSIGN_DIM                                               $91, 'foutcode'
        128        OP_DATA                                                  'foutcode+001'
   42   129        INIT_FCALL                                               'header'
        130        NOP                                                      
        131        FAST_CONCAT                                      ~93     'location%3A+', !0
        132        SEND_VAL                                                 ~93
        133        DO_ICALL                                                 
   43   134      > EXIT                                                     
   45   135    >   INCLUDE_OR_EVAL                                          'db_config.php', REQUIRE_ONCE
   46   136        FETCH_R                      global              ~96     '_SERVER'
        137        FETCH_DIM_R                                      ~97     ~96, 'REMOTE_ADDR'
        138        ASSIGN                                                   !10, ~97
   47   139        ROPE_INIT                                     9  ~100    'INSERT+INTO+users+%28username%2C+password%2C+ip%2C+email%29+VALUES+%28%22'
        140        ROPE_ADD                                      1  ~100    ~100, !1
        141        ROPE_ADD                                      2  ~100    ~100, '%22%2C%22'
        142        ROPE_ADD                                      3  ~100    ~100, !2
        143        ROPE_ADD                                      4  ~100    ~100, '%22%2C%22'
        144        ROPE_ADD                                      5  ~100    ~100, !10
        145        ROPE_ADD                                      6  ~100    ~100, '%22%2C%22'
        146        ROPE_ADD                                      7  ~100    ~100, !9
        147        ROPE_END                                      8  ~99     ~100, '%22%29'
        148        ASSIGN                                                   !3, ~99
   48   149        INIT_FCALL_BY_NAME                                       'mysql_query'
        150        SEND_VAR_EX                                              !3
        151        DO_FCALL                                      0  $106    
        152        BOOL_NOT                                         ~107    $106
        153      > JMPZ                                                     ~107, ->164
   49   154    >   FETCH_W                      global              $108    '_SESSION'
        155        ASSIGN_DIM                                               $108, 'foutcode'
        156        OP_DATA                                                  'foutcode+004'
   50   157        INIT_FCALL                                               'header'
        158        NOP                                                      
        159        FAST_CONCAT                                      ~110    'location%3A+', !0
        160        SEND_VAL                                                 ~110
        161        DO_ICALL                                                 
   51   162      > EXIT                                                     
        163*       JMP                                                      ->218
   53   164    >   NEW                                              $112    'mysqli'
        165        CHECK_FUNC_ARG                                           
        166        FETCH_DIM_FUNC_ARG                               $113    !5, 'host'
        167        SEND_FUNC_ARG                                            $113
        168        CHECK_FUNC_ARG                                           
        169        FETCH_DIM_FUNC_ARG                               $114    !5, 'user'
        170        SEND_FUNC_ARG                                            $114
        171        CHECK_FUNC_ARG                                           
        172        FETCH_DIM_FUNC_ARG                               $115    !5, 'pass'
        173        SEND_FUNC_ARG                                            $115
        174        CHECK_FUNC_ARG                                           
        175        FETCH_DIM_FUNC_ARG                               $116    !5, 'dbname'
        176        SEND_FUNC_ARG                                            $116
        177        DO_FCALL                                      0          
        178        ASSIGN                                                   !4, $112
   54   179        INIT_FCALL_BY_NAME                                       'mysql_query'
        180        SEND_VAR_EX                                              !3
        181        SEND_VAR_EX                                              !4
        182        DO_FCALL                                      0  $119    
        183        ASSIGN                                                   !11, $119
   55   184        FETCH_W                      global              $121    '_SESSION'
        185        ASSIGN_DIM                                               $121, 'logged_in'
        186        OP_DATA                                                  'create'
   56   187        FETCH_W                      global              $123    '_SESSION'
        188        ASSIGN_DIM                                               $123, 'gebruiker'
        189        OP_DATA                                                  !1
   58   190        ASSIGN                                                   !12, 'MedalWars'
   59   191        ASSIGN                                                   !13, 'noreply%40medalwars.url.ph'
   61   192        ASSIGN                                                   !14, 'Accountregistratie+MedalWars'
   63   193        CONCAT                                           ~128    'From%3A+', !12
        194        CONCAT                                           ~129    ~128, '+%3C'
        195        CONCAT                                           ~130    ~129, !13
        196        CONCAT                                           ~131    ~130, '%3E+'
        197        ASSIGN                                                   !15, ~131
   65   198        ROPE_INIT                                     7  ~134    '+%0ABeste+'
   66   199        ROPE_ADD                                      1  ~134    ~134, !1
        200        ROPE_ADD                                      2  ~134    ~134, '%2C%0A++%0AHierbij+ontvangt+u+de+bevestiging+voor+het+aanmaken+van+uw+account.%0A++++++++%0AUw+inloggegevens+zijn%3A%0AGebruikersnaam%3A+'
   71   201        ROPE_ADD                                      3  ~134    ~134, !1
        202        ROPE_ADD                                      4  ~134    ~134, '.%0AWachtwoord%3A+'
   72   203        ROPE_ADD                                      5  ~134    ~134, !2
        204        ROPE_END                                      6  ~133    ~134, '.%0A++++++++%0ALet+op%3A+u+ontvangt+deze+gegevens+eenmalig+per+e-mail.%0AAls+u+uw+wachtwoord+vergeet+zullen+wij+deze+niet+via+e-mail+verstrekken.%0ABewaar+deze+e-mail+dus+goed.%0AGeef+ook+wijzigingen+van+uw+e-mailadres+tijdig+aan+onder+instellingen+op+de+website.%0A++++++++%0AWij+hopen+dat+u+veel+plezier+zult+hebben+met+het+spelen+van+dit+spel.+%0A++%0Amvg%2C+%0AHet+MedalWars+team+-+www.medalwars.url.ph+%0A++++++'
   65   205        ASSIGN                                                   !16, ~133
   84   206        INIT_FCALL                                               'mail'
        207        SEND_VAR                                                 !9
        208        SEND_VAR                                                 !14
        209        SEND_VAR                                                 !16
        210        SEND_VAR                                                 !15
        211        DO_ICALL                                                 
   86   212        INIT_FCALL                                               'header'
        213        NOP                                                      
        214        FAST_CONCAT                                      ~140    'location%3A+', !0
        215        SEND_VAL                                                 ~140
        216        DO_ICALL                                                 
   87   217      > EXIT                                                     
        218*       JMP                                                      ->234
   89   219    >   IS_EQUAL                                                 !0, ''
        220      > JMPZ                                                     ~142, ->228
   90   221    >   FETCH_W                      global              $143    '_SESSION'
        222        ASSIGN_DIM                                               $143, 'foutcode'
        223        OP_DATA                                                  'foutcode+009'
   91   224        INIT_FCALL                                               'header'
        225        SEND_VAL                                                 'location%3A+http%3A%2F%2Fmedalwars.url.ph%2F'
        226        DO_ICALL                                                 
        227      > JMP                                                      ->234
   93   228    >   FETCH_W                      global              $146    '_SESSION'
        229        ASSIGN_DIM                                               $146, 'foutcode'
        230        OP_DATA                                                  'foutcode+010'
   94   231        INIT_FCALL                                               'header'
        232        SEND_VAL                                                 'location%3A+http%3A%2F%2Fmedalwars.url.ph%2F'
        233        DO_ICALL                                                 
   96   234    > > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0


preferences:
157.35 ms | 1408 KiB | 21 Q