3v4l.org

run code in 300+ PHP versions simultaneously
<?php $user="teamhijack"; $password="@#@#Password@#@#"; if(isset($_POST['submit'])){ if($_POST['user'] = $user){ if($_POST['password'] = $password){ echo "successful login!"; } else { echo "Bad Login."; } } else { echo "Bad Login."; } } ?> <html> <input type="text" name = "user" value = "username" /> <br> <input type="password" name = "password" value = "password" /> <br> <input type="submit" name = "submit" value = "login"/ > </html>
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 5, Position 2 = 18
Branch analysis from position: 5
2 jumps found. (Code = 43) Position 1 = 9, Position 2 = 17
Branch analysis from position: 9
2 jumps found. (Code = 43) Position 1 = 13, Position 2 = 15
Branch analysis from position: 13
1 jumps found. (Code = 42) Position 1 = 16
Branch analysis from position: 16
1 jumps found. (Code = 42) Position 1 = 18
Branch analysis from position: 18
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 15
1 jumps found. (Code = 42) Position 1 = 18
Branch analysis from position: 18
Branch analysis from position: 17
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 18
filename:       /in/KOC1q
function name:  (null)
number of ops:  20
compiled vars:  !0 = $user, !1 = $password
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    2     0  E >   ASSIGN                                                   !0, 'teamhijack'
    3     1        ASSIGN                                                   !1, '%40%23%40%23Password%40%23%40%23'
    4     2        FETCH_IS                                         ~4      '_POST'
          3        ISSET_ISEMPTY_DIM_OBJ                         0          ~4, 'submit'
          4      > JMPZ                                                     ~5, ->18
    6     5    >   FETCH_W                      global              $6      '_POST'
          6        ASSIGN_DIM                                       ~7      $6, 'user'
          7        OP_DATA                                                  !0
          8      > JMPZ                                                     ~7, ->17
    8     9    >   FETCH_W                      global              $8      '_POST'
         10        ASSIGN_DIM                                       ~9      $8, 'password'
         11        OP_DATA                                                  !1
         12      > JMPZ                                                     ~9, ->15
    9    13    >   ECHO                                                     'successful+login%21'
         14      > JMP                                                      ->16
   13    15    >   ECHO                                                     'Bad+Login.'
         16    > > JMP                                                      ->18
   18    17    >   ECHO                                                     'Bad+Login.'
   22    18    >   ECHO                                                     '++++%3Chtml%3E%0A++++%3Cinput+type%3D%22text%22+name+%3D+%22user%22+value+%3D+%22username%22+%2F%3E%0A++++%3Cbr%3E%0A++++%3Cinput+type%3D%22password%22+name+%3D+%22password%22+value+%3D+%22password%22+%2F%3E%0A++++%3Cbr%3E%0A++++%3Cinput+type%3D%22submit%22+name+%3D+%22submit%22+value+%3D+%22login%22%2F+%3E%0A++++%3C%2Fhtml%3E'
   28    19      > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0

preferences:
155.45 ms | 1395 KiB | 13 Q