3v4l.org

run code in 300+ PHP versions simultaneously
<?php var_dump(preg_replace("/sensitive/i", "INSENSITIVE", "This is case sensitive")); // URL encoded "/i" with NULL byte; $evilInput = urldecode("%2Fi%00"); $pattern = "/not " . $evilInput . "/"; var_dump(preg_replace($pattern, "TOTALLY ", "preg_replace is NOT injectable!"));
Output for 8.4.1 - 8.4.13
string(24) "This is case INSENSITIVE" Warning: preg_replace(): NUL byte is not a valid modifier in /in/Kp2FC on line 8 NULL
Output for 8.2.0 - 8.2.29, 8.3.0 - 8.3.26
string(24) "This is case INSENSITIVE" Warning: preg_replace(): NUL is not a valid modifier in /in/Kp2FC on line 8 NULL
Output for 5.4.7 - 5.4.45, 5.5.8 - 5.5.28, 5.6.38 - 5.6.40, 7.0.10, 7.2.0 - 7.2.34, 7.3.0 - 7.3.33, 7.4.0 - 7.4.33, 8.0.0 - 8.0.30, 8.1.0 - 8.1.33
string(24) "This is case INSENSITIVE" Warning: preg_replace(): Null byte in regex in /in/Kp2FC on line 8 NULL
Output for 4.4.0, 5.0.0, 5.2.0, 5.3.23 - 5.3.29, 5.4.0 - 5.4.6
string(24) "This is case INSENSITIVE" string(35) "preg_replace is TOTALLY injectable!"
preferences:
136.64 ms | 410 KiB | 5 Q