<?php var_dump(preg_replace("/sensitive/i", "INSENSITIVE", "This is case sensitive")); // URL encoded "/i" with NULL byte; $evilInput = urldecode("%2Fi%00"); $pattern = "/not " . $evilInput . "/"; var_dump(preg_replace($pattern, "TOTALLY ", "preg_replace is NOT injectable!"));
You have javascript disabled. You will not be able to edit any code.