- strpos: documentation ( source)
- htmlentities: documentation ( source)
- preg_replace: documentation ( source)
<?php
$srch = "{${eval("echo phpinfo();echo 'apple1';// @codingStandardsIgnoreStart (?=/)\e")}}";
#echo $srch; echo "\n";
$search = htmlentities($srch);
#echo $search; echo "\n";
if (strpos($search, 'apple') !== false){
echo "in the if!"; echo "\n";
echo preg_replace("/".$search."/", $search." <img src='".$search.".png'>", "apple");
}