- strpos: documentation ( source)
- htmlentities: documentation ( source)
- preg_replace: documentation ( source)
<?php
#$srch = "{eval("echo phpinfo();//apple1(?=/)\e")}";
#$srch = "{${eval("phpinfo();apple(?=/)\e")}}";
#$srch = "include(eval(phpinfo());apple(?=/)\\e)";
$srch = "phpinfo();include(apple(?=)/\)\\e";
echo "\n\n\n\n\n"; echo $srch; echo "\n";
$search = htmlentities($srch);
echo $search; echo "\n";
if (strpos($search, 'apple') !== false){
echo "in the if!"; echo "\n";
echo preg_replace("/".$search."/", $search." <img src='".$search.".png'>", "apple");
}