3v4l.org

run code in 150+ php & hhvm versions
Bugs & Features
<?php namespace Security\Sanitize;class SanitizeInput { protected $strCode = '', $arrTokens = array(); public static $arrInvalidTokens = array( T_BAD_CHARACTER, T_ENDDECLARE, T_END_HEREDOC, T_EVAL, T_FILE, T_GLOBAL, T_HALT_COMPILER, T_GOTO, T_IMPLEMENTS, T_INCLUDE, T_INCLUDE_ONCE, T_LINE, T_PRIVATE, T_PUBLIC, T_PROTECTED, T_REQUIRE, T_REQUIRE_ONCE, T_STRING_VARNAME, ); public function __construct($arrExtraInvalidTokens = array()) { if(!function_exists('token_get_all') || !function_exists('token_name')) { throw new \Exception(__CLASS__ . ' requirements not met. "token_get_all" and "token_name" functions are required'); return new \stdClass(); } if(is_array($arrExtraInvalidTokens) && !empty($arrExtraInvalidTokens)) { foreach($arrExtraInvalidTokens as $intInvalidToken) { self::$arrInvalidTokens[] = $intInvalidToken; } } } protected function stripTokenValues() { $strOut = ''; $arrTokens = $this->arrTokens; foreach($arrTokens as $arrToken) { foreach($arrToken as $arrTokenDetails) { if(!empty($arrTokenDetails[0]) && is_long($arrTokenDetails[0])) { if(in_array($arrTokenDetails[0], self::$arrInvalidTokens)) { /** @warning Assignment in check */ if(($strOut = preg_replace('/' . addslashes($arrTokenDetails[1]) . '/i', '', $this->strCode))) { continue; } else { throw new \Exception('Could not fix patterns matched in template'); } } } } } $this->strCode = $strOut; return $strOut; } protected function findTokens() { $arrOut = array(); $arrTokens = token_get_all($this->strCode); // Ensure we have an array of tokens if(is_array($arrTokens)) { $this->arrTokens[] = $arrTokens; } return $arrTokens; } // Need to fix the second parameter functionality public function secureInput($strCode = '', $blIsFile = false) { $strOut = ''; // Check if we are using a file or plain input if($blIsFile) { // Ensure the file exists and is readable if(file_exists($strCode) && is_readable($strCode)) { $this->strCode = file_get_contents($strCode); } } else { $this->strCode = $strCode; } if(!(empty($this->findTokens()))) { $strOut = $this->stripTokenValues(); } return $strOut; }}// $x = new SanitizeInput();$x = new SanitizeInput(array(T_WHITESPACE));try { $strCode = <<<PHP <?php echo 'yo momma'; var_dump(array('test')); random_string(); echo "\x22"; ?>PHP; echo $x->secureInput($strCode), "\r\n\r\n";} catch(\Exception $e) { var_dump($e->getMessage());}<?php
Output for 5.4.0 - 5.4.31
Parse error: syntax error, unexpected end of file in /in/mIbIe on line 1
Process exited with code 255.
Output for 5.3.0 - 5.3.28
Parse error: syntax error, unexpected $end in /in/mIbIe on line 1
Process exited with code 255.
Output for 4.4.2 - 4.4.9, 5.1.0 - 5.2.17
Parse error: syntax error, unexpected T_STRING in /in/mIbIe on line 1
Process exited with code 255.
Output for 4.3.0 - 4.3.1, 4.3.5 - 4.4.1, 5.0.0 - 5.0.5
Parse error: parse error, unexpected T_STRING in /in/mIbIe on line 1
Process exited with code 255.
Output for 4.3.2 - 4.3.4
Parse error: parse error in /in/mIbIe on line 1
Process exited with code 255.