3v4l.org

run code in 300+ PHP versions simultaneously
<?php function sqli_filter($string) { $filtered_string = $string; $filtered_string = str_replace("--","",$filtered_string); $filtered_string = str_replace(";","",$filtered_string); $filtered_string = str_replace("/*","",$filtered_string); $filtered_string = str_replace("*/","",$filtered_string); $filtered_string = str_replace("//","",$filtered_string); $filtered_string = str_replace(" ","",$filtered_string); $filtered_string = str_replace("#","",$filtered_string); $filtered_string = str_replace("||","",$filtered_string); $filtered_string = str_replace("admin'","",$filtered_string); $filtered_string = str_replace("UNION","",$filtered_string); $filtered_string = str_replace("COLLATE","",$filtered_string); $filtered_string = str_replace("DROP","",$filtered_string); return $filtered_string; } $u = sqli_filter("' union all select password from users where type = 'Admin"); $sql = "SELECT salt FROM users WHERE eid='$u'"; echo $sql; 
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename:       /in/o8ClJ
function name:  (null)
number of ops:  10
compiled vars:  !0 = $u, !1 = $sql
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
   18     0  E >   INIT_FCALL                                               'sqli_filter'
          1        SEND_VAL                                                 '%27%09union%09all%09select%09password%09from%09users%09where%09type%09%3D%09%27Admin'
          2        DO_FCALL                                      0  $2      
          3        ASSIGN                                                   !0, $2
   19     4        ROPE_INIT                                     3  ~5      'SELECT+salt+FROM+users+WHERE+eid%3D%27'
          5        ROPE_ADD                                      1  ~5      ~5, !0
          6        ROPE_END                                      2  ~4      ~5, '%27'
          7        ASSIGN                                                   !1, ~4
   20     8        ECHO                                                     !1
   21     9      > RETURN                                                   1

Function sqli_filter:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename:       /in/o8ClJ
function name:  sqli_filter
number of ops:  76
compiled vars:  !0 = $string, !1 = $filtered_string
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    2     0  E >   RECV                                             !0      
    3     1        ASSIGN                                                   !1, !0
    4     2        INIT_FCALL                                               'str_replace'
          3        SEND_VAL                                                 '--'
          4        SEND_VAL                                                 ''
          5        SEND_VAR                                                 !1
          6        DO_ICALL                                         $3      
          7        ASSIGN                                                   !1, $3
    5     8        INIT_FCALL                                               'str_replace'
          9        SEND_VAL                                                 '%3B'
         10        SEND_VAL                                                 ''
         11        SEND_VAR                                                 !1
         12        DO_ICALL                                         $5      
         13        ASSIGN                                                   !1, $5
    6    14        INIT_FCALL                                               'str_replace'
         15        SEND_VAL                                                 '%2F%2A'
         16        SEND_VAL                                                 ''
         17        SEND_VAR                                                 !1
         18        DO_ICALL                                         $7      
         19        ASSIGN                                                   !1, $7
    7    20        INIT_FCALL                                               'str_replace'
         21        SEND_VAL                                                 '%2A%2F'
         22        SEND_VAL                                                 ''
         23        SEND_VAR                                                 !1
         24        DO_ICALL                                         $9      
         25        ASSIGN                                                   !1, $9
    8    26        INIT_FCALL                                               'str_replace'
         27        SEND_VAL                                                 '%2F%2F'
         28        SEND_VAL                                                 ''
         29        SEND_VAR                                                 !1
         30        DO_ICALL                                         $11     
         31        ASSIGN                                                   !1, $11
    9    32        INIT_FCALL                                               'str_replace'
         33        SEND_VAL                                                 '+'
         34        SEND_VAL                                                 ''
         35        SEND_VAR                                                 !1
         36        DO_ICALL                                         $13     
         37        ASSIGN                                                   !1, $13
   10    38        INIT_FCALL                                               'str_replace'
         39        SEND_VAL                                                 '%23'
         40        SEND_VAL                                                 ''
         41        SEND_VAR                                                 !1
         42        DO_ICALL                                         $15     
         43        ASSIGN                                                   !1, $15
   11    44        INIT_FCALL                                               'str_replace'
         45        SEND_VAL                                                 '%7C%7C'
         46        SEND_VAL                                                 ''
         47        SEND_VAR                                                 !1
         48        DO_ICALL                                         $17     
         49        ASSIGN                                                   !1, $17
   12    50        INIT_FCALL                                               'str_replace'
         51        SEND_VAL                                                 'admin%27'
         52        SEND_VAL                                                 ''
         53        SEND_VAR                                                 !1
         54        DO_ICALL                                         $19     
         55        ASSIGN                                                   !1, $19
   13    56        INIT_FCALL                                               'str_replace'
         57        SEND_VAL                                                 'UNION'
         58        SEND_VAL                                                 ''
         59        SEND_VAR                                                 !1
         60        DO_ICALL                                         $21     
         61        ASSIGN                                                   !1, $21
   14    62        INIT_FCALL                                               'str_replace'
         63        SEND_VAL                                                 'COLLATE'
         64        SEND_VAL                                                 ''
         65        SEND_VAR                                                 !1
         66        DO_ICALL                                         $23     
         67        ASSIGN                                                   !1, $23
   15    68        INIT_FCALL                                               'str_replace'
         69        SEND_VAL                                                 'DROP'
         70        SEND_VAL                                                 ''
         71        SEND_VAR                                                 !1
         72        DO_ICALL                                         $25     
         73        ASSIGN                                                   !1, $25
   16    74      > RETURN                                                   !1
   17    75*     > RETURN                                                   null

End of function sqli_filter

Generated using Vulcan Logic Dumper, using php 8.0.0

preferences:
144.12 ms | 1009 KiB | 15 Q