Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/sLmC9
function name: (null)
number of ops: 105
compiled vars: !0 = $db, !1 = $id, !2 = $order, !3 = $qb, !4 = $name, !5 = $field, !6 = $value, !7 = $func
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
20 0 E > NEW $8 'sqli_protected_db'
1 DO_FCALL 0
2 ASSIGN !0, $8
22 3 FETCH_IS ~11 '_GET'
4 FETCH_DIM_IS ~12 ~11, 'id'
5 COALESCE ~13 ~12
6 QM_ASSIGN ~13 '5'
7 ASSIGN !1, ~13
23 8 FETCH_IS ~15 '_GET'
9 FETCH_DIM_IS ~16 ~15, 'order'
10 COALESCE ~17 ~16
11 QM_ASSIGN ~17 'n'
12 ASSIGN !2, ~17
25 13 INIT_METHOD_CALL !0, 'query'
14 SEND_VAL_EX 'SELECT+name+FROM+user+WHERE+id+%3D+%3F'
15 INIT_ARRAY ~19 !1
16 SEND_VAL_EX ~19
17 DO_FCALL 0
27 18 INIT_METHOD_CALL !0, 'query'
19 CONCAT ~21 'SELECT+name+FROM+user+WHERE+id+%3D+', !1
20 SEND_VAL_EX ~21
21 DO_FCALL 0
29 22 INIT_METHOD_CALL !0, 'query'
23 SEND_VAL_EX 'SELECT+name+FROM+user+ORDER+BY+%7Bo%7D'
24 SEND_VAL_EX <array>
25 INIT_ARRAY ~23 !2, 'o'
26 SEND_VAL_EX ~23
27 DO_FCALL 0
31 28 INIT_METHOD_CALL !0, 'query'
29 CONCAT ~25 'SELECT+name+FROM+user+ORDER+BY+', !2
30 SEND_VAL_EX ~25
31 DO_FCALL 0
34 32 ECHO '-----%0A%0A'
46 33 NEW $27 'query_builder'
34 DO_FCALL 0
35 ASSIGN !3, $27
48 36 FETCH_IS ~30 '_GET'
37 FETCH_DIM_IS ~31 ~30, 'name'
38 COALESCE ~32 ~31
39 QM_ASSIGN ~32 'n'
40 ASSIGN !4, ~32
49 41 FETCH_IS ~34 '_GET'
42 FETCH_DIM_IS ~35 ~34, 'field'
43 COALESCE ~36 ~35
44 QM_ASSIGN ~36 'f'
45 ASSIGN !5, ~36
50 46 FETCH_IS ~38 '_GET'
47 FETCH_DIM_IS ~39 ~38, 'value'
48 COALESCE ~40 ~39
49 QM_ASSIGN ~40 'v'
50 ASSIGN !6, ~40
52 51 INIT_METHOD_CALL !3, 'where'
52 SEND_VAL_EX 'CONCAT%28name_first%2C+%22+%22%2C+name_last%29'
53 SEND_VAL_EX 'LIKE'
54 SEND_VAR_EX !4
55 DO_FCALL 0
54 56 INIT_METHOD_CALL !3, 'where'
57 CONCAT ~43 'CONCAT%28name_first%2C+%22+%22%2C+name_last%29+LIKE+%22', !4
58 CONCAT ~44 ~43, '%22'
59 SEND_VAL_EX ~44
60 DO_FCALL 0
56 61 INIT_METHOD_CALL !3, 'where'
62 SEND_VAL_EX 'some_value+IS+NULL'
63 DO_FCALL 0
58 64 INIT_METHOD_CALL !3, 'where'
65 SEND_VAR_EX !5
66 SEND_VAL_EX '%3D'
67 SEND_VAR_EX !6
68 DO_FCALL 0
61 69 ECHO '-----%0A%0A'
66 70 DECLARE_CLASS 'func'
90 71 FETCH_IS ~48 '_GET'
72 FETCH_DIM_IS ~49 ~48, 'func'
73 COALESCE ~50 ~49
74 QM_ASSIGN ~50 'f'
75 ASSIGN !7, ~50
91 76 FETCH_IS ~52 '_GET'
77 FETCH_DIM_IS ~53 ~52, 'value'
78 COALESCE ~54 ~53
79 QM_ASSIGN ~54 'v'
80 ASSIGN !6, ~54
93 81 INIT_FCALL 'check_func'
82 NEW $56 'Func'
83 SEND_VAL_EX 'MIN'
84 SEND_VAL_EX <array>
85 DO_FCALL 0
86 SEND_VAR $56
87 DO_FCALL 0
95 88 INIT_FCALL 'check_func'
89 NEW $59 'Func'
90 SEND_VAR_EX !7
91 SEND_VAL_EX <array>
92 DO_FCALL 0
93 SEND_VAR $59
94 DO_FCALL 0
97 95 INIT_FCALL 'check_func'
96 NEW $62 'Func'
97 SEND_VAL_EX 'MIN'
98 INIT_ARRAY ~63 'field1'
99 ADD_ARRAY_ELEMENT ~63 !6
100 SEND_VAL_EX ~63
101 DO_FCALL 0
102 SEND_VAR $62
103 DO_FCALL 0
99 104 > RETURN 1
Function check_func:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 8, Position 2 = 9
Branch analysis from position: 8
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 9
filename: /in/sLmC9
function name: check_func
number of ops: 12
compiled vars: !0 = $func, !1 = $sql
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
82 0 E > RECV !0
83 1 CAST 6 ~2 !0
2 ASSIGN !1, ~2
84 3 INIT_FCALL_BY_NAME 'is_literal'
4 SEND_VAR_EX !1
5 DO_FCALL 0 $4
6 BOOL_NOT ~5 $4
7 > JMPZ ~5, ->9
85 8 > ECHO '%5BWRONG%5D+'
87 9 > CONCAT ~6 !1, '%0A%0A'
10 ECHO ~6
88 11 > RETURN null
End of function check_func
Class sqli_protected_db:
Function __construct:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/sLmC9
function name: __construct
number of ops: 1
compiled vars: none
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
7 0 E > > RETURN null
End of function __construct
Function query:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 8, Position 2 = 9
Branch analysis from position: 8
2 jumps found. (Code = 77) Position 1 = 10, Position 2 = 28
Branch analysis from position: 10
2 jumps found. (Code = 78) Position 1 = 11, Position 2 = 28
Branch analysis from position: 11
1 jumps found. (Code = 42) Position 1 = 10
Branch analysis from position: 10
Branch analysis from position: 28
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 28
Branch analysis from position: 9
filename: /in/sLmC9
function name: query
number of ops: 32
compiled vars: !0 = $sql, !1 = $parameters, !2 = $aliases, !3 = $value, !4 = $name
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
8 0 E > RECV !0
1 RECV_INIT !1 <array>
2 RECV_INIT !2 <array>
9 3 INIT_FCALL_BY_NAME 'is_literal'
4 SEND_VAR_EX !0
5 DO_FCALL 0 $5
6 BOOL_NOT ~6 $5
7 > JMPZ ~6, ->9
10 8 > ECHO '%5BWRONG%5D+'
12 9 > > FE_RESET_R $7 !2, ->28
10 > > FE_FETCH_R ~8 $7, !3, ->28
11 > ASSIGN !4, ~8
13 12 INIT_FCALL 'str_replace'
13 CONCAT ~10 '%7B', !4
14 CONCAT ~11 ~10, '%7D'
15 SEND_VAL ~11
16 INIT_FCALL 'str_replace'
17 SEND_VAL '%60'
18 SEND_VAL '%60%60'
19 SEND_VAR !3
20 DO_ICALL $12
21 CONCAT ~13 '%60', $12
22 CONCAT ~14 ~13, '%60'
23 SEND_VAL ~14
24 SEND_VAR !0
25 DO_ICALL $15
26 ASSIGN !0, $15
12 27 > JMP ->10
28 > FE_FREE $7
15 29 CONCAT ~17 !0, '%0A%0A'
30 ECHO ~17
17 31 > RETURN null
End of function query
End of class sqli_protected_db.
Class query_builder:
Function where:
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 47) Position 1 = 8, Position 2 = 16
Branch analysis from position: 8
2 jumps found. (Code = 46) Position 1 = 13, Position 2 = 15
Branch analysis from position: 13
2 jumps found. (Code = 43) Position 1 = 17, Position 2 = 18
Branch analysis from position: 17
2 jumps found. (Code = 43) Position 1 = 20, Position 2 = 22
Branch analysis from position: 20
1 jumps found. (Code = 42) Position 1 = 24
Branch analysis from position: 24
2 jumps found. (Code = 43) Position 1 = 27, Position 2 = 29
Branch analysis from position: 27
1 jumps found. (Code = 42) Position 1 = 30
Branch analysis from position: 30
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 29
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 22
2 jumps found. (Code = 43) Position 1 = 27, Position 2 = 29
Branch analysis from position: 27
Branch analysis from position: 29
Branch analysis from position: 18
Branch analysis from position: 15
Branch analysis from position: 16
filename: /in/sLmC9
function name: where
number of ops: 34
compiled vars: !0 = $column, !1 = $operator, !2 = $value
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
38 0 E > RECV !0
1 RECV_INIT !1 null
2 RECV_INIT !2 null
39 3 INIT_FCALL_BY_NAME 'is_literal'
4 SEND_VAR_EX !0
5 DO_FCALL 0 $3
6 BOOL_NOT ~4 $3
7 > JMPNZ_EX ~4 ~4, ->16
8 > INIT_FCALL_BY_NAME 'is_literal'
9 SEND_VAR_EX !1
10 DO_FCALL 0 $5
11 BOOL_NOT ~6 $5
12 > JMPZ_EX ~6 ~6, ->15
13 > TYPE_CHECK 1020 ~7 !1
14 BOOL ~6 ~7
15 > BOOL ~4 ~6
16 > > JMPZ ~4, ->18
40 17 > ECHO '%5BWRONG%5D+'
42 18 > TYPE_CHECK 2 !1
19 > JMPZ ~8, ->22
20 > QM_ASSIGN ~9 ''
21 > JMP ->24
22 > CONCAT ~10 '+', !1
23 QM_ASSIGN ~9 ~10
24 > CONCAT ~11 !0, ~9
25 TYPE_CHECK 2 !2
26 > JMPZ ~12, ->29
27 > QM_ASSIGN ~13 ''
28 > JMP ->30
29 > QM_ASSIGN ~13 '+%3F'
30 > CONCAT ~14 ~11, ~13
31 CONCAT ~15 ~14, '%0A%0A'
32 ECHO ~15
43 33 > RETURN null
End of function where
End of class query_builder.
Class Func:
Function __construct:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/sLmC9
function name: __construct
number of ops: 7
compiled vars: !0 = $name, !1 = $arguments
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
71 0 E > RECV !0
1 RECV !1
72 2 ASSIGN_OBJ 'name'
3 OP_DATA !0
73 4 ASSIGN_OBJ 'arguments'
5 OP_DATA !1
74 6 > RETURN null
End of function __construct
Function __tostring:
Finding entry points
Branch analysis from position: 0
1 jumps found. (Code = 62) Position 1 = -2
filename: /in/sLmC9
function name: __toString
number of ops: 13
compiled vars: none
line #* E I O op fetch ext return operands
-------------------------------------------------------------------------------------
77 0 E > FETCH_OBJ_R ~0 'name'
1 CONCAT ~1 ~0, '%28'
2 INIT_FCALL 'implode'
3 SEND_VAL '%2C+'
4 FETCH_OBJ_R ~2 'arguments'
5 SEND_VAL ~2
6 DO_ICALL $3
7 CONCAT ~4 ~1, $3
8 CONCAT ~5 ~4, '%29'
9 VERIFY_RETURN_TYPE ~5
10 > RETURN ~5
78 11* VERIFY_RETURN_TYPE
12* > RETURN null
End of function __tostring
End of class Func.
Generated using Vulcan Logic Dumper, using php 8.0.0