3v4l.org

run code in 300+ PHP versions simultaneously
<?php $_GET['page'] = '\',\'asd\')&& phpinfo() && strpos(\'asd\', \''; if (isset($_GET['page'])) { $page = $_GET['page']; } else { $page = "home"; } $file = "templates/" . $page . ".php"; echo "strpos('$file', '..') === false"; // I heard '..' is dangerous! assert("strpos('$file', '..') === false") or die("Detected hacking attempt!"); // TODO: Make this look nice assert("file_exists('$file')") or die("That file doesn't exist!");

preferences:
70.91 ms | 402 KiB | 5 Q