Test Your Code Online!

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

svamja
Forum Newbie
Posts: 3
Joined: Mon Jun 11, 2007 11:13 am

Test Your Code Online!

Post by svamja »

Check out this thing:


http://sanjayvamja.com/apps/phptester.html


Enjoy
Sanjay
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

It puked on this:

Code: Select all

<?php
foreach (get_defined_functions() as $v) {
  echo '<p>' . $v . '</p>';
}
?>
What is that app supposed to do?
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

Code: Select all

$x = range('a', 'z');

print_r($x);
Worked ok.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

There is no error checking for syntax. It just spits out all kinds of information about the error using the standard display error.

Try:

Code: Select all

<?php
$v = 'suck it trebek';
echo $; // Or leave in some other error
?>
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

Here I was thinking we already had methods of testing PHP. Silly me. :wink:
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Just wait until someone malicious wants to test their code...
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

Isn't this a massive security risk? What have you done to protect yourself from people overwriting files in your server or deleting this application? You have opened yourself up to people executing whatever code they want on your server. 8O
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

:lol: I'm malicious! Sadly, I can't extract their MySQL database username and password. :-p

DROP DATABASE;

Jk.
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

I just looped through your directories and displayed every file I could find. It took like 15 seconds. I'd take this down man.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Aiiiiii don't think you want everybody execute arbitrary php code on your server.
User avatar
guitarlvr
Forum Contributor
Posts: 245
Joined: Wed Mar 21, 2007 10:35 pm

Post by guitarlvr »

phpinfo() and $_SERVER array comes right up. Another suggestion to take this down.

Wayne
User avatar
Luke
The Ninja Space Mod
Posts: 6424
Joined: Fri Aug 05, 2005 1:53 pm
Location: Paradise, CA

Post by Luke »

here's what your file looks like

Code: Select all

if (PHP_VERSION < '5.0')
{
  $code_text = stripslashes($code_text);
}
echo "evaluating:";
echo "<br> $code_text";
?>

<hr>
<pre id="result_pre">
<?php eval ("$code_text");

?>
</pre>
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

+1 vote for a darwin award.
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

:lol: :lol:

Haha! Run this! :-D

Code: Select all

$file = 'phptester.html';
$fh = fopen($file, 'r');
echo fread($fh, filesize($file));
fclose($fh);
Now if he'd do it for EVERY other file on his server. (I'd wreak havoc myself, but I'd feel bad. :-p)
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

superdezign wrote:Haha! Run this! :-D
Wow, you get the exact same output The Ninja Space Goat posted. Amazing.
Post Reply