Page 1 of 2
Test Your Code Online!
Posted: Mon Jun 11, 2007 11:16 am
by svamja
Posted: Mon Jun 11, 2007 11:21 am
by RobertGonzalez
It puked on this:
Code: Select all
<?php
foreach (get_defined_functions() as $v) {
echo '<p>' . $v . '</p>';
}
?>
What is that app supposed to do?
Posted: Mon Jun 11, 2007 11:24 am
by Benjamin
Code: Select all
$x = range('a', 'z');
print_r($x);
Worked ok.
Posted: Mon Jun 11, 2007 11:26 am
by RobertGonzalez
There is no error checking for syntax. It just spits out all kinds of information about the error using the standard display error.
Try:
Code: Select all
<?php
$v = 'suck it trebek';
echo $; // Or leave in some other error
?>
Posted: Mon Jun 11, 2007 11:29 am
by superdezign
Here I was thinking we already had methods of testing PHP. Silly me.

Posted: Mon Jun 11, 2007 11:30 am
by RobertGonzalez
Just wait until someone malicious wants to test their code...
Posted: Mon Jun 11, 2007 11:34 am
by Luke
Isn't this a massive security risk? What have you done to protect yourself from people overwriting files in your server or deleting this application? You have opened yourself up to people executing whatever code they want on your server.

Posted: Mon Jun 11, 2007 11:35 am
by superdezign

I'm malicious! Sadly, I can't extract their MySQL database username and password. :-p
DROP DATABASE;
Jk.
Posted: Mon Jun 11, 2007 11:37 am
by Luke
I just looped through your directories and displayed every file I could find. It took like 15 seconds. I'd take this down man.
Posted: Mon Jun 11, 2007 11:37 am
by volka
Aiiiiii don't think you want everybody execute arbitrary php code on your server.
Posted: Mon Jun 11, 2007 11:38 am
by guitarlvr
phpinfo() and $_SERVER array comes right up. Another suggestion to take this down.
Wayne
Posted: Mon Jun 11, 2007 11:48 am
by Luke
here's what your file looks like
Code: Select all
if (PHP_VERSION < '5.0')
{
$code_text = stripslashes($code_text);
}
echo "evaluating:";
echo "<br> $code_text";
?>
<hr>
<pre id="result_pre">
<?php eval ("$code_text");
?>
</pre>
Posted: Mon Jun 11, 2007 11:50 am
by Benjamin
+1 vote for a darwin award.
Posted: Mon Jun 11, 2007 12:36 pm
by superdezign
Haha! Run this!
Code: Select all
$file = 'phptester.html';
$fh = fopen($file, 'r');
echo fread($fh, filesize($file));
fclose($fh);
Now if he'd do it for EVERY other file on his server. (I'd wreak havoc myself, but I'd feel bad. :-p)
Posted: Mon Jun 11, 2007 12:43 pm
by volka
superdezign wrote:Haha! Run this!

Wow, you get the exact same output The Ninja Space Goat posted. Amazing.