Issue
I was reading about how to make preg_replace() act like eval() function if we put the modifier /e this is my code:
$fa= '/site'.$_GET['1st'];
$sh= $_GET['replace'];
$ka= 'admin the best over the rest';
echo preg_replace($fa,$sh,$ka);
if the code running on site, it looks like :
www.site.com/a.php?1st=//e&replace=phpinfo();
but there is a problem that the modifier /e mustn't followed by any thing so it will work if we put || like this :
www.site.com/a.php?1st=||//e&replace=phpinfo();
so here is my question what is || here and how it works ??
im using windows 10 and php version 5.2
Solution
|
separates alternatives in the regexp; e.g. /abc|def|ghi/
matches either abc
, def
, or ghi
.
When you write 1st=||//e
the resulting regexp will be /site||//e
. Two of the alternatives are empty strings, which will match the empty strings before and after each character. So this will call phpinfo()
for each character in $ka
.
Actually, you should get an error because you have two /
at the end of the regexp. It should be 1st=/e
or 1st=||/e
.
Answered By - Barmar Answer Checked By - Pedro (PHPFixing Volunteer)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.