It was evening, echo "there was nothing"
Good afternoon Habr. In the article I will tell you how using php syntax, you can write a function to output a string variable passed to it that does not use the characters "a-zA-Z0-9 <>?" In its body.
In general, links to articles about using undefined variable have already slipped on Habré, so I’m probably not going to reveal anything new.
In php, as in any language with dynamic typing, there are moments hidden from the final developer, and we will play them.
')
Let's start from the end. We can always turn to any callable - there would be a string to call. Functions from SPL are no exception, although this is rarely used.
But we cannot turn to echo or print in such a way, because they are constructs of the language, not functions. It would be possible to use printf for example, but I did not like this approach. Therefore, we will use the assert function for output.
By the way, to replace print with echo in the expression above will not work, they are both not functions, but print at least tries to appear as such.
The string for output will be passed to us when called. Only a little remains. Get the strings "assert" and "print" using the character set available to us.
For this we use a number of features of the language.
1) In php, we can refer to the undefined variable via _ (underscore). It is easy to achieve a type narrowing and get 0
2) When casting an array to a string, it will be converted to a string with the value Array
3) As in most other languages, the string is actually an array of characters. Symbols can be incremented.
Combining all of the above, we get this code.
Practical benefits 0 in principle ... but there is something in it =)
PS Recommended reading
http://insert-script.blogspot.co.uk/2012/12/php-non-alpha-numeric-76-chars.html
http://www.thespanner.co.uk/2012/08/21/php-nonalpha-tutorial/
In general, links to articles about using undefined variable have already slipped on Habré, so I’m probably not going to reveal anything new.
In php, as in any language with dynamic typing, there are moments hidden from the final developer, and we will play them.
')
Let's start from the end. We can always turn to any callable - there would be a string to call. Functions from SPL are no exception, although this is rarely used.
$v="print_r"; $v([1,2,3,4]); Array
(
[0] => 1
[1] => 2
[2] => 3
[3] => 4
)
But we cannot turn to echo or print in such a way, because they are constructs of the language, not functions. It would be possible to use printf for example, but I did not like this approach. Therefore, we will use the assert function for output.
assert("print someShit"); By the way, to replace print with echo in the expression above will not work, they are both not functions, but print at least tries to appear as such.
The string for output will be passed to us when called. Only a little remains. Get the strings "assert" and "print" using the character set available to us.
For this we use a number of features of the language.
1) In php, we can refer to the undefined variable via _ (underscore). It is easy to achieve a type narrowing and get 0
var_dump(+_); int(0)2) When casting an array to a string, it will be converted to a string with the value Array
// $_[]++; // _ "_" $_[]=$_._; var_dump($_); array(2) {
[0]=>
int(1)
[1]=>
string(6) "Array_"
}3) As in most other languages, the string is actually an array of characters. Symbols can be incremented.
Combining all of the above, we get this code.
<? error_reporting(E_ALL^E_NOTICE); crazyOutput(" "); function crazyOutput($__________){ $_[]++; $_[]=$_._; $_=$_[$_[+_]]; $___=$__=$_[++$__[]]; $____=$_=$_[+_]; $_++;$_++;$_++; $_=$____.++$___.$___.++$_.$__.++$___; $__=+_;$__=++$__+(++$__); $____=$_[$__]; $____++;$____++;$____++; $______=$____; $____++;$____++;$____++;$____++;$____++;$____++;$____++;$____++; $___=$____; $____++;$____++; $______++; $___.=$____.$______; $______++;$______++;$______++;$______++;$______++; $___.=$______; $__=+_;$__++; $______=$___[$__]; $______++;$______++; $___.=$______; $_($___." '".$__________."'"); } ?> /usr/bin/php /var/www/garbage/brainfuck.php
Process finished with exit code 0Practical benefits 0 in principle ... but there is something in it =)
PS Recommended reading
http://insert-script.blogspot.co.uk/2012/12/php-non-alpha-numeric-76-chars.html
http://www.thespanner.co.uk/2012/08/21/php-nonalpha-tutorial/
Source: https://habr.com/ru/post/165013/
All Articles