P.P.P. PHP

  1. PHP will treat undefined constants as bar word (but throws a notice)
  2. You can silence everything (notices included) with @
@print(hello);
@print(PHPはありえへん);

PHP: Never Say NO

NO: Variables that start with a number

$1 = "fish";
var_dump($1);
// PHP Parse error:  syntax error, unexpected
// T_LNUMBER, expecting T_VARIABLE
// or '$' in ...

PHP: Never Say NO

YES: Variables that start with a number

// ${'a'} is same as $a,
${'1'} = 'wat';
var_dump(${'1'});
// string(3) "wat"

Neither P in PHP is Parser

here are some functions

list()
empty()
array()
isset()

Neither P in PHP is Parser

These are handled in the parser

empty($var1 || $var2)
// Parse error: syntax error, unexpected
// T_BOOLEAN_OR, ...
$b = 'empty';
$b($a);
// Fatal error: Call to undefined function empty()

Neither P in PHP is Parser

So they can't be defined as class methods

class SadPanda {
	function list(){}
	function empty(){}
	function array(){}
	function isset(){}
}
// all are parse errors

Neither P in PHP is Parser

But can be called as class methods

$f = new NotSadPanda();
$f->list();
$f->empty();
$f->array();
$f->isset();
// are NOT parse errors

Neither P in PHP is Parser

But can be called as class methods

class NotSadPanda {
    function __call($method, $args) {
        var_dump($method);
    }
}

PHP: Plz Haz Private?

OK, so Private is Private?

class Secure {
	private $secret = 'wat';
}	
$s = new Secure();
var_dump($s->secret); // NO

PHP: Plz Haz Private?

Professional Hacks: PHP

class Secure {
	private $secret = 'wat';
}	
$s = new Secure();
$wat = (array) $s; // cast to array
var_dump($wat);
// array(1) { ["Securesecret"]=> string(3) "wat" }

PHP: Plz Haz Private?

OK, how about Private methods?

class Secure {
	private function get_password() { return 'hunter2'; }
}
$s = new Secure();
$ref = new ReflectionClass(get_class($s));
$haha = $ref->getMethod('get_password');
$haha->setAccessible(true);
var_dump($haha->invoke($s));
// string(7) "hunter2"

PHP Haz Pride

Add any of the following to a php powered server

?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000

PHP Haz Pride

<Thank You!>

Friends don't let friends write bad parsers