P.P.P. PHP
- PHP will treat undefined constants as bar word (but throws a notice)
- You can silence everything (notices included) with @
@print(hello); @print(PHPはありえへん);
PHP: Never Say NO
NO: Variables that start with a number
$1 = "fish"; var_dump($1); // PHP Parse error: syntax error, unexpected // T_LNUMBER, expecting T_VARIABLE // or '$' in ...
PHP: Never Say NO
YES: Variables that start with a number
// ${'a'} is same as $a,
${'1'} = 'wat';
var_dump(${'1'});
// string(3) "wat"
Neither P in PHP is Parser
here are some functions
list() empty() array() isset()
Neither P in PHP is Parser
These are handled in the parser
empty($var1 || $var2) // Parse error: syntax error, unexpected // T_BOOLEAN_OR, ...
$b = 'empty'; $b($a); // Fatal error: Call to undefined function empty()
Neither P in PHP is Parser
So they can't be defined as class methods
class SadPanda {
function list(){}
function empty(){}
function array(){}
function isset(){}
}
// all are parse errors
Neither P in PHP is Parser
But can be called as class methods
$f = new NotSadPanda(); $f->list(); $f->empty(); $f->array(); $f->isset(); // are NOT parse errors
Neither P in PHP is Parser
But can be called as class methods
class NotSadPanda {
function __call($method, $args) {
var_dump($method);
}
}
PHP: Plz Haz Private?
OK, so Private is Private?
class Secure {
private $secret = 'wat';
}
$s = new Secure();
var_dump($s->secret); // NO
PHP: Plz Haz Private?
Professional Hacks: PHP
class Secure {
private $secret = 'wat';
}
$s = new Secure();
$wat = (array) $s; // cast to array
var_dump($wat);
// array(1) { ["Securesecret"]=> string(3) "wat" }
PHP: Plz Haz Private?
OK, how about Private methods?
class Secure {
private function get_password() { return 'hunter2'; }
}
$s = new Secure();
$ref = new ReflectionClass(get_class($s));
$haha = $ref->getMethod('get_password');
$haha->setAccessible(true);
var_dump($haha->invoke($s));
// string(7) "hunter2"
PHP Haz Pride
Add any of the following to a php powered server
?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 ?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 ?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 ?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
PHP Haz Pride
Examples
- http://en.wikipedia.org/wiki/Main_Page?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
- http://www.colourlovers.com/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
- http://digg.com/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
- http://ikayzo.com/about/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
- http://www.tetrisonline.com/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
<Thank You!>
Friends don't let friends write bad parsers