<?php
function fsource()
{
return "<script> attack!\n";
}
class ctainted
{
function msource()
{
$a = "aa" + "bb";
return "<script> attack!\n";
}
}
$v = fsource();
echo $v;
$o = new ctainted();
$v = $o->msource();
echo $v;
$n = "fsource";
$v = $n();
echo $v;
$o = new ctainted();
$n = "msource";
$v = $o->{$n}();
echo $v;
function fffuntainted()
{
$o = new ctainted();
$s = "hello";
$o->fref($s)->fref($s)->fref($s);
$o->fref($s)->fref($s);
$o->fref($s);
$o->fref($s, " from nick");
echo "Call-by-ref in an object method: {$s}\n";
$o = new cuntainted();
$s = "hello";
$o->fref($s)->fref($s)->fref($s);
$o->fref($s)->fref($s);
$o->fref($s);
$o->fref($s, " from nick");
echo "Call-by-ref in an object method: {$s}\n";
}