Closed dzentota closed 4 years ago
<?php ini_set(‘taint.enable’, ‘On’); ini_set(‘taint.error_level’, E_WARNING); ini_set(‘display_errors’ , 1); error_reporting(E_ALL); $a = trim($_GET[‘a’]); $output = “Welcome, {$a} !!!“; $var = “output”; //№1 echo $a; // Warning; //№2 echo $output; //NO WARNING; //№3 echo $$var; //NO WARNING;
Expected: 3 Warnings, one warning for each case (№1, №2, №3) Actual: 1 Warning, only for №1
Environment: php -v
PHP 7.1.22 (cli) (built: Sep 15 2018 03:54:08) ( NTS ) Copyright (c) 1997-2018 The PHP Group Zend Engine v3.1.0, Copyright (c) 1998-2018 Zend Technologies with Zend OPcache v7.1.22, Copyright (c) 1999-2018, by Zend Technologies with Xdebug v2.5.5, Copyright (c) 2002-2017, by Derick Rethans with blackfire v1.23.0~linux-x64-non_zts71, https://blackfire.io, by Blackfire
cat /etc/issue
Debian GNU/Linux 8 \n \l
you have xdebug loaded which is conflicted with taint , please refer to the document..
thanks
Expected: 3 Warnings, one warning for each case (№1, №2, №3) Actual: 1 Warning, only for №1
Environment: php -v
cat /etc/issue