PHPPARSER_EXPRESSION, 'desc' => 'Echoing Sql', 'pattern' => '/echo[\(\s].*?\$sql/i' ), array( 'type' => PHPPARSER_LANGUAGE_CONSTRUCT, 'desc' => 'Evil Eval', 'pattern' => '/^eval$/i' ), array( 'type' => PHPPARSER_FUNCTION_CALL, 'desc' => 'PRINT_R or VAR_DUMP', 'pattern' => '/^(print_r|var_dump)$/i' ), array( 'type' => PHPPARSER_EXPRESSION, 'desc' => 'Developer Email', 'pattern' => '/(? 0 ) { echo "fn: Triggered Filter '{$filter['desc']}' at line {$object['line']}\n"; } } } } $parser = new PHPParser( PHPPARSER_FETCH_EXPRESSIONS | PHPPARSER_FETCH_CALLS | PHPPARSER_FETCH_INTERNAL | PHPPARSER_FETCH_CONSTRUCTS ); $parser->registerCallback( 'test' ); $parser->parseFile( __FILE__ ); $sql = "select * from failure"; echo "Here's the $sql!\n"; mail( 'correl@payquik.com', 'subject', 'stuffs' ); eval( "echo \"here's eval!\n\";" ); print_r( $sql ); var_dump( $sql ); echo "done\n"; }}} /* OUTPUT: Triggered Filter 'Echoing Sql' at line 42 Triggered Filter 'Developer Email' at line 43 Triggered Filter 'Evil Eval' at line 44 Triggered Filter 'PRINT_R or VAR_DUMP' at line 45 Triggered Filter 'PRINT_R or VAR_DUMP' at line 46 */ ?>