PHPPARSER_EXPRESSION, 'desc' => 'Echoing Sql', 'pattern' => '/echo[\(\s].*?\$sql/i' ), array( 'type' => PHPPARSER_LANGUAGE_CONSTRUCT, 'desc' => 'Evil Eval', 'pattern' => '/^eval$/i' ), array( 'type' => PHPPARSER_FUNCTION_CALL, 'desc' => 'PRINT_R or VAR_DUMP', 'pattern' => '/^(print_r|var_dump)$/i' ), array( 'type' => PHPPARSER_EXPRESSION, 'desc' => 'Developer Email', 'pattern' => '/(?parseFile( __FILE__ ); foreach( $parser->parsed_objects as $object ) { foreach( $filters as $filter ) { if( $object['type'] == $filter['type'] ) { if( preg_match( $filter['pattern'], $object['name'] ) > 0 ) { echo "Triggered Filter '{$filter['desc']}' at line {$object['line']}\n"; } } } } $sql = "select * from failure"; echo "Here's the $sql!\n"; mail( 'correl@payquik.com', 'subject', 'stuffs' ); eval( "echo \"here's eval!\n\";" ); print_r( $sql ); var_dump( $sql ); echo "done\n"; /* OUTPUT: Triggered Filter 'Echoing Sql' at line 42 Triggered Filter 'Developer Email' at line 43 Triggered Filter 'Evil Eval' at line 44 Triggered Filter 'PRINT_R or VAR_DUMP' at line 45 Triggered Filter 'PRINT_R or VAR_DUMP' at line 46 */ ?>