Ideone.com

fork download

copy

<?php
 
// Using !!! as a placeholder
$code = "<script>alert(foo <!!! bar);</script>";
 
for ($char = 33; $char <= 126; $char++)
{
    $c = chr($char);
    $new_code = str_replace('!!!', $c, $code);
    echo "'$new_code' => '" . strip_tags($new_code, '<script>') . "'" . PHP_EOL;
}
 
?>

Success #stdin #stdout 0.01s 20520KB

stdin

copy

Standard input is empty

stdout

copy

'<script>alert(foo <! bar);</script>' => '<script>alert(foo '
'<script>alert(foo <" bar);</script>' => '<script>alert(foo '
'<script>alert(foo <# bar);</script>' => '<script>alert(foo '
'<script>alert(foo <$ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <% bar);</script>' => '<script>alert(foo '
'<script>alert(foo <& bar);</script>' => '<script>alert(foo '
'<script>alert(foo <' bar);</script>' => '<script>alert(foo '
'<script>alert(foo <( bar);</script>' => '<script>alert(foo '
'<script>alert(foo <) bar);</script>' => '<script>alert(foo '
'<script>alert(foo <* bar);</script>' => '<script>alert(foo '
'<script>alert(foo <+ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <, bar);</script>' => '<script>alert(foo '
'<script>alert(foo <- bar);</script>' => '<script>alert(foo '
'<script>alert(foo <. bar);</script>' => '<script>alert(foo '
'<script>alert(foo </ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <0 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <1 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <2 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <3 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <4 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <5 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <6 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <7 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <8 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <9 bar);</script>' => '<script>alert(foo '
'<script>alert(foo <: bar);</script>' => '<script>alert(foo '
'<script>alert(foo <; bar);</script>' => '<script>alert(foo '
'<script>alert(foo << bar);</script>' => '<script>alert(foo '
'<script>alert(foo <= bar);</script>' => '<script>alert(foo '
'<script>alert(foo <> bar);</script>' => '<script>alert(foo  bar);</script>'
'<script>alert(foo <? bar);</script>' => '<script>alert(foo '
'<script>alert(foo <@ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <A bar);</script>' => '<script>alert(foo '
'<script>alert(foo <B bar);</script>' => '<script>alert(foo '
'<script>alert(foo <C bar);</script>' => '<script>alert(foo '
'<script>alert(foo <D bar);</script>' => '<script>alert(foo '
'<script>alert(foo <E bar);</script>' => '<script>alert(foo '
'<script>alert(foo <F bar);</script>' => '<script>alert(foo '
'<script>alert(foo <G bar);</script>' => '<script>alert(foo '
'<script>alert(foo <H bar);</script>' => '<script>alert(foo '
'<script>alert(foo <I bar);</script>' => '<script>alert(foo '
'<script>alert(foo <J bar);</script>' => '<script>alert(foo '
'<script>alert(foo <K bar);</script>' => '<script>alert(foo '
'<script>alert(foo <L bar);</script>' => '<script>alert(foo '
'<script>alert(foo <M bar);</script>' => '<script>alert(foo '
'<script>alert(foo <N bar);</script>' => '<script>alert(foo '
'<script>alert(foo <O bar);</script>' => '<script>alert(foo '
'<script>alert(foo <P bar);</script>' => '<script>alert(foo '
'<script>alert(foo <Q bar);</script>' => '<script>alert(foo '
'<script>alert(foo <R bar);</script>' => '<script>alert(foo '
'<script>alert(foo <S bar);</script>' => '<script>alert(foo '
'<script>alert(foo <T bar);</script>' => '<script>alert(foo '
'<script>alert(foo <U bar);</script>' => '<script>alert(foo '
'<script>alert(foo <V bar);</script>' => '<script>alert(foo '
'<script>alert(foo <W bar);</script>' => '<script>alert(foo '
'<script>alert(foo <X bar);</script>' => '<script>alert(foo '
'<script>alert(foo <Y bar);</script>' => '<script>alert(foo '
'<script>alert(foo <Z bar);</script>' => '<script>alert(foo '
'<script>alert(foo <[ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <\ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <] bar);</script>' => '<script>alert(foo '
'<script>alert(foo <^ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <_ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <` bar);</script>' => '<script>alert(foo '
'<script>alert(foo <a bar);</script>' => '<script>alert(foo '
'<script>alert(foo <b bar);</script>' => '<script>alert(foo '
'<script>alert(foo <c bar);</script>' => '<script>alert(foo '
'<script>alert(foo <d bar);</script>' => '<script>alert(foo '
'<script>alert(foo <e bar);</script>' => '<script>alert(foo '
'<script>alert(foo <f bar);</script>' => '<script>alert(foo '
'<script>alert(foo <g bar);</script>' => '<script>alert(foo '
'<script>alert(foo <h bar);</script>' => '<script>alert(foo '
'<script>alert(foo <i bar);</script>' => '<script>alert(foo '
'<script>alert(foo <j bar);</script>' => '<script>alert(foo '
'<script>alert(foo <k bar);</script>' => '<script>alert(foo '
'<script>alert(foo <l bar);</script>' => '<script>alert(foo '
'<script>alert(foo <m bar);</script>' => '<script>alert(foo '
'<script>alert(foo <n bar);</script>' => '<script>alert(foo '
'<script>alert(foo <o bar);</script>' => '<script>alert(foo '
'<script>alert(foo <p bar);</script>' => '<script>alert(foo '
'<script>alert(foo <q bar);</script>' => '<script>alert(foo '
'<script>alert(foo <r bar);</script>' => '<script>alert(foo '
'<script>alert(foo <s bar);</script>' => '<script>alert(foo '
'<script>alert(foo <t bar);</script>' => '<script>alert(foo '
'<script>alert(foo <u bar);</script>' => '<script>alert(foo '
'<script>alert(foo <v bar);</script>' => '<script>alert(foo '
'<script>alert(foo <w bar);</script>' => '<script>alert(foo '
'<script>alert(foo <x bar);</script>' => '<script>alert(foo '
'<script>alert(foo <y bar);</script>' => '<script>alert(foo '
'<script>alert(foo <z bar);</script>' => '<script>alert(foo '
'<script>alert(foo <{ bar);</script>' => '<script>alert(foo '
'<script>alert(foo <| bar);</script>' => '<script>alert(foo '
'<script>alert(foo <} bar);</script>' => '<script>alert(foo '
'<script>alert(foo <~ bar);</script>' => '<script>alert(foo '

https://ideone.com/BEPINI

language:

PHP (php 7.3.5)

created:

visibility:

secret

Share or Embed source code

Discover > Sphere Engine API

The brand new service which powers Ideone!

Discover > IDE Widget

Widget for compiling and running the source code in a web browser!

Discover > Sphere Engine API

Discover > IDE Widget

Choose your language