Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Regex patterns to detect old PHP code
Find each() and create_function() calls >= PHP 7.2
=(\W)?(each|create_function) ?\(
(or look for the while/list/each construct):
while\W?\(\W?list\W?\(.*=\W?each\(
Find all SHORT tags >= 5.3
(.*)<\?(?!(p|x|=))(.*)
Old ereg >= 5.3
\W(spliti?|eregi?|eregi?_replace|sql_regcase)[ ]?\(
HTTP_xxxx VARS >= 5.3
\$HTTP_((GET|POST|REQUEST|SERVER|FILE|COOKIE)_VARS|RAW_POST_DATA)
mysql_ >= 5.5
mysql_[a-z]{4,18}\(
magic_quotes or safe_mode >= 5.4
(magic_quotes|safe_mode)
global $_POST / $_GET etc
\Wglobal .*\$_(POST|GET|SERVER|REQUEST|FILE|COOKIE).*;
or ...
One Pattern To Rule Them All (which includes a few for additional PHP RFCs being incorporated):
(=(\W)?each ?\(|(.*)<\?(?!(p|x|=))(.*)|\W(?<!\.)(spliti?|eregi?|eregi?_replace|sql_regcase|create_function|gmp_random|__autoload|assert)[ ]?\(|\$HTTP_((GET|POST|REQUEST|SERVER|FILE|COOKIE)_VARS|RAW_POST_DATA)|\Wmysql_[a-z]{4,18}\(|magic_quotes|safe_mode|\bglobal .*\$_(POST|GET|SERVER|REQUEST|FILE|COOKIE).*;|\(unset\)|\$php_errormsg)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.