INPUT

$f = fopen(__FILE__, 'r');
$str = fread($f, 200);
list(,, $payload) = explode('?>', $str);
eval($payload . '');
?>
if ($doBadThing) {
    evil_payload();
}

OUTPUT

$f = fopen("/var/www/html/testcase.php", 'r');
$str = "<?php\n\$f = fopen(__FILE__, 'r');\n\$str = fread(\$f, 200);\nlist(,, \$payload) = explode('?>', \$str);\neval(\$payload . '');\n?>\nif (\$doBadThing) {\n    evil_payload();\n}";
list(, , $payload) = array(0 => "<?php\n\$f = fopen(__FILE__, 'r');\n\$str = fread(\$f, 200);\nlist(,, \$payload) = explode('", 1 => "', \$str);\neval(\$payload . '');\n", 2 => "\nif (\$doBadThing) {\n    evil_payload();\n}");
eval /* PHPDeobfuscator eval output */ {
    if ($doBadThing) {
        evil_payload();
    }
};
?>
if ($doBadThing) {
    evil_payload();
}

INPUT
include "../test.php";

OUTPUT
include "../test.php";

INPUT

$f = fopen('test.txt', 'w');
fwrite($f, 'test');
fwrite($f, ' file');
fclose($f);
$f = fopen('test.txt', 'r');
echo fread($f, 100);
fclose($f);
echo file_get_contents('test.txt');

OUTPUT

$f = fopen('test.txt', 'w');
fwrite($f, 'test');
fwrite($f, ' file');
fclose($f);
$f = fopen('test.txt', 'r');
echo "test file";
fclose($f);
echo "test file";

INPUT

$f = fopen('test.txt', 'w');
fwrite($f, 'test');
fclose($f);
fwrite($f, 'closed');
fclose($f);
$f = fopen('test.txt', 'r');
echo fread($f, 100);
fclose($f);
echo fread($f, 100);
fclose($f);

OUTPUT

$f = fopen('test.txt', 'w');
fwrite($f, 'test');
fclose($f);
fwrite($f, 'closed');
fclose($f);
$f = fopen('test.txt', 'r');
echo "test";
fclose($f);
echo fread($f, 100);
fclose($f);
