Here is the list of the most complex expressions used in the code. A complex expression is an expression that requires more than 20 tokens to be build.
Literal arrays are omitted.
| File | Count | Expression |
|---|---|---|
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:136 | 1 | $padding = $this->info['padding-top'] = $this->info['padding-bottom'] = $this->info['padding-left'] = $this->info['padding-right'] = new HTMLPurifier_AttrDef_CSS_Composite(array(new HTMLPurifier_AttrDef_CSS_Length('0'), new HTMLPurifier_AttrDef_CSS_Percentage(true))) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/ConfigForm.php:214 | 1 | $attr = array('type' => 'checkbox', 'value' => '1', 'class' => 'null-toggle', 'name' => "$name" . "[Null_$ns.$directive]", 'id' => "$name:Null_$ns.$directive", 'onclick' => "toggleWriteability('$name:$ns.$directive',checked)") |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/SafeEmbed.php:14 | 1 | $embed = $this->addElement('embed', 'Inline', 'Empty', 'Common', array('src*' => 'URI#embedded', 'type' => 'Enum#application/x-shockwave-flash', 'width' => 'Pixels#' . $max, 'height' => 'Pixels#' . $max, 'allowscriptaccess' => 'Enum#never', 'allownetworking' => 'Enum#internal', 'wmode' => 'Enum#window', 'name' => 'ID', )) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Image.php:15 | 1 | $img = $this->addElement('img', 'Inline', 'Empty', 'Common', array('alt*' => 'Text', 'height' => 'Pixels#' . $max, 'width' => 'Pixels#' . $max, 'longdesc' => 'URI', 'src*' => new HTMLPurifier_AttrDef_URI(true), )) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:87 | 1 | $border_width = $this->info['border-top-width'] = $this->info['border-bottom-width'] = $this->info['border-left-width'] = $this->info['border-right-width'] = new HTMLPurifier_AttrDef_CSS_Composite(array(new HTMLPurifier_AttrDef_Enum(array('thin', 'medium', 'thick')), new HTMLPurifier_AttrDef_CSS_Length('0'))) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:88 | 1 | $this->info['border-top-width'] = $this->info['border-bottom-width'] = $this->info['border-left-width'] = $this->info['border-right-width'] = new HTMLPurifier_AttrDef_CSS_Composite(array(new HTMLPurifier_AttrDef_Enum(array('thin', 'medium', 'thick')), new HTMLPurifier_AttrDef_CSS_Length('0'))) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:123 | 1 | $margin = $this->info['margin-top'] = $this->info['margin-bottom'] = $this->info['margin-left'] = $this->info['margin-right'] = new HTMLPurifier_AttrDef_CSS_Composite(array(new HTMLPurifier_AttrDef_CSS_Length( ), new HTMLPurifier_AttrDef_CSS_Percentage( ), new HTMLPurifier_AttrDef_Enum(array('auto')))) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:124 | 1 | $this->info['margin-top'] = $this->info['margin-bottom'] = $this->info['margin-left'] = $this->info['margin-right'] = new HTMLPurifier_AttrDef_CSS_Composite(array(new HTMLPurifier_AttrDef_CSS_Length( ), new HTMLPurifier_AttrDef_CSS_Percentage( ), new HTMLPurifier_AttrDef_Enum(array('auto')))) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:26 | 1 | $this->info['border-bottom-style'] = $this->info['border-right-style'] = $this->info['border-left-style'] = $this->info['border-top-style'] = new HTMLPurifier_AttrDef_Enum(array('none', 'hidden', 'dotted', 'dashed', 'solid', 'double', 'groove', 'ridge', 'inset', 'outset'), false) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:73 | 1 | $border_color = $this->info['border-top-color'] = $this->info['border-bottom-color'] = $this->info['border-left-color'] = $this->info['border-right-color'] = $this->info['background-color'] = new HTMLPurifier_AttrDef_CSS_Composite(array(new HTMLPurifier_AttrDef_Enum(array('transparent')), new HTMLPurifier_AttrDef_CSS_Color( ))) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:74 | 1 | $this->info['border-top-color'] = $this->info['border-bottom-color'] = $this->info['border-left-color'] = $this->info['border-right-color'] = $this->info['background-color'] = new HTMLPurifier_AttrDef_CSS_Composite(array(new HTMLPurifier_AttrDef_Enum(array('transparent')), new HTMLPurifier_AttrDef_CSS_Color( ))) |
| /setup.php:46 | 1 | $page['body'] .= "
<div class=\"body_padded\"> <h1>Database Setup <img src=\"" . DVWA_WEB_PAGE_TO_ROOT . "dvwa/images/spanner.png\" /></h1> <p>Click on the 'Create / Reset Database' button below to create or reset your database.<br /> If you get an error make sure you have the correct user credentials in: <em>" . realpath(getcwd( ) . DIRECTORY_SEPARATOR . "config" . DIRECTORY_SEPARATOR . "config.inc.php") . "</em></p> <p>If the database already exists, <em>it will be cleared and the data will be reset</em>.<br /> You can also use this to reset the administrator credentials (\"<em>admin</em> // <em>password</em>\") at any stage.</p> <hr /> <br /> <h2>Setup Check</h2> {$SERVER_NAME}<br /> <br /> {$DVWAOS}<br /> <br /> PHP version: <em>" . phpversion( ) . "</em><br /> {$phpDisplayErrors}<br /> {$phpSafeMode}<br/ > {$phpURLInclude}<br/ > {$phpURLFopen}<br /> {$phpMagicQuotes}<br /> {$phpGD}<br /> {$phpMySQL}<br /> {$phpPDO}<br /> <br /> Backend database: <em>{$database_type_name}</em><br /> {$MYSQL_USER}<br /> {$MYSQL_PASS}<br /> {$MYSQL_DB}<br /> {$MYSQL_SERVER}<br /> {$MYSQL_PORT}<br /> <br /> {$DVWARecaptcha}<br /> <br /> {$DVWAUploadsWrite}<br /> {$DVWAPHPWrite}<br /> <br /> <br /> {$bakWritable} <br /> <i><span class=\"failure\">Status in red</span>, indicate there will be an issue when trying to complete some modules.</i><br /> <br /> If you see disabled on either <i>allow_url_fopen</i> or <i>allow_url_include</i>, set the following in your php.ini file and restart Apache.<br /> <pre><code>allow_url_fopen = On allow_url_include = On</code></pre> These are only required for the file inclusion labs so unless you want to play with those, you can ignore them. <br /><br /><br /> <!-- Create db button --> <form action=\"#\" method=\"post\"> <input name=\"create_db\" type=\"submit\" value=\"Create / Reset Database\"> " . tokenField( ) . " </form> <br /> <hr /> </div>" |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:75 | 1 | $this->info['border-bottom-color'] = $this->info['border-left-color'] = $this->info['border-right-color'] = $this->info['background-color'] = new HTMLPurifier_AttrDef_CSS_Composite(array(new HTMLPurifier_AttrDef_Enum(array('transparent')), new HTMLPurifier_AttrDef_CSS_Color( ))) |
| /about.php:12 | 1 | $page['body'] .= "
<div class=\"body_padded\"> <h2>About</h2> <p>Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment</p> <p>Pre-August 2020, All material is copyright 2008-2015 RandomStorm & Ryan Dewhurst.</p> <p>Ongoing, All material is copyright Robin Wood and probably Ryan Dewhurst.</p> <h2>Links</h2> <ul> <li>Homepage: " . dvwaExternalLinkUrlGet('http://www.dvwa.co.uk/') . "</li> <li>Project Home: " . dvwaExternalLinkUrlGet('https://github.com/digininja/DVWA') . "</li> <li>Bug Tracker: " . dvwaExternalLinkUrlGet('https://github.com/digininja/DVWA/issues') . "</li> <li>Wiki: " . dvwaExternalLinkUrlGet('https://github.com/digininja/DVWA/wiki') . "</li> </ul> <h2>Credits</h2> <ul> <li>Brooks Garrett: " . dvwaExternalLinkUrlGet('http://brooksgarrett.com/', 'www.brooksgarrett.com') . "</li> <li>Craig</li> <li>g0tmi1k: " . dvwaExternalLinkUrlGet('https://blog.g0tmi1k.com/', 'g0tmi1k.com') . "</li> <li>Jamesr: " . dvwaExternalLinkUrlGet('https://www.creativenucleus.com/', 'www.creativenucleus.com') . "</li> <li>Jason Jones: " . dvwaExternalLinkUrlGet('http://www.linux-ninja.com/', 'www.linux-ninja.com') . "</li> <li>RandomStorm</li> <li>Ryan Dewhurst: " . dvwaExternalLinkUrlGet('https://dewhurstsecurity.com/', 'dewhurstsecurity.com') . "</li> <li>Shinkurt: " . dvwaExternalLinkUrlGet('http://www.paulosyibelo.com/', 'www.paulosyibelo.com') . "</li> <li>Tedi Heriyanto: " . dvwaExternalLinkUrlGet('http://tedi.heriyanto.net/', 'tedi.heriyanto.net') . "</li> <li>Tom Mackenzie</li> <li>Robin Wood: " . dvwaExternalLinkUrlGet('https://digi.ninja/', 'digi.ninja') . "</li> </ul> <ul> <li>PHPIDS - Copyright (c) 2007 " . dvwaExternalLinkUrlGet('http://github.com/PHPIDS/PHPIDS', 'PHPIDS group') . "</li> </ul> <h2>License</h2> <p>Damn Vulnerable Web Application (DVWA) is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.</p> <p>The PHPIDS library is included, in good faith, with this DVWA distribution. The operation of PHPIDS is provided without support from the DVWA team. It is licensed under <a href=\"" . DVWA_WEB_PAGE_TO_ROOT . "instructions.php?doc=PHPIDS-license\">separate terms</a> to the DVWA code.</p> <h2>Development</h2> <p>Everyone is welcome to contribute and help make DVWA as successful as it can be. All contributors can have their name and link (if they wish) placed in the credits section. To contribute pick an Issue from the Project Home to work on or submit a patch to the Issues list.</p> </div>\n" |
| /external/phpids/0.6/tests/IDS/ReportTest.php:31 | 2 | $this->report = new IDS_Report(array(new IDS_Event("key_a", 'val_b', array(new IDS_Filter(1, '^test_a1$', 'desc_a1', array('tag_a1', 'tag_a2'), 1), new IDS_Filter(1, '^test_a2$', 'desc_a2', array('tag_a2', 'tag_a3'), 2))), new IDS_Event('key_b', 'val_b', array(new IDS_Filter(1, '^test_b1$', 'desc_b1', array('tag_b1', 'tag_b2'), 3), new IDS_FIlter(1, '^test_b2$', 'desc_b2', array('tag_b2', 'tag_b3'), 4), )))) |
| /external/phpids/0.6/tests/IDS/ExceptionTest.php:35 | 2 | $this->report = new IDS_Report(array(new IDS_Event("key_a", 'val_b', array(new IDS_Filter(1, '^test_a1$', 'desc_a1', array('tag_a1', 'tag_a2'), 1), new IDS_Filter(1, '^test_a2$', 'desc_a2', array('tag_a2', 'tag_a3'), 2))), new IDS_Event('key_b', 'val_b', array(new IDS_Filter(1, '^test_b1$', 'desc_b1', array('tag_b1', 'tag_b2'), 3), new IDS_FIlter(1, '^test_b2$', 'desc_b2', array('tag_b2', 'tag_b3'), 4), )))) |
| /external/phpids/0.6/docs/examples/cakephp/ids.php:201 | 1 | $data = array('Intrusion' => array('name' => $event->getName( ), 'value' => stripslashes($event->getValue( )), 'page' => $_SERVER['REQUEST_URI'], 'userid' => $user, 'session' => session_id( ) ? session_id( ) : '0', 'ip' => $ip, 'reaction' => $reaction, 'impact' => $result->getImpact( ))) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:25 | 1 | $border_style = $this->info['border-bottom-style'] = $this->info['border-right-style'] = $this->info['border-left-style'] = $this->info['border-top-style'] = new HTMLPurifier_AttrDef_Enum(array('none', 'hidden', 'dotted', 'dashed', 'solid', 'double', 'groove', 'ridge', 'inset', 'outset'), false) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php:70 | 1 | $r['h1@align'] = $r['h2@align'] = $r['h3@align'] = $r['h4@align'] = $r['h5@align'] = $r['h6@align'] = $r['p@align'] = $r['div@align'] = new HTMLPurifier_AttrTransform_EnumToCSS('align', $align_lookup) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Forms.php:28 | 1 | $input = $this->addElement('input', 'Formctrl', 'Empty', 'Common', array('accept' => 'ContentTypes', 'accesskey' => 'Character', 'alt' => 'Text', 'checked' => 'Bool#checked', 'disabled' => 'Bool#disabled', 'maxlength' => 'Number', 'name' => 'CDATA', 'readonly' => 'Bool#readonly', 'size' => 'Number', 'src' => 'URI#embeds', 'tabindex' => 'Number', 'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image', 'value' => 'CDATA', )) |
| /external/phpids/0.6/lib/IDS/Log/Email.php:281 | 1 | $attackedParameters .= $event->getName( ) . '=' . ((!isset($this->urlencode) || $this->urlencode) ? urlencode($event->getValue( )) : $event->getValue( )) . ", " |
| /external/phpids/0.6/lib/IDS/Log/File.php:157 | 1 | $dataString = sprintf($format, $this->ip, date('c'), $data->getImpact( ), join(' ', $data->getTags( )), trim($attackedParameters), urlencode($_SERVER['REQUEST_URI']), $_SERVER['SERVER_ADDR']) |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:221 | 1 | if(($this->content_model === self::RCDATA || $this->content_model === self::CDATA) && $this->escape === true && $this->character($this->char, 3) === '-->') { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:373 | 1 | if(($this->content_model === self::RCDATA || $this->content_model === self::CDATA) && (!$the_same || ($the_same && (!preg_match('/[\t\n\x0b\x0c >\/]/', $this->character($this->char + 1 + strlen($next_node))) || $this->EOF === $this->char)))) { /**/ } else { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:1265 | 1 | if((isset($token['error']) && $token['error']) || $token['type'] === HTML5::COMMENT || $token['type'] === HTML5::STARTTAG || $token['type'] === HTML5::ENDTAG || $token['type'] === HTML5::EOF || ($token['type'] === HTML5::CHARACTR && isset($token['data']) && !preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data']))) { /**/ } elseif(isset($token['error']) && !$token['error']) { /**/ } elseif(isset($token['data']) && preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:1333 | 1 | elseif(($token['type'] === HTML5::CHARACTR && !preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) || $token['type'] === HTML5::STARTTAG || $token['type'] === HTML5::ENDTAG || $token['type'] === HTML5::EOF) { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:155 | 1 | if(((2 == $mBytes) && ($mUcs4 < 0x0080)) || ((3 == $mBytes) && ($mUcs4 < 0x0800)) || ((4 == $mBytes) && ($mUcs4 < 0x10000)) || (4 < $mBytes) || (($mUcs4 & 0xFFFFF800) == 0xD800) || ($mUcs4 > 0x10FFFF)) { /**/ } elseif(0xFEFF != $mUcs4 && (0x9 == $mUcs4 || 0xA == $mUcs4 || 0xD == $mUcs4 || (0x20 <= $mUcs4 && 0x7E >= $mUcs4) || (0xA0 <= $mUcs4 && 0xD7FF >= $mUcs4) || (0x10000 <= $mUcs4 && 0x10FFFF >= $mUcs4))) { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:165 | 1 | elseif(0xFEFF != $mUcs4 && (0x9 == $mUcs4 || 0xA == $mUcs4 || 0xD == $mUcs4 || (0x20 <= $mUcs4 && 0x7E >= $mUcs4) || (0xA0 <= $mUcs4 && 0xD7FF >= $mUcs4) || (0x10000 <= $mUcs4 && 0x10FFFF >= $mUcs4))) { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:187 | 1 | if(($this->content_model === self::RCDATA || $this->content_model === self::CDATA) && $this->escape === false && $this->char >= 3 && $this->character($this->char - 4, 4) === '<!--') { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:201 | 1 | elseif($char === '<' && ($this->content_model === self::PCDATA || (($this->content_model === self::RCDATA || $this->content_model === self::CDATA) && $this->escape === false))) { /**/ } elseif($char === '>') { /**/ } elseif($this->char === $this->EOF) { /**/ } elseif($this->content_model === self::PLAINTEXT) { /**/ } else { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3524 | 1 | elseif(($token['type'] === HTML5::CHARACTR && preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) || $token['type'] === HTML5::STARTTAG || $token['type'] === HTML5::ENDTAG) { /**/ } elseif($token['type'] === HTML5::EOF) { /**/ } |
| /external/phpids/0.6/lib/IDS/Caching/Memcached.php:209 | 1 | if(isset($init->config['General']['base_path']) && $init->config['General']['base_path'] && isset($init->config['General']['use_base_path']) && $init->config['General']['use_base_path']) { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:1434 | 1 | elseif($token['type'] === HTML5::STARTTAG || ($token['type'] === HTML5::ENDTAG && $token['name'] === 'html') || ($token['type'] === HTML5::CHARACTR && !preg_match('/^[\t\n\x0b\x0c ]$/', $token['data']))) { /**/ } elseif($token['type'] === HTML5::ENDTAG) { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:1464 | 1 | if(($token['type'] === HTML5::CHARACTR && preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) || ($token['type'] === HTML5::CHARACTR && in_array(end($this->stack)->nodeName, array('title', 'style', 'script')))) { /**/ } elseif($token['type'] === HTML5::COMMENT) { /**/ } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], array('title', 'style', 'script'))) { /**/ } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'title') { /**/ } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'style') { /**/ } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'script') { /**/ } elseif($token['type'] === HTML5::STARTTAG && in_array($token['name'], array('base', 'link', 'meta'))) { /**/ } elseif($token['type'] === HTML5::ENDTAG && $token['name'] === 'head') { /**/ } elseif(($token['type'] === HTML5::STARTTAG && $token['name'] === 'head') || ($token['type'] === HTML5::ENDTAG && $token['name'] !== 'html')) { /**/ } else { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:2849 | 1 | elseif(($token['type'] === HTML5::STARTTAG && in_array($token['name'], array('caption', 'col', 'colgroup', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr'))) || ($token['type'] === HTML5::ENDTAG && $token['name'] === 'table')) { /**/ } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], array('body', 'col', 'colgroup', 'html', 'tbody', 'tfoot', 'th', 'thead', 'tr'))) { /**/ } else { /**/ } |
| /external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:2982 | 1 | elseif(($token['type'] === HTML5::STARTTAG && in_array($token['name'], array('caption', 'col', 'colgroup', 'tbody', 'tfoor', 'thead'))) || ($token['type'] === HTML5::STARTTAG && $token['name'] === 'table')) { /**/ } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], array('body', 'caption', 'col', 'colgroup', 'html', 'td', 'th', 'tr'))) { /**/ } else { /**/ } |
| /dvwa/includes/dvwaPage.inc.php:467 | 1 | if(!@($GLOBALS["___mysqli_ston"] = mysqli_connect($_DVWA['db_server'], $_DVWA['db_user'], $_DVWA['db_password'], "", $_DVWA['db_port'])) || !@((bool) mysqli_query($GLOBALS["___mysqli_ston"], "USE " . $_DVWA['db_database']))) { /**/ } |
| /vulnerabilities/upload/source/impossible.php:23 | 1 | if((strtolower($uploaded_ext) == 'jpg' || strtolower($uploaded_ext) == 'jpeg' || strtolower($uploaded_ext) == 'png') && ($uploaded_size < 100000) && ($uploaded_type == 'image/jpeg' || $uploaded_type == 'image/png') && getimagesize($uploaded_tmp)) { /**/ } else { /**/ } |
| /vulnerabilities/exec/source/impossible.php:15 | 1 | if((is_numeric($octet[0])) && (is_numeric($octet[1])) && (is_numeric($octet[2])) && (is_numeric($octet[3])) && (sizeof($octet) == 4)) { /**/ } else { /**/ } |