Functions and Statements which will spread the tainted mark of a tainted string
| Function/Statement | Since |
|---|---|
| = (assign) | 0.1.0 |
| . (concat) | 0.1.0 |
| "{$var}" (variable substitution) | 0.1.0 |
| .= (assign concat) | 0.1.0 |
| strval | 0.3.0 |
| explode/split | 0.3.0 |
| implode/join | 0.3.0 |
| sprintf | 0.3.0 |
| vsprintf | 0.3.0 |
| trim | 0.4.0 |
| rtrim | 0.4.0 |
| ltrim | 0.4.0 |
| strstr | 0.5.0 |
| str_pad | 0.5.0 |
| str_replace | 0.5.0 |
| substr | 0.5.0 |
| strtolower | 0.5.0 |
| strtoupper | 0.5.0 |
add a note
User Contributed Notes
There are no user contributed notes for this page.