解析PHP代码以提取函数名称? [英] Parse PHP code to extract function names?

问题描述

我必须用PHP编写一个脚本，该脚本将扫描其他PHP文件以检查是否存在危险的函数调用，例如eval，exec. 有没有可用的解析器可以给我代码的逻辑结构.

I have to make a script in PHP that will scan other PHP files to check for dangerous function calls like eval,exec . Is there any parser available that can give me a logical structure of code.

或者我必须使用正则表达式.

Or i have to go with Regex.

谢谢，欢迎提出任何类型的建议.

Thanks, any type suggestions are welcome.

Arshdeep

我不认为这是一枪杀死所有人".我也有其他一些想法，但这仍然是我必须要做的事情.

i am not considering it as "one shot kill all". I have some other things in mind too, but its still something that i have to do.

推荐答案

您可以使用 tokenizer 为此:

print_r(token_get_all('<?php exec("rm -rf *"); ?>'));

在输出中注意第三个元素:

Notice in the output the third element which is:

[1] => Array
    (
        [0] => 307
        [1] => exec
        [2] => 1
    )

这篇关于解析PHP代码以提取函数名称?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！