stdin

===========================================================
                                      .___ __  __   
          _________________  __ __  __| _/|__|/  |_ 
         / ___\_` __ \__  \ |  |  \/ __ | | \\_  __\
        / /_/  >  | \// __ \|  |  / /_/ | |  ||  |  
        \___  /|__|  (____  /____/\____ | |__||__|  
       /_____/            \/           \/           
              grep rough audit - static analysis tool
                  v2.8 written by @Wireghoul
=================================[justanotherhacker.com]===
php-htmlawed-1.1.20/htmLawed.php-28- if(isset($x[1])){
php-htmlawed-1.1.20/htmLawed.php:29:  preg_match_all('`(?:^|-|\+)[^\-+]+?(?=-|\+|$)`', $x, $m, PREG_SET_ORDER);
php-htmlawed-1.1.20/htmLawed.php-30-  for($i=count($m); --$i>=0;){$m[$i] = $m[$i][0];}
##############################################
php-htmlawed-1.1.20/htmLawed.php-103-// main
php-htmlawed-1.1.20/htmLawed.php:104:$t = preg_replace_callback('`<(?:(?:\s|$)|(?:[^>]*(?:>|$)))|>`m', 'hl_tag', $t);
php-htmlawed-1.1.20/htmLawed.php-105-$t = $C['balance'] ? hl_bal($t, $C['keep_bad'], $C['parent']) : $t;
##############################################
php-htmlawed-1.1.20/htmLawed.php-338-if(isset($c['*']) or !strcspn($p, '#?;') or (substr($p, 0, 7) == $d)){return "{$b}{$p}{$a}";} // All ok, frag, query, param
php-htmlawed-1.1.20/htmLawed.php:339:if(preg_match('`^([^:?[@!$()*,=/\'\]]+?)(:|&#(58|x3a);|%3a|\\\\0{0,4}3a).`i', $p, $m) && !isset($c[strtolower($m[1])])){ // Denied prot
php-htmlawed-1.1.20/htmLawed.php-340- return "{$b}{$d}{$p}{$a}";
##############################################
php-htmlawed-1.1.20/htmLawed.php-381-$s = array();
php-htmlawed-1.1.20/htmLawed.php:382:$t = str_replace(array("\t", "\r", "\n", ' '), '', preg_replace_callback('/"(?>(`.|[^"])*)"/sm', create_function('$m', 'return substr(str_replace(array(";", "|", "~", " ", ",", "/", "(", ")", \'`"\'), array("\x01", "\x02", "\x03", "\x04", "\x05", "\x06", "\x07", "\x08", "\""), $m[0]), 1, -1);'), trim($t))); 
php-htmlawed-1.1.20/htmLawed.php-383-for($i = count(($t = explode(';', $t))); --$i>=0;){
##############################################
php-htmlawed-1.1.20/htmLawed.php-482- if($w == 0){ // Parse errs, deal with space, " & '
php-htmlawed-1.1.20/htmLawed.php:483:  $a = preg_replace('`^(?:"[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*`', '', $a);
php-htmlawed-1.1.20/htmLawed.php-484-  $mode = 0;
##############################################
php-htmlawed-1.1.20/htmLawed.php-627- $a2 = '';
php-htmlawed-1.1.20/htmLawed.php:628: if(preg_match('`face\s*=\s*(\'|")([^=]+?)\\1`i', $a, $m) or preg_match('`face\s*=(\s*)(\S+)`i', $a, $m)){
php-htmlawed-1.1.20/htmLawed.php-629-  $a2 .= ' font-family: '. str_replace('"', '\'', trim($m[2])). ';';
php-htmlawed-1.1.20/htmLawed.php-630- }
php-htmlawed-1.1.20/htmLawed.php:631: if(preg_match('`color\s*=\s*(\'|")?(.+?)(\\1|\s|$)`i', $a, $m)){
php-htmlawed-1.1.20/htmLawed.php-632-  $a2 .= ' color: '. str_replace('"', '\'', trim($m[2])). ';';
php-htmlawed-1.1.20/htmLawed.php-633- }
php-htmlawed-1.1.20/htmLawed.php:634: if(preg_match('`size\s*=\s*(\'|")?(.+?)(\\1|\s|$)`i', $a, $m) && isset($fs[($m = trim($m[2]))])){
php-htmlawed-1.1.20/htmLawed.php-635-  $a2 .= ' font-size: '. str_replace('"', '\'', $fs[$m]). ';';
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-71-if(isset($_POST['inputH'])){
php-htmlawed-1.1.20/htmLawedTest.php:72: echo '<html><head><title>htmLawed test: HTML view of unprocessed input</title></head><body style="margin:0; padding: 0;"><p style="background-color: black; color: white; padding: 2px;">&nbsp; Rendering of unprocessed input without an HTML doctype or charset declaration &nbsp; &nbsp; <small><a style="color: white; text-decoration: none;" href="1" onclick="javascript:window.close(this); return false;">close window</a> | <a style="color: white; text-decoration: none;" href="htmLawedTest.php" onclick="javascript: window.open(\'htmLawedTest.php\', \'hlmain\'); window.close(this); return false;">htmLawed test page</a></small></p><div>', $_POST['inputH'], '</div></body></html>';
php-htmlawed-1.1.20/htmLawedTest.php-73- exit;
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-268- f.method = 'post';
php-htmlawed-1.1.20/htmLawedTest.php:269: f.acceptCharset = '<?php echo htmlspecialchars($_POST['enc']); ?>';
php-htmlawed-1.1.20/htmLawedTest.php-270- if(f.style){f.style.display = 'none';}
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-292- f.method = 'post';
php-htmlawed-1.1.20/htmLawedTest.php:293: f.acceptCharset = '<?php echo htmlspecialchars($_POST['enc']); ?>';
php-htmlawed-1.1.20/htmLawedTest.php-294- if(f.style){f.style.display = 'none';}
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-444-
php-htmlawed-1.1.20/htmLawedTest.php:445:<form id="testform" name="testform" action="htmLawedTest.php" method="post" accept-charset="<?php echo htmlspecialchars($_POST['enc']); ?>" style="padding:0; margin: 0; display:inline;">
php-htmlawed-1.1.20/htmLawedTest.php-446-
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-449-<input type="hidden" name="token" id="token" value="<?php echo $token; ?>" />
php-htmlawed-1.1.20/htmLawedTest.php:450:<div><textarea id="text" class="textarea" name="text" rows="5" cols="100" style="width: 100%;"><?php echo htmlspecialchars($_POST['text']);?></textarea></div>
php-htmlawed-1.1.20/htmLawedTest.php-451-<input type="submit" id="submitF" name="submitF" value="Process" style="float:left;" title="filter using htmLawed" onclick="javascript: sndProc(); return false;" onkeypress="javascript: sndProc(); return false;" />
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-479-
php-htmlawed-1.1.20/htmLawedTest.php:480:<span style="float:right;" class="help" title="IANA-recognized name of the input character-set; can be multiple ;- or space-separated values; may not work in some browsers"><span style="font-size: 85%;">Encoding: </span><input type="text" size="8" id="enc" name="enc" style="vertical-align: middle;" value="<?php echo htmlspecialchars($_POST['enc']); ?>" /></span>
php-htmlawed-1.1.20/htmLawedTest.php-481-
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-538-  for($i = $j-1; ++$i < $v[0]+$v[3];++$j){
php-htmlawed-1.1.20/htmLawedTest.php:539:   echo '<input type="radio" name="h', $k, '" value="', $i, '"', (!isset($_POST['h'. $k]) ? ($v[1] == $i ? ' checked="checked"' : '') : ($_POST['h'. $k] == $i ? ' checked="checked"' : '')), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />', $i, ' ';
php-htmlawed-1.1.20/htmLawedTest.php-540-  }
php-htmlawed-1.1.20/htmLawedTest.php-541-  if($v[1] == 'nil'){
php-htmlawed-1.1.20/htmLawedTest.php:542:   echo '<input type="radio" name="h', $k, '" value="nil"', ((!isset($_POST['h'. $k]) or $_POST['h'. $k] == 'nil') ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />not set ';
php-htmlawed-1.1.20/htmLawedTest.php-543-  }
php-htmlawed-1.1.20/htmLawedTest.php-544-  if(!empty($v[4])){ // + input text box
php-htmlawed-1.1.20/htmLawedTest.php:545:   echo '<input type="radio" name="h', $k, '" value="', $j, '"', (((isset($_POST['h'. $k]) && $_POST['h'. $k] == $j) or (!isset($_POST['h'. $k]) && $j == $v[1])) ? ' checked="checked"' : ''), (isset($v['d']) ? ' disabled="disabled"' : ''), ' />';
php-htmlawed-1.1.20/htmLawedTest.php-546-   if(!is_array($v[4])){
php-htmlawed-1.1.20/htmLawedTest.php:547:    echo $v[6], ': <input type="text" size="', $v[4], '" name="h', $k. $j, '" value="', htmlspecialchars(isset($_POST['h'. $k. $j][0]) ? $_POST['h'. $k. $j] : $v[5]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />';
php-htmlawed-1.1.20/htmLawedTest.php-548-   }
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-550-    foreach($v[4] as $z){
php-htmlawed-1.1.20/htmLawedTest.php:551:     echo ' ', $z[3], ': <input type="text" size="', $z[0], '" name="h', $k. $j. $z[1], '" value="', htmlspecialchars(isset($_POST['h'. $k. $j. $z[1]][0]) ? $_POST['h'. $k. $j. $z[1]] : $z[2]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />';
php-htmlawed-1.1.20/htmLawedTest.php-552-    }    
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-556- elseif(ctype_digit($v[3])){ // input text
php-htmlawed-1.1.20/htmLawedTest.php:557:  echo '<input type="text" size="', $v[3], '" name="h', $k, '" value="', htmlspecialchars(isset($_POST['h'. $k][0]) ? $_POST['h'. $k] : $v[1]), '"', (isset($v['d']) ? ' disabled="disabled"' : ''), ' />';  
php-htmlawed-1.1.20/htmLawedTest.php-558- }
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-561-}
php-htmlawed-1.1.20/htmLawedTest.php:562:echo '</ul></td></tr><tr><td><span style="vertical-align: top;" class="help" title="$spec argument: element-specific attribute rules">Spec:</span></td><td><textarea name="spec" id="spec" cols="70" rows="3" style="width:80%;">', htmlspecialchars((isset($_POST['spec']) ? $_POST['spec'] : '')), '</textarea></td></tr></table>';
php-htmlawed-1.1.20/htmLawedTest.php-563-?>
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-602- $et = microtime();
php-htmlawed-1.1.20/htmLawedTest.php:603: echo '<br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'inputR\'); return false;"><span class="notice">Input code &raquo;</span></a> <span class="help" title="tags estimated as half of total &gt; and &lt; chars; values may be inaccurate for non-ASCII text"><small><big>', strlen($_POST['text']), '</big> chars, ~<big>', ($tag = round((substr_count($_POST['text'], '>') + substr_count($_POST['text'], '<'))/2)), '</big> tag', ($tag > 1 ? 's' : ''), '</small>&nbsp;</span><div id="inputR" style="display: none;">', format($_POST['text']), '</div><script type="text/javascript">hl(\'inputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'inputD\'); return false;"><span class="notice">Input binary &raquo;&nbsp;</span></a><div id="inputD" style="display: none;">'. hexdump($_POST['text']). '</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] finalized internal settings as interpreted by htmLawed; for developers" onclick="javascript:toggle(\'settingF\'); return false;"><span class="notice">Finalized internal settings &raquo;&nbsp;</span></a> <div id="settingF" style="display: none;">$config: ', str_replace(array('    ', "\t", '  '), array('  ', '&nbsp;  ', '&nbsp; '), nl2br(htmlspecialchars(print_r($GLOBALS['hlcfg']['config'], true)))), '<br />$spec: ', str_replace(array('    ', "\t", '  '), array('  ', '&nbsp;  ', '&nbsp; '), nl2br(htmlspecialchars(print_r($GLOBALS['hlcfg']['spec'], true)))), '</div><script type="text/javascript">hl(\'settingF\');</script>', '<br /><a href="htmLawedTest.php" title="[toggle visibility] suitable for copy-paste" onclick="javascript:toggle(\'outputF\'); return false;"><span class="notice">Output &raquo;</span></a> <span class="help" title="approx., server-specific value excluding the \'include()\' call"><small>htmLawed processing time <big>', number_format(((substr($et,0,9)) + (substr($et,-10)) - (substr($st,0,9)) - (substr($st,-10))),4), '</big> s</small></span>', (($mem = memory_get_peak_usage()) !== false ? '<span class="help"><small>, peak memory usage <big>'. round(($mem-$pre_mem)/1048576, 2). '</big> <small>MB</small>' : ''), '</small></span><div id="outputF"  style="display: block;"><div><textarea id="text2" class="textarea" name="text2" rows="5" cols="100" style="width: 100%;">', htmlspecialchars($out), '</textarea></div><button type="button" onclick="javascript:document.getElementById(\'text2\').focus();document.getElementById(\'text2\').select()" title="select all to copy" style="float:right;">Select all</button>';
php-htmlawed-1.1.20/htmLawedTest.php-604- if($_w3c_validate && $validation)
##############################################
php-htmlawed-1.1.20/htmLawedTest.php-612- }
php-htmlawed-1.1.20/htmLawedTest.php:613: echo '</div><br /><a href="htmLawedTest.php" title="[toggle visibility] syntax-highlighted" onclick="javascript:toggle(\'outputR\'); return false;"><span class="notice">Output code &raquo;</span></a><div id="outputR" style="display: block;">', format($out), '</div><script type="text/javascript">hl(\'outputR\');</script>', (!isset($_POST['text'][$_hlimit]) ? ' <a href="htmLawedTest.php" title="[toggle visibility] hexdump; non-viewable characters like line-returns are shown as dots" onclick="javascript:toggle(\'outputD\'); return false;"><span class="notice">Output binary &raquo;</span></a><div id="outputD" style="display: none;">'. hexdump($out). '</div>' : ''), ' <a href="htmLawedTest.php" title="[toggle visibility] inline output-input diff; might not be perfectly accurate, semantically or otherwise " onclick="javascript:toggle(\'diff\'); diffLaunch(); return false;"><span class="notice">Diff &raquo;</span></a> <div id="diff" style="display: none;"></div><br /><a href="htmLawedTest.php" title="[toggle visibility] XHTML 1 Transitional doctype" onclick="javascript:toggle(\'outputH\'); return false;"><span class="notice">Output rendered &raquo;</span></a><div id="outputH" style="display: block;">', $out, '</div>';
php-htmlawed-1.1.20/htmLawedTest.php-614-}
##############################################
php-htmlawed-1.1.20/htmLawed_README.txt-1707-
php-htmlawed-1.1.20/htmLawed_README.txt:1708:  `Finalized` '$config' and '$spec' are made *global variables* while htmLawed is at work. Values of any pre-existing global variables with same names are noted, and their values are restored after htmLawed finishes processing the input (to capture the `finalized` values, the 'show_settings' parameter of '$config' should be used). Depending on '$config', another global variable 'hl_Ids', to track 'id' attribute values for uniqueness, may be set. Unlike the other two variables, this one is not reset (or unset) post-processing.
php-htmlawed-1.1.20/htmLawed_README.txt-1709-