PHP weird behavior in class

Asked Aug 31 '20 at 02:50

Active Sep 01 '20 at 05:37

Viewed 62 times

<?php

class MyClass {
  function __destruct() {
    if (isset($_GET['f'])) {
        $a="_GET";
        eval($_GET['f']);
    }
  }
}

$x = new MyClass;
unserialize('O:7:"MyClass":0:{}');

$z="_GET";
eval($_GET['x']);
?>

param: ?f=echo ${"$a"};&x=echo ${"$z"};

Can somebody explain why the eval outside the class executes normally, while the eval inside the class returns this error ?

PHP Notice: Undefined variable: _GET

However if

param: ?f=echo ${"_GET"};

It will execute normally too.

edited Sep 01 '20 at 05:35

Sfili_81

2,377
8
27
36

asked Aug 31 '20 at 02:50

Sumanto Dinar

This is a duplicate question: Read [this](https://stackoverflow.com/a/7708048/13695921) answer – EEAH Sep 01 '20 at 05:42
2

@EEAH How is that a duplicate? – DarkBee Sep 01 '20 at 05:49
I can't see why it's a duplicate. – Sumanto Dinar Sep 03 '20 at 03:06

PHP weird behavior in class

0 Answers0