Samy Ghannad

One liner Grep Command for PHP Code Reviews

I was reviewing a huge spaghetti PHP repo some days back and I needed to have a general understanding of what’s what.
So I compiled a list of things I was interested in and made a grep command to search for them.
This is not by any means complete, at least not in its current form, I’m just leaving it here for future references, I may change/update it later on.
It might also help someone too.\

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
grep -inr \
-e "phpinfo"   \
-e "echo"  \
-e  "\$_GET" \
-e  "\$_POST" \
-e  "\$_REQUEST" \
-e  "\$_SERVER" \
-e  "shell_exec(" \
-e  "system("\
-e  "exec("\
-e  "popen("\
-e  "passthru("\
-e  "proc_open("\
-e  "pcntl_exec("\
-e  "eval("\
-e  "assert(" \
-e  "preg_replace" \
-e  "create_function(" \
-e  "\$sql" \
-e  "debug" \
-e  "file_include" \
-e  "include" \
-e  "require" \
-e  "require_once" \
-e  "file_get_contents" \
-e  "require_once" \
-e  "require_once" \
--exclude="*.js"   --exclude=\*.{md,scss,css,json,js,map,sql,xml,html,rb,sh,markdown,txt,less,yml,toml,config,}  --exclude-dir={node_modules,assets}  .