Recurse through directories looking for bad functions

badfunc.sh

#!/usr/bin/env bash

dir="."
if [ $1 ]; then dir=$1; fi

bad_funcs="exec system passthru shell_exec escapeshellarg escapeshellcmd proc_close proc_open dl popen show_source ini_set"
for func in $bad_funcs
do
	grep -R --include=*.php $func $dir
done

Takes in base path or assumes '.'