defuse · September 21, 2013 20:39
diff --git a/quine.php b/quine.php
 <?php

 /* Escaping Challenge: Make a PHP script that (Z:) generates JavaScript code
 * that generates an HTML page containing a PHP script that (goto Z) */

 /* The purpose of this challenge is to demonstrate how complicated escaping can
 * get when you're trying to combine 4 different languages (PHP, JavaScript,
 * HTML, and string literals). */

 function js_string_escape($data)
 {
    $safe = "";
    for($i = 0; $i < strlen($data); $i++)
    {
        if(ctype_alnum($data[$i]))
            $safe .= $data[$i];
        else
            $safe .= sprintf("\\x%02X", ord($data[$i]));
    }
    return $safe;
 } 

 function javascriptify($str) {
    return $script;
 }

 echo "<html><body><script>\n";
 echo "var x = \"<pre>" . js_string_escape(htmlentities(file_get_contents(__FILE__), ENT_QUOTES)) . "</pre>\";\n";
 echo "document.body.innerHTML = x;\n";
 echo "</script></body></html>";

 ?>
	<?php

	/* Escaping Challenge: Make a PHP script that (Z:) generates JavaScript code
	* that generates an HTML page containing a PHP script that (goto Z) */

	/* The purpose of this challenge is to demonstrate how complicated escaping can
	* get when you're trying to combine 4 different languages (PHP, JavaScript,
	* HTML, and string literals). */

	function js_string_escape($data)
	{
	$safe = "";
	for($i = 0; $i < strlen($data); $i++)
	{
	if(ctype_alnum($data[$i]))
	$safe .= $data[$i];
	else
	$safe .= sprintf("\\x%02X", ord($data[$i]));
	}
	return $safe;
	}

	function javascriptify($str) {
	return $script;
	}

	echo "<html><body><script>\n";
	echo "var x = \"<pre>" . js_string_escape(htmlentities(file_get_contents(__FILE__), ENT_QUOTES)) . "</pre>\";\n";
	echo "document.body.innerHTML = x;\n";
	echo "</script></body></html>";

	?>