Functions and Statements which will spread the tainted mark of a tainted string

    Function/StatementSince
    = (assign)0.1.0
    . (concat)0.1.0
    "{$var}" (variable substitution)0.1.0
    .= (assign concat)0.1.0
    strval0.3.0
    explode/split0.3.0
    implode/join0.3.0
    sprintf0.3.0
    vsprintf0.3.0
    trim0.4.0
    rtrim0.4.0
    ltrim0.4.0
    strstr0.5.0
    str_pad0.5.0
    str_replace0.5.0
    substr0.5.0
    strtolower0.5.0
    strtoupper0.5.0
    To Top