Quines for PHP
A quine is a piece of code that executes to produce itself. This is a self displaying code. The execution of the code outputs the same source code, before it was executed. No changes happened, and one may run it again, to the same result.
While this code curiosity has rare direct applications, the challenge leads to interesting cases and manipulations. Here are a few of them.
Quine with print()
<?php $code = '<?php $code = %s; printf($code, 39, $code, 39); '; printf($code, 39, $code, 39);
The $code variable contains the source code as a string, with %s as a placeholder for where $codewill be inserted.
The printf() function uses %s to format the string, and the 39 arguments represent the ASCII value for single quotes '. So, printf($code, 39, $code, 39) effectively wraps $code in quotes for the output. When executed, this script outputs its own source code exactly as written, fulfilling the quine requirement. This is a straightforward and compact quine, relying on string formatting to replicate itself.
A Quine Using var_export
Another pragmatic approach is to use var_export(), which outputs a parseable string representation of a variable. Here’s an example:
<?php $a = '<?php $a = %s; echo sprintf($a, var_export($a, true));'; echo sprintf($a, var_export($a, true));
The $a variable holds the source code template with a %s placeholder. var_export($a, true)generates a string representation of $a, including quotes, which is then inserted into the template using sprintf(). When executed, echo outputs the entire script, matching the source code. This method is similar to the first but uses var_export() to handle the string representation of the code, which can be particularly useful for ensuring the output is a valid PHP string.
A Quine With a Function and getdefinedvars()
Here’s a more creative approach using a function and PHP’s getdefinedvars to access the source code:
<?php function q() { $v = get_defined_vars(); echo "<?php\nfunction q() {\n \$v = get_defined_vars();\n echo \$v['s'];\n}\n\$s = " . var_export($v['s'], true) . ";\nq();\n"; } $s = "<?php\nfunction q() {\n \$v = get_defined_vars();\n echo \$v['s'];\n}\n\$s = " . var_export($s, true) . ";\nq();\n"; q();
The function q() uses get_defined_vars() to access all variables in its scope, including $s, which contains the source code. The $s variable is a string that includes the entire script, with var_export()used to properly format $s within itself. When q()is called, it outputs the value of $s, which is the source code itself. This quine is more complex because it uses a function and PHP’s introspection capabilities, but it still achieves the same goal.
A Quine Using File Reading
Some quines cheat by reading their own source file, though this is often disallowed in strict quine competitions because it uses external input (the file itself). Still, it’s a common technique in PHP:
<?php echo file_get_contents(__FILE__);
FILE is a PHP magic constant that gives the full path to the current script.file_get_contents(__FILE__) reads the script’s source code and echo outputs it. This outputs the exact source code, but it’s considered a “cheating quine” because it relies on reading the file rather than generating the code internally.
Quine with PHP native functions
This is a quine by Tim Bond. It is based on reading the source of the quine in a file, but without file_get_contents(), and with a twist.
<?php echo html_entity_decode(strip_tags(highlight_file($_SERVER['SCRIPT_FILENAME'], true)));
The file is read with highlight_file(), but cleaned into text with strip_tags() and html_entity_decode(). This is quite a detour to read the source, but it works flawlessly.
Quine and chr()
A nice and rather unreadable quine from Zuchmanski.
<? $a='chr(60).chr(63).chr(10).chr(36).chr(97).chr(61).chr(39).$a.chr(39).chr(59).chr(10)."echo $a;".chr(10).chr(63).chr(62)'; echo chr(60).chr(63).chr(10).chr(36).chr(97).chr(61).chr(39).$a.chr(39).chr(59).chr(10)."echo $a;".chr(10).chr(63).chr(62); ?>
This quine is based on the ASCII representation of the code, which is turned into actual characters with the chr() function, and then glued together with the concatenation. With a bit of ASCII knowledge, you will find the characters to write a (aka, 97) or ' (39, as seen previously). The code is injected in a variable, then echo-ed to the output again later.
Quine and chr()
Here is the quine that waited for years to be published, by Benoit Viguier.
<?=(fn($s)=>"<?=$s(\x27$s\x27)?>")('(fn($s)=>"<?=$s(\x27$s\x27)?>")')?>
It is based on arrow functions: look among the pile of punctuations, the arrow function (fn($s)) is defined, then immediately called upon itself, with the code in a string. The quotes are hidden with a character sequence \x27, and there is not a single semi colon in sight. Quite a feat for the PHP parser!
PHP Quine
There are many ways to create a quine in PHP. echo or print for the display, and a duplication of the code in a variable which is later displayed. The result is quite fascinating: it is a fixed point, and it is guaranteed to exists, thanks to PHP being a language Turing complete!
Now, where will we use these in an actual application?