Better parsing of the rules

Thanks to this huge commit from @xXx-caillou-xXx, we can now write amazingly flexible rules.

90 files changed, 1449 insertions, 227 deletions

diff --git a/doc/source/config.rst b/doc/source/config.rst
index 41863c8..ceb23bb 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -255,7 +255,7 @@ In the situation where you have a call to ``system()`` that lacks proper user-in
 ::
    
   # Allow `id.php` to restrict system() calls to `id`
-  sp.disable_function.function("system").filename("id.php").param("cmd").value("id").allow();
+  sp.disable_function.function("system").filename("id.php").param("$cmd").value("id").allow();
   sp.disable_function.function("system").filename("id.php").drop()
 
 Of course, this is a trivial example,  a lot can be achieved with this feature, as you will see below.
@@ -281,6 +281,8 @@ Filters
 - ``value(value)``: match on a literal ``value``
 - ``value_r(regexp)``: match on a value matching the ``regexp``
 - ``var(name)``: match on a **local variable** ``name``
+- ``key(name)``: match on the presence of ``name`` as a key in the hashtable
+- ``key_r(regexp)``: match with ``regexp`` on keys in the hashtable
 
 The ``type`` must be one of the following values:
 
@@ -312,11 +314,11 @@ The ``function`` filter is able to do various dereferencing:
 
 The ``param`` filter is also able to do some dereferencing:
 
-- ``param(foo[bar])`` will get a match on the value corresponding to the ``bar`` key in the hashtable ``foo``.
+- ``param($foo[bar])`` will get a match on the value corresponding to the ``bar`` key in the hashtable ``foo``.
   Remember that in PHP, almost every data structure is a hashtable. You can of course nest this like
-  ``param(foo[bar][baz][batman])``.
+  ``param($foo[bar][$object->array['123']][$batman])``.
 - The ``var`` filter will walk the calltrace until it finds the variable name, or the end of the calltrace,
-  allowing the filter to match global variables: ``.var("_GET[param]")`` will match on the GET parameter ``param``.
+  allowing the filter to match global variables: ``.var("$_GET[\"param\"]")`` will match on the GET parameter ``param``.
 
 The ``filename`` filter requires a leading ``/``, since paths are absolutes (like ``/var/www/mywebsite/lib/parse.php``).
 If you would like to have only one configuration file for several vhost in different folders,
@@ -351,9 +353,9 @@ The following rules will:
 
 ::
 
-  sp.disable_function.function("system").param("cmd").value("id").allow();
-  sp.disable_function.function("system").param("cmd").value_r("^ping").drop().simulation();
-  sp.disable_function.function("system").param("cmd").drop();
+  sp.disable_function.function("system").param("$cmd").value("id").allow();
+  sp.disable_function.function("system").param("$cmd").value_r("^ping").drop().simulation();
+  sp.disable_function.function("system").param("$cmd").drop();
 
 Miscellaneous examples
 """"""""""""""""""""""
diff --git a/src/config.m4 b/src/config.m4
index 8fa22c5..b2c6ed5 100644
--- a/src/config.m4
+++ b/src/config.m4
@@ -5,7 +5,7 @@ sources="snuffleupagus.c sp_config.c sp_config_utils.c sp_harden_rand.c"
 sources="$sources sp_unserialize.c sp_utils.c sp_disable_xxe.c sp_list.c"
 sources="$sources sp_disabled_functions.c sp_execute.c sp_upload_validation.c"
 sources="$sources sp_cookie_encryption.c sp_network_utils.c tweetnacl.c"
-sources="$sources sp_config_keywords.c"
+sources="$sources sp_config_keywords.c sp_var_parser.c sp_var_value.c sp_tree.c"
 
 PHP_ARG_ENABLE(snuffleupagus, whether to enable snuffleupagus support,
 [  --enable-snuffleupagus           Enable snuffleupagus support])
diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h
index 2ad412d..bccf998 100644
--- a/src/php_snuffleupagus.h
+++ b/src/php_snuffleupagus.h
@@ -26,6 +26,7 @@
 #include "zend_extensions.h"
 
 #include "sp_list.h"
+#include "sp_var_parser.h"
 #include "sp_config.h"
 #include "sp_config_utils.h"
 #include "sp_config_keywords.h"
diff --git a/src/sp_config.c b/src/sp_config.c
index 2432cc4..bed81bc 100644
--- a/src/sp_config.c
+++ b/src/sp_config.c
@@ -189,6 +189,10 @@ void sp_disabled_function_list_free(sp_node_t* list) {
       sp_disabled_function* df = cursor->data;
       if (df && df->functions_list)
           sp_list_free(df->functions_list);
+      if (df) {
+        sp_tree_free(df->param);
+        sp_tree_free(df->var);
+      }
       cursor = cursor->next;
   }
 }
diff --git a/src/sp_config.h b/src/sp_config.h
index 8ef62a2..127c557 100644
--- a/src/sp_config.h
+++ b/src/sp_config.h
@@ -78,7 +78,7 @@ typedef struct {
   char *hash;
   int simulation;
 
-  char *param;
+  sp_tree *param;
   pcre *r_param;
   sp_php_type param_type;
   int pos;
@@ -91,6 +91,9 @@ typedef struct {
   pcre *value_r;
   char *value;
 
+  pcre *r_key;
+  char *key;
+
   char *dump;
   char *alias;
   bool param_is_array;
@@ -100,7 +103,7 @@ typedef struct {
 
   bool allow;
 
-  char *var;
+  sp_tree *var;
 
   sp_cidr *cidr;
 } sp_disabled_function;
@@ -193,6 +196,8 @@ typedef struct {
 #define SP_TOKEN_RET_TYPE ".ret_type("
 #define SP_TOKEN_VALUE ".value("
 #define SP_TOKEN_VALUE_REGEXP ".value_r("
+#define SP_TOKEN_KEY ".key("
+#define SP_TOKEN_KEY_REGEXP ".key_r("
 #define SP_TOKEN_VALUE_ARG_POS ".pos("
 #define SP_TOKEN_LINE_NUMBER ".line("
 
diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c
index dd9a880..2d294ee 100644
--- a/src/sp_config_keywords.c
+++ b/src/sp_config_keywords.c
@@ -178,7 +178,7 @@ int parse_cookie(char *line) {
 int parse_disabled_functions(char *line) {
   int ret = 0;
   bool enable = true, disable = false, allow = false, drop = false;
-  char *pos = NULL;
+  char *pos = NULL, *var = NULL, *param = NULL;
   char *line_number = NULL;
   sp_disabled_function *df = pecalloc(sizeof(*df), 1, 1);
   df->pos = -1;
@@ -196,16 +196,18 @@ int parse_disabled_functions(char *line) {
       {parse_empty, SP_TOKEN_ALLOW, &(allow)},
       {parse_empty, SP_TOKEN_DROP, &(drop)},
       {parse_str, SP_TOKEN_HASH, &(df->hash)},
-      {parse_str, SP_TOKEN_PARAM, &(df->param)},
+      {parse_str, SP_TOKEN_PARAM, &(param)},
       {parse_regexp, SP_TOKEN_VALUE_REGEXP, &(df->value_r)},
       {parse_str, SP_TOKEN_VALUE, &(df->value)},
+      {parse_str, SP_TOKEN_KEY, &(df->key)},
+      {parse_regexp, SP_TOKEN_KEY_REGEXP, &(df->r_key)},
       {parse_regexp, SP_TOKEN_PARAM_REGEXP, &(df->r_param)},
       {parse_php_type, SP_TOKEN_PARAM_TYPE, &(df->param_type)},
       {parse_str, SP_TOKEN_RET, &(df->ret)},
       {parse_cidr, SP_TOKEN_CIDR, &(df->cidr)},
       {parse_regexp, SP_TOKEN_RET_REGEXP, &(df->r_ret)},
       {parse_php_type, SP_TOKEN_RET_TYPE, &(df->ret_type)},
-      {parse_str, SP_TOKEN_LOCAL_VAR, &(df->var)},
+      {parse_str, SP_TOKEN_LOCAL_VAR, &(var)},
       {parse_str, SP_TOKEN_VALUE_ARG_POS, &(pos)},
       {parse_str, SP_TOKEN_LINE_NUMBER, &(line_number)},
       {0}};
@@ -229,9 +231,10 @@ int parse_disabled_functions(char *line) {
   MUTUALLY_EXCLUSIVE(df->r_function, df->function, "r_function", "function");
   MUTUALLY_EXCLUSIVE(df->filename, df->r_filename, "r_filename", "filename");
   MUTUALLY_EXCLUSIVE(df->ret, df->r_ret, "r_ret", "ret");
+  MUTUALLY_EXCLUSIVE(df->key, df->r_key, "r_key", "key");
 #undef MUTUALLY_EXCLUSIVE
 
-  if (1 < ((df->r_param ? 1 : 0) + (df->param ? 1 : 0) +
+  if (1 < ((df->r_param ? 1 : 0) + (param ? 1 : 0) +
            ((-1 != df->pos) ? 1 : 0))) {
     sp_log_err(
         "config",
@@ -239,7 +242,13 @@ int parse_disabled_functions(char *line) {
         "'.r_param', '.param' and '.pos' are mutually exclusive on line %zu.",
         line, sp_line_no);
     return -1;
-  } else if ((df->r_ret || df->ret) && (df->r_param || df->param)) {
+  } else if ((df->r_key || df->key) && (df->value_r || df->value)) {
+    sp_log_err("config",
+               "Invalid configuration line: 'sp.disabled_functions%s':"
+               "`key` and `value` are mutually exclusive on line %zu.",
+               line, sp_line_no);
+    return -1;
+  } else if ((df->r_ret || df->ret) && (df->r_param || param)) {
     sp_log_err("config",
                "Invalid configuration line: 'sp.disabled_functions%s':"
                "`ret` and `param` are mutually exclusive on line %zu.",
@@ -293,22 +302,28 @@ int parse_disabled_functions(char *line) {
     df->functions_list = parse_functions_list(df->function);
   }
 
-  if (df->param && strchr(df->param, '[')) {  // assume that this is an array
-    df->param_array_keys = sp_list_new();
-    if (0 != array_to_list(&df->param, &df->param_array_keys)) {
-      pefree(df->param_array_keys, 1);
+  if (param) {
+    df->param = parse_var(param);
+    if (!df->param) {
+      sp_log_err("config", "Invalid value '%s' for `param` on line %zu.",
+                 param, sp_line_no);
       return -1;
     }
-    df->param_is_array = 1;
   }
 
-  if (df->var && strchr(df->var, '[')) {  // assume that this is an array
-    df->var_array_keys = sp_list_new();
-    if (0 != array_to_list(&df->var, &df->var_array_keys)) {
-      pefree(df->var_array_keys, 1);
+  if (var) {
+    if (*var) {
+      df->var = parse_var(var);
+      if (!df->var) {
+        sp_log_err("config", "Invalid value '%s' for `var` on line %zu.",
+                   var, sp_line_no);
+        return -1;
+      }
+    } else {
+      sp_log_err("config", "Empty value in `var` on line %zu.",
+                 sp_line_no);
       return -1;
     }
-    df->var_is_array = 1;
   }
 
   switch (get_construct_type(df)) {
diff --git a/src/sp_config_utils.c b/src/sp_config_utils.c
index 1a797e5..ddd2e05 100644
--- a/src/sp_config_utils.c
+++ b/src/sp_config_utils.c
@@ -133,50 +133,6 @@ char *get_param(size_t *consumed, char *restrict line, sp_type type,
   return NULL;
 }
 
-// FIXME this is leaking like hell @blotus
-int array_to_list(char **name_ptr, sp_node_t **keys) {
-  int in_key = 0;
-  size_t i = 0;
-  char *name = *name_ptr;
-  char *key_name = ecalloc(strlen(name) + 1, 1);  // im way too lazy for
-                                                       // now
-  char *tmp = ecalloc(strlen(name) + 1, 1);
-
-  for (i = 0; name[i] != '['; i++) {
-    tmp[i] = name[i];
-  }
-  tmp[i] = 0;
-
-  for (size_t j = 0; name[i]; i++) {
-    const char c = name[i];
-    if (c == '[') {
-      if (in_key == 0) {
-        in_key = 1;
-      } else {
-        efree(key_name);
-        return -1;
-      }
-    } else if (c == ']') {
-      if (in_key == 0) {
-        efree(key_name);
-        return -1;
-      } else {
-        in_key = 0;
-        j = 0;
-        sp_list_insert(*keys, pestrdup(key_name, 1));
-        memset(key_name, 0, strlen(name) + 1);
-      }
-    } else if (in_key == 1) {
-      key_name[j] = c;
-      j++;
-    }
-  }
-  efree(key_name);
-  *name_ptr = pestrdup(tmp, 1);
-  return in_key;
-}
-
-
 zend_always_inline sp_node_t *parse_functions_list(char *value) {
   const char *sep = ">";
 
diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c
index b7050da..c749040 100644
--- a/src/sp_cookie_encryption.c
+++ b/src/sp_cookie_encryption.c
@@ -8,9 +8,9 @@ static zend_long nonce_d = 0;
 
 static inline void generate_key(unsigned char *key) {
   PHP_SHA256_CTX ctx;
-  const char *user_agent = sp_getenv("HTTP_USER_AGENT");
+  const char *user_agent = getenv("HTTP_USER_AGENT");
   const char *env_var =
-    sp_getenv(SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var);
+    getenv(SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var);
   const char *encryption_key =
       SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key;
 
diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c
index 6c180aa..c7974ff 100644
--- a/src/sp_disabled_functions.c
+++ b/src/sp_disabled_functions.c
@@ -64,43 +64,30 @@ end:
 static bool is_local_var_matching(
     zend_execute_data* execute_data,
     const sp_disabled_function* const config_node) {
-  zend_execute_data* orig_execute_data = execute_data;
+  zval *var_value;
 
-  /*because execute_data points to hooked function data,
-   which we dont care about */
-  zend_execute_data* current = execute_data->prev_execute_data;
-  zval* value = NULL;
-
-  while (current) {
-    zend_string* key = NULL;
-    EG(current_execute_data) = current;
-    zend_array* symtable = zend_rebuild_symbol_table();
-    ZEND_HASH_FOREACH_STR_KEY_VAL(symtable, key, value) {
-      if (0 == strcmp(config_node->var, key->val)) {  // is the var name right?
-        if (Z_TYPE_P(value) == IS_INDIRECT) {
-          value = Z_INDIRECT_P(value);
-        }
-        if (Z_TYPE_P(value) != IS_ARRAY) {
-          char* var_value_str = sp_convert_to_string(value);
-          if (true == sp_match_value(var_value_str, config_node->value,
-                                     config_node->value_r)) {
-            efree(var_value_str);
-            EG(current_execute_data) = orig_execute_data;
-            return true;
-          }
-          efree(var_value_str);
-        } else {
-          EG(current_execute_data) = orig_execute_data;
-          return sp_match_array_key_recurse(value, config_node->var_array_keys,
-                                            config_node->value, NULL);
-        }
+  var_value = get_value(execute_data, config_node->var, false);
+  if (var_value) {
+    char *var_value_str = sp_convert_to_string(var_value);
+    if (Z_TYPE_P(var_value) == IS_ARRAY) {
+      if (config_node->key || config_node->r_key) {
+        if (sp_match_array_key(var_value, config_node->key,
+                               config_node->r_key)) {
+          efree(var_value_str);
+          return true;
+        }
+      } else if (sp_match_array_value(var_value, config_node->value,
+                                      config_node->value_r)) {
+        efree(var_value_str);
+        return true;
       }
+    } else if (sp_match_value(var_value_str, config_node->value,
+                              config_node->value_r)) {
+      efree(var_value_str);
+      return true;
     }
-    ZEND_HASH_FOREACH_END();
-    current = current->prev_execute_data;
+    efree(var_value_str);
   }
-
-  EG(current_execute_data) = orig_execute_data;
   return false;
 }
 
@@ -128,6 +115,7 @@ static bool is_param_matching(zend_execute_data* execute_data,
                               const char** arg_value_str) {
   int nb_param = execute_data->func->common.num_args;
   int i = 0;
+  zval *arg_value;
 
   if (config_node->pos != -1) {
     if (config_node->pos <= nb_param) {
@@ -154,7 +142,7 @@ static bool is_param_matching(zend_execute_data* execute_data,
     *arg_value_str = builtin_param;
     return sp_match_value(builtin_param, config_node->value,
                           config_node->value_r);
-  } else {
+  } else if (config_node->r_param || config_node->pos != -1) {
     // We're matching on a function (and not a language construct)
     for (; i < nb_param; i++) {
       if (ZEND_USER_CODE(execute_data->func->type)) {  // yay consistency
@@ -162,49 +150,63 @@ static bool is_param_matching(zend_execute_data* execute_data,
       } else {
         *arg_name = execute_data->func->internal_function.arg_info[i].name;
       }
-
-      const bool arg_matching =
-          config_node->param && (0 == strcmp(*arg_name, config_node->param));
-      const bool pcre_matching =
-          config_node->r_param &&
-          (true == is_regexp_matching(config_node->r_param, *arg_name));
+      const bool pcre_matching = config_node->r_param
+        && (true == is_regexp_matching(config_node->r_param, *arg_name));
 
       /* This is the parameter name we're looking for. */
-      if (true == arg_matching || true == pcre_matching ||
-          (config_node->pos != -1)) {
-        zval* arg_value = ZEND_CALL_VAR_NUM(execute_data, i);
+      if (true == pcre_matching || config_node->pos != -1) {
+        arg_value = ZEND_CALL_VAR_NUM(execute_data, i);
 
         if (config_node->param_type) {  // Are we matching on the `type`?
           if (config_node->param_type == Z_TYPE_P(arg_value)) {
-            return true;
-          }
-        } else if (Z_TYPE_P(arg_value) == IS_ARRAY) {
-          *arg_value_str = estrdup("Array");
-          // match on arr -> match on all key content, if a key is an array,
-          // ignore it
-          // match on arr[foo] -> match only on key foo, if the key is an
-          // array, match on all keys content
-          if (config_node->param_is_array == true) {
-            if (true == sp_match_array_key_recurse(
-                            arg_value, config_node->param_array_keys,
-                            config_node->value, config_node->value_r)) {
-              return true;
-            }
-          } else {  // match on all keys, but don't go into subarray
-            if (true == sp_match_array_key(arg_value, config_node->value,
-                                           config_node->value_r)) {
-              return true;
-            }
-          }
-        } else {
-          *arg_value_str = sp_convert_to_string(arg_value);
-          if (true == sp_match_value(*arg_value_str, config_node->value,
-                                     config_node->value_r)) {
+            return true;
+          }
+        } else if (Z_TYPE_P(arg_value) == IS_ARRAY) {
+          *arg_value_str = sp_convert_to_string(arg_value);
+          if (config_node->key || config_node->r_key) {
+            if (sp_match_array_key(arg_value, config_node->key,
+                                   config_node->r_key)) {
+              return true;
+            }
+          } else if (sp_match_array_value(arg_value, config_node->value,
+                                          config_node->value_r)) {
+            return true;
+          }
+        } else {
+          *arg_value_str = sp_convert_to_string(arg_value);
+          if (sp_match_value(*arg_value_str, config_node->value,
+                             config_node->value_r)) {
             return true;
           }
         }
       }
     }
+  } else if (config_node->param) {
+    *arg_name = config_node->param->value;
+    arg_value = get_value(execute_data, config_node->param, true);
+
+    if (arg_value) {
+      *arg_value_str = sp_convert_to_string(arg_value);
+      if (config_node->param_type) {  // Are we matching on the `type`?
+        if (config_node->param_type
+            && config_node->param_type == Z_TYPE_P(arg_value)) {
+          return true;
+        }
+      } else if (Z_TYPE_P(arg_value) == IS_ARRAY) {
+        if (config_node->key || config_node->r_key) {
+          if (sp_match_array_key(arg_value, config_node->key,
+                                 config_node->r_key)) {
+            return true;
+          }
+        } else if (sp_match_array_value(arg_value, config_node->value,
+                                        config_node->value_r)) {
+          return true;
+        }
+      } else if (sp_match_value(*arg_value_str, config_node->value,
+                                config_node->value_r)) {
+        return true;
+      }
+    }
   }
   return false;
 }
@@ -214,7 +216,7 @@ bool should_disable(zend_execute_data* execute_data, const char* builtin_name,
   char current_file_hash[SHA256_SIZE * 2 + 1] = {0};
   const sp_node_t* config = get_config_node(builtin_name);
   char* complete_path_function = get_complete_function_path(execute_data);
-  char const* client_ip = sp_getenv("REMOTE_ADDR");
+  char const* client_ip = getenv("REMOTE_ADDR");
   const char* current_filename;
 
   if (!config || !config->data) {
diff --git a/src/sp_list.c b/src/sp_list.c
index c671f51..70d0ebe 100644
--- a/src/sp_list.c
+++ b/src/sp_list.c
@@ -17,6 +17,34 @@ sp_node_t *sp_list_new() {
   return new;
 }
 
+// Thanks to https://en.wikipedia.org/wiki/Insertion_sort :>
+sp_node_t *sp_list_sort(sp_node_t *pList, int (*cmp_func)(sp_node_t *, sp_node_t *)) {
+  sp_node_t *head = NULL;
+
+  if (pList == NULL || pList->next == NULL) {
+    return pList;
+  }
+  while (pList != NULL) {
+    sp_node_t *current = pList;
+    pList = pList->next;
+    if (head == NULL || 0 > cmp_func(current, head)) {
+      current->next = head;
+      head = current;
+    } else {
+      sp_node_t *p = head;
+      while (p != NULL) {
+        if (p->next == NULL || 0 > cmp_func(current, p->next)) {
+          current->next = p->next;
+          p->next = current;
+          break;
+        }
+        p = p->next;
+      }
+    }
+  }
+  return head;
+}
+
 void sp_list_insert(sp_node_t *list, void *data) {
   if (list->head == NULL) {
     list->data = data;
diff --git a/src/sp_list.h b/src/sp_list.h
index dda139f..7878f78 100644
--- a/src/sp_list.h
+++ b/src/sp_list.h
@@ -9,6 +9,7 @@ typedef struct sp_node_s {
 } sp_node_t;
 
 sp_node_t *sp_list_new();
+sp_node_t *sp_list_sort(sp_node_t *, int (*)(sp_node_t *, sp_node_t *));
 void sp_list_insert(sp_node_t *, void *);
 void sp_list_free(sp_node_t *);
 void sp_list_prepend(sp_node_t *, void *);
diff --git a/src/sp_tree.c b/src/sp_tree.c
new file mode 100644
index 0000000..328a919
--- /dev/null
+++ b/src/sp_tree.c
@@ -0,0 +1,20 @@
+#include "php_snuffleupagus.h"
+
+void sp_tree_free(sp_tree *tree) {
+  while (tree) {
+    sp_tree *tmp;
+    pefree(tree->value, 1);
+    sp_tree_free(tree->idx);
+    tmp = tree;
+    tree = tree->next;
+    pefree(tmp, 1);
+  }
+}
+
+sp_tree *sp_tree_new() {
+  sp_tree *new = pecalloc(sizeof(sp_tree), 1, 1);
+  new->next = new->idx = NULL;
+  new->value = NULL;
+  new->type = 0;
+  return new;
+}
diff --git a/src/sp_upload_validation.c b/src/sp_upload_validation.c
index 731a737..0010984 100644
--- a/src/sp_upload_validation.c
+++ b/src/sp_upload_validation.c
@@ -51,7 +51,7 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) {
       cmd[2] = NULL;
 
       spprintf(&env[0], 0, "SP_FILENAME=%s", filename);
-      spprintf(&env[1], 0, "SP_REMOTE_ADDR=%s", sp_getenv("REMOTE_ADDR"));
+      spprintf(&env[1], 0, "SP_REMOTE_ADDR=%s", getenv("REMOTE_ADDR"));
       spprintf(&env[2], 0, "SP_CURRENT_FILE=%s",
                zend_get_executed_filename(TSRMLS_C));
       spprintf(&env[3], 0, "SP_FILESIZE=%zu", filesize);
@@ -77,7 +77,7 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) {
       int waitstatus;
       wait(&waitstatus);
       if (WEXITSTATUS(waitstatus) != 0) {  // Nope
-        char *uri = sp_getenv("REQUEST_URI");
+        char *uri = getenv("REQUEST_URI");
         int sim = SNUFFLEUPAGUS_G(config).config_upload_validation->simulation;
         sp_log_msg("upload_validation", sim?SP_LOG_SIMULATION:SP_LOG_DROP,
           "The upload of %s on %s was rejected.", filename, uri?uri:"?");
diff --git a/src/sp_utils.c b/src/sp_utils.c
index 1ed770b..3fe2e44 100644
--- a/src/sp_utils.c
+++ b/src/sp_utils.c
@@ -25,20 +25,11 @@ void sp_log_msg(char const *feature, char const *level, const char* fmt, ...) {
   vspprintf(&msg, 0, fmt, args);
   va_end(args);
 
-  char const * const client_ip = sp_getenv("REMOTE_ADDR");
+  char const * const client_ip = getenv("REMOTE_ADDR");
   _sp_log_err("[snuffleupagus][%s][%s][%s] %s", client_ip?client_ip:"0.0.0.0",
     feature, level, msg);
 }
 
-
-zend_always_inline char* sp_getenv(char* var) {
-  if (sapi_module.getenv) {
-    return sapi_module.getenv(ZEND_STRL(var));
-  } else {
-    return getenv(var);
-  }
-}
-
 zend_always_inline int is_regexp_matching(const pcre* regexp, const char* str) {
   int vec[30];
   int ret = 0;
@@ -278,63 +269,50 @@ void sp_log_disable_ret(const char* restrict path,
   }
 }
 
-int sp_match_array_key(const zval* zv, const char* to_match, const pcre* rx) {
+bool sp_match_array_key(const zval* zv, const char* to_match, const pcre* rx) {
   zend_string* key;
-  zval* value;
-  char* arg_value_str;
+  zend_ulong idx;
 
-  ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(zv), key, value) {
-    if (Z_TYPE_P(value) == IS_ARRAY) {
-      continue;
-    }
-    arg_value_str = sp_convert_to_string(value);
-    if (!sp_match_value(arg_value_str, to_match, rx)) {
-      efree(arg_value_str);
-      continue;
+  ZEND_HASH_FOREACH_KEY(Z_ARRVAL_P(zv), idx, key) {
+    if (key) {
+      if (sp_match_value(ZSTR_VAL(key), to_match, rx)) {
+        return true;
+      }
     } else {
-      efree(arg_value_str);
-      return 1;
+      char *idx_str = NULL;
+
+      // Could use a log.
+      idx_str = emalloc(snprintf(NULL, 0, "%lu", idx));
+      sprintf(idx_str, "%lu", idx);
+      if (sp_match_value(idx_str, to_match, rx)) {
+        efree(idx_str);
+        return true;
+      }
+      efree(idx_str);
     }
   }
   ZEND_HASH_FOREACH_END();
-
-  (void)key;  // silence a compiler warning
-
-  return 0;
+  return false;
 }
 
-int sp_match_array_key_recurse(const zval* arr, sp_node_t* keys,
-                               const char* to_match, const pcre* rx) {
-  zend_string* key;
+bool sp_match_array_value(const zval* arr, const char* to_match, const pcre* rx) {
   zval* value;
-  sp_node_t* current = keys;
-  if (current == NULL) {
-    return 0;
-  }
-  ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL_P(arr), key, value) {
-    if (Z_TYPE_P(value) == IS_ARRAY && !strcmp(ZSTR_VAL(key), current->data)) {
-      return sp_match_array_key_recurse(value, current->next, to_match, rx);
-    }
-    if (!strcmp(ZSTR_VAL(key), current->data) && current->next == NULL) {
-      if (!to_match && !rx) {
-        return 1;
-      }
-      if (Z_TYPE_P(value) == IS_ARRAY) {
-        return sp_match_array_key(value, to_match, rx);
+
+  ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(arr), value) {
+    if (Z_TYPE_P(value) != IS_ARRAY) {
+      char *value_str = sp_convert_to_string(value);
+      if (sp_match_value(value_str, to_match, rx)) {
+        efree(value_str);
+        return true;
       } else {
-        char *value_str = sp_convert_to_string(value);
-        if (sp_match_value(value_str, to_match, rx)) {
-          efree(value_str);
-          return 1;
-        } else {
-          efree (value_str);
-          return 0;
-        }
+        efree (value_str);
       }
+    } else if (sp_match_array_value(value, to_match, rx)) {
+      return true;
     }
   }
   ZEND_HASH_FOREACH_END();
-  return 0;
+  return false;
 }
 
 
diff --git a/src/sp_utils.h b/src/sp_utils.h
index a17ac4f..e54f307 100644
--- a/src/sp_utils.h
+++ b/src/sp_utils.h
@@ -57,14 +57,12 @@ void sp_log_msg(char const *feature, char const *level, const char* fmt, ...);
 int compute_hash(const char *const filename, char *file_hash);
 char *sp_convert_to_string(zval *);
 bool sp_match_value(const char *, const char *, const pcre *);
-int sp_match_array_key(const zval *, const char *, const pcre *);
-int sp_match_array_key_recurse(const zval *, sp_node_t *, const char *,
-                               const pcre *);
+bool sp_match_array_key(const zval *, const char *, const pcre *);
+bool sp_match_array_value(const zval *, const char *, const pcre *);
 void sp_log_disable(const char *restrict, const char *restrict,
                     const char *restrict, const sp_disabled_function *);
 void sp_log_disable_ret(const char *restrict, const char *restrict,
                         const sp_disabled_function *);
-char *sp_getenv(char *);
 int is_regexp_matching(const pcre *, const char *);
 int hook_function(const char *, HashTable *,
                   void (*)(INTERNAL_FUNCTION_PARAMETERS), bool);
diff --git a/src/sp_var_parser.c b/src/sp_var_parser.c
new file mode 100644
index 0000000..bc0a80e
--- /dev/null
+++ b/src/sp_var_parser.c
@@ -0,0 +1,247 @@
+#include "php_snuffleupagus.h"
+
+static int parse_str_tokens(const char *str, const sp_token_t token,
+                            sp_node_t *tokens_list) {
+  const char *cur_str = str;
+
+  while ((cur_str = strchr(cur_str, token.token[0]))) {
+    if (0 == strncmp(cur_str, token.token, strlen(token.token))) {
+      sp_token_t *token_elm = pecalloc(sizeof(sp_token_t), 1, 1);
+      token_elm->pos = cur_str - str;
+      token_elm->token = token.token;
+      token_elm->type = token.type;
+      sp_list_insert(tokens_list, token_elm);
+      cur_str += strlen(token.token);
+    } else {
+      cur_str++;
+    }
+  }
+  return 0;
+}
+
+static bool is_var_name_valid(const char *name) {
+  static pcre *regexp_const = NULL;
+  static pcre *regexp_var = NULL;
+  const char *pcre_error;
+  int pcre_error_offset;
+
+  if (!name) {
+    return false;
+  }
+  if (NULL == regexp_var || NULL == regexp_const) {
+    regexp_var = sp_pcre_compile(REGEXP_VAR, PCRE_CASELESS, &pcre_error,
+                                 &pcre_error_offset, NULL);
+    regexp_const = sp_pcre_compile(REGEXP_CONST, PCRE_CASELESS, &pcre_error,
+                                   &pcre_error_offset, NULL);
+  }
+  if (NULL == regexp_var || NULL == regexp_const) {
+    sp_log_err("config", "Could not compile regexp.");
+    return false;
+  }
+  if (0 > sp_pcre_exec(regexp_var, NULL, name, strlen(name), 0, 0, NULL, 0)
+      && 0 > sp_pcre_exec(regexp_const, NULL, name, strlen(name), 0, 0, NULL, 0)) {
+    return false;
+  }
+  return true;
+}
+
+static int create_var(sp_tree *tree, const char *restrict value,
+                      size_t value_len, elem_type _type, const char *restrict idx) {
+  sp_tree *var_node = NULL;
+
+  if (!tree) {
+    return -1;
+  }
+  if (tree->next == NULL && tree->type == 0) {
+    var_node = tree;
+  } else {
+    var_node = pecalloc(sizeof(sp_tree), 1, 1);
+  }
+
+  var_node->value = NULL;
+  var_node->next = NULL;
+  var_node->idx = NULL;
+  var_node->type = _type;
+  // Check if a constant is a variable
+  if (value && value[0] == VARIABLE_TOKEN && _type == CONSTANT) {
+    var_node->type = VAR;
+  }
+  if (!(var_node->value = pestrndup(value, value_len, 1))) {
+    sp_log_err("config", "Can't allocate a strndup");
+    return -1;
+  }
+  if (var_node->type != STRING_DELIMITER && !is_var_name_valid(var_node->value)) {
+    sp_log_err("config", "Invalid var name: %s.", var_node->value);
+    return -1;
+  }
+  var_node->idx = parse_var(idx);
+
+  if (tree != var_node) {
+    while (tree->next) {
+      tree = tree->next;
+    }
+    tree->next = var_node;
+  }
+  return 0;
+}
+
+int cmp_tokens(sp_node_t *list1, sp_node_t *list2) {
+  return (((sp_token_t *)list1->data)->pos
+          - ((sp_token_t *)list2->data)->pos);
+}
+
+static int is_next_token_empty(sp_token_t *token, sp_token_t *token_next,
+                               const char * restrict str) {
+  if ((token_next && token_next->pos == token->pos + strlen(token->token))
+      || (!token_next && token->pos == strlen(str) - strlen(token->token))) {
+    return -1;
+  }
+  return 0;
+}
+
+static int is_token_valid(sp_node_t *tokens_list, elem_type ignore,
+                          int array_count, const char * restrict str,
+                          size_t pos) {
+  sp_token_t *token = (sp_token_t *)tokens_list->data;
+  sp_token_t *token_next = NULL;
+
+  if (tokens_list->next) {
+    token_next = (sp_token_t *)tokens_list->next->data;
+  }
+  switch (token->type) {
+    case ESC_STRING_DELIMITER:
+    case STRING_DELIMITER:
+      if (ignore == token->type) {
+        if (token_next) {
+          if (token_next->pos != token->pos + 1) {
+            return -1;
+          }
+        } else if (token->pos != strlen(str) - 1) {
+          return -1;
+        }
+      }
+      break;
+    case ARRAY_END:
+      if (!ignore) {
+        if (array_count < 1) {
+          return -1;
+        } else if (token_next) {
+          if (token_next->type == STRING_DELIMITER
+              || token_next->type == ESC_STRING_DELIMITER) {
+            return -1;
+          }
+        } else if (token->pos != strlen(str) - strlen(token->token)) {
+          return -1;
+        }
+      }
+      break;
+    case OBJECT:
+      if (!ignore && -1 == is_next_token_empty(token, token_next, str)) {
+        return -1;
+      }
+      if (pos == 0 && *str != VARIABLE_TOKEN) {
+        return -1;
+      }
+      break;
+    case CLASS:
+      if (!ignore && -1 == is_next_token_empty(token, token_next, str)) {
+        return -1;
+      }
+      break;
+    default:
+      break;
+  }
+  return 0;
+}
+
+static sp_tree *parse_tokens(const char * restrict str,
+                                     sp_node_t *tokens_list) {
+  size_t pos = 0;
+  int array_count = 0, pos_idx_start = -1;
+  elem_type ignore = 0;
+  sp_tree *tree = sp_tree_new();
+
+  for (; tokens_list && tokens_list->data; tokens_list = tokens_list->next) {
+    sp_token_t *token = (sp_token_t *)tokens_list->data;
+    size_t value_len;
+    char *idx = NULL;
+
+    if (-1 == is_token_valid(tokens_list, ignore, array_count, str, pos)) {
+      sp_log_err("config", "Invalid `%s` position.", token->token);
+      goto error;
+    }
+    if (token->type == STRING_DELIMITER || token->type == ESC_STRING_DELIMITER) {
+      pos = (!ignore && !array_count) ? pos + strlen(token->token) : pos;
+      ignore = (!ignore) ? token->type : (ignore == token->type) ? 0 : ignore;
+      token->type = STRING_DELIMITER;
+    }
+    if (ignore == 0) {
+      if (token->type == ARRAY) {
+        pos_idx_start = (array_count) ? pos_idx_start :
+          (int)(token->pos + strlen(token->token));
+        array_count++;
+      } else if (token->type == ARRAY_END) {
+        array_count--;
+        token->type = ARRAY;
+      }
+      if (array_count == 0) {
+        value_len = token->pos - pos;
+        if (token->type == ARRAY) {
+          value_len -= strlen(token->token);
+        }
+        if (pos_idx_start > 0) {
+          idx = estrndup(&(str[pos_idx_start]), token->pos - pos_idx_start);
+          value_len -= token->pos - pos_idx_start;
+        }
+        if (create_var(tree, &str[pos], value_len, token->type, idx)) {
+          goto error;
+        }
+        efree(idx);
+        pos = token->pos + strlen(token->token);
+        pos_idx_start = -1;
+      }
+    }
+  }
+
+  if (ignore != 0 || array_count != 0) {
+error:
+    sp_tree_free(tree);
+    return NULL;
+  }
+  if (pos != strlen(str)
+      && create_var(tree, &str[pos], strlen(str) - pos, CONSTANT, NULL)) {
+    goto error;
+  }
+  return tree;
+}
+
+sp_tree *parse_var(const char *line) {
+  sp_node_t *tokens_list = NULL;
+  sp_tree *tree = NULL;
+  const sp_token_t delimiter_list[] = {
+    {.type=OBJECT, .token=OBJECT_TOKEN},
+    {.type=ARRAY, .token=ARRAY_TOKEN},
+    {.type=ARRAY_END, .token=ARRAY_END_TOKEN},
+    {.type=STRING_DELIMITER, .token=STRING_TOKEN},
+    {.type=ESC_STRING_DELIMITER, .token=ESC_STRING_TOKEN},
+    {.type=CLASS, .token=CLASS_TOKEN}
+  };
+
+
+  if (!line) {
+    return NULL;
+  }
+  tokens_list = sp_list_new();
+  for (unsigned int i = 0; i < sizeof(delimiter_list) / sizeof(sp_token_t); i++) {
+    parse_str_tokens(line, delimiter_list[i], tokens_list);
+  }
+  tokens_list = sp_list_sort(tokens_list, cmp_tokens);
+  tree = parse_tokens(line, tokens_list);
+  sp_list_free(tokens_list);
+  // Check if tree is empty.
+  if (tree && tree->next == NULL && tree->type == 0) {
+    tree->type = CONSTANT;
+    tree->value = pestrdup("", 1);
+  }
+  return tree;
+}
diff --git a/src/sp_var_parser.h b/src/sp_var_parser.h
new file mode 100644
index 0000000..eec1d06
--- /dev/null
+++ b/src/sp_var_parser.h
@@ -0,0 +1,51 @@
+#ifndef SP_VAR_PARSER_H
+# define SP_VAR_PARSER_H
+# include "php_snuffleupagus.h"
+# include "sp_list.h"
+
+typedef enum {
+  OBJECT = 1,
+  ARRAY,
+  ARRAY_END,
+  STRING_DELIMITER,
+  CLASS,
+  VAR,
+  ESC_STRING_DELIMITER,
+  CONSTANT
+} elem_type;
+
+typedef struct sp_token_s {
+  elem_type type;
+  char *token;
+  unsigned int pos;
+} sp_token_t;
+
+typedef struct parser_s {
+  elem_type type;
+  char *value;
+  struct parser_s *idx;
+  struct parser_s *next;
+} sp_tree;
+
+zval *get_value(zend_execute_data *, const sp_tree *, bool);
+sp_tree *sp_tree_new();
+sp_tree *parse_var(const char *);
+void print_type_list(const char *, sp_tree*, int);
+void sp_tree_free(sp_tree *);
+
+# define OBJECT_TOKEN "->"
+# define ARRAY_TOKEN "["
+# define ARRAY_END_TOKEN "]"
+# define STRING_TOKEN "\""
+# define ESC_STRING_TOKEN "\'"
+# define CLASS_TOKEN "::"
+
+# define VARIABLE_TOKEN '$'
+
+# define PRIVATE_PROP_FMT "%c%s%c%s"
+# define PROTECTED_PROP_FMT "%c*%c%s"
+
+# define REGEXP_VAR "^\\$[a-z_][a-z0-9_]*$"
+# define REGEXP_CONST "^[a-z_0-9\\\\]*$"
+
+#endif
diff --git a/src/sp_var_value.c b/src/sp_var_value.c
new file mode 100644
index 0000000..304ece9
--- /dev/null
+++ b/src/sp_var_value.c
@@ -0,0 +1,226 @@
+#include "php_snuffleupagus.h"
+
+static zval *get_param_var(zend_execute_data *ed, const char *var_name) {
+  unsigned int nb_param = ed->func->common.num_args;
+
+  for (unsigned int i = 0; i < nb_param; i++) {
+    const char *arg_name;
+    if (ZEND_USER_CODE(ed->func->type)) {
+      arg_name = ZSTR_VAL(ed->func->common.arg_info[i].name);
+    } else {
+      arg_name = ed->func->internal_function.arg_info[i].name;
+    }
+    if (0 == strcmp(arg_name, var_name)) {
+      return ZEND_CALL_VAR_NUM(ed, i);
+    }
+  }
+  return NULL;
+}
+
+static zval *get_local_var(zend_execute_data *ed, const char *var_name) {
+  zend_execute_data *orig_execute_data = ed;
+  zend_execute_data *current = ed;
+  zval *value = NULL;
+
+  while (current) {
+    zend_string* key = NULL;
+    EG(current_execute_data) = current;
+    zend_array* symtable = zend_rebuild_symbol_table();
+    ZEND_HASH_FOREACH_STR_KEY_VAL(symtable, key, value) {
+      if (0 == strcmp(var_name, key->val)) {
+        if (Z_TYPE_P(value) == IS_INDIRECT) {
+          value = Z_INDIRECT_P(value);
+        }
+        EG(current_execute_data) = orig_execute_data;
+        return value;
+      }
+    }
+    ZEND_HASH_FOREACH_END();
+    current = current->prev_execute_data;
+  }
+  EG(current_execute_data) = orig_execute_data;
+  return NULL;
+}
+
+static zval *get_constant(const char *value) {
+  zend_string *name = zend_string_init(value, strlen(value), 0);
+  zval *zvalue = zend_get_constant_ex(name, NULL, 0);
+
+  zend_string_release(name);
+  return zvalue;
+}
+
+static zval *get_var_value(zend_execute_data *ed, const char *var_name,
+                           bool is_param) {
+  zval *zvalue = NULL;
+
+  if (!var_name) {
+    return NULL;
+  }
+  if (*var_name != VARIABLE_TOKEN) {
+    return get_constant(var_name);
+  } else {
+    var_name++;
+  }
+  if (is_param) {
+    zvalue = get_param_var(ed, var_name);
+    if (!zvalue) {
+      return get_local_var(ed, var_name);
+    }
+    return zvalue;
+  }
+  return get_local_var(ed, var_name);
+}
+
+static void *get_entry_hashtable(const HashTable *ht, const char *entry,
+                                 size_t entry_len) {
+  zval *zvalue = zend_hash_str_find(ht, entry, entry_len);
+
+  if (!zvalue) {
+    zvalue = zend_hash_index_find(ht, atol(entry));
+  }
+  while (zvalue && (Z_TYPE_P(zvalue) == IS_INDIRECT
+                    || Z_TYPE_P(zvalue) == IS_PTR)) {
+    if (Z_TYPE_P(zvalue) == IS_INDIRECT) {
+      zvalue = Z_INDIRECT_P(zvalue);
+    } else {
+      zvalue = Z_PTR_P(zvalue);
+    }
+  }
+  return zvalue;
+}
+
+static zval *get_array_value(zend_execute_data *ed, zval *zvalue,
+                             const sp_tree *tree) {
+  zval *idx_value, *ret = NULL;
+  char *idx = NULL;
+
+  idx_value = get_value(ed, tree->idx, false);
+  if (!zvalue || !idx_value) {
+    return NULL;
+  }
+  if (Z_TYPE_P(zvalue) == IS_ARRAY) {
+    idx = sp_convert_to_string(idx_value);
+    ret = get_entry_hashtable(Z_ARRVAL_P(zvalue), idx, strlen(idx));
+    efree(idx);
+  }
+  return ret;
+}
+
+static zval *get_object_property(zend_execute_data *ed, zval *object,
+                                 const char *property, bool is_param) {
+  char *class_name = object->value.obj->ce->name->val;
+  HashTable *array = Z_OBJPROP_P(object);
+  zval *zvalue = NULL;
+  zval *property_val = get_var_value(ed, property, is_param);
+  size_t len;
+
+  if (property_val) {
+    if (Z_TYPE_P(property_val) != IS_STRING) {
+      return NULL;
+    } else {
+      property = Z_STRVAL_P(property_val);
+    }
+  }
+  zvalue = get_entry_hashtable(array, property, strlen(property));
+  if (!zvalue) {
+    char *protected_property = emalloc(strlen(property) + 4);
+    len = sprintf(protected_property, PROTECTED_PROP_FMT, 0, 0, property);
+    zvalue = get_entry_hashtable(array, protected_property, len);
+    efree(protected_property);
+  }
+  if (!zvalue) {
+    char *private_property = emalloc(strlen(class_name) + 3 + strlen(property));
+    len = sprintf(private_property, PRIVATE_PROP_FMT, 0, class_name, 0, property);
+    zvalue = get_entry_hashtable(array, private_property, len);
+    efree(private_property);
+  }
+  return zvalue;
+}
+
+static zend_class_entry *get_class(const char *value) {
+  zend_string *name;
+  zend_class_entry *ce;
+
+  name = zend_string_init(value, strlen(value), 0);
+  ce = zend_lookup_class(name);
+  zend_string_release(name);
+  return ce;
+}
+
+static zval *get_unknown_type(const char *restrict value, zval *zvalue,
+                              zend_class_entry *ce, zend_execute_data *ed,
+                              const sp_tree *tree, bool is_param) {
+  if (ce) {
+    zvalue = get_entry_hashtable(&ce->constants_table, value, strlen(value));
+    ce = NULL;
+  } else if (zvalue && Z_TYPE_P(zvalue) == IS_OBJECT && value[0]) {
+    zvalue = get_object_property(ed, zvalue, value, is_param);
+  } else if (!tree->next && !zvalue) {
+    if (tree->type == CONSTANT) {
+      zvalue = get_constant(value);
+    }
+    if (!zvalue) {
+      zvalue = emalloc(sizeof(zval));
+      zvalue->value.str = zend_string_init(value, strlen(value), 0);
+      zvalue->u1.v.type = IS_STRING;
+    }
+  } else {
+    return NULL;
+  }
+  return zvalue;
+}
+
+zval *get_value(zend_execute_data *ed, const sp_tree *tree,
+                bool is_param) {
+  zval *zvalue = NULL;
+  zend_class_entry *ce = NULL;
+
+  while (tree) {
+    switch (tree->type) {
+      case ARRAY:
+        if (ce) {
+          zvalue = get_entry_hashtable(&ce->constants_table, tree->value,
+                                       strlen(tree->value));
+          ce = NULL;
+        } else if (!zvalue) {
+          zvalue = get_var_value(ed, tree->value, is_param);
+        } else if (Z_TYPE_P(zvalue) == IS_OBJECT) {
+          zvalue = get_object_property(ed, zvalue, tree->value, is_param);
+        }
+        zvalue = get_array_value(ed, zvalue, tree);
+        break;
+      case VAR:
+        if (zvalue && Z_TYPE_P(zvalue) == IS_OBJECT) {
+          zvalue = get_object_property(ed, zvalue, tree->value, is_param);
+        } else {
+          zvalue = get_var_value(ed, tree->value, is_param);
+        }
+        break;
+      case OBJECT:
+        if (!zvalue) {
+          zvalue = get_var_value(ed, tree->value, is_param);
+        } else if (Z_TYPE_P(zvalue) == IS_OBJECT) {
+          if (0 != strlen(tree->value)) {
+            zvalue = get_object_property(ed, zvalue, tree->value, is_param);
+          }
+        } else {
+          return NULL;
+        }
+        break;
+      case CLASS:
+        ce = get_class(tree->value);
+        zvalue = NULL;
+        break;
+      default:
+        zvalue = get_unknown_type(tree->value, zvalue, ce, ed, tree, is_param);
+        ce = NULL;
+        break;
+    }
+    if (!zvalue && !ce) {
+      return NULL;
+    }
+    tree = tree->next;
+  }
+  return zvalue;
+}
diff --git a/src/tests/broken_conf_key_value.phpt b/src/tests/broken_conf_key_value.phpt
new file mode 100644
index 0000000..e9ee4a9
--- /dev/null
+++ b/src/tests/broken_conf_key_value.phpt
@@ -0,0 +1,9 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_key_value.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid configuration line: 'sp.disabled_functions.function("system").var("").value("").key("").drop();':`key` and `value` are mutually exclusive on line 1.
diff --git a/src/tests/broken_conf_local_var_1.phpt b/src/tests/broken_conf_local_var_1.phpt
new file mode 100644
index 0000000..a91d275
--- /dev/null
+++ b/src/tests/broken_conf_local_var_1.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_1.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `]` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value ']' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_10.phpt b/src/tests/broken_conf_local_var_10.phpt
new file mode 100644
index 0000000..8a7d9b9
--- /dev/null
+++ b/src/tests/broken_conf_local_var_10.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_10.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `]` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd[asd]asd' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_11.phpt b/src/tests/broken_conf_local_var_11.phpt
new file mode 100644
index 0000000..1817a3f
--- /dev/null
+++ b/src/tests/broken_conf_local_var_11.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_11.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `::` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd::' for `param` on line 1.
diff --git a/src/tests/broken_conf_local_var_12.phpt b/src/tests/broken_conf_local_var_12.phpt
new file mode 100644
index 0000000..0b52e2a
--- /dev/null
+++ b/src/tests/broken_conf_local_var_12.phpt
@@ -0,0 +1,9 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_12.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Empty value in `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_13.phpt b/src/tests/broken_conf_local_var_13.phpt
new file mode 100644
index 0000000..ca6be6d
--- /dev/null
+++ b/src/tests/broken_conf_local_var_13.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_13.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `->` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd->asd' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_14.phpt b/src/tests/broken_conf_local_var_14.phpt
new file mode 100644
index 0000000..cb7e455
--- /dev/null
+++ b/src/tests/broken_conf_local_var_14.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_14.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid var name: $i+valid var name .
+[snuffleupagus][0.0.0.0][config][error] Invalid value '$i+valid var name ' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_2.phpt b/src/tests/broken_conf_local_var_2.phpt
new file mode 100644
index 0000000..b67a492
--- /dev/null
+++ b/src/tests/broken_conf_local_var_2.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_2.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `"` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value '""asd' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_3.phpt b/src/tests/broken_conf_local_var_3.phpt
new file mode 100644
index 0000000..639d2ea
--- /dev/null
+++ b/src/tests/broken_conf_local_var_3.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_3.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `->` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value '$qwe->::' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_4.phpt b/src/tests/broken_conf_local_var_4.phpt
new file mode 100644
index 0000000..e50f9a6
--- /dev/null
+++ b/src/tests/broken_conf_local_var_4.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_4.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `"` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value '"asd"asd[]' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_5.phpt b/src/tests/broken_conf_local_var_5.phpt
new file mode 100644
index 0000000..0c0d59a
--- /dev/null
+++ b/src/tests/broken_conf_local_var_5.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_5.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `'` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value ''asd'asd[]' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_6.phpt b/src/tests/broken_conf_local_var_6.phpt
new file mode 100644
index 0000000..c51de24
--- /dev/null
+++ b/src/tests/broken_conf_local_var_6.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_6.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `'` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value '''asd' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_7.phpt b/src/tests/broken_conf_local_var_7.phpt
new file mode 100644
index 0000000..d3a0fa4
--- /dev/null
+++ b/src/tests/broken_conf_local_var_7.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_7.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `->` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd-->' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_8.phpt b/src/tests/broken_conf_local_var_8.phpt
new file mode 100644
index 0000000..749a1aa
--- /dev/null
+++ b/src/tests/broken_conf_local_var_8.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_8.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `]` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd[asd]"asd"' for `var` on line 1.
diff --git a/src/tests/broken_conf_local_var_9.phpt b/src/tests/broken_conf_local_var_9.phpt
new file mode 100644
index 0000000..6f706db
--- /dev/null
+++ b/src/tests/broken_conf_local_var_9.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Broken configuration
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/broken_conf_local_var_9.ini
+--FILE--
+--EXPECT--
+[snuffleupagus][0.0.0.0][config][error] Invalid `]` position.
+[snuffleupagus][0.0.0.0][config][error] Invalid value 'asd[asd]'asd'' for `var` on line 1.
diff --git a/src/tests/config/broken_conf_key_value.ini b/src/tests/config/broken_conf_key_value.ini
new file mode 100644
index 0000000..a0edaf2
--- /dev/null
+++ b/src/tests/config/broken_conf_key_value.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("").value("").key("").drop();
diff --git a/src/tests/config/broken_conf_local_var_1.ini b/src/tests/config/broken_conf_local_var_1.ini
new file mode 100644
index 0000000..ae5165c
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_1.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("]").drop();
diff --git a/src/tests/config/broken_conf_local_var_10.ini b/src/tests/config/broken_conf_local_var_10.ini
new file mode 100644
index 0000000..93dd07f
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_10.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]asd").drop();
diff --git a/src/tests/config/broken_conf_local_var_11.ini b/src/tests/config/broken_conf_local_var_11.ini
new file mode 100644
index 0000000..028b1bd
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_11.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").param("asd::").drop();
diff --git a/src/tests/config/broken_conf_local_var_12.ini b/src/tests/config/broken_conf_local_var_12.ini
new file mode 100644
index 0000000..a151960
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_12.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("").drop();
diff --git a/src/tests/config/broken_conf_local_var_13.ini b/src/tests/config/broken_conf_local_var_13.ini
new file mode 100644
index 0000000..e7c9778
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_13.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd->asd").drop();
diff --git a/src/tests/config/broken_conf_local_var_14.ini b/src/tests/config/broken_conf_local_var_14.ini
new file mode 100644
index 0000000..6c98ec3
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_14.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("$i+valid var name ").drop();
diff --git a/src/tests/config/broken_conf_local_var_2.ini b/src/tests/config/broken_conf_local_var_2.ini
new file mode 100644
index 0000000..145a3b5
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_2.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\"\"asd").drop();
diff --git a/src/tests/config/broken_conf_local_var_3.ini b/src/tests/config/broken_conf_local_var_3.ini
new file mode 100644
index 0000000..5d89076
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_3.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\$qwe->::").drop();
diff --git a/src/tests/config/broken_conf_local_var_4.ini b/src/tests/config/broken_conf_local_var_4.ini
new file mode 100644
index 0000000..3ec073b
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_4.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("\"asd\"asd[]").drop();
diff --git a/src/tests/config/broken_conf_local_var_5.ini b/src/tests/config/broken_conf_local_var_5.ini
new file mode 100644
index 0000000..cd350b6
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_5.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("'asd'asd[]").drop();
diff --git a/src/tests/config/broken_conf_local_var_6.ini b/src/tests/config/broken_conf_local_var_6.ini
new file mode 100644
index 0000000..02f4f1a
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_6.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("''asd").drop();
diff --git a/src/tests/config/broken_conf_local_var_7.ini b/src/tests/config/broken_conf_local_var_7.ini
new file mode 100644
index 0000000..abbd223
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_7.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd-->").drop();
diff --git a/src/tests/config/broken_conf_local_var_8.ini b/src/tests/config/broken_conf_local_var_8.ini
new file mode 100644
index 0000000..fd18487
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_8.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]\"asd\"").drop();
diff --git a/src/tests/config/broken_conf_local_var_9.ini b/src/tests/config/broken_conf_local_var_9.ini
new file mode 100644
index 0000000..a311b86
--- /dev/null
+++ b/src/tests/config/broken_conf_local_var_9.ini
@@ -0,0 +1 @@
+sp.disable_function.function("system").var("asd[asd]\'asd\'").drop();
diff --git a/src/tests/config/config_disabled_functions_local_var_array.ini b/src/tests/config/config_disabled_functions_local_var_array.ini
new file mode 100644
index 0000000..15dd5a1
--- /dev/null
+++ b/src/tests/config/config_disabled_functions_local_var_array.ini
@@ -0,0 +1 @@
+sp.disable_function.function("foo").var("$a[test2][foo]").value("aaa").drop();
diff --git a/src/tests/config/config_disabled_functions_local_var_array_key.ini b/src/tests/config/config_disabled_functions_local_var_array_key.ini
new file mode 100644
index 0000000..75c840d
--- /dev/null
+++ b/src/tests/config/config_disabled_functions_local_var_array_key.ini
@@ -0,0 +1 @@
+sp.disable_function.function("foo").var("$a[test2][foo]").key("aaa").drop();
diff --git a/src/tests/config/config_disabled_functions_name_type.ini b/src/tests/config/config_disabled_functions_name_type.ini
index 25bdf98..c25b92c 100644
--- a/src/tests/config/config_disabled_functions_name_type.ini
+++ b/src/tests/config/config_disabled_functions_name_type.ini
@@ -1 +1 @@
-sp.disable_function.function_r("^strcmp$").param("str1").param_type("array").drop();
+sp.disable_function.function_r("^strcmp$").param("$str1").param_type("array").drop();
diff --git a/src/tests/config/config_disabled_functions_nul_byte.ini b/src/tests/config/config_disabled_functions_nul_byte.ini
index d5eb847..e664cba 100644
--- a/src/tests/config/config_disabled_functions_nul_byte.ini
+++ b/src/tests/config/config_disabled_functions_nul_byte.ini
@@ -1 +1 @@
-sp.disable_function.function("system").param("command").value_r("id").drop();
\ No newline at end of file
+sp.disable_function.function("system").param("$command").value_r("id").drop();
diff --git a/src/tests/config/config_disabled_functions_param.ini b/src/tests/config/config_disabled_functions_param.ini
index 87f1b3c..dc1c949 100644
--- a/src/tests/config/config_disabled_functions_param.ini
+++ b/src/tests/config/config_disabled_functions_param.ini
@@ -1,6 +1,6 @@
-sp.disable_function.function("system").param("command").value_r("^id$").alias("1").drop();
-sp.disable_function.function("array_sum").param("array").value_r("^8$").alias("2").drop();
-sp.disable_function.function("shell_exec").param("cmd").value("id").alias("3").drop();
-sp.disable_function.function("shell_exec").param("cmd").value("bla").alias("4").drop();
-sp.disable_function.function("strcmp").param("str1").value("bla").alias("5").drop().simulation();
-sp.disable_function.function("strncmp").param("str1").value("bla").drop().simulation();
+sp.disable_function.function("system").param("$command").value_r("^id$").alias("1").drop();
+sp.disable_function.function("array_sum").param("$array").value_r("^8$").alias("2").drop();
+sp.disable_function.function("shell_exec").param("$cmd").value("id").alias("3").drop();
+sp.disable_function.function("shell_exec").param("$cmd").value("bla").alias("4").drop();
+sp.disable_function.function("strcmp").param("$str1").value("bla").alias("5").drop().simulation();
+sp.disable_function.function("strncmp").param("$str1").value("bla").drop().simulation();
diff --git a/src/tests/config/config_disabled_functions_param_allow.ini b/src/tests/config/config_disabled_functions_param_allow.ini
index 8e139e4..27d919a 100644
--- a/src/tests/config/config_disabled_functions_param_allow.ini
+++ b/src/tests/config/config_disabled_functions_param_allow.ini
@@ -1,3 +1,3 @@
-sp.disable_function.function("system").param("command").value("echo win").filename("/test.php").drop();
-sp.disable_function.function("system").param("command").value("echo win").allow();
+sp.disable_function.function("system").param("$command").value("echo win").filename("/test.php").drop();
+sp.disable_function.function("system").param("$command").value("echo win").allow();
 sp.disable_function.function("system").drop();
diff --git a/src/tests/config/config_disabled_functions_param_array.ini b/src/tests/config/config_disabled_functions_param_array.ini
index 0589ad8..6fe0615 100644
--- a/src/tests/config/config_disabled_functions_param_array.ini
+++ b/src/tests/config/config_disabled_functions_param_array.ini
@@ -1,4 +1,7 @@
-sp.disable_function.function("foo").param("arr").value("abcd").alias("1").drop();
-sp.disable_function.function("foo").param("arr[bla]").value("abcdef").alias("2").drop();
-sp.disable_function.function("foo").param("arr[test]").alias("3").drop();
-sp.disable_function.function("foo").param("arr[test2][foo][lol]").value("aaa").alias("4").drop();
+sp.disable_function.function("foo").param("$arr[a]").value("abcd").alias("1").drop();
+sp.disable_function.function("foo").param("$arr[bla]").value("abcdef").alias("2").drop();
+sp.disable_function.function("foo").param("$arr[test]").alias("3").drop();
+sp.disable_function.function("foo").param("$arr[test2][foo]").value("aaa").alias("4").drop();
+sp.disable_function.function("foo").param("$arr[test2][bar]").key("lol").alias("5").drop();
+sp.disable_function.function("foo").param("$arr[test2][bar]").key("123").alias("6").drop();
+sp.disable_function.function("foo").param("$qwe[a]").value("abcd").alias("7").drop();
diff --git a/src/tests/config/config_disabled_functions_param_int.ini b/src/tests/config/config_disabled_functions_param_int.ini
index 1c93c2f..2a7d962 100644
--- a/src/tests/config/config_disabled_functions_param_int.ini
+++ b/src/tests/config/config_disabled_functions_param_int.ini
@@ -1,2 +1,2 @@
-sp.disable_function.function("foobar").param("id").value("42").drop();
-sp.disable_function.function("foobar").param("id").value_r("^1337").drop();
+sp.disable_function.function("foobar").param("$id").value("42").drop();
+sp.disable_function.function("foobar").param("$id").value_r("^1337").drop();
diff --git a/src/tests/config/config_disabled_functions_param_r_array.ini b/src/tests/config/config_disabled_functions_param_r_array.ini
new file mode 100644
index 0000000..fcac71d
--- /dev/null
+++ b/src/tests/config/config_disabled_functions_param_r_array.ini
@@ -0,0 +1,2 @@
+sp.disable_function.function("foo").param_r("arr").value("abcd").alias("1").drop();
+sp.disable_function.function("foo").param_r("arr").key_r("abc").alias("2").drop();
diff --git a/src/tests/config/config_disabled_functions_param_runtime.ini b/src/tests/config/config_disabled_functions_param_runtime.ini
index e7a011f..e9d44a2 100644
--- a/src/tests/config/config_disabled_functions_param_runtime.ini
+++ b/src/tests/config/config_disabled_functions_param_runtime.ini
@@ -1 +1 @@
-sp.disable_function.function("test").param("param").value_r("1337").drop();
+sp.disable_function.function("test").param("$param").value_r("1337").drop();
diff --git a/src/tests/config/disabled_function_local_var.ini b/src/tests/config/disabled_function_local_var.ini
index cba2ae3..3d553c0 100644
--- a/src/tests/config/disabled_function_local_var.ini
+++ b/src/tests/config/disabled_function_local_var.ini
@@ -1,2 +1,10 @@
-sp.disable_function.function("phpinfo").var("b").value("1337").drop();
-sp.disable_function.function("strlen").var("a").value("1337").drop();
+sp.disable_function.function("phpinfo").var("$b").value("1337").drop();
+sp.disable_function.function("strlen").var("$a").value("1337").drop();
+sp.disable_function.function("strlen").var("$a['123']").value("block").drop();
+sp.disable_function.function("strlen").var("$a[$c]->prop").value("block").drop();
+sp.disable_function.function("strlen").var("$a->zxc").value("not a good value").drop();
+sp.disable_function.function("strlen").var("\\asd\\test_object::TEST_VALUE['constant']").value("no good").drop();
+sp.disable_function.function("strlen").var("\\asd\\test_object::TEST_VALUE").value("qwerty").drop();
+sp.disable_function.function("strlen").var("\\qwe\\ASD").value("qwerty").drop();
+sp.disable_function.function("strlen").var("\\qwe\\QWE['123']").value("asdfgh").drop();
+sp.disable_function.function("strlen").var("$qwe").value("block this").drop();
diff --git a/src/tests/config/disabled_function_local_var_2.ini b/src/tests/config/disabled_function_local_var_2.ini
new file mode 100644
index 0000000..e3e9ae6
--- /dev/null
+++ b/src/tests/config/disabled_function_local_var_2.ini
@@ -0,0 +1 @@
+sp.disable_function.function("strlen").var("$b['_GET[obj->nop]'][$b[456][$d->$idk->qwe[\\qwe\\UNE_CONSTANTE]]][$a]->uio").value("valeur de apres").drop();
diff --git a/src/tests/config/disabled_function_local_var_obj.ini b/src/tests/config/disabled_function_local_var_obj.ini
new file mode 100644
index 0000000..df6b617
--- /dev/null
+++ b/src/tests/config/disabled_function_local_var_obj.ini
@@ -0,0 +1,3 @@
+sp.disable_function.function("strlen").var("$test->$test_array").value("value").drop();
+sp.disable_function.function("strlen").var("$arg->$test_array").value("value").drop();
+sp.disable_function.function("strlen").var("$test->$arg").value("nop_object").drop();
diff --git a/src/tests/config/disabled_function_super_global_var.ini b/src/tests/config/disabled_function_super_global_var.ini
index feac314..178a01a 100644
--- a/src/tests/config/disabled_function_super_global_var.ini
+++ b/src/tests/config/disabled_function_super_global_var.ini
@@ -1 +1 @@
-sp.disable_function.function("strlen").var("_GET[bla]").value("test2").drop();
+sp.disable_function.function("strlen").var("$_GET[bla]").value("test2").drop();
diff --git a/src/tests/config/disabled_functions_pos.ini b/src/tests/config/disabled_functions_pos.ini
index e7d12a9..2b4650d 100644
--- a/src/tests/config/disabled_functions_pos.ini
+++ b/src/tests/config/disabled_functions_pos.ini
@@ -1,2 +1,3 @@
 sp.disable_function.function("system").pos("1337").value("id").drop();
 sp.disable_function.function("system").pos("0").value("id").drop();
+sp.disable_function.function("system").pos("1").param_type("ARRAY").alias("1").drop();
diff --git a/src/tests/disabled_function_local_var_10.phpt b/src/tests/disabled_function_local_var_10.phpt
new file mode 100644
index 0000000..538d693
--- /dev/null
+++ b/src/tests/disabled_function_local_var_10.phpt
@@ -0,0 +1,44 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php
+$qwe = Array('123' => Array('qwe'), '456' => Array('no block this'));
+var_dump($qwe);
+strlen("qwe");
+$qwe = Array('123' => Array('qwe'), '456' => Array(Array('block this')));
+var_dump($qwe);
+strlen("qwe");
+?>
+--EXPECTF--
+array(2) {
+  [123]=>
+  array(1) {
+    [0]=>
+    string(3) "qwe"
+  }
+  [456]=>
+  array(1) {
+    [0]=>
+    string(13) "no block this"
+  }
+}
+array(2) {
+  [123]=>
+  array(1) {
+    [0]=>
+    string(3) "qwe"
+  }
+  [456]=>
+  array(1) {
+    [0]=>
+    array(1) {
+      [0]=>
+      string(10) "block this"
+    }
+  }
+}
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_10.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_2.phpt b/src/tests/disabled_function_local_var_2.phpt
new file mode 100644
index 0000000..da0a3d2
--- /dev/null
+++ b/src/tests/disabled_function_local_var_2.phpt
@@ -0,0 +1,46 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php 
+$a = 1338;
+function test(){
+    echo strlen("id") . "\n";
+}
+echo "Value of a: $a\n";
+test();
+
+$a = Array();
+$a['qwe'] = 'block';
+$a['123'] = 'nop';
+echo "Value of a:\n";
+var_dump($a);
+test();
+
+$a['123'] = 'block';
+echo "Value of a:\n";
+var_dump($a);
+test();
+?>
+--EXPECTF--
+Value of a: 1338
+2
+Value of a:
+array(2) {
+  ["qwe"]=>
+  string(5) "block"
+  [123]=>
+  string(3) "nop"
+}
+2
+Value of a:
+array(2) {
+  ["qwe"]=>
+  string(5) "block"
+  [123]=>
+  string(5) "block"
+}
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_2.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_3.phpt b/src/tests/disabled_function_local_var_3.phpt
new file mode 100644
index 0000000..d26b636
--- /dev/null
+++ b/src/tests/disabled_function_local_var_3.phpt
@@ -0,0 +1,45 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php 
+function test(){
+    echo strlen("id") . "\n";
+}
+
+$a = Array();
+$c = '123';
+$a['qwe'] = 'qwe';
+$a['123'] = 'nop';
+echo "Value of a:\n";
+var_dump($a);
+test();
+
+$a[$c] = (Object)['prop' => 'block'];
+echo "Value of a:\n";
+var_dump($a);
+test();
+?>
+--EXPECTF--
+Value of a:
+array(2) {
+  ["qwe"]=>
+  string(3) "qwe"
+  [123]=>
+  string(3) "nop"
+}
+2
+Value of a:
+array(2) {
+  ["qwe"]=>
+  string(3) "qwe"
+  [123]=>
+  object(stdClass)#1 (1) {
+    ["prop"]=>
+    string(5) "block"
+  }
+}
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_3.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_4.phpt b/src/tests/disabled_function_local_var_4.phpt
new file mode 100644
index 0000000..ae8d713
--- /dev/null
+++ b/src/tests/disabled_function_local_var_4.phpt
@@ -0,0 +1,56 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var_2.ini
+--FILE--
+<?php 
+namespace qwe {
+  const UNE_CONSTANTE = 'constant';
+}
+namespace asd {
+$b = Array();
+$b['_GET[obj->nop]'] = Array();
+$b['_GET[obj->nop]']["qwe"] = Array();
+$b[456] = Array();
+$b[456]['zxc'] = "qwe";
+$b[456]['nop'] = "nop";
+$b['_GET[obj->nop]']["qwe"][321] = "Yeay";
+$b["123"] = "qwe";
+$b["123a"] = "foo";
+$b["asd"] = "zxc";
+$b['_GET[obj->nop]']["qwe"][1337] = (Object)(['uio' => "valeur de apres"]);
+$b['_GET[obj->nop]']["qwe"][1338] = (Object)(['uio' => "valeur de a"]);
+$c = (Object)(['qwe' => Array(\qwe\UNE_CONSTANTE => 'zxc')]);
+$idk = 'test_asd';
+$class_name = 'test_object';
+class test_object {
+  const TEST_VALUE = ['constant' => 'truc'];
+  private $asd = "qwe";
+  public $qwe = 'bar';
+  private $test_asd = '';
+  function __construct($asd) {
+    $this->test_asd = $asd;
+  }
+  function do_a_barell_roll() {
+    var_dump($this->test_asd);
+  }
+}
+$d = new test_object($c);
+$a = 1338;
+function test(){
+  strlen("qwe");
+}
+echo "Valeur: " . $b['_GET[obj->nop]']["qwe"][$a]->uio . "\n";
+test();
+
+$a = 1337;
+echo "Valeur: " . $b['_GET[obj->nop]']["qwe"][$a]->uio . "\n";
+test();
+}
+?>
+--EXPECTF--
+Valeur: valeur de a
+Valeur: valeur de apres
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_4.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_5.phpt b/src/tests/disabled_function_local_var_5.phpt
new file mode 100644
index 0000000..d82574d
--- /dev/null
+++ b/src/tests/disabled_function_local_var_5.phpt
@@ -0,0 +1,33 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php 
+function test(){
+    echo strlen("id") . "\n";
+}
+
+$a = Array();
+echo "Value of a:\n";
+var_dump($a);
+test();
+
+$a = (Object)['zxc' => 'not a good value'];
+echo "Value of a:\n";
+var_dump($a);
+test();
+?>
+--EXPECTF--
+Value of a:
+array(0) {
+}
+2
+Value of a:
+object(stdClass)#1 (1) {
+  ["zxc"]=>
+  string(16) "not a good value"
+}
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_5.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_6.phpt b/src/tests/disabled_function_local_var_6.phpt
new file mode 100644
index 0000000..90c1815
--- /dev/null
+++ b/src/tests/disabled_function_local_var_6.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php 
+namespace asd {
+function test(){
+  strlen("qwe");
+}
+echo "Valeur: " . \asd\test_object::TEST_VALUE['constant'] . "\n";
+test();
+class test_object {
+  const TEST_VALUE = ['constant' => 'no good'];
+  private $asd = "qwe";
+  public $qwe = 'bar';
+  private $test_asd = '';
+  function __construct($asd) {
+    $this->test_asd = $asd;
+  }
+  function do_a_barell_roll() {
+    var_dump($this->test_asd);
+  }
+}
+}
+?>
+--EXPECTF--
+Valeur: no good
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_6.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_7.phpt b/src/tests/disabled_function_local_var_7.phpt
new file mode 100644
index 0000000..7ab249a
--- /dev/null
+++ b/src/tests/disabled_function_local_var_7.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php
+namespace asd {
+function test(){
+  strlen("qwe");
+}
+echo "Valeur: " . \asd\test_object::TEST_VALUE . "\n";
+test();
+class test_object {
+  const TEST_VALUE = "qwerty";
+  private $asd = "qwe";
+  public $qwe = 'bar';
+  private $test_asd = '';
+  function __construct($asd) {
+    $this->test_asd = $asd;
+  }
+  function do_a_barell_roll() {
+    var_dump($this->test_asd);
+  }
+}
+}
+?>
+--EXPECTF--
+Valeur: qwerty
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_7.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_8.phpt b/src/tests/disabled_function_local_var_8.phpt
new file mode 100644
index 0000000..475b472
--- /dev/null
+++ b/src/tests/disabled_function_local_var_8.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php
+namespace qwe {
+  const ASD = 'qwerty';
+}
+namespace asd {
+  const asd = 'qwe';
+  echo "Valeur: " . \qwe\ASD . "\n";
+  strlen("qwe");
+}
+?>
+--EXPECTF--
+Valeur: qwerty
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_8.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_9.phpt b/src/tests/disabled_function_local_var_9.phpt
new file mode 100644
index 0000000..fb65bc4
--- /dev/null
+++ b/src/tests/disabled_function_local_var_9.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var.ini
+--FILE--
+<?php
+namespace qwe {
+  const QWE = Array('123'=>'asdfgh');
+}
+namespace asd {
+  const asd = 'qwe';
+  echo "Valeur: " . \qwe\QWE[123]. "\n";
+  strlen("qwe");
+}
+?>
+--EXPECTF--
+Valeur: asdfgh
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_9.php:%d has been disabled.
diff --git a/src/tests/disabled_function_local_var_obj.phpt b/src/tests/disabled_function_local_var_obj.phpt
new file mode 100644
index 0000000..868ea4c
--- /dev/null
+++ b/src/tests/disabled_function_local_var_obj.phpt
@@ -0,0 +1,25 @@
+--TEST--
+Disable functions - match on a local variable
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_local_var_obj.ini
+--FILE--
+<?php
+class test_class {
+  public $qwe = 'value';
+  function __construct($arg, $value) {
+    $this->$arg = $value;
+  }
+}
+
+$test_array = ['qwe'];
+$arg = 'qwe';
+$test = new test_class('qwe', 'qwe');
+echo strlen($test->$arg) . "\n";
+$test = new test_class('qwe', 'nop_object');
+echo strlen($test->$arg) . "\n";
+?>
+--EXPECTF--
+3
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strlen' in %a/tests/disabled_function_local_var_obj.php:%d has been disabled.
diff --git a/src/tests/disabled_functions_local_var_array.phpt b/src/tests/disabled_functions_local_var_array.phpt
new file mode 100644
index 0000000..2255cbf
--- /dev/null
+++ b/src/tests/disabled_functions_local_var_array.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_local_var_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "foo"=>Array("lol"=>"bbb")), "a"=>"cccc");
+foo($a);
+
+$a=Array("test2"=>Array("foo"=>Array("lol"=>"aaa")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_local_var_array.php:3 has been disabled.
diff --git a/src/tests/disabled_functions_local_var_array_key.phpt b/src/tests/disabled_functions_local_var_array_key.phpt
new file mode 100644
index 0000000..4014c05
--- /dev/null
+++ b/src/tests/disabled_functions_local_var_array_key.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_local_var_array_key.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "foo"=>Array("lol"=>"bbb")), "a"=>"cccc");
+foo($a);
+
+$a=Array("test2"=>Array("foo"=>Array("aaa"=>"ccc")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_local_var_array_key.php:3 has been disabled.
diff --git a/src/tests/disabled_functions_name_type.phpt b/src/tests/disabled_functions_name_type.phpt
index c5b24d6..1022238 100644
--- a/src/tests/disabled_functions_name_type.phpt
+++ b/src/tests/disabled_functions_name_type.phpt
@@ -11,4 +11,4 @@ echo strcmp([1,23], "pouet") . "\n";
 ?>
 --EXPECTF--
 0
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strcmp' in %a/disabled_functions_name_type.php:%d has been disabled, because its argument 'str1' content (?) matched a rule.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'strcmp' in %a/disabled_functions_name_type.php:%d has been disabled, because its argument '$str1' content (ARRAY) matched a rule.
diff --git a/src/tests/disabled_functions_nul_byte.phpt b/src/tests/disabled_functions_nul_byte.phpt
index b4974a9..f03a8e4 100644
--- a/src/tests/disabled_functions_nul_byte.phpt
+++ b/src/tests/disabled_functions_nul_byte.phpt
@@ -11,4 +11,4 @@ system("id");
 
 ?>
 --EXPECTF--
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/tests/disabled_functions_nul_byte.php:2 has been disabled, because its argument 'command' content (0id) matched a rule.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/tests/disabled_functions_nul_byte.php:2 has been disabled, because its argument '$command' content (0id) matched a rule.
diff --git a/src/tests/disabled_functions_param.phpt b/src/tests/disabled_functions_param.phpt
index d9f8767..fe0e244 100644
--- a/src/tests/disabled_functions_param.phpt
+++ b/src/tests/disabled_functions_param.phpt
@@ -15,4 +15,4 @@ strcmp("bla", "ble");
 strncmp("bla", "ble", 2);
 ?>
 --EXPECTF--
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/disabled_functions_param.php:2 has been disabled, because its argument 'command' content (id) matched the rule '1'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/disabled_functions_param.php:2 has been disabled, because its argument '$command' content (id) matched the rule '1'.
diff --git a/src/tests/disabled_functions_param_array.phpt b/src/tests/disabled_functions_param_array.phpt
index 5ca13aa..f023cfc 100644
--- a/src/tests/disabled_functions_param_array.phpt
+++ b/src/tests/disabled_functions_param_array.phpt
@@ -21,4 +21,4 @@ foo($a);
 --EXPECTF--
 test1
 abcde
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/disabled_functions_param_array.php:3 has been disabled, because its argument 'arr' content (Array) matched the rule '1'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/disabled_functions_param_array.php:3 has been disabled, because its argument '$arr' content (abcd) matched the rule '1'.
diff --git a/src/tests/disabled_functions_param_array_deref.phpt b/src/tests/disabled_functions_param_array_deref.phpt
index 556cb06..1e8e31b 100644
--- a/src/tests/disabled_functions_param_array_deref.phpt
+++ b/src/tests/disabled_functions_param_array_deref.phpt
@@ -22,4 +22,4 @@ foo($a);
 --EXPECTF--
 eee
 abcdef
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_deref.php:3 has been disabled, because its argument 'arr' content (Array) matched the rule '2'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_deref.php:3 has been disabled, because its argument '$arr' content (abcdef) matched the rule '2'.
diff --git a/src/tests/disabled_functions_param_array_no_value.phpt b/src/tests/disabled_functions_param_array_no_value.phpt
index 06b9839..ac1b5e0 100644
--- a/src/tests/disabled_functions_param_array_no_value.phpt
+++ b/src/tests/disabled_functions_param_array_no_value.phpt
@@ -19,4 +19,4 @@ foo($a);
 ?>
 --EXPECTF--
 cccc
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_no_value.php:3 has been disabled, because its argument 'arr' content (Array) matched the rule '3'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_no_value.php:3 has been disabled, because its argument '$arr' content (aaa) matched the rule '3'.
diff --git a/src/tests/disabled_functions_param_array_r.phpt b/src/tests/disabled_functions_param_array_r.phpt
new file mode 100644
index 0000000..8bd85ce
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_r.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array using regexp
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_r_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>"pof", "pof"=>"pif", "a"=>Array("qwe"=>"bbb"), "a"=>"cccc");
+foo($a);
+
+$a=Array("a"=>"abcd", "pof"=>"pif", "bar"=>Array("qwe"=>"bbb"), "b"=>"cccc");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_r.php:3 has been disabled, because its argument 'arr' content (ARRAY) matched the rule '1'.
diff --git a/src/tests/disabled_functions_param_array_r_keys.phpt b/src/tests/disabled_functions_param_array_r_keys.phpt
new file mode 100644
index 0000000..e9ef50d
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_r_keys.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array using regexp
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_r_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>"pof", "pof"=>"pif", "qwe"=>Array("qwe"=>"bbb"), "a"=>"cccc");
+foo($a);
+
+$a=Array("a"=>"", "pof"=>"pif", "bar"=>Array("qwe"=>"bbb"), "qweabcqwe"=>"nop");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_r_keys.php:3 has been disabled, because its argument 'arr' content (ARRAY) matched the rule '2'.
diff --git a/src/tests/disabled_functions_param_array_several_levels.phpt b/src/tests/disabled_functions_param_array_several_levels.phpt
index cef6ded..f5665fb 100644
--- a/src/tests/disabled_functions_param_array_several_levels.phpt
+++ b/src/tests/disabled_functions_param_array_several_levels.phpt
@@ -17,4 +17,4 @@ foo($a);
 ?>
 --EXPECTF--
 cccc
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels.php:3 has been disabled, because its argument 'arr' content (Array) matched the rule '4'.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels.php:3 has been disabled, because its argument '$arr' content (ARRAY) matched the rule '4'.
diff --git a/src/tests/disabled_functions_param_array_several_levels_int.phpt b/src/tests/disabled_functions_param_array_several_levels_int.phpt
new file mode 100644
index 0000000..2e546f4
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_several_levels_int.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "foo"=>Array("lol"=>"bbb")), "a"=>"cccc");
+foo($a);
+
+$a=Array("test2"=>Array("foo"=>Array("123"=>"aaa")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels_int.php:3 has been disabled, because its argument '$arr' content (ARRAY) matched the rule '4'.
diff --git a/src/tests/disabled_functions_param_array_several_levels_keys.phpt b/src/tests/disabled_functions_param_array_several_levels_keys.phpt
new file mode 100644
index 0000000..1be59fc
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_several_levels_keys.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "bar"=>Array("qwe"=>"bbb")), "a"=>"cccc");
+foo($a);
+
+$a=Array("test2"=>Array("bar"=>Array("lol"=>"aaa")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels_keys.php:3 has been disabled, because its argument '$arr' content (ARRAY) matched the rule '5'.
diff --git a/src/tests/disabled_functions_param_array_several_levels_keys_int.phpt b/src/tests/disabled_functions_param_array_several_levels_keys_int.phpt
new file mode 100644
index 0000000..acb696f
--- /dev/null
+++ b/src/tests/disabled_functions_param_array_several_levels_keys_int.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Disable functions - match on an array value buried in several levels
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_disabled_functions_param_array.ini
+--FILE--
+<?php
+function foo($arr) {
+         echo $arr["a"]."\n";
+}
+$a=Array("test2"=>Array("pof"=>"pif", "bar"=>Array("qwe"=>"bbb")), "a"=>"cccc");
+foo($a);
+
+$a=Array("test2"=>Array("bar"=>Array("123"=>"aaa")), "a"=>"dddd");
+foo($a);
+?>
+--EXPECTF--
+cccc
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foo' in %a/tests/disabled_functions_param_array_several_levels_keys_int.php:3 has been disabled, because its argument '$arr' content (ARRAY) matched the rule '6'.
diff --git a/src/tests/disabled_functions_param_int.phpt b/src/tests/disabled_functions_param_int.phpt
index 0e6a62c..692009a 100644
--- a/src/tests/disabled_functions_param_int.phpt
+++ b/src/tests/disabled_functions_param_int.phpt
@@ -18,4 +18,4 @@ foobar("10");
 ?>
 --EXPECTF--
 1
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foobar' in %a/tests/disabled_functions_param_int.php:3 has been disabled, because its argument 'id' content (42) matched a rule.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'foobar' in %a/tests/disabled_functions_param_int.php:3 has been disabled, because its argument '$id' content (42) matched a rule.
diff --git a/src/tests/disabled_functions_pos_type.phpt b/src/tests/disabled_functions_pos_type.phpt
new file mode 100644
index 0000000..7556440
--- /dev/null
+++ b/src/tests/disabled_functions_pos_type.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions - match on argument's position
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) die "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_pos.ini
+--FILE--
+<?php
+system([123, 456]);
+?>
+--EXPECTF--
+[snuffleupagus][0.0.0.0][config][error] It seems that you wrote a rule filtering on the 0th argument of the function 'system', but it takes only 2 arguments. Matching on _all_ arguments instead.
+[snuffleupagus][0.0.0.0][config][error] It seems that you wrote a rule filtering on the 1st argument of the function 'system', but it takes only 2 arguments. Matching on _all_ arguments instead.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'system' in %a/disabled_functions_pos_type.php:2 has been disabled, because its argument 'command' content (?) matched the rule '1'.
diff --git a/src/tests/disabled_functions_runtime.phpt b/src/tests/disabled_functions_runtime.phpt
index 1c6a141..1508735 100644
--- a/src/tests/disabled_functions_runtime.phpt
+++ b/src/tests/disabled_functions_runtime.phpt
@@ -23,7 +23,7 @@ test('1338');test('1337');
 ?>
 --EXPECTF--
 1338
-[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'test' in %a has been disabled, because its argument 'param' content (1337) matched a rule.
+[snuffleupagus][0.0.0.0][disabled_function][drop] The call to the function 'test' in %a has been disabled, because its argument '$param' content (1337) matched a rule.
 --CLEAN--
 <?php
 unlink("file_to_include1.php");