419 files changed, 6282 insertions, 3473 deletions
diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml
index a85c2e8..706238d 100644
--- a/.github/workflows/builds.yml
+++ b/.github/workflows/builds.yml
@@ -11,26 +11,26 @@ jobs:
    strategy:
        matrix:
          container:
-            - php:7.0
+            - php:8.1
-            - php:7.1
-            - php:7.2
-            - php:7.3
-            - php:7.4
            - php:8.0
+            - php:7.4
+            - php:7.3
    container: ${{ matrix.container }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
-      - name: Install pecl
+      - name: PHP 7 env setup
        if: startsWith(matrix.container, 'php:7')
-        run: pecl install vld-beta
+        run: |
-      - name: Remove php8 tests on php7
+          pecl install vld-beta
-        if: startsWith(matrix.container, 'php:7')
+          rm -rf src/tests/*php8*/ src/tests/*/*_php8.phpt
-        run: rm -rf src/tests/*php8*/
      - name: Build and run the testsuite
-        run: make tests
+        run: |
+          make release
+          ln -s $(php -r 'echo ini_get("extension_dir");')/* src/modules/
+          rm -f src/tests/disable_function/*_signal.phpt
+          make tests
      - name: Show logs in case of failure
        if: ${{ failure() }}
        run: |
-          grep -r . ./src/tests/*/*.out
+          grep -r . --include='*.log' src/tests
-          grep -r . ./src/tests/*/*.diff
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..7b3b6fd
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,45 @@
+name: "CodeQL"
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '37 5 * * 3'
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    container: php:latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'cpp' ]
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+    - run: |
+        make release
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
deleted file mode 100644
index d83aa9f..0000000
--- a/.github/workflows/coverity.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-name: Coverity scan
-on:
-  schedule:
-    - cron: '0 18 * * 1' # Weekly at 18:00 UTC on Mondays
-jobs:
-  latest:
-    runs-on: ubuntu-latest
-    container: debian:stable
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v2
-      - name: Install dependencies
-        run: |
-          apt update
-          DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends php-dev curl ca-certificates make gcc
-      - name: Remove php8 tests on php7
-        run: rm -rf src/tests/*php8*/
-      - name: Download Coverity Build Tool
-        run: |
-          curl https://scan.coverity.com/download/linux64 --form token=$TOKEN --form project=jvoisin/snuffleupagus -o cov-analysis-linux64.tar.gz
-          mkdir cov-analysis-linux64
-          tar xzf cov-analysis-linux64.tar.gz --strip-components=1 -C cov-analysis-linux64
-        env:
-          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
-      - name: Configure
-        run: cd src; phpize; ./configure --enable-snuffleupagus; cd -
-      - name: Build with cov-build
-        run: ./cov-analysis-linux64/bin/cov-build --dir cov-int make compile_debug
-      - name: Submit the result to Coverity Scan
-        run: |
-          tar czf snuffleupagus.tgz cov-int
-          curl \
-            --form project=jvoisin/snuffleupagus \
-            --form token=$TOKEN \
-            --form file=@snuffleupagus.tgz \
-            --form version=master \
-            --form email=julien.voisin+coverity@dustri.org \
-            --form description=master \
-            https://scan.coverity.com/builds?project=jvoisin/snuffleupagus
-        env:
-          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
diff --git a/.github/workflows/distributions.yml b/.github/workflows/distributions.yml
index bbfc8fc..18a8cce 100644
--- a/.github/workflows/distributions.yml
+++ b/.github/workflows/distributions.yml
@@ -14,7 +14,7 @@ jobs:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Remove php8 tests for php7
-        run: rm -rf src/tests/*php8*/
+        run: rm -rf src/tests/*php8*/ src/tests/*/*_php8.phpt src/tests/disable_function/*_signal.phpt
      - name: Install dependencies
        run: |
          apt update
@@ -22,12 +22,11 @@ jobs:
      - name: Install pecl
        run: pecl install vld-beta
      - name: Build and run the testsuite
-        run: make tests
+        run: make release tests
      - name: Show logs in case of failure
        if: ${{ failure() }}
        run: |
-          grep -r . ./src/tests/*/*.out
+          grep -r . --include='*.log' src/tests
-          grep -r . ./src/tests/*/*.diff
  fedora:
    runs-on: ubuntu-latest
@@ -36,19 +35,18 @@ jobs:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Remove php8 tests for php7
-        run: rm -rf src/tests/*php8*/
+        run: rm -rf src/tests/*php8*/ src/tests/*/*_php8.phpt src/tests/disable_function/*_signal.phpt
      - name: Install dependencies
        run: |
          dnf install -y php-devel php-pear make
      - name: Install pecl
        run: pecl install vld-beta
      - name: Build and run the testsuite
-        run: make tests
+        run: make release tests
      - name: Show logs in case of failure
        if: ${{ failure() }}
        run: |
-          grep -r . ./src/tests/*/*.out
+          grep -r . --include='*.log' src/tests
-          grep -r . ./src/tests/*/*.diff
  ubuntu:
    runs-on: ubuntu-latest
@@ -57,7 +55,7 @@ jobs:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Remove php8 tests for php7
-        run: rm -rf src/tests/*php8*/
+        run: rm -rf src/tests/*php8*/ src/tests/*/*_php8.phpt
      - name: Install dependencies
        run: |
          apt update
@@ -69,8 +67,7 @@ jobs:
      - name: Show logs in case of failure
        if: ${{ failure() }}
        run: |
-          grep -r . ./src/tests/*/*.out
+          grep -r . --include='*.log' src/tests
-          grep -r . ./src/tests/*/*.diff
  archlinux:
    runs-on: ubuntu-latest
@@ -79,7 +76,7 @@ jobs:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Remove php8 tests for php7
-        run: rm -rf src/tests/*php8*/
+        run: rm -rf src/tests/*php8*/ src/tests/*/*_php8.phpt
      - name: Install dependencies
        continue-on-error: true
        run: |
@@ -89,37 +86,60 @@ jobs:
      - name: Install pecl
        continue-on-error: true
        run: pecl install vld-beta
-      - name: Build and run the testsuite
+      - name: Build SP and run the testsuite
        continue-on-error: true
        run: make tests
      - name: Show logs in case of failure
        continue-on-error: true
        if: ${{ failure() }}
        run: |
-          grep -r . ./src/tests/*/*.out
+          grep -r . --include='*.log' src/tests
-          grep -r . ./src/tests/*/*.diff
  alpine:
    runs-on: ubuntu-latest
-    container: alpine:edge
+    container: alpine:latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Remove php8 tests for php7
-        run: rm -rf src/tests/*php8*/
+        run: rm -rf src/tests/*php8*/ src/tests/*/*_php8.phpt
      - name: Remove tests failing on alpine for wathever reason
-        run: rm -rf src/tests/*session*/ src/tests/broken_configuration/ src/tests/*cookie* src/tests/upload_validation/
+        run: rm -rf src/tests/cookies_encryption_warning src/tests/upload_validation/upload_validation.phpt /tests/broken_configuration/encrypt_regexp_cookies_bad_regexp.phpt
      - name: Install dependencies
-        run: apk add php7-dev php7-cgi php7-simplexml php7-xml pcre-dev build-base php7-pear php7-openssl
+        run: apk add php7-dev php7-cgi php7-simplexml php7-xml pcre-dev build-base php7-pear php7-openssl php7-session bash grep
      - name: Install pecl
        continue-on-error: true
        run: pecl install vld-beta
-      - name: Build and run the testsuite
+      - name: Build SP and run the testsuite
-        continue-on-error: true
+        run: |
-        run: make tests
+          make release
+          ln -s $(php -r 'echo ini_get("extension_dir");')/* src/modules/
+          make tests
      - name: Show logs in case of failure
        if: ${{ failure() }}
+        run: |
+          grep -r . --include='*.log' src/tests
+  ## PHP 8
+  alpine_php8:
+    runs-on: ubuntu-latest
+    container: alpine:edge
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Remove tests failing on alpine for wathever reason
+        run: rm -rf src/tests/cookies_encryption_warning src/tests/upload_validation/upload_validation.phpt
+      - name: Install dependencies
+        run: apk add php8-dev php8-cgi php8-simplexml php8-xml pcre-dev build-base php8-pear php8-openssl php8-session php8-curl bash grep
+      - name: Install pecl
        continue-on-error: true
+        run: pecl install vld-beta
+      - name: Build SP and run the testsuite
+        run: |
+          make release
+          ln -s $(php -r 'echo ini_get("extension_dir");')/* src/modules/
+          make tests
+      - name: Show logs in case of failure
+        if: ${{ failure() }}
        run: |
-          grep -r . ./src/tests/*/*.out
+          grep -r . --include='*.log' src/tests
-          grep -r . ./src/tests/*/*.diff
diff --git a/.gitignore b/.gitignore
index 721cd5f..e4986e9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,6 +19,12 @@ src/tests/*/*.log
 src/tests/*/*.out
 src/tests/*/*.sh
 src/tests/*/*.php
+src/tests/*/phpt.*
+.vscode/
+# generated by re2c or copied from cached version
+src/sp_config_scanner.c
 # Files generated by phpize, configure and make
 src/autom4te.cache
 src/build
@@ -45,4 +51,5 @@ src/Makefile.objects
 src/missing
 src/mkinstalldirs
 src/run-tests.php
+src/*.dep
 doc/build/
diff --git a/Makefile b/Makefile
index b8236fb..51c6cc9 100644
--- a/Makefile
+++ b/Makefile
@@ -1,44 +1,61 @@
 .DEFAULT_GOAL=help
 .PHONY=help
+SHELL = /bin/bash
+SRC := src
 clean:  ## clean everything
-        make -C src clean
+        make -C $(SRC) clean
-        cd src; phpize --clean
+        cd $(SRC); phpize --clean
 release:  ## compile with releases flags
-        cd src; phpize
+        cd $(SRC); phpize
-        cd src; ./configure --enable-snuffleupagus
+        cd $(SRC); ./configure --enable-snuffleupagus
-        make -C src
+        make -C $(SRC)
 install: release  ## compile and install snuffleupagus
-        make -C src install
+        make -C $(SRC) install
 compile_debug:  ## compile a debug build
-        cd src; phpize
+        cd $(SRC); if [[ ! -f configure ]]; then phpize; fi; \
-        export CFLAGS="-g3 -ggdb -O1 -g"; cd src; ./configure --enable-snuffleupagus --enable-debug
+        ./configure --enable-snuffleupagus --enable-debug --enable-debug-stderr && \
-        make -C src
+        make clean ; make -j4
+DOCKER_IMAGE := php:latest
+docker: ## start docker container with current PHP
+        @echo "Starting new docker container with snuffleupagus bind-mounted to /sp"
+        docker run -it -v "$$(pwd)":/sp $(DOCKER_IMAGE) /bin/bash
+linked-clone:
+        @if [[ "$(CLONE)" == "" ]]; then echo -e "==> Please provide clone name, e.g.\n  make linked-clone CLONE=php8.1\n"; exit 1; fi
+        @if [[ -d "src-$(CLONE)" ]]; then echo -e "==> Clone '$(CLONE)' already exists.\n"; exit 1; fi
+        @echo "==> CREATING LINKED CLONE IN 'src-$(CLONE)' <=="
+        mkdir "src-$(CLONE)"; cd "src-$(CLONE)"; \
+        SRCDIR=../src; ln -s $$SRCDIR/*.[hc] $$SRCDIR/config.m4 $$SRCDIR/snuffleupagus.php $$SRCDIR/Makefile.frag $$SRCDIR/*.re .; \
+        cp -r $$SRCDIR/tests .
+        @echo -e "==> DONE. <==\nCompile a debug build with\n  make compile_debug SRC=src-$(CLONE)"
 tests: release  ## compile a release build and run the testsuite
-        TEST_PHP_ARGS='-q' REPORT_EXIT_STATUS=1 make -C src test
+        TEST_PHP_ARGS='-q' REPORT_EXIT_STATUS=1 SP_SKIP_OLD_PHP_CHECK=1 make -C $(SRC) test
 coverage:  ## compile snuffleugpaus, and run the testsuite with coverage
-        cd src; phpize
+        cd $(SRC); phpize
 ifeq ($(CC),clang)
-        cd src; CFLAGS="-fprofile-instr-generate -fcoverage-mapping" ./configure --enable-snuffleupagus
+        cd $(SRC); CFLAGS="-fprofile-instr-generate -fcoverage-mapping" ./configure --enable-snuffleupagus
-        make -C src
+        make -C $(SRC)
-        sed -i "s/\$$ext_params -d display_errors=0 -r/-d display_errors=0 -r/" src/run-tests.php
+        sed -i "s/\$$ext_params -d display_errors=0 -r/-d display_errors=0 -r/" $(SRC)/run-tests.php
-        LLVM_PROFILE_FILE="sp_%p_%m.profraw" TEST_PHP_ARGS='-q' REPORT_EXIT_STATUS=1 make -C src test
+        LLVM_PROFILE_FILE="sp_%p_%m.profraw" TEST_PHP_ARGS='-q' REPORT_EXIT_STATUS=1 make -C $(SRC) test
-        llvm-profdata-4.0 merge ./src/*.profraw -o ./src/sp.profdata
+        llvm-profdata-4.0 merge ./$(SRC)/*.profraw -o ./$(SRC)/sp.profdata
-        llvm-cov report -instr-profile=./src/sp.profdata ./src/modules/snuffleupagus.so
+        llvm-cov report -instr-profile=./$(SRC)/sp.profdata ./$(SRC)/modules/snuffleupagus.so
 else
-        cd src; ./configure --enable-snuffleupagus --enable-coverage
+        cd $(SRC); ./configure --enable-snuffleupagus --enable-coverage
-        make -C src
+        make -C $(SRC)
-        rm -Rf src/COV.html
+        rm -Rf $(SRC)/COV.html
-        sed -i "s/\$$ext_params -d display_errors=0 -r/-d display_errors=0 -r/" src/run-tests.php
+        sed -i "s/\$$ext_params -d display_errors=0 -r/-d display_errors=0 -r/" $(SRC)/run-tests.php
-        TEST_PHP_ARGS='-q' REPORT_EXIT_STATUS=1 make -C src test
+        TEST_PHP_ARGS='-q' REPORT_EXIT_STATUS=1 make -C $(SRC) test
-        lcov --base-directory ./src --directory ./src -c -o ./src/COV.info --rc lcov_branch_coverage=1 
+        lcov --base-directory ./$(SRC) --directory ./$(SRC) -c -o ./$(SRC)/COV.info --rc lcov_branch_coverage=1 
-        lcov --remove src/COV.info '/usr/*' --remove src/COV.info '*tweetnacl.c' -o src/COV.info --rc lcov_branch_coverage=1
+        lcov --remove $(SRC)/COV.info '/usr/*' --remove $(SRC)/COV.info '*tweetnacl.c' -o $(SRC)/COV.info --rc lcov_branch_coverage=1
-        genhtml --show-details -o src/COV.html ./src/COV.info  --branch-coverage
+        genhtml --show-details -o $(SRC)/COV.html ./$(SRC)/COV.info  --branch-coverage
 endif
 bench: joomla  ## run the benchmark
@@ -49,7 +66,7 @@ joomla:
        fi
        cd joomla-cms; composer install >/dev/null 2>/dev/null
        echo "\nWith snuffleupagus:"
-        cd joomla-cms; time php -d "extension=../src/modules/snuffleupagus.so" -d "sp.configuration_file=../config/default.rules" libraries/vendor/phpunit/phpunit/phpunit --no-coverage >/dev/null
+        cd joomla-cms; time php -d "extension=../$(SRC)/modules/snuffleupagus.so" -d "sp.configuration_file=../config/default.rules" libraries/vendor/phpunit/phpunit/phpunit --no-coverage >/dev/null
        echo "\nWithout snuffleupagus:"
        cd joomla-cms; time php libraries/vendor/phpunit/phpunit/phpunit --no-coverage >/dev/null
diff --git a/PHP_LICENSE b/PHP_LICENSE
new file mode 100644
index 0000000..4076fe9
--- /dev/null
+++ b/PHP_LICENSE
@@ -0,0 +1,68 @@
+--------------------------------------------------------------------
+                  The PHP License, version 3.01
+Copyright (c) 1999 - 2019 The PHP Group. All rights reserved.
+--------------------------------------------------------------------
+Redistribution and use in source and binary forms, with or without
+modification, is permitted provided that the following conditions
+are met:
+  1. Redistributions of source code must retain the above copyright
+     notice, this list of conditions and the following disclaimer.
+  2. Redistributions in binary form must reproduce the above copyright
+     notice, this list of conditions and the following disclaimer in
+     the documentation and/or other materials provided with the
+     distribution.
+  3. The name "PHP" must not be used to endorse or promote products
+     derived from this software without prior written permission. For
+     written permission, please contact group@php.net.
+  4. Products derived from this software may not be called "PHP", nor
+     may "PHP" appear in their name, without prior written permission
+     from group@php.net.  You may indicate that your software works in
+     conjunction with PHP by saying "Foo for PHP" instead of calling
+     it "PHP Foo" or "phpfoo"
+  5. The PHP Group may publish revised and/or new versions of the
+     license from time to time. Each version will be given a
+     distinguishing version number.
+     Once covered code has been published under a particular version
+     of the license, you may always continue to use it under the terms
+     of that version. You may also choose to use such covered code
+     under the terms of any subsequent version of the license
+     published by the PHP Group. No one other than the PHP Group has
+     the right to modify the terms applicable to covered code created
+     under this License.
+  6. Redistributions of any form whatsoever must retain the following
+     acknowledgment:
+     "This product includes PHP software, freely available from
+     <http://www.php.net/software/>".
+THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND
+ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE PHP
+DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+OF THE POSSIBILITY OF SUCH DAMAGE.
+--------------------------------------------------------------------
+This software consists of voluntary contributions made by many
+individuals on behalf of the PHP Group.
+The PHP Group can be contacted via Email at group@php.net.
+For more information on the PHP Group and the PHP project,
+please see <http://www.php.net>.
+PHP includes the Zend Engine, freely available at
+<http://www.zend.com>.
diff --git a/README.md b/README.md
index 58f0940..3b305cb 100644
--- a/README.md
+++ b/README.md
@@ -1,125 +1,21 @@
-<h1 align="center">
+![CI for PHP versions](https://github.com/sektioneins/snuffleupagus/actions/workflows/builds.yml/badge.svg)
-  <br>
+![CI for Linux distributions](https://github.com/sektioneins/snuffleupagus/actions/workflows/distributions.yml/badge.svg)
-  <a href="https://snuffleupagus.readthedocs.io/">
+![CI for CodeQL Analysis](https://github.com/sektioneins/snuffleupagus/actions/workflows/codeql-analysis.yml/badge.svg)
-    <img src="https://github.com/jvoisin/snuffleupagus/raw/master/doc/source/_static/sp.png" alt="Snuffleupagus' logo" width="200"></a>
-  <br>
-  Snuffleupagus
-  <br>
-</h1>
-<h4 align="center">Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!</h4>
 <p align="center">
-  <a href="https://github.com/jvoisin/snuffleupagus/actions?query=workflow%3A%22CI+for+linux+distributions%22">
+  <img src="https://github.com/sektioneins/snuffleupagus/blob/master/doc/source/_static/sp.png" alt="Snuffleupagus logo" width="200">
-    <img src="https://github.com/jvoisin/snuffleupagus/workflows/CI%20for%20linux%20distributions/badge.svg"
-         alt="github actions testing _all_ distributions" />
-  </a>
-  <a href="https://github.com/jvoisin/snuffleupagus/actions?query=workflow%3A%22CI+for+php+versions%22">
-    <img src="https://github.com/jvoisin/snuffleupagus/workflows/CI%20for%20php%20versions/badge.svg"
-         alt="github actions testing _all_ php versions" />
-  </a>
-  <a href="https://scan.coverity.com/projects/jvoisin-snuffleupagus">
-    <img src="https://scan.coverity.com/projects/13821/badge.svg?flat=1"
-         alt="Coverity">
-  </a>
-  <a href="https://bestpractices.coreinfrastructure.org/projects/1267">
-      <img src="https://bestpractices.coreinfrastructure.org/projects/1267/badge"
-           alt="CII Best Practises">
-  </a>
-  <a href="http://snuffleupagus.readthedocs.io/?badge=latest">
-    <img src="https://readthedocs.org/projects/snuffleupagus/badge/?version=latest"
-         alt="readthedocs.org">
-  </a>
-  <a href="https://coveralls.io/github/jvoisin/snuffleupagus?branch=master">
-    <img src="https://coveralls.io/repos/github/jvoisin/snuffleupagus/badge.svg?branch=master"
-         alt="coveralls">
-  </a>
-  <a href="https://twitter.com/sp_php">
-    <img src="https://img.shields.io/badge/twitter-follow-blue.svg"
-         alt="twitter">
-  </a>
-  <a href="https://repology.org/project/php:snuffleupagus/versions">
-    <img src="https://repology.org/badge/tiny-repos/php:snuffleupagus.svg"
-         alt="Packaging status">
-  </a>
-</p>
-<p align="center">
+  # Snuffleupagus fork with Suhosin-NG patches
-  <a href="#key-features">Key Features</a> •
+  
-  <a href="#download">Download</a> •
-  <a href="#examples">Examples</a> •
-  <a href="https://snuffleupagus.readthedocs.io/">Documentation</a> •
-  <a href="https://github.com/jvoisin/snuffleupagus/blob/master/LICENSE">License</a> •
-  <a href="#thanks">Thanks</a>
 </p>
-Snuffleupagus is a [PHP 7+ and 8+](https://secure.php.net/) module designed to
-drastically raise the cost of attacks against websites, by killing entire bug
-classes. It also provides a powerful virtual-patching system, allowing
-administrator to fix specific vulnerabilities and audit suspicious behaviours
-without having to touch the PHP code.
-## Key Features
-* No [noticeable performance impact](https://dustri.org/b/snuffleupagus-030-dentalium-elephantinum.html)
-* Powerful yet simple to write virtual-patching rules
-* Killing several classes of vulnerabilities
-  * [Unserialize-based](https://www.owasp.org/images/9/9e/Utilizing-Code-Reuse-Or-Return-Oriented-Programming-In-PHP-Application-Exploits.pdf) code execution
-  * [`mail`-based]( https://blog.ripstech.com/2016/roundcube-command-execution-via-email/ ) code execution
-  * Cookie-stealing [XSS]( https://en.wikipedia.org/wiki/Cross-site_scripting )
-  * File-upload based code execution
-  * Weak PRNG
-  * [XXE]( https://en.wikipedia.org/wiki/XML_external_entity_attack )
-* Several hardening features
-  * Automatic `secure` and `samesite` flag for cookies
-  * Bundled set of rules to detect post-compromissions behaviours
-  * Global [strict mode]( https://secure.php.net/manual/en/migration70.new-features.php#migration70.new-features.scalar-type-declarations) and type-juggling prevention
-  * Whitelisting of [stream wrappers](https://secure.php.net/manual/en/intro.stream.php)
-  * Preventing writeable files execution
-  * Whitelist/blacklist for `eval`
-  * Enforcing TLS certificate validation when using [curl](https://secure.php.net/manual/en/book.curl.php)
-  * Request dumping capability
-* A relatively sane code base:
-  * A [comprehensive](https://coveralls.io/github/jvoisin/snuffleupagus?branch=master) test suite close to 100% coverage
-  * Every commit is tested on [several distributions](https://gitlab.com/jvoisin/snuffleupagus/pipelines)
-  * An `clang-format`-enforced code style
-  * A [comprehensive documentation](https://snuffleupagus.rtfd.io)
-  * Usage of [coverity](https://scan.coverity.com/projects/jvoisin-snuffleupagus)
-## Download
-We've got a [download
-page](https://snuffleupagus.readthedocs.io/download.html), where you can find
-packages for your distribution, but you can of course just `git clone` this
-repo, or check the releases on [github](https://github.com/jvoisin/snuffleupagus/releases).
-## Examples
-We're providing [various example rules](https://github.com/jvoisin/snuffleupagus/tree/master/config),
-that are looking like this:
-```python
-# Harden the `chmod` function
-sp.disable_function.function("chmod").param("mode").value_r("^[0-9]{2}[67]$").drop();
-# Mitigate command injection in `system`
-sp.disable_function.function("system").param("command").value_r("[$|;&`\\n]").drop();
-```
-Upon violation of a rule, you should see lines like this in your logs:
-```python
+## About Snuffleupagus
-[snuffleupagus][0.0.0.0][disabled_function][drop] The execution has been aborted in /var/www/index.php:2, because the return value (0) of the function 'strpos' matched a rule.
-```
-## Documentation
+Snuffleupagus is a marvellous security module for PHP 7 and PHP 8. This repository is a fork of the [original Snuffleupagus repository](https://github.com/jvoisin/snuffleupagus) used for **development and testing** of **new and experimental features**. It can be seen as the **beta version** of the Snuffleupagus PHP extension, showcasing new ideas, with the aim to eventually be ported back upstream to the original repository.
-We've got a [comprehensive website](https://snuffleupagus.readthedocs.io/) with
+## About Suhosin-NG
-all the documentation that you could possibly wish for. You can of course
-[build it yourself](https://github.com/jvoisin/snuffleupagus/tree/master/doc).
-## Thanks
+![suhosin-ng logo](https://github.com/sektioneins/suhosin-ng/blob/master/logo/suhosin-ng-logo.svg)
-Many thanks to the [Suhosin project](https://suhosin.org) for being a __huge__
+The [Suhosin-NG project](https://github.com/sektioneins/suhosin-ng) is an effort to advance PHP hardening by providing patches to Snuffleupagus, documentation and its own [set of tools](https://github.com/sektioneins/sng-tools).
-source of inspiration, and to all [our
-contributors](https://github.com/jvoisin/snuffleupagus/graphs/contributors).
diff --git a/config/default.rules b/config/default.rules
index caa14c0..f6d8893 100644
--- a/config/default.rules
+++ b/config/default.rules
@@ -6,8 +6,10 @@
 # Harden the PRNG
 sp.harden_random.enable();
-# Disabled XXE
+# Enable XXE protection
-sp.disable_xxe.enable();
+@condition extension_loaded("xml");
+sp.xxe_protection.enable();
+@end_condition;
 # Global configuration variables
 # sp.global.secret_key("YOU _DO_ NEED TO CHANGE THIS WITH SOME RANDOM CHARACTERS.");
diff --git a/config/default_php8.rules b/config/default_php8.rules
index 2251f2f..6d6b88e 100644
--- a/config/default_php8.rules
+++ b/config/default_php8.rules
@@ -8,7 +8,7 @@
 sp.harden_random.enable();
 # Disabled XXE
-sp.disable_xxe.enable();
+sp.xxe_protection.enable();
 # Global configuration variables
 # sp.global.secret_key("YOU _DO_ NEED TO CHANGE THIS WITH SOME RANDOM CHARACTERS.");
diff --git a/config/detect_dangerous_extensions.rules b/config/detect_dangerous_extensions.rules
new file mode 100644
index 0000000..8f10532
--- /dev/null
+++ b/config/detect_dangerous_extensions.rules
@@ -0,0 +1,12 @@
+## This example rules file shows how to detect and disable certain potentially
+## dangerous or unwanted extensions.
+@condition extension_loaded("runkit7");
+@error "The runkit7 extension can be used to rename classes and functions, thereby circumventing any filters set by Snuffleupagus. Please disable runkit7.";
+@condition extension_loaded("FFI");
+@warning "FFI extension is loaded. Disabling via 'ffi.enable=false'";
+sp.ini_protection.enable();
+sp.ini.key("ffi.enable").set("false").ro();
+@end_condition;
diff --git a/config/ini_protection.rules b/config/ini_protection.rules
new file mode 100644
index 0000000..9b42a18
--- /dev/null
+++ b/config/ini_protection.rules
@@ -0,0 +1,291 @@
+## INI protection - prevent unwanted runtime ini changes made by ini_set() or other functions or by .htaccess
+sp.ini_protection.enable();
+## simulation mode: only log violations
+#sp.ini_protection.simulation();
+## drop policy: drop request on rule violation
+#sp.ini_protection.policy_drop();
+## do not log violations.
+## this setting has no effect in simulation or drop mode
+#sp.ini_protection.policy_silent_fail();
+## do not log read-only violations
+## this setting has no effect in simulation or drop mode
+sp.ini_protection.policy_silent_ro();
+## access policy can be one of
+## .policy_readonly(): All entries are read-only by default.
+##    Individual entries can be set read-write using .readwrite() or .rw()
+## .policy_readwrite(): This is the default and can be omitted.
+##    Individual entries can be set read-only using .readonly() or .ro()
+#sp.ini_protection.policy_readonly();
+## sp.ini entries can have the following attributes
+## .key("..."): mandatory ini name.
+## .set("..."): set the initial value. This overrides php.ini.
+##    checks are not performed for this initial value.
+## .min("...") / .max("..."): value must be an integer between .min and .max.
+##    shorthand notation (e.g. 1k = 1024) is allowed
+## .regexp("..."): value must match the regular expression
+## .allow_null(): allow setting a NULL-value
+## .msg("..."): message is shown in logs on rule violation instead of default message
+## .readonly() / .ro() / .readwrite() / .rw(): set entry to read-only or read-write respectively
+##    If no access keyword is provided, the entry inherits the default policy set by sp.ini_protection.policy_*-rules.
+## .drop(): drop request on rule violation for this entry
+## .simulation(): only log rule violation for this entry
+## FOR PRODUCTION SYSTEMS: disable error messages and version numbers
+sp.ini.key("display_errors").set("0").ro();
+sp.ini.key("display_startup_errors").set("0").ro();
+sp.ini.key("expose_php").set("0").ro();
+## FOR DEVELOPMENT/TESTING: allow enabling error messages and version numbers
+#sp.ini.key("display_errors").rw();
+#sp.ini.key("display_startup_errors").rw();
+#sp.ini.key("expose_php").rw();
+## error logging options should not be set during runtime -> read-only.
+sp.ini.key("error_log").ro();
+sp.ini.key("error_reporting").ro();
+sp.ini.key("log_errors").ro();
+@condition PHP_VERSION_ID < 80000;
+sp.ini.key("log_errors_max_len").set("2048").ro();
+@end_condition;
+sp.ini.key("ignore_repeated_errors").ro();
+sp.ini.key("ignore_repeated_source").ro();
+sp.ini.key("syslog.filter").ro();
+## disable assert. assert() in PHP can evaluate arbitrary code just like eval()
+sp.ini.key("assert.active").set("0").ro();
+sp.ini.key("assert.bail").ro();
+sp.ini.key("assert.callback").ro();
+sp.ini.key("assert.exception").ro();
+sp.ini.key("assert.warning").ro();
+## enforce color codes. prevents potential XSS
+sp.ini.key("highlight.comment").regexp("^#[0-9a-fA-F]{6}$");
+sp.ini.key("highlight.default").regexp("^#[0-9a-fA-F]{6}$");
+sp.ini.key("highlight.html").regexp("^#[0-9a-fA-F]{6}$");
+sp.ini.key("highlight.keyword").regexp("^#[0-9a-fA-F]{6}$");
+sp.ini.key("highlight.string").regexp("^#[0-9a-fA-F]{6}$");
+## prevent remote access via fopen/include
+sp.ini.key("allow_url_fopen").set("0").ro();
+sp.ini.key("allow_url_include").set("0").ro();
+## prevent code execution from auto-included files
+sp.ini.key("auto_append_file").ro();
+sp.ini.key("auto_prepend_file").ro();
+## make rarely used features read-only. you can always set the value in php.ini
+sp.ini.key("arg_separator.input").ro();
+sp.ini.key("arg_separator.output").ro();
+sp.ini.key("auto_detect_line_endings").ro();
+sp.ini.key("auto_globals_jit").ro();
+sp.ini.key("browscap").ro();
+sp.ini.key("default_charset").ro();
+sp.ini.key("register_argc_argv").ro();
+sp.ini.key("report_memleaks").ro();
+sp.ini.key("report_zend_debug").ro();
+sp.ini.key("request_order").ro();
+sp.ini.key("url_rewriter.hosts").ro();
+sp.ini.key("url_rewriter.tags").ro();
+sp.ini.key("variables_order").ro();
+sp.ini.key("from").ro();
+sp.ini.key("short_open_tag").ro();
+sp.ini.key("unserialize_callback_func").ro();
+sp.ini.key("zend.detect_unicode").ro();
+sp.ini.key("zend.enable_gc").ro();
+sp.ini.key("zend.exception_ignore_args").ro();
+sp.ini.key("zend.exception_string_param_max_len").ro();
+sp.ini.key("zend.multibyte").ro();
+sp.ini.key("zend.script_encoding").ro();
+## date and timezone settings
+#sp.ini.key("date.default_latitude").set("31.7667").ro();
+#sp.ini.key("date.default_longitude").set("35.2333").ro();
+#sp.ini.key("date.sunrise_zenith").set("90.833333").ro();
+#sp.ini.key("date.sunset_zenith").set("90.833333").ro();
+#sp.ini.key("date.timezone").set("").ro();
+## setting a default mime type other than text/html can be a way to prevent XSS, so this will be set to read-write by default
+sp.ini.key("default_mimetype").rw();
+## allow reasonable socket timeouts
+sp.ini.key("default_socket_timeout").min("1").max("300").rw();
+## disable dynamic loading of PHP extensions in an apache/mod_php environment as it is a security risk.
+sp.ini.key("enable_dl").set("0").ro();
+## links to manual pages in error pages should not be set during runtime.
+sp.ini.key("docref_ext").ro();
+sp.ini.key("docref_root").ro();
+sp.ini.key("html_errors").set("0").ro();
+## preventing $_POST and $_FILES to be populated can be a security feature, so read-write is ok.
+sp.ini.key("enable_post_data_reading").rw();
+## disable error append/prepend which may lead to log forging.
+sp.ini.key("error_append_string").ro();
+sp.ini.key("error_prepend_string").set("").ro();
+## restrict limit settings to prevent Denial-of-Service
+sp.ini.key("max_execution_time").min("30").max("600").rw();
+sp.ini.key("max_file_uploads").min("0").max("25").rw();
+sp.ini.key("max_input_nesting_level").min("16").max("64").rw();
+sp.ini.key("max_input_time").set("-1").ro();
+sp.ini.key("max_input_vars").min("0").max("1024").rw();
+sp.ini.key("memory_limit").min("4M").max("256M").rw();
+sp.ini.key("post_max_size").max("256M").rw();
+sp.ini.key("upload_max_filesize").max("256M").rw();
+sp.ini.key("precision").max("14").rw();
+sp.ini.key("unserialize_max_depth").min("128").max("4096").rw();
+sp.ini.key("serialize_precision").ro();
+## some applications rely on these filters for security
+## even though they should implement proper input validation for each input field separately.
+@condition extension_loaded("filter");
+sp.ini.key("filter.default").rw();
+sp.ini.key("filter.default_flags").rw();
+@end_condition;
+## scripts will not be terminated after a client has aborted their connection.
+## this feature may be needed for some time consuming server-side calculation
+sp.ini.key("ignore_user_abort").rw();
+## flushing may be needed
+sp.ini.key("implicit_flush").rw();
+## this feature may be required for some frameworks to work properly,
+## but setting the include path to a fixed value is always more secure.
+sp.ini.key("include_path").ro();
+## input/output and encoding options
+sp.ini.key("input_encoding").ro();
+sp.ini.key("internal_encoding").ro();
+sp.ini.key("output_encoding").ro();
+sp.ini.key("output_buffering").min("0").max("4096").rw();
+sp.ini.key("output_handler").ro();
+## mail options
+#sp.ini.key("mail.add_x_header").set("0").ro();
+#sp.ini.key("mail.force_extra_parameters").set("").ro();
+#sp.ini.key("mail.log").set("").ro();
+## windows smtp options
+#sp.ini.key("SMTP").set("localhost").ro();
+#sp.ini.key("smtp_port").set("25").ro();
+#sp.ini.key("sendmail_from").ro();
+## mysqli/mysqlnd options
+@condition extension_loaded("mysqli");
+sp.ini.key("mysqli.allow_local_infile").ro();
+sp.ini.key("mysqli.allow_persistent").ro();
+sp.ini.key("mysqli.default_host").ro();
+sp.ini.key("mysqli.default_port").ro();
+sp.ini.key("mysqli.default_pw").ro();
+sp.ini.key("mysqli.default_socket").ro();
+sp.ini.key("mysqli.default_user").ro();
+sp.ini.key("mysqli.max_links").set("-1").ro();
+sp.ini.key("mysqli.max_persistent").set("-1").ro();
+sp.ini.key("mysqli.reconnect").set("0").ro();
+sp.ini.key("mysqli.rollback_on_cached_plink").set("0").ro();
+@condition extension_loaded("mysqlnd");
+sp.ini.key("mysqlnd.collect_memory_statistics").set("0").ro();
+sp.ini.key("mysqlnd.collect_statistics").set("1").ro();
+sp.ini.key("mysqlnd.debug").set("").ro();
+sp.ini.key("mysqlnd.log_mask").set("0").ro();
+sp.ini.key("mysqlnd.mempool_default_size").set("16000").ro();
+sp.ini.key("mysqlnd.net_cmd_buffer_size").set("4096").ro();
+sp.ini.key("mysqlnd.net_read_buffer_size").set("32768").ro();
+sp.ini.key("mysqlnd.net_read_timeout").set("86400").ro();
+sp.ini.key("mysqlnd.sha256_server_public_key").set("").ro();
+sp.ini.key("mysqlnd.trace_alloc").set("").ro();
+@condition extension_loaded("mysqlnd") && PHP_VERSION_ID < 80100;
+sp.ini.key("mysqlnd.fetch_data_copy").set("0").ro();
+@end_condition;
+## open basedir is a security feature similar to chroot.
+## why should it be allowed to disable this feature during runtime?
+sp.ini.key("open_basedir").ro();
+## pcre options
+@condition extension_loaded("pcre");
+sp.ini.key("pcre.backtrack_limit").min("1000").max("1000000").rw();
+sp.ini.key("pcre.jit").rw();
+sp.ini.key("pcre.recursion_limit").min("1000").max("100000").ro();
+@end_condition;
+## phar options
+@condition extension_loaded("phar");
+sp.ini.key("phar.cache_list").ro();
+sp.ini.key("phar.readonly").ro();
+sp.ini.key("phar.require_hash").ro();
+@end_condition;
+## session options
+@condition extension_loaded("session");
+#sp.ini.key("session.auto_start").set("0").ro();
+#sp.ini.key("session.cache_expire").set("180").ro();
+#sp.ini.key("session.cache_limiter").set("nocache").ro();
+#sp.ini.key("session.cookie_domain").set("").ro();
+#sp.ini.key("session.cookie_httponly").set("0").ro();
+#sp.ini.key("session.cookie_lifetime").set("0").ro();
+#sp.ini.key("session.cookie_path").set("/").ro();
+#sp.ini.key("session.cookie_samesite").set("").ro();
+#sp.ini.key("session.cookie_secure").set("0").ro();
+#sp.ini.key("session.gc_divisor").set("100").ro();
+#sp.ini.key("session.gc_maxlifetime").set("1440").ro();
+#sp.ini.key("session.gc_probability").set("1").ro();
+#sp.ini.key("session.lazy_write").set("1").ro();
+#sp.ini.key("session.name").set("PHPSESSID").ro();
+#sp.ini.key("session.referer_check").set("").ro();
+#sp.ini.key("session.save_handler").set("files").ro();
+#sp.ini.key("session.save_path").set("").ro();
+#sp.ini.key("session.serialize_handler").set("php").ro();
+#sp.ini.key("session.sid_bits_per_character").set("4").ro();
+sp.ini.key("session.sid_length").min("32").max("128").rw();
+#sp.ini.key("session.trans_sid_hosts").set("").ro();
+#sp.ini.key("session.trans_sid_tags").set("a=href,area=href,frame=src,form=").ro();
+#sp.ini.key("session.upload_progress.cleanup").set("1").ro();
+#sp.ini.key("session.upload_progress.enabled").set("1").ro();
+#sp.ini.key("session.upload_progress.freq").set("1%").ro();
+#sp.ini.key("session.upload_progress.min_freq").set("1").ro();
+#sp.ini.key("session.upload_progress.name").set("PHP_SESSION_UPLOAD_PROGRESS").ro();
+#sp.ini.key("session.upload_progress.prefix").set("upload_progress_").ro();
+#sp.ini.key("session.use_cookies").set("1").ro();
+#sp.ini.key("session.use_only_cookies").set("1").ro();
+sp.ini.key("session.use_strict_mode").set("1").ro();
+#sp.ini.key("session.use_trans_sid").set("0").ro();
+@end_condition;
+## allow setting the user agent
+sp.ini.key("user_agent").rw();
+## allow setting the xmlrpc fault code
+sp.ini.key("xmlrpc_error_number").rw();
+## these ini entries can only be set by php.ini anyway,
+## but better set them to read-only anyway, just to be sure.
+sp.ini.key("disable_classes").ro();
+sp.ini.key("disable_functions").ro();
+sp.ini.key("doc_root").ro();
+sp.ini.key("extension_dir").ro();
+sp.ini.key("file_uploads").ro();
+sp.ini.key("hard_timeout").ro();
+sp.ini.key("realpath_cache_size").ro();
+sp.ini.key("realpath_cache_ttl").ro();
+sp.ini.key("sendmail_path").ro();
+@condition extension_loaded("sqlite3");
+sp.ini.key("sqlite3.defensive").ro();
+sp.ini.key("sqlite3.extension_dir").ro();
+@end_condition;
+sp.ini.key("sys_temp_dir").ro();
+sp.ini.key("syslog.facility").ro();
+sp.ini.key("syslog.ident").ro();
+sp.ini.key("upload_tmp_dir").ro();
+sp.ini.key("user_dir").ro();
+sp.ini.key("user_ini.cache_ttl").ro();
+sp.ini.key("user_ini.filename").ro();
+sp.ini.key("zend.assertions").ro();
+sp.ini.key("zend.signal_check").set("0").ro();
diff --git a/config/suhosin.rules b/config/suhosin.rules
new file mode 100644
index 0000000..0bdc453
--- /dev/null
+++ b/config/suhosin.rules
@@ -0,0 +1,281 @@
+## This file is part of the Suhosin-NG (SNG) PHP Hardening project
+## - see https://suhosin.org/ for more information.
+##
+## Snuffleupagus compatibility: Version 0.7.0 with SNG patches and above
+##   https://github.com/sektioneins/snuffleupagus
+##
+############################# ### # ---------
+##
+## This file documents the effort to port as many Suhosin features as possible to Snuffleupagus rules.
+## It is meant as a proof of concept and it will serve multiple purposes:
+## * Create a reasonably secure configuration for Snuffleupagus.
+## * Make it apparent which Suhosin features cannot be easily implemented in SP by just using configuration
+##   rules. These will be collected and some features will be implemented as part of the Suhosin-NG project.
+## * Create a base set of Snuffleupagus rules to make the expert task of configuring a PHP hardening
+##   extension accessible to a broader audience. This base set of rules will be integrated into a Tool -
+##   see Milestone 6 (MS6) here: https://github.com/sektioneins/suhosin-ng/projects/1
+## * Provide more configuration examples.
+##
+############################# ### # ---------
+## Let's enable relevant features first.
+sp.ini_protection.enable();
+## =====================
+## Logging Configuration
+## =====================
+## suhosin.log.syslog
+## suhosin.log.syslog.facility
+## suhosin.log.syslog.priority
+## suhosin.log.sapi
+## suhosin.log.stdout
+## suhosin.log.file
+## suhosin.log.file.name
+## suhosin.log.file.time
+## suhosin.log.script
+## suhosin.log.script.name
+## suhosin.log.phpscript
+## suhosin.log.phpscript.name
+## suhosin.log.phpscript.is_safe
+## suhosin.log.use-x-forwarded-for
+## SP will always use either REMOTE_ADDR or HTTP_X_FORWARDED_FOR.
+## Logging output can be one of
+sp.log_media("php");
+#sp.log_media("syslog");
+## More logging options are not implemented in SP.
+## ================
+## Executor Options
+## ================
+## suhosin.executor.max_depth
+## Not implemented in SP.
+## suhosin.executor.include.max_traversal
+## SP example for max_traversal = 3
+sp.disable_function.function_r("^(require|include)(_once)?$").value_r("\\.\\./+\\.\\./+\\.\\./+").drop();
+## suhosin.executor.include.whitelist
+## suhosin.executor.include.blacklist
+## SP version with wrapper whitelist and regex matching include/require:
+sp.wrappers_whitelist.list("file,php,phar");
+sp.disable_function.function_r("^(require|include)(_once)?$").value_r("^php://(stdin|stdout|stderr|input|output|memory|temp)").drop();
+## suhosin.executor.include.allow_writable_files
+## SP can enable readonly protection
+#sp.readonly_exec.enable();
+## suhosin.executor.func.whitelist
+## suhosin.executor.func.blacklist
+#sp.disable_function.function("...").drop();
+## suhosin.executor.eval.whitelist
+## suhosin.executor.eval.blacklist
+#sp.eval_blacklist.list("system,exec,shell_exec");
+## suhosin.executor.disable_eval
+#sp.disable_function.function("eval").drop();
+## suhosin.executor.disable_emodifier
+## This is actually not needed anymore in PHP 7 and above
+## suhosin.executor.allow_symlink
+## SP can simply disable the symlink function.
+## Other ways to create symlinks should be disabled as well, e.g. system("ln -s ...")
+#sp.disable_function.function("symlink").drop();
+#sp.disable_function.function("system").drop();
+#sp.disable_function.function("shell_exec").drop();
+#sp.disable_function.function("exec").drop();
+#sp.disable_function.function("proc_open").drop();
+## 
+## ============
+## Misc Options
+## ============
+## 
+## suhosin.simulation
+## SP provides individual .simulation() switches for most features.
+## suhosin.perdir
+## Not implemented in SP.
+## suhosin.protectkey
+## SP does not actually need to protect its secret key this way, as it is not a native PHP ini directive shown in phpinfo()
+## suhosin.coredump
+## SP can be started in gdb/lldb, so this feature may not be needed.
+## suhosin.stealth
+## Not implemented in SP.
+## If ionCube support or similar extensions should ever be requested to run with SP, this feature may be implemented some day.
+## suhosin.apc_bug_workaround
+## This is not a thing anymore with PHP7+
+## suhosin.disable.display_errors
+#sp.ini.key("display_errors").set("0").ro();
+#sp.ini.key("display_startup_errors").set("0").ro();
+#sp.ini.key("expose_php").set("0").ro();
+## suhosin.multiheader
+## There is a PHP filter in place to prevent multiple headers in one header() call - let's hope it works.
+## suhosin.mail.protect
+sp.disable_function.function("mail").param("to").value_r("\\n").alias("newline in mail() To:").drop();
+sp.disable_function.function("mail").param("subject").value_r("\\n").alias("newline in mail() Subject:").drop();
+sp.disable_function.function("mail").param("additional_headers").param_type("STRING").drop();
+sp.disable_function.function("mail").param("additional_headers").param_type("NULL").allow();
+sp.disable_function.function("mail").param("additional_headers").key_r("^(to|b?cc)$").drop();
+## suhosin.memory_limit
+## SP can either disable or limit the memory_limit setting
+#sp.ini.key("memory_limit").ro();
+sp.ini.key("memory_limit").min("4M").max("256M").rw();
+## ========================
+## SQL Injection Protection
+## ========================
+## suhosin.sql.bailout_on_error
+## SP example for mysqli and PDO
+#sp.disable_function.function("mysqli_query").ret("FALSE").drop();
+#sp.disable_function.function("mysqli::query").ret("FALSE").drop();
+#sp.disable_function.function("mysqli_real_query").ret("FALSE").drop();
+#sp.disable_function.function("mysqli::real_query").ret("FALSE").drop();
+#sp.disable_function.function("mysqli_prepare").ret("FALSE").drop();
+#sp.disable_function.function("mysqli::prepare").ret("FALSE").drop();
+#sp.disable_function.function("mysqli_stmt_execute").ret("FALSE").drop();
+#sp.disable_function.function("mysqli_stmt::execute").ret("FALSE").drop();
+#sp.disable_function.function("mysqli_execute").ret("FALSE").drop();
+#sp.disable_function.function("PDO::query").ret("FALSE").drop();
+#sp.disable_function.function("PDO::prepare").ret("FALSE").drop();
+#sp.disable_function.function("PDO::exec").ret("FALSE").drop();
+#sp.disable_function.function("PDOStatement::execute").ret("FALSE").drop();
+## suhosin.sql.user_match
+## suhosin.sql.user_prefix
+## suhosin.sql.user_postfix
+## SP example for mysqli
+set SQL_USER "^public_";
+sp.disable_function.function("mysqli::__construct").param("username").value_r(SQL_USER).allow();
+sp.disable_function.function("mysqli::__construct").drop();
+sp.disable_function.function("mysqli_connect").param("username").value_r(SQL_USER).allow();
+sp.disable_function.function("mysqli_connect").drop();
+sp.disable_function.function("mysqli::change_user").param("username").value_r(SQL_USER).allow();
+sp.disable_function.function("mysqli::change_user").drop();
+sp.disable_function.function("mysqli_change_user").param("username").value_r(SQL_USER).allow();
+sp.disable_function.function("mysqli_change_user").drop();
+## suhosin.sql.comment
+## suhosin.sql.opencomment
+## Not implemented in SP.
+## It is possible to try and find common injection patterns such as ' or 1=1 -- via regex,
+## but that would likely trigger valid SQL strings containing these patterns as well. The same argument
+## applies to multiselect and union:
+## suhosin.sql.multiselect
+## suhosin.sql.union
+## Not implemented in SP.
+## ==============================
+## Transparent Encryption Options
+## ==============================
+## suhosin.session.cryptkey
+## suhosin.session.cryptua
+## suhosin.cookie.cryptkey
+## suhosin.cookie.cryptua
+## SP's session encryption and cookie encryption features rely on a secret key that is derived from
+## * the user agent string from the environment variable HTTP_USER_AGENT
+## * the value of the environment variable specified using sp.global.cookie_env_var(),
+##   usually either REMOTE_ADDR or SSL_SESSION_ID
+## * a very secret key as specified using sp.global.secret_key()
+sp.global.secret_key("c6a0e02b3b818f7559d5f85303d8fe44"); ## this key should be unique to your installation.
+sp.global.cookie_env_var("REMOTE_ADDR");
+#sp.global.cookie_env_var("SSL_SESSION_ID");
+## suhosin.session.encrypt
+sp.session.encrypt();
+## suhosin.cookie.encrypt
+## suhosin.cookie.cryptlist
+## suhosin.cookie.plainlist
+#sp.cookie.name("my_cookie_name").encrypt();
+#sp.cookie.name_r("^enc_[a-z]+$").encrypt();
+## suhosin.session.cryptdocroot
+## suhosin.session.cryptraddr
+## suhosin.session.checkraddr
+## suhosin.cookie.cryptdocroot
+## suhosin.cookie.cryptraddr
+## suhosin.cookie.checkraddr
+## For SP to include the document root or part of the IP address in the encryption key, the .cookie_env_var()
+## can be constructed by the web server to include these values.
+## =================
+## Filtering Options
+## =================
+## suhosin.filter.action
+## suhosin.cookie|get|post|request.max_array_depth
+## suhosin.cookie|get|post|request.max_array_index_length
+## suhosin.cookie|get|post.max_name_length
+## suhosin.request.max_varname_length
+## suhosin.cookie|get|post|request.max_totalname_length
+## suhosin.cookie|get|post|request.max_value_length
+## suhosin.cookie|get|post|request.max_vars
+## suhosin.cookie|get|post|request.disallow_nul
+## suhosin.cookie|get|post|request.disallow_ws
+## suhosin.request.array_index_blacklist
+## suhosin.request.array_index_whitelist
+## suhosin.upload.max_uploads
+## suhosin.upload.max_newlines
+## suhosin.upload.disallow_elf
+## suhosin.upload.disallow_binary
+## suhosin.upload.remove_binary
+## suhosin.upload.allow_utf8
+## Not implemented in SP.
+## suhosin.upload.verification_script
+#sp.upload_validation.script("/var/www/is_valid_php.py").enable();
+## suhosin.session.max_id_length
+## suhosin.server.encode
+## suhosin.server.strip
+## Not implemented in SP.
+## suhosin.rand.seedingkey
+## suhosin.rand.reseed_every_request
+## suhosin.srand.ignore
+## suhosin.mt_srand.ignore
+## Instead of removing srand()/mt_srand(), SP basically replaces rand()/mt_rand() with the more secure random_int()
+sp.harden_random.enable();
+############################# ### # ---------
+##
+## features included in SP that are not covered by Suhosin rule equivalents
+## - see https://snuffleupagus.readthedocs.io/ for more information
+# sp.unserialize_hmac.enable();
+# sp.global_strict.enable();
+sp.auto_cookie_secure.enable();
+#sp.cookie.name("cookie1").samesite("lax");
+#sp.cookie.name("cookie2").samesite("strict");;
+sp.xxe_protection.enable();
+#sp.sloppy_comparison.enable();
diff --git a/doc/source/config.rst b/doc/source/config.rst
index c01377c..0b7b7fd 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -1,16 +1,6 @@
 Configuration
 =============
-Options are chainable by using dots (``.``) and string parameters
-**must** be quoted, while booleans and integers aren't.
-Comments are prefixed either with ``#``, or ``;``.
-Some rules apply in a specific ``function`` (context) on a specific ``variable``
-(data), like ``disable_function``. Others can only be enabled/disabled, like
-``harden_random``.
 .. warning::
  If you configure Snuffleupagus incorrectly, your website *might* not work
@@ -21,17 +11,6 @@ Some rules apply in a specific ``function`` (context) on a specific ``variable``
  read the present documentation about how to configure them,
  evaluate your threat model and write your configuration file accordingly.
-Most of the features can be used in ``simulation`` mode by appending the
-``.simulation()`` option to them (eg. ``sp.readonly_exec.simulation().enable();``) to see
-whether or not they could break your website. The simulation mode won't block the request,
-but will write a warning in the log.
-The rules are evaluated in the order that they are written, the **first** one
-to match will terminate the evaluation (except for rules in simulation mode).
-Configuration file format
-------------------------
 Since PHP *ini-like* configuration model isn't flexible enough,
 Snuffleupagus is using its own format in the file specified by
 the directive ``sp.configuration_file`` **in** your ``php.ini`` file,
@@ -61,6 +40,38 @@ your logs of course. We do **not** recommend to use it of course, but sometimes
 it might be useful to be able to "debug in production" without breaking your
 website.
+Configuration file format
+-------------------------
+Options are chainable by using dots (``.``).
+Some options have a string parameter, that **must** be quoted with double quotes, e.g. ``"string"``.
+Comments are prefixed either with ``#``, or ``;``.
+Some rules apply in a specific ``function`` (context) on a specific ``variable``
+(data), like ``disable_function``. Others can only be enabled/disabled, like
+``harden_random``.
+Most of the features can be used in ``simulation`` mode by appending the
+``.simulation()`` or ``.sim()`` option to them (eg. ``sp.readonly_exec.simulation().enable();``) to see
+whether or not they could break your website. The simulation mode won't block the request,
+but will write a warning in the log.
+The rules are evaluated in the order that they are written, the **first** one
+to match will terminate the evaluation (except for rules in simulation mode).
+Rules can be split into lines and contain whitespace for easier readability and maintenance: (This feature is available since version 0.8.0.)
+::
+  sp.disable_function.function("mail")
+    .param("to").value_r("\\n")
+    .alias("newline in mail() To:")
+    .drop();
+The terminating ``;`` is optional for now, but it should be used for future compatibility.
 Miscellaneous
 -------------
@@ -178,6 +189,70 @@ Cookies-related mitigations
 Since snuffleupagus is providing several hardening features for cookies,
 there is a dedicated web page :ref:`here <cookie-encryption-page>` about them.
+INI Settings Protection
+^^^^^^^^^^^^^^^^^^^^^^^
+INI settings can be forced to a value, limited by min/max value or regular expression and set read-only mode.
+First, this feature can be enabled or disabled:
+::
+  sp.ini_protection.enable();
+  sp.ini_protection.disable();
+The INI protection feature can be set to simulation mode, where violations are only reported, but rules are not enforced:
+::
+  sp.ini_protection.simulation();
+Rule violations can be set to drop as a global policy, or alternatively be set on individual rules using ``.drop()``.
+::
+  sp.ini_protection.policy_drop();
+Rules can be set to fail silently without logging anything:
+::
+  sp.ini_protection.policy_silent_fail();
+  ## or write sp.ini_protection.policy_no_log(); as an alias
+Read-only settings are implemented in a way that the PHP system itself can block the setting, which is very efficient. If you do not need to log read-only violations, these can be set to silent separately:
+::
+  sp.ini_protection.policy_silent_ro();
+A global access policy can be set to either read-only or read-write. Individual entries can be set to read-only/read-write as well using ``.ro()``/``.rw()``.
+::
+  sp.ini_protection.policy_readonly();
+  sp.ini_protection.policy_readwrite();
+Individual rules are specified using ``sp.ini``. These entries can have the following attributes:
+- ``.key("...")``: mandatory ini name.
+- ``.set("...")``: set the initial value. This overrides php.ini. checks are not performed for this initial value.
+- ``.min("...")`` / ``.max("...")``: value must be an integer between .min and .max. shorthand notation (e.g. 1k = 1024) is allowed
+- ``.regexp("...")``: value must match the regular expression
+- ``.allow_null()``: allow setting a NULL-value
+- ``.msg("...")``: message is shown in logs on rule violation instead of default message
+- ``.readonly()`` / ``.ro()`` / .readwrite() / .rw(): set entry to read-only or read-write respectively. If no access keyword is provided, the entry inherits the default policy set by ``sp.ini_protection.policy_*``-rules.
+- ``.drop()``: drop request on rule violation for this entry
+- ``.simulation()``: only log rule violation for this entry
+Examples:
+::
+  sp.ini.key("display_errors").set("0").ro();
+  sp.ini.key("default_socket_timeout").min("1").max("300").rw();
+  sp.ini.key("highlight.comment").regexp("^#[0-9a-fA-F]{6}$");
+For more examples, check out the ``config`` directory.
 readonly_exec
 ^^^^^^^^^^^^^
@@ -218,14 +293,15 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m
  sp.upload_validation.script("/var/www/is_valid_php.py").enable();
-disable_xxe
+xxe_protection
 ^^^^^^^^^^^
-:ref:`disable_xxe <xxe-feature>`, enabled by default, will prevent XXE attacks by disabling the loading of external entities (``libxml_disable_entity_loader``) in the XML parser.
+:ref:`xxe_protection <xxe-feature>`, disabled by default, will prevent XXE attacks by disabling the loading of external entities (``libxml_disable_entity_loader``) in the XML parser.
 ::
-  sp.disable_xxe.enable();
+  sp.xxe_protection.enable();
+  sp.xxe_protection.disable();
 Whitelist of stream-wrappers
@@ -380,7 +456,7 @@ It's currently not possible to:
  `for now <https://github.com/jvoisin/snuffleupagus/issues/190>`__).
  This is why hooked ``print`` will be displayed as ``echo`` in the logs.
 - Hook `strlen`, since in latest PHP versions, this function is usually
-  optimized away by the compiled.
+  optimized away by the compiler.
 Examples
diff --git a/doc/source/faq.rst b/doc/source/faq.rst
index bdfc7c1..0695089 100644
--- a/doc/source/faq.rst
+++ b/doc/source/faq.rst
@@ -79,6 +79,12 @@ We chose the LGPL because we don't care that much how you're using Snuffleupagus
 but we'd like to force people to make their improvements/contributions
 available to everyone.
+The complete license text is shipped with the sources and can be found under ``LICENSE``.
+For compatibility with older PHP versions, some original PHP source code was copied or ported back to older versions.
+This source code resides in ``src/sp_php_compat.c`` and ``src/sp_php_compat.h`` and retains its original license
+`The PHP License, version 3.01 <https://www.php.net/license/3_01.txt>`_, also included with the sources as ``PHP_LICENSE``.
 What is the different between SNuffleupaugs and a (WAF) like ModSecurity?
 """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
diff --git a/slides/44con_2018.pdf b/slides/44con_2018.pdf
deleted file mode 100644
index 085e952..0000000
--- a/slides/44con_2018.pdf
+++ /dev/null
Binary files differ
diff --git a/slides/berlinsides_2017.pdf b/slides/berlinsides_2017.pdf
deleted file mode 100644
index 3358b76..0000000
--- a/slides/berlinsides_2017.pdf
+++ /dev/null
Binary files differ
diff --git a/slides/blackalps_2017.pdf b/slides/blackalps_2017.pdf
deleted file mode 100644
index a87e9ca..0000000
--- a/slides/blackalps_2017.pdf
+++ /dev/null
Binary files differ
diff --git a/slides/hacklu_2017.pdf b/slides/hacklu_2017.pdf
deleted file mode 100644
index b8976e5..0000000
--- a/slides/hacklu_2017.pdf
+++ /dev/null
Binary files differ
diff --git a/slides/passthesalt_2018.pdf b/slides/passthesalt_2018.pdf
deleted file mode 100644
index 4620ad2..0000000
--- a/slides/passthesalt_2018.pdf
+++ /dev/null
Binary files differ
diff --git a/src/Makefile.frag b/src/Makefile.frag
new file mode 100644
index 0000000..e110544
--- /dev/null
+++ b/src/Makefile.frag
@@ -0,0 +1,11 @@
+$(srcdir)/sp_config_scanner.c: $(srcdir)/sp_config_scanner.re
+        if re2c -v |grep ' 2\.' 2>/dev/null; then \
+                re2c -bc -o $@ $<; \
+                re2c --no-generation-date --no-version -bci -o $(srcdir)/sp_config_scanner.cached.c $<; \
+        else \
+                cp $(srcdir)/sp_config_scanner.cached.c $@; \
+        fi;
+.PHONY: tests
+tests:
+        $(MAKE) test NO_INTERACTION=1 SP_NODEBUG=1 SP_SKIP_OLD_PHP_CHECK=1 $(TESTS)
diff --git a/src/config.m4 b/src/config.m4
index e4cc1f5..a421c0c 100644
--- a/src/config.m4
+++ b/src/config.m4
@@ -7,6 +7,7 @@ sources="$sources sp_disabled_functions.c sp_execute.c sp_upload_validation.c"
 sources="$sources sp_cookie_encryption.c sp_network_utils.c tweetnacl.c"
 sources="$sources sp_config_keywords.c sp_var_parser.c sp_var_value.c sp_tree.c"
 sources="$sources sp_pcre_compat.c sp_crypt.c sp_session.c sp_sloppy.c sp_wrapper.c"
+sources="$sources sp_ini.c sp_php_compat.c sp_config_scanner.c sp_ifilter.c"
 PHP_ARG_ENABLE(snuffleupagus, whether to enable snuffleupagus support,
 [  --enable-snuffleupagus           Enable snuffleupagus support])
@@ -17,18 +18,24 @@ PHP_ARG_ENABLE(coverage, whether to enable coverage support,
 PHP_ARG_ENABLE(debug, whether to enable debug messages,
 [  --enable-debug           Enable debug messages], no, no)
+PHP_ARG_ENABLE(debug-stderr, whether to enable debug messages,
+[  --enable-debug-stderr           Enable debug messages], no, no)
 AC_PROG_CC_STDC()
 CFLAGS="$CFLAGS"
 CFLAGS="$CFLAGS -Wall -Wextra -Wno-unused-parameter"
 CFLAGS="$CFLAGS -Wformat=2 -Wformat-security -D_FORTIFY_SOURCE=2"
-CFLAGS="$CFLAGS -fstack-protector"
+CFLAGS="$CFLAGS -fstack-protector-strong"
 LDFLAGS="$LDFLAGS `pcre2-config --libs8`"
 if test "$PHP_DEBUG" = "yes"; then
-        AC_DEFINE(SP_DEBUG, 1, [Wether you want to enable debug messages])
+  AC_DEFINE(SP_DEBUG, 1, [Enable SP debug messages])
-      CFLAGS="$CFLAGS -g -ggdb -O0"
+  CFLAGS="$CFLAGS -g -ggdb -O0"
+  if test "$PHP_DEBUG_STDERR" = "yes"; then
+    AC_DEFINE(SP_DEBUG_STDERR, 1, [Print SP debug messages to stderr])
+  fi
 fi
 AC_CHECK_LIB(pcre, pcre_compile, AC_DEFINE(HAVE_PCRE, 1, [have pcre]))
@@ -39,3 +46,6 @@ if test "$PHP_SNUFFLEUPAGUS" = "yes"; then
   fi
   PHP_NEW_EXTENSION(snuffleupagus, $sources, $ext_shared,-DZEND_ENABLE_STATIC_TSRMLS_CACHE=1)
 fi
+# PHP_PROG_RE2C([2.0])
+PHP_ADD_MAKEFILE_FRAGMENT()
diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h
index 9ed67e6..8dc7ccb 100644
--- a/src/php_snuffleupagus.h
+++ b/src/php_snuffleupagus.h
@@ -1,9 +1,9 @@
 #ifndef PHP_SNUFFLEUPAGUS_H
 #define PHP_SNUFFLEUPAGUS_H
-#define PHP_SNUFFLEUPAGUS_VERSION "0.7.1"
+#define PHP_SNUFFLEUPAGUS_VERSION "0.8.0"
 #define PHP_SNUFFLEUPAGUS_EXTNAME "snuffleupagus"
-#define PHP_SNUFFLEUPAGUS_AUTHOR "NBS System & Julien (jvoisin) Voisin"
+#define PHP_SNUFFLEUPAGUS_AUTHOR "NBS System & Julien (jvoisin) Voisin & SektionEins GmbH"
 #define PHP_SNUFFLEUPAGUS_URL "https://github.com/jvoisin/snuffleupagus"
 #define PHP_SNUFFLEUPAGUS_COPYRIGHT "LGPLv2"
@@ -65,10 +65,12 @@ typedef void (*zif_handler)(INTERNAL_FUNCTION_PARAMETERS);
 #define SP_CONFIG_INVALID 0
 #define SP_CONFIG_NONE -1
+#include "sp_php_compat.h"
 #include "sp_pcre_compat.h"
 #include "sp_list.h"
 #include "sp_tree.h"
 #include "sp_var_parser.h"
+#include "sp_config_scanner.h"
 #include "sp_config.h"
 #include "sp_config_utils.h"
 #include "sp_config_keywords.h"
@@ -85,6 +87,8 @@ typedef void (*zif_handler)(INTERNAL_FUNCTION_PARAMETERS);
 #include "sp_session.h"
 #include "sp_sloppy.h"
 #include "sp_wrapper.h"
+#include "sp_ini.h"
+#include "sp_ifilter.h"
 extern zend_module_entry snuffleupagus_module_entry;
 #define phpext_snuffleupagus_ptr &snuffleupagus_module_entry
@@ -102,10 +106,45 @@ extern zend_module_entry snuffleupagus_module_entry;
 #endif
 ZEND_BEGIN_MODULE_GLOBALS(snuffleupagus)
-size_t in_eval;
+// sp_config config;
-sp_config config;
+// --- snuffleupagus config
-int is_config_valid;  // 1 = valid, 0 = invalid, -1 = none
+sp_config_random config_random;
+sp_config_sloppy config_sloppy;
+sp_config_unserialize config_unserialize;
+sp_config_readonly_exec config_readonly_exec;
+sp_config_upload_validation config_upload_validation;
+sp_config_cookie config_cookie;
+sp_config_auto_cookie_secure config_auto_cookie_secure;
+sp_config_global_strict config_global_strict;
+sp_config_xxe_protection config_xxe_protection;
+sp_config_eval config_eval;
+sp_config_wrapper config_wrapper;
+sp_config_session config_session;
+sp_config_ini config_ini;
+char config_log_media;
+u_long config_max_execution_depth;
+bool config_server_encode;
+bool config_server_strip;
+zend_string *config_encryption_key;
+zend_string *config_cookies_env_var;
+bool config_show_old_php_warning;
+HashTable *config_disabled_functions;
+HashTable *config_disabled_functions_hooked;
+HashTable *config_disabled_functions_ret;
+HashTable *config_disabled_functions_ret_hooked;
+sp_config_disabled_functions config_disabled_functions_reg;
+sp_config_disabled_functions config_disabled_functions_reg_ret;
+bool hook_execute;
+// --- ini options
 bool allow_broken_configuration;
+// --- runtime/state variables
+int is_config_valid;  // 1 = valid, 0 = invalid, -1 = none
+size_t in_eval;
+u_long execution_depth;
 HashTable *disabled_functions_hook;
 HashTable *sp_internal_functions_hook;
 HashTable *sp_eval_blacklist_functions_hook;
@@ -113,6 +152,8 @@ ZEND_END_MODULE_GLOBALS(snuffleupagus)
 ZEND_EXTERN_MODULE_GLOBALS(snuffleupagus)
 #define SNUFFLEUPAGUS_G(v) ZEND_MODULE_GLOBALS_ACCESSOR(snuffleupagus, v)
+#define SPG(v) SNUFFLEUPAGUS_G(v)
+#define SPCFG(v) SPG(config_##v)
 #if defined(ZTS) && defined(COMPILE_DL_SNUFFLEUPAGUS)
 ZEND_TSRMLS_CACHE_EXTERN()
diff --git a/src/snuffleupagus.c b/src/snuffleupagus.c
index 1ac04d0..ebb7f9c 100644
--- a/src/snuffleupagus.c
+++ b/src/snuffleupagus.c
@@ -4,6 +4,8 @@
 #include <glob.h>
 #endif
+#include "zend_smart_str.h"
 #include "php_snuffleupagus.h"
 #ifndef ZEND_EXT_API
@@ -30,7 +32,7 @@ static inline void sp_op_array_handler(zend_op_array *const op) {
  if (NULL == op->filename || op->fn_flags & ZEND_ACC_STRICT_TYPES) {
    return;
  } else {
-    if (true == SNUFFLEUPAGUS_G(config).config_global_strict->enable) {
+    if (SPCFG(global_strict).enable) {
      op->fn_flags |= ZEND_ACC_STRICT_TYPES;
    }
  }
@@ -38,20 +40,10 @@ static inline void sp_op_array_handler(zend_op_array *const op) {
 ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus)
-static PHP_INI_MH(StrictMode) {
-  TSRMLS_FETCH();
-  SNUFFLEUPAGUS_G(allow_broken_configuration) = false;
-  if (new_value && zend_string_equals_literal(new_value, "1")) {
-    SNUFFLEUPAGUS_G(allow_broken_configuration) = true;
-  }
-  return SUCCESS;
-}
 PHP_INI_BEGIN()
-PHP_INI_ENTRY("sp.configuration_file", "", PHP_INI_SYSTEM,
+PHP_INI_ENTRY("sp.configuration_file", "", PHP_INI_SYSTEM, OnUpdateConfiguration)
-              OnUpdateConfiguration)
+STD_PHP_INI_BOOLEAN("sp.allow_broken_configuration", "0", PHP_INI_SYSTEM, OnUpdateBool, allow_broken_configuration, zend_snuffleupagus_globals, snuffleupagus_globals)
-PHP_INI_ENTRY("sp.allow_broken_configuration", "0", PHP_INI_SYSTEM, StrictMode)
 PHP_INI_END()
 ZEND_DLEXPORT zend_extension zend_extension_entry = {
@@ -73,155 +65,170 @@ ZEND_DLEXPORT zend_extension zend_extension_entry = {
    NULL,                /* op_array_dtor_func_t */
    STANDARD_ZEND_EXTENSION_PROPERTIES};
-PHP_GINIT_FUNCTION(snuffleupagus) {
+static void sp_load_other_modules() {
+  // try to load other modules before initializing Snuffleupagus
+  zend_module_entry *module;
+  bool should_start = false;
+  ZEND_HASH_FOREACH_PTR(&module_registry, module) {
+    if (should_start) {
+      sp_log_debug("attempting to start module '%s' early", module->name);
+      if (zend_startup_module_ex(module) != SUCCESS) {
+        // startup failed. let's try again later.
+        module->module_started = 0;
+      }
+    }
+    if (strcmp(module->name, PHP_SNUFFLEUPAGUS_EXTNAME) == 0) {
+      should_start = true;
+    }
+  } ZEND_HASH_FOREACH_END();
+}
+static PHP_GINIT_FUNCTION(snuffleupagus) {
 #ifdef SP_DEBUG_STDERR
-  sp_debug_stderr = dup(STDERR_FILENO);
+  if (getenv("SP_NODEBUG")) {
+    sp_debug_stderr = -1;
+  } else {
+    sp_debug_stderr = dup(STDERR_FILENO);
+  }
 #endif
  sp_log_debug("(GINIT)");
+  sp_load_other_modules();
  snuffleupagus_globals->is_config_valid = SP_CONFIG_NONE;
  snuffleupagus_globals->in_eval = 0;
 #define SP_INIT_HT(F)                                                          \
  snuffleupagus_globals->F = pemalloc(sizeof(*(snuffleupagus_globals->F)), 1); \
-  zend_hash_init(snuffleupagus_globals->F, 10, NULL, NULL, 1);
+    zend_hash_init(snuffleupagus_globals->F, 10, NULL, NULL, 1);
  SP_INIT_HT(disabled_functions_hook);
  SP_INIT_HT(sp_internal_functions_hook);
  SP_INIT_HT(sp_eval_blacklist_functions_hook);
-  SP_INIT_HT(config.config_disabled_functions);
+  SP_INIT_HT(config_disabled_functions);
-  SP_INIT_HT(config.config_disabled_functions_hooked);
+  SP_INIT_HT(config_disabled_functions_hooked);
-  SP_INIT_HT(config.config_disabled_functions_ret);
+  SP_INIT_HT(config_disabled_functions_ret);
-  SP_INIT_HT(config.config_disabled_functions_ret_hooked);
+  SP_INIT_HT(config_disabled_functions_ret_hooked);
+  SP_INIT_HT(config_ini.entries);
 #undef SP_INIT_HT
-#define SP_INIT(F)                  \
+#define SP_INIT_NULL(F) snuffleupagus_globals->F = NULL;
-  snuffleupagus_globals->config.F = \
+  SP_INIT_NULL(config_encryption_key);
-      pecalloc(sizeof(*(snuffleupagus_globals->config.F)), 1, 1);
+  SP_INIT_NULL(config_cookies_env_var);
-  SP_INIT(config_unserialize);
+  SP_INIT_NULL(config_disabled_functions_reg.disabled_functions);
-  SP_INIT(config_random);
+  SP_INIT_NULL(config_disabled_functions_reg_ret.disabled_functions);
-  SP_INIT(config_sloppy);
+  SP_INIT_NULL(config_cookie.cookies);
-  SP_INIT(config_readonly_exec);
+  SP_INIT_NULL(config_eval.blacklist);
-  SP_INIT(config_global_strict);
+  SP_INIT_NULL(config_eval.whitelist);
-  SP_INIT(config_auto_cookie_secure);
+  SP_INIT_NULL(config_wrapper.whitelist);
-  SP_INIT(config_snuffleupagus);
-  SP_INIT(config_disable_xxe);
-  SP_INIT(config_upload_validation);
-  SP_INIT(config_disabled_functions_reg);
-  SP_INIT(config_disabled_functions_reg_ret);
-  SP_INIT(config_cookie);
-  SP_INIT(config_session);
-  SP_INIT(config_eval);
-  SP_INIT(config_wrapper);
-#undef SP_INIT
-#define SP_INIT_NULL(F) snuffleupagus_globals->config.F = NULL;
-  SP_INIT_NULL(config_disabled_functions_reg->disabled_functions);
-  SP_INIT_NULL(config_disabled_functions_reg_ret->disabled_functions);
-  SP_INIT_NULL(config_cookie->cookies);
-  SP_INIT_NULL(config_eval->blacklist);
-  SP_INIT_NULL(config_eval->whitelist);
-  SP_INIT_NULL(config_wrapper->whitelist);
 #undef SP_INIT_NULL
 }
 PHP_MINIT_FUNCTION(snuffleupagus) {
-        sp_log_debug("(MINIT)");
+  sp_log_debug("(MINIT)");
  REGISTER_INI_ENTRIES();
  return SUCCESS;
 }
-static void free_disabled_functions_hashtable(HashTable *const ht) {
+PHP_MSHUTDOWN_FUNCTION(snuffleupagus) {
+  sp_log_debug("(MSHUTDOWN)");
+  unhook_functions(SPG(sp_internal_functions_hook));
+  unhook_functions(SPG(disabled_functions_hook));
+  unhook_functions(SPG(sp_eval_blacklist_functions_hook));
+  if (SPCFG(ini).enable) { sp_unhook_ini(); }
+  UNREGISTER_INI_ENTRIES();
+  return SUCCESS;
+}
+static inline void free_disabled_functions_hashtable(HashTable *const ht) {
  void *ptr = NULL;
-  ZEND_HASH_FOREACH_PTR(ht, ptr) { sp_list_free(ptr); }
+  ZEND_HASH_FOREACH_PTR(ht, ptr) { sp_list_free(ptr, sp_free_disabled_function); }
  ZEND_HASH_FOREACH_END();
 }
-PHP_MSHUTDOWN_FUNCTION(snuffleupagus) {
+static inline void free_config_ini_entries(HashTable *const ht) {
+  void *ptr = NULL;
+  ZEND_HASH_FOREACH_PTR(ht, ptr) { sp_free_ini_entry(ptr); pefree(ptr, 1); }
+  ZEND_HASH_FOREACH_END();
+}
+static PHP_GSHUTDOWN_FUNCTION(snuffleupagus) {
+  sp_log_debug("(GSHUTDOWN)");
 #define FREE_HT(F)                       \
-  zend_hash_destroy(SNUFFLEUPAGUS_G(F)); \
+  zend_hash_destroy(snuffleupagus_globals->F); \
-  pefree(SNUFFLEUPAGUS_G(F), 1);
+  pefree(snuffleupagus_globals->F, 1);
  FREE_HT(disabled_functions_hook);
  FREE_HT(sp_eval_blacklist_functions_hook);
 #define FREE_HT_LIST(F)                                         \
-  free_disabled_functions_hashtable(SNUFFLEUPAGUS_G(config).F); \
+  free_disabled_functions_hashtable(snuffleupagus_globals->F); \
-  FREE_HT(config.F);
+  FREE_HT(F);
  FREE_HT_LIST(config_disabled_functions);
  FREE_HT_LIST(config_disabled_functions_hooked);
  FREE_HT_LIST(config_disabled_functions_ret);
  FREE_HT_LIST(config_disabled_functions_ret_hooked);
 #undef FREE_HT_LIST
-#undef FREE_HT
-#define FREE_LST_DISABLE(L)                       \
+  free_config_ini_entries(snuffleupagus_globals->config_ini.entries);
-  do {                                            \
+  FREE_HT(config_ini.entries);
-    sp_list_node *_n = SNUFFLEUPAGUS_G(config).L; \
+#undef FREE_HT
-    sp_disabled_function_list_free(_n);           \
-    sp_list_free(_n);                             \
-  } while (0)
-  FREE_LST_DISABLE(config_disabled_functions_reg->disabled_functions);
-  FREE_LST_DISABLE(config_disabled_functions_reg_ret->disabled_functions);
-#undef FREE_LST_DISABLE
-  sp_list_node *_n = SNUFFLEUPAGUS_G(config).config_cookie->cookies;
+  sp_list_free(snuffleupagus_globals->config_disabled_functions_reg.disabled_functions, sp_free_disabled_function);
-  sp_cookie_list_free(_n);
+  sp_list_free(snuffleupagus_globals->config_disabled_functions_reg_ret.disabled_functions, sp_free_disabled_function);
-  sp_list_free(_n);
+  sp_list_free(snuffleupagus_globals->config_cookie.cookies, sp_free_cookie);
-#define FREE_LST(L) sp_list_free(SNUFFLEUPAGUS_G(config).L);
+#define FREE_LST(L) sp_list_free(snuffleupagus_globals->L, sp_free_zstr);
-  FREE_LST(config_eval->blacklist);
+  FREE_LST(config_eval.blacklist);
-  FREE_LST(config_eval->whitelist);
+  FREE_LST(config_eval.whitelist);
-  FREE_LST(config_wrapper->whitelist);
+  FREE_LST(config_wrapper.whitelist);
 #undef FREE_LST
-#define FREE_CFG(C) pefree(SNUFFLEUPAGUS_G(config).C, 1);
-  FREE_CFG(config_unserialize);
-  FREE_CFG(config_random);
-  FREE_CFG(config_readonly_exec);
-  FREE_CFG(config_global_strict);
-  FREE_CFG(config_auto_cookie_secure);
-  FREE_CFG(config_snuffleupagus);
-  FREE_CFG(config_disable_xxe);
-  FREE_CFG(config_upload_validation);
-  FREE_CFG(config_session);
-  FREE_CFG(config_disabled_functions_reg);
-  FREE_CFG(config_disabled_functions_reg_ret);
-  FREE_CFG(config_cookie);
-  FREE_CFG(config_wrapper);
-#undef FREE_CFG
-  UNREGISTER_INI_ENTRIES();
+// #define FREE_CFG(C) pefree(snuffleupagus_globals->config.C, 1);
+#define FREE_CFG_ZSTR(C) sp_free_zstr(snuffleupagus_globals->C);
+  FREE_CFG_ZSTR(config_unserialize.dump);
+  FREE_CFG_ZSTR(config_unserialize.textual_representation);
+  FREE_CFG_ZSTR(config_upload_validation.script);
+  FREE_CFG_ZSTR(config_eval.dump);
+  FREE_CFG_ZSTR(config_eval.textual_representation);
+// #undef FREE_CFG
+#undef FREE_CFG_ZSTR
-  return SUCCESS;
+#ifdef SP_DEBUG_STDERR
+  if (sp_debug_stderr >= 0) {
+    close(sp_debug_stderr);
+    sp_debug_stderr = STDERR_FILENO;
+  }
+#endif
 }
 PHP_RINIT_FUNCTION(snuffleupagus) {
-  const sp_config_wrapper *const config_wrapper =
+  SPG(execution_depth) = 0;
-      SNUFFLEUPAGUS_G(config).config_wrapper;
+  SPG(in_eval) = 0;
+  const sp_config_wrapper *const config_wrapper = &(SPCFG(wrapper));
 #if defined(COMPILE_DL_SNUFFLEUPAGUS) && defined(ZTS)
  ZEND_TSRMLS_CACHE_UPDATE();
 #endif
-  if (!SNUFFLEUPAGUS_G(allow_broken_configuration)) {
+  if (!SPG(allow_broken_configuration)) {
-    if (SNUFFLEUPAGUS_G(is_config_valid) == SP_CONFIG_INVALID) {
+    if (SPG(is_config_valid) == SP_CONFIG_INVALID) {
      sp_log_err("config", "Invalid configuration file");
-    } else if (SNUFFLEUPAGUS_G(is_config_valid) == SP_CONFIG_NONE) {
+    } else if (SPG(is_config_valid) == SP_CONFIG_NONE) {
-      sp_log_warn("config",
+      sp_log_warn("config", "No configuration specificed via sp.configuration_file");
-                  "No configuration specificed via sp.configuration_file");
    }
  }
-  // We need to disable wrappers loaded by extensions loaded after
+  // We need to disable wrappers loaded by extensions loaded after SNUFFLEUPAGUS.
-  // SNUFFLEUPAGUS.
  if (config_wrapper->enabled &&
-      zend_hash_num_elements(php_stream_get_url_stream_wrappers_hash()) !=
+      zend_hash_num_elements(php_stream_get_url_stream_wrappers_hash()) != config_wrapper->num_wrapper) {
-          config_wrapper->num_wrapper) {
    sp_disable_wrapper();
  }
-  if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) {
+  if (NULL != SPCFG(encryption_key)) {
-    if (NULL != SNUFFLEUPAGUS_G(config).config_cookie->cookies) {
+    if (NULL != SPCFG(cookie).cookies) {
-      zend_hash_apply_with_arguments(
+      zend_hash_apply_with_arguments(Z_ARRVAL(PG(http_globals)[TRACK_VARS_COOKIE]), decrypt_cookie, 0);
-          Z_ARRVAL(PG(http_globals)[TRACK_VARS_COOKIE]), decrypt_cookie, 0);
    }
  }
  return SUCCESS;
@@ -231,7 +238,7 @@ PHP_RSHUTDOWN_FUNCTION(snuffleupagus) { return SUCCESS; }
 PHP_MINFO_FUNCTION(snuffleupagus) {
  const char *valid_config;
-  switch (SNUFFLEUPAGUS_G(is_config_valid)) {
+  switch (SPG(is_config_valid)) {
    case SP_CONFIG_VALID:
      valid_config = "yes";
      break;
@@ -245,22 +252,254 @@ PHP_MINFO_FUNCTION(snuffleupagus) {
  php_info_print_table_start();
  php_info_print_table_row(
      2, "snuffleupagus support",
-      SNUFFLEUPAGUS_G(is_config_valid) ? "enabled" : "disabled");
+      SPG(is_config_valid) ? "enabled" : "disabled");
-  php_info_print_table_row(2, "Version", PHP_SNUFFLEUPAGUS_VERSION);
+  php_info_print_table_row(2, "Version", PHP_SNUFFLEUPAGUS_VERSION "-sng (with Suhosin-NG patches)");
  php_info_print_table_row(2, "Valid config", valid_config);
  php_info_print_table_end();
  DISPLAY_INI_ENTRIES();
 }
-static PHP_INI_MH(OnUpdateConfiguration) {
+#define ADD_ASSOC_ZSTR(arr, key, zstr) if (zstr) { add_assoc_str(arr, key, zstr); } else { add_assoc_null(arr, key); }
-        sp_log_debug("(OnUpdateConfiguration)");
+#define ADD_ASSOC_REGEXP(arr, key, regexp) if (regexp && regexp->pattern) { add_assoc_str(arr, key, regexp->pattern); } else { add_assoc_null(arr, key); }
+static void add_df_to_arr(zval *arr, sp_disabled_function *df) {
+  zval arr_df;
+  array_init(&arr_df);
+  ADD_ASSOC_ZSTR(&arr_df, SP_TOKEN_FILENAME, df->filename);
+  ADD_ASSOC_REGEXP(&arr_df, SP_TOKEN_FILENAME_REGEXP, df->r_filename);
+  ADD_ASSOC_ZSTR(&arr_df, SP_TOKEN_FUNCTION, df->function);
+  ADD_ASSOC_REGEXP(&arr_df, SP_TOKEN_FUNCTION_REGEXP, df->r_function);
+  if (df->functions_list && df->functions_list->data) {
+    zval arr_fl;
+    array_init(&arr_fl);
+    for (sp_list_node *p = df->functions_list; p; p = p->next) { add_next_index_str(&arr_fl, p->data); }
+    add_assoc_zval(&arr_df, "function_list", &arr_fl);
+  } else {
+    add_assoc_null(&arr_df, "function_list");
+  }
+  ADD_ASSOC_ZSTR(&arr_df, SP_TOKEN_HASH, df->hash);
+  add_assoc_bool(&arr_df, SP_TOKEN_SIM, df->simulation);
+  if (df->param && df->param->value) {
+    add_assoc_string(&arr_df, SP_TOKEN_PARAM, df->param->value);
+  } else {
+    add_assoc_null(&arr_df, SP_TOKEN_PARAM);
+  }
+  ADD_ASSOC_REGEXP(&arr_df, SP_TOKEN_PARAM_REGEXP, df->r_param);
+  add_assoc_long(&arr_df, SP_TOKEN_PARAM_TYPE, df->param_type);
+  add_assoc_long(&arr_df, SP_TOKEN_VALUE_ARG_POS, df->pos);
+  add_assoc_long(&arr_df, SP_TOKEN_LINE_NUMBER, df->line);
+  ADD_ASSOC_ZSTR(&arr_df, SP_TOKEN_RET, df->ret);
+  ADD_ASSOC_REGEXP(&arr_df, SP_TOKEN_RET_REGEXP, df->r_ret);
+  ADD_ASSOC_ZSTR(&arr_df, SP_TOKEN_VALUE, df->value);
+  ADD_ASSOC_REGEXP(&arr_df, SP_TOKEN_VALUE_REGEXP, df->r_value);
+  ADD_ASSOC_ZSTR(&arr_df, SP_TOKEN_KEY, df->key);
+  ADD_ASSOC_REGEXP(&arr_df, SP_TOKEN_KEY_REGEXP, df->r_key);
+  ADD_ASSOC_ZSTR(&arr_df, SP_TOKEN_DUMP, df->dump);
+  ADD_ASSOC_ZSTR(&arr_df, SP_TOKEN_ALIAS, df->alias);
+  add_assoc_bool(&arr_df, "param_is_array", df->param_is_array);
+  add_assoc_bool(&arr_df, "var_is_array", df->var_is_array);
+  add_assoc_bool(&arr_df, "allow", df->allow);
+  // todo: properly traverse tree for .var() and .param()
+  // sp_tree *tr = df->var;
+  // for (; tr; tr = tr->next) {
+  //   sp_log_debug("tree: %s", tr->value);
+  // }
+  if (df->var && df->var->value) {
+    add_assoc_string(&arr_df, SP_TOKEN_LOCAL_VAR, df->var->value);
+  } else {
+    add_assoc_null(&arr_df, SP_TOKEN_LOCAL_VAR);
+  }
+  if (df->param && df->param->value) {
+    add_assoc_string(&arr_df, SP_TOKEN_PARAM, df->param->value);
+  } else {
+    add_assoc_null(&arr_df, SP_TOKEN_PARAM);
+  }
+  if (df->cidr) {
+    char cidrstr[INET6_ADDRSTRLEN+5];
+    if (!get_ip_str(cidrstr, sizeof(cidrstr), df->cidr)) {
+      add_assoc_null(&arr_df, SP_TOKEN_CIDR);
+    } else {
+      add_assoc_string(&arr_df, SP_TOKEN_CIDR, cidrstr);
+    }
+  } else {
+    add_assoc_null(&arr_df, SP_TOKEN_CIDR);
+  }
+  add_next_index_zval(arr, &arr_df);
+}
+static void dump_config() {
+  zval arr;
+  php_serialize_data_t var_hash;
+  smart_str buf = {0};
+  array_init(&arr);
+  add_assoc_string(&arr, "version", PHP_SNUFFLEUPAGUS_VERSION);
+  add_assoc_bool(&arr, SP_TOKEN_UNSERIALIZE_HMAC "." SP_TOKEN_ENABLE, SPCFG(unserialize).enable);
+  add_assoc_bool(&arr, SP_TOKEN_UNSERIALIZE_HMAC "." SP_TOKEN_SIM, SPCFG(unserialize).simulation);
+  ADD_ASSOC_ZSTR(&arr, SP_TOKEN_UNSERIALIZE_HMAC "." SP_TOKEN_DUMP, SPCFG(unserialize).dump);
+  add_assoc_bool(&arr, SP_TOKEN_HARDEN_RANDOM "." SP_TOKEN_ENABLE, SPCFG(random).enable);
+  add_assoc_bool(&arr, "readonly_exec.enable", SPCFG(readonly_exec).enable);
+  add_assoc_bool(&arr, "readonly_exec.sim", SPCFG(readonly_exec).simulation);
+  ADD_ASSOC_ZSTR(&arr, SP_TOKEN_READONLY_EXEC "." SP_TOKEN_DUMP, SPCFG(readonly_exec).dump);
+  add_assoc_bool(&arr, "global_strict.enable", SPCFG(global_strict).enable);
+  add_assoc_bool(&arr, "upload_validation.enable", SPCFG(upload_validation).enable);
+  add_assoc_bool(&arr, "upload_validation.sim", SPCFG(upload_validation).simulation);
+  ADD_ASSOC_ZSTR(&arr, SP_TOKEN_UPLOAD_VALIDATION "." SP_TOKEN_UPLOAD_SCRIPT, SPCFG(upload_validation).script);
+  // global
+  add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_ENCRYPTION_KEY, SPCFG(encryption_key) && ZSTR_LEN(SPCFG(encryption_key)));
+  ADD_ASSOC_ZSTR(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_ENV_VAR, SPCFG(cookies_env_var));
+  add_assoc_long(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_LOG_MEDIA, SPCFG(log_media));
+  add_assoc_long(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_MAX_EXECUTION_DEPTH, SPCFG(max_execution_depth));
+  add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_SERVER_ENCODE, SPCFG(server_encode));
+  add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_SERVER_STRIP, SPCFG(server_strip));
+  add_assoc_bool(&arr, SP_TOKEN_GLOBAL "." SP_TOKEN_SHOW_OLD_PHP_WARNING, SPCFG(show_old_php_warning));
+  add_assoc_bool(&arr, SP_TOKEN_AUTO_COOKIE_SECURE, SPCFG(auto_cookie_secure).enable);
+  add_assoc_bool(&arr, SP_TOKEN_XXE_PROTECTION, SPCFG(xxe_protection).enable);
+  add_assoc_bool(&arr, SP_TOKEN_EVAL_BLACKLIST "." SP_TOKEN_SIM, SPCFG(eval).simulation);
+  ADD_ASSOC_ZSTR(&arr, SP_TOKEN_EVAL_BLACKLIST "." SP_TOKEN_DUMP, SPCFG(eval).dump);
+#define ADD_ASSOC_SPLIST(arr, key, splist) \
+  if (splist) { \
+    zval arr_sp; \
+    array_init(&arr_sp); \
+    for (sp_list_node *p = splist; p; p = p->next) { add_next_index_str(&arr_sp, p->data); } \
+    add_assoc_zval(arr, key, &arr_sp); \
+  } else { add_assoc_null(arr, key); }
+  ADD_ASSOC_SPLIST(&arr, SP_TOKEN_EVAL_BLACKLIST "." SP_TOKEN_LIST, SPCFG(eval).blacklist);
+  ADD_ASSOC_SPLIST(&arr, SP_TOKEN_EVAL_WHITELIST "." SP_TOKEN_LIST, SPCFG(eval).whitelist)
+  add_assoc_bool(&arr, SP_TOKEN_SESSION_ENCRYPTION "." SP_TOKEN_ENCRYPT, SPCFG(session).encrypt);
+  add_assoc_bool(&arr, SP_TOKEN_SESSION_ENCRYPTION "." SP_TOKEN_SIM, SPCFG(session).simulation);
+  add_assoc_long(&arr, SP_TOKEN_SESSION_ENCRYPTION "." SP_TOKEN_SID_MIN_LENGTH, SPCFG(session).sid_min_length);
+  add_assoc_long(&arr, SP_TOKEN_SESSION_ENCRYPTION "." SP_TOKEN_SID_MAX_LENGTH, SPCFG(session).sid_max_length);
+  add_assoc_bool(&arr, SP_TOKEN_SLOPPY_COMPARISON "." SP_TOKEN_ENABLE, SPCFG(sloppy).enable);
+  ADD_ASSOC_SPLIST(&arr, SP_TOKEN_ALLOW_WRAPPERS, SPCFG(wrapper).whitelist);
+  add_assoc_bool(&arr, SP_TOKEN_INI_PROTECTION "." SP_TOKEN_ENABLE, SPCFG(ini).enable);
+  add_assoc_bool(&arr, SP_TOKEN_INI_PROTECTION "." SP_TOKEN_SIM, SPCFG(ini).simulation);
+  add_assoc_bool(&arr, SP_TOKEN_INI_PROTECTION "." "policy_ro", SPCFG(ini).policy_readonly);
+  add_assoc_bool(&arr, SP_TOKEN_INI_PROTECTION "." "policy_silent_ro", SPCFG(ini).policy_silent_ro);
+  add_assoc_bool(&arr, SP_TOKEN_INI_PROTECTION "." "policy_silent_fail", SPCFG(ini).policy_silent_fail);
+  add_assoc_bool(&arr, SP_TOKEN_INI_PROTECTION "." "policy_drop", SPCFG(ini).policy_drop);
+  if (SPCFG(ini).entries && zend_hash_num_elements(SPCFG(ini).entries) > 0) {
+    zval arr_ini;
+    array_init(&arr_ini);
+    sp_ini_entry *sp_entry;
+    ZEND_HASH_FOREACH_PTR(SPCFG(ini).entries, sp_entry)
+      zval arr_ini_entry;
+      array_init(&arr_ini_entry);
+      add_assoc_bool(&arr_ini_entry, SP_TOKEN_SIM, sp_entry->simulation);
+      ADD_ASSOC_ZSTR(&arr_ini_entry, SP_TOKEN_KEY, sp_entry->key);
+      ADD_ASSOC_ZSTR(&arr_ini_entry, "msg", sp_entry->msg);
+      ADD_ASSOC_ZSTR(&arr_ini_entry, "set", sp_entry->set);
+      ADD_ASSOC_ZSTR(&arr_ini_entry, "min", sp_entry->min);
+      ADD_ASSOC_ZSTR(&arr_ini_entry, "max", sp_entry->max);
+      add_assoc_long(&arr_ini_entry, "access", sp_entry->access);
+      add_assoc_bool(&arr_ini_entry, "drop", sp_entry->drop);
+      add_assoc_bool(&arr_ini_entry, "allow_null", sp_entry->allow_null);
+      ADD_ASSOC_REGEXP(&arr_ini_entry, "regexp", sp_entry->regexp);
+      add_next_index_zval(&arr_ini, &arr_ini_entry);
+    ZEND_HASH_FOREACH_END();
+    add_assoc_zval(&arr, SP_TOKEN_INI, &arr_ini);
+  } else {
+    add_assoc_null(&arr, SP_TOKEN_INI);
+  }
+  if (SPCFG(cookie).cookies && SPCFG(cookie).cookies->data) {
+    zval arr_cookies;
+    array_init(&arr_cookies);
+    sp_cookie *cookie;
+    sp_list_node *p = SPCFG(cookie).cookies;
+    for (; p; p = p->next) {
+      zval arr_cookie;
+      array_init(&arr_cookie);
+      cookie = (sp_cookie*)p->data;
+      add_assoc_long(&arr_cookie, SP_TOKEN_SAMESITE, cookie->samesite);
+      add_assoc_bool(&arr_cookie, SP_TOKEN_ENCRYPT, cookie->encrypt);
+      ADD_ASSOC_ZSTR(&arr_cookie, SP_TOKEN_NAME, cookie->name);
+      ADD_ASSOC_REGEXP(&arr_cookie, SP_TOKEN_NAME_REGEXP, cookie->name_r);
+      add_assoc_bool(&arr_cookie, SP_TOKEN_SIM, cookie->simulation);
+      add_next_index_zval(&arr_cookies, &arr_cookie);
+    }
+    add_assoc_zval(&arr, SP_TOKEN_COOKIE_ENCRYPTION, &arr_cookies);
+  } else {
+    add_assoc_null(&arr, SP_TOKEN_COOKIE_ENCRYPTION);
+  }
+  // disabled_functions
+  zval arr_dfs;
+  array_init(&arr_dfs);
+  size_t num_df = 0;
+  sp_list_node *dflist, *dfp;
+  ZEND_HASH_FOREACH_PTR(SPCFG(disabled_functions), dflist)
+    for (dfp = dflist; dfp; dfp = dfp->next) {
+      add_df_to_arr(&arr_dfs, dfp->data);
+      num_df++;
+    }
+  ZEND_HASH_FOREACH_END();
+  ZEND_HASH_FOREACH_PTR(SPCFG(disabled_functions_ret), dflist)
+    for (dfp = dflist; dfp; dfp = dfp->next) {
+      add_df_to_arr(&arr_dfs, dfp->data);
+      num_df++;
+    }
+  ZEND_HASH_FOREACH_END();
+  for (dfp = SPCFG(disabled_functions_reg).disabled_functions; dfp; dfp = dfp->next) {
+    add_df_to_arr(&arr_dfs, dfp->data);
+    num_df++;
+  }
+  for (dfp = SPCFG(disabled_functions_reg_ret).disabled_functions; dfp; dfp = dfp->next) {
+    add_df_to_arr(&arr_dfs, dfp->data);
+    num_df++;
+  }
+  if (num_df) {
+    add_assoc_zval(&arr, SP_TOKEN_DISABLE_FUNC, &arr_dfs);
+  } else {
+    add_assoc_null(&arr, SP_TOKEN_DISABLE_FUNC);
+  }
+  // serialize and print array
+  PHP_VAR_SERIALIZE_INIT(var_hash);
+  php_var_serialize(&buf, &arr, &var_hash);
+  PHP_VAR_SERIALIZE_DESTROY(var_hash);
+  printf("%s", ZSTR_VAL(buf.s));
+  sp_log_debug("--");
+  smart_str_free(&buf);
+}
+static PHP_INI_MH(OnUpdateConfiguration) {
  TSRMLS_FETCH();
  if (!new_value || !new_value->len) {
    return FAILURE;
  }
+  // set some defaults
+  SPCFG(show_old_php_warning) = true;
  char *str = new_value->val;
  while (1) {
@@ -270,14 +509,14 @@ static PHP_INI_MH(OnUpdateConfiguration) {
    glob_t globbuf;
    if (0 != glob(config_file, GLOB_NOCHECK, NULL, &globbuf)) {
-      SNUFFLEUPAGUS_G(is_config_valid) = SP_CONFIG_INVALID;
+      SPG(is_config_valid) = SP_CONFIG_INVALID;
      globfree(&globbuf);
      return FAILURE;
    }
    for (size_t i = 0; globbuf.gl_pathv[i]; i++) {
      if (sp_parse_config(globbuf.gl_pathv[i]) != SUCCESS) {
-        SNUFFLEUPAGUS_G(is_config_valid) = SP_CONFIG_INVALID;
+        SPG(is_config_valid) = SP_CONFIG_INVALID;
        globfree(&globbuf);
        return FAILURE;
      }
@@ -285,43 +524,62 @@ static PHP_INI_MH(OnUpdateConfiguration) {
    globfree(&globbuf);
  }
-  SNUFFLEUPAGUS_G(is_config_valid) = SP_CONFIG_VALID;
+  SPG(is_config_valid) = SP_CONFIG_VALID;
+  // dump config
+  sp_log_debug("module name? %s", sapi_module.name);
+  if (getenv("SP_DUMP_CONFIG")) {
+    sp_log_debug("env? %s", getenv("SP_DUMP_CONFIG"));
+  }
+  if (strcmp(sapi_module.name, "cli") == 0 && getenv("SP_DUMP_CONFIG")) {
+    dump_config();
+    return SUCCESS;
+  }
-  if ((SNUFFLEUPAGUS_G(config).config_sloppy->enable)) {
+  // start hooks
+  if (SPCFG(sloppy).enable) {
    hook_sloppy();
  }
-  if (SNUFFLEUPAGUS_G(config).config_random->enable) {
+  if (SPCFG(random).enable) {
    hook_rand();
  }
-  if (SNUFFLEUPAGUS_G(config).config_upload_validation->enable) {
+  if (SPCFG(upload_validation).enable) {
    hook_upload();
  }
-  if (SNUFFLEUPAGUS_G(config).config_disable_xxe->enable == 0) {
+  if (SPCFG(xxe_protection).enable) {
    hook_libxml_disable_entity_loader();
  }
-  if (SNUFFLEUPAGUS_G(config).config_wrapper->enabled) {
+  if (SPCFG(wrapper).enabled) {
    hook_stream_wrappers();
  }
-  if (SNUFFLEUPAGUS_G(config).config_session->encrypt) {
+  if (SPCFG(session).encrypt || SPCFG(session).sid_min_length || SPCFG(session).sid_max_length) {
    hook_session();
  }
-  if (NULL != SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key) {
+  if (NULL != SPCFG(encryption_key)) {
-    if (SNUFFLEUPAGUS_G(config).config_unserialize->enable) {
+    if (SPCFG(unserialize).enable) {
      hook_serialize();
    }
  }
-  hook_disabled_functions();
  hook_execute();
  hook_cookies();
-  if (true == SNUFFLEUPAGUS_G(config).config_global_strict->enable) {
+  if (SPCFG(ini).enable) {
+    sp_hook_ini();
+  }
+  sp_hook_register_server_variables();
+  if (SPCFG(global_strict).enable) {
    if (!zend_get_extension(PHP_SNUFFLEUPAGUS_EXTNAME)) {
      zend_extension_entry.startup = NULL;
      zend_register_extension(&zend_extension_entry, NULL);
@@ -330,28 +588,31 @@ static PHP_INI_MH(OnUpdateConfiguration) {
    CG(compiler_options) |= ZEND_COMPILE_HANDLE_OP_ARRAY;
  }
+  hook_disabled_functions();
  // If `zend_write_default` is not NULL it is already hooked.
-  if ((zend_hash_str_find(
+  if ((zend_hash_str_find(SPCFG(disabled_functions_hooked), ZEND_STRL("echo")) ||
-           SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked, "echo",
+       zend_hash_str_find(SPCFG(disabled_functions_ret_hooked), ZEND_STRL("echo"))) &&
-           sizeof("echo") - 1) ||
-       zend_hash_str_find(
-           SNUFFLEUPAGUS_G(config).config_disabled_functions_ret_hooked, "echo",
-           sizeof("echo") - 1)) &&
      NULL == zend_write_default && zend_write != hook_echo) {
    zend_write_default = zend_write;
    zend_write = hook_echo;
  }
-  SNUFFLEUPAGUS_G(config).hook_execute =
+  SPG(hook_execute) = SPCFG(max_execution_depth) > 0 ||
-      SNUFFLEUPAGUS_G(config)
+    SPCFG(disabled_functions_reg).disabled_functions ||
-          .config_disabled_functions_reg->disabled_functions ||
+    SPCFG(disabled_functions_reg_ret).disabled_functions ||
-      SNUFFLEUPAGUS_G(config)
+    (SPCFG(disabled_functions) && zend_hash_num_elements(SPCFG(disabled_functions))) ||
-          .config_disabled_functions_reg_ret->disabled_functions ||
+    (SPCFG(disabled_functions_ret) && zend_hash_num_elements(SPCFG(disabled_functions_ret)));
-      zend_hash_num_elements(
-          SNUFFLEUPAGUS_G(config).config_disabled_functions) ||
-      zend_hash_num_elements(
-          SNUFFLEUPAGUS_G(config).config_disabled_functions_ret);
+  if (SPCFG(show_old_php_warning) && getenv("SP_SKIP_OLD_PHP_CHECK") == NULL) {
+    time_t ts = time(NULL);
+    if ((PHP_VERSION_ID < 70300) ||
+        (PHP_VERSION_ID < 70400 && ts >= (time_t)1638745200L) ||
+        (PHP_VERSION_ID < 80000 && ts >= (time_t)1669590000L) ||
+        (PHP_VERSION_ID < 80100 && ts >= (time_t)1700953200L)) {
+      sp_log_warn("End-of-Life Check", "Your PHP version '" PHP_VERSION "' is not officially mainained anymore. Please upgrade as soon as possible. - Note: This message can be switched off by setting 'sp.global.show_old_php_warning.disable();' in your rules file or by setting the environment variable SP_SKIP_OLD_PHP_CHECK=1.");
+    }
+  }
  return SUCCESS;
 }
@@ -369,7 +630,7 @@ zend_module_entry snuffleupagus_module_entry = {
    PHP_SNUFFLEUPAGUS_VERSION,
    PHP_MODULE_GLOBALS(snuffleupagus),
    PHP_GINIT(snuffleupagus),
-    NULL,
+    PHP_GSHUTDOWN(snuffleupagus),
    NULL,
    STANDARD_MODULE_PROPERTIES_EX};
diff --git a/src/sp_config.c b/src/sp_config.c
index c12b435..7294b0e 100644
--- a/src/sp_config.c
+++ b/src/sp_config.c
@@ -4,248 +4,302 @@
 #include "php_snuffleupagus.h"
-size_t sp_line_no;
-static sp_config_tokens const sp_func[] = {
+static zend_result sp_process_config_root(sp_parsed_keyword *parsed_rule) {
-    {.func = parse_unserialize, .token = SP_TOKEN_UNSERIALIZE_HMAC},
+  sp_config_keyword sp_func[] = {
-    {.func = parse_random, .token = SP_TOKEN_HARDEN_RANDOM},
+    {parse_unserialize,         SP_TOKEN_UNSERIALIZE_HMAC, &(SPCFG(unserialize))},
-    {.func = parse_log_media, .token = SP_TOKEN_LOG_MEDIA},
+    {parse_enable,              SP_TOKEN_HARDEN_RANDOM, &(SPCFG(random).enable)},
-    {.func = parse_disabled_functions, .token = SP_TOKEN_DISABLE_FUNC},
+    {parse_log_media,           SP_TOKEN_LOG_MEDIA, &(SPCFG(log_media))},
-    {.func = parse_readonly_exec, .token = SP_TOKEN_READONLY_EXEC},
+    {parse_disabled_functions,  SP_TOKEN_DISABLE_FUNC, NULL},
-    {.func = parse_global_strict, .token = SP_TOKEN_GLOBAL_STRICT},
+    {parse_readonly_exec,       SP_TOKEN_READONLY_EXEC, &(SPCFG(readonly_exec))},
-    {.func = parse_upload_validation, .token = SP_TOKEN_UPLOAD_VALIDATION},
+    {parse_enable,              SP_TOKEN_GLOBAL_STRICT, &(SPCFG(global_strict).enable)},
-    {.func = parse_cookie, .token = SP_TOKEN_COOKIE_ENCRYPTION},
+    {parse_upload_validation,   SP_TOKEN_UPLOAD_VALIDATION, &(SPCFG(upload_validation))},
-    {.func = parse_global, .token = SP_TOKEN_GLOBAL},
+    {parse_cookie,              SP_TOKEN_COOKIE_ENCRYPTION, NULL},
-    {.func = parse_auto_cookie_secure, .token = SP_TOKEN_AUTO_COOKIE_SECURE},
+    {parse_global,              SP_TOKEN_GLOBAL, NULL},
-    {.func = parse_disable_xxe, .token = SP_TOKEN_DISABLE_XXE},
+    {parse_enable,              SP_TOKEN_AUTO_COOKIE_SECURE, &(SPCFG(auto_cookie_secure).enable)},
-    {.func = parse_eval_blacklist, .token = SP_TOKEN_EVAL_BLACKLIST},
+    {parse_enable,              SP_TOKEN_XXE_PROTECTION, &(SPCFG(xxe_protection).enable)},
-    {.func = parse_eval_whitelist, .token = SP_TOKEN_EVAL_WHITELIST},
+    {parse_eval_filter_conf,    SP_TOKEN_EVAL_BLACKLIST, &(SPCFG(eval).blacklist)},
-    {.func = parse_session, .token = SP_TOKEN_SESSION_ENCRYPTION},
+    {parse_eval_filter_conf,    SP_TOKEN_EVAL_WHITELIST, &(SPCFG(eval).whitelist)},
-    {.func = parse_sloppy_comparison, .token = SP_TOKEN_SLOPPY_COMPARISON},
+    {parse_session,             SP_TOKEN_SESSION_ENCRYPTION, &(SPCFG(session))},
-    {.func = parse_wrapper_whitelist, .token = SP_TOKEN_ALLOW_WRAPPERS},
+    {parse_enable,              SP_TOKEN_SLOPPY_COMPARISON, &(SPCFG(sloppy).enable)},
-    {NULL, NULL}};
+    {parse_wrapper_whitelist,   SP_TOKEN_ALLOW_WRAPPERS, &(SPCFG(wrapper))},
+    {parse_ini_protection,      SP_TOKEN_INI_PROTECTION, &(SPCFG(ini))},
+    {parse_ini_entry,           SP_TOKEN_INI, NULL},
+    {NULL, NULL, NULL}};
+  return sp_process_rule(parsed_rule, sp_func);
+}
-/* Top level keyword parsing */
+zend_result sp_parse_config(const char *filename) {
+  FILE *fd = fopen(filename, "rb");
+  if (fd == NULL) {
+    sp_log_err("config", "Could not open configuration file %s : %s", filename, strerror(errno));
+    return FAILURE;
+  }
-static int parse_line(char *line) {
+  size_t step = 8192;
-  char *ptr = line;
+  size_t max_len = step, len = 0;
+  zend_string *data = zend_string_alloc(max_len, 0);
+  char *ptr = ZSTR_VAL(data);
-  while (*ptr == ' ' || *ptr == '\t') {
+  size_t bytes;
-    ++ptr;
+  while ((bytes = fread(ptr, 1, max_len - len, fd))) {
+    len += bytes;
+    if (max_len - len <= 0) {
+      max_len += step;
+      data = zend_string_extend(data, max_len, 0);
+      ptr = ZSTR_VAL(data) + len;
+    } else {
+      ptr += bytes;
+    }
  }
+  fclose(fd);
-  if (!*ptr || *ptr == '#' || *ptr == ';') {
+  data = zend_string_truncate(data, len, 0);
-    return 0;
+  ZSTR_VAL(data)[len] = 0;
-  }
-  if (strncmp(ptr, SP_TOKEN_BASE, strlen(SP_TOKEN_BASE))) {
+  int ret = sp_config_scan(ZSTR_VAL(data), sp_process_config_root);
-    sp_log_err("config", "Invalid configuration prefix for '%s' on line %zu",
-               line, sp_line_no);
-    return -1;
-  }
-  ptr += strlen(SP_TOKEN_BASE);
-  for (size_t i = 0; sp_func[i].func; i++) {
+  zend_string_release_ex(data, 0);
-    if (!strncmp(sp_func[i].token, ptr, strlen(sp_func[i].token))) {
-      return sp_func[i].func(ptr + strlen(sp_func[i].token));
+  return ret;
+}
+zend_result sp_process_rule(sp_parsed_keyword *parsed_rule, sp_config_keyword *config_keywords) {
+  for (sp_parsed_keyword *kw = parsed_rule; kw->kw; kw++) {
+    bool found_kw = false;
+    for (sp_config_keyword *ckw = config_keywords; ckw->func; ckw++) {
+      if (kw->kwlen == strlen(ckw->token) && !strncmp(kw->kw, ckw->token, kw->kwlen)) {
+        if (ckw->func) {
+          int ret = ckw->func(ckw->token, kw, ckw->retval);
+          switch (ret) {
+            case SP_PARSER_SUCCESS:
+              break;
+            case SP_PARSER_ERROR:
+              return FAILURE;
+            case SP_PARSER_STOP:
+              return SUCCESS;
+          }
+        }
+        found_kw = true;
+        break;
+      }
+    }
+    if (!found_kw) {
+      zend_string *kwname = zend_string_init(kw->kw, kw->kwlen, 0);
+      sp_log_err("config", "Unexpected keyword '%s' on line %d", ZSTR_VAL(kwname), kw->lineno);
+      zend_string_release_ex(kwname, 0);
+      return FAILURE;
    }
  }
-  sp_log_err("config", "Invalid configuration section '%s' on line %zu", line,
+  return SUCCESS;
-             sp_line_no);
-  return -1;
 }
-/* keyword parsing */
+#define CHECK_DUPLICATE_KEYWORD(retval) \
-int parse_empty(char *restrict line, char *restrict keyword, void *retval) {
+  if (*(void**)(retval)) { \
+    sp_log_err("config", "duplicate keyword '%s' on line %zu", token, kw->lineno); \
+    return SP_PARSER_ERROR; }
+SP_PARSEKW_FN(parse_empty) {
+  if (kw->arglen) {
+    sp_log_err("config", "Unexpected argument for keyword '%s' - it should be '%s()' on line %zu", token, token, kw->lineno);
+    return SP_PARSER_ERROR;
+  }
+  if (kw->argtype != SP_ARGTYPE_EMPTY) {
+    sp_log_err("config", "Missing paranthesis for keyword '%s' - it should be '%s()' on line %zu", token, token, kw->lineno);
+    return SP_PARSER_ERROR;
+  }
  *(bool *)retval = true;
-  return 0;
+  return SP_PARSER_SUCCESS;
 }
-int parse_list(char *restrict line, char *restrict keyword, void *list_ptr) {
+SP_PARSEKW_FN(parse_list) {
-  zend_string *value = NULL;
+  CHECK_DUPLICATE_KEYWORD(retval);
-  sp_list_node **list = list_ptr;
-  char *token, *tmp;
-  size_t consumed = 0;
+  sp_list_node **list = retval;
-  value = get_param(&consumed, line, SP_TYPE_STR, keyword);
+  char *tok, *tmp;
-  if (!value) {
-    return -1;
+  SP_PARSE_ARG(value);
-  }
  tmp = ZSTR_VAL(value);
  while (1) {
-    token = strsep(&tmp, ",");
+    tok = strsep(&tmp, ",");
-    if (token == NULL) {
+    if (tok == NULL) {
      break;
    }
-    *list = sp_list_insert(*list, zend_string_init(token, strlen(token), 1));
+    *list = sp_list_insert(*list, zend_string_init(tok, strlen(tok), 1));
  }
+  zend_string_release(value);
-  pefree(value, 1);
+  return SP_PARSER_SUCCESS;
-  return consumed;
 }
-int parse_php_type(char *restrict line, char *restrict keyword, void *retval) {
+SP_PARSEKW_FN(parse_php_type) {
-  size_t consumed = 0;
+  SP_PARSE_ARG(value);
-  zend_string *value = get_param(&consumed, line, SP_TYPE_STR, keyword);
-  if (value) {
+  if (zend_string_equals_literal_ci(value, "undef")) {
-    if (zend_string_equals_literal_ci(value, "undef")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_UNDEF;
-      *(sp_php_type *)retval = SP_PHP_TYPE_UNDEF;
+  } else if (zend_string_equals_literal_ci(value, "null")) {
-    } else if (zend_string_equals_literal_ci(value, "null")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_NULL;
-      *(sp_php_type *)retval = SP_PHP_TYPE_NULL;
+  } else if (zend_string_equals_literal_ci(value, "true")) {
-    } else if (zend_string_equals_literal_ci(value, "true")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_TRUE;
-      *(sp_php_type *)retval = SP_PHP_TYPE_TRUE;
+  } else if (zend_string_equals_literal_ci(value, "false")) {
-    } else if (zend_string_equals_literal_ci(value, "false")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_FALSE;
-      *(sp_php_type *)retval = SP_PHP_TYPE_FALSE;
+  } else if (zend_string_equals_literal_ci(value, "long")) {
-    } else if (zend_string_equals_literal_ci(value, "long")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_LONG;
-      *(sp_php_type *)retval = SP_PHP_TYPE_LONG;
+  } else if (zend_string_equals_literal_ci(value, "double")) {
-    } else if (zend_string_equals_literal_ci(value, "double")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_DOUBLE;
-      *(sp_php_type *)retval = SP_PHP_TYPE_DOUBLE;
+  } else if (zend_string_equals_literal_ci(value, "string")) {
-    } else if (zend_string_equals_literal_ci(value, "string")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_STRING;
-      *(sp_php_type *)retval = SP_PHP_TYPE_STRING;
+  } else if (zend_string_equals_literal_ci(value, "array")) {
-    } else if (zend_string_equals_literal_ci(value, "array")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_ARRAY;
-      *(sp_php_type *)retval = SP_PHP_TYPE_ARRAY;
+  } else if (zend_string_equals_literal_ci(value, "object")) {
-    } else if (zend_string_equals_literal_ci(value, "object")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_OBJECT;
-      *(sp_php_type *)retval = SP_PHP_TYPE_OBJECT;
+  } else if (zend_string_equals_literal_ci(value, "resource")) {
-    } else if (zend_string_equals_literal_ci(value, "resource")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_RESOURCE;
-      *(sp_php_type *)retval = SP_PHP_TYPE_RESOURCE;
+  } else if (zend_string_equals_literal_ci(value, "reference")) {
-    } else if (zend_string_equals_literal_ci(value, "reference")) {
+    *(sp_php_type *)retval = SP_PHP_TYPE_REFERENCE;
-      *(sp_php_type *)retval = SP_PHP_TYPE_REFERENCE;
-    } else {
-      pefree(value, 1);
-      sp_log_err("error",
-                 "%s) is expecting a valid php type ('false', 'true',"
-                 " 'array'. 'object', 'long', 'double', 'null', 'resource', "
-                 "'reference', 'undef') on line %zu",
-                 keyword, sp_line_no);
-      return -1;
-    }
-    pefree(value, 1);
-    return consumed;
  } else {
-    return -1;
+    zend_string_release(value);
+    sp_log_err("error", ".%s() is expecting a valid php type ('false', 'true',"
+                " 'array'. 'object', 'long', 'double', 'null', 'resource', "
+                "'reference', 'undef') on line %zu", token, kw->lineno);
+    return SP_PARSER_ERROR;
  }
+  zend_string_release(value);
+  return SP_PARSER_SUCCESS;
 }
-int parse_str(char *restrict line, char *restrict keyword, void *retval) {
-  zend_string *value = NULL;
-  size_t consumed = 0;
+SP_PARSEKW_FN(parse_str) {
-  value = get_param(&consumed, line, SP_TYPE_STR, keyword);
+  CHECK_DUPLICATE_KEYWORD(retval);
-  if (value) {
+  SP_PARSE_ARG(value);
-    *(zend_string **)retval = value;
-    return consumed;
+  *(zend_string **)retval = value;
-  }
-  return -1;
+  return SP_PARSER_SUCCESS;
 }
-int parse_cidr(char *restrict line, char *restrict keyword, void *retval) {
+SP_PARSEKW_FN(parse_int) {
-  size_t consumed = 0;
+  int ret = SP_PARSER_SUCCESS;
-  zend_string *value = get_param(&consumed, line, SP_TYPE_STR, keyword);
+  SP_PARSE_ARG(value);
-  sp_cidr *cidr = pecalloc(sizeof(sp_cidr), 1, 1);
-  if (value) {
+  char *endptr;
-    if (-1 == get_ip_and_cidr(ZSTR_VAL(value), cidr)) {
+  errno = 0;
-      return -1;
+  *(int*)retval = (int)strtoimax(ZSTR_VAL(value), &endptr, 10);
-    }
+  if (errno != 0 || !endptr || endptr == ZSTR_VAL(value)) {
-    *(sp_cidr **)retval = cidr;
+    sp_log_err("config", "Failed to parse arg '%s' of `%s` on line %zu", ZSTR_VAL(value), token, kw->lineno);
-    return consumed;
+    ret = SP_PARSER_ERROR;
-  } else {
-    sp_log_err("config", "%s doesn't contain a valid cidr on line %zu", line,
-               sp_line_no);
-    return -1;
  }
+  zend_string_release(value);
+  return ret;
 }
-int parse_regexp(char *restrict line, char *restrict keyword, void *retval) {
+SP_PARSEKW_FN(parse_ulong) {
-  /* TODO: Do we want to use pcre_study?
+  int ret = SP_PARSER_SUCCESS;
-   * (http://www.pcre.org/original/doc/html/pcre_study.html)
+  SP_PARSE_ARG(value);
-   * maybe not: http://sljit.sourceforge.net/pcre.html*/
-  size_t consumed = 0;
-  zend_string *value = get_param(&consumed, line, SP_TYPE_STR, keyword);
-  if (value) {
+  char *endptr;
-    sp_pcre *compiled_re = sp_pcre_compile(ZSTR_VAL(value));
+  errno = 0;
-    if (NULL != compiled_re) {
+  *(u_long*)retval = (u_long)strtoul(ZSTR_VAL(value), &endptr, 10);
-      *(sp_pcre **)retval = compiled_re;
+  if (errno != 0 || !endptr || endptr == ZSTR_VAL(value)) {
-      return consumed;
+    sp_log_err("config", "Failed to parse arg '%s' of `%s` on line %zu", ZSTR_VAL(value), token, kw->lineno);
-    }
+    ret = SP_PARSER_ERROR;
  }
-  char *closing_paren = strchr(line, ')');
+  zend_string_release(value);
-  if (NULL != closing_paren) {
+  return ret;
-    closing_paren[0] = '\0';
-  }
-  sp_log_err("config",
-             "'%s)' is expecting a valid regexp, and not '%s' on line %zu",
-             keyword, line, sp_line_no);
-  return -1;
 }
-int sp_parse_config(const char *conf_file) {
+SP_PARSEKW_FN(parse_cidr) {
-  FILE *fd = fopen(conf_file, "r");
+  CHECK_DUPLICATE_KEYWORD(retval);
-  char *lineptr = NULL;
+  SP_PARSE_ARG(value);
-  size_t n = 0;
-  sp_line_no = 1;
-  if (fd == NULL) {
+  sp_cidr *cidr = pecalloc(sizeof(sp_cidr), 1, 1);
-    sp_log_err("config", "Could not open configuration file %s : %s", conf_file,
-               strerror(errno));
+  if (0 != get_ip_and_cidr(ZSTR_VAL(value), cidr)) {
-    return FAILURE;
+    pefree(cidr, 1);
+    cidr = NULL;
  }
-  while (getline(&lineptr, &n, fd) > 0) {
+  *(sp_cidr **)retval = cidr;
-    /* We trash the terminal `\n`. This simplify the display of logs. */
+  return cidr ? SP_PARSER_SUCCESS : SP_PARSER_ERROR;
-    if (lineptr[strlen(lineptr) - 1] == '\n') {
+}
-      if (strlen(lineptr) >= 2 && lineptr[strlen(lineptr) - 2] == '\r') {
-        lineptr[strlen(lineptr) - 2] = '\0';
+SP_PARSEKW_FN(parse_regexp) {
-      } else {
+  CHECK_DUPLICATE_KEYWORD(retval);
-        lineptr[strlen(lineptr) - 1] = '\0';
+  SP_PARSE_ARG(value);
-      }
-    }
+  sp_regexp *compiled_re = sp_regexp_compile(value);
-    if (parse_line(lineptr) == -1) {
+  if (!compiled_re) {
-      fclose(fd);
+    sp_log_err("config", "Invalid regexp '%s' for '.%s()' on line %zu", ZSTR_VAL(value), token, kw->lineno);
-      free(lineptr);
+    zend_string_release_ex(value, 1);
-      return FAILURE;
+    return SP_PARSER_ERROR;
-    }
-    free(lineptr);
-    lineptr = NULL;
-    n = 0;
-    sp_line_no++;
  }
-  fclose(fd);
-  return SUCCESS;
+  *(sp_regexp **)retval = compiled_re;
+  return SP_PARSER_SUCCESS;
 }
-void sp_disabled_function_list_free(sp_list_node *list) {
+void sp_free_disabled_function(void *data) {
-  sp_list_node *cursor = list;
+  sp_disabled_function *df = data;
-  while (cursor) {
-    sp_disabled_function *df = cursor->data;
-    if (df) {
-      sp_list_free(df->functions_list);
-      sp_list_free(df->param_array_keys);
-      sp_list_free(df->var_array_keys);
-      sp_pcre_free(df->r_filename);
+  sp_free_zstr(df->textual_representation);
-      sp_pcre_free(df->r_function);
-      sp_pcre_free(df->r_param);
-      sp_pcre_free(df->r_ret);
-      sp_pcre_free(df->r_value);
-      sp_pcre_free(df->r_key);
-      sp_tree_free(df->param);
+  sp_free_zstr(df->filename);
-      sp_tree_free(df->var);
+  sp_regexp_free(df->r_filename);
-    }
-    cursor = cursor->next;
+  sp_free_zstr(df->function);
-  }
+  sp_regexp_free(df->r_function);
+  sp_list_free(df->functions_list, free);
+  sp_free_zstr(df->hash);
+  sp_tree_free(df->param);
+  sp_regexp_free(df->r_param);
+  sp_regexp_free(df->r_ret);
+  sp_free_zstr(df->ret);
+  sp_regexp_free(df->r_value);
+  sp_free_zstr(df->value);
+  sp_regexp_free(df->r_key);
+  sp_free_zstr(df->key);
+  sp_free_zstr(df->dump);
+  sp_free_zstr(df->alias);
+  // sp_list_free(df->param_array_keys);
+  // sp_list_free(df->var_array_keys);
+  sp_tree_free(df->var);
+  pefree(df->cidr, 1);
 }
-void sp_cookie_list_free(sp_list_node *list) {
+void sp_free_cookie(void *data) {
-  sp_list_node *cursor = list;
+  sp_cookie *c = data;
-  while (cursor) {
+  if (c->name)
-    sp_cookie *c = cursor->data;
+    zend_string_release_ex(c->name, 1);
-    if (c) {
+  sp_regexp_free(c->name_r);
-      sp_pcre_free(c->name_r);
+}
-    }
-    cursor = cursor->next;
+void sp_free_zstr(void *data) {
+  if (data) {
+    zend_string_release_ex((zend_string*)data, 1);
  }
 }
+void sp_free_ini_entry(void *data) {
+  sp_ini_entry *entry = data;
+  sp_free_zstr(entry->key);
+  sp_free_zstr(entry->min);
+  sp_free_zstr(entry->max);
+  sp_regexp_free(entry->regexp);
+  sp_free_zstr(entry->msg);
+  sp_free_zstr(entry->set);
+}
diff --git a/src/sp_config.h b/src/sp_config.h
index e7b1473..6d48240 100644
--- a/src/sp_config.h
+++ b/src/sp_config.h
@@ -5,15 +5,6 @@
 #include <netinet/in.h>
 #include <sys/socket.h>
-extern size_t sp_line_no;
-typedef enum {
-  SP_TYPE_STR = 0,
-  SP_TYPE_REGEXP,
-  SP_TYPE_INT,
-  SP_TYPE_EMPTY
-} sp_type;
 typedef enum {
  SP_PHP_TYPE_UNDEF = IS_UNDEF,
  SP_PHP_TYPE_NULL = IS_NULL,
@@ -30,6 +21,8 @@ typedef enum {
 typedef enum { SP_ZEND = 0, SP_SYSLOG = 1 } sp_log_media;
+typedef enum { SP_UNSET = 0, SP_READONLY = 1, SP_READWRITE = -1 } sp_ini_permission;
 typedef struct {
  int ip_version;
  union {
@@ -40,11 +33,6 @@ typedef struct {
 } sp_cidr;
 typedef struct {
-  zend_string *encryption_key;
-  zend_string *cookies_env_var;
-} sp_config_global;
-typedef struct {
  bool enable;
  bool simulation;
  zend_string *dump;
@@ -69,13 +57,13 @@ typedef struct {
 typedef struct {
  bool enable;
-} sp_config_disable_xxe;
+} sp_config_xxe_protection;
 typedef struct {
  enum samesite_type { strict = 1, lax = 2 } samesite;
  bool encrypt;
  zend_string *name;
-  sp_pcre *name_r;
+  sp_regexp *name_r;
  bool simulation;
 } sp_cookie;
@@ -88,6 +76,8 @@ typedef struct {
 typedef struct {
  bool encrypt;
  bool simulation;
+  u_long sid_min_length;
+  u_long sid_max_length;
 } sp_config_session;
 typedef struct {
@@ -101,37 +91,37 @@ typedef struct {
  zend_string *textual_representation;
  zend_string *filename;
-  sp_pcre *r_filename;
+  sp_regexp *r_filename;
  zend_string *function;
-  sp_pcre *r_function;
+  sp_regexp *r_function;
  sp_list_node *functions_list;
  zend_string *hash;
  int simulation;
  sp_tree *param;
-  sp_pcre *r_param;
+  sp_regexp *r_param;
  sp_php_type param_type;
  int pos;
  unsigned int line;
-  sp_pcre *r_ret;
+  sp_regexp *r_ret;
  zend_string *ret;
  sp_php_type ret_type;
-  sp_pcre *r_value;
+  sp_regexp *r_value;
  zend_string *value;
-  sp_pcre *r_key;
+  sp_regexp *r_key;
  zend_string *key;
  zend_string *dump;
  zend_string *alias;
  bool param_is_array;
  bool var_is_array;
-  sp_list_node *param_array_keys;
+  // sp_list_node *param_array_keys;
-  sp_list_node *var_array_keys;
+  // sp_list_node *var_array_keys;
  bool allow;
@@ -163,125 +153,149 @@ typedef struct {
 } sp_config_upload_validation;
 typedef struct {
-  sp_config_random *config_random;
+  zend_string *key;
-  sp_config_sloppy *config_sloppy;
+  sp_ini_permission access;
-  sp_config_unserialize *config_unserialize;
+  zend_string *min;
-  sp_config_readonly_exec *config_readonly_exec;
+  zend_string *max;
-  sp_config_upload_validation *config_upload_validation;
+  sp_regexp *regexp;
-  sp_config_cookie *config_cookie;
+  zend_string *msg;
-  sp_config_global *config_snuffleupagus;
+  zend_string *set;
-  sp_config_auto_cookie_secure *config_auto_cookie_secure;
+  bool allow_null;
-  sp_config_global_strict *config_global_strict;
+  bool simulation;
-  sp_config_disable_xxe *config_disable_xxe;
+  bool drop;
-  sp_config_eval *config_eval;
+  PHP_INI_MH((*orig_onmodify));
-  sp_config_wrapper *config_wrapper;
+} sp_ini_entry;
-  sp_config_session *config_session;
-  bool hook_execute;
+typedef struct {
-  char log_media;
+  bool enable;
+  bool simulation;
+  bool policy_readonly;
+  bool policy_silent_ro;
+  bool policy_silent_fail;
+  bool policy_drop;
+  HashTable *entries;  // ht of sp_ini_entry
+} sp_config_ini;
-  HashTable *config_disabled_functions;
+#define SP_PARSE_FN_(fname, kwvar) int fname(char *token, sp_parsed_keyword *kwvar, void *retval)
-  HashTable *config_disabled_functions_hooked;
+#define SP_PARSE_FN(fname) SP_PARSE_FN_(fname, parsed_rule)
-  HashTable *config_disabled_functions_ret;
+#define SP_PARSEKW_FN(fname) SP_PARSE_FN_(fname, kw)
-  HashTable *config_disabled_functions_ret_hooked;
-  sp_config_disabled_functions *config_disabled_functions_reg;
-  sp_config_disabled_functions *config_disabled_functions_reg_ret;
-} sp_config;
 typedef struct {
-  int (*func)(char *, char *, void *);
+  SP_PARSE_FN((*func));
  char *token;
  void *retval;
-} sp_config_functions;
+} sp_config_keyword;
-typedef struct {
+#define SP_PARSER_SUCCESS 0
-  int (*func)(char *);
+#define SP_PARSER_ERROR -1
-  char *token;
+#define SP_PARSER_STOP 1
-} sp_config_tokens;
-#define SP_TOKEN_BASE "sp"
+// #define SP_TOKEN_BASE "sp"
-#define SP_TOKEN_AUTO_COOKIE_SECURE ".auto_cookie_secure"
+#define SP_TOKEN_AUTO_COOKIE_SECURE "auto_cookie_secure"
-#define SP_TOKEN_COOKIE_ENCRYPTION ".cookie"
+#define SP_TOKEN_COOKIE_ENCRYPTION "cookie"
-#define SP_TOKEN_SESSION_ENCRYPTION ".session"
+#define SP_TOKEN_SESSION_ENCRYPTION "session"
-#define SP_TOKEN_DISABLE_FUNC ".disable_function"
+#define SP_TOKEN_DISABLE_FUNC "disable_function"
-#define SP_TOKEN_GLOBAL ".global"
+#define SP_TOKEN_GLOBAL "global"
-#define SP_TOKEN_GLOBAL_STRICT ".global_strict"
+#define SP_TOKEN_GLOBAL_STRICT "global_strict"
-#define SP_TOKEN_HARDEN_RANDOM ".harden_random"
+#define SP_TOKEN_HARDEN_RANDOM "harden_random"
-#define SP_TOKEN_READONLY_EXEC ".readonly_exec"
+#define SP_TOKEN_READONLY_EXEC "readonly_exec"
-#define SP_TOKEN_UNSERIALIZE_HMAC ".unserialize_hmac"
+#define SP_TOKEN_UNSERIALIZE_HMAC "unserialize_hmac"
-#define SP_TOKEN_UPLOAD_VALIDATION ".upload_validation"
+#define SP_TOKEN_UPLOAD_VALIDATION "upload_validation"
-#define SP_TOKEN_DISABLE_XXE ".disable_xxe"
+#define SP_TOKEN_XXE_PROTECTION "xxe_protection"
-#define SP_TOKEN_EVAL_BLACKLIST ".eval_blacklist"
+#define SP_TOKEN_EVAL_BLACKLIST "eval_blacklist"
-#define SP_TOKEN_EVAL_WHITELIST ".eval_whitelist"
+#define SP_TOKEN_EVAL_WHITELIST "eval_whitelist"
-#define SP_TOKEN_SLOPPY_COMPARISON ".sloppy_comparison"
+#define SP_TOKEN_SLOPPY_COMPARISON "sloppy_comparison"
-#define SP_TOKEN_ALLOW_WRAPPERS ".wrappers_whitelist"
+#define SP_TOKEN_ALLOW_WRAPPERS "wrappers_whitelist"
+#define SP_TOKEN_INI_PROTECTION "ini_protection"
+#define SP_TOKEN_INI "ini"
 // common tokens
-#define SP_TOKEN_ENABLE ".enable("
+#define SP_TOKEN_ENABLE "enable"
-#define SP_TOKEN_DISABLE ".disable("
+#define SP_TOKEN_DISABLE "disable"
-#define SP_TOKEN_SIMULATION ".simulation("
+#define SP_TOKEN_SIMULATION "simulation"
-#define SP_TOKEN_TRUE "1"
+#define SP_TOKEN_SIM "sim"
-#define SP_TOKEN_FALSE "0"
+// #define SP_TOKEN_TRUE "1"
-#define SP_TOKEN_DUMP ".dump("
+// #define SP_TOKEN_FALSE "0"
-#define SP_TOKEN_ALIAS ".alias("
+#define SP_TOKEN_DUMP "dump"
-#define SP_TOKEN_ALLOW ".allow("
+#define SP_TOKEN_ALIAS "alias"
-#define SP_TOKEN_DROP ".drop("
+#define SP_TOKEN_ALLOW "allow"
+#define SP_TOKEN_DROP "drop"
-#define SP_TOKEN_END_PARAM ')'
 // disable_function
-#define SP_TOKEN_CIDR ".cidr("
+#define SP_TOKEN_CIDR "cidr"
-#define SP_TOKEN_FILENAME ".filename("
+#define SP_TOKEN_FILENAME "filename"
-#define SP_TOKEN_FILENAME_REGEXP ".filename_r("
+#define SP_TOKEN_FILENAME_REGEXP "filename_r"
-#define SP_TOKEN_FUNCTION ".function("
+#define SP_TOKEN_FUNCTION "function"
-#define SP_TOKEN_FUNCTION_REGEXP ".function_r("
+#define SP_TOKEN_FUNCTION_REGEXP "function_r"
-#define SP_TOKEN_HASH ".hash("
+#define SP_TOKEN_HASH "hash"
-#define SP_TOKEN_LOCAL_VAR ".var("
+#define SP_TOKEN_LOCAL_VAR "var"
-#define SP_TOKEN_PARAM ".param("
+#define SP_TOKEN_PARAM "param"
-#define SP_TOKEN_PARAM_REGEXP ".param_r("
+#define SP_TOKEN_PARAM_REGEXP "param_r"
-#define SP_TOKEN_PARAM_TYPE ".param_type("
+#define SP_TOKEN_PARAM_TYPE "param_type"
-#define SP_TOKEN_RET ".ret("
+#define SP_TOKEN_RET "ret"
-#define SP_TOKEN_RET_REGEXP ".ret_r("
+#define SP_TOKEN_RET_REGEXP "ret_r"
-#define SP_TOKEN_RET_TYPE ".ret_type("
+#define SP_TOKEN_RET_TYPE "ret_type"
-#define SP_TOKEN_VALUE ".value("
+#define SP_TOKEN_VALUE "value"
-#define SP_TOKEN_VALUE_REGEXP ".value_r("
+#define SP_TOKEN_VALUE_REGEXP "value_r"
-#define SP_TOKEN_KEY ".key("
+#define SP_TOKEN_KEY "key"
-#define SP_TOKEN_KEY_REGEXP ".key_r("
+#define SP_TOKEN_KEY_REGEXP "key_r"
-#define SP_TOKEN_VALUE_ARG_POS ".pos("
+#define SP_TOKEN_VALUE_ARG_POS "pos"
-#define SP_TOKEN_LINE_NUMBER ".line("
+#define SP_TOKEN_LINE_NUMBER "line"
 // cookies encryption
-#define SP_TOKEN_NAME ".name("
+#define SP_TOKEN_NAME "name"
-#define SP_TOKEN_NAME_REGEXP ".name_r("
+#define SP_TOKEN_NAME_REGEXP "name_r"
 // cookies samesite
-#define SP_TOKEN_SAMESITE ".samesite("
+#define SP_TOKEN_SAMESITE "samesite"
-#define SP_TOKEN_ENCRYPT ".encrypt("
+#define SP_TOKEN_ENCRYPT "encrypt"
 #define SP_TOKEN_SAMESITE_LAX "Lax"
 #define SP_TOKEN_SAMESITE_STRICT "Strict"
 // Global configuration options
-#define SP_TOKEN_ENCRYPTION_KEY ".secret_key("
+#define SP_TOKEN_ENCRYPTION_KEY "secret_key"
-#define SP_TOKEN_ENV_VAR ".cookie_env_var("
+#define SP_TOKEN_ENV_VAR "cookie_env_var"
-#define SP_TOKEN_LOG_MEDIA ".log_media("
+#define SP_TOKEN_LOG_MEDIA "log_media"
+#define SP_TOKEN_MAX_EXECUTION_DEPTH "max_execution_depth"
+#define SP_TOKEN_SERVER_ENCODE "server_encode"
+#define SP_TOKEN_SERVER_STRIP "server_strip"
+#define SP_TOKEN_SID_MIN_LENGTH "sid_min_length"
+#define SP_TOKEN_SID_MAX_LENGTH "sid_max_length"
+#define SP_TOKEN_SHOW_OLD_PHP_WARNING "show_old_php_warning"
 // upload_validator
-#define SP_TOKEN_UPLOAD_SCRIPT ".script("
+#define SP_TOKEN_UPLOAD_SCRIPT "script"
+#define SP_TOKEN_LIST "list"
+zend_result sp_process_rule(sp_parsed_keyword *parsed_rule, sp_config_keyword *config_keywords);
+zend_result sp_parse_config(const char *filename);
-#define SP_TOKEN_LIST ".list("
+#define SP_PARSE_CHECK_ARG_EXISTS(value) \
+if (!value) { \
+  sp_log_err("config", "Missing argument to keyword '%s' - it should be '%s(\"...\")' on line %zu", token, token, kw->lineno); \
+  return SP_PARSER_ERROR; \
+}
-int sp_parse_config(const char *);
+#define SP_PARSE_ARG(value) \
-int parse_array(sp_disabled_function *);
+  zend_string *value = sp_get_arg_string(kw); \
+  SP_PARSE_CHECK_ARG_EXISTS(value);
-int parse_str(char *restrict, char *restrict, void *);
+SP_PARSEKW_FN(parse_str);
-int parse_regexp(char *restrict, char *restrict, void *);
+SP_PARSEKW_FN(parse_regexp);
-int parse_empty(char *restrict, char *restrict, void *);
+SP_PARSEKW_FN(parse_empty);
-int parse_cidr(char *restrict, char *restrict, void *);
+SP_PARSEKW_FN(parse_int);
-int parse_php_type(char *restrict, char *restrict, void *);
+SP_PARSEKW_FN(parse_ulong);
-int parse_list(char *restrict, char *restrict, void *);
+SP_PARSEKW_FN(parse_php_type);
+SP_PARSEKW_FN(parse_cidr);
+SP_PARSEKW_FN(parse_list);
 // cleanup
-void sp_disabled_function_list_free(sp_list_node *);
+void sp_free_disabled_function(void *data);
-void sp_cookie_list_free(sp_list_node *);
+void sp_free_cookie(void *data);
+void sp_free_zstr(void *data);
+void sp_free_ini_entry(void *data);
 #endif /* SP_CONFIG_H */
diff --git a/src/sp_config_keywords.c b/src/sp_config_keywords.c
index 325ee6c..9a9b608 100644
--- a/src/sp_config_keywords.c
+++ b/src/sp_config_keywords.c
@@ -1,321 +1,246 @@
 #include "php_snuffleupagus.h"
-static int parse_enable(char *line, bool *restrict retval,
+#define SP_SET_ENABLE_DISABLE(enable, disable, varname) \
-                        bool *restrict simulation) {
+  if (enable && disable) { \
+    sp_log_err("config", "A rule can't be enabled and disabled on line %zu", parsed_rule->lineno); \
+    return SP_PARSER_ERROR; \
+  } \
+  if (enable || disable) { \
+    (varname) = (enable || !disable); \
+  }
+#define SP_PROCESS_CONFIG_KEYWORDS(CMD) if (sp_process_rule(&(parsed_rule[1]), config_keywords) != SUCCESS) { CMD; }
+#define SP_PROCESS_CONFIG_KEYWORDS_ERR() SP_PROCESS_CONFIG_KEYWORDS(return SP_PARSER_ERROR)
+SP_PARSE_FN(parse_enable) {
  bool enable = false, disable = false;
-  sp_config_functions sp_config_funcs[] = {
+  sp_config_keyword config_keywords[] = {
      {parse_empty, SP_TOKEN_ENABLE, &(enable)},
      {parse_empty, SP_TOKEN_DISABLE, &(disable)},
-      {parse_empty, SP_TOKEN_SIMULATION, simulation},
      {0, 0, 0}};
-  int ret = parse_keywords(sp_config_funcs, line);
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
-  if (0 != ret) {
-    return ret;
-  }
-  if (!(enable ^ disable)) {
-    sp_log_err("config", "A rule can't be enabled and disabled on line %zu",
-               sp_line_no);
-    return -1;
-  }
-  *retval = enable;
+  SP_SET_ENABLE_DISABLE(enable, disable, *(bool*)retval);
-  return ret;
+  return SP_PARSER_STOP;
 }
-int parse_session(char *line) {
+SP_PARSE_FN(parse_session) {
-  sp_config_session *session = pecalloc(sizeof(sp_config_session), 1, 0);
+  sp_config_session *cfg = retval;
-  sp_config_functions sp_config_funcs_session_encryption[] = {
+  sp_config_keyword config_keywords[] = {
-      {parse_empty, SP_TOKEN_ENCRYPT, &(session->encrypt)},
+      {parse_empty, SP_TOKEN_ENCRYPT, &(cfg->encrypt)},
-      {parse_empty, SP_TOKEN_SIMULATION, &(session->simulation)},
+      {parse_empty, SP_TOKEN_SIMULATION, &(cfg->simulation)},
+      {parse_empty, SP_TOKEN_SIM, &(cfg->simulation)},
+      {parse_ulong, SP_TOKEN_SID_MIN_LENGTH, &(cfg->sid_min_length)},
+      {parse_ulong, SP_TOKEN_SID_MAX_LENGTH, &(cfg->sid_max_length)},
      {0, 0, 0}};
-  int ret = parse_keywords(sp_config_funcs_session_encryption, line);
-  if (0 != ret) {
-    return ret;
-  }
-#if (!HAVE_PHP_SESSION || defined(COMPILE_DL_SESSION))
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
-  sp_log_err(
-      "config",
-      "You're trying to use the session cookie encryption feature "
-      "on line %zu without having session support statically built into PHP. "
-      "This isn't supported, see "
-      "https://github.com/jvoisin/snuffleupagus/issues/278 for details.",
-      sp_line_no);
-  pefree(session, 0);
-  return -1;
-#endif
-  if (session->encrypt) {
+  if (cfg->encrypt) {
-    if (0 == (SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var)) {
+    if (!SPCFG(cookies_env_var)) {
-      sp_log_err(
+      sp_log_err("config", "You're trying to use the session cookie encryption feature "
-          "config",
+          "on line %zu without having set the `.cookie_env_var` option in "
-          "You're trying to use the session cookie encryption feature "
+          "`sp.global`: please set it first", parsed_rule->lineno);
-          "on line %zu without having set the `.cookie_env_var` option in"
+      return SP_PARSER_ERROR;
-          "`sp.global`: please set it first",
+    } else if (!SPCFG(encryption_key)) {
-          sp_line_no);
+      sp_log_err("config", "You're trying to use the session cookie encryption feature "
-      pefree(session, 0);
+                 "on line %zu without having set the `.secret_key` option in "
-      return -1;
+                 "`sp.global`: please set it first", parsed_rule->lineno);
-    } else if (0 ==
+      return SP_PARSER_ERROR;
-               (SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)) {
-      sp_log_err("config",
-                 "You're trying to use the session cookie encryption feature "
-                 "on line %zu without having set the `.secret_key` option in"
-                 "`sp.global`: please set it first",
-                 sp_line_no);
-      pefree(session, 0);
-      return -1;
    }
  }
-  SNUFFLEUPAGUS_G(config).config_session->encrypt = session->encrypt;
+  return SP_PARSER_STOP;
-  SNUFFLEUPAGUS_G(config).config_session->simulation = session->simulation;
-  pefree(session, 0);
-  return ret;
-}
-int parse_random(char *line) {
-  return parse_enable(line, &(SNUFFLEUPAGUS_G(config).config_random->enable),
-                      NULL);
 }
-int parse_log_media(char *line) {
+SP_PARSEKW_FN(parse_log_media) {
-  size_t consumed = 0;
+  SP_PARSE_ARG(value);
-  zend_string *value =
+  
-      get_param(&consumed, line, SP_TYPE_STR, SP_TOKEN_LOG_MEDIA);
+  if (!strcmp(ZSTR_VAL(value), "php")) {
+    *(char*)retval = SP_ZEND;
-  if (value) {
+    zend_string_release_ex(value, 1);
-    if (!strcmp(ZSTR_VAL(value), "php")) {
+    return SP_PARSER_SUCCESS;
-      SNUFFLEUPAGUS_G(config).log_media = SP_ZEND;
+  } else if (!strcmp(ZSTR_VAL(value), "syslog")) {
-      return 0;
+    *(char*)retval = SP_SYSLOG;
-    } else if (!strcmp(ZSTR_VAL(value), "syslog")) {
+    zend_string_release_ex(value, 1);
-      SNUFFLEUPAGUS_G(config).log_media = SP_SYSLOG;
+    return SP_PARSER_SUCCESS;
-      return 0;
-    }
  }
-  sp_log_err("config", "%s) only supports 'syslog' or 'php', on line %zu",
-             SP_TOKEN_LOG_MEDIA, sp_line_no);
-  return -1;
-}
-int parse_sloppy_comparison(char *line) {
+  sp_log_err("config", "." SP_TOKEN_LOG_MEDIA "() only supports 'syslog' or 'php' on line %zu", kw->lineno);
-  return parse_enable(line, &(SNUFFLEUPAGUS_G(config).config_sloppy->enable),
-                      NULL);
-}
-int parse_disable_xxe(char *line) {
-  return parse_enable(
-      line, &(SNUFFLEUPAGUS_G(config).config_disable_xxe->enable), NULL);
-}
-int parse_auto_cookie_secure(char *line) {
-  return parse_enable(
-      line, &(SNUFFLEUPAGUS_G(config).config_auto_cookie_secure->enable), NULL);
-}
-int parse_global_strict(char *line) {
+  return SP_PARSER_ERROR;
-  return parse_enable(
-      line, &(SNUFFLEUPAGUS_G(config).config_global_strict->enable), NULL);
 }
-int parse_unserialize(char *line) {
+SP_PARSE_FN(parse_unserialize) {
  bool enable = false, disable = false;
-  sp_config_unserialize *unserialize =
+  sp_config_unserialize *cfg = (sp_config_unserialize*)retval;
-      SNUFFLEUPAGUS_G(config).config_unserialize;
-  sp_config_functions sp_config_funcs[] = {
+  sp_config_keyword config_keywords[] = {
      {parse_empty, SP_TOKEN_ENABLE, &(enable)},
      {parse_empty, SP_TOKEN_DISABLE, &(disable)},
-      {parse_empty, SP_TOKEN_SIMULATION, &(unserialize->simulation)},
+      {parse_empty, SP_TOKEN_SIMULATION, &(cfg->simulation)},
-      {parse_str, SP_TOKEN_DUMP, &(unserialize->dump)},
+      {parse_empty, SP_TOKEN_SIM, &(cfg->simulation)},
+      {parse_str, SP_TOKEN_DUMP, &(cfg->dump)},
      {0, 0, 0}};
-  unserialize->textual_representation = zend_string_init(line, strlen(line), 1);
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
-  int ret = parse_keywords(sp_config_funcs, line);
+  SP_SET_ENABLE_DISABLE(enable, disable, cfg->enable);
-  if (0 != ret) {
-    return ret;
-  }
-  if (!(enable ^ disable)) {
-    sp_log_err("config", "A rule can't be enabled and disabled on line %zu",
-               sp_line_no);
-    return -1;
-  }
-  SNUFFLEUPAGUS_G(config).config_unserialize->enable = enable;
+  cfg->textual_representation = sp_get_textual_representation(parsed_rule);
-  return ret;
+  return SP_PARSER_STOP;
 }
-int parse_readonly_exec(char *line) {
+SP_PARSE_FN(parse_readonly_exec) {
  bool enable = false, disable = false;
-  sp_config_readonly_exec *readonly_exec =
+  sp_config_readonly_exec *cfg = (sp_config_readonly_exec*)retval;
-      SNUFFLEUPAGUS_G(config).config_readonly_exec;
-  sp_config_functions sp_config_funcs[] = {
+  sp_config_keyword config_keywords[] = {
      {parse_empty, SP_TOKEN_ENABLE, &(enable)},
      {parse_empty, SP_TOKEN_DISABLE, &(disable)},
-      {parse_empty, SP_TOKEN_SIMULATION, &(readonly_exec->simulation)},
+      {parse_empty, SP_TOKEN_SIMULATION, &(cfg->simulation)},
-      {parse_str, SP_TOKEN_DUMP, &(readonly_exec->dump)},
+      {parse_empty, SP_TOKEN_SIM, &(cfg->simulation)},
+      {parse_str, SP_TOKEN_DUMP, &(cfg->dump)},
      {0, 0, 0}};
-  readonly_exec->textual_representation =
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
-      zend_string_init(line, strlen(line), 1);
-  int ret = parse_keywords(sp_config_funcs, line);
-  if (0 != ret) {
-    return ret;
-  }
-  if (!(enable ^ disable)) {
+  cfg->textual_representation = sp_get_textual_representation(parsed_rule);
-    sp_log_err("config", "A rule can't be enabled and disabled on line %zu",
-               sp_line_no);
-    return -1;
-  }
-  SNUFFLEUPAGUS_G(config).config_readonly_exec->enable = enable;
+  SP_SET_ENABLE_DISABLE(enable, disable, cfg->enable);
-  return ret;
+  return SP_PARSER_STOP;
 }
-int parse_global(char *line) {
+SP_PARSE_FN(parse_global) {
-  sp_config_functions sp_config_funcs_global[] = {
+  sp_config_keyword config_keywords[] = {
-      {parse_str, SP_TOKEN_ENCRYPTION_KEY,
+      {parse_str, SP_TOKEN_ENCRYPTION_KEY, &(SPCFG(encryption_key))},
-       &(SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)},
+      {parse_str, SP_TOKEN_ENV_VAR, &(SPCFG(cookies_env_var))},
-      {parse_str, SP_TOKEN_ENV_VAR,
+      {parse_log_media, SP_TOKEN_LOG_MEDIA, &(SPCFG(log_media))},
-       &(SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var)},
+      {parse_ulong, SP_TOKEN_MAX_EXECUTION_DEPTH, &(SPCFG(max_execution_depth))},
+      {parse_enable, SP_TOKEN_SERVER_ENCODE, &(SPCFG(server_encode))},
+      {parse_enable, SP_TOKEN_SERVER_STRIP, &(SPCFG(server_strip))},
+      {parse_enable, SP_TOKEN_SHOW_OLD_PHP_WARNING, &(SPCFG(show_old_php_warning))},
      {0, 0, 0}};
-  return parse_keywords(sp_config_funcs_global, line);
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
+  if (SPCFG(encryption_key)) {
+    if (ZSTR_LEN(SPCFG(encryption_key)) < 10) {
+      sp_log_err("config", "The encryption key set on line %zu is too short. please use at least 10 bytes", parsed_rule->lineno);
+      return SP_PARSER_ERROR;
+    }
+    if (zend_string_equals_literal(SPCFG(encryption_key), "YOU _DO_ NEED TO CHANGE THIS WITH SOME RANDOM CHARACTERS.") ||
+        zend_string_equals_literal(SPCFG(encryption_key), "c6a0e02b3b818f7559d5f85303d8fe44")) {
+      sp_log_err("config", "The encryption key set on line %zu is an unchanged dummy value. please use a unique secret.", parsed_rule->lineno);
+      return SP_PARSER_ERROR;
+    }
+  }
+  return SP_PARSER_STOP;
 }
-static int parse_eval_filter_conf(char *line, sp_list_node **list) {
+SP_PARSE_FN(parse_eval_filter_conf) {
-  sp_config_eval *eval = SNUFFLEUPAGUS_G(config).config_eval;
+  sp_config_eval *cfg = &(SPCFG(eval));
-  sp_config_functions sp_config_funcs[] = {
+  sp_config_keyword config_keywords[] = {
-      {parse_list, SP_TOKEN_LIST, list},
+      {parse_list, SP_TOKEN_LIST, retval},
-      {parse_empty, SP_TOKEN_SIMULATION,
+      {parse_empty, SP_TOKEN_SIMULATION, &(cfg->simulation)},
-       &(SNUFFLEUPAGUS_G(config).config_eval->simulation)},
+      {parse_empty, SP_TOKEN_SIM, &(cfg->simulation)},
-      {parse_str, SP_TOKEN_DUMP, &(SNUFFLEUPAGUS_G(config).config_eval->dump)},
+      {parse_str, SP_TOKEN_DUMP, &(cfg->dump)},
      {0, 0, 0}};
-  eval->textual_representation = zend_string_init(line, strlen(line), 1);
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
-  int ret = parse_keywords(sp_config_funcs, line);
+  cfg->textual_representation = sp_get_textual_representation(parsed_rule);
-  if (0 != ret) {
-    return ret;
-  }
-  return SUCCESS;
+  return SP_PARSER_STOP;
 }
-int parse_wrapper_whitelist(char *line) {
+SP_PARSE_FN(parse_wrapper_whitelist) {
-  SNUFFLEUPAGUS_G(config).config_wrapper->enabled = true;
+  sp_config_wrapper *cfg = (sp_config_wrapper*)retval;
-  sp_config_functions sp_config_funcs[] = {
+  
-      {parse_list, SP_TOKEN_LIST,
+  sp_config_keyword config_keywords[] = {
-       &SNUFFLEUPAGUS_G(config).config_wrapper->whitelist},
+      {parse_list, SP_TOKEN_LIST, &cfg->whitelist},
      {0, 0, 0}};
-  int ret = parse_keywords(sp_config_funcs, line);
-  if (0 != ret) {
-    return ret;
-  }
-  return SUCCESS;
-}
-int parse_eval_blacklist(char *line) {
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
-  return parse_eval_filter_conf(
-      line, &SNUFFLEUPAGUS_G(config).config_eval->blacklist);
+  cfg->enabled = true;
-}
-int parse_eval_whitelist(char *line) {
+  return SP_PARSER_STOP;
-  return parse_eval_filter_conf(
-      line, &SNUFFLEUPAGUS_G(config).config_eval->whitelist);
 }
-int parse_cookie(char *line) {
+SP_PARSE_FN(parse_cookie) {
-  int ret = 0;
  zend_string *samesite = NULL;
  sp_cookie *cookie = pecalloc(sizeof(sp_cookie), 1, 1);
-  sp_config_functions sp_config_funcs_cookie_encryption[] = {
+  sp_config_keyword config_keywords[] = {
      {parse_str, SP_TOKEN_NAME, &(cookie->name)},
      {parse_regexp, SP_TOKEN_NAME_REGEXP, &(cookie->name_r)},
      {parse_str, SP_TOKEN_SAMESITE, &samesite},
      {parse_empty, SP_TOKEN_ENCRYPT, &cookie->encrypt},
      {parse_empty, SP_TOKEN_SIMULATION, &cookie->simulation},
+      {parse_empty, SP_TOKEN_SIM, &cookie->simulation},
      {0, 0, 0}};
-  ret = parse_keywords(sp_config_funcs_cookie_encryption, line);
+  SP_PROCESS_CONFIG_KEYWORDS(goto err);
-  if (0 != ret) {
-    return ret;
-  }
  if (cookie->encrypt) {
-    if (0 == (SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var)) {
+    if (!SPCFG(cookies_env_var)) {
-      sp_log_err(
+      sp_log_err("config", "You're trying to use the cookie encryption feature on line %zu "
-          "config",
+                            "without having set the `." SP_TOKEN_ENV_VAR "` option in `sp.global`: please set it first", parsed_rule->lineno);
-          "You're trying to use the cookie encryption feature"
+      goto err;
-          "on line %zu without having set the `.cookie_env_var` option in"
+    } else if (!SPCFG(encryption_key)) {
-          "`sp.global`: please set it first",
+      sp_log_err("config", "You're trying to use the cookie encryption feature "
-          sp_line_no);
+          "on line %zu without having set the `." SP_TOKEN_ENCRYPTION_KEY "` option in "
-      return -1;
+          "`sp." SP_TOKEN_GLOBAL "`: please set it first", parsed_rule->lineno);
-    } else if (0 ==
+      goto err;
-               (SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key)) {
-      sp_log_err(
-          "config",
-          "You're trying to use the cookie encryption feature"
-          "on line %zu without having set the `.encryption_key` option in"
-          "`sp.global`: please set it first",
-          sp_line_no);
-      return -1;
    }
  } else if (!samesite) {
-    sp_log_err("config",
+    sp_log_err("config", "You must specify a at least one action to a cookie on line %zu", parsed_rule->lineno);
-               "You must specify a at least one action to a cookie on line "
+    goto err;
-               "%zu",
-               sp_line_no);
-    return -1;
  }
  if ((!cookie->name || 0 == ZSTR_LEN(cookie->name)) && !cookie->name_r) {
-    sp_log_err("config",
+    sp_log_err("config", "You must specify a cookie name/regexp on line %zu", parsed_rule->lineno);
-               "You must specify a cookie name/regexp on line "
+    goto err;
-               "%zu",
-               sp_line_no);
-    return -1;
  }
  if (cookie->name && cookie->name_r) {
-    sp_log_err("config",
+    sp_log_err("config", "name and name_r are mutually exclusive on line %zu", parsed_rule->lineno);
-               "name and name_r are mutually exclusive on line "
+    goto err;
-               "%zu",
-               sp_line_no);
-    return -1;
  }
  if (samesite) {
    if (zend_string_equals_literal_ci(samesite, SP_TOKEN_SAMESITE_LAX)) {
      cookie->samesite = lax;
-    } else if (zend_string_equals_literal_ci(samesite,
+    } else if (zend_string_equals_literal_ci(samesite, SP_TOKEN_SAMESITE_STRICT)) {
-                                             SP_TOKEN_SAMESITE_STRICT)) {
      cookie->samesite = strict;
    } else {
-      sp_log_err(
+      sp_log_err("config", "'%s' is an invalid value to samesite (expected " SP_TOKEN_SAMESITE_LAX " or " SP_TOKEN_SAMESITE_STRICT ") on line %zu",
-          "config",
+        ZSTR_VAL(samesite), parsed_rule->lineno);
-          "%s is an invalid value to samesite (expected %s or %s) on line "
+      goto err;
-          "%zu",
-          ZSTR_VAL(samesite), SP_TOKEN_SAMESITE_LAX, SP_TOKEN_SAMESITE_STRICT,
-          sp_line_no);
-      return -1;
    }
  }
-  SNUFFLEUPAGUS_G(config).config_cookie->cookies =
-      sp_list_insert(SNUFFLEUPAGUS_G(config).config_cookie->cookies, cookie);
+  SPCFG(cookie).cookies = sp_list_insert(SPCFG(cookie).cookies, cookie);
-  return SUCCESS;
+  return SP_PARSER_STOP;
+err:
+  if (samesite) {
+    zend_string_release(samesite);
+  }
+  if (cookie) {
+    sp_free_cookie(cookie);
+    pefree(cookie, 1);
+  }
+  return SP_PARSER_ERROR;
 }
-int add_df_to_hashtable(HashTable *ht, sp_disabled_function *df) {
+static int add_df_to_hashtable(HashTable *ht, sp_disabled_function *df) {
  zval *list = zend_hash_find(ht, df->function);
  if (NULL == list) {
@@ -326,19 +251,19 @@ int add_df_to_hashtable(HashTable *ht, sp_disabled_function *df) {
  return SUCCESS;
 }
-int parse_disabled_functions(char *line) {
+SP_PARSE_FN(parse_disabled_functions) {
-  int ret = 0;
+  int ret = SP_PARSER_ERROR;
-  bool enable = true, disable = false, allow = false, drop = false;
+  bool enable = false, disable = false, allow = false, drop = false;
-  zend_string *pos = NULL, *var = NULL, *param = NULL;
+  zend_string *var = NULL, *param = NULL;
-  zend_string *line_number = NULL;
  sp_disabled_function *df = pecalloc(sizeof(*df), 1, 1);
  df->pos = -1;
-  sp_config_functions sp_config_funcs_disabled_functions[] = {
+  sp_config_keyword config_keywords[] = {
      {parse_empty, SP_TOKEN_ENABLE, &(enable)},
      {parse_empty, SP_TOKEN_DISABLE, &(disable)},
      {parse_str, SP_TOKEN_ALIAS, &(df->alias)},
      {parse_empty, SP_TOKEN_SIMULATION, &(df->simulation)},
+      {parse_empty, SP_TOKEN_SIM, &(df->simulation)},
      {parse_str, SP_TOKEN_FILENAME, &(df->filename)},
      {parse_regexp, SP_TOKEN_FILENAME_REGEXP, &(df->r_filename)},
      {parse_str, SP_TOKEN_FUNCTION, &(df->function)},
@@ -359,86 +284,54 @@ int parse_disabled_functions(char *line) {
      {parse_regexp, SP_TOKEN_RET_REGEXP, &(df->r_ret)},
      {parse_php_type, SP_TOKEN_RET_TYPE, &(df->ret_type)},
      {parse_str, SP_TOKEN_LOCAL_VAR, &(var)},
-      {parse_str, SP_TOKEN_VALUE_ARG_POS, &(pos)},
+      {parse_int, SP_TOKEN_VALUE_ARG_POS, &(df->pos)},
-      {parse_str, SP_TOKEN_LINE_NUMBER, &(line_number)},
+      {parse_ulong, SP_TOKEN_LINE_NUMBER, &(df->line)},
      {0, 0, 0}};
-  ret = parse_keywords(sp_config_funcs_disabled_functions, line);
+  SP_PROCESS_CONFIG_KEYWORDS(goto out);
-  if (0 != ret) {
+  SP_SET_ENABLE_DISABLE(enable, disable, enable);
-    return ret;
+  if (disable) {
+    ret = SP_PARSER_STOP; goto out;
  }
 #define MUTUALLY_EXCLUSIVE(X, Y, STR1, STR2)                             \
  if (X && Y) {                                                          \
-    sp_log_err("config",                                                 \
+    sp_log_err("config", "Invalid configuration line for 'sp.disabled_functions': '.%s' and '.%s' are mutually exclusive on line %zu", STR1, STR2, parsed_rule->lineno); \
-               "Invalid configuration line: 'sp.disabled_functions%s': " \
+    goto out;                                                  \
-               "'.%s' and '.%s' are mutually exclusive on line %zu",     \
-               line, STR1, STR2, sp_line_no);                            \
-    return -1;                                                           \
  }
-  MUTUALLY_EXCLUSIVE(df->r_value, df->value, "r_value", "regexp");
+  MUTUALLY_EXCLUSIVE(df->value, df->r_value, "value", "value_r");
-  MUTUALLY_EXCLUSIVE(df->r_function, df->function, "r_function", "function");
+  MUTUALLY_EXCLUSIVE(df->r_function, df->function, "function", "function_r");
-  MUTUALLY_EXCLUSIVE(df->r_filename, df->filename, "r_filename", "filename");
+  MUTUALLY_EXCLUSIVE(df->filename, df->r_filename, "filename", "filename_r");
-  MUTUALLY_EXCLUSIVE(df->r_ret, df->ret, "r_ret", "ret");
+  MUTUALLY_EXCLUSIVE(df->ret, df->r_ret, "ret", "ret_r");
-  MUTUALLY_EXCLUSIVE(df->r_key, df->key, "r_key", "key");
+  MUTUALLY_EXCLUSIVE(df->key, df->r_key, "key", "key_r");
-  MUTUALLY_EXCLUSIVE(pos, param, "pos", "param");
+  MUTUALLY_EXCLUSIVE((df->pos >= 0), param, "pos", "param");
-  MUTUALLY_EXCLUSIVE(pos, df->r_param, "pos", "param_r");
+  MUTUALLY_EXCLUSIVE((df->pos >= 0), df->r_param, "pos", "param_r");
  MUTUALLY_EXCLUSIVE(param, df->r_param, "param", "param_r");
  MUTUALLY_EXCLUSIVE((df->r_key || df->key), (df->r_value || df->value), "key", "value");
  MUTUALLY_EXCLUSIVE((df->r_ret || df->ret || df->ret_type), (df->r_param || param), "ret", "param");
  MUTUALLY_EXCLUSIVE((df->r_ret || df->ret || df->ret_type), (var), "ret", "var");
  MUTUALLY_EXCLUSIVE((df->r_ret || df->ret || df->ret_type), (df->value || df->r_value), "ret", "value");
 #undef MUTUALLY_EXCLUSIVE
  if (!(df->r_function || df->function)) {
-    sp_log_err("config",
+    sp_log_err("config", "Invalid configuration line: 'sp.disabled_functions': must take a function name on line %zu", parsed_rule->lineno);
-               "Invalid configuration line: 'sp.disabled_functions%s':"
+    goto out;
-               " must take a function name on line %zu",
-               line, sp_line_no);
-    return -1;
  }
  if (df->filename && (*ZSTR_VAL(df->filename) != '/') &&
-             (0 != strncmp(ZSTR_VAL(df->filename), "phar://", strlen("phar://")))) {
+             (0 != strncmp(ZSTR_VAL(df->filename), ZEND_STRL("phar://")))) {
-    sp_log_err(
+    sp_log_err("config", "Invalid configuration line: 'sp.disabled_functions': '.filename' must be an absolute path or a phar archive on line %zu", parsed_rule->lineno);
-        "config",
+    goto out;
-        "Invalid configuration line: 'sp.disabled_functions%s':"
-        "'.filename' must be an absolute path or a phar archive on line %zu",
-        line, sp_line_no);
-    return -1;
  }
  if (!(allow ^ drop)) {
-    sp_log_err("config",
+    sp_log_err("config", "Invalid configuration line: 'sp.disabled_functions': The rule must either be a `drop` or `allow` one on line %zu", parsed_rule->lineno);
-               "Invalid configuration line: 'sp.disabled_functions%s': The "
+    goto out;
-               "rule must either be a `drop` or `allow` one on line %zu",
-               line, sp_line_no);
-    return -1;
  }
-  if (pos) {
-    errno = 0;
-    char *endptr;
-    df->pos = (int)strtol(ZSTR_VAL(pos), &endptr, 10);
-    if (errno != 0 || endptr == ZSTR_VAL(pos)) {
-      sp_log_err("config", "Failed to parse arg '%s' of `pos` on line %zu",
-                 ZSTR_VAL(pos), sp_line_no);
-      return -1;
-    }
-  }
-  if (line_number) {
-    errno = 0;
-    char *endptr;
-    df->line = (unsigned int)strtoul(ZSTR_VAL(line_number), &endptr, 10);
-    if (errno != 0 || endptr == ZSTR_VAL(line_number)) {
-      sp_log_err("config", "Failed to parse arg '%s' of `line` on line %zu",
-                 ZSTR_VAL(line_number), sp_line_no);
-      return -1;
-    }
-  }
  df->allow = allow;
-  df->textual_representation = zend_string_init(line, strlen(line), 1);
+  df->textual_representation = sp_get_textual_representation(parsed_rule);
  if (df->function) {
    df->functions_list = parse_functions_list(ZSTR_VAL(df->function));
@@ -453,108 +346,162 @@ int parse_disabled_functions(char *line) {
      new[0] = '$';
      memcpy(new + 1, ZSTR_VAL(param), ZSTR_LEN(param));
      df->param = sp_parse_var(new);
-      free(new);
+      pefree(new, 1);
    } else {
      df->param = sp_parse_var(ZSTR_VAL(param));
    }
    if (!df->param) {
-      sp_log_err("config", "Invalid value '%s' for `param` on line %zu",
+      sp_log_err("config", "Invalid value '%s' for `param` on line %zu", ZSTR_VAL(param), parsed_rule->lineno);
-                 ZSTR_VAL(param), sp_line_no);
+      goto out;
-      return -1;
    }
  }
  if (var) {
    if (ZSTR_LEN(var)) {
      df->var = sp_parse_var(ZSTR_VAL(var));
      if (!df->var) {
-        sp_log_err("config", "Invalid value '%s' for `var` on line %zu",
+        sp_log_err("config", "Invalid value '%s' for `var` on line %zu", ZSTR_VAL(var), parsed_rule->lineno);
-                   ZSTR_VAL(var), sp_line_no);
+        goto out;
-        return -1;
      }
    } else {
-      sp_log_err("config", "Empty value in `var` on line %zu", sp_line_no);
+      sp_log_err("config", "Empty value in `var` on line %zu", parsed_rule->lineno);
-      return -1;
+      goto out;
    }
  }
-  if (true == disable) {
-    return ret;
-  }
  if (df->function && zend_string_equals_literal(df->function, "print")) {
    zend_string_release(df->function);
-    df->function = zend_string_init("echo", sizeof("echo") - 1, 1);
+    df->function = zend_string_init(ZEND_STRL("echo"), 1);
  }
  if (df->function && !df->functions_list) {
    if (df->ret || df->r_ret || df->ret_type) {
-      add_df_to_hashtable(SNUFFLEUPAGUS_G(config).config_disabled_functions_ret,
+      add_df_to_hashtable(SPCFG(disabled_functions_ret), df);
-                          df);
    } else {
-      add_df_to_hashtable(SNUFFLEUPAGUS_G(config).config_disabled_functions,
+      add_df_to_hashtable(SPCFG(disabled_functions), df);
-                          df);
    }
  } else {
    if (df->ret || df->r_ret || df->ret_type) {
-      SNUFFLEUPAGUS_G(config)
+      SPCFG(disabled_functions_reg_ret).disabled_functions = sp_list_insert(SPCFG(disabled_functions_reg_ret).disabled_functions, df);
-          .config_disabled_functions_reg_ret->disabled_functions =
-          sp_list_insert(
-              SNUFFLEUPAGUS_G(config)
-                  .config_disabled_functions_reg_ret->disabled_functions,
-              df);
    } else {
-      SNUFFLEUPAGUS_G(config)
+      SPCFG(disabled_functions_reg).disabled_functions = sp_list_insert(SPCFG(disabled_functions_reg).disabled_functions, df);
-          .config_disabled_functions_reg->disabled_functions =
-          sp_list_insert(SNUFFLEUPAGUS_G(config)
-                             .config_disabled_functions_reg->disabled_functions,
-                         df);
    }
  }
+  return SP_PARSER_STOP;
+out:
+  if (df) {
+    sp_free_disabled_function(df);
+    pefree(df, 1);
+  }
+  if (param) { zend_string_release(param); }
+  if (var) { zend_string_release(var); }
  return ret;
 }
-int parse_upload_validation(char *line) {
+SP_PARSE_FN(parse_upload_validation) {
  bool disable = false, enable = false;
-  sp_config_functions sp_config_funcs_upload_validation[] = {
+  sp_config_upload_validation *cfg = (sp_config_upload_validation*)retval;
-      {parse_str, SP_TOKEN_UPLOAD_SCRIPT,
-       &(SNUFFLEUPAGUS_G(config).config_upload_validation->script)},
+  sp_config_keyword config_keywords[] = {
-      {parse_empty, SP_TOKEN_SIMULATION,
-       &(SNUFFLEUPAGUS_G(config).config_upload_validation->simulation)},
      {parse_empty, SP_TOKEN_ENABLE, &(enable)},
      {parse_empty, SP_TOKEN_DISABLE, &(disable)},
+      {parse_str, SP_TOKEN_UPLOAD_SCRIPT, &(cfg->script)},
+      {parse_empty, SP_TOKEN_SIMULATION, &(cfg->simulation)},
+      {parse_empty, SP_TOKEN_SIM, &(cfg->simulation)},
      {0, 0, 0}};
-  int ret = parse_keywords(sp_config_funcs_upload_validation, line);
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
+  SP_SET_ENABLE_DISABLE(enable, disable, cfg->enable);
-  if (0 != ret) {
+  if (!cfg->script) {
-    return ret;
+    sp_log_err("config", "The `script` directive is mandatory in '.%s' on line %zu", token, parsed_rule->lineno);
+    return SP_PARSER_ERROR;
+  } else if (-1 == access(ZSTR_VAL(cfg->script), F_OK)) {
+    sp_log_err("config", "The `script` (%s) doesn't exist on line %zu", ZSTR_VAL(cfg->script), parsed_rule->lineno);
+    return SP_PARSER_ERROR;
  }
-  if (!(enable ^ disable)) {
+  return SP_PARSER_STOP;
-    sp_log_err("config", "A rule can't be enabled and disabled on line %zu",
+}
-               sp_line_no);
-    return -1;
+SP_PARSE_FN(parse_ini_protection) {
+  bool disable = false, enable = false;
+  bool rw = false, ro = false; // rw is ignored, but declaring .policy_rw is valid for readability
+  sp_config_ini *cfg = (sp_config_ini*)retval;
+  sp_config_keyword config_keywords[] = {
+    {parse_empty, "enable", &(enable)},
+    {parse_empty, "disable", &(disable)},
+    {parse_empty, "simulation", &cfg->simulation},
+    {parse_empty, "sim", &cfg->simulation},
+    {parse_empty, "policy_readonly", &ro},
+    {parse_empty, "policy_ro", &ro},
+    {parse_empty, "policy_readwrite", &rw},
+    {parse_empty, "policy_rw", &rw},
+    {parse_empty, "policy_silent_ro", &cfg->policy_silent_ro},
+    {parse_empty, "policy_silent_fail", &cfg->policy_silent_fail},
+    {parse_empty, "policy_no_log", &cfg->policy_silent_fail},
+    {parse_empty, "policy_drop", &cfg->policy_drop},
+    {0, 0, 0}};
+  SP_PROCESS_CONFIG_KEYWORDS_ERR();
+  SP_SET_ENABLE_DISABLE(enable, disable, cfg->enable);
+  if (ro && rw) {
+    sp_log_err("config", "rule cannot be both read-write and read-only on line %zu", parsed_rule->lineno);
+    return SP_PARSER_ERROR;
  }
-  SNUFFLEUPAGUS_G(config).config_upload_validation->enable = enable;
+  cfg->policy_readonly = ro;
-  zend_string const *script =
+  if (cfg->policy_silent_fail && cfg->policy_drop) {
-      SNUFFLEUPAGUS_G(config).config_upload_validation->script;
+    sp_log_err("config", "policy cannot be drop and silent at the same time on line %zu", parsed_rule->lineno);
+    return SP_PARSER_ERROR;
+  }
+  return SP_PARSER_STOP;
+}
+SP_PARSE_FN(parse_ini_entry) {
+  sp_ini_entry *entry = pecalloc(sizeof(sp_ini_entry), 1, 1);
+  bool rw = false, ro = false;
+  sp_config_keyword config_keywords[] = {
+    {parse_empty, "simulation", &entry->simulation},
+    {parse_empty, "sim", &entry->simulation},
+    {parse_str, "key", &entry->key},
+    {parse_str, "msg", &entry->msg},
+    {parse_str, "set", &entry->set},
+    {parse_str, "min", &entry->min},
+    {parse_str, "max", &entry->max},
+    {parse_regexp, "regexp", &entry->regexp},
+    {parse_empty, "readonly", &ro},
+    {parse_empty, "ro", &ro},
+    {parse_empty, "readwrite", &rw},
+    {parse_empty, "rw", &rw},
+    {parse_empty, "drop", &entry->drop},
+    {parse_empty, "allow_null", &entry->allow_null},
+    {0, 0, 0}};
-  if (!script) {
+  SP_PROCESS_CONFIG_KEYWORDS(goto err);
-    sp_log_err("config",
-               "The `script` directive is mandatory in '%s' on line %zu", line,
+   if (!entry->key) {
-               sp_line_no);
+    sp_log_err("config", "A .key() must be provided on line %zu", parsed_rule->lineno);
-    return -1;
+    goto err;
-  } else if (-1 == access(ZSTR_VAL(script), F_OK)) {
-    sp_log_err("config", "The `script` (%s) doesn't exist on line %zu",
-               ZSTR_VAL(script), sp_line_no);
-    return -1;
-  } else if (-1 == access(ZSTR_VAL(script), X_OK)) {
-    sp_log_err("config", "The `script` (%s) isn't executable on line %zu",
-               ZSTR_VAL(script), sp_line_no);
-    return -1;
  }
-  return ret;
+  if (ro && rw) {
+    sp_log_err("config", "rule cannot be both read-write and read-only on line %zu", parsed_rule->lineno);
+    goto err;
+  }
+  entry->access = ro - rw;
+  zend_hash_add_ptr(SPCFG(ini).entries, entry->key, entry);
+  return SP_PARSER_STOP;
+err:
+  if (entry) {
+    sp_free_ini_entry(entry);
+    pefree(entry, 1);
+  }
+  return SP_PARSER_ERROR;
 }
diff --git a/src/sp_config_keywords.h b/src/sp_config_keywords.h
index a279cc9..01eb0d1 100644
--- a/src/sp_config_keywords.h
+++ b/src/sp_config_keywords.h
@@ -2,21 +2,18 @@
 #define SP_CONFIG_KEYWORDS_H
 #include "php_snuffleupagus.h"
-int parse_random(char *line);
+SP_PARSE_FN(parse_enable);
-int parse_disable_xxe(char *line);
+SP_PARSE_FN(parse_global);
-int parse_auto_cookie_secure(char *line);
+SP_PARSE_FN(parse_cookie);
-int parse_global_strict(char *line);
+SP_PARSE_FN(parse_unserialize);
-int parse_global(char *line);
+SP_PARSE_FN(parse_readonly_exec);
-int parse_cookie(char *line);
+SP_PARSE_FN(parse_disabled_functions);
-int parse_unserialize(char *line);
+SP_PARSE_FN(parse_upload_validation);
-int parse_readonly_exec(char *line);
+SP_PARSE_FN(parse_eval_filter_conf);
-int parse_disabled_functions(char *line);
+SP_PARSE_FN(parse_session);
-int parse_upload_validation(char *line);
+SP_PARSE_FN(parse_wrapper_whitelist);
-int parse_eval_blacklist(char *line);
+SP_PARSE_FN(parse_log_media);
-int parse_eval_whitelist(char *line);
+SP_PARSE_FN(parse_ini_protection);
-int parse_session(char *line);
+SP_PARSE_FN(parse_ini_entry);
-int parse_sloppy_comparison(char *line);
-int parse_wrapper_whitelist(char *line);
-int parse_log_media(char *line);
 #endif  // __SP_CONFIG_KEYWORDS_H
diff --git a/src/sp_config_scanner.cached.c b/src/sp_config_scanner.cached.c
new file mode 100644
index 0000000..7617ebf
--- /dev/null
+++ b/src/sp_config_scanner.cached.c
@@ -0,0 +1,1677 @@
+/* Generated by re2c */
+#include "php_snuffleupagus.h"
+enum YYCONDTYPE {
+        yycinit,
+        yyccond,
+        yyccond_op,
+        yycrule,
+};
+#define cs_log_error(fmt, ...) sp_log_err("config", fmt, ##__VA_ARGS__)
+#define cs_log_info(fmt, ...) sp_log_msg("config", SP_LOG_INFO, fmt, ##__VA_ARGS__)
+#define cs_log_warning(fmt, ...) sp_log_warn("config", fmt, ##__VA_ARGS__)
+zend_string *sp_get_arg_string(sp_parsed_keyword *kw) {
+  if (!kw || !kw->arg) {
+    return NULL;
+  }
+  zend_string *ret = zend_string_init(kw->arg, kw->arglen, 1);
+  char *pin, *pout;
+  pin = pout = ZSTR_VAL(ret);
+  char *pend = pin + ZSTR_LEN(ret);
+  while (pin < pend) {
+    if (*pin == '\\') {
+      pin++;
+    }
+    *pout = *pin;
+    pin++; pout++;
+  }
+  if (pin != pout) {
+    size_t len = pout - ZSTR_VAL(ret);
+    ret = zend_string_truncate(ret, len, 1);
+    ZSTR_VAL(ret)[len] = 0;
+  }
+  return ret;
+}
+zend_string *sp_get_textual_representation(sp_parsed_keyword *parsed_rule) {
+  // a rule is "sp.keyword...keyword(arg);\0"
+  size_t len = 3; // sp + ;
+  sp_parsed_keyword *kw;
+  for (kw = parsed_rule; kw->kw; kw++) {
+    len++; // .
+    len += kw->kwlen;
+    if (kw->argtype == SP_ARGTYPE_EMPTY) {
+      len += 2; // ()
+    } else if (kw->argtype == SP_ARGTYPE_STR) {
+        len += 4;
+        len += kw->arglen;
+    }
+  }
+  zend_string *ret = zend_string_alloc(len, 1);
+  char *ptr = ZSTR_VAL(ret);
+  memcpy(ptr, "sp", 2); ptr += 2;
+  for (kw = parsed_rule; kw->kw; kw++) {
+    *ptr++ = '.';
+    memcpy(ptr, kw->kw, kw->kwlen); ptr += kw->kwlen;
+    if (kw->argtype == SP_ARGTYPE_EMPTY || kw->argtype == SP_ARGTYPE_STR || kw->argtype == SP_ARGTYPE_UNKNOWN) {
+      *ptr++ = '(';
+    }
+    if (kw->argtype == SP_ARGTYPE_STR && kw->arg) {
+      *ptr++ = '"';
+      memcpy(ptr, kw->arg, kw->arglen); ptr += kw->arglen;
+      *ptr++ = '"';
+    }
+    if (kw->argtype == SP_ARGTYPE_EMPTY || kw->argtype == SP_ARGTYPE_STR || kw->argtype == SP_ARGTYPE_UNKNOWN) {
+      *ptr++ = ')';
+    }
+  }
+  *ptr++ = ';';
+  *ptr = 0;
+  return ret;
+}
+static void str_dtor(zval *zv) {
+  zend_string_release_ex(Z_STR_P(zv), 1);
+}
+// sy_ functions and macros are helpers for the shunting yard algorithm
+#define sy_res_push(val) \
+  if (cond_res_i >= 100) { cs_log_error("condition too complex on line %d", lineno); goto out; } \
+  cond_res[cond_res_i++] = val;
+#define sy_res_pop() cond_res[--cond_res_i]
+#define sy_op_push(op) \
+  if (cond_op_i >= 100) { cs_log_error("condition too complex on line %d", lineno); goto out; } \
+  cond_op[cond_op_i++] = op;
+#define sy_op_pop() cond_op[--cond_op_i]
+#define sy_op_peek() cond_op[cond_op_i-1]
+static inline int sy_op_precedence(char op) {
+  switch (op) {
+    case '!': return 120;
+    case '<':
+    case '>':
+    case 'L': // <=
+    case 'G': // >=
+              return 90;
+    case '&': return 70;
+    case '|': return 60;
+    case '=': return 20;
+  }
+  return 0;
+}
+static inline int sy_op_is_left_assoc(char op) {
+  switch (op) {
+    case '!': return 0;
+  }
+  return 1;
+}
+static int sy_apply_op(char op, int a, int b) {
+  switch (op) {
+    case '!': return !a;
+    case '&': return (b && a);
+    case '|': return (b || a);
+    case '<': return (b < a);
+    case 'L': return (b <= a);
+    case 'G': return (b >= a);
+    case '>': return (b > a);
+    case '=': return (b == a);
+  }
+  return 0;
+}
+#define SY_APPLY_OP_FROM_STACK() \
+  char op = sy_op_pop(); \
+  int unary = (op == '!'); \
+  if (cond_res_i < (2 - unary)) { cs_log_error("not enough input on line %d", lineno); goto out; } \
+  int a = sy_res_pop(); \
+  int b = unary ? 0 : sy_res_pop(); \
+  int res = sy_apply_op(op, a, b); \
+  sy_res_push(res);
+#define TMPSTR(tmpstr, t2, t1) \
+      char tmpstr[1024]; \
+      size_t tmplen = MIN(t2-t1-2, 1023); \
+      strncpy(tmpstr, t1+1, tmplen); \
+      tmpstr[tmplen] = 0;
+zend_result sp_config_scan(char *data, zend_result (*process_rule)(sp_parsed_keyword*))
+{
+  const char *YYCURSOR = data;
+  const char *YYMARKER, *t1, *t2, *t3, *t4;
+  const char *yyt1;
+const char *yyt2;
+const char *yyt3;
+const char *yyt4;
+  int ret = FAILURE;
+  const int max_keywords = 16;
+  sp_parsed_keyword parsed_rule[max_keywords+1];
+  int kw_i = 0;
+  HashTable vars;
+  zend_hash_init(&vars, 10, NULL, str_dtor, 1);
+  zend_hash_str_add_ptr(&vars, ZEND_STRL("PHP_VERSION_ID"), zend_string_init(ZEND_STRL(ZEND_TOSTR(PHP_VERSION_ID)), 1));
+  int cond_res[100] = {1};
+  int cond_res_i = 0;
+  char cond_op[100] = {0};
+  int cond_op_i = 0;
+  int cond = yycinit;
+  long lineno = 1;
+  
+{
+        unsigned char yych;
+        unsigned int yyaccept = 0;
+        if (cond < 2) {
+                if (cond < 1) {
+                        goto yyc_init;
+                } else {
+                        goto yyc_cond;
+                }
+        } else {
+                if (cond < 3) {
+                        goto yyc_cond_op;
+                } else {
+                        goto yyc_rule;
+                }
+        }
+/* *********************************** */
+yyc_init:
+        {
+                static const unsigned char yybm[] = {
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  88,   0,  80,  80,  16,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         88,  80,  16,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                        112, 112, 112, 112, 112, 112, 112, 112, 
+                        112, 112,  80,  80,  80,  80,  80,  80, 
+                         80, 112, 112, 112, 112, 112, 112, 112, 
+                        112, 112, 112, 112, 112, 112, 112, 112, 
+                        112, 112, 112, 112, 112, 112, 112, 112, 
+                        112, 112, 112,  80, 144,  80,  80, 112, 
+                         80, 112, 112, 112, 112, 112, 112, 112, 
+                        112, 112, 112, 112, 112, 112, 112, 112, 
+                        112, 112, 112, 112, 112, 112, 112, 112, 
+                        112, 112, 112,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                         80,  80,  80,  80,  80,  80,  80,  80, 
+                };
+                yych = *YYCURSOR;
+                if (yybm[0+yych] & 8) {
+                        goto yy6;
+                }
+                if (yych <= '#') {
+                        if (yych <= '\n') {
+                                if (yych <= 0x00) goto yy2;
+                                if (yych <= 0x08) goto yy4;
+                                goto yy9;
+                        } else {
+                                if (yych == '\r') goto yy11;
+                                if (yych <= '"') goto yy4;
+                                goto yy12;
+                        }
+                } else {
+                        if (yych <= '?') {
+                                if (yych == ';') goto yy12;
+                                goto yy4;
+                        } else {
+                                if (yych <= '@') goto yy15;
+                                if (yych == 's') goto yy16;
+                                goto yy4;
+                        }
+                }
+yy2:
+                ++YYCURSOR;
+                { ret = SUCCESS; goto out; }
+yy4:
+                ++YYCURSOR;
+yy5:
+                { cs_log_error("Parser error on line %d", lineno); goto out; }
+yy6:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 8) {
+                        goto yy6;
+                }
+                { goto yyc_init; }
+yy9:
+                ++YYCURSOR;
+                { lineno++; goto yyc_init; }
+yy11:
+                yych = *++YYCURSOR;
+                if (yych == '\n') goto yy9;
+                goto yy5;
+yy12:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 16) {
+                        goto yy12;
+                }
+                { goto yyc_init; }
+yy15:
+                yyaccept = 0;
+                yych = *(YYMARKER = ++YYCURSOR);
+                switch (yych) {
+                case 'c':       goto yy17;
+                case 'e':       goto yy19;
+                case 'i':       goto yy20;
+                case 'l':       goto yy21;
+                case 's':       goto yy22;
+                case 'w':       goto yy23;
+                default:        goto yy5;
+                }
+yy16:
+                yyaccept = 0;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych == 'e') goto yy24;
+                if (yych == 'p') goto yy25;
+                goto yy5;
+yy17:
+                yych = *++YYCURSOR;
+                if (yych == 'o') goto yy27;
+yy18:
+                YYCURSOR = YYMARKER;
+                if (yyaccept <= 4) {
+                        if (yyaccept <= 2) {
+                                if (yyaccept <= 1) {
+                                        if (yyaccept == 0) {
+                                                goto yy5;
+                                        } else {
+                                                yyt2 = YYCURSOR;
+                                                goto yy67;
+                                        }
+                                } else {
+                                        yyt2 = YYCURSOR;
+                                        goto yy71;
+                                }
+                        } else {
+                                if (yyaccept == 3) {
+                                        goto yy67;
+                                } else {
+                                        goto yy71;
+                                }
+                        }
+                } else {
+                        if (yyaccept <= 6) {
+                                if (yyaccept == 5) {
+                                        yyt2 = YYCURSOR;
+                                        goto yy86;
+                                } else {
+                                        yyt4 = YYCURSOR;
+                                        goto yy91;
+                                }
+                        } else {
+                                if (yyaccept == 7) {
+                                        goto yy86;
+                                } else {
+                                        goto yy91;
+                                }
+                        }
+                }
+yy19:
+                yych = *++YYCURSOR;
+                if (yych == 'n') goto yy28;
+                if (yych == 'r') goto yy29;
+                goto yy18;
+yy20:
+                yych = *++YYCURSOR;
+                if (yych == 'n') goto yy30;
+                goto yy18;
+yy21:
+                yych = *++YYCURSOR;
+                if (yych == 'o') goto yy31;
+                goto yy18;
+yy22:
+                yych = *++YYCURSOR;
+                if (yych == 'e') goto yy24;
+                goto yy18;
+yy23:
+                yych = *++YYCURSOR;
+                if (yych == 'a') goto yy32;
+                goto yy18;
+yy24:
+                yych = *++YYCURSOR;
+                if (yych == 't') goto yy33;
+                goto yy18;
+yy25:
+                ++YYCURSOR;
+                { kw_i = 0;  goto yyc_rule; }
+yy27:
+                yych = *++YYCURSOR;
+                if (yych == 'n') goto yy34;
+                goto yy18;
+yy28:
+                yych = *++YYCURSOR;
+                if (yych == 'd') goto yy35;
+                goto yy18;
+yy29:
+                yych = *++YYCURSOR;
+                if (yych == 'r') goto yy36;
+                goto yy18;
+yy30:
+                yych = *++YYCURSOR;
+                if (yych == 'f') goto yy37;
+                goto yy18;
+yy31:
+                yych = *++YYCURSOR;
+                if (yych == 'g') goto yy38;
+                goto yy18;
+yy32:
+                yych = *++YYCURSOR;
+                if (yych == 'r') goto yy39;
+                goto yy18;
+yy33:
+                yych = *++YYCURSOR;
+                if (yych == '\t') goto yy40;
+                if (yych == ' ') goto yy40;
+                goto yy18;
+yy34:
+                yych = *++YYCURSOR;
+                if (yych == 'd') goto yy42;
+                goto yy18;
+yy35:
+                yych = *++YYCURSOR;
+                if (yych == '_') goto yy43;
+                goto yy18;
+yy36:
+                yych = *++YYCURSOR;
+                if (yych == '"') goto yy18;
+                if (yych == 'o') goto yy46;
+                goto yy45;
+yy37:
+                yych = *++YYCURSOR;
+                if (yych != 'o') goto yy18;
+yy38:
+                yych = *++YYCURSOR;
+                if (yych == '"') goto yy18;
+                goto yy48;
+yy39:
+                yych = *++YYCURSOR;
+                if (yych == 'n') goto yy49;
+                goto yy18;
+yy40:
+                yych = *++YYCURSOR;
+                if (yych <= '@') {
+                        if (yych <= '\t') {
+                                if (yych <= 0x08) goto yy18;
+                                goto yy40;
+                        } else {
+                                if (yych == ' ') goto yy40;
+                                goto yy18;
+                        }
+                } else {
+                        if (yych <= '_') {
+                                if (yych <= 'Z') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy50;
+                                }
+                                if (yych <= '^') goto yy18;
+                                yyt1 = YYCURSOR;
+                                goto yy50;
+                        } else {
+                                if (yych <= '`') goto yy18;
+                                if (yych <= 'z') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy50;
+                                }
+                                goto yy18;
+                        }
+                }
+yy42:
+                yych = *++YYCURSOR;
+                if (yych == 'i') goto yy52;
+                goto yy18;
+yy43:
+                yych = *++YYCURSOR;
+                if (yych == 'c') goto yy53;
+                goto yy18;
+yy44:
+                yych = *++YYCURSOR;
+yy45:
+                if (yych <= 0x1F) {
+                        if (yych == '\t') goto yy44;
+                        goto yy18;
+                } else {
+                        if (yych <= ' ') goto yy44;
+                        if (yych == '"') {
+                                yyt1 = YYCURSOR;
+                                goto yy54;
+                        }
+                        goto yy18;
+                }
+yy46:
+                yych = *++YYCURSOR;
+                if (yych == 'r') goto yy56;
+                goto yy18;
+yy47:
+                yych = *++YYCURSOR;
+yy48:
+                if (yych <= 0x1F) {
+                        if (yych == '\t') goto yy47;
+                        goto yy18;
+                } else {
+                        if (yych <= ' ') goto yy47;
+                        if (yych == '"') {
+                                yyt1 = YYCURSOR;
+                                goto yy57;
+                        }
+                        goto yy18;
+                }
+yy49:
+                yych = *++YYCURSOR;
+                if (yych == '"') goto yy18;
+                if (yych == 'i') goto yy61;
+                goto yy60;
+yy50:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 32) {
+                        goto yy50;
+                }
+                if (yych == '\t') {
+                        yyt2 = YYCURSOR;
+                        goto yy62;
+                }
+                if (yych == ' ') {
+                        yyt2 = YYCURSOR;
+                        goto yy62;
+                }
+                goto yy18;
+yy52:
+                yych = *++YYCURSOR;
+                if (yych == 't') goto yy64;
+                goto yy18;
+yy53:
+                yych = *++YYCURSOR;
+                if (yych == 'o') goto yy65;
+                goto yy18;
+yy54:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 64) {
+                        goto yy54;
+                }
+                if (yych <= '\r') goto yy18;
+                if (yych <= '"') goto yy66;
+                goto yy68;
+yy56:
+                yych = *++YYCURSOR;
+                if (yych == '"') goto yy18;
+                goto yy45;
+yy57:
+                yych = *++YYCURSOR;
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy18;
+                        if (yych <= '\f') goto yy57;
+                        goto yy18;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy57;
+                                goto yy70;
+                        } else {
+                                if (yych == '\\') goto yy72;
+                                goto yy57;
+                        }
+                }
+yy59:
+                yych = *++YYCURSOR;
+yy60:
+                if (yych <= 0x1F) {
+                        if (yych == '\t') goto yy59;
+                        goto yy18;
+                } else {
+                        if (yych <= ' ') goto yy59;
+                        if (yych == '"') {
+                                yyt1 = YYCURSOR;
+                                goto yy74;
+                        }
+                        goto yy18;
+                }
+yy61:
+                yych = *++YYCURSOR;
+                if (yych == 'n') goto yy76;
+                goto yy18;
+yy62:
+                yych = *++YYCURSOR;
+                if (yych <= 0x1F) {
+                        if (yych == '\t') goto yy62;
+                        goto yy18;
+                } else {
+                        if (yych <= ' ') goto yy62;
+                        if (yych == '"') {
+                                yyt3 = YYCURSOR;
+                                goto yy77;
+                        }
+                        goto yy18;
+                }
+yy64:
+                yych = *++YYCURSOR;
+                if (yych == 'i') goto yy79;
+                goto yy18;
+yy65:
+                yych = *++YYCURSOR;
+                if (yych == 'n') goto yy80;
+                goto yy18;
+yy66:
+                yych = *++YYCURSOR;
+                yyt2 = YYCURSOR;
+                if (yych == ';') goto yy81;
+yy67:
+                t1 = yyt1;
+                t2 = yyt2;
+                {
+      if (!cond_res[0]) { goto yyc_init; }
+      TMPSTR(tmpstr, t2, t1);
+      cs_log_error("[line %d]: %s", lineno, tmpstr);
+      goto out;
+    }
+yy68:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 64) {
+                        goto yy54;
+                }
+                if (yych <= '\r') goto yy18;
+                if (yych <= '"') goto yy82;
+                goto yy68;
+yy70:
+                yych = *++YYCURSOR;
+                yyt2 = YYCURSOR;
+                if (yych == ';') goto yy83;
+yy71:
+                t1 = yyt1;
+                t2 = yyt2;
+                {
+      if (!cond_res[0]) { goto yyc_init; }
+      TMPSTR(tmpstr, t2, t1);
+      cs_log_info("[line %d]: %s", lineno, tmpstr);
+      goto yyc_init;
+    }
+yy72:
+                yych = *++YYCURSOR;
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy18;
+                        if (yych <= '\f') goto yy57;
+                        goto yy18;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy57;
+                                goto yy84;
+                        } else {
+                                if (yych == '\\') goto yy72;
+                                goto yy57;
+                        }
+                }
+yy74:
+                yych = *++YYCURSOR;
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy18;
+                        if (yych <= '\f') goto yy74;
+                        goto yy18;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy74;
+                                goto yy85;
+                        } else {
+                                if (yych == '\\') goto yy87;
+                                goto yy74;
+                        }
+                }
+yy76:
+                yych = *++YYCURSOR;
+                if (yych == 'g') goto yy89;
+                goto yy18;
+yy77:
+                yych = *++YYCURSOR;
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy18;
+                        if (yych <= '\f') goto yy77;
+                        goto yy18;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy77;
+                                goto yy90;
+                        } else {
+                                if (yych == '\\') goto yy92;
+                                goto yy77;
+                        }
+                }
+yy79:
+                yych = *++YYCURSOR;
+                if (yych == 'o') goto yy94;
+                goto yy18;
+yy80:
+                yych = *++YYCURSOR;
+                if (yych == 'd') goto yy95;
+                goto yy18;
+yy81:
+                ++YYCURSOR;
+                goto yy67;
+yy82:
+                yyaccept = 1;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yybm[0+yych] & 128) {
+                        goto yy68;
+                }
+                if (yych <= '\r') {
+                        if (yych == '\n') {
+                                yyt2 = YYCURSOR;
+                                goto yy67;
+                        }
+                        if (yych <= '\f') goto yy54;
+                        yyt2 = YYCURSOR;
+                        goto yy67;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy54;
+                                goto yy66;
+                        } else {
+                                if (yych == ';') {
+                                        yyt2 = YYCURSOR;
+                                        goto yy96;
+                                }
+                                goto yy54;
+                        }
+                }
+yy83:
+                ++YYCURSOR;
+                goto yy71;
+yy84:
+                yyaccept = 2;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych <= '!') {
+                        if (yych <= '\n') {
+                                if (yych <= '\t') goto yy57;
+                                yyt2 = YYCURSOR;
+                                goto yy71;
+                        } else {
+                                if (yych == '\r') {
+                                        yyt2 = YYCURSOR;
+                                        goto yy71;
+                                }
+                                goto yy57;
+                        }
+                } else {
+                        if (yych <= ';') {
+                                if (yych <= '"') goto yy70;
+                                if (yych <= ':') goto yy57;
+                                yyt2 = YYCURSOR;
+                                goto yy97;
+                        } else {
+                                if (yych == '\\') goto yy72;
+                                goto yy57;
+                        }
+                }
+yy85:
+                yych = *++YYCURSOR;
+                yyt2 = YYCURSOR;
+                if (yych == ';') goto yy98;
+yy86:
+                t1 = yyt1;
+                t2 = yyt2;
+                {
+      if (!cond_res[0]) { goto yyc_init; }
+      TMPSTR(tmpstr, t2, t1);
+      cs_log_warning("[line %d]: %s", lineno, tmpstr);
+      goto yyc_init;
+    }
+yy87:
+                yych = *++YYCURSOR;
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy18;
+                        if (yych <= '\f') goto yy74;
+                        goto yy18;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy74;
+                                goto yy99;
+                        } else {
+                                if (yych == '\\') goto yy87;
+                                goto yy74;
+                        }
+                }
+yy89:
+                yych = *++YYCURSOR;
+                if (yych == '"') goto yy18;
+                goto yy60;
+yy90:
+                yych = *++YYCURSOR;
+                yyt4 = YYCURSOR;
+                goto yy101;
+yy91:
+                t1 = yyt1;
+                t2 = yyt2;
+                t3 = yyt3;
+                t4 = yyt4;
+                {
+      if (!cond_res[0]) { goto yyc_init; }
+      char *key = (char*)t1;
+      int keylen = t2-t1;
+      zend_string *tmp = zend_hash_str_find_ptr(&vars, key, keylen);
+      if (tmp) {
+        zend_hash_str_del(&vars, key, keylen);
+      }
+      tmp = zend_string_init(t3+1, t4-t3-2, 1);
+      zend_hash_str_add_ptr(&vars, key, keylen, tmp);
+      goto yyc_init;
+    }
+yy92:
+                yych = *++YYCURSOR;
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy18;
+                        if (yych <= '\f') goto yy77;
+                        goto yy18;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy77;
+                                goto yy103;
+                        } else {
+                                if (yych == '\\') goto yy92;
+                                goto yy77;
+                        }
+                }
+yy94:
+                yych = *++YYCURSOR;
+                if (yych == 'n') goto yy104;
+                goto yy18;
+yy95:
+                yych = *++YYCURSOR;
+                if (yych == 'i') goto yy105;
+                goto yy18;
+yy96:
+                yyaccept = 3;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yybm[0+yych] & 64) {
+                        goto yy54;
+                }
+                if (yych <= '\r') goto yy67;
+                if (yych <= '"') goto yy66;
+                goto yy68;
+yy97:
+                yyaccept = 4;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy71;
+                        if (yych <= '\f') goto yy57;
+                        goto yy71;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy57;
+                                goto yy70;
+                        } else {
+                                if (yych == '\\') goto yy72;
+                                goto yy57;
+                        }
+                }
+yy98:
+                ++YYCURSOR;
+                goto yy86;
+yy99:
+                yyaccept = 5;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych <= '!') {
+                        if (yych <= '\n') {
+                                if (yych <= '\t') goto yy74;
+                                yyt2 = YYCURSOR;
+                                goto yy86;
+                        } else {
+                                if (yych == '\r') {
+                                        yyt2 = YYCURSOR;
+                                        goto yy86;
+                                }
+                                goto yy74;
+                        }
+                } else {
+                        if (yych <= ';') {
+                                if (yych <= '"') goto yy85;
+                                if (yych <= ':') goto yy74;
+                                yyt2 = YYCURSOR;
+                                goto yy106;
+                        } else {
+                                if (yych == '\\') goto yy87;
+                                goto yy74;
+                        }
+                }
+yy100:
+                yych = *++YYCURSOR;
+yy101:
+                if (yych <= 0x1F) {
+                        if (yych == '\t') goto yy100;
+                        goto yy91;
+                } else {
+                        if (yych <= ' ') goto yy100;
+                        if (yych != ';') goto yy91;
+                }
+                ++YYCURSOR;
+                goto yy91;
+yy103:
+                yyaccept = 6;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych <= ' ') {
+                        if (yych <= '\n') {
+                                if (yych <= 0x08) goto yy77;
+                                if (yych <= '\t') {
+                                        yyt4 = YYCURSOR;
+                                        goto yy107;
+                                }
+                                yyt4 = YYCURSOR;
+                                goto yy91;
+                        } else {
+                                if (yych == '\r') {
+                                        yyt4 = YYCURSOR;
+                                        goto yy91;
+                                }
+                                if (yych <= 0x1F) goto yy77;
+                                yyt4 = YYCURSOR;
+                                goto yy107;
+                        }
+                } else {
+                        if (yych <= ':') {
+                                if (yych == '"') goto yy90;
+                                goto yy77;
+                        } else {
+                                if (yych <= ';') {
+                                        yyt4 = YYCURSOR;
+                                        goto yy109;
+                                }
+                                if (yych == '\\') goto yy92;
+                                goto yy77;
+                        }
+                }
+yy104:
+                yych = *++YYCURSOR;
+                if (yych == '\t') goto yy110;
+                if (yych == ' ') goto yy110;
+                goto yy18;
+yy105:
+                yych = *++YYCURSOR;
+                if (yych == 't') goto yy113;
+                goto yy18;
+yy106:
+                yyaccept = 7;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy86;
+                        if (yych <= '\f') goto yy74;
+                        goto yy86;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy74;
+                                goto yy85;
+                        } else {
+                                if (yych == '\\') goto yy87;
+                                goto yy74;
+                        }
+                }
+yy107:
+                yyaccept = 8;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych <= ' ') {
+                        if (yych <= '\n') {
+                                if (yych <= 0x08) goto yy77;
+                                if (yych <= '\t') goto yy107;
+                                goto yy91;
+                        } else {
+                                if (yych == '\r') goto yy91;
+                                if (yych <= 0x1F) goto yy77;
+                                goto yy107;
+                        }
+                } else {
+                        if (yych <= ':') {
+                                if (yych == '"') goto yy90;
+                                goto yy77;
+                        } else {
+                                if (yych <= ';') goto yy109;
+                                if (yych == '\\') goto yy92;
+                                goto yy77;
+                        }
+                }
+yy109:
+                yyaccept = 8;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy91;
+                        if (yych <= '\f') goto yy77;
+                        goto yy91;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy77;
+                                goto yy90;
+                        } else {
+                                if (yych == '\\') goto yy92;
+                                goto yy77;
+                        }
+                }
+yy110:
+                yych = *++YYCURSOR;
+                if (yych == '\t') goto yy110;
+                if (yych == ' ') goto yy110;
+                { cond_res_i = 0; goto yyc_cond; }
+yy113:
+                yych = *++YYCURSOR;
+                if (yych != 'i') goto yy18;
+                yych = *++YYCURSOR;
+                if (yych != 'o') goto yy18;
+                yych = *++YYCURSOR;
+                if (yych != 'n') goto yy18;
+yy116:
+                yych = *++YYCURSOR;
+                if (yych <= 0x1F) {
+                        if (yych == '\t') goto yy116;
+                        goto yy18;
+                } else {
+                        if (yych <= ' ') goto yy116;
+                        if (yych != ';') goto yy18;
+                }
+                ++YYCURSOR;
+                { cond_res[0] = 1; cond_res_i = 0; goto yyc_init; }
+        }
+/* *********************************** */
+yyc_cond:
+        {
+                static const unsigned char yybm[] = {
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  72,   0,  64,  64,   0,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         72,  64,   0,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                        112, 112, 112, 112, 112, 112, 112, 112, 
+                        112, 112,  64,  64,  64,  64,  64,  64, 
+                         64,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  64, 128,  64,  64,  96, 
+                         64,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                };
+                yych = *YYCURSOR;
+                if (yybm[0+yych] & 8) {
+                        goto yy124;
+                }
+                if (yych <= '(') {
+                        if (yych <= '\r') {
+                                if (yych <= 0x08) goto yy122;
+                                if (yych <= '\n') goto yy127;
+                                if (yych >= '\r') goto yy129;
+                        } else {
+                                if (yych <= 0x1F) goto yy122;
+                                if (yych <= '!') goto yy130;
+                                if (yych >= '(') goto yy132;
+                        }
+                } else {
+                        if (yych <= 'Z') {
+                                if (yych <= '/') goto yy122;
+                                if (yych <= '9') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy134;
+                                }
+                                if (yych >= 'A') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy137;
+                                }
+                        } else {
+                                if (yych <= '_') {
+                                        if (yych >= '_') {
+                                                yyt1 = YYCURSOR;
+                                                goto yy137;
+                                        }
+                                } else {
+                                        if (yych <= '`') goto yy122;
+                                        if (yych <= 'z') {
+                                                yyt1 = YYCURSOR;
+                                                goto yy137;
+                                        }
+                                }
+                        }
+                }
+yy122:
+                ++YYCURSOR;
+yy123:
+                { cs_log_error("Syntax error in condition on line %d", lineno); goto out; }
+yy124:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 8) {
+                        goto yy124;
+                }
+                { goto yyc_cond; }
+yy127:
+                ++YYCURSOR;
+                { lineno++; goto yyc_cond; }
+yy129:
+                yych = *++YYCURSOR;
+                if (yych == '\n') goto yy127;
+                goto yy123;
+yy130:
+                ++YYCURSOR;
+                t1 = YYCURSOR - 1;
+                { sy_op_push(*t1); goto yyc_cond; }
+yy132:
+                ++YYCURSOR;
+                t1 = YYCURSOR - 1;
+                { sy_op_push(*t1); goto yyc_cond; }
+yy134:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 16) {
+                        goto yy134;
+                }
+                t1 = yyt1;
+                t2 = YYCURSOR;
+                { sy_res_push(atoi(t1));  goto yyc_cond_op; }
+yy137:
+                yyaccept = 0;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yybm[0+yych] & 32) {
+                        goto yy137;
+                }
+                if (yych == '(') goto yy140;
+yy139:
+                t1 = yyt1;
+                t2 = YYCURSOR;
+                {
+      zend_string *tmp = zend_hash_str_find_ptr(&vars, t1, t2-t1);
+      if (!tmp) {
+        cs_log_error("unknown variable in condition on line %d", lineno);
+        goto out;
+      }
+      sy_res_push(atoi(ZSTR_VAL(tmp)));
+      goto yyc_cond_op;
+    }
+yy140:
+                yych = *++YYCURSOR;
+                if (yych == '"') {
+                        yyt2 = YYCURSOR;
+                        goto yy142;
+                }
+                if (yych == ')') {
+                        yyt2 = YYCURSOR;
+                        goto yy144;
+                }
+yy141:
+                YYCURSOR = YYMARKER;
+                if (yyaccept == 0) {
+                        goto yy139;
+                } else {
+                        goto yy145;
+                }
+yy142:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 64) {
+                        goto yy142;
+                }
+                if (yych <= '\r') goto yy141;
+                if (yych <= '"') goto yy146;
+                goto yy147;
+yy144:
+                ++YYCURSOR;
+yy145:
+                t1 = yyt1;
+                t3 = yyt2;
+                t2 = yyt2 - 1;
+                t4 = YYCURSOR - 1;
+                {
+      if (t4-t3 >= 2 && strlen("extension_loaded") == t2-t1 && strncmp("extension_loaded", t1, t2-t1) == 0) {
+        int is_loaded = (zend_hash_str_find_ptr(&module_registry, t3+1, t4-t3-2) != NULL);
+        sy_res_push(is_loaded);
+      } else {
+        cs_log_error("unknown function in condition on line %d", lineno);
+        goto out;
+      }
+      goto yyc_cond_op;
+    }
+yy146:
+                yych = *++YYCURSOR;
+                if (yych == ')') goto yy144;
+                goto yy141;
+yy147:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 64) {
+                        goto yy142;
+                }
+                if (yych <= '\r') goto yy141;
+                if (yych >= '#') goto yy147;
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 128) {
+                        goto yy147;
+                }
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy141;
+                        if (yych <= '\f') goto yy142;
+                        goto yy141;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy142;
+                                goto yy146;
+                        } else {
+                                if (yych != ')') goto yy142;
+                        }
+                }
+                yyaccept = 1;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yybm[0+yych] & 64) {
+                        goto yy142;
+                }
+                if (yych <= '\r') goto yy145;
+                if (yych <= '"') goto yy146;
+                goto yy147;
+        }
+/* *********************************** */
+yyc_cond_op:
+        {
+                static const unsigned char yybm[] = {
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0, 128,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                        128,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                          0,   0,   0,   0,   0,   0,   0,   0, 
+                };
+                yych = *YYCURSOR;
+                if (yybm[0+yych] & 128) {
+                        goto yy155;
+                }
+                if (yych <= ')') {
+                        if (yych <= '\r') {
+                                if (yych <= 0x08) goto yy153;
+                                if (yych <= '\n') goto yy158;
+                                if (yych >= '\r') goto yy160;
+                        } else {
+                                if (yych == '&') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy161;
+                                }
+                                if (yych >= ')') goto yy162;
+                        }
+                } else {
+                        if (yych <= '=') {
+                                if (yych <= ':') goto yy153;
+                                if (yych <= ';') goto yy164;
+                                if (yych <= '<') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy166;
+                                }
+                                yyt1 = YYCURSOR;
+                                goto yy168;
+                        } else {
+                                if (yych <= '>') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy166;
+                                }
+                                if (yych == '|') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy169;
+                                }
+                        }
+                }
+yy153:
+                ++YYCURSOR;
+yy154:
+                { cs_log_error("Syntax error in condition on line %d", lineno); goto out; }
+yy155:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 128) {
+                        goto yy155;
+                }
+                { goto yyc_cond_op; }
+yy158:
+                ++YYCURSOR;
+                { lineno++; goto yyc_cond_op; }
+yy160:
+                yych = *++YYCURSOR;
+                if (yych == '\n') goto yy158;
+                goto yy154;
+yy161:
+                yych = *++YYCURSOR;
+                if (yych == '&') goto yy170;
+                goto yy154;
+yy162:
+                ++YYCURSOR;
+                {
+      while (cond_op_i && sy_op_peek() != '(') {
+        SY_APPLY_OP_FROM_STACK();
+      }
+      if (cond_op_i == 0 || sy_op_peek() != '(') {
+        cs_log_error("unbalanced parathesis on line %d", lineno); goto out;
+      }
+      cond_op_i--;
+      goto yyc_cond_op;
+    }
+yy164:
+                ++YYCURSOR;
+                {
+      while (cond_op_i) {
+        if (sy_op_peek() == '(') { cs_log_error("unbalanced parathesis on line %d", lineno); goto out; }
+        SY_APPLY_OP_FROM_STACK();
+      }
+      if (cond_res_i > 1) { cs_log_error("invalid condition on line %d", lineno); goto out; }
+      goto yyc_init;
+    }
+yy166:
+                yych = *++YYCURSOR;
+                if (yych == '=') goto yy170;
+yy167:
+                t1 = yyt1;
+                t2 = YYCURSOR;
+                {
+      char op1 = *t1;
+      if (t2-t1 == 2) {
+        switch (op1) {
+          case '<': op1 = 'L'; break; // <=
+          case '>': op1 = 'G'; break; // >=
+        }
+      }
+      while (cond_op_i && sy_op_peek() != '(' && ((sy_op_precedence(sy_op_peek()) > sy_op_precedence(*t1)) || (sy_op_precedence(sy_op_peek()) == sy_op_precedence(*t1) && sy_op_is_left_assoc(*t1)))) {
+        SY_APPLY_OP_FROM_STACK();
+      }
+      sy_op_push(*t1);
+      goto yyc_cond;
+    }
+yy168:
+                yych = *++YYCURSOR;
+                if (yych == '=') goto yy170;
+                goto yy154;
+yy169:
+                yych = *++YYCURSOR;
+                if (yych != '|') goto yy154;
+yy170:
+                ++YYCURSOR;
+                goto yy167;
+        }
+/* *********************************** */
+yyc_rule:
+        {
+                static const unsigned char yybm[] = {
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  88,  16,  64,  64,   0,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         88,  64,   0,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  64,  64,  64,  64,  64,  64, 
+                         64,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  64, 128,  64,  64,  96, 
+                         64,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  96,  96,  96,  96,  96, 
+                         96,  96,  96,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                         64,  64,  64,  64,  64,  64,  64,  64, 
+                };
+                yych = *YYCURSOR;
+                if (yybm[0+yych] & 8) {
+                        goto yy175;
+                }
+                if (yych <= '\r') {
+                        if (yych <= 0x08) goto yy173;
+                        if (yych <= '\n') goto yy178;
+                        if (yych >= '\r') goto yy179;
+                } else {
+                        if (yych <= '.') {
+                                if (yych >= '.') goto yy180;
+                        } else {
+                                if (yych == ';') goto yy181;
+                        }
+                }
+yy173:
+                ++YYCURSOR;
+yy174:
+                { goto end_of_rule; }
+yy175:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 8) {
+                        goto yy175;
+                }
+                {  goto yyc_rule; }
+yy178:
+                yyaccept = 0;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych <= '\r') {
+                        if (yych <= 0x08) goto yy174;
+                        if (yych <= '\n') {
+                                yyt1 = YYCURSOR;
+                                goto yy183;
+                        }
+                        if (yych <= '\f') goto yy174;
+                        yyt1 = YYCURSOR;
+                        goto yy186;
+                } else {
+                        if (yych <= ' ') {
+                                if (yych <= 0x1F) goto yy174;
+                                yyt1 = YYCURSOR;
+                                goto yy183;
+                        } else {
+                                if (yych == '.') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy187;
+                                }
+                                goto yy174;
+                        }
+                }
+yy179:
+                yyaccept = 0;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yych == '\n') goto yy189;
+                goto yy174;
+yy180:
+                yych = *++YYCURSOR;
+                if (yych <= '^') {
+                        if (yych <= '@') goto yy174;
+                        if (yych <= 'Z') {
+                                yyt1 = YYCURSOR;
+                                goto yy190;
+                        }
+                        goto yy174;
+                } else {
+                        if (yych == '`') goto yy174;
+                        if (yych <= 'z') {
+                                yyt1 = YYCURSOR;
+                                goto yy190;
+                        }
+                        goto yy174;
+                }
+yy181:
+                ++YYCURSOR;
+                {
+      end_of_rule:
+      if (!cond_res[0]) { goto yyc_init; }
+      parsed_rule[kw_i++] = (sp_parsed_keyword){0, 0, 0, 0, 0, 0};
+      if (process_rule && process_rule(parsed_rule) != SUCCESS) {
+        goto out;
+      }
+      goto yyc_init;
+    }
+yy183:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 16) {
+                        goto yy183;
+                }
+                if (yych == '\r') goto yy186;
+                if (yych == '.') goto yy187;
+yy185:
+                YYCURSOR = YYMARKER;
+                if (yyaccept <= 1) {
+                        if (yyaccept == 0) {
+                                goto yy174;
+                        } else {
+                                yyt3 = yyt4 = NULL;
+                                yyt2 = YYCURSOR;
+                                goto yy192;
+                        }
+                } else {
+                        goto yy192;
+                }
+yy186:
+                yych = *++YYCURSOR;
+                if (yych == '\n') goto yy183;
+                goto yy185;
+yy187:
+                ++YYCURSOR;
+                YYCURSOR = yyt1;
+                {  lineno++; goto yyc_rule; }
+yy189:
+                yych = *++YYCURSOR;
+                if (yych <= '\r') {
+                        if (yych <= 0x08) goto yy185;
+                        if (yych <= '\n') {
+                                yyt1 = YYCURSOR;
+                                goto yy183;
+                        }
+                        if (yych <= '\f') goto yy185;
+                        yyt1 = YYCURSOR;
+                        goto yy186;
+                } else {
+                        if (yych <= ' ') {
+                                if (yych <= 0x1F) goto yy185;
+                                yyt1 = YYCURSOR;
+                                goto yy183;
+                        } else {
+                                if (yych == '.') {
+                                        yyt1 = YYCURSOR;
+                                        goto yy187;
+                                }
+                                goto yy185;
+                        }
+                }
+yy190:
+                yyaccept = 1;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yybm[0+yych] & 32) {
+                        goto yy190;
+                }
+                if (yych == '(') {
+                        yyt2 = YYCURSOR;
+                        goto yy193;
+                }
+                yyt3 = yyt4 = NULL;
+                yyt2 = YYCURSOR;
+yy192:
+                t1 = yyt1;
+                t2 = yyt2;
+                t3 = yyt3;
+                t4 = yyt4;
+                {
+      if (!cond_res[0]) { goto yyc_rule; }
+      if (kw_i == max_keywords) {
+        cs_log_error("Too many keywords in rule (more than %d) on line %d", max_keywords, lineno);
+        goto out;
+      }
+      sp_parsed_keyword kw = {.kw = (char*)t1, .kwlen = t2-t1, .arg = (char*)t3, .arglen = t4-t3, .argtype = SP_ARGTYPE_UNKNOWN, .lineno = lineno};
+      if (t3 && t4) {
+        if (t3 == t4) {
+          kw.argtype = SP_ARGTYPE_EMPTY;
+        } else if (t4-t3 >= 2 && *t3 == '"') {
+          kw.arg = (char*)t3 + 1;
+          kw.arglen = t4 - t3 - 2;
+          kw.argtype = SP_ARGTYPE_STR;
+        } else {
+          zend_string *tmp = zend_hash_str_find_ptr(&vars, t3, t4-t3);
+          if (!tmp) {
+            cs_log_error("unknown variable on line %d", lineno);
+            goto out;
+          }
+          kw.arg = ZSTR_VAL(tmp);
+          kw.arglen = ZSTR_LEN(tmp);
+          kw.argtype = SP_ARGTYPE_STR;
+        }
+      } else {
+        kw.argtype = SP_ARGTYPE_NONE;
+      }
+      parsed_rule[kw_i++] = kw;
+      goto yyc_rule;
+    }
+yy193:
+                yych = *++YYCURSOR;
+                if (yych <= '@') {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy185;
+                                yyt3 = YYCURSOR;
+                        } else {
+                                if (yych == ')') {
+                                        yyt3 = yyt4 = YYCURSOR;
+                                        goto yy196;
+                                }
+                                goto yy185;
+                        }
+                } else {
+                        if (yych <= '_') {
+                                if (yych <= 'Z') {
+                                        yyt3 = YYCURSOR;
+                                        goto yy197;
+                                }
+                                if (yych <= '^') goto yy185;
+                                yyt3 = YYCURSOR;
+                                goto yy197;
+                        } else {
+                                if (yych <= '`') goto yy185;
+                                if (yych <= 'z') {
+                                        yyt3 = YYCURSOR;
+                                        goto yy197;
+                                }
+                                goto yy185;
+                        }
+                }
+yy194:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 64) {
+                        goto yy194;
+                }
+                if (yych <= '\r') goto yy185;
+                if (yych <= '"') goto yy199;
+                goto yy200;
+yy196:
+                ++YYCURSOR;
+                goto yy192;
+yy197:
+                yych = *++YYCURSOR;
+                if (yych <= '@') {
+                        if (yych <= ')') {
+                                if (yych <= '(') goto yy185;
+                                yyt4 = YYCURSOR;
+                                goto yy196;
+                        } else {
+                                if (yych <= '/') goto yy185;
+                                if (yych <= '9') goto yy197;
+                                goto yy185;
+                        }
+                } else {
+                        if (yych <= '_') {
+                                if (yych <= 'Z') goto yy197;
+                                if (yych <= '^') goto yy185;
+                                goto yy197;
+                        } else {
+                                if (yych <= '`') goto yy185;
+                                if (yych <= 'z') goto yy197;
+                                goto yy185;
+                        }
+                }
+yy199:
+                yych = *++YYCURSOR;
+                if (yych == ')') {
+                        yyt4 = YYCURSOR;
+                        goto yy196;
+                }
+                goto yy185;
+yy200:
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 64) {
+                        goto yy194;
+                }
+                if (yych <= '\r') goto yy185;
+                if (yych >= '#') goto yy200;
+                yych = *++YYCURSOR;
+                if (yybm[0+yych] & 128) {
+                        goto yy200;
+                }
+                if (yych <= '\r') {
+                        if (yych == '\n') goto yy185;
+                        if (yych <= '\f') goto yy194;
+                        goto yy185;
+                } else {
+                        if (yych <= '"') {
+                                if (yych <= '!') goto yy194;
+                                goto yy199;
+                        } else {
+                                if (yych != ')') goto yy194;
+                                yyt4 = YYCURSOR;
+                        }
+                }
+                yyaccept = 2;
+                yych = *(YYMARKER = ++YYCURSOR);
+                if (yybm[0+yych] & 64) {
+                        goto yy194;
+                }
+                if (yych <= '\r') goto yy192;
+                if (yych <= '"') goto yy199;
+                goto yy200;
+        }
+}
+out:
+  zend_hash_destroy(&vars);
+  return ret;
+}
+\ No newline at end of file
diff --git a/src/sp_config_scanner.h b/src/sp_config_scanner.h
new file mode 100644
index 0000000..3284713
--- /dev/null
+++ b/src/sp_config_scanner.h
@@ -0,0 +1,25 @@
+#ifndef SP_CONFIG_SCANNER_H
+#define SP_CONFIG_SCANNER_H
+typedef enum {
+  SP_ARGTYPE_UNKNOWN = 0,
+  SP_ARGTYPE_NONE,
+  SP_ARGTYPE_EMPTY,
+  SP_ARGTYPE_STR
+} sp_argtype;
+typedef struct {
+  char *kw; // keyword points directly to the parsed input text and as such is not null-terminated
+  size_t kwlen;
+  char *arg; // optional argument / can be not null terminated
+  size_t arglen;
+  sp_argtype argtype;
+  long lineno;
+} sp_parsed_keyword;
+zend_result sp_config_scan(char *data, zend_result (*process_rule)(sp_parsed_keyword*));
+zend_string *sp_get_arg_string(sp_parsed_keyword *kw);
+zend_string *sp_get_textual_representation(sp_parsed_keyword *parsed_rule);
+#endif
+\ No newline at end of file
diff --git a/src/sp_config_scanner.re b/src/sp_config_scanner.re
new file mode 100644
index 0000000..d7c9884
--- /dev/null
+++ b/src/sp_config_scanner.re
@@ -0,0 +1,325 @@
+#include "php_snuffleupagus.h"
+/*!types:re2c*/
+#define cs_log_error(fmt, ...) sp_log_err("config", fmt, ##__VA_ARGS__)
+#define cs_log_info(fmt, ...) sp_log_msg("config", SP_LOG_INFO, fmt, ##__VA_ARGS__)
+#define cs_log_warning(fmt, ...) sp_log_warn("config", fmt, ##__VA_ARGS__)
+zend_string *sp_get_arg_string(sp_parsed_keyword *kw) {
+  if (!kw || !kw->arg) {
+    return NULL;
+  }
+  zend_string *ret = zend_string_init(kw->arg, kw->arglen, 1);
+  char *pin, *pout;
+  pin = pout = ZSTR_VAL(ret);
+  char *pend = pin + ZSTR_LEN(ret);
+  while (pin < pend) {
+    if (*pin == '\\') {
+      pin++;
+    }
+    *pout = *pin;
+    pin++; pout++;
+  }
+  if (pin != pout) {
+    size_t len = pout - ZSTR_VAL(ret);
+    ret = zend_string_truncate(ret, len, 1);
+    ZSTR_VAL(ret)[len] = 0;
+  }
+  return ret;
+}
+zend_string *sp_get_textual_representation(sp_parsed_keyword *parsed_rule) {
+  // a rule is "sp.keyword...keyword(arg);\0"
+  size_t len = 3; // sp + ;
+  sp_parsed_keyword *kw;
+  for (kw = parsed_rule; kw->kw; kw++) {
+    len++; // .
+    len += kw->kwlen;
+    if (kw->argtype == SP_ARGTYPE_EMPTY) {
+      len += 2; // ()
+    } else if (kw->argtype == SP_ARGTYPE_STR) {
+        len += 4;
+        len += kw->arglen;
+    }
+  }
+  zend_string *ret = zend_string_alloc(len, 1);
+  char *ptr = ZSTR_VAL(ret);
+  memcpy(ptr, "sp", 2); ptr += 2;
+  for (kw = parsed_rule; kw->kw; kw++) {
+    *ptr++ = '.';
+    memcpy(ptr, kw->kw, kw->kwlen); ptr += kw->kwlen;
+    if (kw->argtype == SP_ARGTYPE_EMPTY || kw->argtype == SP_ARGTYPE_STR || kw->argtype == SP_ARGTYPE_UNKNOWN) {
+      *ptr++ = '(';
+    }
+    if (kw->argtype == SP_ARGTYPE_STR && kw->arg) {
+      *ptr++ = '"';
+      memcpy(ptr, kw->arg, kw->arglen); ptr += kw->arglen;
+      *ptr++ = '"';
+    }
+    if (kw->argtype == SP_ARGTYPE_EMPTY || kw->argtype == SP_ARGTYPE_STR || kw->argtype == SP_ARGTYPE_UNKNOWN) {
+      *ptr++ = ')';
+    }
+  }
+  *ptr++ = ';';
+  *ptr = 0;
+  return ret;
+}
+static void str_dtor(zval *zv) {
+  zend_string_release_ex(Z_STR_P(zv), 1);
+}
+// sy_ functions and macros are helpers for the shunting yard algorithm
+#define sy_res_push(val) \
+  if (cond_res_i >= 100) { cs_log_error("condition too complex on line %d", lineno); goto out; } \
+  cond_res[cond_res_i++] = val;
+#define sy_res_pop() cond_res[--cond_res_i]
+#define sy_op_push(op) \
+  if (cond_op_i >= 100) { cs_log_error("condition too complex on line %d", lineno); goto out; } \
+  cond_op[cond_op_i++] = op;
+#define sy_op_pop() cond_op[--cond_op_i]
+#define sy_op_peek() cond_op[cond_op_i-1]
+static inline int sy_op_precedence(char op) {
+  switch (op) {
+    case '!': return 120;
+    case '<':
+    case '>':
+    case 'L': // <=
+    case 'G': // >=
+              return 90;
+    case '&': return 70;
+    case '|': return 60;
+    case '=': return 20;
+  }
+  return 0;
+}
+static inline int sy_op_is_left_assoc(char op) {
+  switch (op) {
+    case '!': return 0;
+  }
+  return 1;
+}
+static int sy_apply_op(char op, int a, int b) {
+  switch (op) {
+    case '!': return !a;
+    case '&': return (b && a);
+    case '|': return (b || a);
+    case '<': return (b < a);
+    case 'L': return (b <= a);
+    case 'G': return (b >= a);
+    case '>': return (b > a);
+    case '=': return (b == a);
+  }
+  return 0;
+}
+#define SY_APPLY_OP_FROM_STACK() \
+  char op = sy_op_pop(); \
+  int unary = (op == '!'); \
+  if (cond_res_i < (2 - unary)) { cs_log_error("not enough input on line %d", lineno); goto out; } \
+  int a = sy_res_pop(); \
+  int b = unary ? 0 : sy_res_pop(); \
+  int res = sy_apply_op(op, a, b); \
+  sy_res_push(res);
+#define TMPSTR(tmpstr, t2, t1) \
+      char tmpstr[1024]; \
+      size_t tmplen = MIN(t2-t1-2, 1023); \
+      strncpy(tmpstr, t1+1, tmplen); \
+      tmpstr[tmplen] = 0;
+zend_result sp_config_scan(char *data, zend_result (*process_rule)(sp_parsed_keyword*))
+{
+  const char *YYCURSOR = data;
+  const char *YYMARKER, *t1, *t2, *t3, *t4;
+  /*!stags:re2c format = 'const char *@@;\n'; */
+  int ret = FAILURE;
+  const int max_keywords = 16;
+  sp_parsed_keyword parsed_rule[max_keywords+1];
+  int kw_i = 0;
+  HashTable vars;
+  zend_hash_init(&vars, 10, NULL, str_dtor, 1);
+  zend_hash_str_add_ptr(&vars, ZEND_STRL("PHP_VERSION_ID"), zend_string_init(ZEND_STRL(ZEND_TOSTR(PHP_VERSION_ID)), 1));
+  int cond_res[100] = {1};
+  int cond_res_i = 0;
+  char cond_op[100] = {0};
+  int cond_op_i = 0;
+  int cond = yycinit;
+  long lineno = 1;
+  /*!re2c
+    re2c:define:YYCTYPE = "unsigned char";
+    // re2c:define:YYCURSOR = data;
+    re2c:yyfill:enable = 0;
+    re2c:flags:tags = 1;
+    re2c:api:style = free-form;
+    re2c:define:YYGETCONDITION = "cond";
+    re2c:define:YYSETCONDITION = "cond = @@;";
+    end = "\x00";
+    nl = "\r"?"\n";
+    ws = [ \t];
+    keyword = [a-zA-Z_][a-zA-Z0-9_]*;
+    string = "\"" ("\\\"" | [^"\r\n])* "\"";
+    <init> *       { cs_log_error("Parser error on line %d", lineno); goto out; }
+    <init> ws+     { goto yyc_init; }
+    <init> [;#] .* { goto yyc_init; }
+    <init> nl      { lineno++; goto yyc_init; }
+    <init> "sp"    { kw_i = 0;  goto yyc_rule; }
+    <init> end     { ret = SUCCESS; goto out; }
+    <init> "@"? "set" ws+ @t1 keyword @t2 ws+ @t3 string @t4 ws* ";"? {
+      if (!cond_res[0]) { goto yyc_init; }
+      char *key = (char*)t1;
+      int keylen = t2-t1;
+      zend_string *tmp = zend_hash_str_find_ptr(&vars, key, keylen);
+      if (tmp) {
+        zend_hash_str_del(&vars, key, keylen);
+      }
+      tmp = zend_string_init(t3+1, t4-t3-2, 1);
+      zend_hash_str_add_ptr(&vars, key, keylen, tmp);
+      goto yyc_init;
+    }
+    <init> "@condition" ws+ { cond_res_i = 0; goto yyc_cond; }
+    <init> "@end_condition" ws* ";" { cond_res[0] = 1; cond_res_i = 0; goto yyc_init; }
+    <init> ( "@log" | "@info" ) ws+ @t1 string @t2 ";"? {
+      if (!cond_res[0]) { goto yyc_init; }
+      TMPSTR(tmpstr, t2, t1);
+      cs_log_info("[line %d]: %s", lineno, tmpstr);
+      goto yyc_init;
+    }
+    <init> ( "@warn" | "@warning" ) ws+ @t1 string @t2 ";"? {
+      if (!cond_res[0]) { goto yyc_init; }
+      TMPSTR(tmpstr, t2, t1);
+      cs_log_warning("[line %d]: %s", lineno, tmpstr);
+      goto yyc_init;
+    }
+    <init> ( "@err" | "@error" ) ws+ @t1 string @t2 ";"? {
+      if (!cond_res[0]) { goto yyc_init; }
+      TMPSTR(tmpstr, t2, t1);
+      cs_log_error("[line %d]: %s", lineno, tmpstr);
+      goto out;
+    }
+    <cond> ws+ { goto yyc_cond; }
+    <cond> nl  { lineno++; goto yyc_cond; }
+    <cond> @t1 keyword @t2 "(" @t3 string? @t4 ")" {
+      if (t4-t3 >= 2 && strlen("extension_loaded") == t2-t1 && strncmp("extension_loaded", t1, t2-t1) == 0) {
+        int is_loaded = (zend_hash_str_find_ptr(&module_registry, t3+1, t4-t3-2) != NULL);
+        sy_res_push(is_loaded);
+      } else {
+        cs_log_error("unknown function in condition on line %d", lineno);
+        goto out;
+      }
+      goto yyc_cond_op;
+    }
+    <cond> @t1 keyword @t2 {
+      zend_string *tmp = zend_hash_str_find_ptr(&vars, t1, t2-t1);
+      if (!tmp) {
+        cs_log_error("unknown variable in condition on line %d", lineno);
+        goto out;
+      }
+      sy_res_push(atoi(ZSTR_VAL(tmp)));
+      goto yyc_cond_op;
+    }
+    <cond> @t1 [0-9]+ @t2 { sy_res_push(atoi(t1));  goto yyc_cond_op; }
+    <cond> @t1 "!" { sy_op_push(*t1); goto yyc_cond; }
+    <cond> @t1 "(" { sy_op_push(*t1); goto yyc_cond; }
+    <cond_op> ws+ { goto yyc_cond_op; }
+    <cond_op> nl  { lineno++; goto yyc_cond_op; }
+    <cond_op> @t1 ( "&&" | "||" | "<" | ">" | "==" | "<=" | ">=") @t2 {
+      char op1 = *t1;
+      if (t2-t1 == 2) {
+        switch (op1) {
+          case '<': op1 = 'L'; break; // <=
+          case '>': op1 = 'G'; break; // >=
+        }
+      }
+      while (cond_op_i && sy_op_peek() != '(' && ((sy_op_precedence(sy_op_peek()) > sy_op_precedence(*t1)) || (sy_op_precedence(sy_op_peek()) == sy_op_precedence(*t1) && sy_op_is_left_assoc(*t1)))) {
+        SY_APPLY_OP_FROM_STACK();
+      }
+      sy_op_push(*t1);
+      goto yyc_cond;
+    }
+    <cond_op> ")" {
+      while (cond_op_i && sy_op_peek() != '(') {
+        SY_APPLY_OP_FROM_STACK();
+      }
+      if (cond_op_i == 0 || sy_op_peek() != '(') {
+        cs_log_error("unbalanced parathesis on line %d", lineno); goto out;
+      }
+      cond_op_i--;
+      goto yyc_cond_op;
+    }
+    <cond_op> ";" {
+      while (cond_op_i) {
+        if (sy_op_peek() == '(') { cs_log_error("unbalanced parathesis on line %d", lineno); goto out; }
+        SY_APPLY_OP_FROM_STACK();
+      }
+      if (cond_res_i > 1) { cs_log_error("invalid condition on line %d", lineno); goto out; }
+      goto yyc_init;
+    }
+    <cond, cond_op> * { cs_log_error("Syntax error in condition on line %d", lineno); goto out; }
+    <rule> ws+     {  goto yyc_rule; }
+    <rule> nl / ( nl | ws )* "." {  lineno++; goto yyc_rule; }
+    <rule> "." @t1 keyword @t2 ( "(" @t3 ( string? | keyword ) @t4 ")" )?  {
+      if (!cond_res[0]) { goto yyc_rule; }
+      if (kw_i == max_keywords) {
+        cs_log_error("Too many keywords in rule (more than %d) on line %d", max_keywords, lineno);
+        goto out;
+      }
+      sp_parsed_keyword kw = {.kw = (char*)t1, .kwlen = t2-t1, .arg = (char*)t3, .arglen = t4-t3, .argtype = SP_ARGTYPE_UNKNOWN, .lineno = lineno};
+      if (t3 && t4) {
+        if (t3 == t4) {
+          kw.argtype = SP_ARGTYPE_EMPTY;
+        } else if (t4-t3 >= 2 && *t3 == '"') {
+          kw.arg = (char*)t3 + 1;
+          kw.arglen = t4 - t3 - 2;
+          kw.argtype = SP_ARGTYPE_STR;
+        } else {
+          zend_string *tmp = zend_hash_str_find_ptr(&vars, t3, t4-t3);
+          if (!tmp) {
+            cs_log_error("unknown variable on line %d", lineno);
+            goto out;
+          }
+          kw.arg = ZSTR_VAL(tmp);
+          kw.arglen = ZSTR_LEN(tmp);
+          kw.argtype = SP_ARGTYPE_STR;
+        }
+      } else {
+        kw.argtype = SP_ARGTYPE_NONE;
+      }
+      parsed_rule[kw_i++] = kw;
+      goto yyc_rule;
+    }
+    <rule> ";"     {
+      end_of_rule:
+      if (!cond_res[0]) { goto yyc_init; }
+      parsed_rule[kw_i++] = (sp_parsed_keyword){0, 0, 0, 0, 0, 0};
+      if (process_rule && process_rule(parsed_rule) != SUCCESS) {
+        goto out;
+      }
+      goto yyc_init;
+    }
+    <rule> *       { goto end_of_rule; }
+  */
+out:
+  zend_hash_destroy(&vars);
+  return ret;
+}
+\ No newline at end of file
diff --git a/src/sp_config_utils.c b/src/sp_config_utils.c
index 18cdf03..e93ef31 100644
--- a/src/sp_config_utils.c
+++ b/src/sp_config_utils.c
@@ -1,110 +1,7 @@
 #include "php_snuffleupagus.h"
-int parse_keywords(sp_config_functions *funcs, char *line) {
-  int value_len = 0;
-  const char *original_line = line;
-  for (size_t i = 0; funcs[i].func; i++) {
-    if (!strncmp(funcs[i].token, line, strlen(funcs[i].token))) {
-      line += strlen(funcs[i].token);
-      value_len = funcs[i].func(line, funcs[i].token, funcs[i].retval) + 1;
-      if (value_len == 0) {  // bad parameter
-        return -1;
-      }
-      line += value_len;
-      i = -1;  // we start the loop again
-    }
-  }
-  while (*line == ';' || *line == '\t' || *line == ' ') {
-    line++;
-  }
-  if (*line == '#') {
-    return 0;
-  }
-  if (*line) {
-    sp_log_err("config", "Trailing chars '%s' at the end of '%s' on line %zu",
-               line, original_line, sp_line_no);
-    return -1;
-  }
-  return 0;
-}
-zend_string *get_param(size_t *consumed, char *restrict line, sp_type type,
-                       const char *restrict keyword) {
-  enum { IN_ESCAPE, NONE } state = NONE;
-  char *original_line = line;
-  size_t j = 0;
-  zend_string *ret = NULL;
-  if (NULL == line || '\0' == *line) {
-    goto err;
-  }
-  ret = zend_string_alloc(strlen(line) + 1, 1);
-  /* The first char of a string is always '"', since they MUST be quoted. */
-  if ('"' == *line) {
-    line++;
-  } else {
-    goto err;
-  }
-  for (size_t i = 0; line[i] && j < strlen(original_line) - 2; i++) {
-    switch (line[i]) {
-      case '"':
-        /* A double quote at this point is either:
-          - at the very end of the string.
-          - escaped
-          */
-        if ((state == NONE) && (line[i + 1] == SP_TOKEN_END_PARAM)) {
-          /* The `+2` if for
-           1. the terminal double-quote
-           2. the SP_TOKEN_END_PARAM
-           */
-          *consumed = i + 2;
-          // Make sure that the string we return is the right size,
-          // as it can be smaller than strlen(line)
-          ret = zend_string_truncate(ret, j, 1);
-          // truncate does not add a \0
-          ZSTR_VAL(ret)[ZSTR_LEN(ret)] = 0;
-          return ret;
-        } else if (state == IN_ESCAPE) {
-          break;  // we're on an escped double quote
-        } else {
-          goto err;
-        }
-      case '\\':
-        if (state == NONE) {
-          state = IN_ESCAPE;
-          continue;
-        }
-      default:
-        break;
-    }
-    if (state == IN_ESCAPE) {
-      state = NONE;
-    }
-    ZSTR_VAL(ret)[j++] = line[i];
-  }
-err:
-  if (0 == j) {
-    sp_log_err("error", "A valid string as parameter is expected on line %zu",
-               sp_line_no);
-  } else {
-    sp_log_err("error",
-               "There is an issue with the parsing of '%s': it doesn't look "
-               "like a valid string on line %zu",
-               original_line ? original_line : "NULL", sp_line_no);
-  }
-  line = NULL;
-  if (ret) {
-    zend_string_release(ret);
-  }
-  return NULL;
-}
-zend_always_inline sp_list_node *parse_functions_list(char *value) {
+sp_list_node *parse_functions_list(char *value) {
  static const char *sep = ">";
  if (NULL == strchr(value, sep[0])) {
diff --git a/src/sp_config_utils.h b/src/sp_config_utils.h
index a63cadc..64817a0 100644
--- a/src/sp_config_utils.h
+++ b/src/sp_config_utils.h
@@ -1,9 +1,6 @@
 #ifndef SP_CONFIG_UTILS
 #define SP_CONFIG_UTILS
-int parse_keywords(sp_config_functions *, char *);
-zend_string *get_param(size_t *, char *restrict, sp_type, const char *restrict);
-int array_to_list(char **, sp_list_node **);
 sp_list_node *parse_functions_list(char *value);
 #endif /* SP_CONFIG_UTILS */
diff --git a/src/sp_cookie_encryption.c b/src/sp_cookie_encryption.c
index 7bcedd2..b2cff66 100644
--- a/src/sp_cookie_encryption.c
+++ b/src/sp_cookie_encryption.c
@@ -1,7 +1,7 @@
 #include "php_snuffleupagus.h"
 static inline const sp_cookie *sp_lookup_cookie_config(const zend_string *key) {
-  const sp_list_node *it = SNUFFLEUPAGUS_G(config).config_cookie->cookies;
+  const sp_list_node *it = SPCFG(cookie).cookies;
  while (it) {
    const sp_cookie *config = it->data;
@@ -133,11 +133,11 @@ PHP_FUNCTION(sp_setcookie) {
  }
  /* If the request was issued over HTTPS, the cookie should be "secure" */
-  if (SNUFFLEUPAGUS_G(config).config_auto_cookie_secure) {
+  if (SPCFG(auto_cookie_secure).enable) {
    const zval server_vars = PG(http_globals)[TRACK_VARS_SERVER];
    if (Z_TYPE(server_vars) == IS_ARRAY) {
      const zval *is_https =
-          zend_hash_str_find(Z_ARRVAL(server_vars), "HTTPS", strlen("HTTPS"));
+          zend_hash_str_find(Z_ARRVAL(server_vars), ZEND_STRL("HTTPS"));
      if (NULL != is_https) {
        secure = 1;
      }
diff --git a/src/sp_crypt.c b/src/sp_crypt.c
index c57ac0b..c1d9403 100644
--- a/src/sp_crypt.c
+++ b/src/sp_crypt.c
@@ -3,13 +3,10 @@
 void generate_key(unsigned char *key) {
  PHP_SHA256_CTX ctx;
  const char *user_agent = getenv("HTTP_USER_AGENT");
-  const zend_string *env_var_zend =
+  const zend_string *env_var_zend = SPCFG(cookies_env_var);
-      SNUFFLEUPAGUS_G(config).config_snuffleupagus->cookies_env_var;
+  const zend_string *encryption_key_zend = SPCFG(encryption_key);
-  const zend_string *encryption_key_zend =
-      SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key;
  const char *env_var = (env_var_zend ? getenv(ZSTR_VAL(env_var_zend)) : NULL);
-  const char *encryption_key =
+  const char *encryption_key = (encryption_key_zend ? ZSTR_VAL(encryption_key_zend) : NULL);
-      (encryption_key_zend ? ZSTR_VAL(encryption_key_zend) : NULL);
  assert(32 == crypto_secretbox_KEYBYTES);  // 32 is the size of a SHA256.
  assert(encryption_key);                   // Encryption key can't be NULL
@@ -40,27 +37,25 @@ void generate_key(unsigned char *key) {
 // This function return 0 upon success , non-zero otherwise
 int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) {
  unsigned char key[crypto_secretbox_KEYBYTES] = {0};
-  unsigned char *decrypted;
+  unsigned char *decrypted = NULL, *backup = NULL;
-  zend_string *debase64;
  int ret = 0;
-  debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)),
+  zend_string *debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)), Z_STRLEN_P(pDest));
-                               Z_STRLEN_P(pDest));
  if (ZSTR_LEN(debase64) < crypto_secretbox_NONCEBYTES) {
    if (true == simulation) {
      sp_log_simulation(
          "cookie_encryption",
          "Buffer underflow tentative detected in cookie encryption handling "
-          "for %s. Using the cookie 'as it' instead of decrypting it",
+          "for %s. Using the cookie 'as is' instead of decrypting it",
          hash_key ? ZSTR_VAL(hash_key->key) : "the session");
-      return ZEND_HASH_APPLY_KEEP;
+      ret = ZEND_HASH_APPLY_KEEP; goto out;
    } else {
      // LCOV_EXCL_START
      sp_log_drop(
          "cookie_encryption",
-          "Buffer underflow tentative detected in cookie encryption handling");
+          "Buffer underflow (tentative) detected in cookie encryption handling");
-      return ZEND_HASH_APPLY_REMOVE;
+      ret = ZEND_HASH_APPLY_REMOVE; goto out;
      // LCOV_EXCL_STOP
    }
  }
@@ -71,15 +66,15 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) {
    if (true == simulation) {
      sp_log_simulation(
          "cookie_encryption",
-          "Integer overflow tentative detected in cookie encryption handling "
+          "Integer overflow (tentative) detected in cookie encryption handling "
          "for %s. Using the cookie 'as it' instead of decrypting it.",
          hash_key ? ZSTR_VAL(hash_key->key) : "the session");
-      return ZEND_HASH_APPLY_KEEP;
+      ret = ZEND_HASH_APPLY_KEEP; goto out;
    } else {
      sp_log_drop(
          "cookie_encryption",
-          "Integer overflow tentative detected in cookie encryption handling.");
+          "Integer overflow (tentative) detected in cookie encryption handling.");
-      return ZEND_HASH_APPLY_REMOVE;
+      ret = ZEND_HASH_APPLY_REMOVE; goto out;
    }
  }
  // LCOV_EXCL_STOP
@@ -87,7 +82,7 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) {
  generate_key(key);
  decrypted = ecalloc(ZSTR_LEN(debase64) + crypto_secretbox_ZEROBYTES, 1);
-  char *backup = ecalloc(ZSTR_LEN(debase64), 1);
+  backup = ecalloc(ZSTR_LEN(debase64), 1);
  memcpy(backup, ZSTR_VAL(debase64), ZSTR_LEN(debase64));
  ret = crypto_secretbox_open(
@@ -101,28 +96,31 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) {
      sp_log_simulation(
          "cookie_encryption",
          "Something went wrong with the decryption of %s. Using the cookie "
-          "'as it' instead of decrypting it",
+          "'as is' instead of decrypting it",
          hash_key ? ZSTR_VAL(hash_key->key) : "the session");
      memcpy(ZSTR_VAL(debase64), backup, ZSTR_LEN(debase64));
-      efree(backup);
+      ret = ZEND_HASH_APPLY_KEEP; goto out;
-      return ZEND_HASH_APPLY_KEEP;
    } else {
      sp_log_warn("cookie_encryption",
                  "Something went wrong with the decryption of %s",
                  hash_key ? ZSTR_VAL(hash_key->key) : "the session");
-      efree(backup);
+      ret = ZEND_HASH_APPLY_REMOVE; goto out;
-      return ZEND_HASH_APPLY_REMOVE;
    }
  }
-  efree(backup);
  ZVAL_STRINGL(pDest, (char *)(decrypted + crypto_secretbox_ZEROBYTES),
               ZSTR_LEN(debase64) - crypto_secretbox_NONCEBYTES - 1 -
                   crypto_secretbox_ZEROBYTES);
-  efree(decrypted);
+  ret = ZEND_HASH_APPLY_KEEP;
-  return ZEND_HASH_APPLY_KEEP;
+out:
+  if (debase64) { zend_string_efree(debase64); }
+  if (decrypted) { efree(decrypted); }
+  if (backup) { efree(backup); }
+  return ret;
 }
 /*
@@ -156,10 +154,19 @@ zend_string *encrypt_zval(zend_string *data) {
  memcpy(encrypted_data, nonce, crypto_secretbox_NONCEBYTES);
-  crypto_secretbox(encrypted_data + crypto_secretbox_NONCEBYTES,
+  int err = crypto_secretbox(encrypted_data + crypto_secretbox_NONCEBYTES,
                   data_to_encrypt, encrypted_msg_len, nonce, key);
-  zend_string *z = php_base64_encode(encrypted_data, emsg_and_nonce_len);
+  zend_string *z = NULL;
+  if (err) {
+    sp_log_err("cookie_encryption", "something went wrong during encryption");
+    z = zend_string_init("<sp_encryption_error>", 21, 0);
+  } else {
+    z = php_base64_encode(encrypted_data, emsg_and_nonce_len);
+  }
+  efree(data_to_encrypt);
+  efree(encrypted_data);
  return z;
 }
diff --git a/src/sp_disable_xxe.c b/src/sp_disable_xxe.c
index f9712b5..44e60ab 100644
--- a/src/sp_disable_xxe.c
+++ b/src/sp_disable_xxe.c
@@ -1,24 +1,25 @@
 #include "php_snuffleupagus.h"
 PHP_FUNCTION(sp_libxml_disable_entity_loader) {
-  sp_log_warn("xxe",
+  sp_log_warn("xxe", "A call to libxml_disable_entity_loader was tried and nopped");
-              "A call to libxml_disable_entity_loader was tried and nopped");
  RETURN_TRUE;
 }
 PHP_FUNCTION(sp_libxml_set_external_entity_loader) {
-  sp_log_warn(
+  sp_log_warn("xxe", "A call to libxml_set_external_entity_loader was tried and nopped");
-      "xxe",
-      "A call to libxml_set_external_entity_loader was tried and nopped");
  RETURN_TRUE;
 }
 int hook_libxml_disable_entity_loader() {
  TSRMLS_FETCH();
+  if (!zend_hash_str_find_ptr(&module_registry, ZEND_STRL("xml"))) {
+    sp_log_warn("xxe", "Cannot enable XXE protection. XML support is disabled in PHP.");
+  }
  zval func_name;
  zval retval;
-  zval params[1];
+  zval params[1] = {0};
 #if PHP_VERSION_ID < 80000
  // This function is deprecated in PHP8, but better safe than sorry for php7.
@@ -32,10 +33,8 @@ int hook_libxml_disable_entity_loader() {
  ZVAL_NULL(&params[0]);
  call_user_function(CG(function_table), NULL, &func_name, &retval, 1, params);
-  HOOK_FUNCTION("libxml_disable_entity_loader", sp_internal_functions_hook,
+  HOOK_FUNCTION("libxml_disable_entity_loader", sp_internal_functions_hook, PHP_FN(sp_libxml_disable_entity_loader));
-                PHP_FN(sp_libxml_disable_entity_loader));
+  HOOK_FUNCTION("libxml_set_external_entity_loader", sp_internal_functions_hook, PHP_FN(sp_libxml_set_external_entity_loader));
-  HOOK_FUNCTION("libxml_set_external_entity_loader", sp_internal_functions_hook,
-                PHP_FN(sp_libxml_set_external_entity_loader));
  return SUCCESS;
 }
diff --git a/src/sp_disabled_functions.c b/src/sp_disabled_functions.c
index c47b5cb..95e19ad 100644
--- a/src/sp_disabled_functions.c
+++ b/src/sp_disabled_functions.c
@@ -13,26 +13,26 @@ static void should_drop_on_ret(const zval* return_value,
                               zend_execute_data* execute_data);
 char* get_complete_function_path(zend_execute_data const* const execute_data) {
-  if (zend_is_executing() && !EG(current_execute_data)->func) {
+  if (!execute_data) {
    return NULL;  // LCOV_EXCL_LINE
  }
-  if (!(execute_data->func->common.function_name)) {
+  zend_function *func = execute_data->func;
+  if (!(func->common.function_name)) {
    return NULL;
  }
-  char const* class_name;
+  char const* const function_name = ZSTR_VAL(func->common.function_name);
-  char const* const function_name =
-      ZSTR_VAL(execute_data->func->common.function_name);
  char* complete_path_function = NULL;
-  class_name = get_active_class_name(NULL);
+  if ((func->type == ZEND_USER_FUNCTION || func->type == ZEND_INTERNAL_FUNCTION) && func->common.scope) {
-  if (*class_name) {
+    char const* class_name = ZSTR_VAL(func->common.scope->name);
    const size_t len = strlen(class_name) + 2 + strlen(function_name) + 1;
    complete_path_function = emalloc(len);
    snprintf(complete_path_function, len, "%s::%s", class_name, function_name);
  } else {
    complete_path_function = estrdup(function_name);
  }
  return complete_path_function;
 }
@@ -67,28 +67,22 @@ static bool is_functions_list_matching(zend_execute_data* execute_data,
  return false;
 }
-static bool is_local_var_matching(
+static bool is_local_var_matching(zend_execute_data* execute_data, const sp_disabled_function* const config_node) {
-    zend_execute_data* execute_data,
-    const sp_disabled_function* const config_node) {
  zval* var_value = {0};
  var_value = sp_get_var_value(execute_data, config_node->var, false);
  if (var_value) {
    if (Z_TYPE_P(var_value) == IS_ARRAY) {
      if (config_node->key || config_node->r_key) {
-        if (sp_match_array_key(var_value, config_node->key,
+        if (sp_match_array_key(var_value, config_node->key, config_node->r_key)) {
-                               config_node->r_key)) {
          return true;
        }
-      } else if (sp_match_array_value(var_value, config_node->value,
+      } else if (sp_match_array_value(var_value, config_node->value, config_node->r_value)) {
-                                      config_node->r_value)) {
        return true;
      }
    } else {
-      zend_string const* const var_value_str =
+      zend_string const* const var_value_str = sp_zval_to_zend_string(var_value);
-          sp_zval_to_zend_string(var_value);
+      bool match = sp_match_value(var_value_str, config_node->value, config_node->r_value);
-      bool match = sp_match_value(var_value_str, config_node->value,
-                                  config_node->r_value);
      if (true == match) {
        return true;
@@ -98,107 +92,105 @@ static bool is_local_var_matching(
  return false;
 }
+static inline const char* get_fn_arg_name(zend_function *fn, uint32_t i) {
+  if (fn->type == ZEND_USER_FUNCTION || (fn->common.fn_flags & ZEND_ACC_USER_ARG_INFO)) {
+    return ZSTR_VAL(fn->op_array.arg_info[i].name);
+  } else {
+    return fn->internal_function.arg_info[i].name;
+  }
+}
 static bool is_param_matching(zend_execute_data* execute_data,
                              sp_disabled_function const* const config_node,
                              const zend_string* builtin_param,
                              const char* builtin_param_name,
                              const char** arg_name,
                              const zend_string** arg_value_str) {
-  int nb_param = ZEND_CALL_NUM_ARGS(execute_data);
+  // builtin functions
-  int i = 0;
-  zval* arg_value;
-  if (config_node->pos != -1) {
-    if (config_node->pos > nb_param - 1) {
-      char* complete_function_path = get_complete_function_path(execute_data);
-      sp_log_warn("config",
-                  "It seems that you wrote a rule filtering on the "
-                  "%d%s argument of the function '%s', but it takes only %d "
-                  "arguments. "
-                  "Matching on _all_ arguments instead.",
-                  config_node->pos, GET_SUFFIX(config_node->pos),
-                  complete_function_path, nb_param);
-      efree(complete_function_path);
-    } else {
-      i = config_node->pos;
-      nb_param = (config_node->pos) + 1;
-    }
-  }
  if (builtin_param) {
    /* We're matching on a language construct (here named "builtin"),
-     * and they can only take a single argument, but PHP considers them
+    * and they can only take a single argument, but PHP considers them
-     * differently than functions arguments. */
+    * differently than functions arguments. */
    *arg_name = builtin_param_name;
    *arg_value_str = builtin_param;
    return sp_match_value(builtin_param, config_node->value,
                          config_node->r_value);
-  } else if (config_node->r_param || config_node->pos != -1) {
+  }
-    // We're matching on a function (and not a language construct)
-    for (; i < nb_param; i++) {
-      if (ZEND_USER_CODE(execute_data->func->type)) {  // yay consistency
-        *arg_name = ZSTR_VAL(execute_data->func->common.arg_info[i].name);
-      } else {
-        *arg_name = execute_data->func->internal_function.arg_info[i].name;
-      }
-      const bool pcre_matching =
-          config_node->r_param &&
-          (true == sp_is_regexp_matching(config_node->r_param, *arg_name));
-      /* This is the parameter name we're looking for. */
+  // safeguards
-      if (true == pcre_matching || config_node->pos != -1) {
+  if (!execute_data || !execute_data->func) {
-        arg_value = ZEND_CALL_ARG(execute_data, i + 1);
+    sp_log_debug("no execute data -> silently ignore parameter matching");
+    return false;
+  }
-        if (config_node->param_type) {  // Are we matching on the `type`?
+  *arg_name = NULL;
-          if (config_node->param_type == Z_TYPE_P(arg_value)) {
+  int call_num_args = EX_NUM_ARGS();
-            return true;
+  zend_function *fn = execute_data->func;
-          }
+  int fn_num_args = fn->common.num_args;
-        } else if (Z_TYPE_P(arg_value) == IS_ARRAY) {
-          *arg_value_str = sp_zval_to_zend_string(arg_value);
+  if (!call_num_args) {
-          if (config_node->key || config_node->r_key) {
+    sp_log_debug("no call arguments -> return");
-            if (sp_match_array_key(arg_value, config_node->key,
+    return false; // no arguments to check
-                                   config_node->r_key)) {
+  }
-              return true;
-            }
+  if (config_node->pos > call_num_args - 1 || config_node->pos > fn_num_args) {
-          } else if (sp_match_array_value(arg_value, config_node->value,
+    // trying to match argument beyond last given argument OR beyond last declared argument.
-                                          config_node->r_value)) {
+    // this is perfectly normal for functions with
-            return true;
+    //   (a) optional arguments
-          }
+    //   (b) excess arguments
-        } else {
+    //   (c) variadic arguments which are not supported
-          *arg_value_str = sp_zval_to_zend_string(arg_value);
+    return false;
-          if (sp_match_value(*arg_value_str, config_node->value,
+  }
-                             config_node->r_value)) {
-            return true;
+  zval* arg_value = NULL;
-          }
-        }
+  if (config_node->pos > -1) {
-      }
+    if (config_node->pos < fn_num_args) {
+      *arg_name = get_fn_arg_name(fn, config_node->pos);
    }
+    arg_value = ZEND_CALL_ARG(execute_data, config_node->pos + 1);
  } else if (config_node->param) {
    *arg_name = config_node->param->value;
    arg_value = sp_get_var_value(execute_data, config_node->param, true);
+  } else if (config_node->r_param) {
+    for (int i = 0; i < call_num_args; i++) {
+      *arg_name = get_fn_arg_name(fn, i);
+      if (true == sp_is_regexp_matching(config_node->r_param, *arg_name)) {
+        arg_value = ZEND_CALL_ARG(execute_data, i + 1);
+      }
+    }
+  }
+  
+  if (!arg_value) {
+    sp_log_debug("no argument match -> return");
+    return false;
+  }
-    if (arg_value) {
+  if (config_node->param_type) {
-      *arg_value_str = sp_zval_to_zend_string(arg_value);
+    if (config_node->param_type == Z_TYPE_P(arg_value)) {
-      if (config_node->param_type) {  // Are we matching on the `type`?
+      if (!(config_node->key || config_node->r_key || config_node->value || config_node->r_value)) { // Are we matching on the `type` only?
-        if (config_node->param_type == Z_TYPE_P(arg_value)) {
+        sp_log_debug("arg type match only.");
-          return true;
-        }
-      } else if (Z_TYPE_P(arg_value) == IS_ARRAY) {
-        if (config_node->key || config_node->r_key) {
-          if (sp_match_array_key(arg_value, config_node->key,
-                                 config_node->r_key)) {
-            return true;
-          }
-        } else if (sp_match_array_value(arg_value, config_node->value,
-                                        config_node->r_value)) {
-          return true;
-        }
-      } else if (sp_match_value(*arg_value_str, config_node->value,
-                                config_node->r_value)) {
        return true;
      }
+    } else {
+      sp_log_debug("arg type mismatch -> return");
+      return false;
    }
  }
+  *arg_value_str = sp_zval_to_zend_string(arg_value);
+  if (Z_TYPE_P(arg_value) == IS_ARRAY) {
+    if (config_node->key || config_node->r_key) {
+      if (sp_match_array_key(arg_value, config_node->key, config_node->r_key)) {
+        return true;
+      }
+    } else if (sp_match_array_value(arg_value, config_node->value, config_node->r_value)) {
+        return true;
+    }
+  } else if (sp_match_value(*arg_value_str, config_node->value, config_node->r_value)) {
+    return true;
+  }
  return false;
 }
@@ -218,17 +210,15 @@ static zend_execute_data* is_file_matching(
      return ex;  // LCOV_EXCL_LINE
    }
    ITERATE(ex);
-    if (zend_string_equals(ex->func->op_array.filename,
+    if (zend_string_equals(ex->func->op_array.filename, config_node->filename)) {
-                           config_node->filename)) {
      return ex;  // LCOV_EXCL_LINE
    }
  } else if (config_node->r_filename) {
-    if (sp_is_regexp_matching_zend(config_node->r_filename, current_filename)) {
+    if (sp_is_regexp_matching_zstr(config_node->r_filename, current_filename)) {
      return ex;
    }
    ITERATE(ex);
-    if (sp_is_regexp_matching_zend(config_node->r_filename,
+    if (sp_is_regexp_matching_zstr(config_node->r_filename, ex->func->op_array.filename)) {
-                                   ex->func->op_array.filename)) {
      return ex;
    }
  }
@@ -267,7 +257,7 @@ void should_disable_ht(zend_execute_data* execute_data,
    current_filename = zend_string_init(tmp, strlen(tmp), 0);
  }
-  ht_entry = zend_hash_str_find_ptr(ht, function_name, strlen(function_name));
+  ht_entry = zend_hash_str_find_ptr(ht, VAR_AND_LEN(function_name));
  if (ht_entry) {
    should_disable(execute_data, function_name, builtin_param,
@@ -289,26 +279,22 @@ static void should_disable(zend_execute_data* execute_data,
  char current_file_hash[SHA256_SIZE * 2 + 1] = {0};
  while (config) {
-    sp_disabled_function const* const config_node =
+    sp_disabled_function const* const config_node = (sp_disabled_function*)(config->data);
-        (sp_disabled_function*)(config->data);
    const char* arg_name = NULL;
    const zend_string* arg_value_str = NULL;
    /* The order matters, since when we have `config_node->functions_list`,
    we also do have `config_node->function` */
    if (config_node->functions_list) {
-      if (false == is_functions_list_matching(execute_data,
+      if (false == is_functions_list_matching(execute_data, config_node->functions_list)) {
-                                              config_node->functions_list)) {
        goto next;
      }
    } else if (config_node->function) {
-      if (0 !=
+      if (0 != strcmp(ZSTR_VAL(config_node->function), complete_function_path)) {
-          strcmp(ZSTR_VAL(config_node->function), complete_function_path)) {
        goto next;  // LCOV_EXCL_LINE
      }
    } else if (config_node->r_function) {
-      if (false == sp_is_regexp_matching(config_node->r_function,
+      if (false == sp_is_regexp_matching(config_node->r_function, complete_function_path)) {
-                                         complete_function_path)) {
        goto next;
      }
    }
@@ -320,8 +306,7 @@ static void should_disable(zend_execute_data* execute_data,
    }
    if (config_node->filename || config_node->r_filename) {
-      zend_execute_data* ex =
+      zend_execute_data* ex = is_file_matching(execute_data, config_node, current_filename);
-          is_file_matching(execute_data, config_node, current_filename);
      if (!ex) {
        goto next;
      }
@@ -344,8 +329,7 @@ static void should_disable(zend_execute_data* execute_data,
      if ('\0' == current_file_hash[0]) {
        compute_hash(ZSTR_VAL(current_filename), current_file_hash);
      }
-      if (0 != strncmp(current_file_hash, ZSTR_VAL(config_node->hash),
+      if (0 != strncmp(current_file_hash, ZSTR_VAL(config_node->hash), SHA256_SIZE)) {
-                       SHA256_SIZE)) {
        goto next;
      }
    }
@@ -366,9 +350,7 @@ static void should_disable(zend_execute_data* execute_data,
            "Snuffleupagus doesn't support variadic functions yet, sorry. "
            "Check https://github.com/jvoisin/snuffleupagus/issues/164 for "
            "details.");
-      } else if (false == is_param_matching(
+      } else if (false == is_param_matching(execute_data, config_node, builtin_param, builtin_param_name, &arg_name, &arg_value_str)) {
-                              execute_data, config_node, builtin_param, builtin_param_name,
-                              &arg_name, &arg_value_str)) {
        goto next;
      }
    }
@@ -379,11 +361,9 @@ static void should_disable(zend_execute_data* execute_data,
    }
    if (config_node->functions_list) {
-      sp_log_disable(ZSTR_VAL(config_node->function), arg_name, arg_value_str,
+      sp_log_disable(ZSTR_VAL(config_node->function), arg_name, arg_value_str, config_node);
-                     config_node);
    } else {
-      sp_log_disable(complete_function_path, arg_name, arg_value_str,
+      sp_log_disable(complete_function_path, arg_name, arg_value_str, config_node);
-                     config_node);
    }
  next:
@@ -418,7 +398,6 @@ static void should_drop_on_ret(const zval* return_value,
  bool match_type = false, match_value = false;
  while (config) {
-    const zend_string* ret_value_str = NULL;
    sp_disabled_function const* const config_node =
        (sp_disabled_function*)(config->data);
@@ -462,13 +441,18 @@ static void should_drop_on_ret(const zval* return_value,
      }
    }
-    ret_value_str = sp_zval_to_zend_string(return_value);
+    const zend_string* ret_value_str = NULL;
+    sp_php_type ret_type = SP_PHP_TYPE_NULL;
+    if (return_value) {
+      ret_value_str = sp_zval_to_zend_string(return_value);
+      ret_type = Z_TYPE_P(return_value);
+    }
    match_type = (config_node->ret_type) &&
-                 (config_node->ret_type == Z_TYPE_P(return_value));
+                 (config_node->ret_type == ret_type);
-    match_value = (config_node->ret || config_node->r_ret) &&
+    match_value = return_value && (config_node->ret || config_node->r_ret) &&
-                  (true == sp_match_value(ret_value_str, config_node->ret,
+                  (true == sp_match_value(ret_value_str, config_node->ret, config_node->r_ret));
-                                          config_node->r_ret));
    if (true == match_type || true == match_value) {
      if (true == config_node->allow) {
@@ -483,40 +467,28 @@ static void should_drop_on_ret(const zval* return_value,
 ZEND_FUNCTION(check_disabled_function) {
  zif_handler orig_handler;
-  const char* current_function_name = get_active_function_name(TSRMLS_C);
+  const char* current_function_name = get_active_function_name();
-  should_disable_ht(
+  should_disable_ht(execute_data, current_function_name, NULL, NULL, SPCFG(disabled_functions_reg).disabled_functions, SPCFG(disabled_functions_hooked));
-      execute_data, current_function_name, NULL, NULL,
-      SNUFFLEUPAGUS_G(config).config_disabled_functions_reg->disabled_functions,
-      SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked);
-  orig_handler = zend_hash_str_find_ptr(
+  orig_handler = zend_hash_str_find_ptr(SPG(disabled_functions_hook), VAR_AND_LEN(current_function_name));
-      SNUFFLEUPAGUS_G(disabled_functions_hook), current_function_name,
-      strlen(current_function_name));
  orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
-  should_drop_on_ret_ht(
-      return_value, current_function_name,
+  should_drop_on_ret_ht(return_value, current_function_name, SPCFG(disabled_functions_reg_ret).disabled_functions, SPCFG(disabled_functions_ret_hooked), execute_data);
-      SNUFFLEUPAGUS_G(config)
-          .config_disabled_functions_reg_ret->disabled_functions,
-      SNUFFLEUPAGUS_G(config).config_disabled_functions_ret_hooked,
-      execute_data);
 }
 static int hook_functions_regexp(const sp_list_node* config) {
  while (config && config->data) {
-    const zend_string* function_name =
+    const zend_string* function_name = ((sp_disabled_function*)config->data)->function;
-        ((sp_disabled_function*)config->data)->function;
+    sp_regexp *function_name_sp_regexp = ((sp_disabled_function*)config->data)->r_function;
-    const sp_pcre* function_name_regexp =
+    const sp_pcre* function_name_regexp = function_name_sp_regexp ? function_name_sp_regexp->re : NULL;
-        ((sp_disabled_function*)config->data)->r_function;
    assert(function_name || function_name_regexp);
    if (function_name) {
-      HOOK_FUNCTION(ZSTR_VAL(function_name), disabled_functions_hook,
+      HOOK_FUNCTION(ZSTR_VAL(function_name), disabled_functions_hook, PHP_FN(check_disabled_function));
-                    PHP_FN(check_disabled_function));
    } else {
-      HOOK_FUNCTION_BY_REGEXP(function_name_regexp, disabled_functions_hook,
+      HOOK_FUNCTION_BY_REGEXP(function_name_regexp, disabled_functions_hook, PHP_FN(check_disabled_function));
-                              PHP_FN(check_disabled_function));
    }
    config = config->next;
@@ -529,10 +501,8 @@ static void hook_functions(HashTable* to_hook_ht, HashTable* hooked_ht) {
  zval* value;
  ZEND_HASH_FOREACH_STR_KEY_VAL(to_hook_ht, key, value) {
-    bool hooked = HOOK_FUNCTION(ZSTR_VAL(key), disabled_functions_hook,
+    bool hooked = HOOK_FUNCTION(ZSTR_VAL(key), disabled_functions_hook, PHP_FN(check_disabled_function));
-                                PHP_FN(check_disabled_function));
+    bool is_builtin = check_is_builtin_name(((sp_list_node*)Z_PTR_P(value))->data);
-    bool is_builtin =
-        check_is_builtin_name(((sp_list_node*)Z_PTR_P(value))->data);
    if (hooked || is_builtin) {
      zend_symtable_add_new(hooked_ht, key, value);
      zend_hash_del(to_hook_ht, key);
@@ -543,41 +513,29 @@ static void hook_functions(HashTable* to_hook_ht, HashTable* hooked_ht) {
 ZEND_FUNCTION(eval_blacklist_callback) {
  zif_handler orig_handler;
-  const char* current_function_name = get_active_function_name(TSRMLS_C);
+  char* current_function_name = get_complete_function_path(EG(current_execute_data));
-  zend_string* tmp =
-      zend_string_init(current_function_name, strlen(current_function_name), 0);
-  if (true == check_is_in_eval_whitelist(tmp)) {
+  if (!current_function_name || true == check_is_in_eval_whitelist(current_function_name)) {
-    zend_string_release(tmp);
    goto whitelisted;
  }
-  zend_string_release(tmp);
-  if (SNUFFLEUPAGUS_G(in_eval) > 0) {
+  if (SPG(in_eval) > 0) {
-    zend_string* filename = get_eval_filename(zend_get_executed_filename());
+    const sp_config_eval* config_eval = &(SPCFG(eval));
-    const int line_number = zend_get_executed_lineno(TSRMLS_C);
-    const sp_config_eval* config_eval = SNUFFLEUPAGUS_G(config).config_eval;
    if (config_eval->dump) {
-      sp_log_request(config_eval->dump, config_eval->textual_representation,
+      sp_log_request(config_eval->dump, config_eval->textual_representation);
-                     SP_TOKEN_EVAL_BLACKLIST);
    }
    if (config_eval->simulation) {
-      sp_log_simulation("eval",
+      sp_log_simulation("eval", "A call to '%s' was tried in eval. logging it.", current_function_name);
-                        "A call to %s was tried in eval, in %s:%d, logging it.",
-                        current_function_name, ZSTR_VAL(filename), line_number);
    } else {
-      sp_log_drop("eval",
+      sp_log_drop("eval", "A call to '%s' was tried in eval. dropping it.", current_function_name);
-                  "A call to %s was tried in eval, in %s:%d, dropping it.",
-                  current_function_name, ZSTR_VAL(filename), line_number);
    }
-    efree(filename);
  }
 whitelisted:
-  orig_handler = zend_hash_str_find_ptr(
-      SNUFFLEUPAGUS_G(sp_eval_blacklist_functions_hook), current_function_name,
+  orig_handler = zend_hash_str_find_ptr(SPG(sp_eval_blacklist_functions_hook), current_function_name, strlen(current_function_name));
-      strlen(current_function_name));
+  efree(current_function_name);
  orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
 }
@@ -586,26 +544,19 @@ int hook_disabled_functions(void) {
  int ret = SUCCESS;
-  hook_functions(SNUFFLEUPAGUS_G(config).config_disabled_functions,
+  hook_functions(SPCFG(disabled_functions), SPCFG(disabled_functions_hooked));
-                 SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked);
+  hook_functions(SPCFG(disabled_functions_ret), SPCFG(disabled_functions_ret_hooked));
-  hook_functions(SNUFFLEUPAGUS_G(config).config_disabled_functions_ret,
-                 SNUFFLEUPAGUS_G(config).config_disabled_functions_ret_hooked);
-  ret |= hook_functions_regexp(
+  ret |= hook_functions_regexp(SPCFG(disabled_functions_reg).disabled_functions);
-      SNUFFLEUPAGUS_G(config)
-          .config_disabled_functions_reg->disabled_functions);
-  ret |= hook_functions_regexp(
+  ret |= hook_functions_regexp(SPCFG(disabled_functions_reg_ret).disabled_functions);
-      SNUFFLEUPAGUS_G(config)
-          .config_disabled_functions_reg_ret->disabled_functions);
-  if (NULL != SNUFFLEUPAGUS_G(config).config_eval->blacklist) {
+  if (NULL != SPCFG(eval).blacklist) {
-    sp_list_node* it = SNUFFLEUPAGUS_G(config).config_eval->blacklist;
+    sp_list_node* it = SPCFG(eval).blacklist;
    while (it) {
      hook_function(ZSTR_VAL((zend_string*)it->data),
-                    SNUFFLEUPAGUS_G(sp_eval_blacklist_functions_hook),
+                    SPG(sp_eval_blacklist_functions_hook),
                    PHP_FN(eval_blacklist_callback));
      it = it->next;
    }
@@ -622,10 +573,7 @@ int hook_echo(const char* str, size_t str_length) {
 #endif
  zend_string* zs = zend_string_init(str, str_length, 0);
-  should_disable_ht(
+  should_disable_ht(EG(current_execute_data), "echo", zs, NULL, SPCFG(disabled_functions_reg).disabled_functions, SPCFG(disabled_functions_hooked));
-      EG(current_execute_data), "echo", zs, NULL,
-      SNUFFLEUPAGUS_G(config).config_disabled_functions_reg->disabled_functions,
-      SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked);
  zend_string_release(zs);
diff --git a/src/sp_execute.c b/src/sp_execute.c
index 7d078b0..f1ed8d0 100644
--- a/src/sp_execute.c
+++ b/src/sp_execute.c
@@ -3,33 +3,28 @@
 static void (*orig_execute_ex)(zend_execute_data *execute_data) = NULL;
 static void (*orig_zend_execute_internal)(zend_execute_data *execute_data,
                                          zval *return_value) = NULL;
-static int (*orig_zend_stream_open)(const char *filename,
+#if PHP_VERSION_ID < 80100
-                                    zend_file_handle *handle) = NULL;
+static int (*orig_zend_stream_open)(const char *filename, zend_file_handle *handle) = NULL;
+#else
+static zend_result (*orig_zend_stream_open)(zend_file_handle *handle) = NULL;
+#endif
 // FIXME handle symlink
 ZEND_COLD static inline void terminate_if_writable(const char *filename) {
-  const sp_config_readonly_exec *config_ro_exec =
+  const sp_config_readonly_exec *config_ro_exec = &(SPCFG(readonly_exec));
-      SNUFFLEUPAGUS_G(config).config_readonly_exec;
  if (0 == access(filename, W_OK)) {
    if (config_ro_exec->dump) {
-      sp_log_request(config_ro_exec->dump,
+      sp_log_request(config_ro_exec->dump, config_ro_exec->textual_representation);
-                     config_ro_exec->textual_representation,
-                     SP_TOKEN_READONLY_EXEC);
    }
    if (true == config_ro_exec->simulation) {
-      sp_log_simulation("readonly_exec",
+      sp_log_simulation("readonly_exec", "Attempted execution of a writable file (%s).", filename);
-                        "Attempted execution of a writable file (%s).",
-                        filename);
    } else {
-      sp_log_drop("readonly_exec",
+      sp_log_drop("readonly_exec", "Attempted execution of a writable file (%s).", filename);
-                  "Attempted execution of a writable file (%s).", filename);
    }
  } else {
    if (EACCES != errno) {
      // LCOV_EXCL_START
-      sp_log_err("Writable execution", "Error while accessing %s: %s", filename,
+      sp_log_err("Writable execution", "Error while accessing %s: %s", filename, strerror(errno));
-                 strerror(errno));
      // LCOV_EXCL_STOP
    }
  }
@@ -44,54 +39,43 @@ inline static void is_builtin_matching(
    return;
  }
-  should_disable_ht(
+  should_disable_ht(EG(current_execute_data), function_name, param_value, param_name, SPCFG(disabled_functions_reg).disabled_functions, ht);
-      EG(current_execute_data), function_name, param_value, param_name,
-      SNUFFLEUPAGUS_G(config).config_disabled_functions_reg->disabled_functions,
-      ht);
 }
-static void ZEND_HOT
+static void ZEND_HOT is_in_eval_and_whitelisted(const zend_execute_data *execute_data) {
-is_in_eval_and_whitelisted(const zend_execute_data *execute_data) {
+  const sp_config_eval *config_eval = &(SPCFG(eval));
-  const sp_config_eval *config_eval = SNUFFLEUPAGUS_G(config).config_eval;
-  if (EXPECTED(0 == SNUFFLEUPAGUS_G(in_eval))) {
+  if (EXPECTED(0 == SPG(in_eval))) {
    return;
  }
-  if (EXPECTED(NULL == SNUFFLEUPAGUS_G(config).config_eval->whitelist)) {
+  if (EXPECTED(NULL == config_eval->whitelist)) {
    return;
  }
-  if (zend_is_executing() && !EG(current_execute_data)->func) {
+  if (zend_is_executing() && !EX(func)) {
    return;  // LCOV_EXCL_LINE
  }
-  if (UNEXPECTED(!(execute_data->func->common.function_name))) {
+  char *function_name = get_complete_function_path(execute_data);
+  if (!function_name) {
    return;
  }
-  zend_string const *const current_function = EX(func)->common.function_name;
+    if (UNEXPECTED(false == check_is_in_eval_whitelist(function_name))) {
-  if (EXPECTED(NULL != current_function)) {
-    if (UNEXPECTED(false == check_is_in_eval_whitelist(current_function))) {
      if (config_eval->dump) {
-        sp_log_request(config_eval->dump, config_eval->textual_representation,
+        sp_log_request(config_eval->dump, config_eval->textual_representation);
-                       SP_TOKEN_EVAL_WHITELIST);
      }
      if (config_eval->simulation) {
-        sp_log_simulation(
+        sp_log_simulation("Eval_whitelist", "The function '%s' isn't in the eval whitelist, logging its call.", function_name);
-            "Eval_whitelist",
+        goto out;
-            "The function '%s' isn't in the eval whitelist, logging its call.",
-            ZSTR_VAL(current_function));
-        return;
      } else {
-        sp_log_drop(
+        sp_log_drop("Eval_whitelist", "The function '%s' isn't in the eval whitelist, dropping its call.", function_name);
-            "Eval_whitelist",
-            "The function '%s' isn't in the eval whitelist, dropping its call.",
-            ZSTR_VAL(current_function));
      }
    }
-  }
+  // }
+out:
+  efree(function_name);
 }
 /* This function gets the filename in which `eval()` is called from,
@@ -114,162 +98,194 @@ zend_string *get_eval_filename(const char *const filename) {
  return clean_filename;
 }
-static void sp_execute_ex(zend_execute_data *execute_data) {
+static inline void sp_orig_execute(zend_execute_data *execute_data) {
-  is_in_eval_and_whitelisted(execute_data);
+  SPG(execution_depth)++;
-  const HashTable *config_disabled_functions =
+  if (SPCFG(max_execution_depth) > 0 && SPG(execution_depth) > SPCFG(max_execution_depth)) {
-      SNUFFLEUPAGUS_G(config).config_disabled_functions;
+    sp_log_drop("execute", "Maximum recursion limit reached. Script terminated.");
+  }
+  orig_execute_ex(execute_data);
+  SPG(execution_depth)--;
+}
+static inline void sp_check_writable(zend_execute_data *execute_data) {
+  if (execute_data && EX(func) && EX(func)->op_array.filename && SPCFG(readonly_exec).enable) {
+    terminate_if_writable(ZSTR_VAL(EX(func)->op_array.filename));
+  }
+}
+static inline void sp_call_orig_execute(INTERNAL_FUNCTION_PARAMETERS, bool internal) {
+  if (internal) {
+    if (UNEXPECTED(NULL != orig_zend_execute_internal)) {
+      orig_zend_execute_internal(INTERNAL_FUNCTION_PARAM_PASSTHRU);
+    } else {
+      EX(func)->internal_function.handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
+    }
+  } else {
+    sp_orig_execute(execute_data);
+  }
+}
+static inline void sp_execute_handler(INTERNAL_FUNCTION_PARAMETERS, bool internal) {
  if (!execute_data) {
    return;  // LCOV_EXCL_LINE
  }
-  if (UNEXPECTED(EX(func)->op_array.type == ZEND_EVAL_CODE)) {
+  is_in_eval_and_whitelisted(execute_data);
-    const sp_list_node *config = zend_hash_str_find_ptr(
-        config_disabled_functions, "eval", sizeof("eval") - 1);
+  if (!internal) {
+    if (UNEXPECTED(EX(func)->op_array.type == ZEND_EVAL_CODE)) {
+      const sp_list_node *config = zend_hash_str_find_ptr(SPCFG(disabled_functions), ZEND_STRL("eval"));
+      zend_string *filename = get_eval_filename(zend_get_executed_filename());
+      is_builtin_matching(filename, "eval", NULL, config, SPCFG(disabled_functions));
+      zend_string_release(filename);
+      SPG(in_eval)++;
+      sp_orig_execute(execute_data);
+      SPG(in_eval)--;
+      return;
+    }
-    zend_string *filename = get_eval_filename(zend_get_executed_filename());
+    sp_check_writable(execute_data);
-    is_builtin_matching(filename, "eval", NULL, config,
+  }
-                        config_disabled_functions);
-    zend_string_release(filename);
-    SNUFFLEUPAGUS_G(in_eval)++;
+  if (!SPG(hook_execute)) {
-    orig_execute_ex(execute_data);
+    sp_call_orig_execute(INTERNAL_FUNCTION_PARAM_PASSTHRU, internal);
-    SNUFFLEUPAGUS_G(in_eval)--;
    return;
  }
-  if (NULL != EX(func)->op_array.filename) {
+  char *function_name = get_complete_function_path(execute_data);
-    if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) {
-      terminate_if_writable(ZSTR_VAL(EX(func)->op_array.filename));
+  if (!function_name) {
-    }
+    sp_call_orig_execute(INTERNAL_FUNCTION_PARAM_PASSTHRU, internal);
+    return;
  }
-  if (SNUFFLEUPAGUS_G(config).hook_execute) {
+  bool is_hooked = (zend_hash_str_find(SPG(disabled_functions_hook), VAR_AND_LEN(function_name)) || zend_hash_str_find(SPG(disabled_functions_hook), VAR_AND_LEN(function_name)));
-    char *function_name = get_complete_function_path(execute_data);
+  if (is_hooked) {
-    zval ret_val;
+    sp_call_orig_execute(INTERNAL_FUNCTION_PARAM_PASSTHRU, internal);
-    const sp_list_node *config_disabled_functions_reg =
+    return;
-        SNUFFLEUPAGUS_G(config)
+  }
-            .config_disabled_functions_reg->disabled_functions;
-    if (!function_name) {
+  // If we're at an internal function
-      orig_execute_ex(execute_data);
+  if (!execute_data->prev_execute_data ||
-      return;
+      !execute_data->prev_execute_data->func ||
+      !ZEND_USER_CODE(execute_data->prev_execute_data->func->type) ||
+      !execute_data->prev_execute_data->opline) {
+    should_disable_ht(execute_data, function_name, NULL, NULL, SPCFG(disabled_functions_reg).disabled_functions, SPCFG(disabled_functions));
+  } else {  // If we're at a userland function call
+    switch (execute_data->prev_execute_data->opline->opcode) {
+      case ZEND_DO_FCALL:
+      case ZEND_DO_FCALL_BY_NAME:
+      case ZEND_DO_ICALL:
+      case ZEND_DO_UCALL:
+      case ZEND_TICKS:
+        should_disable_ht(execute_data, function_name, NULL, NULL, SPCFG(disabled_functions_reg).disabled_functions, SPCFG(disabled_functions));
+      default:
+        break;
    }
+  }
-    // If we're at an internal function
+  // When a function's return value isn't used, php doesn't store it in the
-    if (!execute_data->prev_execute_data ||
+  // execute_data, so we need to use a local variable to be able to match on
-        !execute_data->prev_execute_data->func ||
+  // it later.
-        !ZEND_USER_CODE(execute_data->prev_execute_data->func->type) ||
+  zval ret_val;
-        !execute_data->prev_execute_data->opline) {
+  if (EX(return_value) == NULL && return_value == NULL) {
-      should_disable_ht(execute_data, function_name, NULL, NULL,
+    memset(&ret_val, 0, sizeof(ret_val));
-                        config_disabled_functions_reg,
+    return_value = EX(return_value) = &ret_val;
-                        config_disabled_functions);
+  }
-    } else {  // If we're at a userland function call
-      switch (execute_data->prev_execute_data->opline->opcode) {
-        case ZEND_DO_FCALL:
-        case ZEND_DO_FCALL_BY_NAME:
-        case ZEND_DO_ICALL:
-        case ZEND_DO_UCALL:
-          should_disable_ht(execute_data, function_name, NULL, NULL,
-                            config_disabled_functions_reg,
-                            config_disabled_functions);
-        default:
-          break;
-      }
-    }
-    // When a function's return value isn't used, php doesn't store it in the
+  sp_call_orig_execute(INTERNAL_FUNCTION_PARAM_PASSTHRU, internal);
-    // execute_data, so we need to use a local variable to be able to match on
-    // it later.
-    if (EX(return_value) == NULL) {
-      memset(&ret_val, 0, sizeof(ret_val));
-      EX(return_value) = &ret_val;
-    }
-    orig_execute_ex(execute_data);
+  should_drop_on_ret_ht(return_value, function_name, SPCFG(disabled_functions_reg_ret).disabled_functions, SPCFG(disabled_functions_ret), execute_data);
-    should_drop_on_ret_ht(
+  efree(function_name);
-        EX(return_value), function_name,
-        SNUFFLEUPAGUS_G(config)
-            .config_disabled_functions_reg_ret->disabled_functions,
-        SNUFFLEUPAGUS_G(config).config_disabled_functions_ret, execute_data);
-    efree(function_name);
-    if (EX(return_value) == &ret_val) {
+  if (EX(return_value) == &ret_val) {
-      EX(return_value) = NULL;
+    return_value = EX(return_value) = NULL;
-    }
-  } else {
-    orig_execute_ex(execute_data);
  }
 }
-static void sp_zend_execute_internal(INTERNAL_FUNCTION_PARAMETERS) {
-  is_in_eval_and_whitelisted(execute_data);
-  if (UNEXPECTED(NULL != orig_zend_execute_internal)) {
+static void sp_execute_ex(zend_execute_data *execute_data) {
-    // LCOV_EXCL_START
+  sp_execute_handler(execute_data, execute_data ? EX(return_value) : NULL, false);
-    orig_zend_execute_internal(INTERNAL_FUNCTION_PARAM_PASSTHRU);
-    // LCOV_EXCL_STOP
-  } else {
-    EX(func)->internal_function.handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
-  }
 }
-static int sp_stream_open(const char *filename, zend_file_handle *handle) {
+static void sp_zend_execute_internal(INTERNAL_FUNCTION_PARAMETERS) {
+  sp_execute_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU, true);
+}
+static inline void sp_stream_open_checks(zend_string *zend_filename, zend_file_handle *handle) {
  zend_execute_data const *const data = EG(current_execute_data);
  if ((NULL == data) || (NULL == data->opline) ||
      (data->func->type != ZEND_USER_FUNCTION)) {
-    goto end;
+    return;
  }
-  zend_string *zend_filename = zend_string_init(filename, strlen(filename), 0);
+  // zend_string *zend_filename = zend_string_init(filename, strlen(filename), 0);
-  const HashTable *disabled_functions_hooked =
+  const HashTable *disabled_functions_hooked = SPCFG(disabled_functions_hooked);
-      SNUFFLEUPAGUS_G(config).config_disabled_functions_hooked;
  switch (data->opline->opcode) {
    case ZEND_INCLUDE_OR_EVAL:
-      if (true == SNUFFLEUPAGUS_G(config).config_readonly_exec->enable) {
+      if (SPCFG(readonly_exec).enable) {
-        terminate_if_writable(filename);
+        terminate_if_writable(ZSTR_VAL(zend_filename));
      }
      switch (data->opline->extended_value) {
        case ZEND_INCLUDE:
          is_builtin_matching(
              zend_filename, "include", "inclusion path",
-              zend_hash_str_find_ptr(disabled_functions_hooked, "include",
+              zend_hash_str_find_ptr(disabled_functions_hooked, ZEND_STRL("include")),
-                                     sizeof("include") - 1),
              disabled_functions_hooked);
          break;
        case ZEND_REQUIRE:
          is_builtin_matching(
              zend_filename, "require", "inclusion path",
-              zend_hash_str_find_ptr(disabled_functions_hooked, "require",
+              zend_hash_str_find_ptr(disabled_functions_hooked, ZEND_STRL("require")),
-                                     sizeof("require") - 1),
              disabled_functions_hooked);
          break;
        case ZEND_REQUIRE_ONCE:
          is_builtin_matching(
              zend_filename, "require_once", "inclusion path",
-              zend_hash_str_find_ptr(disabled_functions_hooked, "require_once",
+              zend_hash_str_find_ptr(disabled_functions_hooked, ZEND_STRL("require_once")),
-                                     sizeof("require_once") - 1),
              disabled_functions_hooked);
          break;
        case ZEND_INCLUDE_ONCE:
          is_builtin_matching(
              zend_filename, "include_once", "inclusion path",
-              zend_hash_str_find_ptr(disabled_functions_hooked, "include_once",
+              zend_hash_str_find_ptr(disabled_functions_hooked, ZEND_STRL("include_once")),
-                                     sizeof("include_once") - 1),
              disabled_functions_hooked);
          break;
          EMPTY_SWITCH_DEFAULT_CASE();  // LCOV_EXCL_LINE
      }
  }
-  efree(zend_filename);
+  // efree(zend_filename);
-end:
+// end:
+  // return orig_zend_stream_open(filename, handle);
+}
+#if PHP_VERSION_ID < 80100
+static int sp_stream_open(const char *filename, zend_file_handle *handle) {
+  zend_string *zend_filename = zend_string_init(filename, strlen(filename), 0);
+  sp_stream_open_checks(zend_filename, handle);
+  zend_string_release_ex(zend_filename, 0);
  return orig_zend_stream_open(filename, handle);
 }
+#else // PHP >= 8.1
+static zend_result sp_stream_open(zend_file_handle *handle) {
+  sp_stream_open_checks(handle->filename, handle);
+  return orig_zend_stream_open(handle);
+}
+#endif
 int hook_execute(void) {
  TSRMLS_FETCH();
diff --git a/src/sp_harden_rand.c b/src/sp_harden_rand.c
index 43c2a5b..3e9bcb3 100644
--- a/src/sp_harden_rand.c
+++ b/src/sp_harden_rand.c
@@ -54,8 +54,7 @@ PHP_FUNCTION(sp_rand) {
  /* call the original `rand` function,
   * since we might no be the only ones to hook it*/
-  orig_handler = zend_hash_str_find_ptr(
+  orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("rand"));
-      SNUFFLEUPAGUS_G(sp_internal_functions_hook), "rand", sizeof("rand") - 1);
  orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
  random_int_wrapper(INTERNAL_FUNCTION_PARAM_PASSTHRU);
@@ -67,8 +66,7 @@ PHP_FUNCTION(sp_mt_rand) {
  /* call the original `mt_rand` function,
   * since we might no be the only ones to hook it*/
  orig_handler =
-      zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook),
+      zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("mt_rand"));
-                             "mt_rand", sizeof("mt_rand") - 1);
  orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
  random_int_wrapper(INTERNAL_FUNCTION_PARAM_PASSTHRU);
diff --git a/src/sp_ifilter.c b/src/sp_ifilter.c
new file mode 100644
index 0000000..8099882
--- /dev/null
+++ b/src/sp_ifilter.c
@@ -0,0 +1,104 @@
+#include "php_snuffleupagus.h"
+static void (*orig_register_server_variables)(zval *track_vars_array) = NULL;
+static const unsigned char sp_hexchars[] = "0123456789ABCDEF";
+static const char sp_is_dangerous_char[256] = {
+/*     |->  0  1  2  3  4  5  6  7  8  9  a  b  c  d  e  f */
+/* 0x00 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0,
+/* 0x10 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0x20 */  0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0x30 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0,
+/* 0x40 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0x50 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0x60 */  1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0x70 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0x80 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0x90 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0xa0 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0xb0 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0xc0 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0xd0 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0xe0 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+/* 0xf0 */  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+static void sp_server_strip(HashTable *svars, char *key, int keylen) {
+  zval *value = zend_hash_str_find(svars, key, keylen);
+  if (!value || Z_TYPE_P(value) != IS_STRING) { return; }
+  zend_string *tmp_zstr = Z_STR_P(value);
+  char *tmp = ZSTR_VAL(tmp_zstr);
+  char *tmpend = tmp + ZSTR_LEN(tmp_zstr);
+  for (char *p = tmp; p < tmpend; p++) {
+    if (sp_is_dangerous_char[(int)*p]) {
+      *p = '_';
+    }
+  }
+}
+static void sp_server_encode(HashTable *svars, char *key, int keylen) {
+  zval *value = zend_hash_str_find(svars, key, keylen);
+  if (!value || Z_TYPE_P(value) != IS_STRING) { return; }
+  
+  zend_string *tmp_zstr = Z_STR_P(value);
+  char *tmp = ZSTR_VAL(tmp_zstr);
+  char *tmpend = tmp + ZSTR_LEN(tmp_zstr);
+  int extra = 0;
+  
+  for (char *p = tmp; p < tmpend; p++) {
+    extra += sp_is_dangerous_char[(int)*p] * 2;
+  }
+  if (!extra) { return; }
+  zend_string *new_zstr = zend_string_alloc(ZSTR_LEN(tmp_zstr) + extra, 0);
+  char *n = ZSTR_VAL(new_zstr);
+  for (char *p = tmp; p < tmpend; p++, n++) {
+    if (sp_is_dangerous_char[(int)*p]) {
+      *n++ = '%';
+      *n++ = sp_hexchars[*p >> 4];
+      *n = sp_hexchars[*p & 15];
+    } else {
+      *n = *p;
+    }
+  }
+  ZSTR_VAL(new_zstr)[ZSTR_LEN(new_zstr)] = 0;
+  Z_STR_P(value) = new_zstr;
+  zend_string_release_ex(tmp_zstr, 0);
+}
+static void sp_register_server_variables(zval *track_vars_array) {
+  orig_register_server_variables(track_vars_array);
+  HashTable *svars;
+  svars = Z_ARRVAL_P(track_vars_array);
+  if (SPCFG(server_encode)) {
+    sp_server_encode(svars, ZEND_STRL("REQUEST_URI"));
+    sp_server_encode(svars, ZEND_STRL("QUERY_STRING"));
+  }
+  if (SPCFG(server_strip)) {
+    sp_server_strip(svars, ZEND_STRL("PHP_SELF"));
+    sp_server_strip(svars, ZEND_STRL("HTTP_HOST"));
+    sp_server_strip(svars, ZEND_STRL("HTTP_USER_AGENT"));
+    // for cgi + fpm
+    sp_server_strip(svars, ZEND_STRL("PATH_INFO"));
+    sp_server_strip(svars, ZEND_STRL("PATH_TRANSLATED"));
+    sp_server_strip(svars, ZEND_STRL("ORIG_PATH_TRANSLATED"));
+    sp_server_strip(svars, ZEND_STRL("ORIG_PATH_INFO"));
+  }
+}
+void sp_hook_register_server_variables()
+{
+  if (sapi_module.register_server_variables) {
+    orig_register_server_variables = sapi_module.register_server_variables;
+    sapi_module.register_server_variables = sp_register_server_variables;
+  }
+}
diff --git a/src/sp_ifilter.h b/src/sp_ifilter.h
new file mode 100644
index 0000000..527c41d
--- /dev/null
+++ b/src/sp_ifilter.h
@@ -0,0 +1,3 @@
+#pragma once
+void sp_hook_register_server_variables();
diff --git a/src/sp_ini.c b/src/sp_ini.c
new file mode 100644
index 0000000..7fec297
--- /dev/null
+++ b/src/sp_ini.c
@@ -0,0 +1,142 @@
+#include "php_snuffleupagus.h"
+#define SP_INI_HAS_CHECKS_COND(entry) (entry->min || entry->max || entry->regexp)
+#define SP_INI_ACCESS_READONLY_COND(entry, cfg) (entry->access == SP_READONLY || (!entry->access && cfg->policy_readonly))
+#define sp_log_auto2(feature, is_simulation, drop, ...) \
+  sp_log_msgf(feature, ((is_simulation || !drop) ? SP_LOG_WARN : SP_LOG_ERROR), \
+            (is_simulation ? SP_TYPE_SIMULATION : (drop ? SP_TYPE_DROP : SP_TYPE_LOG)),   \
+            __VA_ARGS__)
+#define sp_log_ini_check_violation(...) if (simulation || cfg->policy_drop || (entry && entry->drop) || !cfg->policy_silent_fail) { \
+    sp_log_auto2("ini_protection", simulation, (cfg->policy_drop || (entry && entry->drop)), __VA_ARGS__); \
+  }
+static bool /* success */ sp_ini_check(zend_string *varname, zend_string *new_value, sp_ini_entry **sp_entry_p) {
+  if (!varname || ZSTR_LEN(varname) == 0) {
+    return false;
+  }
+  sp_config_ini *cfg = &(SPCFG(ini));
+  sp_ini_entry *entry = zend_hash_find_ptr(cfg->entries, varname);
+  if (sp_entry_p) {
+    *sp_entry_p = entry;
+  }
+  bool simulation = (cfg->simulation || (entry && entry->simulation));
+  if (!entry) {
+    if (cfg->policy_readonly) {
+      if (!cfg->policy_silent_ro) {
+        sp_log_ini_check_violation("INI setting is read-only");
+      }
+      return simulation;
+    }
+    return true;
+  }
+  // we have an entry.
+  if (SP_INI_ACCESS_READONLY_COND(entry, cfg)) {
+    if (!cfg->policy_silent_ro) {
+      sp_log_ini_check_violation("%s", (entry->msg ? ZSTR_VAL(entry->msg) : "INI setting is read-only"));
+    }
+    return simulation;
+  }
+  if (!new_value || ZSTR_LEN(new_value) == 0) {
+    if (entry->allow_null) {
+      return true; // allow NULL value and skip other tests
+    }
+    if (SP_INI_HAS_CHECKS_COND(entry)) {
+      sp_log_ini_check_violation("new INI value must not be NULL or empty");
+      return simulation;
+    }
+    return true; // no new_value, but no checks to perform
+  }
+  // we have a new_value.
+  if (entry->min || entry->max) {
+    zend_long lvalue = zend_atol(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
+    if ((entry->min && zend_atol(ZSTR_VAL(entry->min), ZSTR_LEN(entry->min)) > lvalue) ||
+        (entry->max && zend_atol(ZSTR_VAL(entry->max), ZSTR_LEN(entry->max)) < lvalue)) {
+      sp_log_ini_check_violation("%s", (entry->msg ? ZSTR_VAL(entry->msg) : "INI value out of range"));
+      return simulation;
+    }
+  }
+  if (entry->regexp) {
+    if (!sp_is_regexp_matching_zstr(entry->regexp, new_value)) {
+      sp_log_ini_check_violation("%s", (entry->msg ? ZSTR_VAL(entry->msg) : "INI value does not match regex"));
+      return simulation;
+    }
+  }
+  return true;
+}
+static PHP_INI_MH(sp_ini_onmodify) {
+  zend_ini_entry *ini_entry = entry;
+  sp_ini_entry *sp_entry = NULL;
+  if (!sp_ini_check(ini_entry->name, new_value, &sp_entry)) {
+    return FAILURE;
+  }
+  if (sp_entry && sp_entry->orig_onmodify) {
+    return sp_entry->orig_onmodify(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage);
+  }
+  return SUCCESS;
+}
+void sp_hook_ini() {
+  sp_config_ini *cfg = &(SPCFG(ini));
+  sp_ini_entry *sp_entry;
+  zend_ini_entry *ini_entry;
+  ZEND_HASH_FOREACH_PTR(cfg->entries, sp_entry)
+    if ((ini_entry = zend_hash_find_ptr(EG(ini_directives), sp_entry->key)) == NULL) {
+      sp_log_warn("ini_protection", "Cannot hook INI var `%s`. Maybe a typo or the PHP extension providing this var is not loaded yet.", ZSTR_VAL(sp_entry->key));
+      continue;
+    }
+    if (SP_INI_ACCESS_READONLY_COND(sp_entry, cfg) && (cfg->policy_silent_ro || cfg->policy_silent_fail) && !sp_entry->drop && !(sp_entry->simulation || cfg->simulation)) {
+      ini_entry->modifiable = ini_entry->orig_modifiable = 0;
+    }
+    PHP_INI_MH((*orig_onmodify)) = ini_entry->on_modify;
+    if (SP_INI_HAS_CHECKS_COND(sp_entry) || SP_INI_ACCESS_READONLY_COND(sp_entry, cfg)) {
+      // only hook on_modify if there is any check to perform
+      sp_entry->orig_onmodify = ini_entry->on_modify;
+      ini_entry->on_modify = sp_ini_onmodify;
+    }
+    if (sp_entry->set) {
+      zend_string *duplicate = zend_string_copy(sp_entry->set);
+      if (!orig_onmodify || orig_onmodify(ini_entry, duplicate, ini_entry->mh_arg1, ini_entry->mh_arg2, ini_entry->mh_arg3, ZEND_INI_STAGE_STARTUP) == SUCCESS) {
+        ini_entry->value = duplicate;
+      } else {
+        zend_string_release(duplicate);
+        sp_log_warn("ini_protection", "Failed to set INI var `%s`.", ZSTR_VAL(sp_entry->key));
+        continue;
+      }
+    }
+  ZEND_HASH_FOREACH_END();
+}
+void sp_unhook_ini() {
+  sp_ini_entry *sp_entry;
+  zend_ini_entry *ini_entry;
+  ZEND_HASH_FOREACH_PTR(SPCFG(ini).entries, sp_entry)
+    if (!sp_entry->orig_onmodify) {
+      // not hooked or no original onmodify
+      continue;
+    }
+    if ((ini_entry = zend_hash_find_ptr(EG(ini_directives), sp_entry->key)) == NULL) {
+      // unusual. ini entry is missing.
+      continue;
+    }
+    ini_entry->on_modify = sp_entry->orig_onmodify;
+    sp_entry->orig_onmodify = NULL;
+  ZEND_HASH_FOREACH_END();
+}
diff --git a/src/sp_ini.h b/src/sp_ini.h
new file mode 100644
index 0000000..5869539
--- /dev/null
+++ b/src/sp_ini.h
@@ -0,0 +1,2 @@
+void sp_hook_ini();
+void sp_unhook_ini();
+\ No newline at end of file
diff --git a/src/sp_list.c b/src/sp_list.c
index 0f00371..ab752f7 100644
--- a/src/sp_list.c
+++ b/src/sp_list.c
@@ -1,8 +1,22 @@
 #include "php_snuffleupagus.h"
-void sp_list_free(sp_list_node *node) {
+void sp_list_free(sp_list_node *node, void (*free_data_func)(void *data)) {
  while (node) {
    sp_list_node *tmp = node->next;
+    if (free_data_func && node->data) {
+      free_data_func(node->data);
+    }
+    pefree(node, 1);
+    node = tmp;
+  }
+}
+void sp_list_free2(sp_list_node *node) {
+  while (node) {
+    sp_list_node *tmp = node->next;
+    if (node->data) {
+      pefree(node->data, 1);
+    }
    pefree(node, 1);
    node = tmp;
  }
@@ -61,3 +75,9 @@ sp_list_node *sp_list_prepend(sp_list_node *list, void *data) {
  new->data = data;
  return new;
 }
+size_t sp_list_len(sp_list_node *p) {
+  size_t num = 0;
+  for (; p; p = p->next) { num++; }
+  return num;
+}
diff --git a/src/sp_list.h b/src/sp_list.h
index 2c91995..81bbb29 100644
--- a/src/sp_list.h
+++ b/src/sp_list.h
@@ -11,6 +11,8 @@ sp_list_node *sp_list_sort(sp_list_node *, int (*)(sp_list_node const *const,
                                                   sp_list_node const *const));
 sp_list_node *sp_list_insert(sp_list_node *, void *);
 sp_list_node *sp_list_prepend(sp_list_node *, void *);
-void sp_list_free(sp_list_node *);
+void sp_list_free(sp_list_node *, void (*free_data_func)(void *data));
+void sp_list_free2(sp_list_node *node);
+size_t sp_list_len(sp_list_node *p);
 #endif
diff --git a/src/sp_network_utils.c b/src/sp_network_utils.c
index 31e8426..943c418 100644
--- a/src/sp_network_utils.c
+++ b/src/sp_network_utils.c
@@ -85,16 +85,17 @@ int get_ip_and_cidr(char *ip, sp_cidr *cidr) {
  char *mask = strchr(ip, '/');
  if (NULL == mask) {
-    sp_log_err(
+    sp_log_err("config", "'%s' isn't a valid network mask, it seems that you forgot a '/'.", ip);
-        "config",
-        "'%s' isn't a valid network mask, it seems that you forgot a '/'.", ip);
    return -1;
  }
-  if (sscanf(mask + 1, "%hhu", &(cidr->mask)) != 1) {
+  int masklen = strlen(mask+1);
+  int imask = atoi(mask+1);
+  if (masklen < 1 || masklen > 3 || !isdigit(*(mask+1)) || (masklen >= 2 && !isdigit(*(mask+2)))  || (masklen == 3 && !isdigit(*(mask+3))) || imask < 0 || imask > 128) {
    sp_log_err("config", "'%s' isn't a valid network mask.", mask + 1);
    return -1;
  }
+  cidr->mask = (uint8_t)imask;
  ip[mask - ip] = '\0';  // NULL the '/' char
@@ -113,5 +114,37 @@ int get_ip_and_cidr(char *ip, sp_cidr *cidr) {
  }
  ip[mask - ip] = '/';
+  if (cidr->ip_version < 0) {
+    sp_log_err("config", "Weird ip (%s) family", ip);
+    return -1;
+  }
  return 0;
 }
+bool /* success */ get_ip_str(char *dst, size_t dst_len, sp_cidr *cidr) {
+  size_t ipstr_len = 0;
+  void *ip = NULL;
+  switch (cidr->ip_version) {
+    case AF_INET:
+      ipstr_len = INET_ADDRSTRLEN;
+      ip = &cidr->ip.ipv4;
+      break;
+    case AF_INET6:
+      ipstr_len = INET6_ADDRSTRLEN;
+      ip = &cidr->ip.ipv6;
+      break;
+    default:
+      return false;
+  }
+  if (dst_len < ipstr_len + 1 + 3 + 1) {
+    return false;
+  }
+  if (!inet_ntop(cidr->ip_version, ip, dst, ipstr_len)) {
+    return false;
+  }
+  ipstr_len = strlen(dst);
+  snprintf(dst + ipstr_len, dst_len - ipstr_len, "/%d", cidr->mask);
+  return true;
+}
+\ No newline at end of file
diff --git a/src/sp_network_utils.h b/src/sp_network_utils.h
index 2c1062a..69789a6 100644
--- a/src/sp_network_utils.h
+++ b/src/sp_network_utils.h
@@ -3,5 +3,6 @@
 int get_ip_and_cidr(char *, sp_cidr *);
 bool cidr_match(const char *, const sp_cidr *);
+bool /* success */ get_ip_str(char *dst, size_t dst_len, sp_cidr *cidr);
 #endif /*SP_NETWORK_UTILS_H*/
diff --git a/src/sp_pcre_compat.c b/src/sp_pcre_compat.c
index 203fb7a..81c51fd 100644
--- a/src/sp_pcre_compat.c
+++ b/src/sp_pcre_compat.c
@@ -1,13 +1,5 @@
 #include "php_snuffleupagus.h"
-inline void sp_pcre_free(sp_pcre* regexp) {
-#ifdef SP_HAS_PCRE2
-  pcre2_code_free(regexp);
-        regexp = NULL;
-#else
-  (void)regexp;
-#endif
-}
 sp_pcre* sp_pcre_compile(const char* const pattern) {
  assert(NULL != pattern);
@@ -17,9 +9,8 @@ sp_pcre* sp_pcre_compile(const char* const pattern) {
  unsigned char pcre_error[128] = {0};
  int errornumber;
  PCRE2_SIZE erroroffset;
-  ret = pcre2_compile((PCRE2_SPTR)pattern, PCRE2_ZERO_TERMINATED,
+  ret = pcre2_compile((PCRE2_SPTR)pattern, PCRE2_ZERO_TERMINATED, PCRE2_CASELESS, &errornumber, &erroroffset, NULL);
-                      PCRE2_CASELESS, &errornumber, &erroroffset, NULL);
+  pcre2_get_error_message(errornumber, pcre_error, sizeof(pcre_error)-1);
-  pcre2_get_error_message(errornumber, pcre_error, sizeof(pcre_error));
 #else
  const char* pcre_error = NULL;
  int erroroffset;
@@ -27,29 +18,26 @@ sp_pcre* sp_pcre_compile(const char* const pattern) {
 #endif
  if (NULL == ret) {
-    sp_log_err("config", "Failed to compile '%s': %s on line %zu.", pattern,
+    sp_log_err("config", "Failed to compile '%s': %s.", pattern, pcre_error);
-               pcre_error, sp_line_no);
  }
  return ret;
 }
-bool ZEND_HOT sp_is_regexp_matching_len(const sp_pcre* regexp, const char* str,
+bool ZEND_HOT sp_is_regexp_matching_len(const sp_pcre* regexp, const char* str, size_t len) {
-                                        size_t len) {
  int ret = 0;
  assert(NULL != regexp);
  assert(NULL != str);
 #ifdef SP_HAS_PCRE2
-  pcre2_match_data* match_data =
+  pcre2_match_data* match_data = pcre2_match_data_create_from_pattern(regexp, NULL);
-      pcre2_match_data_create_from_pattern(regexp, NULL);
  if (NULL == match_data) {
    sp_log_err("regexp", "Unable to get memory for a regxp.");
  }
  ret = pcre2_match(regexp, (PCRE2_SPTR)str, len, 0, 0, match_data, NULL);
  pcre2_match_data_free(match_data);
 #else
-  int vec[30];
+  int vec[30] = {0};
  ret = pcre_exec(regexp, NULL, str, len, 0, 0, vec, sizeof(vec) / sizeof(int));
 #endif
diff --git a/src/sp_pcre_compat.h b/src/sp_pcre_compat.h
index 725004d..6e9d91a 100644
--- a/src/sp_pcre_compat.h
+++ b/src/sp_pcre_compat.h
@@ -17,12 +17,36 @@
 #endif
 sp_pcre* sp_pcre_compile(const char* str);
-void sp_pcre_free(sp_pcre* regexp);
+static inline void sp_pcre_free(sp_pcre* regexp) {
-#define sp_is_regexp_matching_zend(regexp, zstr) \
+#ifdef SP_HAS_PCRE2
-  sp_is_regexp_matching_len(regexp, ZSTR_VAL(zstr), ZSTR_LEN(zstr))
+  pcre2_code_free(regexp);
-#define sp_is_regexp_matching(regexp, str) \
+#endif
-  sp_is_regexp_matching_len(regexp, str, strlen(str))
+}
-bool sp_is_regexp_matching_len(const sp_pcre* regexp, const char* str,
+bool sp_is_regexp_matching_len(const sp_pcre* regexp, const char* str, size_t len);
-                               size_t len);
+typedef struct {
+  sp_pcre *re;
+  zend_string *pattern;
+} sp_regexp;
+#define sp_is_regexp_matching_zstr(regexp, zstr) sp_is_regexp_matching_len(regexp->re, ZSTR_VAL(zstr), ZSTR_LEN(zstr))
+#define sp_is_regexp_matching(regexp, str) sp_is_regexp_matching_len(regexp->re, str, strlen(str))
+static inline sp_regexp* sp_regexp_compile(zend_string *zstr) {
+  sp_pcre *re = sp_pcre_compile(ZSTR_VAL(zstr));
+  if (!re) { return NULL; }
+  sp_regexp *ret = pecalloc(sizeof(sp_regexp), 1, 1);
+  ret->re = re;
+  ret->pattern = zstr;
+  return ret;
+}
+static inline void sp_regexp_free(sp_regexp *regexp) {
+  if (regexp) {
+    if (regexp->re) { sp_pcre_free(regexp->re); }
+    if (regexp->pattern) { zend_string_release(regexp->pattern); }
+    pefree(regexp, 1);
+  }
+}
 #endif  // SP_PCRE_COMPAT_H
diff --git a/src/sp_php_compat.c b/src/sp_php_compat.c
new file mode 100644
index 0000000..a0693c3
--- /dev/null
+++ b/src/sp_php_compat.c
@@ -0,0 +1,25 @@
+#include "php_snuffleupagus.h"
+/* code in this file is licensed under its original license
+   The PHP License, version 3.01 (https://www.php.net/license/3_01.txt)
+   which is also included with these sources in the file `PHP_LICENSE` */
+#if PHP_VERSION_ID < 80000
+// copied from PHP 8.0.9 sources
+ZEND_API zend_string *zend_string_concat2(
+                const char *str1, size_t str1_len,
+                const char *str2, size_t str2_len)
+{
+        size_t len = str1_len + str2_len;
+        zend_string *res = zend_string_alloc(len, 0);
+        memcpy(ZSTR_VAL(res), str1, str1_len);
+        memcpy(ZSTR_VAL(res) + str1_len, str2, str2_len);
+        ZSTR_VAL(res)[len] = '\0';
+        return res;
+}
+#endif
diff --git a/src/sp_php_compat.h b/src/sp_php_compat.h
new file mode 100644
index 0000000..04914b4
--- /dev/null
+++ b/src/sp_php_compat.h
@@ -0,0 +1,139 @@
+/* code in this file is licensed under its original license
+The PHP License, version 3.01 (https://www.php.net/license/3_01.txt)
+which is also included with these sources in the file `PHP_LICENSE` */
+#if PHP_VERSION_ID < 80000
+// copied from PHP 8.0.9 sources
+ZEND_API zend_string *zend_string_concat2(
+        const char *str1, size_t str1_len,
+        const char *str2, size_t str2_len);
+#define ZEND_HASH_REVERSE_FOREACH_KEY_PTR(ht, _h, _key, _ptr) \
+        ZEND_HASH_REVERSE_FOREACH(ht, 0); \
+        _h = _p->h; \
+        _key = _p->key; \
+        _ptr = Z_PTR_P(_z);
+// zend_result was introduced to replace ZEND_RESULT_CODE with PHP8
+typedef ZEND_RESULT_CODE zend_result;
+#endif
+#if PHP_VERSION_ID < 70300
+// copied from PHP 7.4.22 sources
+static zend_always_inline uint32_t zend_gc_delref(zend_refcounted_h *p) {
+        ZEND_ASSERT(p->refcount > 0);
+        // ZEND_RC_MOD_CHECK(p);
+        return --(p->refcount);
+}
+#define GC_DELREF(p)                            zend_gc_delref(&(p)->gc)
+static zend_always_inline void zend_string_release_ex(zend_string *s, int persistent)
+{
+        if (!ZSTR_IS_INTERNED(s)) {
+                if (GC_DELREF(s) == 0) {
+                        if (persistent) {
+                                ZEND_ASSERT(GC_FLAGS(s) & IS_STR_PERSISTENT);
+                                free(s);
+                        } else {
+                                ZEND_ASSERT(!(GC_FLAGS(s) & IS_STR_PERSISTENT));
+                                efree(s);
+                        }
+                }
+        }
+}
+static zend_always_inline void zend_string_efree(zend_string *s)
+{
+        ZEND_ASSERT(!ZSTR_IS_INTERNED(s));
+        ZEND_ASSERT(GC_REFCOUNT(s) <= 1);
+        ZEND_ASSERT(!(GC_FLAGS(s) & IS_STR_PERSISTENT));
+        efree(s);
+}
+#endif
+#if PHP_VERSION_ID < 70200
+#undef ZEND_HASH_REVERSE_FOREACH
+// copied from PHP 7.4.22 sources
+#define ZEND_HASH_REVERSE_FOREACH(_ht, indirect) do { \
+        HashTable *__ht = (_ht); \
+        uint32_t _idx = __ht->nNumUsed; \
+        Bucket *_p = __ht->arData + _idx; \
+        zval *_z; \
+        for (_idx = __ht->nNumUsed; _idx > 0; _idx--) { \
+                _p--; \
+                _z = &_p->val; \
+                if (indirect && Z_TYPE_P(_z) == IS_INDIRECT) { \
+                        _z = Z_INDIRECT_P(_z); \
+                } \
+                if (UNEXPECTED(Z_TYPE_P(_z) == IS_UNDEF)) continue;
+#define ZEND_HASH_FOREACH_END_DEL() \
+                        __ht->nNumOfElements--; \
+                        do { \
+                                uint32_t j = HT_IDX_TO_HASH(_idx - 1); \
+                                uint32_t nIndex = _p->h | __ht->nTableMask; \
+                                uint32_t i = HT_HASH(__ht, nIndex); \
+                                if (UNEXPECTED(j != i)) { \
+                                        Bucket *prev = HT_HASH_TO_BUCKET(__ht, i); \
+                                        while (Z_NEXT(prev->val) != j) { \
+                                                i = Z_NEXT(prev->val); \
+                                                prev = HT_HASH_TO_BUCKET(__ht, i); \
+                                        } \
+                                        Z_NEXT(prev->val) = Z_NEXT(_p->val); \
+                                } else { \
+                                        HT_HASH(__ht, nIndex) = Z_NEXT(_p->val); \
+                                } \
+                        } while (0); \
+                } \
+                __ht->nNumUsed = _idx; \
+        } while (0)
+#endif
+// copied from PHP 8.0.11 sources, ext/hash/hash.c
+// slightly modified for PHP 8.1 compatibility
+static inline void php_hash_string_xor_char(unsigned char *out, const unsigned char *in, const unsigned char xor_with, const size_t length) {
+        size_t i;
+        for (i=0; i < length; i++) {
+                out[i] = in[i] ^ xor_with;
+        }
+}
+static inline void php_hash_hmac_prep_key(unsigned char *K, const php_hash_ops *ops, void *context, const unsigned char *key, const size_t key_len) {
+        memset(K, 0, ops->block_size);
+        if (key_len > ops->block_size) {
+                /* Reduce the key first */
+#if PHP_VERSION_ID < 80100
+                ops->hash_init(context);
+#else
+                ops->hash_init(context, NULL);
+#endif
+                ops->hash_update(context, key, key_len);
+                ops->hash_final(K, context);
+        } else {
+                memcpy(K, key, key_len);
+        }
+        /* XOR the key with 0x36 to get the ipad) */
+        php_hash_string_xor_char(K, K, 0x36, ops->block_size);
+}
+static inline void php_hash_hmac_round(unsigned char *final, const php_hash_ops *ops, void *context, const unsigned char *key, const unsigned char *data, const zend_long data_size) {
+#if PHP_VERSION_ID < 80100
+        ops->hash_init(context);
+#else
+        ops->hash_init(context, NULL);
+#endif
+        ops->hash_update(context, key, ops->block_size);
+        ops->hash_update(context, data, data_size);
+        ops->hash_final(final, context);
+}
diff --git a/src/sp_session.c b/src/sp_session.c
index b2f4a43..6335838 100644
--- a/src/sp_session.c
+++ b/src/sp_session.c
@@ -1,7 +1,5 @@
 #include "php_snuffleupagus.h"
-#if (HAVE_PHP_SESSION && !defined(COMPILE_DL_SESSION))
 #ifdef ZTS
 static ts_rsrc_id session_globals_id = 0;
 #define SESSION_G(v) ZEND_TSRMG(session_globals_id, php_ps_globals *, v)
@@ -10,7 +8,7 @@ ZEND_TSRMLS_CACHE_EXTERN();
 #endif
 #else
 static php_ps_globals *session_globals = NULL;
-#define SESSION_G(v) (ps_globals.v)
+#define SESSION_G(v) (session_globals->v)
 #endif
 static ps_module *s_module;
@@ -24,21 +22,35 @@ static int (*old_s_write)(PS_WRITE_ARGS);
 static int (*previous_sessionRINIT)(INIT_FUNC_ARGS) = NULL;
 static ZEND_INI_MH((*old_OnUpdateSaveHandler)) = NULL;
+static void check_sid_length(zend_string *sid) {
+  const sp_config_session *cfg = &(SPCFG(session));
+  if (sid) {
+    if (cfg->sid_min_length && ZSTR_LEN(sid) < cfg->sid_min_length) {
+      sp_log_auto("session", cfg->simulation, "Session ID is too short");
+    }
+    if (cfg->sid_max_length && ZSTR_LEN(sid) > cfg->sid_max_length) {
+      sp_log_auto("session", cfg->simulation, "Session ID is too long");
+    }
+  }
+}
 static int sp_hook_s_read(PS_READ_ARGS) {
+  const sp_config_session *cfg = &(SPCFG(session));
+  check_sid_length(key);
  int r = old_s_read(mod_data, key, val, maxlifetime);
-  const sp_config_session *config_session =
-      SNUFFLEUPAGUS_G(config).config_session;
  if ((NULL == val) || (NULL == *val) || (0 == ZSTR_LEN(*val))) {
    return r;
  }
-  if (r == SUCCESS && config_session->encrypt) {
+  if (r == SUCCESS && cfg->encrypt) {
    zend_string *orig_val = *val;
    zval val_zval;
    ZVAL_PSTRINGL(&val_zval, ZSTR_VAL(*val), ZSTR_LEN(*val));
-    int ret = decrypt_zval(&val_zval, config_session->simulation, NULL);
+    int ret = decrypt_zval(&val_zval, cfg->simulation, NULL);
    if (ZEND_HASH_APPLY_KEEP != ret) {
      zend_bailout();
    }
@@ -51,7 +63,10 @@ static int sp_hook_s_read(PS_READ_ARGS) {
 }
 static int sp_hook_s_write(PS_WRITE_ARGS) {
-  if (ZSTR_LEN(val) > 0 && SNUFFLEUPAGUS_G(config).config_session->encrypt) {
+  const sp_config_session *cfg = &(SPCFG(session));
+  check_sid_length(key);
+  if (ZSTR_LEN(val) > 0 && cfg->encrypt) {
    zend_string *new_val = encrypt_zval(val);
    return old_s_write(mod_data, key, new_val, maxlifetime);
  }
@@ -104,8 +119,7 @@ static PHP_INI_MH(sp_OnUpdateSaveHandler) {
  SESSION_G(mod) = s_original_mod;
-  int r = old_OnUpdateSaveHandler(entry, new_value, mh_arg1, mh_arg2, mh_arg3,
+  int r = old_OnUpdateSaveHandler(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage);
-                                  stage);
  sp_hook_session_module();
@@ -113,23 +127,16 @@ static PHP_INI_MH(sp_OnUpdateSaveHandler) {
 }
 static int sp_hook_session_RINIT(INIT_FUNC_ARGS) {
-  if (SESSION_G(mod) == NULL) {
+  int ret = previous_sessionRINIT(INIT_FUNC_ARGS_PASSTHRU);
-    zend_ini_entry *ini_entry;
+  sp_hook_session_module();
-    if ((ini_entry = zend_hash_str_find_ptr(
+  return ret;
-             EG(ini_directives), ZEND_STRL("session.save_handler")))) {
-      if (ini_entry && ini_entry->value) {
-        sp_OnUpdateSaveHandler(NULL, ini_entry->value, NULL, NULL, NULL, 0);
-      }
-    }
-  }
-  return previous_sessionRINIT(INIT_FUNC_ARGS_PASSTHRU);
 }
 void hook_session() {
  zend_module_entry *module;
-  if ((module = zend_hash_str_find_ptr(&module_registry,
+  if ((module = zend_hash_str_find_ptr(&module_registry, ZEND_STRL("session"))) == NULL) {
-                                       ZEND_STRL("session"))) == NULL) {
+    sp_log_err("session", "You are trying to use session encryption or session ID restrictions, but your PHP installation has no session support. Please install the PHP session module or recompile PHP with session support.");
    return;  // LCOV_EXCL_LINE
  }
@@ -150,8 +157,7 @@ void hook_session() {
  module->request_startup_func = sp_hook_session_RINIT;
  zend_ini_entry *ini_entry;
-  if ((ini_entry = zend_hash_str_find_ptr(
+  if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.save_handler"))) != NULL) {
-           EG(ini_directives), ZEND_STRL("session.save_handler"))) != NULL) {
    old_OnUpdateSaveHandler = ini_entry->on_modify;
    ini_entry->on_modify = sp_OnUpdateSaveHandler;
  }
@@ -159,9 +165,3 @@ void hook_session() {
  sp_hook_session_module();
 }
-#else
-void hook_session() {}
-#endif  // HAVE_PHP_SESSION && !defined(COMPILE_DL_SESSION)
diff --git a/src/sp_sloppy.c b/src/sp_sloppy.c
index ff2d644..fca4be5 100644
--- a/src/sp_sloppy.c
+++ b/src/sp_sloppy.c
@@ -48,7 +48,7 @@ static void array_handler(INTERNAL_FUNCTION_PARAMETERS, const char* name,
                          const char* spec) {
  zif_handler handler;
  zval func_name;
-  zval params[3];
+  zval params[3] = {0};
  zval *value, *array = NULL;
  zend_bool strict = 0;
  uint32_t nb_params = ZEND_NUM_ARGS();
@@ -69,7 +69,7 @@ static void array_handler(INTERNAL_FUNCTION_PARAMETERS, const char* name,
  ZVAL_STRING(&func_name, name);
-  handler = zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook),
+  handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook),
                                   name, size);
  zend_internal_function* func =
      zend_hash_str_find_ptr(CG(function_table), name, size);
diff --git a/src/sp_unserialize.c b/src/sp_unserialize.c
index 8977dd9..c2173d3 100644
--- a/src/sp_unserialize.c
+++ b/src/sp_unserialize.c
@@ -1,28 +1,70 @@
 #include "php_snuffleupagus.h"
+// condensed version of PHP's php_hash_do_hash_hmac() in ext/hash/hash.c
+#if PHP_VERSION_ID < 80000
+static inline void *php_hash_alloc_context(const php_hash_ops *ops) {
+  /* Zero out context memory so serialization doesn't expose internals */
+  return ecalloc(1, ops->context_size);
+}
+#endif
+static zend_string *sp_do_hash_hmac_sha256(char *data, size_t data_len, char *key, size_t key_len)
+{
+#if PHP_VERSION_ID < 80000
+  const php_hash_ops *ops = php_hash_fetch_ops(ZEND_STRL("sha256"));
+#else
+  zend_string *algo = zend_string_init(ZEND_STRL("sha256"), 0);
+  const php_hash_ops *ops = php_hash_fetch_ops(algo);
+  zend_string_release_ex(algo, 0);
+#endif
+  if (!ops || !ops->is_crypto) {
+    sp_log_err("hmac", "unsupported hash algorithm: sha256");
+    return NULL;
+  }
+  void *context = php_hash_alloc_context(ops);
+  unsigned char *K = emalloc(ops->block_size);
+  zend_string *digest = zend_string_alloc(ops->digest_size, 0);
+  php_hash_hmac_prep_key(K, ops, context, (unsigned char *) key, key_len);
+  php_hash_hmac_round((unsigned char *) ZSTR_VAL(digest), ops, context, K, (unsigned char *) data, data_len);
+  php_hash_string_xor_char(K, K, 0x6A, ops->block_size);
+  php_hash_hmac_round((unsigned char *) ZSTR_VAL(digest), ops, context, K, (unsigned char *) ZSTR_VAL(digest), ops->digest_size);
+  /* Zero the key */
+  ZEND_SECURE_ZERO(K, ops->block_size);
+  efree(K);
+  efree(context);
+  zend_string *hex_digest = zend_string_safe_alloc(ops->digest_size, 2, 0, 0);
+  php_hash_bin2hex(ZSTR_VAL(hex_digest), (unsigned char *) ZSTR_VAL(digest), ops->digest_size);
+  ZSTR_VAL(hex_digest)[2 * ops->digest_size] = 0;
+  zend_string_release_ex(digest, 0);
+  return hex_digest;
+}
+// ------------------
 PHP_FUNCTION(sp_serialize) {
  zif_handler orig_handler;
  /* Call the original `serialize` function. */
-  orig_handler =
+  orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("serialize"));
-      zend_hash_str_find_ptr(SNUFFLEUPAGUS_G(sp_internal_functions_hook),
+  if (orig_handler) {
-                             "serialize", sizeof("serialize") - 1);
+    orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
-  orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
+  }
  /* Compute the HMAC of the textual representation of the serialized data*/
-  zval func_name;
+  zend_string *hmac = sp_do_hash_hmac_sha256(Z_STRVAL_P(return_value), Z_STRLEN_P(return_value), ZSTR_VAL(SPCFG(encryption_key)), ZSTR_LEN(SPCFG(encryption_key)));
-  zval hmac;
-  zval params[3];
-  ZVAL_STRING(&func_name, "hash_hmac");
+  if (!hmac) {
-  ZVAL_STRING(&params[0], "sha256");
+    zend_bailout();
-  params[1] = *return_value;
+  }
-  ZVAL_STRING(
-      &params[2],
-      ZSTR_VAL(SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key));
-  call_user_function(CG(function_table), NULL, &func_name, &hmac, 3, params);
-  size_t len = Z_STRLEN_P(return_value) + Z_STRLEN(hmac);
+  size_t len = Z_STRLEN_P(return_value) + ZSTR_LEN(hmac);
  if (len < Z_STRLEN_P(return_value)) {
    // LCOV_EXCL_START
    sp_log_err("overflow_error",
@@ -30,15 +72,11 @@ PHP_FUNCTION(sp_serialize) {
    zend_bailout();
    // LCOV_EXCL_STOP
  }
-  zend_string *res = zend_string_alloc(len, 0);
-  memcpy(ZSTR_VAL(res), Z_STRVAL_P(return_value), Z_STRLEN_P(return_value));
-  memcpy(ZSTR_VAL(res) + Z_STRLEN_P(return_value), Z_STRVAL(hmac),
-         Z_STRLEN(hmac));
  /* Append the computed HMAC to the serialized data. */
-  return_value->value.str = res;
+  zend_string *orig_ret_str = return_value->value.str;
-  return;
+  RETVAL_NEW_STR(zend_string_concat2(Z_STRVAL_P(return_value), Z_STRLEN_P(return_value), ZSTR_VAL(hmac), ZSTR_LEN(hmac)));
+  zend_string_free(orig_ret_str);
 }
 PHP_FUNCTION(sp_unserialize) {
@@ -47,12 +85,10 @@ PHP_FUNCTION(sp_unserialize) {
  char *buf = NULL;
  char *serialized_str = NULL;
  char *hmac = NULL;
-  zval expected_hmac;
  size_t buf_len = 0;
  zval *opts = NULL;
-  const sp_config_unserialize *config_unserialize =
+  const sp_config_unserialize *config_unserialize = &(SPCFG(unserialize));
-      SNUFFLEUPAGUS_G(config).config_unserialize;
  if (zend_parse_parameters(ZEND_NUM_ARGS(), "s|a", &buf, &buf_len, &opts) ==
      FAILURE) {
@@ -68,40 +104,27 @@ PHP_FUNCTION(sp_unserialize) {
  serialized_str = ecalloc(buf_len - 64 + 1, 1);
  memcpy(serialized_str, buf, buf_len - 64);
-  zval func_name;
+  zend_string *expected_hmac = sp_do_hash_hmac_sha256(serialized_str, strlen(serialized_str), ZSTR_VAL(SPCFG(encryption_key)), ZSTR_LEN(SPCFG(encryption_key)));
-  ZVAL_STRING(&func_name, "hash_hmac");
-  zval params[3];
-  ZVAL_STRING(&params[0], "sha256");
-  ZVAL_STRING(&params[1], serialized_str);
-  ZVAL_STRING(
-      &params[2],
-      ZSTR_VAL(SNUFFLEUPAGUS_G(config).config_snuffleupagus->encryption_key));
-  call_user_function(CG(function_table), NULL, &func_name, &expected_hmac, 3,
-                     params);
  unsigned int status = 0;
-  for (uint8_t i = 0; i < 64; i++) {
+  if (expected_hmac) {
-    status |= (hmac[i] ^ (Z_STRVAL(expected_hmac))[i]);
+    for (uint8_t i = 0; i < 64; i++) {
-  }
+      status |= (hmac[i] ^ (ZSTR_VAL(expected_hmac))[i]);
+    }
+  } else { status = 1; }
  if (0 == status) {
-    if ((orig_handler = zend_hash_str_find_ptr(
+    if ((orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize")))) {
-             SNUFFLEUPAGUS_G(sp_internal_functions_hook), "unserialize",
-             sizeof("unserialize") - 1))) {
      orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
    }
  } else {
    if (config_unserialize->dump) {
      sp_log_request(config_unserialize->dump,
-                     config_unserialize->textual_representation,
+                     config_unserialize->textual_representation);
-                     SP_TOKEN_UNSERIALIZE_HMAC);
    }
    if (true == config_unserialize->simulation) {
      sp_log_simulation("unserialize", "Invalid HMAC for %s", serialized_str);
-      if ((orig_handler = zend_hash_str_find_ptr(
+      if ((orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("unserialize")))) {
-               SNUFFLEUPAGUS_G(sp_internal_functions_hook), "unserialize",
-               sizeof("unserialize") - 1))) {
        orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
      }
    } else {
diff --git a/src/sp_upload_validation.c b/src/sp_upload_validation.c
index cebab3e..38b4cb3 100644
--- a/src/sp_upload_validation.c
+++ b/src/sp_upload_validation.c
@@ -32,28 +32,21 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) {
  if (event == MULTIPART_EVENT_END) {
    zend_string *file_key __attribute__((unused)) = NULL;
-    const sp_config_upload_validation *config_upload =
+    const sp_config_upload_validation *config_upload = &(SPCFG(upload_validation));
-        SNUFFLEUPAGUS_G(config).config_upload_validation;
    zval *file;
    pid_t pid;
-    sp_log_debug(
+    sp_log_debug("Got %d files", zend_hash_num_elements(Z_ARRVAL(PG(http_globals)[TRACK_VARS_FILES])));
-        "Got %d files",
-        zend_hash_num_elements(Z_ARRVAL(PG(http_globals)[TRACK_VARS_FILES])));
-    ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL(PG(http_globals)[TRACK_VARS_FILES]),
+    ZEND_HASH_FOREACH_STR_KEY_VAL(Z_ARRVAL(PG(http_globals)[TRACK_VARS_FILES]), file_key, file) {  // for each uploaded file
-                                  file_key, file) {  // for each uploaded file
-      char *filename = Z_STRVAL_P(
+      char *filename = Z_STRVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), ZEND_STRL("name")));
-          zend_hash_str_find(Z_ARRVAL_P(file), "name", sizeof("name") - 1));
+      char *tmp_name = Z_STRVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), ZEND_STRL("tmp_name")));
-      char *tmp_name = Z_STRVAL_P(zend_hash_str_find(
+      size_t filesize = Z_LVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), ZEND_STRL("size")));
-          Z_ARRVAL_P(file), "tmp_name", sizeof("tmp_name") - 1));
-      size_t filesize = Z_LVAL_P(
-          zend_hash_str_find(Z_ARRVAL_P(file), "size", sizeof("size") - 1));
      char *cmd[3] = {0};
      char *env[5] = {0};
-      sp_log_debug("Filename: %s\nTmpname: %s\nSize: %d\nError: %d\nScript: %s",
+      sp_log_debug("Filename: %s\nTmpname: %s\nSize: %zd\nError: %lld\nScript: %s",
                   filename, tmp_name, filesize,
                   Z_LVAL_P(zend_hash_str_find(Z_ARRVAL_P(file), "error", 5)),
                   ZSTR_VAL(config_upload->script));
@@ -64,22 +57,19 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) {
      spprintf(&env[0], 0, "SP_FILENAME=%s", filename);
      spprintf(&env[1], 0, "SP_REMOTE_ADDR=%s", getenv("REMOTE_ADDR"));
-      spprintf(&env[2], 0, "SP_CURRENT_FILE=%s",
+      spprintf(&env[2], 0, "SP_CURRENT_FILE=%s", zend_get_executed_filename(TSRMLS_C));
-               zend_get_executed_filename(TSRMLS_C));
      spprintf(&env[3], 0, "SP_FILESIZE=%zu", filesize);
      env[4] = NULL;
      if ((pid = fork()) == 0) {
        if (execve(ZSTR_VAL(config_upload->script), cmd, env) == -1) {
-          sp_log_warn("upload_validation", "Could not call '%s' : %s",
+          sp_log_warn("upload_validation", "Could not call '%s' : %s", ZSTR_VAL(config_upload->script), strerror(errno));
-                      ZSTR_VAL(config_upload->script), strerror(errno));
          EFREE_3(env);
          exit(1);
        }
      } else if (pid == -1) {
        // LCOV_EXCL_START
-        sp_log_err("upload_validation", "Could not fork process : %s\n",
+        sp_log_err("upload_validation", "Could not fork process : %s\n", strerror(errno));
-                   strerror(errno));
        EFREE_3(env);
        continue;
        // LCOV_EXCL_STOP
@@ -91,9 +81,7 @@ int sp_rfc1867_callback(unsigned int event, void *event_data, void **extra) {
      if (WEXITSTATUS(waitstatus) != 0) {  // Nope
        char *uri = getenv("REQUEST_URI");
        int sim = config_upload->simulation;
-        sp_log_auto("upload_validation", sim,
+        sp_log_auto("upload_validation", sim, "The upload of %s on %s was rejected.", filename, uri ? uri : "?");
-                    "The upload of %s on %s was rejected.", filename,
-                    uri ? uri : "?");
      }
    }
    ZEND_HASH_FOREACH_END();
diff --git a/src/sp_utils.c b/src/sp_utils.c
index b78f7b1..6161859 100644
--- a/src/sp_utils.c
+++ b/src/sp_utils.c
@@ -1,12 +1,5 @@
 #include "php_snuffleupagus.h"
-bool sp_zend_string_equals(const zend_string* s1, const zend_string* s2) {
-  // We can't use `zend_string_equals` here because it doesn't work on
-  // `const` zend_string.
-  return ZSTR_LEN(s1) == ZSTR_LEN(s2) &&
-         !memcmp(ZSTR_VAL(s1), ZSTR_VAL(s2), ZSTR_LEN(s1));
-}
 static const char* default_ipaddr = "0.0.0.0";
 const char* get_ipaddr() {
  const char* client_ip = getenv("REMOTE_ADDR");
@@ -46,7 +39,7 @@ void sp_log_msgf(char const* restrict feature, int level, int type,
      break;
  }
-  switch (SNUFFLEUPAGUS_G(config).log_media) {
+  switch (SPCFG(log_media)) {
    case SP_SYSLOG: {
      const char* error_filename = zend_get_executed_filename();
      int syslog_level = (level == E_ERROR) ? LOG_ERR : LOG_INFO;
@@ -72,8 +65,8 @@ void sp_log_msgf(char const* restrict feature, int level, int type,
 int compute_hash(const char* const restrict filename,
                 char* restrict file_hash) {
-  unsigned char buf[1024];
+  unsigned char buf[1024] = {0};
-  unsigned char digest[SHA256_SIZE];
+  unsigned char digest[SHA256_SIZE] = {0};
  PHP_SHA256_CTX context;
  size_t n;
@@ -123,9 +116,7 @@ static int construct_filename(char* filename,
  return 0;
 }
-int sp_log_request(const zend_string* restrict folder,
+int sp_log_request(const zend_string* restrict folder, const zend_string* restrict text_repr) {
-                   const zend_string* restrict text_repr,
-                   char const* const from) {
  FILE* file;
  const char* current_filename = zend_get_executed_filename(TSRMLS_C);
  const int current_line = zend_get_executed_lineno(TSRMLS_C);
@@ -146,7 +137,7 @@ int sp_log_request(const zend_string* restrict folder,
    return -1;
  }
-  fprintf(file, "RULE: sp%s%s\n", from, ZSTR_VAL(text_repr));
+  fprintf(file, "RULE: %s\n", ZSTR_VAL(text_repr));
  fprintf(file, "FILE: %s:%d\n", current_filename, current_line);
@@ -157,8 +148,8 @@ int sp_log_request(const zend_string* restrict folder,
    char* const complete_path_function = get_complete_function_path(current);
    if (complete_path_function) {
      const int current_line = zend_get_executed_lineno(TSRMLS_C);
-      fprintf(file, "STACKTRACE: %s:%d\n", complete_path_function,
+      fprintf(file, "STACKTRACE: %s:%d\n", complete_path_function, current_line);
-              current_line);
+      efree(complete_path_function);
    }
    current = current->prev_execute_data;
  }
@@ -213,6 +204,19 @@ static char* zend_string_to_char(const zend_string* zs) {
  return copy;
 }
+static void sp_sanitize_charstring(char* c, size_t maxlen)
+{
+  for (size_t i = 0; *c; c++, i++) {
+    if (maxlen && i > maxlen - 1) {
+      *c = 0;
+      return;
+    }
+    if (*c < 32 || *c > 126) {
+      *c = '*';
+    }
+  }
+}
 const zend_string* sp_zval_to_zend_string(const zval* zv) {
  switch (Z_TYPE_P(zv)) {
    case IS_LONG: {
@@ -233,35 +237,29 @@ const zend_string* sp_zval_to_zend_string(const zval* zv) {
      return Z_STR_P(zv);
    }
    case IS_FALSE:
-      return zend_string_init("FALSE", sizeof("FALSE") - 1, 0);
+      return zend_string_init(ZEND_STRL("FALSE"), 0);
    case IS_TRUE:
-      return zend_string_init("TRUE", sizeof("TRUE") - 1, 0);
+      return zend_string_init(ZEND_STRL("TRUE"), 0);
    case IS_NULL:
-      return zend_string_init("NULL", sizeof("NULL") - 1, 0);
+      return zend_string_init(ZEND_STRL("NULL"), 0);
    case IS_OBJECT:
-      return zend_string_init("OBJECT", sizeof("OBJECT") - 1, 0);
+      return zend_string_init(ZEND_STRL("OBJECT"), 0);
    case IS_ARRAY:
-      return zend_string_init("ARRAY", sizeof("ARRAY") - 1, 0);
+      return zend_string_init(ZEND_STRL("ARRAY"), 0);
    case IS_RESOURCE:
-      return zend_string_init("RESOURCE", sizeof("RESOURCE") - 1, 0);
+      return zend_string_init(ZEND_STRL("RESOURCE"), 0);
    default:                              // LCOV_EXCL_LINE
      return zend_string_init("", 0, 0);  // LCOV_EXCL_LINE
  }
 }
-bool sp_match_value(const zend_string* value, const zend_string* to_match,
+bool sp_match_value(const zend_string* value, const zend_string* to_match, const sp_regexp* rx) {
-                    const sp_pcre* rx) {
  if (to_match) {
    return (sp_zend_string_equals(to_match, value));
  } else if (rx) {
-    char* tmp = zend_string_to_char(value);
+    return sp_is_regexp_matching_zstr(rx, value);
-    bool ret = sp_is_regexp_matching(rx, tmp);
-    efree(tmp);
-    return ret;
-  } else {
-    return true;
  }
-  return false;
+  return true;
 }
 void sp_log_disable(const char* restrict path, const char* restrict arg_name,
@@ -272,13 +270,13 @@ void sp_log_disable(const char* restrict path, const char* restrict arg_name,
  const int sim = config_node->simulation;
  if (dump) {
-    sp_log_request(config_node->dump, config_node->textual_representation,
+    sp_log_request(config_node->dump, config_node->textual_representation);
-                   SP_TOKEN_DISABLE_FUNC);
  }
  if (arg_name) {
    char* char_repr = NULL;
    if (arg_value) {
      char_repr = zend_string_to_char(arg_value);
+      sp_sanitize_charstring(char_repr, 255);
    }
    if (alias) {
      sp_log_auto(
@@ -315,11 +313,11 @@ void sp_log_disable_ret(const char* restrict path,
  char* char_repr = NULL;
  if (dump) {
-    sp_log_request(dump, config_node->textual_representation,
+    sp_log_request(dump, config_node->textual_representation);
-                   SP_TOKEN_DISABLE_FUNC);
  }
  if (ret_value) {
    char_repr = zend_string_to_char(ret_value);
+    sp_sanitize_charstring(char_repr, 255);
  }
  if (alias) {
    sp_log_auto(
@@ -336,8 +334,7 @@ void sp_log_disable_ret(const char* restrict path,
  efree(char_repr);
 }
-bool sp_match_array_key(const zval* zv, const zend_string* to_match,
+bool sp_match_array_key(const zval* zv, const zend_string* to_match, const sp_regexp* rx) {
-                        const sp_pcre* rx) {
  zend_string* key;
  zend_ulong idx;
@@ -361,8 +358,7 @@ bool sp_match_array_key(const zval* zv, const zend_string* to_match,
  return false;
 }
-bool sp_match_array_value(const zval* arr, const zend_string* to_match,
+bool sp_match_array_value(const zval* arr, const zend_string* to_match, const sp_regexp* rx) {
-                          const sp_pcre* rx) {
  zval* value;
  ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(arr), value) {
@@ -378,61 +374,57 @@ bool sp_match_array_value(const zval* arr, const zend_string* to_match,
  return false;
 }
-bool hook_function(const char* original_name, HashTable* hook_table,
+bool /* success */ _hook_function(const char* original_name, HashTable* hook_table, zif_handler new_function) {
-                   zif_handler new_function) {
+  zend_function* func;
-  zend_internal_function* func;
+  if ((func = zend_hash_str_find_ptr(CG(function_table), VAR_AND_LEN(original_name)))) {
-  bool ret = false;
+    if (func->type != ZEND_INTERNAL_FUNCTION) {
+      return false;
-  /* The `mb` module likes to hook functions, like strlen->mb_strlen,
-   * so we have to hook both of them. */
-  if ((func = zend_hash_str_find_ptr(CG(function_table),
-                                     VAR_AND_LEN(original_name)))) {
-    if (func->handler == new_function) {
-      return SUCCESS;  // the function is already hooked
-    } else {
-      if (zend_hash_str_add_new_ptr((hook_table), VAR_AND_LEN(original_name),
-                                    func->handler) == NULL) {
-        // LCOV_EXCL_START
-        sp_log_err("function_pointer_saving",
-                   "Could not save function pointer for %s", original_name);
-        return FAILURE;
-        // LCOV_EXCL_STOP
-      }
-      func->handler = new_function;
-      ret = true;
    }
+    if (func->internal_function.handler == new_function) {
+      return true;
+    }
+    if (zend_hash_str_add_new_ptr((hook_table), VAR_AND_LEN(original_name),
+                                  func->internal_function.handler) == NULL) {
+      // LCOV_EXCL_START
+      sp_log_err("function_pointer_saving", "Could not save function pointer for %s", original_name);
+      return false;
+      // LCOV_EXCL_STOP
+    }
+    func->internal_function.handler = new_function;
+    return true;
  }
+  return false;
+}
+bool hook_function(const char* original_name, HashTable* hook_table, zif_handler new_function) {
+  bool ret = _hook_function(original_name, hook_table, new_function);
 #if PHP_VERSION_ID < 80000
  CG(compiler_options) |= ZEND_COMPILE_NO_BUILTIN_STRLEN;
 #endif
-  if (0 == strncmp(original_name, "mb_", 3) && !CG(multibyte)) {
+  /* The `mb` module likes to hook functions, like strlen->mb_strlen,
-    if (zend_hash_str_find(CG(function_table),
+  * so we have to hook both of them. */
-                           VAR_AND_LEN(original_name + 3))) {
-      return hook_function(original_name + 3, hook_table, new_function);
+  if (!CG(multibyte) && 0 == strncmp(original_name, "mb_", 3)) {
-    }
+    _hook_function(original_name + 3, hook_table, new_function);
  } else if (CG(multibyte)) {
    // LCOV_EXCL_START
    char* mb_name = ecalloc(strlen(original_name) + 3 + 1, 1);
    if (NULL == mb_name) {
      return FAILURE;
    }
-    memcpy(mb_name, "mb_", sizeof("mb_") - 1);
+    memcpy(mb_name, ZEND_STRL("mb_"));
    memcpy(mb_name + 3, VAR_AND_LEN(original_name));
-    if (zend_hash_str_find(CG(function_table), VAR_AND_LEN(mb_name))) {
+    _hook_function(mb_name, hook_table, new_function);
-      return hook_function(mb_name, hook_table, new_function);
+    efree(mb_name);
-    }
-    free(mb_name);
    // LCOV_EXCL_STOP
  }
  return ret;
 }
-int hook_regexp(const sp_pcre* regexp, HashTable* hook_table,
+int hook_regexp(const sp_pcre* regexp, HashTable* hook_table, zif_handler new_function) {
-                zif_handler new_function) {
  zend_string* key;
  ZEND_HASH_FOREACH_STR_KEY(CG(function_table), key)
@@ -446,9 +438,21 @@ int hook_regexp(const sp_pcre* regexp, HashTable* hook_table,
  return SUCCESS;
 }
-bool check_is_in_eval_whitelist(const zend_string* const function_name) {
+void unhook_functions(HashTable *ht) {
-  const sp_list_node* it = SNUFFLEUPAGUS_G(config).config_eval->whitelist;
+  zend_string *fname;
+  zif_handler orig_handler;
+  zend_ulong idx;
+  ZEND_HASH_REVERSE_FOREACH_KEY_PTR(ht, idx, fname, orig_handler)
+    zend_function *func = zend_hash_find_ptr(CG(function_table), fname);
+    if (func && func->type == ZEND_INTERNAL_FUNCTION && orig_handler) {
+      func->internal_function.handler = orig_handler;
+    }
+  ZEND_HASH_FOREACH_END_DEL();
+}
+bool check_is_in_eval_whitelist(const char* function_name) {
+  const sp_list_node* it = SPCFG(eval).whitelist;
  if (!it) {
    return false;
  }
@@ -456,7 +460,7 @@ bool check_is_in_eval_whitelist(const zend_string* const function_name) {
  /* yes, we could use a HashTable instead, but since the list is pretty
   * small, it doesn't make a difference in practise. */
  while (it && it->data) {
-    if (sp_zend_string_equals(function_name, (const zend_string*)(it->data))) {
+    if (sp_zend_string_equals_str((const zend_string*)(it->data), VAR_AND_LEN(function_name))) {
      /* We've got a match, the function is whiteslited. */
      return true;
    }
diff --git a/src/sp_utils.h b/src/sp_utils.h
index b5a1691..0e595d8 100644
--- a/src/sp_utils.h
+++ b/src/sp_utils.h
@@ -23,16 +23,17 @@
 #define SHA256_SIZE 32
 #define HOOK_FUNCTION(original_name, hook_table, new_function) \
-  hook_function(original_name, SNUFFLEUPAGUS_G(hook_table), new_function)
+  hook_function(original_name, SPG(hook_table), new_function)
 #define HOOK_FUNCTION_BY_REGEXP(regexp, hook_table, new_function) \
-  hook_regexp(regexp, SNUFFLEUPAGUS_G(hook_table), new_function)
+  hook_regexp(regexp, SPG(hook_table), new_function)
 #define SP_TYPE_LOG (0)
 #define SP_TYPE_DROP (1)
 #define SP_TYPE_SIMULATION (2)
 #define SP_LOG_DEBUG E_NOTICE
+#define SP_LOG_INFO E_NOTICE
 #define SP_LOG_ERROR E_ERROR
 #define SP_LOG_WARN E_WARNING
@@ -57,11 +58,11 @@
 #ifdef SP_DEBUG_STDERR
 extern int sp_debug_stderr;
 #define sp_log_debug(fmt, ...) \
-  dprintf(sp_debug_stderr, "[snuffleupagus][DEBUG] %s(): " fmt "\n", __FUNCTION__, ##__VA_ARGS__);
+  if (sp_debug_stderr > 0) dprintf(sp_debug_stderr, "[snuffleupagus][DEBUG] %s(): " fmt "\n", __FUNCTION__, ##__VA_ARGS__);
 #else
-#define sp_log_debug(...) \
+#define sp_log_debug(fmt, ...) \
-  sp_log_msgf("DEBUG", SP_LOG_DEBUG, SP_TYPE_LOG, __VA_ARGS__)
+  sp_log_msgf("DEBUG", SP_LOG_DEBUG, SP_TYPE_LOG, "%s(): " fmt, __FUNCTION__, ##__VA_ARGS__)
-#endif 
+#endif
 #else
 #define sp_log_debug(...)
@@ -70,23 +71,21 @@ extern int sp_debug_stderr;
 #define GET_SUFFIX(x) (x == 1) ? "st" : ((x == 2) ? "nd" : "th")
 const char *get_ipaddr(void);
-void sp_log_msgf(char const *restrict feature, int level, int type,
+void sp_log_msgf(char const *restrict feature, int level, int type, const char *restrict fmt, ...);
-                 const char *restrict fmt, ...);
 int compute_hash(const char *const restrict filename, char *restrict file_hash);
 const zend_string *sp_zval_to_zend_string(const zval *);
-bool sp_match_value(const zend_string *, const zend_string *, const sp_pcre *);
+bool sp_match_value(const zend_string* value, const zend_string* to_match, const sp_regexp* rx);
-bool sp_match_array_key(const zval *, const zend_string *, const sp_pcre *);
+bool sp_match_array_key(const zval *, const zend_string *, const sp_regexp *);
-bool sp_match_array_value(const zval *, const zend_string *, const sp_pcre *);
+bool sp_match_array_value(const zval *, const zend_string *, const sp_regexp *);
-void sp_log_disable(const char *restrict, const char *restrict,
+void sp_log_disable(const char *restrict, const char *restrict, const zend_string *restrict, const sp_disabled_function *);
-                    const zend_string *restrict, const sp_disabled_function *);
+void sp_log_disable_ret(const char *restrict, const zend_string *restrict, const sp_disabled_function *);
-void sp_log_disable_ret(const char *restrict, const zend_string *restrict,
-                        const sp_disabled_function *);
 bool hook_function(const char *, HashTable *, zif_handler);
+void unhook_functions(HashTable *ht);
 int hook_regexp(const sp_pcre *, HashTable *, zif_handler);
-bool check_is_in_eval_whitelist(const zend_string *const function_name);
+bool check_is_in_eval_whitelist(const char* function_name);
-int sp_log_request(const zend_string *restrict folder,
+int sp_log_request(const zend_string *restrict folder, const zend_string *restrict text_repr);
-                   const zend_string *restrict text_repr,
+#define sp_zend_string_equals(s1, s2) zend_string_equals((zend_string*)s1, (zend_string*)s2)
-                   char const *const from);
+static inline bool sp_zend_string_equals_str(const zend_string* s1, const char *str, size_t len) {
-bool sp_zend_string_equals(const zend_string *s1, const zend_string *s2);
+  return (ZSTR_LEN(s1) == len && !memcmp(ZSTR_VAL(s1), str, len));
+}
 #endif /* SP_UTILS_H */
diff --git a/src/sp_var_parser.c b/src/sp_var_parser.c
index ea856f6..2639991 100644
--- a/src/sp_var_parser.c
+++ b/src/sp_var_parser.c
@@ -33,8 +33,8 @@ static bool is_var_name_valid(const char *const name) {
  if (NULL == regexp_var || NULL == regexp_const) {
    return false;  // LCOV_EXCL_LINE
  }
-  if ((false == sp_is_regexp_matching(regexp_var, name)) &&
+  if ((false == sp_is_regexp_matching_len(regexp_var, VAR_AND_LEN(name))) &&
-      (false == sp_is_regexp_matching(regexp_const, name))) {
+      (false == sp_is_regexp_matching_len(regexp_const, VAR_AND_LEN(name)))) {
    return false;
  }
  return true;
@@ -264,7 +264,7 @@ sp_tree *sp_parse_var(const char *line) {
  }
  tokens_list = sp_list_sort(tokens_list, cmp_tokens);
  tree = parse_tokens(line, tokens_list);
-  sp_list_free(tokens_list);
+  sp_list_free2(tokens_list);
  // Check if tree is empty.
  if (tree && tree->next == NULL && tree->type == UNDEFINED) {
    tree->type = CONSTANT;
diff --git a/src/sp_wrapper.c b/src/sp_wrapper.c
index 7610114..9eb5cbc 100644
--- a/src/sp_wrapper.c
+++ b/src/sp_wrapper.c
@@ -1,7 +1,7 @@
 #include "php_snuffleupagus.h"
 static bool wrapper_is_whitelisted(const zend_string *const zs) {
-  const sp_list_node *list = SNUFFLEUPAGUS_G(config).config_wrapper->whitelist;
+  const sp_list_node *list = SPCFG(wrapper).whitelist;
  if (!zs) {
    return false;  // LCOV_EXCL_LINE
@@ -38,24 +38,19 @@ void sp_disable_wrapper() {
  zend_hash_destroy(orig_complete);
  pefree(orig_complete, 1);
-  SNUFFLEUPAGUS_G(config).config_wrapper->num_wrapper =
+  SPCFG(wrapper).num_wrapper = zend_hash_num_elements(orig);
-      zend_hash_num_elements(orig);
 }
 PHP_FUNCTION(sp_stream_wrapper_register) {
  zif_handler orig_handler;
  zend_string *protocol_name = NULL;
+  zval *params = NULL;
+  uint32_t param_count = 0;
-  // LCOV_EXCL_BR_START
+  zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, ZEND_NUM_ARGS(), "S*", &protocol_name, &params, &param_count);
-  ZEND_PARSE_PARAMETERS_START_EX(ZEND_PARSE_PARAMS_QUIET, 2, EX_NUM_ARGS());
+  // ignore proper arguments here and just let the original handler deal with it
-  Z_PARAM_STR(protocol_name);
+  if (!protocol_name || wrapper_is_whitelisted(protocol_name)) {
-  ZEND_PARSE_PARAMETERS_END_EX((void)0);
+    orig_handler = zend_hash_str_find_ptr(SPG(sp_internal_functions_hook), ZEND_STRL("stream_wrapper_register"));
-  // LCOV_EXCL_BR_END
-  if (wrapper_is_whitelisted(protocol_name)) {
-    orig_handler = zend_hash_str_find_ptr(
-        SNUFFLEUPAGUS_G(sp_internal_functions_hook), "stream_wrapper_register",
-        sizeof("stream_wrapper_register") - 1);
    orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
  }
 }
diff --git a/src/tests/broken_configuration/broken_conf.phpt b/src/tests/broken_configuration/broken_conf.phpt
index 477ee64..3500b42 100644
--- a/src/tests/broken_configuration/broken_conf.phpt
+++ b/src/tests/broken_configuration/broken_conf.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Parser error on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf2.phpt b/src/tests/broken_configuration/broken_conf2.phpt
index 4e67b9f..a26d5c8 100644
--- a/src/tests/broken_configuration/broken_conf2.phpt
+++ b/src/tests/broken_configuration/broken_conf2.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf2.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration section 'sp.wrong' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Unexpected keyword 'wrong' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration section 'sp.wrong' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_allow_broken_disabled.phpt b/src/tests/broken_configuration/broken_conf_allow_broken_disabled.phpt
index e2ffab0..f43c790 100644
--- a/src/tests/broken_configuration/broken_conf_allow_broken_disabled.phpt
+++ b/src/tests/broken_configuration/broken_conf_allow_broken_disabled.phpt
@@ -2,18 +2,16 @@
 Broken configuration with allow broken turned off
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf.ini
 sp.allow_broken_configuration=Off
+error_log=/dev/null
 --FILE--
 <?php
 echo 1337;
 ?>
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Parser error on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_allow_broken_enabled.phpt b/src/tests/broken_configuration/broken_conf_allow_broken_enabled.phpt
index 68938fe..b999e7e 100644
--- a/src/tests/broken_configuration/broken_conf_allow_broken_enabled.phpt
+++ b/src/tests/broken_configuration/broken_conf_allow_broken_enabled.phpt
@@ -2,16 +2,14 @@
 Broken configuration with allow broken turned on
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf.ini
 sp.allow_broken_configuration=On
+error_log=/dev/null
 --FILE--
 <?php
 echo 1337;
 ?>
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Parser error on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
 1337
diff --git a/src/tests/broken_configuration/broken_conf_config_regexp.phpt b/src/tests/broken_configuration/broken_conf_config_regexp.phpt
index ff6280e..27fff9c 100644
--- a/src/tests/broken_configuration/broken_conf_config_regexp.phpt
+++ b/src/tests/broken_configuration/broken_conf_config_regexp.phpt
@@ -2,17 +2,14 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_config_regexp.ini
+error_log=/dev/null
 --FILE--
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Failed to compile '*.': %s on line 1. in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '*.': %a. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '*.': %s on line 1. in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid regexp '*.' for '.filename_r()' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_config_regexp_no_closing_paren.phpt b/src/tests/broken_configuration/broken_conf_config_regexp_no_closing_paren.phpt
index 8644dfe..e32ffa8 100644
--- a/src/tests/broken_configuration/broken_conf_config_regexp_no_closing_paren.phpt
+++ b/src/tests/broken_configuration/broken_conf_config_regexp_no_closing_paren.phpt
@@ -2,17 +2,12 @@
 Broken configuration - regexp without a closing parenthesis
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_config_regexp_no_closing_paren.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"*."': it doesn't look like a valid string on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'filename_r' - it should be 'filename_r("...")' on line 1 in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"*."': it doesn't look like a valid string on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_cookie_encryption_without_encryption_key.phpt b/src/tests/broken_configuration/broken_conf_cookie_encryption_without_encryption_key.phpt
index 857c803..90b497c 100644
--- a/src/tests/broken_configuration/broken_conf_cookie_encryption_without_encryption_key.phpt
+++ b/src/tests/broken_configuration/broken_conf_cookie_encryption_without_encryption_key.phpt
@@ -2,14 +2,12 @@
 Broken configuration - encrypted cookie without encryption key
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_cookie_encryption_without_encryption_key.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.encryption_key` option in`sp.global`: please set it first in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the cookie encryption feature on line 2 without having set the `.secret_key` option in `sp.global`: please set it first in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.encryption_key` option in`sp.global`: please set it first in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_cookie_encryption_without_env_var.phpt b/src/tests/broken_configuration/broken_conf_cookie_encryption_without_env_var.phpt
index de97a9d..adefcab 100644
--- a/src/tests/broken_configuration/broken_conf_cookie_encryption_without_env_var.phpt
+++ b/src/tests/broken_configuration/broken_conf_cookie_encryption_without_env_var.phpt
@@ -2,14 +2,12 @@
 Broken configuration - encrypted cookie with without cookie env var
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_cookie_encryption_without_env_var.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the cookie encryption feature on line 2 without having set the `.cookie_env_var` option in `sp.global`: please set it first in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_cookie_name_and_regexp.phpt b/src/tests/broken_configuration/broken_conf_cookie_name_and_regexp.phpt
index 141cf77..9899912 100644
--- a/src/tests/broken_configuration/broken_conf_cookie_name_and_regexp.phpt
+++ b/src/tests/broken_configuration/broken_conf_cookie_name_and_regexp.phpt
@@ -2,13 +2,11 @@
 Broken configuration - encrypted cookie with name and regexp
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_cookie_name_and_regexp.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] name and name_r are mutually exclusive on line 2 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] name and name_r are mutually exclusive on line 2 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_enable_disable.phpt b/src/tests/broken_configuration/broken_conf_enable_disable.phpt
index eeba04a..cf80a9d 100644
--- a/src/tests/broken_configuration/broken_conf_enable_disable.phpt
+++ b/src/tests/broken_configuration/broken_conf_enable_disable.phpt
@@ -2,13 +2,11 @@
 Global strict mode
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
-sp.configuration_file={PWD}/config/borken_conf_enable_disable.ini
+sp.configuration_file={PWD}/config/broken_conf_enable_disable.ini
+error_log=/dev/null
 --FILE--
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_enable_disable2.phpt b/src/tests/broken_configuration/broken_conf_enable_disable2.phpt
new file mode 100644
index 0000000..21380ce
--- /dev/null
+++ b/src/tests/broken_configuration/broken_conf_enable_disable2.phpt
@@ -0,0 +1,9 @@
+--TEST--
+Global strict mode
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/../broken_configuration/config/broken_conf_enable_disable2.ini
+error_log=/dev/null
+--FILE--
+--EXPECTF--
diff --git a/src/tests/broken_configuration/broken_conf_eval.phpt b/src/tests/broken_configuration/broken_conf_eval.phpt
index 791795a..d09beec 100644
--- a/src/tests/broken_configuration/broken_conf_eval.phpt
+++ b/src/tests/broken_configuration/broken_conf_eval.phpt
@@ -2,14 +2,12 @@
 Broken configuration for eval
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_eval.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"cos,sin': it doesn't look like a valid string on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'list' - it should be 'list("...")' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"cos,sin': it doesn't look like a valid string on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_expecting_bool.phpt b/src/tests/broken_configuration/broken_conf_expecting_bool.phpt
index 4857ebe..38417b9 100644
--- a/src/tests/broken_configuration/broken_conf_expecting_bool.phpt
+++ b/src/tests/broken_configuration/broken_conf_expecting_bool.phpt
@@ -2,14 +2,12 @@
 Bad boolean value in configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_expecting_bool.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Trailing chars '337);' at the end of '.enable(1337);' on line 5 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing paranthesis for keyword 'enable' - it should be 'enable()' on line 5 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '337);' at the end of '.enable(1337);' on line 5 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_invalid_cidr.phpt b/src/tests/broken_configuration/broken_conf_invalid_cidr.phpt
index e618676..74f13ac 100644
--- a/src/tests/broken_configuration/broken_conf_invalid_cidr.phpt
+++ b/src/tests/broken_configuration/broken_conf_invalid_cidr.phpt
@@ -2,13 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_invalid_cidr.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] '42' isn't a valid ipv4 mask. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] '42' isn't a valid ipv4 mask. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_invalid_cidr6.phpt b/src/tests/broken_configuration/broken_conf_invalid_cidr6.phpt
index 34a0d30..3765c22 100644
--- a/src/tests/broken_configuration/broken_conf_invalid_cidr6.phpt
+++ b/src/tests/broken_configuration/broken_conf_invalid_cidr6.phpt
@@ -2,13 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_invalid_cidr6.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] 'ZZZ' isn't a valid network mask. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] 'ZZZ' isn't a valid network mask. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_invalid_cidr6_no_slash.phpt b/src/tests/broken_configuration/broken_conf_invalid_cidr6_no_slash.phpt
index 8703dff..a6eea84 100644
--- a/src/tests/broken_configuration/broken_conf_invalid_cidr6_no_slash.phpt
+++ b/src/tests/broken_configuration/broken_conf_invalid_cidr6_no_slash.phpt
@@ -2,13 +2,11 @@
 Broken configuration, invalid cidr for ipv6 because there is no `/` in it
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_invalid_cidr6_no_slash.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] '2001:0db8:0000:0000:0000:ff00:0042:8329' isn't a valid network mask, it seems that you forgot a '/'. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] '2001:0db8:0000:0000:0000:ff00:0042:8329' isn't a valid network mask, it seems that you forgot a '/'. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_invalid_cidr6_too_big.phpt b/src/tests/broken_configuration/broken_conf_invalid_cidr6_too_big.phpt
index 47d4a5d..0fa61aa 100644
--- a/src/tests/broken_configuration/broken_conf_invalid_cidr6_too_big.phpt
+++ b/src/tests/broken_configuration/broken_conf_invalid_cidr6_too_big.phpt
@@ -5,5 +5,10 @@ Broken configuration, cidr for ipv6 is too big, that will `mod` to 25.
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_invalid_cidr6_too_big.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
+Fatal error: [snuffleupagus][0.0.0.0][config][log] '13337' isn't a valid network mask. in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
+Could not startup.
+\ No newline at end of file
diff --git a/src/tests/broken_configuration/broken_conf_invalid_cidr_value.phpt b/src/tests/broken_configuration/broken_conf_invalid_cidr_value.phpt
index 1424853..9894975 100644
--- a/src/tests/broken_configuration/broken_conf_invalid_cidr_value.phpt
+++ b/src/tests/broken_configuration/broken_conf_invalid_cidr_value.phpt
@@ -3,17 +3,12 @@ Broken configuration, invalid cidr value
 (13337%128 = 25)
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_invalid_cidr_value.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'cidr' - it should be 'cidr("...")' on line 1 in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] " doesn't contain a valid cidr on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] " doesn't contain a valid cidr on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_invalid_filename.phpt b/src/tests/broken_configuration/broken_conf_invalid_filename.phpt
index b9a904c..bf74900 100644
--- a/src/tests/broken_configuration/broken_conf_invalid_filename.phpt
+++ b/src/tests/broken_configuration/broken_conf_invalid_filename.phpt
@@ -2,14 +2,12 @@
 Broken configuration filename without absolute path
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_invalid_filename.ini
+error_log=/dev/null
 --FILE--
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("sprintf").filename("wrong file name").drop();':'.filename' must be an absolute path or a phar archive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions': '.filename' must be an absolute path or a phar archive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("sprintf").filename("wrong file name").drop();':'.filename' must be an absolute path or a phar archive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_invalid_log_media.phpt b/src/tests/broken_configuration/broken_conf_invalid_log_media.phpt
index c1c2668..af0d61f 100644
--- a/src/tests/broken_configuration/broken_conf_invalid_log_media.phpt
+++ b/src/tests/broken_configuration/broken_conf_invalid_log_media.phpt
@@ -2,14 +2,12 @@
 Broken configuration filename with improper log media
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_invalid_log_media.ini
+error_log=/dev/null
 --FILE--
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] .log_media() only supports 'syslog' or 'php', on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] .log_media() only supports 'syslog' or 'php' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] .log_media() only supports 'syslog' or 'php', on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_invalid_type.phpt b/src/tests/broken_configuration/broken_conf_invalid_type.phpt
index aeb6b85..acb8fee 100644
--- a/src/tests/broken_configuration/broken_conf_invalid_type.phpt
+++ b/src/tests/broken_configuration/broken_conf_invalid_type.phpt
@@ -2,14 +2,12 @@
 Broken conf with wrong type
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_invalid_type.ini
+error_log=/dev/null
 --FILE--
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"totally_wrong"_type")': it doesn't look like a valid string on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'ret_type' - it should be 'ret_type("...")' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"totally_wrong"_type")': it doesn't look like a valid string on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_key_value.phpt b/src/tests/broken_configuration/broken_conf_key_value.phpt
index ec87d93..6acb2af 100644
--- a/src/tests/broken_configuration/broken_conf_key_value.phpt
+++ b/src/tests/broken_configuration/broken_conf_key_value.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_key_value.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").var("").value("").key("").drop();':`key` and `value` are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.key' and '.value' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").var("").value("").key("").drop();':`key` and `value` are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_line_empty_string.phpt b/src/tests/broken_configuration/broken_conf_line_empty_string.phpt
index 3790d83..06553d8 100644
--- a/src/tests/broken_configuration/broken_conf_line_empty_string.phpt
+++ b/src/tests/broken_configuration/broken_conf_line_empty_string.phpt
@@ -2,14 +2,12 @@
 Configuration line with an empty string
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_line_empty_string.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'name' - it should be 'name("...")' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_line_no_closing.phpt b/src/tests/broken_configuration/broken_conf_line_no_closing.phpt
index 0f51dcf..8b06dc5 100644
--- a/src/tests/broken_configuration/broken_conf_line_no_closing.phpt
+++ b/src/tests/broken_configuration/broken_conf_line_no_closing.phpt
@@ -2,14 +2,12 @@
 Configuration line without closing parenthese
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_line_no_closing.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"123"': it doesn't look like a valid string on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'name' - it should be 'name("...")' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"123"': it doesn't look like a valid string on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_local_var_1.phpt b/src/tests/broken_configuration/broken_conf_local_var_1.phpt
index 851d532..dab3b56 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_1.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_1.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_1.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value ']' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value ']' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_10.phpt b/src/tests/broken_configuration/broken_conf_local_var_10.phpt
index 747cc5a..7633107 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_10.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_10.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_10.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd[asd]asd' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd[asd]asd' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_11.phpt b/src/tests/broken_configuration/broken_conf_local_var_11.phpt
index 11ca562..f881df4 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_11.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_11.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_11.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `::` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd::' for `param` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `::` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd::' for `param` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_12.phpt b/src/tests/broken_configuration/broken_conf_local_var_12.phpt
index 962f5ab..43dda8a 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_12.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_12.phpt
@@ -2,13 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_12.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Empty value in `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Empty value in `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_13.phpt b/src/tests/broken_configuration/broken_conf_local_var_13.phpt
index 5c33fdd..d771060 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_13.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_13.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_13.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd->asd' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd->asd' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_14.phpt b/src/tests/broken_configuration/broken_conf_local_var_14.phpt
index a831ef7..38225b6 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_14.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_14.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_14.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid var name: $i+valid var name . in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value '$i+valid var name ' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid var name: $i+valid var name . in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '$i+valid var name ' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_15.phpt b/src/tests/broken_configuration/broken_conf_local_var_15.phpt
index 5d8c6f1..d58bccb 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_15.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_15.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_15.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid var name: $i$$!@#. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value '$i$$!@#->qwe' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid var name: $i$$!@#. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '$i$$!@#->qwe' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_16.phpt b/src/tests/broken_configuration/broken_conf_local_var_16.phpt
index 47c1f17..2206c7d 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_16.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_16.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_16.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Missing a closing quote. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value '"' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing a closing quote. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '"' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_2.phpt b/src/tests/broken_configuration/broken_conf_local_var_2.phpt
index ec7ac2c..8eb38d0 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_2.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_2.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_2.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `"` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value '""asd' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `"` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '""asd' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_3.phpt b/src/tests/broken_configuration/broken_conf_local_var_3.phpt
index 776cee0..959ae3f 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_3.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_3.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_3.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value '$qwe->::' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '$qwe->::' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_4.phpt b/src/tests/broken_configuration/broken_conf_local_var_4.phpt
index 4390640..eab4e26 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_4.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_4.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_4.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `"` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value '"asd"asd[]' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `"` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '"asd"asd[]' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_5.phpt b/src/tests/broken_configuration/broken_conf_local_var_5.phpt
index a73056e..2a87994 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_5.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_5.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_5.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `'` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value ''asd'asd[]' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `'` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value ''asd'asd[]' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_6.phpt b/src/tests/broken_configuration/broken_conf_local_var_6.phpt
index 19b2915..8e69255 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_6.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_6.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_6.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `'` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value '''asd' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `'` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '''asd' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_7.phpt b/src/tests/broken_configuration/broken_conf_local_var_7.phpt
index 62e983f..4fb6047 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_7.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_7.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_7.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd-->' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd-->' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_8.phpt b/src/tests/broken_configuration/broken_conf_local_var_8.phpt
index 1d170d2..11187cc 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_8.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_8.phpt
@@ -2,14 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_8.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd[asd]"asd"' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd[asd]"asd"' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_local_var_9.phpt b/src/tests/broken_configuration/broken_conf_local_var_9.phpt
index 5786e02..ec97f5d 100644
--- a/src/tests/broken_configuration/broken_conf_local_var_9.phpt
+++ b/src/tests/broken_configuration/broken_conf_local_var_9.phpt
@@ -2,13 +2,11 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_local_var_9.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd[asd]'asd'' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_lots_of_quotes.phpt b/src/tests/broken_configuration/broken_conf_lots_of_quotes.phpt
index bef62b9..0896868 100644
--- a/src/tests/broken_configuration/broken_conf_lots_of_quotes.phpt
+++ b/src/tests/broken_configuration/broken_conf_lots_of_quotes.phpt
@@ -2,14 +2,12 @@
 Configuration line with too many quotes
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_lots_of_quotes.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"this\"is a weird\"\"\"cookie\"name"");': it doesn't look like a valid string on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'name' - it should be 'name("...")' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"this\"is a weird\"\"\"cookie\"name"");': it doesn't look like a valid string on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_missing_script.phpt b/src/tests/broken_configuration/broken_conf_missing_script.phpt
index 9deffc7..0b8a183 100644
--- a/src/tests/broken_configuration/broken_conf_missing_script.phpt
+++ b/src/tests/broken_configuration/broken_conf_missing_script.phpt
@@ -1,18 +1,17 @@
 --TEST--
 Invalid configuration file for upload
 --SKIPIF--
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
 file_uploads=1
 sp.configuration_file={PWD}/config/broken_conf_missing_script.ini
+error_log=/dev/null
 --FILE--
 <?php
 echo 1;
 ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] The `script` directive is mandatory in '.enable();' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` directive is mandatory in '.upload_validation' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` directive is mandatory in '.enable();' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive.phpt
index a8036d2..df7085a 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").value_r("^id$").drop();': '.r_value' and '.value' are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.value' and '.value_r' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").value_r("^id$").drop();': '.r_value' and '.value' are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive10.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive10.phpt
index 932f584..de8f909 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive10.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive10.phpt
@@ -2,13 +2,11 @@
 Broken configuration - enabled/disabled readonly
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive10.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive11.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive11.phpt
index 62ae64e..07f5077 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive11.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive11.phpt
@@ -2,14 +2,12 @@
 Broken configuration - ret and var are mutually exclusives
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive11.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("strcmp").drop().ret("hip").var("hop");':`ret` and `var` are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.ret' and '.var' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("strcmp").drop().ret("hip").var("hop");':`ret` and `var` are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive12.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive12.phpt
index 28b0564..8cf2bf0 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive12.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive12.phpt
@@ -2,14 +2,12 @@
 Broken configuration - ret and value are mutually exclusive
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive12.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("strcmp").drop().ret("hip").value("hop");':`ret` and `value` are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.ret' and '.value' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("strcmp").drop().ret("hip").value("hop");':`ret` and `value` are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive2.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive2.phpt
index cc3a951..9474909 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive2.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive2.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive2.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").function_r("system").param("id").value("42").drop();': '.r_function' and '.function' are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.function' and '.function_r' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").function_r("system").param("id").value("42").drop();': '.r_function' and '.function' are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive3.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive3.phpt
index ab50266..2730694 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive3.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive3.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive3.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").filename_r("^id$").filename("pouet.txt").drop();': '.r_filename' and '.filename' are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.filename' and '.filename_r' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").filename_r("^id$").filename("pouet.txt").drop();': '.r_filename' and '.filename' are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive4.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive4.phpt
index b848d1a..fd7041f 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive4.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive4.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive4.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").param_r("^id$").drop();':'.r_param', '.param' and '.pos' are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.param' and '.param_r' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").param_r("^id$").drop();':'.r_param', '.param' and '.pos' are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive5.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive5.phpt
index c668643..7bf1f88 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive5.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive5.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive5.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").ret("0").drop().ret_r("^0$");': '.r_ret' and '.ret' are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.ret' and '.ret_r' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").ret("0").drop().ret_r("^0$");': '.r_ret' and '.ret' are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive6.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive6.phpt
index 94ed765..2083894 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive6.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive6.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive6.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").ret_r("^0$").drop();':`ret` and `param` are mutually exclusive on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line for 'sp.disabled_functions': '.ret' and '.param' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").ret_r("^0$").drop();':`ret` and `param` are mutually exclusive on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive7.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive7.phpt
index 2a16d0c..64baefd 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive7.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive7.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive7.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").ret("0").drop().allow();': The rule must either be a `drop` or `allow` one on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions': The rule must either be a `drop` or `allow` one on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").ret("0").drop().allow();': The rule must either be a `drop` or `allow` one on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive8.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive8.phpt
index 129707d..f8277eb 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive8.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive8.phpt
@@ -2,14 +2,12 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive8.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.ret("0").drop();': must take a function name on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions': must take a function name on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.ret("0").drop();': must take a function name on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_mutually_exclusive9.phpt b/src/tests/broken_configuration/broken_conf_mutually_exclusive9.phpt
index b384d77..1a62ef0 100644
--- a/src/tests/broken_configuration/broken_conf_mutually_exclusive9.phpt
+++ b/src/tests/broken_configuration/broken_conf_mutually_exclusive9.phpt
@@ -2,13 +2,11 @@
 Broken configuration - enabled/disabled unserialize
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive9.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_no_cookie_action.phpt b/src/tests/broken_configuration/broken_conf_no_cookie_action.phpt
index 62831d4..668e09c 100644
--- a/src/tests/broken_configuration/broken_conf_no_cookie_action.phpt
+++ b/src/tests/broken_configuration/broken_conf_no_cookie_action.phpt
@@ -2,13 +2,11 @@
 Bad config, invalid action.
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_cookie_action.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] You must specify a at least one action to a cookie on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] You must specify a at least one action to a cookie on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_no_cookie_name.phpt b/src/tests/broken_configuration/broken_conf_no_cookie_name.phpt
index 51d2980..e074411 100644
--- a/src/tests/broken_configuration/broken_conf_no_cookie_name.phpt
+++ b/src/tests/broken_configuration/broken_conf_no_cookie_name.phpt
@@ -2,13 +2,11 @@
 Broken configuration - encrypted cookie with no name
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/config_encrypted_cookies_noname.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] You must specify a cookie name/regexp on line 2 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] You must specify a cookie name/regexp on line 2 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_nonexisting_script.phpt b/src/tests/broken_configuration/broken_conf_nonexisting_script.phpt
index fa891d8..df0c231 100644
--- a/src/tests/broken_configuration/broken_conf_nonexisting_script.phpt
+++ b/src/tests/broken_configuration/broken_conf_nonexisting_script.phpt
@@ -1,17 +1,16 @@
 --TEST--
 Invalid configuration file for upload
 --SKIPIF--
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
 file_uploads=1
 sp.configuration_file={PWD}/config/broken_conf_nonexisting_script.ini
+error_log=/dev/null
 --FILE--
 <?php
 echo 1;
 ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] The `script` (./non_existing_script.sh) doesn't exist on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` (./non_existing_script.sh) doesn't exist on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_quotes.phpt b/src/tests/broken_configuration/broken_conf_quotes.phpt
index 5b7b839..da168ae 100644
--- a/src/tests/broken_configuration/broken_conf_quotes.phpt
+++ b/src/tests/broken_configuration/broken_conf_quotes.phpt
@@ -2,14 +2,11 @@
 Broken configuration - missing quote
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_quotes.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] You forgot to close a bracket. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value '_SERVER[PHP_SELF' for `var` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] You forgot to close a bracket. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '_SERVER[PHP_SELF' for `var` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_conf_readonly_exec.phpt b/src/tests/broken_configuration/broken_conf_readonly_exec.phpt
index 78b2b9a..a53024e 100644
--- a/src/tests/broken_configuration/broken_conf_readonly_exec.phpt
+++ b/src/tests/broken_configuration/broken_conf_readonly_exec.phpt
@@ -1,18 +1,17 @@
 --TEST--
 Invalid configuration file for readonly_exec
 --SKIPIF--
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
 file_uploads=1
 sp.configuration_file={PWD}/config/broken_conf_readonly_exec.ini
+error_log=/dev/null
 --FILE--
 <?php
 echo 1;
 ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Trailing chars '234);' at the end of '.enable(1234);' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing paranthesis for keyword 'enable' - it should be 'enable()' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '234);' at the end of '.enable(1234);' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_samesite.phpt b/src/tests/broken_configuration/broken_conf_samesite.phpt
index e4940c9..0a39915 100644
--- a/src/tests/broken_configuration/broken_conf_samesite.phpt
+++ b/src/tests/broken_configuration/broken_conf_samesite.phpt
@@ -2,14 +2,12 @@
 Bad config, invalid samesite type.
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_cookie_samesite.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] nop is an invalid value to samesite (expected Lax or Strict) on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] 'nop' is an invalid value to samesite (expected Lax or Strict) on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] nop is an invalid value to samesite (expected Lax or Strict) on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_session_encryption.phpt b/src/tests/broken_configuration/broken_conf_session_encryption.phpt
index 9dbedc1..0a031c8 100644
--- a/src/tests/broken_configuration/broken_conf_session_encryption.phpt
+++ b/src/tests/broken_configuration/broken_conf_session_encryption.phpt
@@ -2,14 +2,12 @@
 Broken config, session encryption
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_session_encryption.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Trailing chars 'nvalid value :/);' at the end of '.encrypt(invalid value :/);' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing paranthesis for keyword 'encrypt' - it should be 'encrypt()' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars 'nvalid value :/);' at the end of '.encrypt(invalid value :/);' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_session_encryption_without_encryption_key.phpt b/src/tests/broken_configuration/broken_conf_session_encryption_without_encryption_key.phpt
index c638f80..63af9e8 100644
--- a/src/tests/broken_configuration/broken_conf_session_encryption_without_encryption_key.phpt
+++ b/src/tests/broken_configuration/broken_conf_session_encryption_without_encryption_key.phpt
@@ -2,14 +2,15 @@
 Broken configuration - encrypted session without encryption key
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_session_encryption_without_encryption_key.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.secret_key` option in`sp.global`: please set it first in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.secret_key` option in `sp.global`: please set it first in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.secret_key` option in`sp.global`: please set it first in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_session_encryption_without_env_var.phpt b/src/tests/broken_configuration/broken_conf_session_encryption_without_env_var.phpt
index d503942..80b3a5f 100644
--- a/src/tests/broken_configuration/broken_conf_session_encryption_without_env_var.phpt
+++ b/src/tests/broken_configuration/broken_conf_session_encryption_without_env_var.phpt
@@ -2,14 +2,15 @@
 Broken configuration - encrypted session without env var
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_session_encryption_without_env_var.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.cookie_env_var` option in `sp.global`: please set it first in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_shown_in_phpinfo.phpt b/src/tests/broken_configuration/broken_conf_shown_in_phpinfo.phpt
index 1ad0afb..616bef8 100644
--- a/src/tests/broken_configuration/broken_conf_shown_in_phpinfo.phpt
+++ b/src/tests/broken_configuration/broken_conf_shown_in_phpinfo.phpt
@@ -2,9 +2,9 @@
 Broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_config_regexp.ini
+error_log=/dev/null
 --FILE--
 <?php
 ob_start();
@@ -18,12 +18,9 @@ if (strstr($info, 'Valid config => no') !== FALSE) {
 }
 ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Failed to compile '*.': %s on line 1. in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '*.': %a. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '*.': %s on line 1. in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid regexp '*.' for '.filename_r()' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_truncated.phpt b/src/tests/broken_configuration/broken_conf_truncated.phpt
index 6deff87..06a53a9 100644
--- a/src/tests/broken_configuration/broken_conf_truncated.phpt
+++ b/src/tests/broken_configuration/broken_conf_truncated.phpt
@@ -1,15 +1,13 @@
 --TEST--
 Bad boolean value in configuration
 --SKIPIF--
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/config_broken_conf_truncated.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'param' - it should be 'param("...")' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_unserialize.phpt b/src/tests/broken_configuration/broken_conf_unserialize.phpt
index a42d8a1..e897388 100644
--- a/src/tests/broken_configuration/broken_conf_unserialize.phpt
+++ b/src/tests/broken_configuration/broken_conf_unserialize.phpt
@@ -1,18 +1,17 @@
 --TEST--
 Invalid configuration file for unserialize
 --SKIPIF--
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
 file_uploads=1
 sp.configuration_file={PWD}/config/broken_conf_unserialize.ini
+error_log=/dev/null
 --FILE--
 <?php
 echo 1;
 ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Trailing chars '234);' at the end of '.enable(1234);' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing paranthesis for keyword 'enable' - it should be 'enable()' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '234);' at the end of '.enable(1234);' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_upload_validation.phpt b/src/tests/broken_configuration/broken_conf_upload_validation.phpt
index 4b65339..7c8f604 100644
--- a/src/tests/broken_configuration/broken_conf_upload_validation.phpt
+++ b/src/tests/broken_configuration/broken_conf_upload_validation.phpt
@@ -1,18 +1,17 @@
 --TEST--
 Invalid configuration file for upload validation
 --SKIPIF--
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
 file_uploads=1
-sp.configuration_file={PWD}/config/borken_conf_upload_validation.ini
+sp.configuration_file={PWD}/config/broken_conf_upload_validation.ini
+error_log=/dev/null
 --FILE--
 <?php
 echo 1;
 ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'script' - it should be 'script("...")' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_weird_keyword.phpt b/src/tests/broken_configuration/broken_conf_weird_keyword.phpt
index ce568af..663f153 100644
--- a/src/tests/broken_configuration/broken_conf_weird_keyword.phpt
+++ b/src/tests/broken_configuration/broken_conf_weird_keyword.phpt
@@ -2,14 +2,12 @@
 Bad config, unknown keyword
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_weird_keyword.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Trailing chars '.not_a_valid_keyword("test");' at the end of '.enable().not_a_valid_keyword("test");' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Unexpected keyword 'not_a_valid_keyword' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '.not_a_valid_keyword("test");' at the end of '.enable().not_a_valid_keyword("test");' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_wrapper_whitelist.phpt b/src/tests/broken_configuration/broken_conf_wrapper_whitelist.phpt
index 2d1feeb..37d074a 100644
--- a/src/tests/broken_configuration/broken_conf_wrapper_whitelist.phpt
+++ b/src/tests/broken_configuration/broken_conf_wrapper_whitelist.phpt
@@ -2,18 +2,16 @@
 Broken configuration with invalid token for wrapper whitelist
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_wrapper_whitelist.ini
 sp.allow_broken_configuration=Off
+error_log=/dev/null
 --FILE--
 <?php
 echo 1337;
 ?>
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Trailing chars '.invalid_param();' at the end of '.invalid_param();' on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Unexpected keyword 'invalid_param' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '.invalid_param();' at the end of '.invalid_param();' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_wrong_quotes.phpt b/src/tests/broken_configuration/broken_conf_wrong_quotes.phpt
index 3753989..cd19eb3 100644
--- a/src/tests/broken_configuration/broken_conf_wrong_quotes.phpt
+++ b/src/tests/broken_configuration/broken_conf_wrong_quotes.phpt
@@ -2,14 +2,12 @@
 Configuration line with too many quotes
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_wrong_quotes.ini
+error_log=/dev/null
 --FILE--
 --EXPECT--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"\)': it doesn't look like a valid string on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing argument to keyword 'name' - it should be 'name("...")' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"\)': it doesn't look like a valid string on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_conf_wrong_type.phpt b/src/tests/broken_configuration/broken_conf_wrong_type.phpt
index b204968..a24b415 100644
--- a/src/tests/broken_configuration/broken_conf_wrong_type.phpt
+++ b/src/tests/broken_configuration/broken_conf_wrong_type.phpt
@@ -2,13 +2,11 @@
 Broken conf with wrong type
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_conf_wrong_type.ini
+error_log=/dev/null
 --FILE--
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][error][log] .ret_type() is expecting a valid php type ('false', 'true', 'array'. 'object', 'long', 'double', 'null', 'resource', 'reference', 'undef') on line 5 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][error][log] .ret_type() is expecting a valid php type ('false', 'true', 'array'. 'object', 'long', 'double', 'null', 'resource', 'reference', 'undef') on line 5 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/broken_configuration/broken_regexp.phpt b/src/tests/broken_configuration/broken_regexp.phpt
index 83c7103..f216e9a 100644
--- a/src/tests/broken_configuration/broken_regexp.phpt
+++ b/src/tests/broken_configuration/broken_regexp.phpt
@@ -2,17 +2,14 @@
 Broken regexp
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/broken_regexp.ini
+error_log=/dev/null
 --FILE--
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Failed to compile '^$[': missing terminating ] for character class on line 1. in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '^$[': missing terminating ] for character class. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] '.value_r()' is expecting a valid regexp, and not '"^$["' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '^$[': missing terminating ] for character class on line 1. in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid regexp '^$[' for '.value_r()' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '.value_r()' is expecting a valid regexp, and not '"^$["' on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
 Could not startup.
diff --git a/src/tests/broken_configuration/broken_unmatching_brackets.phpt b/src/tests/broken_configuration/broken_unmatching_brackets.phpt
index ba14ff3..d900eaa 100644
--- a/src/tests/broken_configuration/broken_unmatching_brackets.phpt
+++ b/src/tests/broken_configuration/broken_unmatching_brackets.phpt
@@ -2,14 +2,11 @@
 Broken configuration - unmatching brackets
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/config_unmatching_brackets.ini
+error_log=/dev/null
 --FILE--
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Invalid value 'arr[b]]]]]' for `param` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'arr[b]]]]]' for `param` on line 1 in Unknown on line 0
diff --git a/src/tests/broken_configuration/config/broken_conf_cookie_name_and_regexp.ini b/src/tests/broken_configuration/config/broken_conf_cookie_name_and_regexp.ini
index 503889b..6b43b71 100644
--- a/src/tests/broken_configuration/config/broken_conf_cookie_name_and_regexp.ini
+++ b/src/tests/broken_configuration/config/broken_conf_cookie_name_and_regexp.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name("my_cookie_name").name_r("my_cookie_regexp").encrypt();
diff --git a/src/tests/broken_configuration/config/borken_conf_enable_disable.ini b/src/tests/broken_configuration/config/broken_conf_enable_disable.ini
index 4e95294..4e95294 100644
--- a/src/tests/broken_configuration/config/borken_conf_enable_disable.ini
+++ b/src/tests/broken_configuration/config/broken_conf_enable_disable.ini
diff --git a/src/tests/broken_configuration/config/broken_conf_enable_disable2.ini b/src/tests/broken_configuration/config/broken_conf_enable_disable2.ini
new file mode 100644
index 0000000..7ed0c16
--- /dev/null
+++ b/src/tests/broken_configuration/config/broken_conf_enable_disable2.ini
@@ -0,0 +1,3 @@
+sp.global_strict.enable();
+sp.global_strict.disable();
+;; this is actually not recognised as broken, as there is no internal third state for 'unset'
diff --git a/src/tests/broken_configuration/config/borken_conf_upload_validation.ini b/src/tests/broken_configuration/config/broken_conf_upload_validation.ini
index 7c94185..7c94185 100644
--- a/src/tests/broken_configuration/config/borken_conf_upload_validation.ini
+++ b/src/tests/broken_configuration/config/broken_conf_upload_validation.ini
diff --git a/src/tests/broken_configuration/config/config_encrypted_cookies_noname.ini b/src/tests/broken_configuration/config/config_encrypted_cookies_noname.ini
index 048e404..43a4284 100644
--- a/src/tests/broken_configuration/config/config_encrypted_cookies_noname.ini
+++ b/src/tests/broken_configuration/config/config_encrypted_cookies_noname.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name("").encrypt();
 sp.auto_cookie_secure.enable();
diff --git a/src/tests/broken_configuration/config/config_encrypted_regexp_cookies_bad_regexp.ini b/src/tests/broken_configuration/config/config_encrypted_regexp_cookies_bad_regexp.ini
index 4fe92fd..817de14 100644
--- a/src/tests/broken_configuration/config/config_encrypted_regexp_cookies_bad_regexp.ini
+++ b/src/tests/broken_configuration/config/config_encrypted_regexp_cookies_bad_regexp.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name_r("^super_co[a-z+$").encrypt();
 sp.auto_cookie_secure.enable();
diff --git a/src/tests/broken_configuration/config/config_encryption_key_short.ini b/src/tests/broken_configuration/config/config_encryption_key_short.ini
new file mode 100644
index 0000000..7de4438
--- /dev/null
+++ b/src/tests/broken_configuration/config/config_encryption_key_short.ini
@@ -0,0 +1 @@
+sp.global.secret_key("abcdef");
diff --git a/src/tests/broken_configuration/encrypt_key_too_short.phpt b/src/tests/broken_configuration/encrypt_key_too_short.phpt
new file mode 100644
index 0000000..a6feb6e
--- /dev/null
+++ b/src/tests/broken_configuration/encrypt_key_too_short.phpt
@@ -0,0 +1,22 @@
+--TEST--
+Cookie encryption key too short
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/config_encryption_key_short.ini
+error_log=/dev/null
+--COOKIE--
+--ENV--
+return <<<EOF
+REMOTE_ADDR=2001:0db8:0000:0000:0000:fe00:0042:8329
+HTTP_USER_AGENT=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/59.0.3071.109 Chrome/59.0.3071.109 Safari/537.36
+HTTPS=1
+EOF;
+--FILE--
+<?php
+?>
+--EXPECT--
+Fatal error: [snuffleupagus][2001:0db8:0000:0000:0000:fe00:0042:8329][config][log] The encryption key set on line 1 is too short. please use at least 10 bytes in Unknown on line 0
+Fatal error: [snuffleupagus][2001:0db8:0000:0000:0000:fe00:0042:8329][config][log] Invalid configuration file in Unknown on line 0
+Could not startup.
+\ No newline at end of file
diff --git a/src/tests/broken_configuration/encrypt_regexp_cookies_bad_regexp.phpt b/src/tests/broken_configuration/encrypt_regexp_cookies_bad_regexp.phpt
index 7a8c909..f660f28 100644
--- a/src/tests/broken_configuration/encrypt_regexp_cookies_bad_regexp.phpt
+++ b/src/tests/broken_configuration/encrypt_regexp_cookies_bad_regexp.phpt
@@ -6,7 +6,7 @@ Cookie decryption in ipv4
 sp.configuration_file={PWD}/config/config_encrypted_regexp_cookies_bad_regexp.ini
 error_reporting=1
 --COOKIE--
-super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM=;awful_cookie=awful_cookie_value;
+super_cookie=IpRZV4rivSjANrEOSxINd%2FdFe17giJgaAAAAAAAAAAAAAAAAAAAAALnmBVs%2BTILKxauHeGcUyJpR%2BX2UiZ6OamUTaWc=;awful_cookie=awful_cookie_value;
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
@@ -14,9 +14,7 @@ HTTP_USER_AGENT=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like
 EOF;
 --FILE--
 <?php var_dump($_COOKIE); ?>
--EXPECT--
+--EXPECTF--
 Fatal error: [snuffleupagus][127.0.0.1][config][log] Invalid configuration file in Unknown on line 0
+%A
-Fatal error: [snuffleupagus][127.0.0.1][config][log] Failed to compile '^super_co[a-z+$': missing terminating ] for character class on line 2. in Unknown on line 0
+Fatal error: [snuffleupagus][127.0.0.1][config][log] Invalid regexp '^super_co[a-z+$' for '.name_r()' on line 2 in Unknown on line 0
-Fatal error: [snuffleupagus][127.0.0.1][config][log] '.name_r()' is expecting a valid regexp, and not '"^super_co[a-z+$"' on line 2 in Unknown on line 0
diff --git a/src/tests/broken_configuration_php8/broken_conf.phpt b/src/tests/broken_configuration_php8/broken_conf.phpt
deleted file mode 100644
index 7dde7d6..0000000
--- a/src/tests/broken_configuration_php8/broken_conf.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf2.phpt b/src/tests/broken_configuration_php8/broken_conf2.phpt
deleted file mode 100644
index bf337b4..0000000
--- a/src/tests/broken_configuration_php8/broken_conf2.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf2.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration section 'sp.wrong' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_allow_broken_disabled.phpt b/src/tests/broken_configuration_php8/broken_conf_allow_broken_disabled.phpt
deleted file mode 100644
index 9dd0c66..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_allow_broken_disabled.phpt
+++ /dev/null
@@ -1,18 +0,0 @@
--TEST--
-Broken configuration with allow broken turned off
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf.ini
-sp.allow_broken_configuration=Off
--FILE--
-<?php
-echo 1337;
-?>
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_allow_broken_enabled.phpt b/src/tests/broken_configuration_php8/broken_conf_allow_broken_enabled.phpt
deleted file mode 100644
index eccc8a8..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_allow_broken_enabled.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration with allow broken turned on
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf.ini
-sp.allow_broken_configuration=On
--FILE--
-<?php
-echo 1337;
-?>
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration prefix for 'this is a broken line' on line 1 in Unknown on line 0
-1337
diff --git a/src/tests/broken_configuration_php8/broken_conf_config_regexp.phpt b/src/tests/broken_configuration_php8/broken_conf_config_regexp.phpt
deleted file mode 100644
index 76ef208..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_config_regexp.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_config_regexp.ini
--FILE--
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '*.': %s on line 1. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_config_regexp_no_closing_paren.phpt b/src/tests/broken_configuration_php8/broken_conf_config_regexp_no_closing_paren.phpt
deleted file mode 100644
index 5bdca06..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_config_regexp_no_closing_paren.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration - regexp without a closing parenthesis
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_config_regexp_no_closing_paren.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"*."': it doesn't look like a valid string on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_cookie_encryption_without_encryption_key.phpt b/src/tests/broken_configuration_php8/broken_conf_cookie_encryption_without_encryption_key.phpt
deleted file mode 100644
index 0447320..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_cookie_encryption_without_encryption_key.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration - encrypted cookie without encryption key
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_cookie_encryption_without_encryption_key.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.encryption_key` option in`sp.global`: please set it first in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_cookie_encryption_without_env_var.phpt b/src/tests/broken_configuration_php8/broken_conf_cookie_encryption_without_env_var.phpt
deleted file mode 100644
index 204430d..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_cookie_encryption_without_env_var.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration - encrypted cookie with without cookie env var
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_cookie_encryption_without_env_var.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_cookie_name_and_regexp.phpt b/src/tests/broken_configuration_php8/broken_conf_cookie_name_and_regexp.phpt
deleted file mode 100644
index 8648b4f..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_cookie_name_and_regexp.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration - encrypted cookie with name and regexp
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_cookie_name_and_regexp.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] name and name_r are mutually exclusive on line 2 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_enable_disable.phpt b/src/tests/broken_configuration_php8/broken_conf_enable_disable.phpt
deleted file mode 100644
index 54e4d32..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_enable_disable.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Global strict mode
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/borken_conf_enable_disable.ini
--FILE--
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_eval.phpt b/src/tests/broken_configuration_php8/broken_conf_eval.phpt
deleted file mode 100644
index 1a6ad4d..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_eval.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration for eval
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_eval.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"cos,sin': it doesn't look like a valid string on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_expecting_bool.phpt b/src/tests/broken_configuration_php8/broken_conf_expecting_bool.phpt
deleted file mode 100644
index 682a4f5..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_expecting_bool.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Bad boolean value in configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_expecting_bool.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '337);' at the end of '.enable(1337);' on line 5 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr.phpt
deleted file mode 100644
index f66d8b6..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_invalid_cidr.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '42' isn't a valid ipv4 mask. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6.phpt
deleted file mode 100644
index 91bd4a2..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_invalid_cidr6.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] 'ZZZ' isn't a valid network mask. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_no_slash.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_no_slash.phpt
deleted file mode 100644
index c6c8231..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_no_slash.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration, invalid cidr for ipv6 because there is no `/` in it
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_invalid_cidr6_no_slash.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '2001:0db8:0000:0000:0000:ff00:0042:8329' isn't a valid network mask, it seems that you forgot a '/'. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_too_big.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_too_big.phpt
deleted file mode 100644
index 47d4a5d..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr6_too_big.phpt
+++ /dev/null
@@ -1,9 +0,0 @@
--TEST--
-Broken configuration, cidr for ipv6 is too big, that will `mod` to 25.
-(13337%128 = 25)
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_invalid_cidr6_too_big.ini
--FILE--
--EXPECT--
diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr_value.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_cidr_value.phpt
deleted file mode 100644
index dbe5414..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_invalid_cidr_value.phpt
+++ /dev/null
@@ -1,17 +0,0 @@
--TEST--
-Broken configuration, invalid cidr value
-(13337%128 = 25)
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_invalid_cidr_value.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] " doesn't contain a valid cidr on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_filename.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_filename.phpt
deleted file mode 100644
index cb78f85..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_invalid_filename.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration filename without absolute path
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_invalid_filename.ini
--FILE--
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("sprintf").filename("wrong file name").drop();':'.filename' must be an absolute path or a phar archive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_log_media.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_log_media.phpt
deleted file mode 100644
index 68581b6..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_invalid_log_media.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration filename with improper log media
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_invalid_log_media.ini
--FILE--
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] .log_media() only supports 'syslog' or 'php', on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_invalid_type.phpt b/src/tests/broken_configuration_php8/broken_conf_invalid_type.phpt
deleted file mode 100644
index 188d610..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_invalid_type.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken conf with wrong type
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_invalid_type.ini
--FILE--
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"totally_wrong"_type")': it doesn't look like a valid string on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_key_value.phpt b/src/tests/broken_configuration_php8/broken_conf_key_value.phpt
deleted file mode 100644
index 1b51bd7..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_key_value.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_key_value.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").var("").value("").key("").drop();':`key` and `value` are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_line_empty_string.phpt b/src/tests/broken_configuration_php8/broken_conf_line_empty_string.phpt
deleted file mode 100644
index 2d370ac..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_line_empty_string.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Configuration line with an empty string
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_line_empty_string.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_line_no_closing.phpt b/src/tests/broken_configuration_php8/broken_conf_line_no_closing.phpt
deleted file mode 100644
index d3c826f..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_line_no_closing.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Configuration line without closing parenthese
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_line_no_closing.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"123"': it doesn't look like a valid string on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_1.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_1.phpt
deleted file mode 100644
index 52cd962..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_1.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_1.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value ']' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_10.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_10.phpt
deleted file mode 100644
index 7817a19..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_10.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_10.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd[asd]asd' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_11.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_11.phpt
deleted file mode 100644
index 06099a5..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_11.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_11.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `::` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd::' for `param` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_12.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_12.phpt
deleted file mode 100644
index df753df..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_12.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_12.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Empty value in `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_13.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_13.phpt
deleted file mode 100644
index 80bc068..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_13.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_13.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd->asd' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_14.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_14.phpt
deleted file mode 100644
index 749c317..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_14.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_14.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid var name: $i+valid var name . in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '$i+valid var name ' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_15.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_15.phpt
deleted file mode 100644
index 97eab54..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_15.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_15.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid var name: $i$$!@#. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '$i$$!@#->qwe' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_16.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_16.phpt
deleted file mode 100644
index c643144..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_16.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_16.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Missing a closing quote. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '"' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_2.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_2.phpt
deleted file mode 100644
index 8b769af..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_2.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_2.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `"` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '""asd' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_3.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_3.phpt
deleted file mode 100644
index 850a977..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_3.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_3.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '$qwe->::' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_4.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_4.phpt
deleted file mode 100644
index 5146590..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_4.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_4.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `"` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '"asd"asd[]' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_5.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_5.phpt
deleted file mode 100644
index a7f8183..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_5.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_5.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `'` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value ''asd'asd[]' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_6.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_6.phpt
deleted file mode 100644
index 283cb41..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_6.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_6.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `'` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '''asd' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_7.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_7.phpt
deleted file mode 100644
index 223e599..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_7.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_7.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `->` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd-->' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_8.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_8.phpt
deleted file mode 100644
index 058b5dd..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_8.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_8.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd[asd]"asd"' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_local_var_9.phpt b/src/tests/broken_configuration_php8/broken_conf_local_var_9.phpt
deleted file mode 100644
index c1eeae6..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_local_var_9.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_local_var_9.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'asd[asd]'asd'' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_lots_of_quotes.phpt b/src/tests/broken_configuration_php8/broken_conf_lots_of_quotes.phpt
deleted file mode 100644
index e599e62..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_lots_of_quotes.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Configuration line with too many quotes
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_lots_of_quotes.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"this\"is a weird\"\"\"cookie\"name"");': it doesn't look like a valid string on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_missing_script.phpt b/src/tests/broken_configuration_php8/broken_conf_missing_script.phpt
deleted file mode 100644
index 2ddb70f..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_missing_script.phpt
+++ /dev/null
@@ -1,17 +0,0 @@
--TEST--
-Invalid configuration file for upload
--SKIPIF--
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-file_uploads=1
-sp.configuration_file={PWD}/config/broken_conf_missing_script.ini
--FILE--
-<?php
-echo 1;
-?>
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` directive is mandatory in '.enable();' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive.phpt
deleted file mode 100644
index 800cffa..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").value_r("^id$").drop();': '.r_value' and '.value' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive10.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive10.phpt
deleted file mode 100644
index c863bf9..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive10.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration - enabled/disabled readonly
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive10.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive11.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive11.phpt
deleted file mode 100644
index 6bdb959..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive11.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration - ret and var are mutually exclusives
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive11.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("strcmp").drop().ret("hip").var("hop");':`ret` and `var` are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive12.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive12.phpt
deleted file mode 100644
index 1855fca..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive12.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration - ret and value are mutually exclusive
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive12.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("strcmp").drop().ret("hip").value("hop");':`ret` and `value` are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive2.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive2.phpt
deleted file mode 100644
index 286ea04..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive2.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive2.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").function_r("system").param("id").value("42").drop();': '.r_function' and '.function' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive3.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive3.phpt
deleted file mode 100644
index b377179..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive3.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive3.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").filename_r("^id$").filename("pouet.txt").drop();': '.r_filename' and '.filename' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive4.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive4.phpt
deleted file mode 100644
index 5f22a47..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive4.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive4.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").param_r("^id$").drop();':'.r_param', '.param' and '.pos' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive5.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive5.phpt
deleted file mode 100644
index 55d0eda..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive5.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive5.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").ret("0").drop().ret_r("^0$");': '.r_ret' and '.ret' are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive6.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive6.phpt
deleted file mode 100644
index 7dc6985..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive6.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive6.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").param("id").value("42").ret_r("^0$").drop();':`ret` and `param` are mutually exclusive on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive7.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive7.phpt
deleted file mode 100644
index ff7f415..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive7.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive7.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.function("system").ret("0").drop().allow();': The rule must either be a `drop` or `allow` one on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive8.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive8.phpt
deleted file mode 100644
index 6ccd508..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive8.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive8.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration line: 'sp.disabled_functions.ret("0").drop();': must take a function name on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive9.phpt b/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive9.phpt
deleted file mode 100644
index e4a2d6f..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_mutually_exclusive9.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration - enabled/disabled unserialize
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_mutually_exclusive9.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_no_cookie_action.phpt b/src/tests/broken_configuration_php8/broken_conf_no_cookie_action.phpt
deleted file mode 100644
index 5fb3f0b..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_no_cookie_action.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Bad config, invalid action.
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_cookie_action.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You must specify a at least one action to a cookie on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_no_cookie_name.phpt b/src/tests/broken_configuration_php8/broken_conf_no_cookie_name.phpt
deleted file mode 100644
index 1b2922b..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_no_cookie_name.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken configuration - encrypted cookie with no name
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/config_encrypted_cookies_noname.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You must specify a cookie name/regexp on line 2 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_no_file_specified.phpt b/src/tests/broken_configuration_php8/broken_conf_no_file_specified.phpt
deleted file mode 100644
index cb2d95f..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_no_file_specified.phpt
+++ /dev/null
@@ -1,10 +0,0 @@
--TEST--
-Broken configuration - No configuration file specified
--INI--
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
--FILE--
-<?php echo "1\n"; ?>
--EXPECT--
-Warning: [snuffleupagus][0.0.0.0][config][log] No configuration specificed via sp.configuration_file in Unknown on line 0
-1
diff --git a/src/tests/broken_configuration_php8/broken_conf_nonexisting_script.phpt b/src/tests/broken_configuration_php8/broken_conf_nonexisting_script.phpt
deleted file mode 100644
index 21717a8..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_nonexisting_script.phpt
+++ /dev/null
@@ -1,17 +0,0 @@
--TEST--
-Invalid configuration file for upload
--SKIPIF--
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-file_uploads=1
-sp.configuration_file={PWD}/config/broken_conf_nonexisting_script.ini
--FILE--
-<?php
-echo 1;
-?>
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` (./non_existing_script.sh) doesn't exist on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_quotes.phpt b/src/tests/broken_configuration_php8/broken_conf_quotes.phpt
deleted file mode 100644
index d437669..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_quotes.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration - missing quote
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_quotes.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You forgot to close a bracket. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value '_SERVER[PHP_SELF' for `var` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_readonly_exec.phpt b/src/tests/broken_configuration_php8/broken_conf_readonly_exec.phpt
deleted file mode 100644
index 7e74683..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_readonly_exec.phpt
+++ /dev/null
@@ -1,17 +0,0 @@
--TEST--
-Invalid configuration file for readonly_exec
--SKIPIF--
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-file_uploads=1
-sp.configuration_file={PWD}/config/broken_conf_readonly_exec.ini
--FILE--
-<?php
-echo 1;
-?>
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '234);' at the end of '.enable(1234);' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_samesite.phpt b/src/tests/broken_configuration_php8/broken_conf_samesite.phpt
deleted file mode 100644
index c905fd8..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_samesite.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Bad config, invalid samesite type.
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_cookie_samesite.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] nop is an invalid value to samesite (expected Lax or Strict) on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_session_encryption.phpt b/src/tests/broken_configuration_php8/broken_conf_session_encryption.phpt
deleted file mode 100644
index 886eb13..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_session_encryption.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken config, session encryption
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_session_encryption.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars 'nvalid value :/);' at the end of '.encrypt(invalid value :/);' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_encryption_key.phpt b/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_encryption_key.phpt
deleted file mode 100644
index 62ee41e..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_encryption_key.phpt
+++ /dev/null
@@ -1,15 +0,0 @@
--TEST--
-Broken configuration - encrypted session without encryption key
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_session_encryption_without_encryption_key.ini
--FILE--
--XFAIL--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.secret_key` option in`sp.global`: please set it first in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_env_var.phpt b/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_env_var.phpt
deleted file mode 100644
index 5acc1cd..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_session_encryption_without_env_var.phpt
+++ /dev/null
@@ -1,15 +0,0 @@
--TEST--
-Broken configuration - encrypted session without env var
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_session_encryption_without_env_var.ini
--FILE--
--XFAIL--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] You're trying to use the session cookie encryption feature on line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_shown_in_phpinfo.phpt b/src/tests/broken_configuration_php8/broken_conf_shown_in_phpinfo.phpt
deleted file mode 100644
index 2503943..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_shown_in_phpinfo.phpt
+++ /dev/null
@@ -1,27 +0,0 @@
--TEST--
-Broken configuration
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_config_regexp.ini
--FILE--
-<?php
-ob_start();
-phpinfo();
-$info = ob_get_clean();
-ob_get_clean();
-if (strstr($info, 'Valid config => no') !== FALSE) {
-        echo "win";
-} else {
-        echo "lose";
-}
-?>
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '*.': %s on line 1. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '.filename_r()' is expecting a valid regexp, and not '"*."' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_truncated.phpt b/src/tests/broken_configuration_php8/broken_conf_truncated.phpt
deleted file mode 100644
index 059dcac..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_truncated.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Bad boolean value in configuration
--SKIPIF--
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/config_broken_conf_truncated.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_unserialize.phpt b/src/tests/broken_configuration_php8/broken_conf_unserialize.phpt
deleted file mode 100644
index 327b622..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_unserialize.phpt
+++ /dev/null
@@ -1,17 +0,0 @@
--TEST--
-Invalid configuration file for unserialize
--SKIPIF--
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-file_uploads=1
-sp.configuration_file={PWD}/config/broken_conf_unserialize.ini
--FILE--
-<?php
-echo 1;
-?>
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '234);' at the end of '.enable(1234);' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_upload_validation.phpt b/src/tests/broken_configuration_php8/broken_conf_upload_validation.phpt
deleted file mode 100644
index 9edede6..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_upload_validation.phpt
+++ /dev/null
@@ -1,17 +0,0 @@
--TEST--
-Invalid configuration file for upload validation
--SKIPIF--
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-file_uploads=1
-sp.configuration_file={PWD}/config/borken_conf_upload_validation.ini
--FILE--
-<?php
-echo 1;
-?>
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] A valid string as parameter is expected on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_weird_keyword.phpt b/src/tests/broken_configuration_php8/broken_conf_weird_keyword.phpt
deleted file mode 100644
index 75c2e0e..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_weird_keyword.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Bad config, unknown keyword
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_weird_keyword.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '.not_a_valid_keyword("test");' at the end of '.enable().not_a_valid_keyword("test");' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_wrapper_whitelist.phpt b/src/tests/broken_configuration_php8/broken_conf_wrapper_whitelist.phpt
deleted file mode 100644
index 0011a6e..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_wrapper_whitelist.phpt
+++ /dev/null
@@ -1,18 +0,0 @@
--TEST--
-Broken configuration with invalid token for wrapper whitelist
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_wrapper_whitelist.ini
-sp.allow_broken_configuration=Off
--FILE--
-<?php
-echo 1337;
-?>
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Trailing chars '.invalid_param();' at the end of '.invalid_param();' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_wrong_quotes.phpt b/src/tests/broken_configuration_php8/broken_conf_wrong_quotes.phpt
deleted file mode 100644
index b073369..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_wrong_quotes.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Configuration line with too many quotes
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_wrong_quotes.ini
--FILE--
--EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] There is an issue with the parsing of '"\)': it doesn't look like a valid string on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_conf_wrong_type.phpt b/src/tests/broken_configuration_php8/broken_conf_wrong_type.phpt
deleted file mode 100644
index 1f1cead..0000000
--- a/src/tests/broken_configuration_php8/broken_conf_wrong_type.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Broken conf with wrong type
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_conf_wrong_type.ini
--FILE--
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][error][log] .ret_type() is expecting a valid php type ('false', 'true', 'array'. 'object', 'long', 'double', 'null', 'resource', 'reference', 'undef') on line 5 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_invalid_client_ip4.phpt b/src/tests/broken_configuration_php8/broken_invalid_client_ip4.phpt
deleted file mode 100644
index a96b059..0000000
--- a/src/tests/broken_configuration_php8/broken_invalid_client_ip4.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Invalid client IP
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
--ENV--
-return <<<EOF
-REMOTE_ADDR=xyz
-EOF;
--INI--
-sp.configuration_file={PWD}/config/disabled_functions_cidr.ini
--FILE--
-<?php
-strpos("1337", "1");
-?>
--EXPECTF--
-Fatal error: [snuffleupagus][xyz][cidr_match][log] Weird ip (xyz) family in %a/broken_invalid_client_ip4.php on line 2
-\ No newline at end of file
diff --git a/src/tests/broken_configuration_php8/broken_regexp.phpt b/src/tests/broken_configuration_php8/broken_regexp.phpt
deleted file mode 100644
index 877f801..0000000
--- a/src/tests/broken_configuration_php8/broken_regexp.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken regexp
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/broken_regexp.ini
--FILE--
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to compile '^$[': missing terminating ] for character class on line 1. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] '.value_r()' is expecting a valid regexp, and not '"^$["' on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/broken_unmatching_brackets.phpt b/src/tests/broken_configuration_php8/broken_unmatching_brackets.phpt
deleted file mode 100644
index d143cbd..0000000
--- a/src/tests/broken_configuration_php8/broken_unmatching_brackets.phpt
+++ /dev/null
@@ -1,16 +0,0 @@
--TEST--
-Broken configuration - unmatching brackets
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/config_unmatching_brackets.ini
--FILE--
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid `]` position. in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid value 'arr[b]]]]]' for `param` on line 1 in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/broken_configuration_php8/config/borken_conf_enable_disable.ini b/src/tests/broken_configuration_php8/config/borken_conf_enable_disable.ini
deleted file mode 100644
index 4e95294..0000000
--- a/src/tests/broken_configuration_php8/config/borken_conf_enable_disable.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.global_strict.disable().enable();
diff --git a/src/tests/broken_configuration_php8/config/borken_conf_upload_validation.ini b/src/tests/broken_configuration_php8/config/borken_conf_upload_validation.ini
deleted file mode 100644
index 7c94185..0000000
--- a/src/tests/broken_configuration_php8/config/borken_conf_upload_validation.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.upload_validation.script(
diff --git a/src/tests/broken_configuration_php8/config/broken_conf.ini b/src/tests/broken_configuration_php8/config/broken_conf.ini
deleted file mode 100644
index 0595320..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf.ini
+++ /dev/null
@@ -1 +0,0 @@
-this is a broken line
diff --git a/src/tests/broken_configuration_php8/config/broken_conf2.ini b/src/tests/broken_configuration_php8/config/broken_conf2.ini
deleted file mode 100644
index fdb6b8f..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf2.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.wrong
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_action.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_action.ini
deleted file mode 100644
index 5f07c28..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_cookie_action.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.cookie.name("my_cookie_name");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_encryption_key.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_encryption_key.ini
deleted file mode 100644
index a100bd8..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_encryption_key.ini
+++ /dev/null
@@ -1,2 +0,0 @@
-sp.global.cookie_env_var("MY_SUPER_ENV_VAR_YAY");
-sp.cookie.name("my_cookie_name").encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_env_var.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_env_var.ini
deleted file mode 100644
index 54cb101..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_cookie_encryption_without_env_var.ini
+++ /dev/null
@@ -1,2 +0,0 @@
-sp.global.secret_key("super secret encryption key");
-sp.cookie.name("my_cookie_name").encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_name_and_regexp.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_name_and_regexp.ini
deleted file mode 100644
index 503889b..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_cookie_name_and_regexp.ini
+++ /dev/null
@@ -1,2 +0,0 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
-sp.cookie.name("my_cookie_name").name_r("my_cookie_regexp").encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_cookie_samesite.ini b/src/tests/broken_configuration_php8/config/broken_conf_cookie_samesite.ini
deleted file mode 100644
index acc4aa0..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_cookie_samesite.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.cookie.name("my_cookie_name").samesite("nop");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_eval.ini b/src/tests/broken_configuration_php8/config/broken_conf_eval.ini
deleted file mode 100644
index 80ef7e5..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_eval.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.eval_blacklist.list("cos,sin
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_expecting_bool.ini b/src/tests/broken_configuration_php8/config/broken_conf_expecting_bool.ini
deleted file mode 100644
index 51c28b2..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_expecting_bool.ini
+++ /dev/null
@@ -1,5 +0,0 @@
-    # this is an example of broken conf
-     ; this is another comment
-sp.harden_random.enable(1337);
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr.ini
deleted file mode 100644
index b1929c1..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").drop().cidr("127.0.0.1/42");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6.ini
deleted file mode 100644
index 5e91faf..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").drop().cidr("2001:0db8:0000:0000:0000:ff00:0042:8329/ZZZ");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_no_slash.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_no_slash.ini
deleted file mode 100644
index 067209f..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_no_slash.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").drop().cidr("2001:0db8:0000:0000:0000:ff00:0042:8329");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_too_big.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_too_big.ini
deleted file mode 100644
index f82b18b..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr6_too_big.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").drop().cidr("2001:0db8:0000:0000:0000:ff00:0042:8329/13337");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr_value.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr_value.ini
deleted file mode 100644
index 06a56bd..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_invalid_cidr_value.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").drop().cidr("
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_filename.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_filename.ini
deleted file mode 100644
index 1be3b51..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_invalid_filename.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("sprintf").filename("wrong file name").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_log_media.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_log_media.ini
deleted file mode 100644
index 9e7cea0..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_invalid_log_media.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.log_media("pouet");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_invalid_type.ini b/src/tests/broken_configuration_php8/config/broken_conf_invalid_type.ini
deleted file mode 100644
index c52994e..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_invalid_type.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("strpos").ret_type("totally_wrong"_type")
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_key_value.ini b/src/tests/broken_configuration_php8/config/broken_conf_key_value.ini
deleted file mode 100644
index a0edaf2..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_key_value.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("").value("").key("").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_line_empty_string.ini b/src/tests/broken_configuration_php8/config/broken_conf_line_empty_string.ini
deleted file mode 100644
index dfa5520..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_line_empty_string.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.cookie.name(
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_line_no_closing.ini b/src/tests/broken_configuration_php8/config/broken_conf_line_no_closing.ini
deleted file mode 100644
index 6a8c922..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_line_no_closing.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.cookie.name("123"
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_1.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_1.ini
deleted file mode 100644
index ae5165c..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_1.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("]").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_10.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_10.ini
deleted file mode 100644
index 93dd07f..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_10.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("asd[asd]asd").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_11.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_11.ini
deleted file mode 100644
index 028b1bd..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_11.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").param("asd::").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_12.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_12.ini
deleted file mode 100644
index a151960..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_12.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_13.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_13.ini
deleted file mode 100644
index e7c9778..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_13.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("asd->asd").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_14.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_14.ini
deleted file mode 100644
index 6c98ec3..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_14.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("$i+valid var name ").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_15.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_15.ini
deleted file mode 100644
index a8dc5a4..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_15.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("$i$$!@#->qwe").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_16.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_16.ini
deleted file mode 100644
index 550719b..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_16.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("\"").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_2.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_2.ini
deleted file mode 100644
index 145a3b5..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_2.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("\"\"asd").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_3.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_3.ini
deleted file mode 100644
index 5d89076..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_3.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("\$qwe->::").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_4.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_4.ini
deleted file mode 100644
index 3ec073b..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_4.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("\"asd\"asd[]").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_5.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_5.ini
deleted file mode 100644
index cd350b6..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_5.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("'asd'asd[]").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_6.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_6.ini
deleted file mode 100644
index 02f4f1a..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_6.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("''asd").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_7.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_7.ini
deleted file mode 100644
index abbd223..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_7.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("asd-->").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_8.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_8.ini
deleted file mode 100644
index fd18487..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_8.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("asd[asd]\"asd\"").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_local_var_9.ini b/src/tests/broken_configuration_php8/config/broken_conf_local_var_9.ini
deleted file mode 100644
index a311b86..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_local_var_9.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").var("asd[asd]\'asd\'").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_lots_of_quotes.ini b/src/tests/broken_configuration_php8/config/broken_conf_lots_of_quotes.ini
deleted file mode 100644
index 189a10d..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_lots_of_quotes.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.cookie.name("this\"is a weird\"\"\"cookie\"name"");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_missing_script.ini b/src/tests/broken_configuration_php8/config/broken_conf_missing_script.ini
deleted file mode 100644
index a46f590..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_missing_script.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.upload_validation.enable();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive.ini
deleted file mode 100644
index 7ea483f..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").param("id").value("42").value_r("^id$").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive10.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive10.ini
deleted file mode 100644
index da8426e..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive10.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.readonly_exec.enable().disable();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive11.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive11.ini
deleted file mode 100644
index cab163f..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive11.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("strcmp").drop().ret("hip").var("hop");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive12.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive12.ini
deleted file mode 100644
index fe140db..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive12.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("strcmp").drop().ret("hip").value("hop");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive2.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive2.ini
deleted file mode 100644
index 3ff3ca7..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive2.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").function_r("system").param("id").value("42").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive3.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive3.ini
deleted file mode 100644
index f4f7604..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive3.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").param("id").value("42").filename_r("^id$").filename("pouet.txt").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive4.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive4.ini
deleted file mode 100644
index c38a727..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive4.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").param("id").value("42").param_r("^id$").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive5.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive5.ini
deleted file mode 100644
index 254b2a3..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive5.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").ret("0").drop().ret_r("^0$");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive6.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive6.ini
deleted file mode 100644
index 7c6712c..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive6.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").param("id").value("42").ret_r("^0$").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive7.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive7.ini
deleted file mode 100644
index feb3486..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive7.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("system").ret("0").drop().allow();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive8.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive8.ini
deleted file mode 100644
index c9c9ea2..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive8.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.ret("0").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive9.ini b/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive9.ini
deleted file mode 100644
index 7bf6a62..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_mutually_exclusive9.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.unserialize_hmac.enable().disable();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_nonexisting_script.ini b/src/tests/broken_configuration_php8/config/broken_conf_nonexisting_script.ini
deleted file mode 100644
index 8327438..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_nonexisting_script.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.upload_validation.enable().script("./non_existing_script.sh");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_quotes.ini b/src/tests/broken_configuration_php8/config/broken_conf_quotes.ini
deleted file mode 100644
index eac8739..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_quotes.ini
+++ /dev/null
@@ -1,3 +0,0 @@
-sp.disable_function.function("system").filename("/static_pages/index.php").var("_SERVER[PHP_SELF").value_r("\"").drop().alias("XSS");
-sp.disable_function.filename("include/imageobject_im.class.php").function("exec").var("CONFIG[im_options]).value_r("[^a-z0-9]").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_readonly_exec.ini b/src/tests/broken_configuration_php8/config/broken_conf_readonly_exec.ini
deleted file mode 100644
index 9e11313..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_readonly_exec.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.readonly_exec.enable(1234);
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption.ini b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption.ini
deleted file mode 100644
index 66b7956..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.session.encrypt(invalid value :/);
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_encryption_key.ini b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_encryption_key.ini
deleted file mode 100644
index 2b6f674..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_encryption_key.ini
+++ /dev/null
@@ -1,2 +0,0 @@
-sp.global.cookie_env_var("MY_SUPER_ENV_VAR_YAY");
-sp.session.encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_env_var.ini b/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_env_var.ini
deleted file mode 100644
index 43caf4a..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_session_encryption_without_env_var.ini
+++ /dev/null
@@ -1,2 +0,0 @@
-sp.global.secret_key("super secret key, shhhh");
-sp.session.encrypt();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_to_few_args.ini b/src/tests/broken_configuration_php8/config/broken_conf_to_few_args.ini
deleted file mode 100644
index 89e19be..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_to_few_args.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.harden_random.enable();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_unserialize.ini b/src/tests/broken_configuration_php8/config/broken_conf_unserialize.ini
deleted file mode 100644
index 9cdc9a6..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_unserialize.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.unserialize_hmac.enable(1234);
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_weird_keyword.ini b/src/tests/broken_configuration_php8/config/broken_conf_weird_keyword.ini
deleted file mode 100644
index bf5e7f5..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_weird_keyword.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.harden_random.enable().not_a_valid_keyword("test");
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_wrapper_whitelist.ini b/src/tests/broken_configuration_php8/config/broken_conf_wrapper_whitelist.ini
deleted file mode 100644
index b8e08a8..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_wrapper_whitelist.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.wrappers_whitelist.invalid_param();
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_wrong_quotes.ini b/src/tests/broken_configuration_php8/config/broken_conf_wrong_quotes.ini
deleted file mode 100644
index ff41f93..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_wrong_quotes.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.cookie.name("\)
diff --git a/src/tests/broken_configuration_php8/config/broken_conf_wrong_type.ini b/src/tests/broken_configuration_php8/config/broken_conf_wrong_type.ini
deleted file mode 100644
index b2943db..0000000
--- a/src/tests/broken_configuration_php8/config/broken_conf_wrong_type.ini
+++ /dev/null
@@ -1,5 +0,0 @@
-sp.disable_function.function("strpos").ret_type("undef").drop().alias("Return value is undef");
-sp.disable_function.function("strpos").ret_type("null").drop().alias("Return value is null");
-sp.disable_function.function("strpos").ret_type("object").drop().alias("Return value is object");
-sp.disable_function.function("strpos").ret_type("reference").drop().alias("Return value is reference");
-sp.disable_function.function("strpos").ret_type("totally_wrong_type").drop().alias("Return value is FALSE");
diff --git a/src/tests/broken_configuration_php8/config/broken_config_regexp.ini b/src/tests/broken_configuration_php8/config/broken_config_regexp.ini
deleted file mode 100644
index 62bed11..0000000
--- a/src/tests/broken_configuration_php8/config/broken_config_regexp.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function_r("^system$").filename_r("*.").drop();
diff --git a/src/tests/broken_configuration_php8/config/broken_config_regexp_no_closing_paren.ini b/src/tests/broken_configuration_php8/config/broken_config_regexp_no_closing_paren.ini
deleted file mode 100644
index 93e150b..0000000
--- a/src/tests/broken_configuration_php8/config/broken_config_regexp_no_closing_paren.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function_r("^system$").drop().filename_r("*."
diff --git a/src/tests/broken_configuration_php8/config/broken_regexp.ini b/src/tests/broken_configuration_php8/config/broken_regexp.ini
deleted file mode 100644
index 8e4bf69..0000000
--- a/src/tests/broken_configuration_php8/config/broken_regexp.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("AwesomeClass::method3").param("a").drop().value_r("^$[");
diff --git a/src/tests/broken_configuration_php8/config/config_broken_conf_truncated.ini b/src/tests/broken_configuration_php8/config/config_broken_conf_truncated.ini
deleted file mode 100644
index bf05dfb..0000000
--- a/src/tests/broken_configuration_php8/config/config_broken_conf_truncated.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("").param(no quote, omg!
diff --git a/src/tests/broken_configuration_php8/config/config_encrypted_cookies_noname.ini b/src/tests/broken_configuration_php8/config/config_encrypted_cookies_noname.ini
deleted file mode 100644
index 048e404..0000000
--- a/src/tests/broken_configuration_php8/config/config_encrypted_cookies_noname.ini
+++ /dev/null
@@ -1,3 +0,0 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
-sp.cookie.name("").encrypt();
-sp.auto_cookie_secure.enable();
diff --git a/src/tests/broken_configuration_php8/config/config_encrypted_regexp_cookies_bad_regexp.ini b/src/tests/broken_configuration_php8/config/config_encrypted_regexp_cookies_bad_regexp.ini
deleted file mode 100644
index 4fe92fd..0000000
--- a/src/tests/broken_configuration_php8/config/config_encrypted_regexp_cookies_bad_regexp.ini
+++ /dev/null
@@ -1,3 +0,0 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
-sp.cookie.name_r("^super_co[a-z+$").encrypt();
-sp.auto_cookie_secure.enable();
diff --git a/src/tests/broken_configuration_php8/config/config_unmatching_brackets.ini b/src/tests/broken_configuration_php8/config/config_unmatching_brackets.ini
deleted file mode 100644
index 45fa4fe..0000000
--- a/src/tests/broken_configuration_php8/config/config_unmatching_brackets.ini
+++ /dev/null
@@ -1 +0,0 @@
-sp.disable_function.function("foo").param("arr[b]]]]]").value("aaa").alias("4").drop();
diff --git a/src/tests/broken_configuration_php8/config/disabled_functions_cidr.ini b/src/tests/broken_configuration_php8/config/disabled_functions_cidr.ini
deleted file mode 100644
index f69ce07..0000000
--- a/src/tests/broken_configuration_php8/config/disabled_functions_cidr.ini
+++ /dev/null
@@ -1,9 +0,0 @@
-sp.disable_function.function("system").drop().cidr("2001:ab9:a::123/64");
-sp.disable_function.function("system").drop().cidr("192.168.0.1/16");
-sp.disable_function.function("system").drop().cidr("127.0.0.1/8");
-sp.disable_function.function("printf").drop().cidr("10.0.0.1/8");
-sp.disable_function.function("strpos").drop().cidr("127.0.0.2/4");
-sp.disable_function.function("strpos").drop().cidr("::ffff:192.0.2.128/128");
-sp.disable_function.function("strpos").drop().cidr("2001:ab9:a::123/64");
-sp.disable_function.function("strpos").drop().cidr("2001:0db8:f000:f000:f000:ff00:0042:8329/124");
-sp.disable_function.function("printf").drop().cidr("2002:0db8:0000:0000:0000:ff00:0042:8329/24");
diff --git a/src/tests/broken_configuration_php8/encrypt_regexp_cookies_bad_regexp.phpt b/src/tests/broken_configuration_php8/encrypt_regexp_cookies_bad_regexp.phpt
deleted file mode 100644
index 7a8c909..0000000
--- a/src/tests/broken_configuration_php8/encrypt_regexp_cookies_bad_regexp.phpt
+++ /dev/null
@@ -1,22 +0,0 @@
--TEST--
-Cookie decryption in ipv4
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/config_encrypted_regexp_cookies_bad_regexp.ini
-error_reporting=1
--COOKIE--
-super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM=;awful_cookie=awful_cookie_value;
--ENV--
-return <<<EOF
-REMOTE_ADDR=127.0.0.1
-HTTP_USER_AGENT=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/59.0.3071.109 Chrome/59.0.3071.109 Safari/537.36
-EOF;
--FILE--
-<?php var_dump($_COOKIE); ?>
--EXPECT--
-Fatal error: [snuffleupagus][127.0.0.1][config][log] Invalid configuration file in Unknown on line 0
-Fatal error: [snuffleupagus][127.0.0.1][config][log] Failed to compile '^super_co[a-z+$': missing terminating ] for character class on line 2. in Unknown on line 0
-Fatal error: [snuffleupagus][127.0.0.1][config][log] '.name_r()' is expecting a valid regexp, and not '"^super_co[a-z+$"' on line 2 in Unknown on line 0
diff --git a/src/tests/config/config_samesite_cookies.ini b/src/tests/config/config_samesite_cookies.ini
index 1ca498a..627ff3e 100644
--- a/src/tests/config/config_samesite_cookies.ini
+++ b/src/tests/config/config_samesite_cookies.ini
@@ -1,4 +1,4 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name("super_cookie").samesite("Lax");
 sp.cookie.name("awful_cookie").samesite("strict").encrypt();
 sp.cookie.name("nice_cookie").samesite("STRICT").encrypt();
diff --git a/src/tests/config/phplog.ini b/src/tests/config/phplog.ini
index 4eaa287..7126996 100644
--- a/src/tests/config/phplog.ini
+++ b/src/tests/config/phplog.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable();
 sp.log_media("php");
diff --git a/src/tests/config/sid_length_limit.ini b/src/tests/config/sid_length_limit.ini
new file mode 100644
index 0000000..f6ef335
--- /dev/null
+++ b/src/tests/config/sid_length_limit.ini
@@ -0,0 +1 @@
+sp.session.sid_min_length("10").sid_max_length("32");
+\ No newline at end of file
diff --git a/src/tests/config/syslog.ini b/src/tests/config/syslog.ini
index 17dce05..2210975 100644
--- a/src/tests/config/syslog.ini
+++ b/src/tests/config/syslog.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable();
 sp.log_media("syslog");
diff --git a/src/tests/config/syslog_simulation.ini b/src/tests/config/syslog_simulation.ini
index bb52850..4100444 100644
--- a/src/tests/config/syslog_simulation.ini
+++ b/src/tests/config/syslog_simulation.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable().simulation();
 sp.log_media("syslog");
diff --git a/src/tests/cookies_encryption/config/config_encrypted_cookies.ini b/src/tests/cookies_encryption/config/config_encrypted_cookies.ini
index 4b50440..2d82478 100644
--- a/src/tests/cookies_encryption/config/config_encrypted_cookies.ini
+++ b/src/tests/cookies_encryption/config/config_encrypted_cookies.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name("super_cookie").encrypt();
 sp.auto_cookie_secure.enable();
diff --git a/src/tests/cookies_encryption/config/config_encrypted_cookies_empty_env.ini b/src/tests/cookies_encryption/config/config_encrypted_cookies_empty_env.ini
index 8368d65..311e0ca 100644
--- a/src/tests/cookies_encryption/config/config_encrypted_cookies_empty_env.ini
+++ b/src/tests/cookies_encryption/config/config_encrypted_cookies_empty_env.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef").cookie_env_var("SUPER_ENV_VAR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("SUPER_ENV_VAR");
 sp.cookie.name("super_cookie").encrypt();
diff --git a/src/tests/cookies_encryption/config/config_encrypted_cookies_simulation.ini b/src/tests/cookies_encryption/config/config_encrypted_cookies_simulation.ini
index 32e24a1..f4f9acc 100644
--- a/src/tests/cookies_encryption/config/config_encrypted_cookies_simulation.ini
+++ b/src/tests/cookies_encryption/config/config_encrypted_cookies_simulation.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name("super_cookie").encrypt().simulation();
 sp.auto_cookie_secure.enable();
diff --git a/src/tests/cookies_encryption/config/config_encrypted_regexp_cookies.ini b/src/tests/cookies_encryption/config/config_encrypted_regexp_cookies.ini
index 8ea77f7..b6fc8b7 100644
--- a/src/tests/cookies_encryption/config/config_encrypted_regexp_cookies.ini
+++ b/src/tests/cookies_encryption/config/config_encrypted_regexp_cookies.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name_r("^super_co[a-z]+$").encrypt();
 sp.auto_cookie_secure.enable();
diff --git a/src/tests/cookies_encryption/config/config_encrypted_regexp_cookies_empty_env.ini b/src/tests/cookies_encryption/config/config_encrypted_regexp_cookies_empty_env.ini
index da84df7..43f6f94 100644
--- a/src/tests/cookies_encryption/config/config_encrypted_regexp_cookies_empty_env.ini
+++ b/src/tests/cookies_encryption/config/config_encrypted_regexp_cookies_empty_env.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name_r("^super_coo[a-z]+$").encrypt();
diff --git a/src/tests/cookies_encryption/config/encryption_key_only.ini b/src/tests/cookies_encryption/config/encryption_key_only.ini
index 7de4438..e107f15 100644
--- a/src/tests/cookies_encryption/config/encryption_key_only.ini
+++ b/src/tests/cookies_encryption/config/encryption_key_only.ini
@@ -1 +1 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
diff --git a/src/tests/cookies_encryption/encrypt_cookies.phpt b/src/tests/cookies_encryption/encrypt_cookies.phpt
index 49587b7..21ec0ed 100644
--- a/src/tests/cookies_encryption/encrypt_cookies.phpt
+++ b/src/tests/cookies_encryption/encrypt_cookies.phpt
@@ -5,7 +5,7 @@ Cookie decryption in ipv4
 --INI--
 sp.configuration_file={PWD}/config/config_encrypted_cookies.ini
 --COOKIE--
-super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM=;awful_cookie=awful_cookie_value;
+super_cookie=IpRZV4rivSjANrEOSxINd%2FdFe17giJgaAAAAAAAAAAAAAAAAAAAAALnmBVs%2BTILKxauHeGcUyJpR%2BX2UiZ6OamUTaWc=;awful_cookie=awful_cookie_value;
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
diff --git a/src/tests/cookies_encryption/encrypt_cookies3.phpt b/src/tests/cookies_encryption/encrypt_cookies3.phpt
index beb4efb..f5cadcb 100644
--- a/src/tests/cookies_encryption/encrypt_cookies3.phpt
+++ b/src/tests/cookies_encryption/encrypt_cookies3.phpt
@@ -5,7 +5,7 @@ Cookie decryption with ipv6
 --INI--
 sp.configuration_file={PWD}/config/config_encrypted_regexp_cookies.ini
 --COOKIE--
-super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABM84SCotZTpP6b27Lr5lavORPMvqaKpcUahvxw=;awful_cookie=awful_cookie_value;
+super_cookie=eFXrR4GCQtT4Q7%2FLRVtDBH44aMC4hI33AAAAAAAAAAAAAAAAAAAAAGrtoM2Mltxj8%2B9dELwitKN42C8ZE1kYX%2BKWwjM%3D;awful_cookie=awful_cookie_value;
 --ENV--
 return <<<EOF
 REMOTE_ADDR=2001:0db8:0000:0000:0000:fe00:0042:8329
diff --git a/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption2.phpt b/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption2.phpt
index 5ec6af5..0c8d024 100644
--- a/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption2.phpt
+++ b/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption2.phpt
@@ -16,4 +16,4 @@ EOF;
 --FILE--
 <?php var_dump($_COOKIE); ?>
 --EXPECT--
-Fatal error: [snuffleupagus][127.0.0.1][cookie_encryption][drop] Buffer underflow tentative detected in cookie encryption handling in Unknown on line 0
-\ No newline at end of file
+Fatal error: [snuffleupagus][127.0.0.1][cookie_encryption][drop] Buffer underflow (tentative) detected in cookie encryption handling in Unknown on line 0
+\ No newline at end of file
diff --git a/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption_short_cookie.phpt b/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption_short_cookie.phpt
index 00a2cec..53f4f3f 100644
--- a/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption_short_cookie.phpt
+++ b/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption_short_cookie.phpt
@@ -16,7 +16,7 @@ EOF;
 --FILE--
 <?php var_dump($_COOKIE); ?>
 --EXPECT--
-Warning: [snuffleupagus][127.0.0.1][cookie_encryption][simulation] Buffer underflow tentative detected in cookie encryption handling for super_cookie. Using the cookie 'as it' instead of decrypting it in Unknown on line 0
+Warning: [snuffleupagus][127.0.0.1][cookie_encryption][simulation] Buffer underflow tentative detected in cookie encryption handling for super_cookie. Using the cookie 'as is' instead of decrypting it in Unknown on line 0
 array(2) {
  ["super_cookie"]=>
  string(3) "AAA"
diff --git a/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption_simulation.phpt b/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption_simulation.phpt
index 4d8e18d..eefa507 100644
--- a/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption_simulation.phpt
+++ b/src/tests/cookies_encryption/encrypt_cookies_invalid_decryption_simulation.phpt
@@ -18,7 +18,7 @@ EOF;
 echo "1337\n";
 var_dump($_COOKIE); ?>
 --EXPECT--
-Warning: [snuffleupagus][127.0.0.1][cookie_encryption][simulation] Something went wrong with the decryption of super_cookie. Using the cookie 'as it' instead of decrypting it in Unknown on line 0
+Warning: [snuffleupagus][127.0.0.1][cookie_encryption][simulation] Something went wrong with the decryption of super_cookie. Using the cookie 'as is' instead of decrypting it in Unknown on line 0
 1337
 array(2) {
  ["super_cookie"]=>
diff --git a/src/tests/cookies_encryption/encrypt_regexp_cookies.phpt b/src/tests/cookies_encryption/encrypt_regexp_cookies.phpt
index da44855..41c4f2a 100644
--- a/src/tests/cookies_encryption/encrypt_regexp_cookies.phpt
+++ b/src/tests/cookies_encryption/encrypt_regexp_cookies.phpt
@@ -5,7 +5,7 @@ Cookie decryption in ipv4
 --INI--
 sp.configuration_file={PWD}/config/config_encrypted_regexp_cookies.ini
 --COOKIE--
-super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP3gV9YJZL/pUeNAjCKFW0U2ywmf1CwHzwd2pWM=;awful_cookie=awful_cookie_value;
+super_cookie=IpRZV4rivSjANrEOSxINd%2FdFe17giJgaAAAAAAAAAAAAAAAAAAAAALnmBVs%2BTILKxauHeGcUyJpR%2BX2UiZ6OamUTaWc=;awful_cookie=awful_cookie_value;
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
diff --git a/src/tests/cookies_encryption/encrypt_regexp_cookies3.phpt b/src/tests/cookies_encryption/encrypt_regexp_cookies3.phpt
index beb4efb..09f0a75 100644
--- a/src/tests/cookies_encryption/encrypt_regexp_cookies3.phpt
+++ b/src/tests/cookies_encryption/encrypt_regexp_cookies3.phpt
@@ -5,7 +5,7 @@ Cookie decryption with ipv6
 --INI--
 sp.configuration_file={PWD}/config/config_encrypted_regexp_cookies.ini
 --COOKIE--
-super_cookie=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABM84SCotZTpP6b27Lr5lavORPMvqaKpcUahvxw=;awful_cookie=awful_cookie_value;
+super_cookie=mzOxoJ9o9Y83iYX15DkJmYrW%2FrJfyB2SAAAAAAAAAAAAAAAAAAAAAKe5DegjtjwoFZirOY4LO6jSlqtZdF%2FUMriwn8w=;awful_cookie=awful_cookie_value;
 --ENV--
 return <<<EOF
 REMOTE_ADDR=2001:0db8:0000:0000:0000:fe00:0042:8329
diff --git a/src/tests/cookies_encryption/encrypt_regexp_cookies_empty_env.phpt b/src/tests/cookies_encryption/encrypt_regexp_cookies_empty_env.phpt
index 53f2eba..1886cfc 100644
--- a/src/tests/cookies_encryption/encrypt_regexp_cookies_empty_env.phpt
+++ b/src/tests/cookies_encryption/encrypt_regexp_cookies_empty_env.phpt
@@ -16,4 +16,4 @@ EOF;
 --FILE--
 <?php echo "1\n\n\n\n\n"; ?>
 --EXPECT--
-Fatal error: [snuffleupagus][0.0.0.0][cookie_encryption][drop] Buffer underflow tentative detected in cookie encryption handling in Unknown on line 0
-\ No newline at end of file
+Fatal error: [snuffleupagus][0.0.0.0][cookie_encryption][drop] Buffer underflow (tentative) detected in cookie encryption handling in Unknown on line 0
+\ No newline at end of file
diff --git a/src/tests/cookies_encryption/encrypt_regexp_cookies_invalid_decryption2.phpt b/src/tests/cookies_encryption/encrypt_regexp_cookies_invalid_decryption2.phpt
index 29444dc..d86433e 100644
--- a/src/tests/cookies_encryption/encrypt_regexp_cookies_invalid_decryption2.phpt
+++ b/src/tests/cookies_encryption/encrypt_regexp_cookies_invalid_decryption2.phpt
@@ -16,4 +16,4 @@ EOF;
 --FILE--
 <?php var_dump($_COOKIE); ?>
 --EXPECT--
-Fatal error: [snuffleupagus][127.0.0.1][cookie_encryption][drop] Buffer underflow tentative detected in cookie encryption handling in Unknown on line 0
-\ No newline at end of file
+Fatal error: [snuffleupagus][127.0.0.1][cookie_encryption][drop] Buffer underflow (tentative) detected in cookie encryption handling in Unknown on line 0
+\ No newline at end of file
diff --git a/src/tests/cookies_encryption_warning/config/encrypt_cookies_no_env.ini b/src/tests/cookies_encryption_warning/config/encrypt_cookies_no_env.ini
index 845bd02..b72b311 100644
--- a/src/tests/cookies_encryption_warning/config/encrypt_cookies_no_env.ini
+++ b/src/tests/cookies_encryption_warning/config/encrypt_cookies_no_env.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.cookie.name("super_cookie").encrypt();
diff --git a/src/tests/cookies_encryption_warning/config/encrypt_regexp_cookies_no_env.ini b/src/tests/cookies_encryption_warning/config/encrypt_regexp_cookies_no_env.ini
index 0e1fa30..d4c4535 100644
--- a/src/tests/cookies_encryption_warning/config/encrypt_regexp_cookies_no_env.ini
+++ b/src/tests/cookies_encryption_warning/config/encrypt_regexp_cookies_no_env.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.cookie.name_r("^super_co[a-z]+$").encrypt();
diff --git a/src/tests/cookies_encryption_warning/encrypt_cookies_no_env.phpt b/src/tests/cookies_encryption_warning/encrypt_cookies_no_env.phpt
index 015c159..b31bf78 100644
--- a/src/tests/cookies_encryption_warning/encrypt_cookies_no_env.phpt
+++ b/src/tests/cookies_encryption_warning/encrypt_cookies_no_env.phpt
@@ -18,4 +18,4 @@ EOF;
 --EXPECT--
 Fatal error: [snuffleupagus][127.0.0.1][config][log] Invalid configuration file in Unknown on line 0
-Fatal error: [snuffleupagus][127.0.0.1][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
+Fatal error: [snuffleupagus][127.0.0.1][config][log] You're trying to use the cookie encryption feature on line 2 without having set the `.cookie_env_var` option in `sp.global`: please set it first in Unknown on line 0
diff --git a/src/tests/cookies_encryption_warning/encrypt_cookies_no_key.phpt b/src/tests/cookies_encryption_warning/encrypt_cookies_no_key.phpt
index 42f5509..c47389c 100644
--- a/src/tests/cookies_encryption_warning/encrypt_cookies_no_key.phpt
+++ b/src/tests/cookies_encryption_warning/encrypt_cookies_no_key.phpt
@@ -18,4 +18,4 @@ EOF;
 --EXPECT--
 Fatal error: [snuffleupagus][127.0.0.1][config][log] Invalid configuration file in Unknown on line 0
-Fatal error: [snuffleupagus][127.0.0.1][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.encryption_key` option in`sp.global`: please set it first in Unknown on line 0
+Fatal error: [snuffleupagus][127.0.0.1][config][log] You're trying to use the cookie encryption feature on line 2 without having set the `.secret_key` option in `sp.global`: please set it first in Unknown on line 0
diff --git a/src/tests/cookies_encryption_warning/encrypt_regexp_cookies_no_env.phpt b/src/tests/cookies_encryption_warning/encrypt_regexp_cookies_no_env.phpt
index 163cb26..d4b7e6a 100644
--- a/src/tests/cookies_encryption_warning/encrypt_regexp_cookies_no_env.phpt
+++ b/src/tests/cookies_encryption_warning/encrypt_regexp_cookies_no_env.phpt
@@ -18,4 +18,4 @@ EOF;
 --EXPECT--
 Fatal error: [snuffleupagus][127.0.0.1][config][log] Invalid configuration file in Unknown on line 0
-Fatal error: [snuffleupagus][127.0.0.1][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.cookie_env_var` option in`sp.global`: please set it first in Unknown on line 0
+Fatal error: [snuffleupagus][127.0.0.1][config][log] You're trying to use the cookie encryption feature on line 2 without having set the `.cookie_env_var` option in `sp.global`: please set it first in Unknown on line 0
diff --git a/src/tests/cookies_encryption_warning/encrypt_regexp_cookies_no_key.phpt b/src/tests/cookies_encryption_warning/encrypt_regexp_cookies_no_key.phpt
index df31f2e..0da0dbe 100644
--- a/src/tests/cookies_encryption_warning/encrypt_regexp_cookies_no_key.phpt
+++ b/src/tests/cookies_encryption_warning/encrypt_regexp_cookies_no_key.phpt
@@ -18,4 +18,4 @@ EOF;
 --EXPECT--
 Fatal error: [snuffleupagus][127.0.0.1][config][log] Invalid configuration file in Unknown on line 0
-Fatal error: [snuffleupagus][127.0.0.1][config][log] You're trying to use the cookie encryption featureon line 2 without having set the `.encryption_key` option in`sp.global`: please set it first in Unknown on line 0
+Fatal error: [snuffleupagus][127.0.0.1][config][log] You're trying to use the cookie encryption feature on line 2 without having set the `.secret_key` option in `sp.global`: please set it first in Unknown on line 0
diff --git a/src/tests/cookies_php8/config/config_encrypted_cookies.ini b/src/tests/cookies_php8/config/config_encrypted_cookies.ini
index 4b50440..2d82478 100644
--- a/src/tests/cookies_php8/config/config_encrypted_cookies.ini
+++ b/src/tests/cookies_php8/config/config_encrypted_cookies.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.cookie.name("super_cookie").encrypt();
 sp.auto_cookie_secure.enable();
diff --git a/src/tests/deny_writable/deny_writable_execution_simulation.phpt b/src/tests/deny_writable/deny_writable_execution_simulation.phpt
index d4b8efc..1118dc0 100644
--- a/src/tests/deny_writable/deny_writable_execution_simulation.phpt
+++ b/src/tests/deny_writable/deny_writable_execution_simulation.phpt
@@ -18,7 +18,6 @@ if (TRUE == function_exists("posix_getuid")) {
 ?>
 --INI--
 sp.configuration_file={PWD}/config/config_disable_writable_simulation.ini
--XFAIL--
 --FILE--
 <?php 
 $dir = __DIR__;
diff --git a/src/tests/disable_function/config/disabled_function_excess_args.ini b/src/tests/disable_function/config/disabled_function_excess_args.ini
new file mode 100644
index 0000000..289dc33
--- /dev/null
+++ b/src/tests/disable_function/config/disabled_function_excess_args.ini
@@ -0,0 +1 @@
+sp.disable_function.function("foo_excess_args").pos("3").value("blubb").drop()
diff --git a/src/tests/disable_function/config/disabled_function_log_forging.ini b/src/tests/disable_function/config/disabled_function_log_forging.ini
new file mode 100644
index 0000000..05e9b4b
--- /dev/null
+++ b/src/tests/disable_function/config/disabled_function_log_forging.ini
@@ -0,0 +1 @@
+sp.disable_function.function("foo_log_forging").pos("0").value_r("^x").drop()
diff --git a/src/tests/disable_function/config/disabled_function_named_args.ini b/src/tests/disable_function/config/disabled_function_named_args.ini
new file mode 100644
index 0000000..094bc0d
--- /dev/null
+++ b/src/tests/disable_function/config/disabled_function_named_args.ini
@@ -0,0 +1,12 @@
+sp.disable_function.function("foo_named_args_pos").pos("0").value("bob").drop()
+sp.disable_function.function("foo_named_args_param").param("name").value("bob").drop()
+sp.disable_function.function("foo_named_args_ooo_pos").pos("0").value("bob").drop()
+sp.disable_function.function("foo_named_args_ooo_param").param("name").value("bob").drop()
+sp.disable_function.function("foo_named_args_ooo_opt_pos").pos("2").value("green").drop()
+sp.disable_function.function("foo_named_args_ooo_opt_param").param("color").value("green").drop()
+sp.disable_function.function("foo_named_args_skip_pos").pos("2").value("green").drop()
+sp.disable_function.function("foo_named_args_skip_param").param("color").value("green").drop()
diff --git a/src/tests/disable_function/config/disabled_functions_chmod.ini b/src/tests/disable_function/config/disabled_functions_chmod.ini
index e601900..22b0af2 100644
--- a/src/tests/disable_function/config/disabled_functions_chmod.ini
+++ b/src/tests/disable_function/config/disabled_functions_chmod.ini
@@ -1,4 +1,2 @@
 # PHP7 and below
 sp.disable_function.function("chmod").param("mode").value("511").drop();
-# PHP8
-sp.disable_function.function("chmod").param("permissions").value("511").drop();
diff --git a/src/tests/disable_function/config/disabled_functions_chmod_php8.ini b/src/tests/disable_function/config/disabled_functions_chmod_php8.ini
new file mode 100644
index 0000000..d07dd31
--- /dev/null
+++ b/src/tests/disable_function/config/disabled_functions_chmod_php8.ini
@@ -0,0 +1,2 @@
+# PHP8
+sp.disable_function.function("chmod").param("permissions").value("511").drop();
diff --git a/src/tests/disable_function/config/disabled_functions_extra.ini b/src/tests/disable_function/config/disabled_functions_extra.ini
new file mode 100644
index 0000000..305c4b3
--- /dev/null
+++ b/src/tests/disable_function/config/disabled_functions_extra.ini
@@ -0,0 +1,7 @@
+sp.disable_function.function("shell_exec").pos("0").value("ls").drop();
+sp.disable_function.function("exec").drop();
+sp.disable_function.function("passthru").drop();
+#sp.disable_function.function("system").drop();
+sp.disable_function.function("proc_open").drop();
+sp.disable_function.function("popen").drop();
+sp.disable_function.function("phpinfo").drop();
diff --git a/src/tests/disable_function/config/disabled_functions_pos.ini b/src/tests/disable_function/config/disabled_functions_pos.ini
index f4c1e05..8b12fc6 100644
--- a/src/tests/disable_function/config/disabled_functions_pos.ini
+++ b/src/tests/disable_function/config/disabled_functions_pos.ini
@@ -1,4 +1,4 @@
 sp.disable_function.function("system").pos("1337").value("id").drop();
 sp.disable_function.function("system").pos("0").value("id").drop();
-sp.disable_function.function("system").pos("1").param_type("ARRAY").alias("1").drop();
+sp.disable_function.function("system").pos("0").param_type("ARRAY").alias("1").drop();
 sp.disable_function.function("strtoupper").pos("0").value("id").alias("strlen array").drop();
diff --git a/src/tests/disable_function/disabled_function_excess_args.phpt b/src/tests/disable_function/disabled_function_excess_args.phpt
new file mode 100644
index 0000000..31b3f33
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_excess_args.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with excess arguments
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_excess_args.ini
+--FILE--
+<?php
+function foo_excess_args($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_excess_args("bob", "hi", "green", "blubb");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_excess_args' in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_log_forging.phpt b/src/tests/disable_function/disabled_function_log_forging.phpt
new file mode 100644
index 0000000..fcc37dc
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_log_forging.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions log forging test
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_log_forging.ini
+--FILE--
+<?php
+function foo_log_forging($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_log_forging("x' matched a rule in /etc/passwd on line 1\nFatal error: [snuffleupagus][0.0.0.0][silly_error][drop] secondary problem '<script>alert('0wned!');</script>");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_log_forging', because its argument 'name' %s on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_named_args_ooo_opt_param.phpt b/src/tests/disable_function/disabled_function_named_args_ooo_opt_param.phpt
new file mode 100644
index 0000000..6ca49d4
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_named_args_ooo_opt_param.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with out-of-order named optional arguments by matching argument name
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_named_args.ini
+--FILE--
+<?php
+function foo_named_args_ooo_opt_param($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_named_args_ooo_opt_param("bob", color: "green", greeting:  "xxx");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_named_args_ooo_opt_param', because its argument '$color'%s matched a rule in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_named_args_ooo_opt_pos.phpt b/src/tests/disable_function/disabled_function_named_args_ooo_opt_pos.phpt
new file mode 100644
index 0000000..86abbee
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_named_args_ooo_opt_pos.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with out-of-order named optional arguments by matching argument position
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_named_args.ini
+--FILE--
+<?php
+function foo_named_args_ooo_opt_pos($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_named_args_ooo_opt_pos("bob", color: "green", greeting:  "xxx");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_named_args_ooo_opt_pos', because its argument 'color'%s matched a rule in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_named_args_ooo_param.phpt b/src/tests/disable_function/disabled_function_named_args_ooo_param.phpt
new file mode 100644
index 0000000..a77fc09
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_named_args_ooo_param.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with out-of-order named arguments by matching argument name
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_named_args.ini
+--FILE--
+<?php
+function foo_named_args_ooo_param($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_named_args_ooo_param(greeting: "hello!", name: "bob");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_named_args_ooo_param', because its argument '$name'%s matched a rule in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_named_args_ooo_pos.phpt b/src/tests/disable_function/disabled_function_named_args_ooo_pos.phpt
new file mode 100644
index 0000000..ab7cc00
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_named_args_ooo_pos.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with out-of-order named arguments by matching argument position
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_named_args.ini
+--FILE--
+<?php
+function foo_named_args_ooo_pos($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_named_args_ooo_pos(greeting: "hello!", name: "bob");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_named_args_ooo_pos', because its argument 'name'%s matched a rule in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_named_args_param.phpt b/src/tests/disable_function/disabled_function_named_args_param.phpt
new file mode 100644
index 0000000..f07e736
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_named_args_param.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with named arguments by matching argument name
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_named_args.ini
+--FILE--
+<?php
+function foo_named_args_param($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_named_args_param(name: "bob", greeting: "hello!");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_named_args_param', because its argument '$name'%s matched a rule in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_named_args_pos.phpt b/src/tests/disable_function/disabled_function_named_args_pos.phpt
new file mode 100644
index 0000000..c0189fe
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_named_args_pos.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with named arguments by matching argument position
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_named_args.ini
+--FILE--
+<?php
+function foo_named_args_pos($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_named_args_pos(name: "bob", greeting: "hello!");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_named_args_pos', because its argument 'name'%s matched a rule in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_named_args_skip_param.phpt b/src/tests/disable_function/disabled_function_named_args_skip_param.phpt
new file mode 100644
index 0000000..86b1a5e
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_named_args_skip_param.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with named arguments (skipping opt. args) by matching argument name
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_named_args.ini
+--FILE--
+<?php
+function foo_named_args_skip_param($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_named_args_skip_param("bob", color: "green");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_named_args_skip_param', because its argument '$color'%s matched a rule in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_function_named_args_skip_pos.phpt b/src/tests/disable_function/disabled_function_named_args_skip_pos.phpt
new file mode 100644
index 0000000..ce85241
--- /dev/null
+++ b/src/tests/disable_function/disabled_function_named_args_skip_pos.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions with named arguments (skipping opt. args) by matching argument position
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_function_named_args.ini
+--FILE--
+<?php
+function foo_named_args_skip_pos($name, $greeting='HI!', $color='red') {
+    echo "boo\n";
+}
+foo_named_args_skip_pos("bob", color: "green");
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'foo_named_args_skip_pos', because its argument 'color'%s matched a rule in %s.php on line %d
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_functions_chmod.phpt b/src/tests/disable_function/disabled_functions_chmod.phpt
index 28f948d..834bc31 100644
--- a/src/tests/disable_function/disabled_functions_chmod.phpt
+++ b/src/tests/disable_function/disabled_functions_chmod.phpt
@@ -11,4 +11,4 @@ chmod( 'foo', 0777 );
 ?>
 --XFAIL--
 --EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'chmod', because its argument '$mode' content (511) matched a rule in %a/disabled_function_chmod.php on line %d
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'chmod', because its argument '$mode' content (511) matched a rule in %a.php on line %d
diff --git a/src/tests/disable_function/disabled_functions_chmod_php8.phpt b/src/tests/disable_function/disabled_functions_chmod_php8.phpt
index 71bb034..c947ba7 100644
--- a/src/tests/disable_function/disabled_functions_chmod_php8.phpt
+++ b/src/tests/disable_function/disabled_functions_chmod_php8.phpt
@@ -4,11 +4,10 @@ Disable functions - chmod, in php8
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 <?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
 --INI--
-sp.configuration_file={PWD}/config/disabled_functions_chmod.ini
+sp.configuration_file={PWD}/config/disabled_functions_chmod_php8.ini
 --FILE--
 <?php
 chmod( 'foo', 0777 );
 ?>
--XFAIL--
 --EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'chmod', because its argument '$permissions' content (511) matched a rule in %a/disabled_function_chmod_php8.php on line %d
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'chmod', because its argument '$permissions' content (511) matched a rule in %a.php on line %d
diff --git a/src/tests/disable_function/disabled_functions_exec.phpt b/src/tests/disable_function/disabled_functions_exec.phpt
new file mode 100644
index 0000000..d49ea58
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_exec.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Disable functions - exec
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php 
+echo exec('ls -l');
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'exec' in %a.php on line 2
diff --git a/src/tests/disable_function/disabled_functions_name_type.phpt b/src/tests/disable_function/disabled_functions_name_type.phpt
index 8d70eaa..62a6328 100644
--- a/src/tests/disable_function/disabled_functions_name_type.phpt
+++ b/src/tests/disable_function/disabled_functions_name_type.phpt
@@ -13,4 +13,4 @@ echo strcmp([1,23], "pouet") . "\n";
 --EXPECTF--
 0
-Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'strcmp', because its argument '$str1' content (ARRAY) matched a rule in %a/disabled_functions_name_type.php on line 3
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'strcmp', because its argument '$str1'%smatched a rule in %s/disabled_functions_name_type.php on line 3
diff --git a/src/tests/disable_function/disabled_functions_param_broken_line.phpt b/src/tests/disable_function/disabled_functions_param_broken_line.phpt
index 806816d..5251e4c 100644
--- a/src/tests/disable_function/disabled_functions_param_broken_line.phpt
+++ b/src/tests/disable_function/disabled_functions_param_broken_line.phpt
@@ -2,17 +2,15 @@
 Disable functions - match on a specific line - broken configuration
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/disabled_functions_broken_line.ini
+error_log=/dev/null
 --FILE--
 <?php 
 system("echo 1337");
 system("echo 1338");
 ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Failed to parse arg 'qwe' of `line` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to parse arg 'qwe' of `line` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/disable_function/disabled_functions_param_invalid_pos.phpt b/src/tests/disable_function/disabled_functions_param_invalid_pos.phpt
index e409300..235d3f7 100644
--- a/src/tests/disable_function/disabled_functions_param_invalid_pos.phpt
+++ b/src/tests/disable_function/disabled_functions_param_invalid_pos.phpt
@@ -2,16 +2,14 @@
 Disable functions - match on argument's position
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/disabled_functions_invalid_pos.ini
+error_log=/dev/null
 --FILE--
 <?php 
 system("echo 1");
 ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Failed to parse arg 'qwe' of `pos` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Failed to parse arg 'qwe' of `pos` on line 1 in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/disable_function/disabled_functions_param_pos.phpt b/src/tests/disable_function/disabled_functions_param_pos.phpt
index bacca62..4204548 100644
--- a/src/tests/disable_function/disabled_functions_param_pos.phpt
+++ b/src/tests/disable_function/disabled_functions_param_pos.phpt
@@ -9,6 +9,4 @@ sp.configuration_file={PWD}/config/disabled_functions_pos.ini
 system("id");
 ?>
 --EXPECTF--
-Warning: [snuffleupagus][0.0.0.0][config][log] It seems that you wrote a rule filtering on the 1337th argument of the function 'system', but it takes only 1 arguments. Matching on _all_ arguments instead. in %a/disabled_functions_param_pos.php on line 2
 Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'system', because its argument 'command' content (id) matched a rule in %a/disabled_functions_param_pos.php on line %d
diff --git a/src/tests/disable_function/disabled_functions_passthru.phpt b/src/tests/disable_function/disabled_functions_passthru.phpt
new file mode 100644
index 0000000..27eb8f8
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_passthru.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Disable functions - passthru
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php 
+echo passthru('ls -l');
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'passthru' in %a.php on line 2
diff --git a/src/tests/disable_function/disabled_functions_phpinfo_header_callback.phpt b/src/tests/disable_function/disabled_functions_phpinfo_header_callback.phpt
new file mode 100644
index 0000000..347101e
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_phpinfo_header_callback.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Disable functions - phpinfo via header_register_callback
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php
+header_register_callback('phpinfo');
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'phpinfo' in Unknown on line 0
diff --git a/src/tests/disable_function/disabled_functions_popen.phpt b/src/tests/disable_function/disabled_functions_popen.phpt
new file mode 100644
index 0000000..d027aed
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_popen.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Disable functions - popen
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php 
+echo popen('ls -l', 'r');
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'popen' in %a.php on line 2
diff --git a/src/tests/disable_function/disabled_functions_pos_type.phpt b/src/tests/disable_function/disabled_functions_pos_type.phpt
index ba134ad..29944c0 100644
--- a/src/tests/disable_function/disabled_functions_pos_type.phpt
+++ b/src/tests/disable_function/disabled_functions_pos_type.phpt
@@ -9,8 +9,4 @@ sp.configuration_file={PWD}/config/disabled_functions_pos.ini
 system([123, 456]);
 ?>
 --EXPECTF--
-Warning: [snuffleupagus][0.0.0.0][config][log] It seems that you wrote a rule filtering on the 1337th argument of the function 'system', but it takes only 1 arguments. Matching on _all_ arguments instead. in %a/disabled_functions_pos_type.php on line %d
-Warning: [snuffleupagus][0.0.0.0][config][log] It seems that you wrote a rule filtering on the 1st argument of the function 'system', but it takes only 1 arguments. Matching on _all_ arguments instead. in %a/disabled_functions_pos_type.php on line %d
 Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'system', because its argument 'command' content (?) matched the rule '1' in %a/disabled_functions_pos_type.php on line %d
diff --git a/src/tests/disable_function/disabled_functions_proc_open.phpt b/src/tests/disable_function/disabled_functions_proc_open.phpt
new file mode 100644
index 0000000..7c8c7eb
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_proc_open.phpt
@@ -0,0 +1,17 @@
+--TEST--
+Disable functions - proc_open
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php 
+$descriptorspec = array(
+   0 => array("pipe", "r"),
+   1 => array("pipe", "w"),
+   2 => array("pipe", "w")
+);
+echo proc_open('ls', $descriptorspec, $pipes);
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'proc_open' in %a.php on line 7
diff --git a/src/tests/disable_function/disabled_functions_runtime.phpt b/src/tests/disable_function/disabled_functions_runtime.phpt
index 3d74b40..16ecfdb 100644
--- a/src/tests/disable_function/disabled_functions_runtime.phpt
+++ b/src/tests/disable_function/disabled_functions_runtime.phpt
@@ -29,4 +29,4 @@ unlink("file_to_include2.php");
 --EXPECTF--
 1338
-Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'test', because its argument '$param' content (1337) matched a rule in %a/src/file_to_include%d.php on line 1
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'test', because its argument '$param' content (1337) matched a rule in %a/file_to_include%d.php on line 1
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt
new file mode 100644
index 0000000..aeb64c2
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Disable functions - shell_exec via backtick operator
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php 
+echo `ls`;
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in %a.php on line 2
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt
new file mode 100644
index 0000000..a312acf
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Disable functions - shell_exec via backtick operator in context of a var name
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php 
+echo ${`ls`};
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in %a.php on line 2
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt
new file mode 100644
index 0000000..ea77a7d
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_backtick_var_string.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Disable functions - shell_exec via backtick operator in context of a var name in a string
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php 
+echo "{${`ls`}}";
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in %a.php on line 2
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_closure.phpt b/src/tests/disable_function/disabled_functions_shell_exec_closure.phpt
new file mode 100644
index 0000000..fd9343b
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_closure.phpt
@@ -0,0 +1,13 @@
+--TEST--
+Disable functions - shell_exec via closure
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php
+$x = Closure::fromCallable('shell_exec');
+echo $x('ls');
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in %a.php on line 3
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_closure2.phpt b/src/tests/disable_function/disabled_functions_shell_exec_closure2.phpt
new file mode 100644
index 0000000..fac6031
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_closure2.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions - shell_exec via 1st class closure
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (PHP_VERSION_ID < 80100) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php
+$x = shell_exec(...);
+echo $x('ls');
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in %a.php on line 3
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_filter_input.phpt b/src/tests/disable_function/disabled_functions_shell_exec_filter_input.phpt
new file mode 100644
index 0000000..8a18d9b
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_filter_input.phpt
@@ -0,0 +1,14 @@
+--TEST--
+Disable functions - shell_exec via filter_input callback
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--GET--
+cmd=ls
+--FILE--
+<?php
+echo filter_input(INPUT_GET, 'cmd', FILTER_CALLBACK, array('options' => 'shell_exec'));
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in %a.php on line 2
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_include_data.phpt b/src/tests/disable_function/disabled_functions_shell_exec_include_data.phpt
new file mode 100644
index 0000000..4c13db6
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_include_data.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Disable functions - shell_exec via include(data://)
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (PHP_VERSION_ID < 70400) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+allow_url_include=1
+--FILE--
+<?php
+include('data://text/plain,'.urlencode('<?php shell_exec("ls");'));
+?>
+--EXPECTF--
+Deprecated: Directive 'allow_url_include' is deprecated in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in data%a line 1
+\ No newline at end of file
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_include_phpfilter.phpt b/src/tests/disable_function/disabled_functions_shell_exec_include_phpfilter.phpt
new file mode 100644
index 0000000..941d168
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_include_phpfilter.phpt
@@ -0,0 +1,16 @@
+--TEST--
+Disable functions - shell_exec via include(php://filter)
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (PHP_VERSION_ID < 70400) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+allow_url_include=1
+--FILE--
+<?php
+include('php://filter//resource=data://text/plain,'.urlencode('<?php shell_exec("ls");'));
+?>
+--EXPECTF--
+Deprecated: Directive 'allow_url_include' is deprecated in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in php%a line 1
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_opcache_preload.phpt b/src/tests/disable_function/disabled_functions_shell_exec_opcache_preload.phpt
new file mode 100644
index 0000000..7e076ae
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_opcache_preload.phpt
@@ -0,0 +1,21 @@
+--TEST--
+Disable functions - shell_exec via opcache.preload
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("opcache")) print "skip"; ?>
+<?php if (PHP_VERSION_ID < 70400) print "skip"; ?>
+--EXTENSIONS--
+opcache
+--XFAIL--
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+allow_url_include=1
+opcache.enable=1
+opcache.enable_cli=1
+opcache.preload=data://text/plain,%3C%3Fphp+shell_exec%28%22ls%22%29%3B
+opcache.preload_user=nobody
+--FILE--
+<?php
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in data%a line 1
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_shutdown_function.phpt b/src/tests/disable_function/disabled_functions_shell_exec_shutdown_function.phpt
new file mode 100644
index 0000000..8dcc40e
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_shutdown_function.phpt
@@ -0,0 +1,12 @@
+--TEST--
+Disable functions - shell_exec via register_shutdown_function
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php
+register_shutdown_function('shell_exec', 'ls');
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in Unknown on line 0
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_signal.phpt b/src/tests/disable_function/disabled_functions_shell_exec_signal.phpt
new file mode 100644
index 0000000..c0b5103
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_signal.phpt
@@ -0,0 +1,21 @@
+--TEST--
+Disable functions - shell_exec via signal handler
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("pcntl")) print "skip"; ?>
+<?php if (PHP_VERSION_ID < 70100) print "skip"; ?>
+--EXTENSIONS--
+pcntl
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+pcntl.async_signals=1
+--FILE--
+<?php
+declare(ticks=1);
+ini_set("pcntl.async_signals", "1");
+pcntl_signal(SIGALRM, function($signo) { shell_exec("ls"); });
+system("kill -14 " . getmypid());
+sleep(5);
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in %a.php on line 4
diff --git a/src/tests/disable_function/disabled_functions_shell_exec_var.phpt b/src/tests/disable_function/disabled_functions_shell_exec_var.phpt
new file mode 100644
index 0000000..e5a6a4e
--- /dev/null
+++ b/src/tests/disable_function/disabled_functions_shell_exec_var.phpt
@@ -0,0 +1,13 @@
+--TEST--
+Disable functions - shell_exec via var call
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disabled_functions_extra.ini
+--FILE--
+<?php
+$x = 'shell_exec'; 
+echo $x('ls');
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][disabled_function][drop] Aborted execution on call of the function 'shell_exec', %a matched a rule in %a.php on line 3
diff --git a/src/tests/dump_request/dump_eval_blacklist.phpt b/src/tests/dump_request/dump_eval_blacklist.phpt
index 07c17f2..c9f48e4 100644
--- a/src/tests/dump_request/dump_eval_blacklist.phpt
+++ b/src/tests/dump_request/dump_eval_blacklist.phpt
@@ -4,6 +4,13 @@ Dump eval blacklist
 <?php 
 if (!extension_loaded("snuffleupagus")) print "skip";
 ?>
+--CLEAN--
+<?php
+foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
+    @unlink($dump);
+}
+@rmdir("/tmp/dump_result/");
+?>
 --POST--
 post_a=data_post_a&post_b=data_post_b
 --GET--
@@ -36,5 +43,5 @@ if ($res[3] != "GET:get_a='data_get_a' get_b='data_get_b' \n") {
 --EXPECTF--
 Outside of eval: 1337 1337 1337
-Warning: [snuffleupagus][0.0.0.0][eval][simulation] A call to strtoupper was tried in eval, in %a/dump_eval_blacklist.php:1, logging it. in %a/dump_eval_blacklist.php(9) : eval()'d code on line 1
+Warning: [snuffleupagus][0.0.0.0][eval][simulation] A call to 'strtoupper' was tried in eval. logging it. in %a(9) : eval()'d code on line 1
 After eval: 1234
diff --git a/src/tests/dump_request/dump_eval_whitelist.phpt b/src/tests/dump_request/dump_eval_whitelist.phpt
index 09f5523..cc5a824 100644
--- a/src/tests/dump_request/dump_eval_whitelist.phpt
+++ b/src/tests/dump_request/dump_eval_whitelist.phpt
@@ -4,6 +4,13 @@ Dump eval whitelist
 <?php
 if (!extension_loaded("snuffleupagus")) print "skip";
 ?>
+--CLEAN--
+<?php
+foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
+    @unlink($dump);
+}
+@rmdir("/tmp/dump_result/");
+?>
 --POST--
 post_a=data_post_a&post_b=data_post_b
 --GET--
diff --git a/src/tests/dump_request/dump_request.phpt b/src/tests/dump_request/dump_request.phpt
index d18580b..f8dee11 100644
--- a/src/tests/dump_request/dump_request.phpt
+++ b/src/tests/dump_request/dump_request.phpt
@@ -5,7 +5,9 @@ Dump request
 if (!extension_loaded("snuffleupagus")) {
    print "skip";
 } 
+?>
+--CLEAN--
+<?php
 foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
    @unlink($dump);
 }
@@ -21,10 +23,6 @@ cookie_a=data_cookie_a&cookie_b=data_cookie_b
 sp.configuration_file={PWD}/config/dump_request.ini
 --FILE--
 <?php
-@mkdir("/tmp/dump_result/");
-foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
-    @unlink($dump);
-}
 echo "1\n";
 system("echo 1337;");
 $filename = glob('/tmp/dump_result/sp_dump.*')[0];
@@ -40,5 +38,5 @@ if ($res[3] != "GET:get_a='data_get_a' get_b='data_get_b' \n") {
 --EXPECTF--
 1
-Warning: [snuffleupagus][0.0.0.0][disabled_function][simulation] Aborted execution on call of the function 'system' in %a/dump_request.php on line 7
+Warning: [snuffleupagus][0.0.0.0][disabled_function][simulation] Aborted execution on call of the function 'system' in %a/dump_request.php on line %d
 1337
diff --git a/src/tests/dump_request/dump_request_stacktrace.phpt b/src/tests/dump_request/dump_request_stacktrace.phpt
index 0a8b94e..9b02ab5 100644
--- a/src/tests/dump_request/dump_request_stacktrace.phpt
+++ b/src/tests/dump_request/dump_request_stacktrace.phpt
@@ -5,7 +5,9 @@ Dump request
 if (!extension_loaded("snuffleupagus")) {
    print "skip";
 } 
+?>
+--CLEAN--
+<?php
 foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
    @unlink($dump);
 }
diff --git a/src/tests/dump_request/dump_request_too_big.phpt b/src/tests/dump_request/dump_request_too_big.phpt
index e82ddc4..fd265f2 100644
--- a/src/tests/dump_request/dump_request_too_big.phpt
+++ b/src/tests/dump_request/dump_request_too_big.phpt
@@ -6,6 +6,13 @@ if (!extension_loaded("snuffleupagus")) {
    print "skip";
 }
 ?>
+--CLEAN--
+<?php
+foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
+    @unlink($dump);
+}
+@rmdir("/tmp/dump_result/");
+?>
 --POST--
 post_a=data_post_a&post_b=data_post_b&post_c=c
 --GET--
@@ -20,15 +27,11 @@ END;
 sp.configuration_file={PWD}/config/dump_request.ini
 --FILE--
 <?php
-@mkdir("/tmp/dump_result/");
-foreach (glob("/tmp/dump_result/sp_dump.*") as $dump) {
-    @unlink($dump);
-}
 echo "1\n";
 system("echo 1337;");
 $filename = glob('/tmp/dump_result/*')[0];
 $res = file($filename);
+// echo $res[3] . "\n";
 if ($res[3] != "GET:get_a='data_get_a' get_b='data_get_b' get_c='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaBBBB' \n") {
    echo "Invalid GET";
 } elseif ($res[4] != "POST:post_a='data_post_a' post_b='data_post_b' post_c='c' \n") {
@@ -40,5 +43,5 @@ if ($res[3] != "GET:get_a='data_get_a' get_b='data_get_b' get_c='aaaaaaaaaaaaaaa
 --EXPECTF--
 1
-Warning: [snuffleupagus][127.0.0.1][disabled_function][simulation] Aborted execution on call of the function 'system' in %a/dump_request_too_big.php on line 8
+Warning: [snuffleupagus][127.0.0.1][disabled_function][simulation] Aborted execution on call of the function 'system' in %a/dump_request_too_big.php on line %d
 1337
diff --git a/src/tests/eval_blacklist/eval_backlist.phpt b/src/tests/eval_blacklist/eval_backlist.phpt
index fa32b4b..2953efc 100644
--- a/src/tests/eval_blacklist/eval_backlist.phpt
+++ b/src/tests/eval_blacklist/eval_backlist.phpt
@@ -14,4 +14,4 @@ echo "After eval: $a\n";
 --EXPECTF--
 Outside of eval: 1337 1337 1337
-Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to strtoupper was tried in eval, in %a/eval_backlist.php:1, dropping it. in %a/eval_backlist.php(4) : eval()'d code on line 1
+Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to 'strtoupper' was tried in eval. dropping it. in %a/eval_backlist.php(4) : eval()'d code on line 1
diff --git a/src/tests/eval_blacklist/eval_backlist_call_user_func.phpt b/src/tests/eval_blacklist/eval_backlist_call_user_func.phpt
index 4c37263..546a53a 100644
--- a/src/tests/eval_blacklist/eval_backlist_call_user_func.phpt
+++ b/src/tests/eval_blacklist/eval_backlist_call_user_func.phpt
@@ -11,4 +11,4 @@ eval('
 ')
 ?>
 --EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to strtoupper was tried in eval, in %s/eval_backlist_call_user_func.php:%d, dropping it. in %s/eval_backlist_call_user_func.php(%d) : eval()'d code on line %d
+Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to 'strtoupper' was tried in eval. dropping it. in %s/eval_backlist_call_user_func.php(%d) : eval()'d code on line %d
diff --git a/src/tests/eval_blacklist/eval_backlist_chained.phpt b/src/tests/eval_blacklist/eval_backlist_chained.phpt
index 820ef1d..1afb860 100644
--- a/src/tests/eval_blacklist/eval_backlist_chained.phpt
+++ b/src/tests/eval_blacklist/eval_backlist_chained.phpt
@@ -13,4 +13,4 @@ eval('
 ')
 ?>
 --EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to strtoupper was tried in eval, in %s/eval_backlist_chained.php:%d, dropping it. in %s/eval_backlist_chained.php(%d) : eval()'d code on line %d
+Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to 'strtoupper' was tried in eval. dropping it. in %s/eval_backlist_chained.php(%d) : eval()'d code on line %d
diff --git a/src/tests/eval_blacklist/eval_backlist_list.phpt b/src/tests/eval_blacklist/eval_backlist_list.phpt
index 725a9bb..1efd453 100644
--- a/src/tests/eval_blacklist/eval_backlist_list.phpt
+++ b/src/tests/eval_blacklist/eval_backlist_list.phpt
@@ -14,4 +14,4 @@ echo "After eval: $a\n";
 --EXPECTF--
 Outside of eval: 1337 1337 1337
-Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to strtoupper was tried in eval, in %a/eval_backlist_list.php:1, dropping it. in %a/eval_backlist_list.php(4) : eval()'d code on line 1
+Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to 'strtoupper' was tried in eval. dropping it. in %a/eval_backlist_list.php(4) : eval()'d code on line 1
diff --git a/src/tests/eval_blacklist/eval_backlist_simulation.phpt b/src/tests/eval_blacklist/eval_backlist_simulation.phpt
index f09370d..0cc02b2 100644
--- a/src/tests/eval_blacklist/eval_backlist_simulation.phpt
+++ b/src/tests/eval_blacklist/eval_backlist_simulation.phpt
@@ -14,5 +14,5 @@ echo "After eval: $a\n";
 --EXPECTF--
 Outside of eval: 1337 1337 1337
-Warning: [snuffleupagus][0.0.0.0][eval][simulation] A call to strtoupper was tried in eval, in %a/eval_backlist_simulation.php:1, logging it. in %a/eval_backlist_simulation.php(4) : eval()'d code on line 1
+Warning: [snuffleupagus][0.0.0.0][eval][simulation] A call to 'strtoupper' was tried in eval. logging it. in %a/eval_backlist_simulation.php(4) : eval()'d code on line 1
 After eval: 1234
diff --git a/src/tests/eval_blacklist/nested_eval_blacklist.phpt b/src/tests/eval_blacklist/nested_eval_blacklist.phpt
index 8ff0b6d..a06b66b 100644
--- a/src/tests/eval_blacklist/nested_eval_blacklist.phpt
+++ b/src/tests/eval_blacklist/nested_eval_blacklist.phpt
@@ -26,4 +26,4 @@ Inception lvl 1...
 Inception lvl 2...
 Inception lvl 3...
-Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to strtoupper was tried in eval, in %a/nested_eval_blacklist.php(5) : eval()'d code(4) : eval()'d code:3, dropping it. in %a/nested_eval_blacklist.php(5) : eval()'d code(4) : eval()'d code(4) : eval()'d code on line 3
+Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to 'strtoupper' was tried in eval. dropping it. in %a/nested_eval_blacklist.php(5) : eval()'d code(4) : eval()'d code(4) : eval()'d code on line 3
diff --git a/src/tests/eval_blacklist/nested_eval_blacklist2.phpt b/src/tests/eval_blacklist/nested_eval_blacklist2.phpt
index 37f8967..63e56b1 100644
--- a/src/tests/eval_blacklist/nested_eval_blacklist2.phpt
+++ b/src/tests/eval_blacklist/nested_eval_blacklist2.phpt
@@ -26,4 +26,4 @@ Inception lvl 1...
 Inception lvl 2...
 Inception lvl 3...
-Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to strtoupper was tried in eval, in %a/nested_eval_blacklist2.php(5) : eval()'d code:7, dropping it. in %a/nested_eval_blacklist2.php(5) : eval()'d code(4) : eval()'d code on line 7
+Fatal error: [snuffleupagus][0.0.0.0][eval][drop] A call to 'strtoupper' was tried in eval. dropping it. in %a/nested_eval_blacklist2.php(5) : eval()'d code(4) : eval()'d code on line 7
diff --git a/src/tests/filter/config/filter.ini b/src/tests/filter/config/filter.ini
new file mode 100644
index 0000000..5ebee61
--- /dev/null
+++ b/src/tests/filter/config/filter.ini
@@ -0,0 +1,3 @@
+sp.global.server_encode.enable();
+sp.global.server_strip.enable();
diff --git a/src/tests/filter/server_encode.phpt b/src/tests/filter/server_encode.phpt
new file mode 100644
index 0000000..f7cc233
--- /dev/null
+++ b/src/tests/filter/server_encode.phpt
@@ -0,0 +1,25 @@
+--TEST--
+input filter: server_encode
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/filter.ini
+display_errors=1
+display_startup_errors=1
+error_reporting=E_ALL
+--ENV--
+return <<<EOF
+REQUEST_URI=AAA<>"'`!AAA
+EOF;
+--COOKIE--
+--GET--
+BBB<>"'`!BBB
+--POST--
+--FILE--
+<?php
+var_dump($_SERVER['REQUEST_URI']);
+var_dump($_SERVER['QUERY_STRING']);
+--EXPECT--
+string(22) "AAA%3C%3E%22%27%60!AAA"
+string(22) "BBB%3C%3E%22%27%60!BBB"
diff --git a/src/tests/filter/server_strip.phpt b/src/tests/filter/server_strip.phpt
new file mode 100644
index 0000000..83072b4
--- /dev/null
+++ b/src/tests/filter/server_strip.phpt
@@ -0,0 +1,21 @@
+--TEST--
+input filter: server_strip
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/filter.ini
+display_errors=1
+display_startup_errors=1
+error_reporting=E_ALL
+--ENV--
+return <<<EOF
+HTTP_USER_AGENT=Mozilla/5.0 (Windows NT 6.0; rv:29.0) <script>alert('123');</script>Gecko/20100101 Firefox/29.0
+EOF;
+--COOKIE--
+--GET--
+--POST--
+--FILE--
+<?php
+var_dump($_SERVER['HTTP_USER_AGENT']);
+--EXPECT--
+string(95) "Mozilla/5.0 (Windows NT 6.0; rv:29.0) _script_alert(_123_);_/script_Gecko/20100101 Firefox/29.0"
diff --git a/src/tests/inexistent_conf_file.phpt b/src/tests/inexistent_conf_file.phpt
index cd10665..27b176f 100644
--- a/src/tests/inexistent_conf_file.phpt
+++ b/src/tests/inexistent_conf_file.phpt
@@ -2,14 +2,12 @@
 Check for snuffleupagus presence
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/unexistent_configuration_file.ini
+error_log=/dev/null
 --FILE--
 <?php ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Could not open configuration file %a/config/unexistent_configuration_file.ini : No such file or directory in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Could not open configuration file %a/config/unexistent_configuration_file.ini : No such file or directory in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/inexistent_conf_file_list.phpt b/src/tests/inexistent_conf_file_list.phpt
index 6cac934..fe9a206 100644
--- a/src/tests/inexistent_conf_file_list.phpt
+++ b/src/tests/inexistent_conf_file_list.phpt
@@ -2,14 +2,12 @@
 Non-existent configuration file in a list
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/../../config/default.rules,{PWD}/non_existent_configuration_file
+error_log=/dev/null
 --FILE--
 <?php ?>
 --EXPECTF--
-PHP Fatal error:  [snuffleupagus][0.0.0.0][config][log] Could not open configuration file %a/non_existent_configuration_file : No such file or directory in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Could not open configuration file %a/non_existent_configuration_file : No such file or directory in Unknown on line 0
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
diff --git a/src/tests/ini/config/sp-policy-drop.ini b/src/tests/ini/config/sp-policy-drop.ini
new file mode 100644
index 0000000..4b1e374
--- /dev/null
+++ b/src/tests/ini/config/sp-policy-drop.ini
@@ -0,0 +1,3 @@
+sp.ini_protection.enable();
+sp.ini_protection.policy_drop();
+sp.ini.key("max_execution_time").min("30").max("300");
diff --git a/src/tests/ini/config/sp-policy-silent-fail.ini b/src/tests/ini/config/sp-policy-silent-fail.ini
new file mode 100644
index 0000000..2123837
--- /dev/null
+++ b/src/tests/ini/config/sp-policy-silent-fail.ini
@@ -0,0 +1,3 @@
+sp.ini_protection.enable();
+sp.ini_protection.policy_silent_fail();
+sp.ini.key("max_execution_time").min("30").max("300");
diff --git a/src/tests/ini/config/sp.ini b/src/tests/ini/config/sp.ini
new file mode 100644
index 0000000..86a63a7
--- /dev/null
+++ b/src/tests/ini/config/sp.ini
@@ -0,0 +1,10 @@
+sp.ini_protection.enable();
+sp.ini.key("max_execution_time").min("30").max("300");
+sp.ini.key("highlight.comment").regexp("^#[0-9a-fA-F]{6}$");
+sp.ini.key("default_mimetype").set("text/plain").ro();
+sp.ini.key("sendmail_from").set("test@example.com").regexp(".*@example\\.com$").allow_null();
+sp.ini.key("unserialize_callback_func").set("def").regexp("^abc$");
+sp.ini.key("user_agent").regexp("^abc$").drop();
diff --git a/src/tests/ini/ini_min_policy_drop.phpt b/src/tests/ini/ini_min_policy_drop.phpt
new file mode 100644
index 0000000..ef40ebc
--- /dev/null
+++ b/src/tests/ini/ini_min_policy_drop.phpt
@@ -0,0 +1,13 @@
+--TEST--
+INI protection .min() + .policy_drop()
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print("skip"); ?>
+--INI--
+sp.configuration_file={PWD}/config/sp-policy-drop.ini
+--FILE--
+<?php 
+var_dump(ini_set("max_execution_time", "29") === false);
+var_dump(ini_get("max_execution_time"));
+?>
+--EXPECTF-- 
+Fatal error: [snuffleupagus][0.0.0.0][ini_protection][drop] INI value out of range in %a/ini_min_policy_drop.php on line 2
diff --git a/src/tests/ini/ini_min_policy_silent_fail.phpt b/src/tests/ini/ini_min_policy_silent_fail.phpt
new file mode 100644
index 0000000..d0117a7
--- /dev/null
+++ b/src/tests/ini/ini_min_policy_silent_fail.phpt
@@ -0,0 +1,14 @@
+--TEST--
+INI protection .min() + .policy_silent_fail()
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print("skip"); ?>
+--INI--
+sp.configuration_file={PWD}/config/sp-policy-silent-fail.ini
+--FILE--
+<?php 
+var_dump(ini_set("max_execution_time", "29") === false);
+var_dump(ini_get("max_execution_time"));
+?>
+--EXPECTF-- 
+bool(true)
+string(1) "0"
+\ No newline at end of file
diff --git a/src/tests/ini/ini_minmax.phpt b/src/tests/ini/ini_minmax.phpt
new file mode 100644
index 0000000..4cd6bc4
--- /dev/null
+++ b/src/tests/ini/ini_minmax.phpt
@@ -0,0 +1,34 @@
+--TEST--
+INI protection .min()/.max()
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print("skip"); ?>
+--INI--
+sp.configuration_file={PWD}/config/sp.ini
+--FILE--
+<?php 
+var_dump(ini_set("max_execution_time", "30") === false);
+var_dump(ini_get("max_execution_time"));
+var_dump(ini_set("max_execution_time", "300") === false);
+var_dump(ini_get("max_execution_time"));
+var_dump(ini_set("max_execution_time", "29") === false);
+var_dump(ini_get("max_execution_time"));
+var_dump(ini_set("max_execution_time", "301") === false);
+var_dump(ini_get("max_execution_time"));
+?>
+--EXPECTF-- 
+bool(false)
+string(2) "30"
+bool(false)
+string(3) "300"
+Warning: [snuffleupagus][0.0.0.0][ini_protection][log] INI value out of range in %a/ini_minmax.php on line 8
+bool(true)
+string(3) "300"
+Warning: [snuffleupagus][0.0.0.0][ini_protection][log] INI value out of range in %a/ini_minmax.php on line 11
+bool(true)
+string(3) "300"
+\ No newline at end of file
diff --git a/src/tests/ini/ini_null.phpt b/src/tests/ini/ini_null.phpt
new file mode 100644
index 0000000..32a12c1
--- /dev/null
+++ b/src/tests/ini/ini_null.phpt
@@ -0,0 +1,26 @@
+--TEST--
+INI protection .allow_null()
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print("skip"); ?>
+--INI--
+sp.configuration_file={PWD}/config/sp.ini
+--FILE--
+<?php 
+var_dump(ini_set("sendmail_from", "foo@example.com") === false);
+var_dump(ini_get("sendmail_from"));
+var_dump(ini_set("sendmail_from", NULL) === false);
+var_dump(ini_get("sendmail_from"));
+var_dump(ini_set("unserialize_callback_func", NULL) === false);
+var_dump(ini_get("unserialize_callback_func"));
+?>
+--EXPECTF-- 
+bool(false)
+string(15) "foo@example.com"
+bool(false)
+string(0) ""
+Warning: [snuffleupagus][0.0.0.0][ini_protection][log] new INI value must not be NULL or empty in %a/ini_null.php on line 8
+bool(true)
+string(3) "def"
+\ No newline at end of file
diff --git a/src/tests/ini/ini_regexp.phpt b/src/tests/ini/ini_regexp.phpt
new file mode 100644
index 0000000..f6c5198
--- /dev/null
+++ b/src/tests/ini/ini_regexp.phpt
@@ -0,0 +1,19 @@
+--TEST--
+INI protection .regexp()
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print("skip"); ?>
+--INI--
+sp.configuration_file={PWD}/config/sp.ini
+--FILE--
+<?php 
+ini_set("highlight.comment", "#000aBc");
+var_dump(ini_get("highlight.comment"));
+ini_set("highlight.comment", "xxx");
+var_dump(ini_get("highlight.comment"));
+?>
+--EXPECTF-- 
+string(7) "#000aBc"
+Warning: [snuffleupagus][0.0.0.0][ini_protection][log] INI value does not match regex in %a/ini_regexp.php on line 5
+string(7) "#000aBc"
diff --git a/src/tests/ini/ini_regexp_drop.phpt b/src/tests/ini/ini_regexp_drop.phpt
new file mode 100644
index 0000000..9225470
--- /dev/null
+++ b/src/tests/ini/ini_regexp_drop.phpt
@@ -0,0 +1,13 @@
+--TEST--
+INI protection .min() + .drop()
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print("skip"); ?>
+--INI--
+sp.configuration_file={PWD}/config/sp.ini
+--FILE--
+<?php 
+var_dump(ini_set("user_agent", "Foo") === false);
+var_dump(ini_get("user_agent"));
+?>
+--EXPECTF-- 
+Fatal error: [snuffleupagus][0.0.0.0][ini_protection][drop] INI value does not match regex in %a/ini_regexp_drop.php on line 2
diff --git a/src/tests/ini/ini_set.phpt b/src/tests/ini/ini_set.phpt
new file mode 100644
index 0000000..bfafbe8
--- /dev/null
+++ b/src/tests/ini/ini_set.phpt
@@ -0,0 +1,12 @@
+--TEST--
+INI protection .set()
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print("skip"); ?>
+--INI--
+sp.configuration_file={PWD}/config/sp.ini
+--FILE--
+<?php 
+var_dump(ini_get("default_mimetype"));
+?>
+--EXPECTF-- 
+string(10) "text/plain"
+\ No newline at end of file
diff --git a/src/tests/php8/inexistent_conf_file.phpt b/src/tests/php8/inexistent_conf_file.phpt
deleted file mode 100644
index ac763aa..0000000
--- a/src/tests/php8/inexistent_conf_file.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Test for unexistent configuration file, in php8
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/config/unexistent_configuration_file.ini
--FILE--
-<?php ?>
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Could not open configuration file %a/config/unexistent_configuration_file.ini : No such file or directory in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/php8/inexistent_conf_file_list.phpt b/src/tests/php8/inexistent_conf_file_list.phpt
deleted file mode 100644
index 2309fc6..0000000
--- a/src/tests/php8/inexistent_conf_file_list.phpt
+++ /dev/null
@@ -1,14 +0,0 @@
--TEST--
-Non-existent configuration file in a list in php8
--SKIPIF--
-<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
--INI--
-sp.configuration_file={PWD}/../../../config/default.rules,{PWD}/non_existent_configuration_file
--FILE--
-<?php ?>
--EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Could not open configuration file %a/non_existent_configuration_file : No such file or directory in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Could not startup.
diff --git a/src/tests/phpinfo_presence.phpt b/src/tests/phpinfo_presence.phpt
index c1388ed..48daffb 100644
--- a/src/tests/phpinfo_presence.phpt
+++ b/src/tests/phpinfo_presence.phpt
@@ -1,5 +1,5 @@
 --TEST--
-Unserialize fail
+phpinfo() showing snuffleupagus
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
diff --git a/src/tests/session_encryption/config/config_crypt_session.ini b/src/tests/session_encryption/config/config_crypt_session.ini
index 14b0c2c..054f0f8 100644
--- a/src/tests/session_encryption/config/config_crypt_session.ini
+++ b/src/tests/session_encryption/config/config_crypt_session.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.session.encrypt();
 \ No newline at end of file
diff --git a/src/tests/session_encryption/config/config_crypt_session_simul.ini b/src/tests/session_encryption/config/config_crypt_session_simul.ini
index fbd43eb..5e3433b 100644
--- a/src/tests/session_encryption/config/config_crypt_session_simul.ini
+++ b/src/tests/session_encryption/config/config_crypt_session_simul.ini
@@ -1,3 +1,3 @@
-sp.global.secret_key("abcdef").cookie_env_var("REMOTE_ADDR");
+sp.global.secret_key("abcdefGHIJ").cookie_env_var("REMOTE_ADDR");
 sp.session.encrypt();
 sp.session.simulation();
 \ No newline at end of file
diff --git a/src/tests/session_encryption/crypt_session_corrupted_session.phpt b/src/tests/session_encryption/crypt_session_corrupted_session.phpt
index a97dbca..eca43b4 100644
--- a/src/tests/session_encryption/crypt_session_corrupted_session.phpt
+++ b/src/tests/session_encryption/crypt_session_corrupted_session.phpt
@@ -2,11 +2,12 @@
 Set a custom session handler
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 70400) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session.ini
-session.save_path = "/tmp"
+session.save_path="/tmp"
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
@@ -29,4 +30,4 @@ session_start();
 var_dump($_SESSION);
 ?>
 --EXPECTF--
-Fatal error: [snuffleupagus][127.0.0.1][cookie_encryption][drop] Buffer underflow tentative detected in cookie encryption handling in %s/crypt_session_corrupted_session.php on line %s
+Fatal error: [snuffleupagus][127.0.0.1][cookie_encryption][drop] Buffer underflow (tentative) detected in cookie encryption handling in %s/crypt_session_corrupted_session.php on line %s
diff --git a/src/tests/session_encryption/crypt_session_invalid.phpt b/src/tests/session_encryption/crypt_session_invalid.phpt
index 967d9d1..a71a601 100644
--- a/src/tests/session_encryption/crypt_session_invalid.phpt
+++ b/src/tests/session_encryption/crypt_session_invalid.phpt
@@ -2,8 +2,9 @@
 SESSION crypt and bad decrypt
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
-<?php if (PHP_VERSION_ID >= 70400) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session.ini
 --ENV--
diff --git a/src/tests/session_encryption/crypt_session_invalid_simul.phpt b/src/tests/session_encryption/crypt_session_invalid_simul.phpt
index cbb80dc..3eb619c 100644
--- a/src/tests/session_encryption/crypt_session_invalid_simul.phpt
+++ b/src/tests/session_encryption/crypt_session_invalid_simul.phpt
@@ -2,8 +2,14 @@
 SESSION crypt and bad decrypt
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session_simul.ini
+display_errors=0
+log_errors=1
+error_log="{PWD}"/crypt_session_invalid_simul.tmp
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
@@ -19,9 +25,12 @@ putenv("REMOTE_ADDR=127.0.0.2");
 session_id($id);                        // Recover the session with the previous session_id
 session_start();                        // Re start the session, It will read and decrypt the non empty session
 var_dump($_SESSION);            // Dump the session
+echo file_get_contents(dirname(__FILE__) . "/crypt_session_invalid_simul.tmp");
+unlink(dirname(__FILE__) . "/crypt_session_invalid_simul.tmp");
 ?>
 --EXPECTF--
-array(1) {
+array(0) {
-  ["toto"]=>
-  string(4) "tata"
 }
+%sPHP Warning:  [snuffleupagus][127.0.0.2][cookie_encryption][simulation] Something went wrong with the decryption of the session. Using the cookie 'as is' instead of decrypting it in %a/crypt_session_invalid_simul.php on line 9%A
+\ No newline at end of file
diff --git a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt
index 5e81b52..5966f8e 100644
--- a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt
+++ b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt
@@ -2,27 +2,33 @@
 SESSION crypt/decrypt valid
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session_simul.ini
+session.save_path="{PWD}"
+display_errors=0
+log_errors=1
+error_log="{PWD}"/crypt_session_read_uncrypt.tmp
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
 EOF;
 --FILE--
 <?php
-$current_path = dirname(getcwd()) . "/src/tests/" ;
-ini_set("session.save_path", $current_path);
 session_start();
 $id = session_id();                                                                                     // Get the session_id to use it later
-$filename_sess = $current_path . "sess_" . $id;
+$filename_sess = dirname(__FILE__) . "/sess_" . $id;
-file_put_contents($filename_sess, "toto|s:4:\"tata\";");                        // Write a unencrypted session
+file_put_contents($filename_sess, "toto|s:4:\"tata\";");                        // Write unencrypted session
 session_write_close();                                                                                  // Close the session
 session_id($id);
 session_start();                                                                                                // Try to read the unencrypted session, it will fail to decrypt but it must return the session
 var_dump($_SESSION);
-echo "OK";
+echo "OK\n";
+echo file_get_contents(dirname(__FILE__) . "/crypt_session_read_uncrypt.tmp");
+unlink(dirname(__FILE__) . "/crypt_session_read_uncrypt.tmp");
 unlink($filename_sess);
 ?>
 --EXPECTF--
@@ -31,3 +37,4 @@ array(1) {
  string(4) "tata"
 }
 OK
+%aPHP Warning:  [snuffleupagus][127.0.0.1][cookie_encryption][simulation] Buffer underflow tentative detected in cookie encryption handling for the session. Using the cookie 'as is' instead of decrypting it in %a/crypt_session_read_uncrypt.php on line 9
diff --git a/src/tests/session_encryption/crypt_session_valid.phpt b/src/tests/session_encryption/crypt_session_valid.phpt
index c272486..a28685b 100644
--- a/src/tests/session_encryption/crypt_session_valid.phpt
+++ b/src/tests/session_encryption/crypt_session_valid.phpt
@@ -2,6 +2,9 @@
 SESSION crypt/decrypt valid
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session.ini
 --ENV--
diff --git a/src/tests/session_encryption/crypt_session_valid_simul.phpt b/src/tests/session_encryption/crypt_session_valid_simul.phpt
index d63277d..6af015e 100644
--- a/src/tests/session_encryption/crypt_session_valid_simul.phpt
+++ b/src/tests/session_encryption/crypt_session_valid_simul.phpt
@@ -2,6 +2,9 @@
 SESSION crypt/decrypt valid
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session_simul.ini
 --ENV--
diff --git a/src/tests/session_encryption/set_custom_session_handler.phpt b/src/tests/session_encryption/set_custom_session_handler.phpt
index 725ee43..04edcd0 100644
--- a/src/tests/session_encryption/set_custom_session_handler.phpt
+++ b/src/tests/session_encryption/set_custom_session_handler.phpt
@@ -2,9 +2,12 @@
 Set a custom session handler
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session.ini
-session.save_path = "/tmp"
+session.save_path="/tmp"
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
diff --git a/src/tests/session_encryption/set_custom_session_handler2.phpt b/src/tests/session_encryption/set_custom_session_handler2.phpt
index 8cc6786..0ebf7b6 100644
--- a/src/tests/session_encryption/set_custom_session_handler2.phpt
+++ b/src/tests/session_encryption/set_custom_session_handler2.phpt
@@ -2,9 +2,12 @@
 Set a custom session handler, twice
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session.ini
-session.save_path = "/tmp"
+session.save_path="/tmp"
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
diff --git a/src/tests/session_encryption/set_custom_session_handler_ini.phpt b/src/tests/session_encryption/set_custom_session_handler_ini.phpt
index f9fbfb2..a454fc6 100644
--- a/src/tests/session_encryption/set_custom_session_handler_ini.phpt
+++ b/src/tests/session_encryption/set_custom_session_handler_ini.phpt
@@ -2,6 +2,9 @@
 Set a custom session handler
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session.ini
 session.save_handler = 
diff --git a/src/tests/sid_too_long.phpt b/src/tests/sid_too_long.phpt
new file mode 100644
index 0000000..85f7fc2
--- /dev/null
+++ b/src/tests/sid_too_long.phpt
@@ -0,0 +1,19 @@
+--TEST--
+SESSION ID too long
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
+--INI--
+sp.configuration_file={PWD}/config/sid_length_limit.ini
+--FILE--
+<?php
+session_id('123456789012345678901234567890123');
+session_start();
+echo strlen(session_id());
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too long in %a.php on line %d
+Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too long in Unknown on line 0
+\ No newline at end of file
diff --git a/src/tests/sid_too_short.phpt b/src/tests/sid_too_short.phpt
new file mode 100644
index 0000000..3ebbc58
--- /dev/null
+++ b/src/tests/sid_too_short.phpt
@@ -0,0 +1,19 @@
+--TEST--
+SESSION ID too short
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+<?php if (!extension_loaded("session")) print "skip"; ?>
+--EXTENSIONS--
+session
+--INI--
+sp.configuration_file={PWD}/config/sid_length_limit.ini
+--FILE--
+<?php
+session_id('123');
+session_start();
+echo strlen(session_id());
+?>
+--EXPECTF--
+Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too short in %a.php on line %d
+Fatal error: [snuffleupagus][0.0.0.0][session][drop] Session ID is too short in Unknown on line 0
+\ No newline at end of file
diff --git a/src/tests/stream_wrapper/stream_wrapper.phpt b/src/tests/stream_wrapper/stream_wrapper.phpt
index 588a10d..6cd7a66 100644
--- a/src/tests/stream_wrapper/stream_wrapper.phpt
+++ b/src/tests/stream_wrapper/stream_wrapper.phpt
@@ -23,9 +23,9 @@ Warning: Unknown: Unable to find the wrapper "php" - did you forget to enable it
 Warning: file_get_contents(): Unable to find the wrapper "http" - did you forget to enable it when you configured PHP? in %a/stream_wrapper.php on line %d
-Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: %s
+Warning: file_get_contents(): php_network_getaddresses: getaddrinfo%sfailed: %s
-Warning: file_get_contents(https://qweqwezxc): %s to open stream: php_network_getaddresses: getaddrinfo failed: %s
+Warning: file_get_contents(https://qweqwezxc): %s to open stream: php_network_getaddresses: getaddrinfo%sfailed: %s
 Warning: file_get_contents(ftp://qweqwezxc): %s to open stream: operation failed in %a/stream_wrapper.php on line %d
diff --git a/src/tests/strict_mode/strict_mode_enabled.phpt b/src/tests/strict_mode/strict_mode_enabled.phpt
index a986987..a78a604 100644
--- a/src/tests/strict_mode/strict_mode_enabled.phpt
+++ b/src/tests/strict_mode/strict_mode_enabled.phpt
@@ -8,11 +8,11 @@ if (!extension_loaded("snuffleupagus")) print "skip snuffleupagus extension miss
 sp.configuration_file={PWD}/config/config_strict_mode_enabled.ini
 --FILE--
 <?php 
-ini_set('display_errors', 1);
+ini_get(23);
 ?>
 --EXPECTF--
-Fatal error: Uncaught TypeError: ini_set()%s given in %s/tests/strict_mode/strict_mode_enabled.php:%d
+Fatal error: Uncaught TypeError: ini_get()%s given in %s/tests/strict_mode/strict_mode_enabled.php:%d
 Stack trace:
-#0 %s/tests/strict_mode/strict_mode_enabled.php(2): ini_set('display_errors', 1)
+#0 %s/tests/strict_mode/strict_mode_enabled.php(2): ini_get(23)
 #1 {main}
  thrown in %s/tests/strict_mode/strict_mode_enabled.php on line 2
diff --git a/src/tests/unserialize/config/config_serialize.ini b/src/tests/unserialize/config/config_serialize.ini
index f2c1699..30e8fba 100644
--- a/src/tests/unserialize/config/config_serialize.ini
+++ b/src/tests/unserialize/config/config_serialize.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable();
 \ No newline at end of file
diff --git a/src/tests/unserialize/config/config_serialize_sim.ini b/src/tests/unserialize/config/config_serialize_sim.ini
index 7f015e0..c20013f 100644
--- a/src/tests/unserialize/config/config_serialize_sim.ini
+++ b/src/tests/unserialize/config/config_serialize_sim.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable().simulation();
diff --git a/src/tests/unserialize/config/dump_unserialize.ini b/src/tests/unserialize/config/dump_unserialize.ini
index 4352a3e..09480cc 100644
--- a/src/tests/unserialize/config/dump_unserialize.ini
+++ b/src/tests/unserialize/config/dump_unserialize.ini
@@ -1,2 +1,2 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
 sp.unserialize_hmac.enable().dump("/tmp/dump_result/");
diff --git a/src/tests/unserialize/serialize.phpt b/src/tests/unserialize/serialize.phpt
index e93dbaf..8b7c0bc 100644
--- a/src/tests/unserialize/serialize.phpt
+++ b/src/tests/unserialize/serialize.phpt
@@ -9,5 +9,5 @@ sp.configuration_file={PWD}/config/config_serialize.ini
 echo serialize("a");
 ?>
 --EXPECT--
-s:1:"a";650609b417904d0d9bbf1fc44a975d13ecdf6b02b715c1a06271fb3b673f25b1
+s:1:"a";cdbc93e593656164d448db33e4668a3f30fa794d6658016365f7eb453d48b022
diff --git a/src/tests/unserialize/unserialize_sim.phpt b/src/tests/unserialize/unserialize_sim.phpt
index 9bff2c1..1256c23 100644
--- a/src/tests/unserialize/unserialize_sim.phpt
+++ b/src/tests/unserialize/unserialize_sim.phpt
@@ -7,12 +7,13 @@ sp.configuration_file={PWD}/config/config_serialize_sim.ini
 --FILE--
 <?php 
 $a=serialize("a");
-echo $a;
+echo $a . PHP_EOL;
 var_dump(unserialize($a));
 var_dump(unserialize('s:1:"a";alyualskdufyhalkdjsfhalkjdhflaksjdfhlkasdhflkahdawkuerylksjdfhlkssjgdflaksjdh1337sjdf'));
 ?>
 --EXPECTF--
-s:1:"a";650609b417904d0d9bbf1fc44a975d13ecdf6b02b715c1a06271fb3b673f25b1string(1) "a"
+s:1:"a";cdbc93e593656164d448db33e4668a3f30fa794d6658016365f7eb453d48b022
+string(1) "a"
 Warning: [snuffleupagus][0.0.0.0][unserialize][simulation] Invalid HMAC for s:1:"a";alyualskdufyhalkdjsfh in %a/unserialize_sim.php on line 5
 string(1) "a"
diff --git a/src/tests/unserialize_php8/config/config_serialize.ini b/src/tests/unserialize_php8/config/config_serialize.ini
index 7de4438..e107f15 100644
--- a/src/tests/unserialize_php8/config/config_serialize.ini
+++ b/src/tests/unserialize_php8/config/config_serialize.ini
@@ -1 +1 @@
-sp.global.secret_key("abcdef");
+sp.global.secret_key("abcdefGHIJ");
diff --git a/src/tests/upload_validation/upload_validation.phpt b/src/tests/upload_validation/upload_validation.phpt
index 965d3aa..810c23d 100644
--- a/src/tests/upload_validation/upload_validation.phpt
+++ b/src/tests/upload_validation/upload_validation.phpt
@@ -15,4 +15,4 @@ echo 1;
 --EXPECTF--
 Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
-Fatal error: [snuffleupagus][0.0.0.0][config][log] A rule can't be enabled and disabled on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` (tests/upload_ko.sh) doesn't exist on line 1 in Unknown on line 0
diff --git a/src/tests/upload_validation/upload_validation_no_exec.phpt b/src/tests/upload_validation/upload_validation_no_exec.phpt
index b198bda..ff3dc14 100644
--- a/src/tests/upload_validation/upload_validation_no_exec.phpt
+++ b/src/tests/upload_validation/upload_validation_no_exec.phpt
@@ -4,6 +4,7 @@ Upload a file, validation script not executable
 file_uploads=1
 sp.configuration_file={PWD}/config/upload_validation_non_exec.ini
 output_buffering=off
+expose_php=0
 --POST_RAW--
 Content-Type: multipart/form-data; boundary=blabla
 --blabla
@@ -14,6 +15,6 @@ Content-Disposition: form-data; name="test"; filename="test.php"
 var_dump($_FILES);
 ?>
 --EXPECTF--
-Fatal error: [snuffleupagus][0.0.0.0][config][log] Invalid configuration file in Unknown on line 0
+Warning: [snuffleupagus][0.0.0.0][upload_validation][log] Could not call '%s' : Permission denied %s
+%a
-Fatal error: [snuffleupagus][0.0.0.0][config][log] The `script` (tests/data/upload_no_exec.sh) isn't executable on line 1 in Unknown on line 0
+Fatal error: [snuffleupagus][0.0.0.0][upload_validation][drop] The upload %s was rejected. in Unknown on line 0
diff --git a/src/tests/xxe/config/disable_xxe.ini b/src/tests/xxe/config/disable_xxe.ini
index bc9d1f2..a50a3b9 100644
--- a/src/tests/xxe/config/disable_xxe.ini
+++ b/src/tests/xxe/config/disable_xxe.ini
@@ -1 +1 @@
-sp.disable_xxe.enable();
+sp.xxe_protection.enable();
diff --git a/src/tests/xxe/config/disable_xxe_disable.ini b/src/tests/xxe/config/disable_xxe_disable.ini
index bb1e432..eaf5755 100644
--- a/src/tests/xxe/config/disable_xxe_disable.ini
+++ b/src/tests/xxe/config/disable_xxe_disable.ini
@@ -1 +1 @@
-sp.disable_xxe.disable();
+sp.xxe_protection.disable();
diff --git a/src/tests/xxe/disable_xxe_dom_disabled.phpt b/src/tests/xxe/disable_xxe_dom_disabled.phpt
index a49e094..107171c 100644
--- a/src/tests/xxe/disable_xxe_dom_disabled.phpt
+++ b/src/tests/xxe/disable_xxe_dom_disabled.phpt
@@ -1,10 +1,10 @@
 --TEST--
-Disable XXE
+Disable XXE (feature enabled)
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus") || !extension_loaded("dom")) print("skip"); ?>
 <?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
-sp.configuration_file={PWD}/config/disable_xxe_disable.ini
+sp.configuration_file={PWD}/config/disable_xxe.ini
 --EXTENSIONS--
 dom
 --FILE--
diff --git a/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt b/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt
new file mode 100644
index 0000000..01e3349
--- /dev/null
+++ b/src/tests/xxe/disable_xxe_dom_disabled_php8.phpt
@@ -0,0 +1,57 @@
+--TEST--
+Disable XXE (feature disabled)
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || !extension_loaded("dom")) print("skip"); ?>
+<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disable_xxe_disable.ini
+--EXTENSIONS--
+dom
+--FILE--
+<?php 
+$dir = __DIR__;
+$content = '<content>WARNING, external entity loaded!</content>';
+file_put_contents($dir . '/content.txt', $content);
+$xml = <<<EOD
+<?xml version="1.0"?>
+<!DOCTYPE root
+[
+<!ENTITY foo SYSTEM "file://$dir/content.txt">
+]>
+<test><testing>&foo;</testing></test>
+EOD;
+file_put_contents($dir . '/content.xml', $xml);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT);
+printf("default setting with LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD);
+printf("default setting without LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+libxml_set_external_entity_loader(null);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT);
+printf("disabled entity loader with LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD);
+printf("disabled entity loader without LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+?>
+--EXPECTF-- 
+default setting with LIBXML_NOENT: WARNING, external entity loaded!
+default setting without LIBXML_NOENT: 
+disabled entity loader with LIBXML_NOENT: WARNING, external entity loaded!
+disabled entity loader without LIBXML_NOENT:
+--CLEAN--
+<?php
+$dir = __DIR__;
+unlink($dir . "/content.xml");
+unlink($dir . "/content.txt");
+?>
diff --git a/src/tests/xxe/disable_xxe_dom_php8.phpt b/src/tests/xxe/disable_xxe_dom_php8.phpt
new file mode 100644
index 0000000..485828f
--- /dev/null
+++ b/src/tests/xxe/disable_xxe_dom_php8.phpt
@@ -0,0 +1,59 @@
+--TEST--
+Disable XXE (feature enabled)
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus") || !extension_loaded("dom")) print("skip"); ?>
+<?php if (PHP_VERSION_ID < 80000) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/disable_xxe.ini
+--EXTENSIONS--
+dom
+--FILE--
+<?php 
+$dir = __DIR__;
+$content = '<content>WARNING, external entity loaded!</content>';
+file_put_contents($dir . '/content.txt', $content);
+$xml = <<<EOD
+<?xml version="1.0"?>
+<!DOCTYPE root
+[
+<!ENTITY foo SYSTEM "file://$dir/content.txt">
+]>
+<test><testing>&foo;</testing></test>
+EOD;
+file_put_contents($dir . '/content.xml', $xml);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT);
+printf("default setting with LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD);
+printf("default setting without LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+libxml_set_external_entity_loader(null);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD|LIBXML_NOENT);
+printf("disabled entity loader with LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+$dom = new DOMDocument('1.0');
+$dom->loadXML($xml, LIBXML_DTDATTR|LIBXML_DTDLOAD);
+printf("disabled entity loader without LIBXML_NOENT: %s\n", $dom->getElementsByTagName('testing')->item(0)->nodeValue);
+?>
+--EXPECTF-- 
+default setting with LIBXML_NOENT: WARNING, external entity loaded!
+default setting without LIBXML_NOENT: 
+Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_set_external_entity_loader was tried and nopped in %a.php on line 26
+disabled entity loader with LIBXML_NOENT: WARNING, external entity loaded!
+disabled entity loader without LIBXML_NOENT:
+--CLEAN--
+<?php
+$dir = __DIR__;
+unlink($dir . "/content.xml");
+unlink($dir . "/content.txt");
+?>
diff --git a/src/tests/xxe/disable_xxe_simplexml.phpt b/src/tests/xxe/disable_xxe_simplexml.phpt
index 1d3ef4c..9560156 100644
--- a/src/tests/xxe/disable_xxe_simplexml.phpt
+++ b/src/tests/xxe/disable_xxe_simplexml.phpt
@@ -2,8 +2,9 @@
 Disable XXE
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus") || !extension_loaded("simplexml") || getenv('TRAVIS')) print("skip"); ?>
+<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
-sp.configuration_file={PWD}/config/disable_xxe.ini
+sp.configuration_file={PWD}/config/disable_xxe_disable.ini
 --EXTENSIONS--
 simplexml
 --XFAIL--
diff --git a/src/tests/xxe/disable_xxe_simplexml_oop.phpt b/src/tests/xxe/disable_xxe_simplexml_oop.phpt
index e101337..1b2c4ca 100644
--- a/src/tests/xxe/disable_xxe_simplexml_oop.phpt
+++ b/src/tests/xxe/disable_xxe_simplexml_oop.phpt
@@ -2,8 +2,9 @@
 Disable XXE
 --SKIPIF--
 <?php if (!extension_loaded("snuffleupagus") || !extension_loaded("simplexml") || getenv('TRAVIS')) print("skip"); ?>
+<?php if (PHP_VERSION_ID >= 80000) print "skip"; ?>
 --INI--
-sp.configuration_file={PWD}/config/disable_xxe.ini
+sp.configuration_file={PWD}/config/disable_xxe_disable.ini
 --EXTENSIONS--
 simplexml
 --XFAIL--
diff --git a/src/tests/xxe/disable_xxe_xml_parse.phpt b/src/tests/xxe/disable_xxe_xml_parse.phpt
index 6b48bea..bc7e338 100644
--- a/src/tests/xxe/disable_xxe_xml_parse.phpt
+++ b/src/tests/xxe/disable_xxe_xml_parse.phpt
@@ -70,7 +70,8 @@ $parser = create_parser();
 $doc = xml_parse($parser, $xml, true);
 xml_parser_free($parser);
--EXPECT--
+--EXPECTF--
+Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_disable_entity_loader was tried and nopped in %a.php on line 41
 string(4) "TEST"
 array(0) {
@@ -81,6 +82,8 @@ array(0) {
 }
 string(7) "TESTING"
 string(4) "TEST"
+Warning: [snuffleupagus][0.0.0.0][xxe][log] A call to libxml_disable_entity_loader was tried and nopped in %a.php on line 46
 string(4) "TEST"
 array(0) {