user has left the account
|Trying to match possible vulnerabilities in a fast manner, using grep is a good approach.|
This is more or less how anti-virus applications work, with scanning signatures.
The problme is that nowadays, no hacker with some knowledge, or without any, will use raw php, but rather obfuscated, either hand-crafted or a ready-made script.
The next step is to extend these grep searches for patterns like:
base64_decode(), eval(), etc..
|2013-05-09 22:45:49 - In reply to message 1 from user has left the account|
|Right, as mentioned in the article this is just fast way to determine if scripts have basic vulnerabilities. More complex vulnerabilities require a deeper code analysis.|
Still, many people write code with basic vulnerabilities and this technique would be useful to do basic audits of that code.