<?php
$root = __DIR__;
$dangerousExts = ['txt', 'log', 'xml', 'png', 'jpg', 'csv', 'json', 'js'];
$suspicious = [];

$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($root));
foreach ($iterator as $file) {
    if ($file->isDir()) continue;

    $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
    if (!in_array($ext, $dangerousExts)) continue;

    $content = file_get_contents($file);
    if (preg_match('/<\?php/i', $content)) {
        $suspicious[] = $file->getPathname();
    }
}

echo "Suspicious files with PHP code inside:\n";
foreach ($suspicious as $file) {
    echo " - $file\n";
}
?>