CAUTION! DON'T

While the explanation in the article is good, the regex is not.

While I disable ALL function definitions to avoid any eval, this one tries to disable only those containing injected code after the functions body.

In other words it tries to parse the function, but similar to "only Perl can parse Perl" this is doomed to fail.

I've already seen shellshock exploits where the injected code was somewhere within the body. ¹

If you wanna play save disable all unknown function definitions like I did and allow only some where you have full control!

¹) parsing complexity is the reason why there are so many patching attempts to fix this