具有无效过滤器的filter_input
[英]filter_input with invalid filter
问题描述
I just came across this snippet in our code base: 
我刚刚在我们的代码库中遇到了以下片段:
$token = filter_input(INPUT_GET, 'token', FILTER_VALIDATE_STRING);
if ($token === false || $token === null) {
die('invalid token');
}
FILTER_VALIDATE_STRING is not a valid filter type. FILTER_VALIDATE_STRING不是有效的过滤器类型。 Does that mean it would just revert to FILTER_DEFAULT , as an unrecognized filter has been passed in? 这是否意味着由于FILTER_DEFAULT了无法识别的过滤器而将其恢复为FILTER_DEFAULT ?
2 个解决方案
解决方案1
1 2016-06-20 21:05:42
You'll get a warning that an undefined constant is being used, and PHP will go ahead and turn it into a string literal. 您将收到一条警告,指出正在使用未定义的常量,PHP会继续将其转换为字符串文字。 The best thing to do is use a constant that is defined in the documentation . 最好的办法是使用文档中定义的常量。
解决方案2
1 已采纳 2016-06-20 21:09:28
All GET and POST vars are strings, and as you have noted FILTER_VALIDATE_STRING is not a defined constant. 所有GET和POST变量都是字符串,并且您已经注意到FILTER_VALIDATE_STRING不是定义的常量。 If you enable error reporting you will see: 如果启用错误报告,您将看到:
Notice: Use of undefined constant FILTER_VALIDATE_STRING - assumed 'FILTER_VALIDATE_STRING'
Warning: filter_input() expects parameter 3 to be long, string given
So filter_input() will return NULL just like any other function that is not passed required arguments. 因此filter_input()将返回NULL ,就像未传递必需参数的任何其他函数一样。
This is assuming that whoever wrote this did not also define FILTER_VALIDATE_STRING . 假设撰写此内容的人也未定义FILTER_VALIDATE_STRING 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.