[英]php5 shorthand variables
I have seen most of the developers use $name
instead of $_GET['name']
and $domain
instead of $_POST['domain']
, is this shorthand by php5 and is it safe or any documentation for it.我见过大多数开发人员使用$name
而不是$_GET['name']
和$domain
而不是$_POST['domain']
,这是 php5 的简写,它是安全的还是它的任何文档。
This works because they're using the (ill-advised and now thankfully deprecated) register_globals
feature.这是有效的,因为他们正在使用(不明智的,现在谢天谢地已弃用) register_globals
功能。 (See the PHP manual section on Using Register Globals for the full low-down including security related information.) (请参阅 PHP 手册中有关使用寄存器全局的部分,以了解包括安全相关信息在内的完整内容。)
I'd really recommend not using this approach and explicitly using the $_POST or $_GET variables instead, as there's a potential world of security issues that await you otherwise.我真的建议不要使用这种方法,而是明确地使用 $_POST 或 $_GET 变量,因为否则会有一个潜在的安全问题世界等着你。
The examples you listed are only available if register_globals
is set.您列出的示例仅在设置了register_globals
时可用。 It is deprecated as of PHP 5.3 and should not be used as it is a security risk among other things.自 PHP 5.3 起已弃用它,不应使用它,因为它会带来安全风险。
Read more from the docs - http://php.net/manual/en/security.globals.php从文档中阅读更多信息 - http://php.net/manual/en/security.globals.php
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.