php5 速记变量
[英]php5 shorthand variables
问题描述
I have seen most of the developers use $name instead of $_GET['name'] and $domain instead of $_POST['domain'] , is this shorthand by php5 and is it safe or any documentation for it.
我见过大多数开发人员使用$name而不是$_GET['name']和$domain而不是$_POST['domain'] ,这是 php5 的简写,它是安全的还是它的任何文档。
2 个解决方案
解决方案1
5 已采纳 2011-04-29 21:58:33
This works because they're using the (ill-advised and now thankfully deprecated) register_globals feature.这是有效的,因为他们正在使用(不明智的,现在谢天谢地已弃用) register_globals功能。 (See the PHP manual section on Using Register Globals for the full low-down including security related information.) (请参阅 PHP 手册中有关使用寄存器全局的部分,以了解包括安全相关信息在内的完整内容。)
I'd really recommend not using this approach and explicitly using the $_POST or $_GET variables instead, as there's a potential world of security issues that await you otherwise.我真的建议不要使用这种方法,而是明确地使用 $_POST 或 $_GET 变量,因为否则会有一个潜在的安全问题世界等着你。
解决方案2
1 2011-04-29 21:57:27
The examples you listed are only available if register_globals is set.您列出的示例仅在设置了register_globals时可用。 It is deprecated as of PHP 5.3 and should not be used as it is a security risk among other things.自 PHP 5.3 起已弃用它,不应使用它,因为它会带来安全风险。
Read more from the docs - http://php.net/manual/en/security.globals.php从文档中阅读更多信息 - http://php.net/manual/en/security.globals.php
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.