|
|
 |
CXIX. 变量函数库
关于变量表现形式的信息请查看本手册
语言参考 部分的
变量 条目。
这些函数作为 PHP 核心的一部分,无需被安装即可使用。 这些函数的行为受到全局配置文件 php.ini 的影响。
表格 1. 变量配置选项 | 名称 | 默认值 | 作用范围 |
|---|
| unserialize_callback_func | "" | PHP_INI_ALL |
更多关于常量 PHP_INI_* 的细节和解释参见
ini_set()。
以下是该配置选项的简要解释。
- unserialize_callback_func
string
如果反序列器发现有未定义类要被实例化,将会调用反序列回调函数(使用未定义类作为参数)。如果指定函数不存在,或者此函数没有包含/执行该未定义类,则显示警告。所以只有在你确实想要执行这样的回调函数时才设置该选项。
参见 unserialize()。
Darryl dot Friesen @ usask dot ca
11-Dec-2002 12:32
The above code posted by maxim and dekiland doesn't seem to create
$_REQUEST in the same manner as described in the PHP
Documentation:
"An associative array consisting of the contents
of $_GET, $_POST, and $_COOKIE".
I modified the code slightly.
I haven't tested this much, but it seems to work as
expected.
$evil_vars = Array('GET', 'POST', 'COOKIE', 'SERVER',
'ENV', 'REQUEST', 'SESSION');
$php_version =
preg_replace("/[^\d]/", '', phpversion());
for ($i = 0; $i
< sizeof($evil_vars); $i++)
{
if
(is_array(${"HTTP_{$evil_vars[$i]}_VARS"}))
{
foreach
(${"HTTP_{$evil_vars[$i]}_VARS"} as $var=>$val)
{
if($php_version<410)
{
$GLOBALS["_{$evil_vars[$i]}"][$var] = $val;
//
following if condition added by D. Friesen
if (($evil_vars[$i]
== 'GET') || ($evil_vars[$i] == 'POST') || ($evil_vars[$i] ==
'COOKIE'))
$GLOBALS["_REQUEST"][$var] = $val;
}
unset($$var); //changed from unset($$key); by dekiland
}
}
unset(${"HTTP_{$evil_vars[$i]}_VARS"});
}
dekiland at rilasoft dot com
22-Mar-2002 07:55
Excellent and useful code Maxim Maletsky, but there is a small bug fix for
it...
<?php
/// by Maxim Maletsky
<maxim@maxim.cx>
$evil_vars = Array('GET', 'POST', 'COOKIE',
'SERVER', 'ENV', 'REQUEST',
'SESSION');
$php_version =
preg_replace("/[^\d]/", '', phpversion());
for($i=0;
$i<sizeof($evil_vars); $i++) {
if(is_array(${"HTTP_{$evil_vars[$i]}_VARS"})) {
foreach(${"HTTP_{$evil_vars[$i]}_VARS"} as
$var=>$val)
{
if($php_version<410) {
$GLOBALS["_{$evil_vars[$i]}"][$var] = $val;
}
unset($$var); //changed from unset($$key); by dekiland
}
}
unset(${"HTTP_{$evil_vars[$i]}_VARS"});
}
Double
cheers,
dekiland
maxim at maxim dot cx
11-Mar-2002 10:22
Whoever is writing an application for a world-wide-use and wants to use
$_GET etc... but cannot because of the compatibility problems, look at this
peace of code.
It will help you to avoid the trouble by rewriting
the variables yourself in some silly config file prepended to each
script.
<?php
/// by Maxim Maletsky
<maxim@maxim.cx>
$evil_vars = Array('GET', 'POST', 'COOKIE',
'SERVER', 'ENV', 'REQUEST', 'SESSION');
$php_version =
preg_replace("/[^\d]/", '', phpversion());
for($i=0;
$i<sizeof($evil_vars); $i++) {
if(is_array(${"HTTP_{$evil_vars[$i]}_VARS"})) {
foreach(${"HTTP_{$evil_vars[$i]}_VARS"} as $var=>$val) {
if($php_version<410) {
$GLOBALS["_{$evil_vars[$i]}"][$var] = $val;
}
unset($$key);
}
}
unset(${"HTTP_{$evil_vars[$i]}_VARS"});
}
?>
What
does it do?
It loops every $HTTP_*_VARS variable, if you run a version
below 4.1.0 then it will create you a GLOBAL $_* var and will unset you the
old ones.
This means that anyone on any version sending you a
variable will not get it processed in the script unless it was referenced
as
$_*['var'].
I.E:
www.yoursite.com/file.php?some=data
<?
//
that piece of code here
echo $some; // will not come up
echo
$_GET['some'] // will show up just as it would in versions above
4.1.0
function test() {
echo $_GET['some']; // will also
work because a fake $_GET is GLOBAL
}
?>
Cheers,
Maxim Maletsky
| |
urlencode
