©
Dokumen ini menggunakan Manual laman web PHP Cina Lepaskan
有些问题没法归到其它类中,可以在这里找到。
如果没有能处理 bz2 文件的压缩工具,从 Redhat » 下载一个命令行工具(进一步信息见下面)。
如果不喜欢用命令行工具,可以试试免费工具例如 » Stuffit Expander, » UltimateZip, » 7-Zip或者 » Quick Zip。如果有像 » WinRAR或者 » Power Archiver之类的工具,可以很容易用它解压缩 bz2 文件。如果用 Total Commander(前身为 Windows Commander),可以从 » Total Commander网站免费得到一个 bz2 插件。
来自 Redhat 的 bzip2 命令行工具:
Win2K Sp2 用户下载最新版本 1.0.2,所有其它 Windows 用户应该用版本 1.00。下载后重命名可执行文件为 bzip2.exe。为方便起见将其放到一个在你路径中的目录,例如 C:\Windows,C 表示你安装 Windows 的盘符。
注意:lang 指的是你的语种,x 是想要的格式,例如:pdf。要解压缩 php_manual_lang.x.bz2,按照下面的简单说明进行:
在下载了包含很多 html 文件的 php_manual_lang.tar.bz2 的情况下,过程是一样的。唯一区别是得到了一个 php_manual_lang.tar 文件。tar 格式可以被大多数 Windows 下流行的压缩工具所处理,例如 » WinZip。
这表示该参数是 引用传递,该函数会修改其值。只可以用此方法传递变量,其实都不需要在函数调用中用 & 传递(此方式都已 过时了)。
有关 register_globals实现方面的安全性,请阅读 使用 register_globals一章。
推荐使用 超全局变量而不要依赖 register_globals。
如果需要在一台关闭了 register_globals的共享主机上运行一些旧式程序而该程序需要此选项打开时,或者在一些打开了此选项的主机上但想消除安全隐患,那么就需要用 PHP 来模拟出相反的设定。最好先问清楚是否能否在哪里更改 PHP 配置的选项,如果不行,那可以用如下的兼容手段。
Example #1 模拟注册全局变量
本例模拟 register_globals On。如果改变了配置文件中的 variables_order选项,则考虑对 $superglobals 作出相应的改动。
<?php
// Emulate register_globals on
if (! ini_get ( 'register_globals' )) {
$superglobals = array( $_SERVER , $_ENV ,
$_FILES , $_COOKIE , $_POST , $_GET );
if (isset( $_SESSION )) {
array_unshift ( $superglobals , $_SESSION );
}
foreach ( $superglobals as $superglobal ) {
extract ( $superglobal , EXTR_SKIP );
}
}
?>
本例模拟 register_globals Off。要记住此代码应在脚本最开头的地方调用。如果使用了会话机制,则在 session_start() 之后调用。
<?php
// Emulate register_globals off
function unregister_GLOBALS ()
{
if (! ini_get ( 'register_globals' )) {
return;
}
// Might want to change this perhaps to a nicer error
if (isset( $_REQUEST [ 'GLOBALS' ]) || isset( $_FILES [ 'GLOBALS' ])) {
die( 'GLOBALS overwrite attempt detected' );
}
// Variables that shouldn't be unset
$noUnset = array( 'GLOBALS' , '_GET' ,
'_POST' , '_COOKIE' ,
'_REQUEST' , '_SERVER' ,
'_ENV' , '_FILES' );
$input = array_merge ( $_GET , $_POST ,
$_COOKIE , $_SERVER ,
$_ENV , $_FILES ,
isset( $_SESSION ) && is_array ( $_SESSION ) ? $_SESSION : array());
foreach ( $input as $k => $v ) {
if (! in_array ( $k , $noUnset ) && isset( $GLOBALS [ $k ])) {
unset( $GLOBALS [ $k ]);
}
}
}
unregister_GLOBALS ();
?>
[#1] doerr at apkk dot de [2010-12-28 17:41:57]
If you only needed register_globals for get/post variables, the effictive solution for 5.3 is:
import_request_variables("GPC", "");
But if the skripts relied on session_register() you'll have to do more:
- Replace all variables that appeared after session_register with _SESSION equivalents - so $myvar becomes $_SESSION['myvar']
- Take care if your variables appeared inside strings - 'Hello $user !' works, but 'Hello $_SESSION['user'] !' not - so you have to concatenate the string: 'Hello '.$_SESSION['user'] .' !'
- Session variables in function declarations (for whatever purpose) will not work - keeping the old (local) names will work in most cases.
- Finally, replace the session_register(..) line with session_start()
[#2] markus [2005-06-18 15:34:33]
Considering the comment below. I think there's a way to avoid that "problem":
<?php
//
// $starttime is an example of a variable that we might need to define,
// even before, running the "register_globals OFF" emulator below.
//
list($msec, $sec) = explode(' ', microtime());
$starttime = ((float)$msec + (float)$sec);
//
// If register_globals is ON, ensure no unexpected globals are defined.
// ie. We'll try to emulate a register_globals OFF environment.
//
if( (bool)@ini_get('register_globals') )
{
$superglobals = array($_ENV, $_GET, $_POST, $_COOKIE, $_FILES, $_SERVER);
if( isset($_SESSION) )
{
array_unshift($superglobals, $_SESSION);
}
$knownglobals = array(
//
// Known PHP Reserved globals and superglobals:
//
'_ENV', 'HTTP_ENV_VARS',
'_GET', 'HTTP_GET_VARS',
'_POST', 'HTTP_POST_VARS',
'_COOKIE', 'HTTP_COOKIE_VARS',
'_FILES', 'HTTP_FILES_VARS',
'_SERVER', 'HTTP_SERVER_VARS',
'_SESSION', 'HTTP_SESSION_VARS',
'_REQUEST',
//
// Global variables used by this code snippet:
//
'superglobals',
'knownglobals',
'superglobal',
'global',
'void',
//
// Known global variables defined before this code snippet is reached.
//
'starttime',
);
foreach( $superglobals as $superglobal )
{
foreach( $superglobal as $global => $void )
{
if( !in_array($global, $knownglobals) )
{
unset($GLOBALS[$global]);
}
}
}
}
?>
Note the stuff related to the $_SESSION array depends on whether the PHP session has been started or not. You might want to call session_start() before this point (or set session.auto_start ON).
HTH+ :)
[#3] php at REMOVEMEkennel17 dot co dot uk [2005-04-12 20:22:42]
Regarding simulating register_globals = off, note that it is impossible to adequately prevent $_SESSION variables from being globalised, as the array (and thus the globals) are created on a call to session_start(). You would therefore have to 'undo' this when you start a session as using it at the start of your script will have no effect.
To avoid potential problems, use a prefix that is unique for all session variables (e.g. 'SESS_'), and only access them via the $_SESSION array. The prefix ensures that you don't have a naming clash (and therefore a security risk) with any non-session globals.