無料スクリプト配布のPHP.TO   PHPの実用的なtips PHPマニュアル MySQLマニュアル Apacheマニュアル PostgreSQLマニュアル マニュアル検索    

????

?

? PHP 5.3.0 ???? PHP 5.4.0 ?

PHP????????PHP » 4.2.0? PHP??? register_globals ???ONOFF??? ??????????? ???PHP???? ???????????? ???????? ??????????? ????????????

register_globalson?????HTML?? ???????? ?????PHP??? ???????????? ?????????PHP??? ?????????????? on????????? ??????????? ?????????? register_globals ?????????? ?register_globals???

1 register_globals = on ?

<?php
// ??? $authorized = true 
if (authenticated_user()) {
    
$authorized true;
}

// ?$authorizedfalse??????
// ????GET auth.php?authorized=1 
// register_globals????
// ???????????!
if ($authorized) {
    include 
"/highly/sensitive/data.php";
}
?>

register_globals = on???? ?off?$authorized??? ??????????? ??????????? $authorized = false????? ??????????????? register_globalson/off???????

?? ?? ?register_globals = on??? $username????? (URL?)GET???? $username ??????? ???

2 register_globals on ?off

<?php
// $username?$_SESSION????
// ?
if (isset($_SESSION['username'])) {

    echo 
"Hello <b>{$_SESSION['username']}</b>";

} else {

    echo 
"Hello <b>Guest</b><br />";
    echo 
"Would you like to login?";

}
?>

???????????? ????? ??????????? ???????????? ??????????? ???????? $_REQUEST ????? ???GETPOSTCOOKIE?????? ??? ?? ???

3 ??

<?php
if (isset($_COOKIE['MAGIC_COOKIE'])) {

    
// MAGIC_COOKIE comes from a cookie.
    // Be sure to validate the cookie data!

} elseif (isset($_GET['MAGIC_COOKIE']) || isset($_POST['MAGIC_COOKIE'])) {

   
mail("admin@example.com""Possible breakin attempt"$_SERVER['REMOTE_ADDR']);
   echo 
"Security violation, admin has been alerted.";
   exit;

} else {

   
// MAGIC_COOKIE isn't set through this REQUEST

}
?>

register_globalsoff?????? ????????? ???????????? ????! ??????? error_reporting() E_NOTICE???? ?

register_globalsOn?Off????? ??FAQ ??

: ?: ?????

PHP 4.1.0 ?? $_GET, $_POST, $_SERVER ???????? ???????? superglobals ???



powered by SEO.CUG.NET