锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷 PHP 5.3.0 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷 PHP 5.4.0 锟斤拷锟狡筹拷锟斤拷
锟斤拷锟斤拷 PHP 锟斤拷锟斤拷锟斤拷锟斤拷锟侥变化锟斤拷锟角达拷 PHP » 4.2.0 锟芥开始锟斤拷锟斤拷锟侥硷拷锟斤拷 PHP 指锟斤拷 register_globals 锟斤拷默锟斤拷值锟斤拷 on 锟斤拷为 off 锟剿★拷锟皆达拷选锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟秸憋拷锟斤拷锟斤拷锟节很讹拷锟剿革拷锟斤拷锟斤拷知锟斤拷锟斤拷锟侥达拷锟节讹拷锟斤拷为 PHP 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷么锟斤拷锟斤拷锟侥★拷锟斤拷锟节伙拷锟斤拷锟斤拷锟斤拷锟斤拷指锟斤拷锟斤拷锟叫达拷锟斤拷锟斤拷锟饺拷拇锟斤拷耄拷锟揭拷锟斤拷锟斤拷指锟筋本锟斤拷没锟叫诧拷锟斤拷全锟侥地凤拷锟斤拷锟斤拷锟矫才会。
锟斤拷 register_globals 锟斤拷锟皆后,革拷锟街憋拷锟斤拷锟斤拷锟斤拷注锟斤拷锟斤拷耄拷锟斤拷锟斤拷锟斤拷锟� HTML 锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷偌锟斤拷锟� PHP 锟斤拷使锟矫憋拷锟斤拷之前锟斤拷锟斤拷锟斤拷锟斤拷谐锟绞硷拷锟斤拷模锟斤拷锟斤拷使锟矫革拷锟斤拷锟斤拷写锟斤拷锟斤拷锟斤拷全锟侥达拷锟诫。锟斤拷锟角革拷锟杰硷拷锟窖的撅拷锟今,碉拷 PHP 锟斤拷锟斤拷锟斤拷锟角撅拷锟斤拷默锟较关闭达拷选锟筋。锟斤拷锟斤拷时锟斤拷锟斤拷锟斤拷使锟矫憋拷锟斤拷时确实锟斤拷知锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟侥o拷只锟斤拷锟诫当然锟斤拷锟斤拷锟斤拷 register_globals 锟侥关闭改憋拷锟斤拷锟斤拷锟街达拷锟斤拷锟节诧拷锟斤拷锟斤拷锟酵客伙拷锟剿凤拷锟酵的憋拷锟斤拷锟斤拷锟斤拷锟斤拷一锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷一锟斤拷锟斤拷锟斤拷使锟斤拷 register_globals 锟斤拷锟斤拷锟接o拷
Example #1 锟斤拷锟斤拷使锟斤拷 register_globals = on 锟斤拷锟斤拷锟斤拷
<?php
// 锟斤拷锟矫伙拷锟较凤拷锟斤拷时锟津,革拷值 $authorized = true
if (authenticated_user()) {
$authorized = true;
}
// 锟斤拷锟节诧拷没锟斤拷锟斤拷锟饺帮拷 $authorized 锟斤拷始锟斤拷为 false锟斤拷
// 锟斤拷 register_globals 锟斤拷时锟斤拷锟斤拷锟斤拷通锟斤拷GET auth.php?authorized=1 锟斤拷锟斤拷锟斤拷帽锟斤拷锟街�
// 锟斤拷锟斤拷锟轿猴拷锟剿讹拷锟斤拷锟斤拷锟狡癸拷锟斤拷锟斤拷锟街�
if ($authorized) {
include "/highly/sensitive/data.php";
}
?>
锟斤拷 register_globals = on 锟斤拷时锟斤拷锟斤拷锟斤拷拇锟斤拷锟酵伙拷锟斤拷危锟斤拷锟剿★拷锟斤拷锟斤拷锟� off锟斤拷$authorized 锟酵诧拷锟斤拷通锟斤拷锟斤拷 URL 锟斤拷锟斤拷确锟绞斤拷锟斤拷谋洌拷锟斤拷锟斤拷秃枚锟斤拷耍锟斤拷锟斤拷艹锟绞硷拷锟斤拷锟斤拷锟斤拷锟揭伙拷锟斤拷锟斤拷玫谋锟斤拷习锟竭★拷锟斤拷锟斤拷说锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟侥达拷锟斤拷执锟斤拷之前锟斤拷锟斤拷 $authorized = false 锟侥伙拷锟斤拷锟斤拷锟斤拷 register_globals 锟斤拷 on 锟斤拷锟斤拷 off 锟斤拷锟斤拷锟皆o拷锟斤拷为锟矫伙拷状态锟斤拷锟斤拷始锟斤拷为未锟斤拷锟斤拷证锟斤拷
锟斤拷一锟斤拷锟斤拷锟斤拷锟角癸拷锟斤拷锟结话锟侥★拷锟斤拷 register_globals = on 锟斤拷时锟斤拷$username 也锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷拇锟斤拷锟斤拷校锟斤拷锟揭拷锟绞讹拷锟� $username 也锟斤拷锟杰伙拷锟斤拷锟斤拷锟酵撅拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟剿低拷锟� URL 锟斤拷 GET锟斤拷
Example #2 使锟矫会话时同时锟斤拷锟斤拷 register_globals on 锟斤拷 off 锟斤拷锟斤拷锟斤拷
<?php
// 锟斤拷锟角诧拷知锟斤拷 $username 锟斤拷锟斤拷源锟斤拷锟斤拷锟斤拷锟斤拷锟� $_SESSION 锟斤拷
// 锟斤拷源锟节会话锟斤拷锟斤拷
if (isset($_SESSION['username'])) {
echo "Hello <b>{$_SESSION['username']}</b>";
} else {
echo "Hello <b>Guest</b><br />";
echo "Would you like to login?";
}
?>
锟斤拷取锟斤拷应锟斤拷预锟斤拷锟斤拷施锟皆憋拷锟斤拷伪锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷时锟斤拷锟斤拷杈拷锟斤拷锟斤拷锟饺拷锌锟斤拷艿摹锟斤拷锟斤拷锟斤拷锟斤拷确锟斤拷知锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟侥o拷锟酵匡拷锟皆硷拷锟斤拷锟斤拷峤伙拷锟斤拷锟斤拷锟斤拷欠锟斤拷谴硬锟斤拷锟斤拷锟斤拷谋锟斤拷峤伙拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷獠伙拷鼙锟街わ拷锟斤拷锟轿达拷锟轿憋拷欤拷锟斤拷锟揭拷锟斤拷锟斤拷锟饺ワ拷虏锟接︼拷锟斤拷锟斤拷锟饺ノ憋拷臁o拷锟斤拷锟斤拷锟节猴拷锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷源锟侥伙拷锟斤拷锟斤拷锟斤拷使锟斤拷 $_REQUEST 锟斤拷锟介,锟斤拷锟斤拷锟斤拷锟斤拷 GET锟斤拷POST 锟斤拷 COOKIE 锟斤拷锟斤拷锟斤拷锟斤拷锟捷★拷锟斤拷锟斤拷刹渭锟斤拷锟斤拷植锟斤拷锟斤拷锟斤拷 PHP 之锟斤拷谋锟斤拷锟�锟斤拷
Example #3 探锟斤拷锟叫猴拷锟斤拷锟斤拷
<?php
if (isset($_COOKIE['MAGIC_COOKIE'])) {
// MAGIC_COOKIE 锟斤拷锟斤拷 cookie
// 锟斤拷锟斤拷锟斤拷锟斤拷确锟斤拷锟斤拷锟斤拷锟斤拷 cookie 锟斤拷锟斤拷锟斤拷
} elseif (isset($_GET['MAGIC_COOKIE']) || isset($_POST['MAGIC_COOKIE'])) {
mail("admin@example.com", "Possible breakin attempt", $_SERVER['REMOTE_ADDR']);
echo "Security violation, admin has been alerted.";
exit;
} else {
// 锟斤拷一锟斤拷锟斤拷锟斤拷锟叫诧拷没锟斤拷锟斤拷锟斤拷 MAGIC_COOKIE 锟斤拷锟斤拷
}
?>
锟斤拷然锟斤拷锟斤拷锟斤拷锟截关憋拷 register_globals
锟斤拷锟斤拷锟斤拷锟斤拷锟斤拷锟叫的达拷锟诫都锟斤拷全锟剿★拷锟斤拷锟斤拷每一锟斤拷锟结交锟斤拷锟斤拷锟斤拷锟斤拷锟捷o拷锟斤拷要锟斤拷锟斤拷锟斤拷芯锟斤拷锟侥硷拷椤o拷锟皆兑拷锟街わ拷没锟斤拷锟斤拷莺投员锟斤拷锟斤拷锟斤拷谐锟绞硷拷锟斤拷锟斤拷锟�
error_reporting() 锟斤拷为
E_NOTICE 锟斤拷锟斤拷锟斤拷约锟斤拷未锟斤拷始锟斤拷锟侥憋拷锟斤拷锟斤拷
锟斤拷锟斤拷锟斤拷锟侥o拷锟� register_globals 为 on 锟斤拷 off 锟斤拷锟斤拷息锟斤拷锟斤拷锟斤拷锟� FAQ锟斤拷
Note: Superglobal 锟斤拷锟斤拷锟斤拷说锟斤拷锟斤拷
锟斤拷 PHP 4.1.0 锟斤拷锟斤拷锟绞癸拷锟� Superglobal 锟斤拷锟介,锟斤拷锟斤拷 $_GET锟斤拷$_POST锟斤拷锟斤拷 $_SERVER锟斤拷锟饺等★拷锟斤拷锟斤拷锟斤拷息锟斤拷锟侥讹拷锟街诧拷锟叫碉拷 superglobals 锟铰节★拷