Home >Backend Development >PHP Tutorial >mark php security issues

mark php security issues

WBOY
WBOYOriginal
2016-07-28 08:28:121129browse

Inputting a string in any place where PHP considers it to be an int will be forced conversion, such as

<code><span>$a</span> = <span>'asdfgh'</span>;<span>//字符串类型的a</br></span><span>echo</span><span>$a</span>[<span>2</span>];  <span>//根据php的offset 会输出'd'</br></span><span>echo</span><span>$a</span>[x];  <span>//根据php的预测,这里应该是int型,那么输入string,就会被intval成为0 也就是输出'a'</span></code>

If the switch is a numeric type case, the switch will convert the parameters into the int type. As follows:

<code><span>$i</span> =<span>"2abc"</span>;
<span>switch</span> (<span>$i</span>) {
<span>case</span><span>0</span>:
<span>case</span><span>1</span>:
<span>case</span><span>2</span>:
    <span>echo</span><span>"i is less than 3 but not negative"</span>;
    <span>break</span>;
<span>case</span><span>3</span>:
    <span>echo</span><span>"i is 3"</span>;
}</code>

Table of loose comparison

 mark php安全问题

').addClass('pre-numbering').hide(); $(this).addClass('has-numbering').parent().append($numbering); for (i = 1; i ').text(i)); }; $numbering.fadeIn(1700); }); });

The above introduces mark PHP security issues, including aspects of the content. I hope it will be helpful to friends who are interested in PHP tutorials.

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:Deploy php to herokuNext article:Deploy php to heroku